Security researcher and hacker axi0mX has today released a new bootrom exploit called “checkm8” which he claims is capable of permanently jailbreaking iOS devices equipped with A5 through A11 SoCs, marking the first publicly released bootrom exploit since the iPhone 4 in 2010 (via MacRumors).
EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX)
According to the researcher, checkm8 can perform an un-patchable jailbreak on iPhone 4S through iPhone X, several iPad models dating back to the iPad 2, as well as the fifth-generation iPod touch and later. Moreover, since the bootrom is read-only, a software update from Apple cannot patch this type of exploit.
This is significant news in the jailbreaking community, as the last bootrom exploit known as “limera1n” was released by George “geohot” Hotz nearly a decade ago.
The bootrom exploit has many other possibilities on affected devices, including downgrading iOS versions without SHSH blobs or APTickets, dual booting iOS, and running custom firmwares, according to jailbreak enthusiasts.
You can get more info about the checkm8 jailbreak tool via Github.