Incident Details

Incident: iPhone Jailbreak Vulnerability Exploited, Security Compromised, Apple at Risk

Published Date: 2020-05-26

Postmortem Analysis
Timeline	1. The software failure incident of the newly discovered vulnerability in iPhones allowing users to bypass Apple’s limitations through jailbreaking happened in May 2020 as per the article published on May 26, 2020 [99692].
System	1. iOS 13.5 [Article 99692]
Responsible Organization	1. Pwn20wnd, the iOS security researcher who discovered the flaw, and the pseudonymous developers who released the jailbreak [Article 99692].
Impacted Organization	1. Apple - The software failure incident of the newly discovered vulnerability in iPhones impacts Apple as it poses a security problem for the company and allows users to bypass Apple's built-in limitations [99692].
Software Causes	1. The software cause of the failure incident was a newly discovered vulnerability in iPhones that allowed users to bypass Apple's built-in limitations, leading to the jailbreaking of iOS 13.5 [Article 99692].
Non-software Causes	1. The vulnerability in iPhones that allowed users to bypass Apple's limitations, leading to jailbreaking [Article 99692].
Impacts	1. The software failure incident allowed users to bypass Apple's built-in limitations through jailbreaking, posing a security problem for the company as the techniques used could also be exploited by malicious attackers [99692]. 2. The release of a functional jailbreak for iOS 13.5 enabled users to run games and software not allowed by Apple on iPhones, impacting the control Apple has over the iOS economy [99692]. 3. The vulnerability exploited in the jailbreak was not detailed by the developers, indicating a potential risk to iPhone users until Apple releases a patch, which typically takes two to three weeks [99692]. 4. The incident highlighted the ongoing cat-and-mouse game between Apple's security teams and developers trying to bypass security measures, with jailbreaks being repurposed as malware by malicious hackers [99692].
Preventions	1. Implementing stricter code review processes to catch vulnerabilities before they can be exploited [99692]. 2. Regularly conducting security audits and penetration testing to identify and address potential weaknesses in the software [99692]. 3. Providing incentives for security researchers to responsibly disclose vulnerabilities to the company rather than exploiting them [99692].
Fixes	1. Apple releasing a patch to fix the vulnerability exploited by the jailbreak for iOS 13.5 [99692].
References	1. Pwn20wnd, the iOS security researcher who discovered the flaw [99692]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization, multiple_organization	(a) The software failure incident of a newly discovered vulnerability in iPhones allowing users to bypass Apple’s built-in limitations, known as "jailbreaking," has happened before with Apple products. The release of a functional jailbreak for iOS 13.5 represents a breakthrough for users who rely on jailbreaks for various purposes. This incident poses a security problem for Apple as the techniques used by the developers are similar to those used by malicious attackers [Article 99692]. (b) The incident of jailbreaking iPhones is not unique to Apple products. Jailbreaking has been a known practice for a while, and it has been a cat-and-mouse game between security teams and developers trying to bypass security measures. The ability to bypass security limitations is also attractive to malicious hackers, and many jailbreaks have been repurposed as malware, indicating a broader issue beyond just Apple products [Article 99692].
Phase (Design/Operation)	design, operation	(a) The software failure incident related to the design phase can be seen in the vulnerability discovered in iPhones that allowed users to bypass Apple's built-in limitations through jailbreaking [99692]. This vulnerability was exploited by developers to release a functional jailbreak for iOS 13.5, indicating a flaw in the design of the system's security measures that should have prevented such unauthorized access. (b) The software failure incident related to the operation phase is evident in the misuse of the jailbreak by users to run games and software not allowed by Apple on iPhones [99692]. This misuse poses a security problem for the company, as the techniques used in jailbreaking can be similar to those employed by malicious attackers to take over devices, highlighting an operational failure in ensuring the intended use of the system.
Boundary (Internal/External)	within_system	(a) within_system: The software failure incident described in the article is related to a vulnerability in iPhones that allows users to bypass Apple's built-in limitations through jailbreaking. This vulnerability is exploited by developers to release a functional jailbreak for iOS 13.5, which poses a security problem for Apple as it uses techniques similar to those used by malicious attackers. The failure originates from within the system, specifically from the security measures and restrictions implemented by Apple on iPhones [99692]. (b) outside_system: The article does not provide information about the software failure incident being caused by contributing factors originating from outside the system.
Nature (Human/Non-human)	non-human_actions, human_actions	(a) The software failure incident in this case is related to non-human_actions, specifically a vulnerability in iPhones that allowed users to bypass Apple's limitations through jailbreaking [99692]. This vulnerability was exploited by developers to release a functional jailbreak for iOS 13.5, which poses a security problem for Apple as it uses techniques similar to those used by malicious attackers. The nature of the vulnerability was not detailed, but it was acknowledged that Apple would need to release a patch to fix it [99692]. (b) The software failure incident can also be attributed to human_actions, as the jailbreak developers intentionally exploited the vulnerability in iPhones to bypass Apple's restrictions and release the jailbreak for iOS 13.5 [99692]. This action was taken by the developers to cater to the demand from users who wanted to install software from other sources not approved by Apple, such as emulators for retro video games, which are not allowed on the App Store due to Apple's strict policies [99692].
Dimension (Hardware/Software)	hardware, software	(a) The software failure incident in the article is related to hardware as it discusses a vulnerability in iPhones that allows users to bypass Apple's built-in limitations through jailbreaking. The vulnerability is related to the hardware of the iPhones, specifically the security measures that ensure only Apple-approved software can be installed on the devices [99692]. (b) The software failure incident is also related to software as it involves the release of a functional jailbreak for iOS 13.5, which exploits a vulnerability in the iPhone operating system. The jailbreak allows users to run games and software not allowed by Apple, indicating a software-related failure in the operating system's security measures [99692].
Objective (Malicious/Non-malicious)	malicious	(a) The software failure incident in this case is related to a malicious objective. The incident involves the discovery of a vulnerability in iPhones that allows users to bypass Apple's limitations through jailbreaking. This jailbreak exploit, although used by a small community for various purposes, poses a security problem as the techniques can be utilized by malicious attackers to take over devices [99692]. Additionally, the article mentions that jailbreaks have been repurposed as malware in the past, highlighting the potential for malicious intent in exploiting such vulnerabilities.
Intent (Poor/Accidental Decisions)	poor_decisions	(a) The intent of the software failure incident related to poor decisions can be inferred from the article. The incident involves the discovery of a vulnerability in iPhones that allows users to bypass Apple's built-in limitations through jailbreaking. This vulnerability poses a security problem for Apple as it can be exploited by malicious attackers to take over devices [Article 99692]. The decision to restrict software installations on iPhones to only those approved by Apple has led to demand from users for ways to install software from other sources, such as apps that are not allowed on the App Store. This restrictive policy has created a situation where users seek alternative methods like jailbreaking to access software that Apple does not permit [Article 99692].
Capability (Incompetence/Accidental)	accidental	(a) The article does not mention any software failure incident related to development incompetence. (b) The software failure incident mentioned in the article is related to an accidental discovery of a vulnerability in iPhones that allows users to bypass Apple's built-in limitations through jailbreaking [99692]. This accidental discovery poses a security problem for Apple as it can be exploited by malicious attackers to take over devices.
Duration	temporary	The software failure incident described in the article is temporary. The jailbreak vulnerability in iPhones allowing users to bypass Apple's limitations is a temporary failure as it relies on a specific vulnerability in the iOS 13.5 operating system that Apple can patch in the future [99692].
Behaviour	value, other	(a) crash: The articles do not mention any specific instance of a system crash where the system loses state and does not perform any of its intended functions. (b) omission: The articles do not mention any specific instance of the system omitting to perform its intended functions at an instance(s). (c) timing: The articles do not mention any specific instance of the system performing its intended functions correctly, but too late or too early. (d) value: The software failure incident in the articles is related to the system performing its intended functions incorrectly. The vulnerability discovered in iPhones allowed users to bypass Apple's built-in limitations, known as "jailbreaking," which poses a security problem for the company as it allows users to run games and software that Apple does not allow on iPhones [99692]. (e) byzantine: The articles do not mention any specific instance of the system behaving erroneously with inconsistent responses and interactions. (f) other: The software failure incident described in the articles involves the system behaving in a way not described in the options (a) to (e). It involves a security vulnerability that allows users to bypass Apple's restrictions, leading to potential security risks and the need for Apple to release a patch to address the issue [99692].

IoT System Layer

Layer	Option	Rationale
Perception	None	None
Communication	None	None
Application	None	None

Other Details

Category	Option	Rationale
Consequence	theoretical_consequence	(a) death: There is no mention of any deaths resulting from the software failure incident in the provided article [99692]. (b) harm: The article does not mention any physical harm caused to individuals due to the software failure incident [99692]. (c) basic: The incident did not impact people's access to food or shelter [99692]. (d) property: The software failure incident did not result in any direct impact on people's material goods, money, or data [99692]. (e) delay: There is no mention of any activities being postponed due to the software failure incident [99692]. (f) non-human: The software failure incident primarily affected the security of iPhones and the ability to bypass Apple's restrictions, but there is no specific mention of non-human entities being impacted [99692]. (g) no_consequence: The article does not explicitly state that there were no real observed consequences of the software failure incident [99692]. (h) theoretical_consequence: The article discusses the potential security problem posed by the jailbreak, as the techniques used could be exploited by malicious attackers to take over devices. It also mentions that Apple is likely to release a patch to fix the vulnerability, indicating a theoretical consequence that could be mitigated [99692]. (i) other: The article does not mention any other specific consequences of the software failure incident beyond the security implications and the potential need for a patch from Apple [99692].
Domain	information, sales, manufacturing, finance, knowledge, entertainment, government	(a) The software failure incident related to the iPhone jailbreak vulnerability impacts the information industry as it allows users to bypass Apple's restrictions and install software not approved by Apple, including for security research and running unauthorized games and software [Article 99692]. (b) The transportation industry is not directly mentioned in the article. (c) The natural resources industry is not directly mentioned in the article. (d) The sales industry is indirectly impacted as the jailbreak allows users to run software that Apple does not allow on iPhones, potentially affecting the sales of Apple-approved apps [Article 99692]. (e) The construction industry is not directly mentioned in the article. (f) The manufacturing industry is indirectly impacted as the jailbreak allows users to install their own programs, which could include software related to manufacturing processes or products [Article 99692]. (g) The utilities industry is not directly mentioned in the article. (h) The finance industry is indirectly impacted as the jailbreak allows users to bypass Apple's restrictions, potentially affecting financial transactions or security measures related to finance apps on iPhones [Article 99692]. (i) The knowledge industry is indirectly impacted as the jailbreak allows for security research and the installation of software for educational purposes that Apple does not approve [Article 99692]. (j) The health industry is not directly mentioned in the article. (k) The entertainment industry is indirectly impacted as the jailbreak allows users to run unauthorized games and software on iPhones, potentially affecting the distribution and usage of entertainment-related apps [Article 99692]. (l) The government industry is indirectly impacted as the jailbreak allows users to bypass Apple's restrictions, potentially affecting government-related apps or security measures on iPhones [Article 99692]. (m) The article does not mention any other specific industry impacted by the software failure incident.

Sources

New vulnerability allows users to 'jailbreak' iPhones - The Guardian - Published on: 2020-05-26
Article ID: 99692

Back to List