Apple has just launched a new anti-abuse service called “App Attest” for the developers. Here’s how this will affect hacking and tweaking your Apple device.
Table of Contents
What is App Attest?
App Attest is an anti-abuse service that allows developers to assert the validity of their apps. Developers can use this service to generate a cryptographic key on-device and have Apple attest to its validity.
This special cryptographic key is then used to assert the validity of the application whenever sensitive data is requested from the developer’s server.
Fundamentally, this allows app developers to ensure that connections to their servers originate from legitimate versions of the app.
All in all, the new “App Attest” service is a robust server-side jailbreak detection technique by Apple.
Not only this affects sideloading hacks but also hinders the ability to tweak applications. Since this mitigation technique is server-side, hooking into the apps with Substrate will no longer be possible.
How do hacked/modded apps work?
Jailbreak tweaks inject modified code into applications. This can unlock hidden or premium features, remove advertisements, and even add additional features missing from the vanilla version of the app.
For instance, Ignify – a jailbreak tweak for Instagram – completely removes advertisements from Instagram and spoofs your follower count.
It also lets you save photos and other media straight to your camera roll – a feature that Instagram doesn’t offer.
Another tweak called FacebookDarkMode unlocks the hidden dark mode feature of Facebook.
With this new detection technique, Apple is trying to improve application security and stifle the usage of hacked or modded apps.
Here’s a relevant excerpt from the webpage describing the App Attest service –
Someone who modifies your app and distributes it outside the App Store can add unauthorized features like game cheats, ad removal, or access to premium content.
However, Apple also admits App Attest can’t definitively detect a jailbroken device.
Can the anti-abuse App Attest service be bypassed?
Just like other security methods and countermeasures, a skilled hacker can bypass App Attest. There are a few potential bypass methods that we can employ to bypass App Attest –
- Fake signing – The fake signing technique involves grabbing the cryptographic key and duplicating them in the modded state.
- Blocking substrate – Another possible workaround involves installing the stock app and then preventing tweaks from hooking into the app. This method relies on the fact that App Attest establishes the integrity of the app only once unless you reinstall it or make a new account. Once the server-side check gives you the all-clear, you can add tweaks to the application. If you create a new user ID, you will have to repeat the aforementioned process again.
- Distributed denial-of-service (DDoS) attack – According to Apple, its servers will throttle the attestation traffic from an app if too many checks are performed concurrently. So, overwhelming the servers with genuine application IDs will completely cripple the service.
- Downgrading – Since App Attest is a software-based application-side technique, you can bypass it by simply installing an older version of the app. Jailbreak enthusiasts have successfully utilized this method to downgrade Snapchat to bypass its built-in DRM system.
What next for the jailbreak community?
Tweak developers have been able to modify nearly all popular social media applications like Twitter, Instagram, Facebook, Tinder, etc.
Unless the tweak developers find a workaround, app-based tweaks and hacks might become a thing of the past.
The jailbreak community has been walking a thin line in the past few years as Apple tightens the security noose.
If Apple implements hardware-based SafetyNet-style protection, running unsigned code will become impossible.
Well as the saying goes “make hay while the sun shines” because we don’t know how long the fun will last. So, if you haven’t jailbroken already, follow this tutorial and get tweaking!