Apple Watch has finally been jailbroken! Here’s what you need to know about it.
Table of Contents
Max Bazaliy Jailbreaks watchOS 3
Hacker Max Bazaliy has successfully jailbroken Apple Watch running watchOS 3 firmware at DEF CON 25.
He hacked it using exploits from Stefan Esser, Luca Todesco, and Siguza along with some of his own.
Here are the complex security mechanisms present in Apple Watch.
- Secure boot chain
- Mandatory Code Signing
- Sandbox
- Exploit Mitigations
- Secure Enclave Processor (only in 2nd generation)
- Data Protection
After hacking into the watch, Bazaliy was able to establish an SSH connection over Bluetooth.
For the uninitiated, he is a security researcher at Lookout and the co-founder of Fried Apple Team.
Here are the presentation slides.
Why is an Apple Watch Jailbreak important?
Apple Watch has access to a lot of stuff on your iPhone. Here’s a list of things your Apple Watch knows about you –
- Access to SMS, Calls, Health
- Photos and emails synced to Watch
- Fetch GPS location from the phone
- Microphone
- Apple Pay
This makes it vulnerable to spyware and other malware that steal your data.
This demonstration certainly proves that, despite all the security measures, it’s not fully secure. Apple will promptly release a fix and patch the vulnerabilities in the next watchOS update.
Will an Apple Watch Jailbreak be released?
This is just a demonstration and an actual public release is quite far-fetched at present. Even if the hacker does make it public, I can’t fathom which tweaks will actually run on the watch.
Getting something like Cydia on such a small screen will be a real challenge. According to me, a separate app for the iPhone or even your computer could be utilized to push packages onto the Apple Watch.
For more news and updates, follow us on Facebook and Twitter.
