iPhone X Firmware Restore Security has been broken

Apple released iPhone X just five days ago and a hacker has already broken its intrinsic restore security. Here’s all you need to know about it.

Pimskeks restores iPhone X without iTunes

Nikias Bassen aka Pimskeks has managed to break iPhone X’s restore security. He successfully restored it using the iDeviceRestore tool. Usually, Apple restricts all iOS devices to iTunes upgrade or restore only.

For those who don’t know, Pimskeks is a former team member of the Evad3rs. So anything that comes from his handle is legitimate. Here’s what he posted on Twitter.

Here are two major security mechanisms present in the iPhone X pertaining to firmware restore.

Savage Ticket

Bassen also intercepted the data packets to take a look at what actually goes on behind the scenes.

He found out that iPhone X foes through a restore, it submits a request for fetching a Savage Ticket from Apple’s servers.

iDeviceRestore

While the hacker didn’t go into details about the “Savage Ticket”, it seems it is a part of a new security mechanism.

The addition of two new functions UPDATE_SAVAGE and CERTIFY_SAVAGE by Nikias seem to indicate this.

Fake Cable Detection

In a first, iPhone X also performs a check for fake cables during firmware restore. If it detects a fake cable, the restore stops. Only the stock cable that comes inside the box works.

Nikias had to resort to using the stock cable for his testing.

iDeviceRestore has been updated

Nikias has also pushed an update for iDeviceRestore utility. You can find the update in its official Github repository.

ios firmware

However, using this tool will be contingent upon having the right SHSH2 Blobs. Tihmstar won’t be updating TSSChecker anytime soon since he doesn’t have an iPhone X at the moment.

Be mindful of the fact that this does not indicate that a jailbreak will come for the iPhone X. This update is related only to the inbuilt firmware restore ability.

For more hacking and jailbreak news, like us on Twitter and Facebook.

Leave a Reply