Pangu jailbreak team responds to ‘regional discrimination’

Since releasing its first jailbreak last June, the Pangu jailbreak team from China has been the subject of criticism from other members of the hacking community. Now, in a lengthy post on their blog, the team has addressed some of the “vilification” it has received.

“As a team of “nerds”, we did not want to waste time on responding such useless things and hoped that eventually these things would stop after a while,” the post reads, in response to the criticism it has received “especially from Stefan Esser (i0n1c),” famed iOS hacker.

“We hereby just want to clarify the rumors, discriminations, and vilifications on our team.”

One of the first rumors addressed by Pangu is the supposed $1 million sponsorship it received shortly after it released the evasi0n 7 jailbreak. While they have received sponsorship for things like software testing and to maintain download severs — and all of the iOS devices needed for testing — they say it certainly hasn’t been $1 million.

Pangu also rubbishes reports that they allegedly bought vulnerabilities for their Pangu 7 jailbreak. They admit they used “kernel information leaks discussed in Stefan Esser’s training course,” which were already out in the wild, so they they could save their own vulnerabilities for future jailbreaks.

“But after receiving Stefan Esser’s criticism, we immediately released a new version of the jailbreak tool in which we replaced the vulnerability with our own vulnerability,” Pangu adds, before insisting they have their own ability and skills to find vulnerabilities and develop jailbreak tools based on them.

“An enterprise certificate only costs a few hundreds dollars,” Pangu adds. “We don’t see any reason to steal an enterprise certificate.”

Pangu says it did “obfuscate the code of our jailbreak tools,” but only to prevent their exploits from being used by others, and to stop Apple from easily finding and fixing the vulnerabilities they have discovered.

“We felt very sad for wasting time on writing such a non-technical article,” Pangu concludes. “In our future talks at any security conference, we will only focus on technical stuff to respect all attendees, rather than wasting their time with balderdash.”


blog comments powered by Disqus
Octofinder Blog Catalog