iOS 10.x Houdini “semi-jailbreak” released

It has been a long time since we've heard any news or updates about iOS 10.x jailbreak statue. Developer Abraham Masri is back, with something inventive we haven’t seen before. Perhaps best described as a “semi-jailbreak”, his tool Houdini achieves some of the effects of a jailbreak, whilst avoiding the hardest challenges and pitfalls which constructing the full package would bring.

Houdini uses the triple_fetch sandbox escape discovered by Ian Beer, which also formed a key part of Saïgon, to perform certain cosmetic changes and tweaks which are normally impossible without jailbreaking. However, without modifying the kernel or having full filesystem privileges, it is unable to pull off some of the fancier tricks that a fully-fledged tool provides. This is its strength and weakness; without tampering with those elements it can fly under the radar and we actually get a release, but without them it also cannot provide the full experience. It is an interesting hybrid which we haven’t really seen before.

Another upside of working in this way is a wider support list than would otherwise be possible. Saïgon was limited in support to devices and firmwares covered by the lowest common denominator of its component bugs, but Houdini, using triple_fetch, covers all 64-bit devices, from iOS 10.0-10.3.2. It seems that dodging the kernel protection and file system access allows at least for a wide compatibility. Houdini makes changes to various caches and preference settings without directly writing to or executing on the root filesystem, and without running the sort of code which a jailbreak would normally have to.

The Houdini website, whose download link was dead when I was wondering about it at the time of making the podcast, is now live, and you can grab a beta version of the Houdini .ipa to try for yourself. If you’re interested, feel free to check it out. However, exercise caution. This is a beta, and the following disclaimer applies:

“This is not meant to be a jailbreak replacement nor is this a full jailbreak. It will never be. Although it is safe to use, I am not responsible for any mess up. Also, some features might not work in beta.”

Let me know your experiences with Houdini. Is it stable? Does it work on your device? Does it survive a reboot and what options does it have?


blog comments powered by Disqus
Octofinder Blog Catalog