Apple singles out Evad3rs and other jailbreakers for their identification of iOS security flaws


Apple released iOS 7.1 today with a handful of new features, security improvements and bug fixes. The Cupertino company detailed its security enhancements in a lengthy Knowledge Base document posted on the company’s support website. In this document, Apple credits those who were important in identifying these vulnerabilities, and the list is a who’s who among the jailbreak community.

Among those listed in Apple’s support document are the evad3rs, who developed the evasi0n jailbreak for iOS 6.0 – 6.1.3 and iOS 7.0 – 7.0.6. The evad3rs show up several times for their discovery of flaws in the backup process, crash reporting, dyld and in the kernel itself.

Other notable jailbreakers include Filippo Bigarella, developer of popular jailbreak tweak Springtomize and Stefan Esser, aka i0n1c, who is credited with developing an untethered exploit that was implemented into popular jailbreak tools for iOS 4.3.1 and iOS 4.3.2. Esser is now a security researcher.

Other groups credited by Apple include security researchers from Google, FireEye, M-sec and other companies. In its iOS 7.1 update, Apple patched a variety of security exploits including those in Backup, the Certificate Trust Policy, Configuration Profiles, CoreCapture, Crash Reporting, dyld, FaceTime, ImageIO, IOKit HID Event, iTunes Store, Kernel, Office Viewer, Photos Backend, Profiles, Safari, Settings, SpringBoard, SpringBoard Lock Screen, the TelephonyUI Framework, USB Host, Video Driver, and WebKit.