TaiG Jailbreak has a security flaw that allows any app to become root [Update: Fixed]

TaiG iOS 8.4 Jailbreak

TaiG team released their TaiG jailbreak tool to jailbreak iOS 8.3 – iOS 8.1.3 last week and followed it up by releasing an updated version yesterday to jailbreak iOS 8.4.

However, Stefan Essar aka i0n1c, hacker and security expert has pointed out in a series of tweets that the TaiG jailbreak has a serious security flaw that could allow any app to become root, thus exposing the personal data on your iOS device.

Some users have raised a concern that TaiG jailbreak has a backdoor. saurik has clarified on this reddit thread that it has been a known issue since TaiG 2.x jailbreak tool was released last week. He has discussed the issue with TaiG and plans to fix it as soon as possible.

I already talked to TaiG about this awkward kernel patch days ago, and have this on my schedule of things to fix “next” (after the thing I’m working on fixing right now). FWIW, I did not realize their patch was this bad (I mean, dude: that’s pretty bad…), but I’m still not terribly concerned (as an example: i0n1c says “don’t install tweaks from random people in the next few days”, but those already by definition have privileged access, so you should already be careful installing them). (This setuid bug is the “proactive fix” that I talked about in the Cydia 1.1.18 changelog.)

You don’t need to panic. You should avoid installing jailbreak apps and tweaks from unknown/untrusted sources or Cydia developers until TaiG team or saurik releases a patch to fix the bug. But as saurik points out, you should always be careful about installing tweaks.

We’ll let you know as soon as there is an update on the issue.

Update:

TaiG team has released TaiG 2.2.1 jailbreak and update for TaiG 8.1.3-8.x Untether package to fix the ‘setreuid’ security flaw. Check this post for more details.