The jailbreak community is at risk of malware following a release of a proof of concept that demonstrates it's possible for a tweak to permanently brick your iPhone.
Arcticsn0w announced the PoC on reddit. It was created after users who were trying to follow dayt0n's bootcolor changing method (that messes with the device's nvram) reported completely bricked devices due to a misstep in following the instructions.
I have released a very, very, very, very dangerous package as a proof of concept called "KilliOS" on my personal Cydia repository (http://arcticsn0w.github.io). It is an empty package which messes with nvram values in the postinst script, and then forces a reboot. Installing this package will instantly kill your device.
Installation of the tweak results in "instant death of your device". Something which is stressed repeatedly by acticsn0w.
"TL;DR Be very careful. Please, I swear to god, do not install KilliOS. Please. If you do, I can't help you fix your device. It's very dangerous. It is only a proof of concept saying "Tweaks CAN do this". Do not install. Do not install. Do not install. Do not install. Do not install. Do not install. Do not install. Do not install. Do not install. Do not install. Do not install."
The tweak was eventually pulled because it was so dangerous and the code has been made available in GitHub.
All of this is based on changing a nvram variable called DClr_override.
If this is changed to an invalid value for the device (valid values are not the same on all devices), and the device is rebooted, the device will permanently not be able to boot. This cannot be fixed with a DFU restore or any other method.
DClr is the variable inside of iBoot that determines what color the Apple logo should be on boot, notes dayt0n. It only exists on the iPhone 5 and up. It is composed of 32 hex characters, consisting of 16 bytes, and it determines the color of the logo until SpringBoard begins to launch.
It's pretty simple to change the DClr value but some users attempting to follow the instructions discovered that a mistake led to the bricking of their device.
Now that a very simple method for bricking devices has been made public, users are in danger of installing a malicious tweak that can kill their device.
To protect yourself we strongly suggest that you only install tweaks from respected repositories and developers. Pirated tweaks and questionable repos could put your device at risk.
Thankfully developers are working on a fix and there is already a temporary failsafe by ktechmidas that offers some protection. More details here.
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (26)
Comments are closed for this article.
0
Apple tv - February 19, 2015 at 4:36pm
Well I guess Iphone is taking Samsung path.
Or the guy who released the code could be Samsung guy!! Haha just kidding.
Samsung had this problem long time ago, when you try to root or install wrong device firmware and bricked the phone.
For those who blame the guy of releasing the code. I said good for him to let us know there is a big danger for jailbroken iPhone. So jailbreak community can try to find a solution.
Or you rather he didn't released or said anything, and someone (apple cough! Don't like jailbreak) release it do bunch of jailbroken devices become bricked, so people would not jailbreak their iPhone anymore?
0
stevenlacross - February 18, 2015 at 3:57pm
Actually on the iphone 6, there's only one Water Damage sticker and it's on the motherboard so it's possible that it didn't turn red. on the iphone 4/4s, theres 3, headphone jack, USB and motherboard. iphone 5/5c/5s there's 3, sim tray, and two on the motherboard. on the 6 plus there's 3, two on the motherboard and one big one near the sim tray but you kinda can't see it unless you pull the screen up.
0
Slidor - February 18, 2015 at 3:01pm
Can anyone tell me why DFU mode wouldn't work in this case?
0
stevenlacross - February 18, 2015 at 3:53pm
Well because the way DFU mode works is kinda like a stripped down version of regular mode. There's two partitions in the iphone, one is 16gb or 8gb or 32gb or 64gb or 128gb depending on what the phone is, and the second partition is like 200mb or something small. This second partion is the DFU partition that's only instructions is to boot into recovery mode using the same instruction set from the NVRam as the regular mode. This DFU partition doesn't have the support to display anything on the screen or access the GPS or WIFI or camera or anything like that. Just boot into recovery mode and be able to access the Primary partition to completely erase it and do a complete iOS restore. Now when it's booting up into recovery mode, it still accesses the NVram to call up some commands that this tweak alters and breaks the phone from booting up.
0
Slidor - February 18, 2015 at 6:32pm
Ok, thanks a lot
0
gamerscul9870 - February 18, 2015 at 2:00am
Got lucky old school iPhone users. I know the pain it is to suffer this.
0
Zanka - February 18, 2015 at 1:04am
Not surprised by this. It was only a matter of time. I'm more interested in the response to this though.
0
Smaol - February 17, 2015 at 10:50pm
Never hear anyone bricking ios-device until this news! And been Following thescene and jailbreaking all my Apple devices since iphone 1. Its always been possible to restore via dfu until this one.
0
Jefferson - February 17, 2015 at 10:37pm
Nothing new about this risk. It is amazing that 'jailbrick deniers' have refused to accept this reality, which has been true from the very first jailbreak. Maybe this will finally convince people.
0
Frank - February 17, 2015 at 11:38pm
Jefferson,
Don't speak of things you know nothing about. Until this, the only way to brick your iPhone is to hit it with a brick. You were ALWAYS able to recover from a software mishap with a restore via DFU mode.
0
dk2013 - February 18, 2015 at 12:56am
This is not true. The first jailbreaks resulted in A LOT of bricked phones.
0
Smao - February 18, 2015 at 2:00pm
I disagree - never heard of a bricked phone before since iPhone 1 - the first jailbreak! I seriously doubt that you can provide any evidence to support your claim. All problems with jailbreaks have been able to be restored via DFU.
0
dk2013 - February 18, 2015 at 8:07pm
I don't understand... You don't count the first jailbreak? You're saying that the first jailbreak caused some bricks, but since then there haven't been any? If that's what you're saying, how is what I wrote incorrect? Chillax.
0
Frank - February 18, 2015 at 10:26pm
The first jailbreak did not result in any bricked phones. People's knowledge were very limited. Most people only knew how to put their phone in recovery mode which is very different from DFU mode. Like i said, until this hack, you could always recover your phone through a DFU mode restore unless you have hardware issues.
0
Noman - February 19, 2015 at 10:28am
Exactly - sorry misleading "since" but as you probably already noticed English is not my native language. I meant that there hasn't been any bricks ever - in the history of Jailbreaking (thats been possible since iphone1).
0
Luciano - February 17, 2015 at 9:46pm
I don't care. I will have the warranty replace my iPhone 6 128GB, no questions asked. You have to take risks in life.
0
Chris - February 17, 2015 at 10:49pm
Jailbreaking voids your warranty
0
SimonSays - February 17, 2015 at 11:05pm
If it's bricked, how will they know that is was jail broken?
0
Drew2648562 - February 17, 2015 at 11:10pm
They won't know.
0
ChiChi - February 17, 2015 at 11:18pm
@SimonSays: If they can keep track of what you download through App store and iTunes, they have the means to know what you do with you iDevices. They would not admit to it but they know everything you did with it.
0
Really - February 17, 2015 at 11:34pm
Yes they can. They have diagnostic tools to analyze the boot sequence to see where the iphone gets stuck. This can be tracked down to a jailbreak.
0
SimonSays - February 18, 2015 at 5:29am
That is not entirely accurate. I have taken bricked jailbroken iPhones to them and they replaced them without question. All they check are the white dots that show if the phone has water damage.
0
stevenlacross - February 18, 2015 at 3:04pm
And i've taken them phones that i've dfu restore to erase the jailbreak and they've saw that my backup data had leftover jailbreak data in it and said they couldn't replace it because it's been jailbroken before. Just because you were lucky doesn't mean you will always be lucky.
0
ipol - February 19, 2015 at 1:28am
Not true, jailbreak doesn't kill warranty.
I bring them a jailbroken iphone to replace it under warranty and they replace it with any problem. This is myth !
0
ChiChi - February 19, 2015 at 3:11am
Just as SBlow said...do not always presume you will be as lucky as next...most Apple Geniuses at their store are not that genius...most of them are just too laid back to do the extra investigation. Although there are some hardcore technical (real geniuses) ones that will check...but think about it, since they just work there and not really their lost, as long they do the standard checks (i.e. verify no crack screen, visible drop damage, and water damage...they will just replace your devices and send your original devices to be repaired/refurbished. During that repair that's when they will find out what you did with it. But since they've already accepted your "faulty" device and replaced it, they have no grounds for them to take back what they've already given.
0
stevenlacross - February 20, 2015 at 6:26pm
Yeah, that's pretty much what my luck has been based on, back when iOS 7 first came out, I was able to warranty exchange some locked iCloud devices before Apple started to make it mandatory for find my iPhone to be taken off. Same with other random things that some apple techs catch and others don't.
![Apple's Next-Gen CarPlay Set to Expand Beyond Luxury Cars With Hyundai, Kia [Gurman]](/images/news/99810/99810/99810-160.jpg "Apple's Next-Gen CarPlay Set to Expand Beyond Luxury Cars With Hyundai, Kia [Gurman]")
![Apple Exploring Clamshell 'iPhone Flip' as Follow-Up to 2026 Foldable [Gurman]](/images/news/99809/99809/99809-160.jpg "Apple Exploring Clamshell 'iPhone Flip' as Follow-Up to 2026 Foldable [Gurman]")
![Apple Prepares M5 Pro and M5 Max MacBook Pro Launch as Inventory Tightens [Gurman]](/images/news/99806/99806/99806-160.jpg "Apple Prepares M5 Pro and M5 Max MacBook Pro Launch as Inventory Tightens [Gurman]")
![Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]](/images/news/99283/99283/99283-160.jpg "Apple Watch Series 11 Drops Back to All-Time Low of $299 [Deal]")
![Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]](/images/news/99794/99794/99794-160.jpg "Apple AirPods 4 With Active Noise Cancellation Drop to $119 [Deal]")
![AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]](/images/news/99752/99752/99752-160.jpg "AirPods Pro 3 Return to All-Time Low Price of $199 [Deal]")
![Apple's 13-Inch M5 iPad Pro (Silver) Hits New All-Time Low at $1,149.99 [Deal]](/images/news/99729/99729/99729-160.jpg "Apple's 13-Inch M5 iPad Pro (Silver) Hits New All-Time Low at $1,149.99 [Deal]")
![Apple's 13-Inch M5 iPad Pro (1TB) Hits New All-Time Low at $1,706 [Deal]](/images/news/99716/99716/99716-160.jpg "Apple's 13-Inch M5 iPad Pro (1TB) Hits New All-Time Low at $1,706 [Deal]")
