> What I am releasing today is not a full jailbreak with Cydia, just an exploit. Researchers and developers can use it to dump SecureROM, decrypt keybags with AES engine, and demote the device to enable JTAG. You still need additional hardware and software to use JTAG.

> During iOS 12 betas in summer 2018, Apple patched a critical use-after-free vulnerability in iBoot USB code. This vulnerability can only be triggered over USB and requires physical access. It cannot be exploited remotely. I am sure many researchers have seen that patch.

In particular, it sounds like the same or similar bug also existed in the bootrom. So Apple patched iBoot but can't patch the bootrom.

> This vulnerability can only be triggered over USB and requires physical access.

I can't easily tell by looking at the code what the actual exploit is or why it can't be patched in a new version of the bootloader.

This looks like a bootrom exploit - the stage before iBoot - that verifies signatures of the firmware. The code for it is hard burned - read only from software. This can only be fixed with new hardware. https://www.theiphonewiki.com/wiki/Bootrom

Unrelated but is it just me or does anyone else think the quality of the replies matches a typical YouTube comment section?

A large part of the jailbreak user community is pretty young agewise. Lots of drama/immaturity/people quitting out of the scene due to toxicity. Some of the people crafting these released exploits into a functioning jailbreak are in college or below!

There's a pretty big piracy problem as well (not just cracked iOS apps, but also cracked paid tweaks released by devs for jailbreak devices) probably due to the younger ages without access to $.

That seems to be the norm on any twitter reply thread I've read, especially if the subject is something even remotely mainstream.