The PanGu jailbreak for Apple Inc.’s (NASDAQ:AAPL) iOS 7.1.1 came at the price of publicly revealing a couple of iOS security exploits that could have been used to develop a jailbreak for the upcoming mobile operating system, iOS 8. But that’s to be expected of a jailbreak release. What was more interesting to iOS developers was another unusual method used to get the PanGu jailbreak software onto an iOS device.
Unlike preceding jailbreak software such as Evasi0n 7, which relies solely on security bugs and code exploits, the PanGu iOS 7.1.1 jailbreak uses an expired enterprise certificate loophole to get the jailbreak software onto an iOS device.
A tweet sent out by MuscleNerd, a member of the Evad3rs jailbreak team, noted the unique method used by the PanGu developer team:
The use of the (expired) enterprise certificate is the most unique part of Pangu JB (but it’s something we avoid for legal reasons)
â€” MuscleNerd (@MuscleNerd) June 23, 2014
Enterprise certificates are used by businesses to create and distribute private in-house iOS Apps internally. But lately they have also been used to distribute applications that would otherwise never make it on the App Store. A notable example of this is the GBA4iOS Game Boy emulator, which uses an expired developer certificate to install itself onto iOS devices.
Normally, the certificate’s expiration would prevent such installations from ever occurring. But a commonly known loophole where users just set their iOS device’s date back a few days, allows app installations to continue with the expired certificate.
At this time, Apple hasn't patched the loophole, leaving the possibility open of a future iOS 8 jailbreak that utilizes the expired enterprise certificate method.
The PanGu iOS 7.1.1 jailbreak is available for the iPhone 5S, 5C, 5, 4S, 4, iPad Air, iPad Mini and iPod Touch running iOS 7.1 through 7.1.x.