David Wang (hacker)

Last updated

David Wang (also known as planetbeing) is a mobile phone hacker.

In 2007, as part of the early iOS jailbreaking community, he developed instructions for how to jailbreak an iPhone while using Windows, along with contributing to the initial version of JailbreakMe. [1] In 2010, Wang modified iPhone software to enable using the Android operating system on the phone. [2] He worked on iOS jailbreaks as part of the iPhone Dev Team [3] and the Evad3rs team, [4] and he won a Pwnie Award for his jailbreaking work with the Evad3rs. [5] Their work included Evasi0n. [6] He also wrote an open source tool, xpwn, that was cited in books about iPhone hacking. [7] [8]

While working for Azimuth Security, Wang worked on a project for the FBI where he helped unlock an iPhone that belonged to an attacker who was part of the 2015 San Bernardino attack. [5] That situation was part of the Apple–FBI encryption dispute.

In 2016, Wang and collaborators gave a talk at the Black Hat conference with technical details about the iPhone's Secure Enclave Processor. [9]

Wang cofounded Corellium, a company that provides virtualization services for companies to test phone software. [10] Corellium offered or sold the product to at least some companies that make spyware. [11] While at Corellium, Wang worked on an experimental tool to run Android on iPhones in 2020. [12] Apple sued Corellium in 2019, including accusations that the company sold the product to governments that wanted to use it to find ways to break into iPhones, [13] but the companies settled in 2023. [14]

Wang also cofounded Quantum Metric, a data analytics company. [15]

Related Research Articles

<span class="mw-page-title-main">Privilege escalation</span> Gaining control of computer privileges beyond what is normally granted

Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application or user with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

VTech Holdings Limited is a Hong Kongese company of children's electronic learning products. It is the world's largest manufacturer of cordless phones. It was founded in October 1976 by Allan Wong (Chi-Yun) and Stephen Leung.

iPhone Line of smartphones by Apple Inc.

The iPhone is a smartphone produced by Apple that uses Apple's own iOS mobile operating system. The first-generation iPhone was announced by then–Apple CEO Steve Jobs on January 9, 2007. Since then, Apple has annually released new iPhone models and iOS updates. As of November 1, 2018, more than 2.2 billion iPhones had been sold.

iOS Mobile operating system by Apple

iOS is a mobile operating system developed by Apple exclusively for its smartphones. It was unveiled in January 2007 for the first-generation iPhone, launched in June 2007.

iOS jailbreaking is the use of a privilege escalation exploit to remove software restrictions imposed by Apple on devices running iOS and iOS-based operating systems. It is typically done through a series of kernel patches. A jailbroken device typically permits root access within the operating system and provides the right to install software unavailable through the App Store. Different devices and versions are exploited with a variety of tools. Apple views jailbreaking as a violation of the end-user license agreement and strongly cautions device owners not to try to achieve root access through the exploitation of vulnerabilities.

<span class="mw-page-title-main">Jay Freeman</span> American computer scientist

Jay Ryan Freeman is an American businessman and software engineer. He is known for creating the Cydia software application and related software for jailbroken iOS—a modified version of Apple's iOS that allows for the installation and customization of software outside of the regulation imposed by the App Store system.

<span class="mw-page-title-main">JailbreakMe</span> Series of iOS jailbreaks

JailbreakMe is a series of jailbreaks for Apple's iOS mobile operating system that took advantage of flaws in the Safari browser on the device, providing an immediate one-step jailbreak, unlike more common jailbreaks, such as Blackra1n and redsn0w, that require plugging the device into a computer and running the jailbreaking software from the desktop. JailbreakMe included Cydia, a package management interface that serves as an alternative to the App Store. Although it does not support modern devices, the websites remain available for compatible devices.

greenpois0n is a name shared by a series of iOS jailbreaking tools developed by Chronic Dev Team that use exploits to remove software restrictions on iPhones, iPads, iPod Touches, and Apple TVs. Greenpois0n's initial release in October 2010 jailbroke iOS 4.1, and its second version in February 2011 jailbroke iOS 4.2.1 as well as iOS 4.2.6 on CDMA iPhones. The second generation of the tool, greenpois0n Absinthe, was developed with iPhone Dev Team members and jailbroke iOS 5.0.1 in January 2012, and a second version jailbroke iOS 5.1.1 in May 2012.

<span class="mw-page-title-main">Hacking of consumer electronics</span>

The hacking of consumer electronics is a common practice that users perform to customize and modify their devices beyond what is typically possible. This activity has a long history, dating from the days of early computer, programming, and electronics hobbyists.

Cellebrite DI Ltd. is an Israeli digital intelligence company that provides tools for federal, state, and local law enforcement as well as enterprise companies and service providers to collect, review, analyze and manage digital data. On April 8, 2021, Cellebrite announced plans to go public via a merger with a blank-check firm, valuing the company at approximately $2.4 billion. Their flagship product series is the Cellebrite UFED.

<span class="mw-page-title-main">Evasi0n</span>

evasi0n is a jailbreak program for iOS 6.0-6.1.2, released on 4 February 2013, made by the evad3rs team. An updated version for iOS 7.0-7.0.6, evasi0n7, was released on 22 December 2013. More than seven million copies of evasi0n were downloaded in the first four days after release. It is known for a portable code base and minimal use of arbitrary code execution.

PP Jailbreak, also commonly known as PP, PP25 App or PP25 Jailbreak, is a term describing a free Chinese app containing tools capable of jailbreaking iOS 8 devices, except for Apple TV. Eligible products include: iPod Touch, iPhone and iPad. This app was developed by a Chinese iOS hacking community known as PP Assistant. It was first released on January 19, 2015

The following is a timeline of WhatsApp, a proprietary cross-platform, encrypted, instant messaging client for smartphones.

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.

Ian Beer is a British computer security expert and white hat hacker, currently residing in Switzerland and working for Google as part of its Project Zero. He has been lauded by some as one of the best iOS hackers. Beer was the first security expert to publish his findings under the "Project Zero" name in the spring of 2014; at this time, the project was not yet revealed and crediting the newly discovered vulnerabilities to it led to some speculation.

A SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.

Grayshift is an American mobile device forensics company which makes a device named GrayKey to crack iPhones, iPads, and Android devices. In 2023, it merged with the Canadian firm Magnet Forensics.

<span class="mw-page-title-main">Cellebrite UFED</span> Software to extract data from mobile devices

The UFED is a product series of the Israeli company Cellebrite, which is used for the extraction and analysis of data from mobile devices by law enforcement agencies.

The Linux kernel can run on a variety of devices made by Apple, including devices where the unlocking of the bootloader is not possible with an official procedure, such as iPhones and iPads.

Crowdfense is a Dubai-based information security company, established in 2018. The company purchases zero-day exploits from security researchers in a purported bug bounty program, then sells the exploits to governments, acting as a sort of broker. Crowdfense initially posted iPhone bounties for $3 million USD, but since increased the maximum payout to between $5 and $7 million.

References

  1. Merchant, Brian (2017-06-20). The One Device: The Secret History of the iPhone. Little, Brown. ISBN   978-0-316-54611-9.
  2. Dybwad, Barb (2010-04-22). "Hacker Runs Android OS on an iPhone [VIDEO]". Mashable. Retrieved 2021-11-25.
  3. Franceschi-Bicchierai, Lorenzo; Merchant, Brian (2017-06-28). "The Life, Death, and Legacy of iPhone Jailbreaking". Vice. Retrieved 2024-07-31.
  4. "Planet Money Episode 596: Hacking The iPhone For Fun, Profit, And Maybe Espionage". NPR. 2017-03-08. Retrieved 2024-07-31.
  5. 1 2 Nakashima, Ellen; Albergotti, Reed (2021-04-14). "The FBI wanted to unlock the San Bernardino shooter's iPhone. It turned to a little-known Australian firm". Washington Post. ISSN   0190-8286 . Retrieved 2024-07-31.
  6. Greenberg, Andy (2014-07-15). "Inside Evasi0n, The Most Elaborate Jailbreak To Ever Hack Your iPhone". Forbes. Retrieved 2024-07-31.
  7. Miller, Charlie; Blazakis, Dion; DaiZovi, Dino; Esser, Stefan; Iozzo, Vincenzo; Weinmann, Ralf-Philip (2012-04-30). iOS Hacker's Handbook. John Wiley & Sons. p. 343. ISBN   978-1-118-24075-5.
  8. Zdziarski, Jonathan (2008-09-12). IPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets. "O'Reilly Media, Inc.". p. 34. ISBN   978-0-596-15537-7.
  9. Franceschi-Bicchierai, Lorenzo (2019-03-06). "The Prototype iPhones That Hackers Use to Research Apple's Most Sensitive Code". Vice. Retrieved 2024-08-01.
  10. Brewster, Thomas (2018-02-15). "This Super Stealth Startup Has Built An Apple Hacker's Paradise". Forbes. Retrieved 2024-08-01.
  11. Franceschi-Bicchierai, Lorenzo (2022-11-21). "A Leak Details Apple's Secret Dirt on a Trusted Security Startup". Wired. ISSN   1059-1028 . Retrieved 2024-08-09.
  12. Bode, Karl (2020-03-05). "This Company Made a Version of Android That Runs on the iPhone". Vice. Retrieved 2024-07-31.
  13. Albergotti, Reed (2021-08-11). "Apple drops intellectual property lawsuit against maker of security tools". Washington Post. ISSN   0190-8286 . Retrieved 2024-08-09.
  14. Brewster, Thomas (2023-12-14). "Apple And Cyber Startup Corellium Settle Four-Year Court Battle". Forbes. Retrieved 2024-08-09.
  15. Heilman, Wayne (2021-02-07). "CEO of Colorado Springs' first $1 billion technology 'unicorn' vows to keep his successful venture local". Colorado Springs Gazette. Retrieved 2024-07-31.