Since the first release of our untethered jailbreak tool Pangu 7 in June 2014, there have been many ridiculous rumors, discriminations, and vilifications on our team, especially from Stefan Esser (@i0n1c). As a team of “nerds”, we did not want to waste time on responding such useless things and hoped that eventually these things would stop after a while. We put 100% efforts on developing new jailbreaks for iOS 8 and successfully released Pangu 8 roughly a month after iOS 8 was released.
We could ignore the increasingly unfunny and ridiculous comments on our team, but cannot bear the racist comments from Stefan Esser in his recent talk at Syscan, which deliberately separate the jailbreak community with “Chinese” and “Western” labels and are full of morbid imaginations. In fact, many well-known iOS “Western” hackers including comex and P0sixninja are visiting Beijing, China today for a mobile security summit.
Apparently, the Pangu team cannot represent all Chinese jailbreak developers. We hereby just want to clarify the rumors, discriminations, and vilifications on our team.
The financial sponsorship of the Pangu team is mainly used to cover the cost of developing jailbreak tools
The “1 million USD” rumor was first posted when evasi0n 7 was released.
For us, our sponsorship is mainly used to support the development of jailbreak tools, cover the cost of software testing, and facility the download servers, etc. Note that, to make our untethered jailbreak tool reliable, we need to test all hardware models from iPhone 4s to iPhone 6 Plus, from iPad 2 to iPad Air, all iOS versions from 7.1 to 8.1. The sponsorship is also used to purchase all kinds of iOS devices for the testing purpose. But anyway, we are also wondering where the “1 million USD” is, LOL.
The Pangu team does not buy vulnerabilities, never and ever
In the first version of Pangu 7, among a number of vulnerabilities exploited in Pangu 7, we used the kernel information leaks discussed in Stefan Esser’s training course which have no NDA for the training. Also, it’s said that the vulnerability was already spreaded in a small range. So we leveraged the vulnerability in order to save our own vulnerability for next jailbreaks. But after receiving Stefan Esser’s criticism, we immediately released a new version of the jailbreak tool in which we replaced the vulnerability with our own vulnerability.
We have the ability and knowledge to continue to find more vulnerabilities and develop untethered jailbreak tools. We are very confident that we do not need to buy any vulnerability.
The Pangu team did not use any stolen/leaked enterprise certificates
In Pangu 7 and Pangu 8, we leveraged expired enterprise certificates to initial the jailbreaking process. We are very glad that some of jailbreak fans donated their own expired enterprise certificates to us. On the other hand, an enterprise certificate only costs a few hundreds dollars. We don’t see any reason to steal an enterprise certificate.
Feedback to the community
We learned a lot from previous jailbreak tools and the jailbreak community. We also want to share our knowledge with the community. That’s why we presented the details of our techniques at Syscan360 2014, POC 2014, and CanSecWest 2015. We also have many blogs discussing patched vulnerabilities in iOS kernels at blog.pangu.io.
In addition, we closely worked with Saurik, the developer of Cydia, to make Cydia work on iOS 8. We hope jailbreak users would like our efforts.
We did obfuscate the code of our jailbreak tools, but it is mainly to prevent the jailbreak exploits from being used, and prevent Apple from easily understanding and fixing the vulnerabilities. So far it really worked.
With the every release of untethered jailbreaks, we always see similar nonsense comments from certain people. We felt very sad for wasting time on writing such a non-technical article. In our future talks at any security conference, we will only focus on technical stuff to respect all attendees, rather than wasting their time with balderdash. While some people run training courses based on iDevices jailbroken by public tools, jailbreak tool developers release tools for free and share the details of tools for free.
Yes, we are Chinese. We are grateful to the jailbreak community, and we are also proud of being a member of the jailbreak community and being able to contribute to the community. We were so excited that Pangu 7 and Pangu 8 were downloaded by many millions of times from all over the world. We hope the jailbreak community should not judge a work for its developers’ race, creed, color, or religion.
Finally, we will continue to put efforts on pure, technical research, and try our best to contribute to the security community in future. This is our final response to these comments.
The Pangu Team
March 27, 2015.