Developers arguing with each others and accusing each other of wrong doing is nothing new in the jailbreak community. Being the first iOS jailbreaker developers not based in the Western, the Pangu Team have already experienced this problem with them. The Pangu Team, from China, wrote a later titled “Jailbreak Should not Tolerate Regional Discrimination,” where they denied a significant amount of accusations from the jailbreak community along hacker Stefan Esser, mostly known as I0n1c.
The Pangu Team starts by talking about their master I0n1c, stating that he was being racist during his recent talk at Syscan and who “deliberately separate the jailbreak community with “Chinese” and “Western” labels and are full of morbid imaginations.” The team also cleared out some rumors that were spread about them.
- Any revenue obtained from the Pangu jailbreak is mainly used on research and development – “For us, our sponsorship is mainly used to support the development of jailbreak tools, cover the cost of software testing, and facility the download servers, etc.”
- The team never buys or have bought any vulnerabilities for their jailbreak – “In the first version of Pangu 7, among a number of vulnerabilities exploited in Pangu 7, we used the kernel information leaks discussed in Stefan Esser’s training course which have no NDA for the training. Also, it’s said that the vulnerability was already spreaded in a small range. So we leveraged the vulnerability in order to save our own vulnerability for next jailbreaks. But after receiving Stefan Esser’s criticism, we immediately released a new version of the jailbreak tool in which we replaced the vulnerability with our own vulnerability.”
- The team never bought or used stolen enterprise certificates – “In Pangu 7 and Pangu 8, we leveraged expired enterprise certificates to initial the jailbreaking process. We are very glad that some of jailbreak fans donated their own expired enterprise certificates to us. On the other hand, an enterprise certificate only costs a few hundreds dollars. We don’t see any reason to steal an enterprise certificate.”
Despite all this inconveniences and discrimination, the team stated that they will “continue to put efforts on pure, technical research, and try our best to contribute to the security community in future.”