Since the first release of Pangu jailbreak tool, the team Pangu has been facing wrath of criticism from other members of the iOS hacking community. To address some of the “vilification”, the team has posted a lengthy post on its blog.
In a response to the criticism the team has received “especially from Stefan Esser (i0n1c),” renowned iOS hacker, the team writes: “As a team of “nerds”, we did not want to waste time on responding such useless things and hoped that eventually these things would stop after a while. We hereby just want to clarify the rumours, discriminations, and vilifications on our team.”
The Pangu team was rumored to have received $1 million sponsorship shortly after the release of evasi0n 7 jailbreak. So that’s the first thing the team tried to address in the post. The article reads that while the team has received sponsorship for software testing, download server maintenance and for all the devices needed for jailbreak testing, the team says the sponsor certainly ha not been $1 million.
The team also condemns the reports claiming that the team bought vulnerabilities to develop their Pangu 7 jailbreak tool. They admit that they made use of the “kernel information leaks discussed in Stefan Esser’s training course,” which were already out in the wild, in an effort to preserve their own vulnerabilities – which were still secret – for future jailbreaks.
Pangu further insisted that the team has the abilities and skills to find vulnerabilities and exploit them to develop jailbreak tool. The team wanted to preserve their own vulnerabilities “But after receiving Stefan Esser’s criticism, we immediately released a new version of the jailbreak tool in which we replaced the vulnerability with our own vulnerability.”
The team also dismissed the thought that it stole enterprise certificates. The team says that it leveraged expired certificates in Pangu 7 and Pangu 8, and also used certificates donated by fans, which they say they are very grateful for. But insisted that they didn’t steal any.
An enterprise certificate only costs a few hundreds dollars. We don’t see any reason to steal an enterprise certificate.
The team Pangu acknowledges they learned a lot from their previous work, jailbreak tools and other hackers, and that their collaboration with Cydia creator is enabling the platform to work on iOS 8. They remind their fans that the team has given back to the community by presenting their techniques at events like Syscan360 2014, POC 2012, and CanSecWest 2015.
The team says they are a proud member of the jailbreak community and grateful to the community and that they will keep contributing in the future. They hope that one day, the hacking community will not judge one’s work based on “its developers’ race, creed, color, or religion.”