Ten years ago, David Wang pulled off a remarkable trick, installing Android on the first-generation iPhone.
Now Wang and his colleagues at cybersecurity startup Corellium are doing it again with the ostentatiously titled Project Sandcastle. And Forbes got an exclusive hands-on look at their Android for iPhone product ahead of its public release scheduled for later this Wednesday.
The timing is sure to have Apple fanboys rubbernecking: Corellium is in the middle of being sued by Apple.
As previously reported by Forbes, in August last year, Corellium was taken to court over Apple claims the startup breached copyright laws by creating software versions of the iPhone for security and testing. The case took a surprise turn late last month when Apple subpoenaed Spanish banking giant Santander and the $50 billion U.S. military and intelligence contractor L3Harris.Today In: Cybersecurity
But Corellium has lofty ambitions for Project Sandcastle, saying that it’ll actually show how Apple’s walled garden, which it has fiercely protected since launching its flagship phone in 2007, can be deconstructed and taken over by others’ software.
“Project Sandcastle is about having fun building something new from the sand—from the literal silicon of the hardware,” said Corellium CEO Amanda Gorton, in a statement sent to Forbes.
A Cheeky Potshot At Apple
“Apple restricts iPhone users to operate inside a sandbox, but users own that hardware, and they should be able to use that hardware the way they want. So where sandboxes create limits and boundaries on the hardware that users own, sandcastles provide an opportunity to create something new and wonderful from the limitless bounds of your imagination.”
The release might also be seen as a cheeky potshot at Apple as the copyright legal tussle continues. “Apple has, for years, attempted to lock down the iPhone and iPad under the guise of security when, in reality, it sought to exclude competition,” says David Hecht, partner at Pierce Bainbridge and Corellium’s counsel.
“Apple’s dominance allows it to decide everything from what apps will be allowed in the market to the commission it charges developers. Corellium’s solution to run Android on iPhone will finally provide customers with a viable alternative to Apple’s App Store and iOS.”
How Do I Get It?
The hack is currently limited to a handful of devices: the iPhone 7, the iPhone 7 Plus and the iPod Touch, but Chris Wade, cofounder of Corellium, says more support is coming. And it may not ever work on any iPhones older than the 5S or newer than the X. That’s because the hack uses the checkra1n jailbreak to launch, which won’t work on the 11 model or above. If a new jailbreak is found, however, it could be possible that Android for iPhone will work on the most recent Apple devices. And given the underlying vulnerabilities exploited by checkra1n probably won’t ever be fixed by Apple, it should work in perpetuity for relevant devices.
For anyone who wants to try the beta like Forbes did, head to ProjectSandcastle.org and follow the instructions. The site only went up this week as Corellium is constantly working on updates to its Android for iPhone, so don’t expect the full Android experience for now. It’s Android 10, but you won’t be able to do things like use the camera or install apps from Google Play.
When Forbes played around with the phone, running Android on an iPhone 7 running iOS 13.3, the most compelling addition was encrypted messaging app Signal. This points to a more interesting use case than simply getting a kick out of running Android on an iPhone.
With Project Sandcastle possible to create an “ephemeral” phone within the iPhone, where everything you’ve done on the operating system vanishes on reboot and iOS returns. This is particularly handy for anyone wanting to have a sensitive conversation over Signal—once you’re done with encrypted calls and messages, you can erase all memory of them from the device and go back to using iOS.
Jailbreaks like Checkra1n can make iPhones less secure, as it removes “sandboxing,” which prevents malicious code from one app stealing data from another, among other security protections. It’s therefore worth considering what device, if any, you choose to install this on.
How Did They Do It?
Wang told Forbes that recreating Android for iPhone was no easy feat. Over the last decade, Apple has been upping the security of its devices.
“The big challenge was that the Apple hardware is both undocumented and nonstandard. Our team knows more about it than most outside Apple, but we still had to put in a considerable amount of work to build drivers for it,” he told Forbes over Signal.
One major issue was wrangling with the way in which Android handles memory so it was able to work on an iPhone, as Apple handles memory in different size chunks to Google, he says.
To build Project Sandcastle, Corellium’s team used its own tools, which can quickly spin up software versions of iPhones and Androids. Without that ability, if a hack bricked the device, they would’ve had to have switched to a new physical iPhone. But with their tool, they could just create a “virtualized” phone. Those virtualized versions are what have peeved Apple’s copyright lawyers, who claim they illegally replicate iPhones. Corellium has disputed Apple’s claims, and the court fight rumbles on.
Wang says he’s excited to see what the community does with the team’s work. “Even old devices could potentially be recycled without the issue of being locked to another user’s iCloud account or risking someone else’s data. We’re excited to see where the community takes it. We hope that it helps inspire other developers to keep pushing the mobile ecosystem forward.”