• A research group, Paradigm Shift, found a bug in the USB controller of Apple’s A12 and A13 chips.
• They combined it with a firmware mistake and got full control of the phone — running their own code before iOS even wakes up.
• It’s physical only: you need the phone in your hands, plugged into a little RP2350 board via USB.
• Once it’s done (under 2 seconds), the phone stays cracked through updates, restores, reboots — forever.
• This is basically the spiritual sequel to checkm8, the legendary 2019 unpatchable exploit. Old-timers know the play.

Translation: any iPhone from roughly 2018-2019. There are hundreds of millions of these floating around in drawers, repair shops, and resale markets worldwide. MacRumors has the full device list.

• Privacy folks are split: PrivacyGuides flagged that if someone grabs your old phone, they can own it forever. Don’t hand these off without wiping AND retiring them from anything sensitive.
• Tinkerers are thrilled — unpatchable = a permanent, reliable door for modders and repair shops.
• Apple’s response so far: it needs physical access, so they’re shrugging in public. (They were “coordinated disclosed,” meaning the researchers told Apple first.)

Nobody’s hacking your XR over wifi from across the planet. This needs hands-on the device + a USB cable + a little board. So the real danger is a lost/stolen/secondhand phone — not your daily driver sitting in your pocket. → That same limitation is exactly why the legit hustles below work: you’re doing this to phones YOU own.

Repair shops and recyclers sit on piles of A12/A13 phones marked “locked” or “parts only” — sold dirt cheap because nobody could do anything with them. This crack changes what “useless” means. Buy the cheap pile, turn them into clean, modded, single-purpose devices, sell them for 4-5x.

Example: A 24-year-old repair-shop kid in Lagos, Nigeria buys “for parts” iPhone XRs at ~$22 each from local resellers on Jiji, cleans them into media/retro-game devices, and resells on the same platform for $90-110. He moves 15 a month.

Timeline: First flip in a week. Stays good 6-9 months until local prices on these old units climb as everyone catches on.

An A13 iPhone 11 is a stupidly powerful little computer. Once it’s jailbroken, you can load emulators and turn it into a dedicated retro handheld — no app store, no Apple permission, no nags. People pay a premium for a clean “console” that isn’t their phone.

Example: A 19-year-old in Manila, Philippines grabs cracked iPhone XRs, installs free emulators via AltStore, preloads them, and sells “retro pocket consoles” on Facebook Marketplace for ₱5,500 (~$95). Buyers love that it just works out of the box.

Timeline: First sale in days. Honest plateau when bigger sellers flood the same niche in ~3 months — get in early.

Here’s the angle nobody’s talking about: a jailbroken old iPhone can be stripped down into a locked-down, single-purpose device — one app, no tracking junk, no background phone-home. Small businesses love a cheap “kiosk” tablet/phone they fully control. You sell setup + the device.

Example: A 27-year-old in Medellín, Colombia turns cracked iPhones into single-app order-kiosks for cafés (menu app only, locked down), charging shops $140 per unit + $15/month for swaps. Five cafés signed in his first month.

Timeline: First client in 2 weeks. Recurring income holds as long as you keep the devices serviced — this one actually lasts.

Everyone’s gonna want to try this, and 90% won’t know how to wire up an RP2350 board. So don’t chase the hack — sell the kit. Pre-flashed board + cable + a one-page idiot-proof guide. The people digging for gold always need shovels.

Example: A 22-year-old electronics student in Shenzhen, China sources RP2350 boards for ~$3, pre-flashes them, bundles a cable + printed guide, and sells “plug-and-go kits” on AliExpress for $24. Pure margin, ships worldwide.

Timeline: First orders in 10 days. The window is the loud part — heaviest demand in the first 2-3 months while it’s front-page news.

Tons of people have an old iPhone XS/11 they’re locked out of — forgotten passcode, dead owner, hand-me-down. With physical access and the owner’s permission, this exploit opens doors a normal repair shop can’t. Offer “locked old iPhone? We’ll recover your photos” as a legit, consent-based service.

Example: A 30-year-old in Karachi, Pakistan advertises “old iPhone photo recovery” on OLX, only takes devices with proof of ownership, and charges Rs 6,000 (~$21) per recovery. Word-of-mouth got him 20 jobs in month one.

Timeline: First paying job in a week. Steady demand — old phones break and get forgotten forever, so this doesn’t really dry up.