You Can Now Run Android on an iPhone With ‘Project Sandcastle’

Not happy with your expensive iPhone and wondered if it’s
possible to run any other operating system on your iPhone, maybe,
how to install Android on an iPhone or Linux for iPhones?

Android phones can be rooted, and iPhones can be jailbroken to
unlock new features, but so far, it’s been close to impossible to
get Android running on iPhones, given the mobile device hardware
constraints and software limitations.

However, it’s now possible to smoothly run Android on an
iPhone—thanks to a new initiative, dubbed Project
Sandcastle.

Undertaken by cybersecurity startup Corellium, Project
Sandcastle is the consequence of a 13-year-long developmental effort to port Android to
iOS and as well as demonstrate that Apple’s much-vaunted security
barriers can indeed be compromised.
^[1]

“Where sandboxes set limits and boundaries, sandcastles provide an
opportunity to create something new from the limitless bounds of
your imagination,” the project website says. “The iPhone restricts
users to operate inside a sandbox. But when you buy an iPhone, you
own the iPhone hardware.”

“Android for the iPhone gives you the freedom to run a different
operating system on that hardware. Android for the iPhone has many
exciting practical applications, from forensics research to
dual-booting ephemeral devices to combatting e-waste.”

For now, only a handful of devices, the iPhone 7, the iPhone 7
Plus, and the iPod Touch, are capable of running a customized
version of Android, which comes installed with OpenLauncher and the
secure Signal messaging app.

Even then, there’re a lot of restrictions^[2], including no support
for audio output, cellular modem, Bluetooth, and camera, to name a
few, as shown in the chart below.

All of this is only to say that Project Sandcastle is very much
a work in progress.

The hack makes use of semi-tethered Checkra1n jailbreak^[3]
to bypass restrictions, which is based on the checkm8 unpatchable
bootrom exploit^[4]
that makes it possible to gain deeper access to iOS.

It was initially released last November and works on the iPhone
5s to iPhone X, running iOS 12.3 and newer versions.

Jailbreaking — similar to rooting on Google’s Android — is a
process to escalate privileges that allows iOS users to remove
software restrictions imposed by Apple, thereby making it possible
to bypass the company’s walled garden to add apps and other
functions, including those from unofficial app stores.

The practice, it is to be noted, also voids your device’s
warranty, as it’s a violation of Apple’s End User License Agreement
that you agree to every time you purchase a new iPhone.

Furthermore, due to the inherent security risks involved, Apple
has steadily imposed a hardware and software lockdown of its
ecosystem and made it deliberately difficult to jailbreak
devices.

Furthermore, jailbreaks tend to be very specific, and very much
dependent on the phone and iOS version, in order for them to be
successfully replicated.

The only problem is that Checkra1n is just a temporary jailbreak,
and will get wiped out once the phone reboots.

While the jailbreak at first was only possible through macOS, it
gained Linux support last month, opening up the possibility of
performing a jailbreak via non-Apple devices.

Thus, using the checkra1n jailbreak exploit, the Correlium team
found that it’s even possible to install a semi-working version of
Android on an iPhone. The result is almost equivalent to running a
temporary OS on your iPhone.

Correlium’s Project Sandcastle comes as Apple sued the company
last year for alleged copyright infringement by selling iOS and
device virtualization software, including virtual versions of iOS
devices running what Apple calls unauthorized copies of iOS.

The development also follows Apple’s announcement last year that
it will distribute special iPhones with root access that are less
restrictive than their consumer counterparts for security research
as part of a new iOS Security Research Device program.

While Project Sandcastle is a huge achievement, it goes without
saying that jailbreaking and rooting devices come with their own
risks.

The efforts are on to expand the project to the other iPhones
included in the jailbreak. You can give the beta a shot by
following the instructions here^[5].