WEBVTT

00:00:00.000 --> 00:00:05.400
There's a long-standing idea that if you buy something, you should be able to use it however you see fit.

00:00:05.400 --> 00:00:10.240
Within reason, of course. But Apple is notorious for making it very difficult

00:00:10.240 --> 00:00:14.000
to install alternative operating systems on its iPhones,

00:00:14.000 --> 00:00:18.520
even if they've been paid off in full and are not part of a carriers financing program.

00:00:18.520 --> 00:00:21.840
Now, although usage restrictions are familiar for software,

00:00:21.840 --> 00:00:26.840
where the idea is that you pay for a license to use the software rather than the right

00:00:26.840 --> 00:00:33.120
to do whatever you want with the source code, this doesn't make as much sense in the context of hardware.

00:00:33.120 --> 00:00:36.160
I mean, the physical device may be protected by patents,

00:00:36.160 --> 00:00:40.120
but you still own the actual silicon and glass

00:00:40.120 --> 00:00:44.600
that makes up your iPhone. But one team of developers recently found a way

00:00:44.600 --> 00:00:48.240
to get Android installed on iPhones.

00:00:48.240 --> 00:00:53.280
The system goes by the name Project Sandcastle, and it uses a specific jailbreak,

00:00:53.280 --> 00:00:56.760
which you can learn more about up here, to bypass Apple's restrictions

00:00:56.760 --> 00:01:00.680
and get Android up and running. At least to an extent.

00:01:00.680 --> 00:01:05.200
But how exactly did the team at Corellium, a cybersecurity startup, pull this off?

00:01:05.200 --> 00:01:09.720
One of the big keys is that they built a virtualized version of the iPhone

00:01:09.720 --> 00:01:13.680
that runs iOS on a Corellium built virtual machine.

00:01:13.680 --> 00:01:17.140
In fact, because Corellium sells this iPhone VM,

00:01:17.140 --> 00:01:20.760
they're currently embroiled in a legal battle with Apple.

00:01:20.760 --> 00:01:24.280
Their in-house virtual machine allowed them to test exploits

00:01:24.280 --> 00:01:29.040
without running the risk of bricking one expensive iPhone after another.

00:01:29.040 --> 00:01:32.500
As for pulling off the actual feat of running Android on an iPhone,

00:01:32.500 --> 00:01:37.640
the team had to write a number of custom drivers, including for NVMe support.

00:01:37.640 --> 00:01:40.960
Although Android is known for working on a wide variety of hardware,

00:01:40.960 --> 00:01:45.840
there weren't drivers available that could link an operating system other than iOS

00:01:45.840 --> 00:01:52.320
with the hardware inside an iPhone. Corellium also had to adjust how Android handles memory,

00:01:52.320 --> 00:01:56.400
as the iPhone processor family handles data in different sized pages

00:01:56.400 --> 00:02:01.400
than what you would see in an Android phone. Additionally, it turned out that iOS initializes

00:02:01.400 --> 00:02:05.440
multiple processor cores, which all modern iPhones contain,

00:02:05.440 --> 00:02:08.960
differently than Android, which caused further complexity.

00:02:08.960 --> 00:02:12.640
But despite these setbacks, there's now a working beta of sandcastle

00:02:12.640 --> 00:02:17.880
that you can install on your iPhone after using the check-rain exploit to jailbreak it.

00:02:17.880 --> 00:02:22.440
This particular jailbreak takes advantage of a security flaw in the iPhone's boot ROM,

00:02:22.440 --> 00:02:25.640
which is the first thing that runs when you power up the device.

00:02:25.640 --> 00:02:30.320
The flaw is a hardware level issue, so it's been described as un-patchable

00:02:30.320 --> 00:02:33.440
until Apple significantly changes their hardware design.

00:02:33.440 --> 00:02:39.320
But although getting Android to run on an iPhone was definitely an impressive and cool feat,

00:02:39.320 --> 00:02:42.900
there are unsurprisingly significant caveats.

00:02:42.900 --> 00:02:48.640
Right now, the only devices that can run Project Sandcastle are the iPhone 7 and 7 Plus,

00:02:48.640 --> 00:02:53.280
as well as the 7th gen iPod Touch. And once you get it up and running,

00:02:53.320 --> 00:02:58.440
don't expect every Android feature to work the way that it would on a true Android phone.

00:02:58.440 --> 00:03:01.840
Notably, there's currently no support for audio,

00:03:01.840 --> 00:03:05.300
cellular connectivity, Bluetooth, or the camera.

00:03:05.300 --> 00:03:08.820
And don't expect GPU support for gaming either.

00:03:08.820 --> 00:03:13.560
However, multi-touch, USB, and Wi-Fi all work.

00:03:13.560 --> 00:03:18.660
So if you're interested in simply using Android to connect to the internet on an iPhone

00:03:18.660 --> 00:03:23.360
and browse lttstore.com, go ahead and give it a shot.

00:03:23.360 --> 00:03:27.580
However, do take note that because of the nature of how CheckRain works,

00:03:27.580 --> 00:03:33.560
it disappears whenever you restart your device. So you shouldn't be relying on Project Sandcastle,

00:03:33.560 --> 00:03:36.960
if this wasn't already clear, as a long-term OS for an iPhone

00:03:36.960 --> 00:03:42.200
that you use as a daily driver, even if you could put up with the limited functionality.

00:03:42.200 --> 00:03:48.040
But given the relatively short length of time that the Android port took to develop into a functional beta,

00:03:48.080 --> 00:03:51.720
could we see an unsanctioned, yet fully functional Android

00:03:51.720 --> 00:03:56.800
running on an iPhone in the future? I mean, it worked for the Hackintosh folks.

00:03:56.800 --> 00:03:59.880
That is until Apple goes ARM and it gets more complicated.

00:03:59.880 --> 00:04:04.800
Eh. Thanks for watching, guys. Like, dislike, check out our other videos,

00:04:04.800 --> 00:04:09.440
leave a comment if you have a suggestion for a future video, and don't forget to subscribe.

00:04:09.440 --> 00:04:12.720
Or all the toilet paper in your house will suddenly be gone

00:04:12.720 --> 00:04:16.080
and you're gonna take like a giant dump and you're gonna have no way