Android phones can be rooted, and iPhones can be jailbroken to unlock new features, but so far, it's been close to impossible to get Android running on iPhones, given the mobile device hardware constraints and software limitations.
However, it's now possible to smoothly run Android on an iPhone—thanks to a new initiative, dubbed Project Sandcastle.
Undertaken by cybersecurity startup Corellium, Project Sandcastle is the consequence of a 13-year-long developmental effort to port Android to iOS and as well as demonstrate that Apple's much-vaunted security barriers can indeed be compromised.
"Where sandboxes set limits and boundaries, sandcastles provide an opportunity to create something new from the limitless bounds of your imagination," the project website says. "The iPhone restricts users to operate inside a sandbox. But when you buy an iPhone, you own the iPhone hardware."
"Android for the iPhone gives you the freedom to run a different operating system on that hardware. Android for the iPhone has many exciting practical applications, from forensics research to dual-booting ephemeral devices to combatting e-waste."
For now, only a handful of devices, the iPhone 7, the iPhone 7 Plus, and the iPod Touch, are capable of running a customized version of Android, which comes installed with OpenLauncher and the secure Signal messaging app.
Even then, there're a lot of restrictions, including no support for audio output, cellular modem, Bluetooth, and camera, to name a few, as shown in the chart below.
All of this is only to say that Project Sandcastle is very much a work in progress.
The hack makes use of semi-tethered Checkra1n jailbreak to bypass restrictions, which is based on the checkm8 unpatchable bootrom exploit that makes it possible to gain deeper access to iOS.
It was initially released last November and works on the iPhone 5s to iPhone X, running iOS 12.3 and newer versions.
Jailbreaking — similar to rooting on Google's Android — is a process to escalate privileges that allows iOS users to remove software restrictions imposed by Apple, thereby making it possible to bypass the company's walled garden to add apps and other functions, including those from unofficial app stores.
The practice, it is to be noted, also voids your device's warranty, as it's a violation of Apple's End User License Agreement that you agree to every time you purchase a new iPhone.
Furthermore, due to the inherent security risks involved, Apple has steadily imposed a hardware and software lockdown of its ecosystem and made it deliberately difficult to jailbreak devices.
Furthermore, jailbreaks tend to be very specific, and very much dependent on the phone and iOS version, in order for them to be successfully replicated.
The only problem is that Checkra1n is just a temporary jailbreak, and will get wiped out once the phone reboots.
While the jailbreak at first was only possible through macOS, it gained Linux support last month, opening up the possibility of performing a jailbreak via non-Apple devices.
Thus, using the checkra1n jailbreak exploit, the Correlium team found that it's even possible to install a semi-working version of Android on an iPhone. The result is almost equivalent to running a temporary OS on your iPhone.
Correlium's Project Sandcastle comes as Apple sued the company last year for alleged copyright infringement by selling iOS and device virtualization software, including virtual versions of iOS devices running what Apple calls unauthorized copies of iOS.
The development also follows Apple's announcement last year that it will distribute special iPhones with root access that are less restrictive than their consumer counterparts for security research as part of a new iOS Security Research Device program.
While Project Sandcastle is a huge achievement, it goes without saying that jailbreaking and rooting devices come with their own risks.
The efforts are on to expand the project to the other iPhones included in the jailbreak. You can give the beta a shot by following the instructions here.