A previous confirmation by the non-profit privacy and security organization XRSI surrounding a successful Quest 2 ‘jailbreak’—a means of freeing the device from Facebook account requirements and other software-based restrictions—has been put in doubt with a recent anonymous source discrediting the method as “fake”. XRSI has responded to the claim, saying they’re still in the vetting process.

The Setup

Following an advertisement of a cash bounty to attract would-be jailbreakers by Mozilla WebXR software engineer Robert Long, Oculus founder Palmer Luckey, and other community members, XRSI had reported in late October that a researcher from the XR community had gained root access to Oculus Quest 2 and was able to fully bypass Facebook Login—a controversial new requirement that comes part and parcel with Quest 2.

The mantle was taken up by XRSI to protect the anonymity of those involved and vet the jailbreak, which it says is being carried out by independent researchers. However, now XRSI has found itself embroiled in controversy, requiring a response to a prominent claim regarding the jailbreak’s veracity. XRSI says that, although the results were “not as straightforward and regular as they must be,” that the jailbreak method is still very much real.

The source of the controversy is an anonymous Reddit user who drew a fair amount of attention this week, claiming insider knowledge of the jailbreak and claiming it was fake based on some clear impossibilities.

The Controversy

In the post, which has since been deleted but can still be accessed via a cached webpage, the apparent insider claims the jailbreak in question isn’t real based on its reported ability to install Linux and Windows XP, the latter of which cannot be installed on Quest 2’s ARM-based CPU, which natively runs a custom variant of Android.

SEE ALSO
Spring Sales Bring Deep Discounts on Top Quest & PC VR Games

This, the anonymous source concludes, must have been a Virtual Machine (VM) to emulate Window XP and not a proper boot-unlock as such. Here’s an excerpt from the now-deleted post:

As the title states, the “confirmed” jailbreak on the Oculus Quest 2 is fake and does not provide root access to the device. A third party was tasked by the XRSI with replicating the jailbreak including investigating the possibility of other methods of jailbreaking the device but they told me after two days straight they could not verify that it was ever jailbroken in the first place. When informed, the XRSI decided to ignore this and continues to maintain that the jailbreak is real. They plan to release a statement to state that Facebook made a change to revert the jailbreak, this is untrue.

The source went on to encourage “all IT professionals to push the XRSI for evidence of their claims with regard to the jailbreak of Oculus Quest 2.”

It’s been suggested that XRSI’s initial announcement of a successful Quest 2 jailbreak may have hindered other efforts to do the same—especially those interested in the bounty—by claiming the finish line had already been crossed.

Marco Magnano, XRSI’s Executive Director of Communications, provided Road to VR with a response to the claims made by the anonymous source. Here’s that text in full:

There is not much we can say about that Reddit post because the premise of it (the definition of “fake”) is quite inaccurate and offensive on our side. What we provided in the first place has been the protection for the researchers who proposed the jailbreak and for the ones who validated it. So, it’s not something we made up.

Our verification process, delegated to trusted independent researchers, consisted of a remote demonstration of the actions performed on the device to unlock it and to install different Operative Systems in order to access the hardware. At that point, after the validation of what was seen, we started the second part of the process, asking the independent researchers to reproduce the whole set of actions. Unfortunately, the results are not as straightforward and regular as they must be. I would like to reiterate what we said in the original announcements – “We are currently working to gather assurances to protect the individuals who discovered these methods of jailbreak.”

Due to legal and ethical reasons, we are going to allow the individuals’ rights to remain private, but the point we made still stands: We need to protect the researchers and hackers who perform the jailbreak – It is a damn shame that people are trying to force XRSI to disclose this matter unethically and without a due course of the legal process. We remain steadfast in protecting the researcher involved and would appreciate everyone’s patience while we conclude the process.

Magnano further denies the claim that Windows XP was even seriously considered as a potential OS, saying that it was “a joke a researcher heard from the jailbreakers when he was asked ‘hey, what could be the funniest thing to try and install on the device?'”

SEE ALSO
First Filed in 2017, Vision Pro EyeSight Patent Envisioned Anime Eyes & Furry Avatars

Robert Long, the person who kicked off the bounty award with $5,000 of his own cash, also has his doubts about the jailbreak. He expressed his concerns about its veracity, saying there were “red flags in the verification process” that pointed to either a mistake made by the independent security researcher, or a malicious or confused jailbreaker which led to publicly claiming it was verified before it was ready.

“XRSI definitely should not have made a public statement saying it was verified when they did,” Long says.

Still, Long is very much in XRSI’s camp, saying that he supports the organizations approach despite, according to him, prematurely announcing the jailbreak’s success.

Payoff Still Pending

Although we’re no closer to knowing the full story, it’s possible to read between the lines somewhat given what we know already.

The anonymous source has some insider knowledge, as evidenced by the claim (puzzling though it may be) that Windows XP was mentioned between researchers and jailbreakers. Whether it’s a malicious attempt to discredit the project and its organizers, the act of a disaffected party, or a true look inside its inner workings remains to be seen. Long maintains the issue is a feud between the insider and XRSI in how to best deal with the issue at hand.

SEE ALSO
Daft Punk Music Pack for 'Beat Saber' Arrives Alongside Haptics Improvements on Quest

Knowing if this particular jailbreak is indeed authentic will likely come when XRSI either releases the jailbreak, or somehow backs up its claims with further proof. On the face of it, this approach doesn’t seem antithetical to its mission of protecting the researchers and jailbreakers involved, however revealing any info could compromise someone somehow, which XRSI doesn’t want if it intends on furthering this particular jailbreak, or any other method it happens to attract in the meantime.

Newsletter graphic

This article may contain affiliate links. If you click an affiliate link and buy a product we may receive a small commission which helps support the publication. More information.


Well before the first modern XR products hit the market, Scott recognized the potential of the technology and set out to understand and document its growth. He has been professionally reporting on the space for nearly a decade as Editor at Road to VR, authoring more than 3,500 articles on the topic. Scott brings that seasoned insight to his reporting from major industry events across the globe.
  • flamaest

    Let’s not fret over details, someone will very soon create a real jailbreak to this. It’s just a matter of time. Any technology that lowers the price to entry like this, and has technological borders put in front of it, will be quickly hacked. I wouldn’t be surprised if we see a real hack for this in the next 6 months. Just be sure to not update your firmware!

    • Andrew Jakobs

      Yeah, well good luck with using your headset the coming 6 months if you don’t update the firmware.. All they have to do, like Sony does, is add a requirement of a higher firmware for accessing the Oculus Store and you’re done..

      • Mitch Buz Stringer

        Well, bye-bye Oculus Store. If I want to pay for their games, but they wont let me i’ll get them elsewhere.

  • edzieba

    It’s never made ANY sense why a jailbreak would need some sort of shielding organisation or vetting process in the first place. Bootloader unlocks, roots, etc of every other device – from phones to consoles – are routinely announced by those who find said exploits.

    • Stony

      Yhe but it is better 2 have a company veting you and legal advice… sonny offer a bonty for the root for the PS3 and then no one claim it (as far as I know, cz sony would sue them…. and this companies have money to spend on cort and destroy your life, even if you are rigth…

  • Dragon Marble

    Wow, that was a long and convoluted response from XRSI. Here, I’ll help you out. This is the statement you should’ve made:

    “We are retracting the verification of the Oculus Quest 2 jailbreak. It is unfortunate, but it turned out to be fake (or a confusion). We will not disclose full details in order to protect the individuals behind the jailbreak (also, the details are quite embarrassing), but it suffices to say that the effort continues. We apologize to the community for a rushed process and poor judgement on our part.”

    • Iraida Clark

      Get $192 of an hour from Google!… Yes this is true as I just got my first payout that was awesome since it was biggest amount of $38451 in a week…(o1704)…It seems un-believable but you won’t forgive yourself if you do not check it >>>> http://www.LifestylesLinks.com |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

    • jvolgarr

      The original statement sounds too well written and meticulously thought out… Something Mark Suckerberg would write.

  • Dennis Tman

    Wow, what a horrible mind mess of a world we live in today.

  • Sven Viking
  • guest

    XP is almost certainly part of an effort to discredit the effort since the hardware is being sold at a loss. The crack will definitely be done in Linux since that’s what is underneath the AOSP code…

    • Andrew Jakobs

      still no proof that the hardware is being sold at a loss..

      • Dick Massive

        And where is YOUR proof that is isn’t ?

        • Tran Luong Khoa Bang

          You don’t need evidence of the contrary to dispute something without evidence in the first place.

        • Dude Slick

          Can’t prove a negative.

  • Billy Wallace

    PLDR Palmer Luckey; Didn’t Read