Skip to main content

Hackers seemingly 'jailbreak' Oculus Quest 2 VR headset's Facebook log-in

Oculus Quest 2
(Image credit: Oculus)

The Oculus Quest 2 VR headset only launched in October, but hackers have reportedly found a way to 'jailbreak' it and bypass its mandatory Facebook login.

This breakthrough was reported by Extended Reality Safety Initiative (XR). Taking to Reddit last week, the non-profit research company confirmed it had reached root access on the device.

After this, a blog post was published on the hacker community website ReadyHackerOne saying that it has validated the Reddit post and the jailbreak of the Oculus Quest 2 headset was successful.

The post on HackerOne reads: "A researcher from the XR community has gained root access to Oculus Quest 2 and is able to bypass Facebook Login. XRSI’s own researchers have validated this jailbreak and are currently working to gather assurances to protect the individuals who discovered these methods of jailbreak."

Hackers have been trying to jailbreak and get root access (which comes with superior privileges) to the headset simply because it requires a Facebook account to even work properly.

Since its launch in October, people who bought the Quest 2 have been marred with problems using their Facebook accounts with the device.

What is 'jailbreaking'

Jailbreaking is the term given to the process removing software restrictions imposed by a manufacturer on a device. More often than not, Jailbreaking refers to this process in Apple products. Basically, jailbreaking your phone allows you to do things otherwise restricted to you like installing software not available from Apple's App Store and so on.

According to Eurogamer and other outlets, some people were left with a headset that wouldn't work because of issues logging into their own Facebook accounts. Further to this, some people's Facebook accounts were banned because they weren't in 'good standing'.

If this wasn't enough of a headache, we reported over the weekend that if you deactivate your Facebook profile, this will disable your Oculus profile too, and that deleting your Facebook account completely takes away all your games, purchases, and progress.

XR is working to make the jailbreak publically available, but Facebook might be looking to shut it down before this happens.

There are plenty of people out there who want this jailbreak. 

WebXR developer Robert Long took to Twitter to offer a $5,000 reward to someone if they were able to jailbreak the Quest 2.

In a series of tweets, he went on to explain why root access was important and listed a number of reasons why; mostly citing security concerns and consumer rights.

"We have the right to repair our own hardware," Long said. "It is our right to restore access to this hardware when it is taken from us. We have the right to legally modify our own devices just as people already do with their phones.

"We need to be certain that our biometric data is being used correctly. We need to know how and when our voice and movement data is being used. Security researchers need root access to the headset to validate the manufacturer's claims.

"These principles should apply to every headset and app ecosystem. By taking a stand against Facebook, we are taking a stand for the entire XR ecosystem."

What is rooting?

Rooting is often compared to jailbreaking, but this is is more about giving the user complete access to a device, mostly Andriod phones and tablets.

Having root access gives you 'super user' privileges and allows you to alter, replace or otherwise remove system applications and settings and run other specialised apps which would otherwise require admin-levels of permission. It does, however, often also open you up to security risks, and is used regularly in piracy practices.