Back on May 2018 xerub has posted a writeup called "De Rebus Antiquis" of what is pretty much an old iBoot exploit. While his writeup is very good and easily understandable, I'd love to see your take on it, maybe some experiments too. Is it covered in any volume/update/article?
https://xerub.github.io/ios/iboot/2018/ ... iquis.html