Reddit reviews MacOS and iOS Internals, Volume III: Security & Insecurity

iOS has numerous amounts of security mechanisms in place

1. KASLR (Kernel Address Space Layout Randomization) - this randomizes the location of the kernel in the device. It makes it extremely hard to guess where the kernel is located therefore making it harder for exploits to target the kernel
   
   
2. App Sandboxing - Each app downloaded is 'sandboxed' which basically means its in its own cell. Apps cannot communicate/look at files without explicit permission from Apple, and even if Apple did give explicit permission (permission to camera roll, etc) it wouldnt be a big security risk either way
   
   
3. KPP (Kernel Patch Protection) This is the by far one of the hardest security mitigations implemented by Apple - Basically once the phone boots, KPP is then kicked up into Exception Level 3 and it acts as a guard for some major parts of the Kernel. Basically if something is modified at the kernel level, the phone will panic and reboot
   
   
4. AMFI (Apple Mobile File Integrity) This basically checks to make sure that the code written is verified and signed by Apple. We can use ROP to work around with this. Basically ROP is using Apple's own code to write an exploit.
   
   These are some of the basics and there are lots of good resources out there. I will link some of them below.
   
   https://xerub.github.io/ios/kpp/2017/04/13/tick-tock.html - KPP
   
   https://www.theiphonewiki.com/wiki/Main_Page - iPhone Wiki
   
   https://www.amazon.com/MacOS-iOS-Internals-III-Insecurity/dp/0991055535 - iOS internals
   
   http://newosxbook.com/index.php - iOS internals and code

You can always buy a jailbreak. Exploit brokers like zerodium pay out 1.5 million dollars for remote jailbreak 0-days.

Side note: *OS Internals Volume III by Jonathan Levin is a good source for people interested in learning about previous techniques used in jailbreaks