Hacker finds iOS 4.1 bootrom vulnerability


Recommended Posts

Hacker finds iOS 4.1 bootrom vulnerability that can jailbreak all current hardware

http://www.geek.com/articles/apple/hacker-finds-ios-4-1-bootrom-vulnerability-that-can-jailbreak-all-current-hardware-2010099/

Yesterday?s release of iOS 4.1 was good news for iPhone gamers and iPhone 3G owners who had performance issues post-4.0, but bad news for jailbreakers, with the Dev Team themselves warning users not to upgrade to 4.1 as there was no known way to reverse the baseband post-update.

As usual, though, what?s true in the cat-and-mouse jailbreaking scene one day is not true the other, and now there?s good news for jailbreakers, at least in theory. iPhone hacker pod2g has revealed on Twitter that he has successfully discovered a new bootrom exploit, and even better: all the new iOS hardware including the iPhone 4 and new iPod Touch is vulnerable to it.

The good news here is that means that Apple would be powerless to patch this vulnerability through software, since its a hardware issue? but that won?t necessarily stop them from patching up the issue at the factory for any hardware that comes down the line in coming months.

So, in theory, the Dev Team should be able to use this to jailbreak any iPod Touches and iPhone 4s currently in the wild? but given Apple?s historic response to jailbreaking, don?t expect this vulnerability to last. If you want a new iPod Touch or iPhone 4, and if you want to jailbreak it, buy your device now? if you buy it in a few months, you may very well be out of luck.

  On 09/09/2010 at 12:57, A Geek Of All said:

Hacker finds iOS 4.1 bootrom vulnerability that can jailbreak all current hardware

http://www.geek.com/articles/apple/hacker-finds-ios-4-1-bootrom-vulnerability-that-can-jailbreak-all-current-hardware-2010099/

Yesterday?s release of iOS 4.1 was good news for iPhone gamers and iPhone 3G owners who had performance issues post-4.0, but bad news for jailbreakers, with the Dev Team themselves warning users not to upgrade to 4.1 as there was no known way to reverse the baseband post-update.

As usual, though, what?s true in the cat-and-mouse jailbreaking scene one day is not true the other, and now there?s good news for jailbreakers, at least in theory. iPhone hacker pod2g has revealed on Twitter that he has successfully discovered a new bootrom exploit, and even better: all the new iOS hardware including the iPhone 4 and new iPod Touch is vulnerable to it.

The good news here is that means that Apple would be powerless to patch this vulnerability through software, since its a hardware issue? but that won?t necessarily stop them from patching up the issue at the factory for any hardware that comes down the line in coming months.

So, in theory, the Dev Team should be able to use this to jailbreak any iPod Touches and iPhone 4s currently in the wild? but given Apple?s historic response to jailbreaking, don?t expect this vulnerability to last. If you want a new iPod Touch or iPhone 4, and if you want to jailbreak it, buy your device now? if you buy it in a few months, you may very well be out of luck.

I believe there is also a known vulnrability in the iOS itself which will allow for a type of usenet jailbreak similar to the jailbreak.me site? Although this could\would be patched by a software update, for now, it would be great if someone would release a jailbreak using this method until the bootrom exploit is configured correctly.

I know the current JBs for 4.0.2 work in 4.1, but result in the phone app missing, but im thinking of running the JB and fixing the app myself, until an official JB is released in the comeing days.

  On 09/09/2010 at 13:07, chAos972 said:

No point in having more than one exploit out in the wild since Apple will just patch it and then when the next version comes out it can't be used. :p

Urm, but why not use the current software exploit to create a usenet jailbreak, whilst the bootrom JB is being created. After that Apple can patch the software exploit all they want.

  On 09/09/2010 at 13:59, Inklin said:

With Jailbreaking recently ruled legal, wouldn't further action taken by apple to prevent jailbreaking lead them into legal doo-doo in the future? :/

The rule made it legal to jailbreak, but not illegal to prevent jailbreak.

  On 09/09/2010 at 14:31, techbeck said:

Its funny how companies put sooo much money in to protecting their products and before or soon after some is released, it gets hacked. They cannot win so why do they bother.

To make it difficult :)

If enough users did it, and they could do it with the simple download of one application for all firmware releases, it would be a lot more common. As it is many users stay away because they fear bricking their phones, they don't understand what firmware version they have or what program to use to do it. Or they've just never thought of the benefits and label it as "something geeks do".

IMHO apple have had reasonable success keeping people from doing this, I know plenty of people who refuse to jailbreak pretty much solely for the above reasons.

  On 09/09/2010 at 14:31, techbeck said:

Its funny how companies put sooo much money in to protecting their products and before or soon after some is released, it gets hacked. They cannot win so why do they bother.

first, i am assuming you are referring to Apple since this is an iOS thread.

Apple should just give up because people found and took advantage of a hole in the iPhone/iPad/iPod Touch?

Apple is a publicity traded company worth billions of dollars, there's a clear and obvious reason they continue to patch the software, not to mention the number of people that would out of work if they were no longer writing and fixing the software

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • It was a matter of time. Anthropic must've been bleeding a lot of money with it.
    • OBS Studio 31.1.2 by Razvan Serea OBS Studio is software designed for capturing, compositing, encoding, recording, and streaming video content, efficiently. It is the re-write of the widely used Open Broadcaster Software, to allow even more features and multi-platform support. OBS Studio supports multiple sources, including media files, games, web pages, application windows, webcams, your desktop, microphone and more. OBS Studio Features: High performance real time video/audio capturing and mixing, with unlimited scenes you can switch between seamlessly via custom transitions. Live streaming to Twitch, YouTube, Periscope, Mixer, GoodGame, DailyMotion, Hitbox, VK and any other RTMP server Filters for video sources such as image masking, color correction, chroma/color keying, and more. x264, H.264 and AAC for your live streams and video recordings Intel Quick Sync Video (QSV) and NVIDIA NVENC support Intuitive audio mixer with per-source filters such as noise gate, noise suppression, and gain. Take full control with VST plugin support. GPU-based game capture for high performance game streaming Unlimited number of scenes and sources Number of different and customizable transitions for when you switch between scenes Hotkeys for almost any action such as start or stop your stream or recording, push-to-talk, fast mute of any audio source, show or hide any video source, switch between scenes,and much more Live preview of any changes on your scenes and sources using Studio Mode before pushing them to your stream where your viewers will see those changes DirectShow capture device support (webcams, capture cards, etc) Powerful and easy to use configuration options. Add new Sources, duplicate existing ones, and adjust their properties effortlessly. Streamlined Settings panel for quickly configuring your broadcasts and recordings. Switch between different profiles with ease. Light and dark themes available to fit your environment. …and many other features. For free. At all. OBS Studio 31.1.2 hotfix changes: Fixed an issue in OBS Studio 31.1.0 and 31.1.1 causing Multitrack Video to set the Maximum Video Tracks to 10 if the user had set it to "Auto" [dsaedtler] Fixed an issue in OBS Studio 31.1.0 and 31.1.1 causing Browser Source hardware acceleration to fail in the Flatpak version [reitowo/tytan652] Fixed an issue in OBS Studio 31.1.0 and 31.1.1 where progress bars were styled incorrectly [Warchamp7] Fixed an issue in OBS Studio 31.1.0 and 31.1.1 where spacing around scrollbars was incorrect [Warchamp7] Fixed an issue in OBS Studio 31.1.0 and 31.1.1 where Decklink Output did not work [CyBeRoni] Fixed a freeze in OBS Studio 31.1.0 and 31.1.1 on Linux when using PipeWire capture with explicit sync [YaLTeR] Fixed an issue where Video Capture Devices on Linux could unexpectedly stop capturing video [JiangXsong] Fixed an issue with PipeWire capture on Linux where video filters could cause gamma shift [tytan652] This was done by reverting a fix for white-tinted PipeWire captures in 10-bit or 16-bit color formats, so that issue will return for now. Download: OBS Studio 31.1.2 | Portable | ARM64 | ~200.0 MB (Open Source) View: OBS Studio Homepage | Other Operating Systems | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Sandboxie Plus 1.16.2 / Classic 5.71.2 by Razvan Serea Run programs in a sandbox to prevent malware from making permanent changes to your PC. Sandboxie allows you to run your browser, or any other program, so that all changes that result from the usage are kept in a sandbox environment, which can then be deleted later. Sandboxie is a sandbox-based isolation software for 32- and 64-bit Windows NT-based operating systems. It is being developed by David Xanatos since it became open source, before that it was developed by Sophos (which acquired it from Invincea, which acquired it earlier from the original author Ronen Tzur). It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing. Sandboxie is available in two flavors Plus and Classic. Both have the same core components, this means they have the same level of security and compatibility. What's different is the user interface the Plus build has a modern Qt based UI which supports all new features that have been added since the project went open source. The Classic build has the old no longer developed MFC based UI, hence it lacks support for modern features, these features can however still be used when manually configured in the Sandboxie.ini. Sandboxie Plus 1.16.2 / Classic 5.71.2 changelog: Added added toggleable INI key validation to "Edit ini Section" #4915 (thanks offhub) added toggleable per-key tooltip support #4928 (thanks offhub) added option to use the new Qt Windows 11 style on SandMan #4927 (thanks LumitoLuma) Changed ImBox no longer updates container file timestamps when accessing an encrypted box volume Fixed fixed Windows 11 24H2 build 26100.4770 causes Firefox Portable 140.0.4 / 141.0 to stop responding upon starting it sandboxed #4920 fixed leak of encrypted sandbox key during password change (backported hardened ImBox from MajorPrivacy) CVE-2025-54422 fixed Firefox Nightly sandbox hook errors Removed removed obsolete Bullguard Internet Security template removed obsolete Bsecure CloudCare template removed obsolete CyberPatrol template Download: Sandboxie Plus (64-bit) | 23.6 MB (Open Source) Download: Sandboxie Classic (64-bit) | 3.0 MB Links: Sandboxie Website | GitHub | ARM64 | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Indians never sing "I Think Indian" near giraffes.
    • Malwarebytes 5.3.5.204 by Razvan Serea Malwarebytes is a high performance anti-malware application that thoroughly removes even the most advanced malware and spyware. Malwarebytes version 5.xx brings comprehensive protection against today’s threat landscape so that you can finally replace your traditional antivirus. You can finally replace your traditional antivirus, thanks to a innovative and layered approach to prevent malware infections using a healthy combination of proactive and signature-less technologies. While signatures are still effective against threats like potentially unwanted programs, the majority of malware detection events already come from signature-less technologies like Malwarebytes Anti-Exploit and Malwarebytes Anti-Ransomware; that trend will only continue to grow. For many of you, this is something you already know, since over 50% of the users already run Malwarebytes as their sole security software, without any third-party antivirus. What's new in Malwarebytes 5.xx: Unified user experience - For the first time, Malwarebytes now provides a consistent experience across all of our desktop and mobile products courtesy of an all new and reimagined user experience powered by a faster and more responsive UI all managed through an intuitive dashboard. Modern security and privacy integrations - Antivirus and ultra-fast VPN come together seamlessly in one easy-to-use solution. Whether you’re looking for a next-gen VPN to secure your online activity, or harnessing the power of Browser Guard to block ad trackers and scam sites, taking charge of your privacy is simple. Trusted Advisor - Empowers you with real-time insights, easy-to-read protection score and expert guidance that puts you in control over your security and privacy. Malwarebytes 5.3.5.204 changelog: Introduced Deep Scan, a new Advanced Scan type recommended after blocking or removing threats Added new Windows Firewall Control feature preview to the Tools, feel free to try it and provide your feedback Revisited Dashboard layout for free version Minor usability and localization issues Download: Malwarebytes 5.3.5.204 | 397.0 MB (Free, paid upgrade available) Links: Malwarebytes Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  • Recent Achievements

    • Dedicated
      ataho31016 earned a badge
      Dedicated
    • First Post
      Gladiattore earned a badge
      First Post
    • Reacting Well
      Gladiattore earned a badge
      Reacting Well
    • Week One Done
      NeoWeen earned a badge
      Week One Done
    • One Month Later
      BA the Curmudgeon earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      652
    2. 2
      ATLien_0
      261
    3. 3
      Xenon
      165
    4. 4
      neufuse
      142
    5. 5
      +FloatingFatMan
      107
  • Tell a friend

    Love Neowin? Tell a friend!