Hacker finds iOS 4.1 bootrom vulnerability

By Nomad_
in Back Page News

 Share

Recommended Posts

Experienced

Nomad_

Posted
Posted

Hacker finds iOS 4.1 bootrom vulnerability that can jailbreak all current hardware

http://www.geek.com/articles/apple/hacker-finds-ios-4-1-bootrom-vulnerability-that-can-jailbreak-all-current-hardware-2010099/

Yesterday?s release of iOS 4.1 was good news for iPhone gamers and iPhone 3G owners who had performance issues post-4.0, but bad news for jailbreakers, with the Dev Team themselves warning users not to upgrade to 4.1 as there was no known way to reverse the baseband post-update.

As usual, though, what?s true in the cat-and-mouse jailbreaking scene one day is not true the other, and now there?s good news for jailbreakers, at least in theory. iPhone hacker pod2g has revealed on Twitter that he has successfully discovered a new bootrom exploit, and even better: all the new iOS hardware including the iPhone 4 and new iPod Touch is vulnerable to it.

The good news here is that means that Apple would be powerless to patch this vulnerability through software, since its a hardware issue? but that won?t necessarily stop them from patching up the issue at the factory for any hardware that comes down the line in coming months.

So, in theory, the Dev Team should be able to use this to jailbreak any iPod Touches and iPhone 4s currently in the wild? but given Apple?s historic response to jailbreaking, don?t expect this vulnerability to last. If you want a new iPod Touch or iPhone 4, and if you want to jailbreak it, buy your device now? if you buy it in a few months, you may very well be out of luck.

Grand Master

Panacik

Posted
Posted

Hacker finds iOS 4.1 bootrom vulnerability that can jailbreak all current hardware

http://www.geek.com/articles/apple/hacker-finds-ios-4-1-bootrom-vulnerability-that-can-jailbreak-all-current-hardware-2010099/

Yesterday?s release of iOS 4.1 was good news for iPhone gamers and iPhone 3G owners who had performance issues post-4.0, but bad news for jailbreakers, with the Dev Team themselves warning users not to upgrade to 4.1 as there was no known way to reverse the baseband post-update.

As usual, though, what?s true in the cat-and-mouse jailbreaking scene one day is not true the other, and now there?s good news for jailbreakers, at least in theory. iPhone hacker pod2g has revealed on Twitter that he has successfully discovered a new bootrom exploit, and even better: all the new iOS hardware including the iPhone 4 and new iPod Touch is vulnerable to it.

The good news here is that means that Apple would be powerless to patch this vulnerability through software, since its a hardware issue? but that won?t necessarily stop them from patching up the issue at the factory for any hardware that comes down the line in coming months.

So, in theory, the Dev Team should be able to use this to jailbreak any iPod Touches and iPhone 4s currently in the wild? but given Apple?s historic response to jailbreaking, don?t expect this vulnerability to last. If you want a new iPod Touch or iPhone 4, and if you want to jailbreak it, buy your device now? if you buy it in a few months, you may very well be out of luck.

I believe there is also a known vulnrability in the iOS itself which will allow for a type of usenet jailbreak similar to the jailbreak.me site? Although this could\would be patched by a software update, for now, it would be great if someone would release a jailbreak using this method until the bootrom exploit is configured correctly.

I know the current JBs for 4.0.2 work in 4.1, but result in the phone app missing, but im thinking of running the JB and fixing the app myself, until an official JB is released in the comeing days.

Grand Master

Panacik

Posted
Posted

No point in having more than one exploit out in the wild since Apple will just patch it and then when the next version comes out it can't be used. :p

Urm, but why not use the current software exploit to create a usenet jailbreak, whilst the bootrom JB is being created. After that Apple can patch the software exploit all they want.

Experienced

Nihilus

Posted
Posted

Its funny how companies put sooo much money in to protecting their products and before or soon after some is released, it gets hacked. They cannot win so why do they bother.

To make it difficult :)

If enough users did it, and they could do it with the simple download of one application for all firmware releases, it would be a lot more common. As it is many users stay away because they fear bricking their phones, they don't understand what firmware version they have or what program to use to do it. Or they've just never thought of the benefits and label it as "something geeks do".

IMHO apple have had reasonable success keeping people from doing this, I know plenty of people who refuse to jailbreak pretty much solely for the above reasons.

Grand Master

timster

Posted
Posted

Its funny how companies put sooo much money in to protecting their products and before or soon after some is released, it gets hacked. They cannot win so why do they bother.

first, i am assuming you are referring to Apple since this is an iOS thread.

Apple should just give up because people found and took advantage of a hole in the iPhone/iPad/iPod Touch?

Apple is a publicity traded company worth billions of dollars, there's a clear and obvious reason they continue to patch the software, not to mention the number of people that would out of work if they were no longer writing and fixing the software

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • MusicBee 3.6.9668

      By Copernic · Posted

      MusicBee 3.6.9668 by Razvan Serea MusicBee is an application geared toward managing extensive music collections, easy to use and with a comprehensive feature set. It makes it easy to organize, find, and play music files on your computer, on portable devices, and on the Web. It provides playback of a wide range of audio formats, smart playlists with the ability to discover and play new music from the web, advanced tag editing with automated artwork and tag look up, folder monitoring, automated file re-organization, portable device synchronization, and secure CD ripping with AccurateRip verification. MusicBee features: Supported formats: MP3, AAC, M4A, MPC, OGG, FLAC, APE, TAK, WV, WMA and WAV. Audio CDs: Audio CD playback and ripping (with CD-Text capabilities) is supported. CD tracks can be ripped (in fast or secure mode) as individual files or as a single album with embedded cuesheet. Conversion: Conversion from and to all supported formats as metadata are preserved. Synchronization of tags only (in case that the output file already exists) instead of reencoding is possible. ReplayGain support: both playback and calculation. File Organization: Organization and renaming of music files into folders and files based on tag values such as artist, album, name, track number, etc. that can be specified. MusicBee can do this automatically for all files in a music library or the user can choose the files or folders themselves. Web Browsing: Browsing of the web using Mozilla's XULRunner environment. Scrobbling: Tracks played from MusicBee can optionally be scrobbled to Last.fm. Customizable user interface layout. Customizable keyboard shortcuts. MiniLyrics support Download: MusicBee 3.6.9668 | MusicBee Portable | ~9.0 MB (Freeware) Download: Windows Store Edition View: MusicBee Home page | Release Notes | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Hey Google, these are the Gemini features I want in 2026

      By zikalify · Posted

      On xiaomi hyperos there's also an option to disable google assistant. I've got everything disabled. Only thing I do have installed is a web wrapped for duck.ai which claims to let you use various AIs anonymously
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By WrongHead™ · Posted

      I need to understand the rationale of not shipping all of these K2 improvements in a single update/release. It's giving "we will fix Windows 11 but no commitments". It seems to me that they just announce these improvements just to appease the community.
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By WrongHead™ · Posted

      The term "RTM" is long gone starting with Windows 10. Every current release is a GA build. This is the result of MS making Windows as a Service (WaaS).
    • This Samsung T7 external SSD deal lasts less than a day

      By Jaybonaut · Posted

      Looks like no official TBW rating, which should be a required listing in my opinion for sites like Amazon (hell, put it on the box too.)

  • Recent Achievements

    • Conversation Starter
      sumytbe earned a badge
      Conversation Starter
    • One Year In
      B4dM1k3 earned a badge
      One Year In
    • One Year In
      DarkWun earned a badge
      One Year In
    • Dedicated
      Almohandis earned a badge
      Dedicated
    • Dedicated
      JuvenileDelinquent earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      515
    2. 2
      +Edouard
      186
    3. 3
      PsYcHoKiLLa
      87
    4. 4
      Michael Scrip
      79
    5. 5
      Steven P.
      73
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!