backtop


Print 73 comment(s) - last by Darrington.. on Oct 21 at 2:38 AM


Apple and its CEO Steve Jobs can gloat -- they've once again foiled iPhone unlockers via a firmware update, this time to the bootrom shipping on new units.  (Source: Telegraph UK)

A screenshot of the new bootrom was posted by unlocker Mathieulh. The new bootrom began shipping this week.  (Source: iClarified)
Apple's strikes again, sending jailbreakers on their heels

Apple plays what its CEO Steve Jobs once likened to a game of "cat and mouse" with iPhone unlockers and jailbreakers.  Jailbreakers, like the iPhone Dev Team, try to release the iPhone from being limited to the official iTunes app store and other firmware restrictions, while unlockers, such as George Hotz, use the jailbreaks and other techniques to unlock the phone, allowing it to run on any hardware-supported network.

Usually the unlockers/jailbreakers seize the day, but occasionally Apple will win a round.  Apple has tried many approaches -- everything from "bricking" unlocked iPhones to denying jailbroken iPhones access to the iTunes store -- to halt the spread of unlocking in the U.S. and force people to use AT&T, despite the hardware being capable of working on other carriers such as T-Mobile.

Now, Apple has managed to gain an upper hand over the persistent hackers according to iClarified, thanks to the release of a new bootrom, iBoot-359.3.2.  The phone firmware, which shipped on new iPhone 3GSs starting this week, closes previously used doors to exploits.

A user named "Mathieulh" first noticed the new bootrom and took a screenshot.  It was subsequently confirmed by Muscle Nerd of the iPhone Dev Team that the loss of the 24kpwn exploit would render the iPhone unjailbreakable for the time being.  This means that the unlocking fixes, such as the utility released by George Hotz, also won't work anymore as they rely on jailbreaking as a preliminary step.

For users wishing to jailbreak, iPhone jailbreakers are hard at work trying to find alternative exploits that could be used to unlock the phone.  They suggest, in the meantime, that users purchase older stock of iPhones or buy refurbished units.

The iPhone 3GS was unlocked as soon as it was released, thanks to unlockers with iPhone Developer connections.  George Hotz used the iPhone Dev Team's exploit, along with his own methods, to publish a route to jailbreaking the phone just weeks later.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Correction
By amanojaku on 10/14/2009 10:14:49 AM , Rating: 5
quote:
Apple TEMPORARILY Kills Jailbreaking in Newest iPhone 3GS Shipments
Fixed that for you. It's only a matter of time.




RE: Correction
By bhieb on 10/14/09, Rating: -1
RE: Correction
By amanojaku on 10/14/2009 10:41:52 AM , Rating: 5
Not even close. If a device has an update mechanism that mechanism can be exploited. Look at video games consoles, which are some of the most fixed systems on the market. We've been using special boot CDs and ROMs for years to overcome the system limitations like region encoding. Smartphones have firmware that can be overridden, making hacking that much easier. You just need the tools and the know how.


RE: Correction
By bhieb on 10/14/09, Rating: -1
RE: Correction
By Murloc on 10/14/2009 12:07:28 PM , Rating: 2
you haven't got his point. That's not what he was saying.


RE: Correction
By erikejw on 10/15/2009 9:56:21 PM , Rating: 2
"I realize that in the hacking world there seems to be a nothing is impossible mentality. But your assumption is that even though Apple controls the OS, Firmware, Hardware and activation process they cannot create and unhackable phone."

Apparently

"I would say if they really wanted to they probably can render it uncrackable."

Not as long as they use glass for the display

"I am not saying that they will, but with control over the entire device a skilled engineer should be able to do so."

Do you imply that Apple does not employ any skilled engineers?


RE: Correction
By 91TTZ on 10/14/2009 1:40:22 PM , Rating: 2
quote:
An update process does not in and of itself make a device unsecure. Only if there is a hole in that process. My computer has windows update on. Please take full control of it without me taking any action. Your logic says if I have auto updates on I can be hacked at any time right?


Your logic is faulty. You're comparing a user choosing to jailbreak their own phone to an external hacker trying to remotely take control of your PC. A better comparison would be someone jailbreaking their iPhone to someone hacking their own PC. When the user has the device in their physical possession they have the ability to take complete control over it. Once that phone is in the customers' hands, Apple's engineers are now the ones trying to control the device remotely.

If Apple sets their systems to not authenticate a phone unless it reports the latest firmware, then hackers will make their hacked OS report the latest firmware version.


RE: Correction
By Alexstarfire on 10/14/2009 1:47:12 PM , Rating: 1
Point us to something that is unhackable, that hasn't recently been put on the market, and I'll gladly just send you my computer for free. Go ahead... I'll give you a couple days to think about it then give up.

Only stipulation is give you is that it must be something in use. I believe the quantum computer is supposedly "unhackable" but that's in lab tests and can not be purchased.


RE: Correction
By barnie on 10/15/2009 5:22:07 AM , Rating: 2
NDS encryption as used by Sky UK has been THE most lucrative TV encryption standard to break for many years. The hardware's all in your hands (decoder, smartcard, there are even open-sourced CAMs emulating NDS decoding with a valid smartcard), but unlike most other satellite broadcasts out there, Sky's is not watchable without a smartcard. Some go as far as saying it will never be broken.

Do you really think a similar scheme can't be used to decode updates sent to a device?


RE: Correction
By dark matter on 10/15/2009 9:47:40 AM , Rating: 4
The reason that hasn't been cracked as it much more easier to crack cable. Hence all the resources have been poured into that.

Why spend all that effort to crack Sky when customers will just go out and buy a eurobox and watch all of skys programs for free on cable anyway?

:)


RE: Correction
By RivuxGamma on 10/16/2009 6:23:04 PM , Rating: 2
OK. How about the center of the Sun? I'll take my free computer now. ;-)


RE: Correction
By lazylazyjoe on 10/16/2009 11:09:28 PM , Rating: 2
My ipod classic still isn't hackable. If it was then maybe I could have rockbox on it.
(I Think theyre close now with the nano 2g though.)


RE: Correction
By Darrington on 10/21/2009 2:38:08 AM , Rating: 2
My NES is unhackable. I'd love to play Pong on it.


RE: Correction
By deeznuts on 10/14/2009 12:55:56 PM , Rating: 2
Is the PS3 hacked yet? Not a rhetorical question, but I think it's the one that isn't fully hacked yet, right?


RE: Correction
By corduroygt on 10/14/2009 1:16:36 PM , Rating: 2
PS3 hasn't been hacked and it looks less likely that it'll ever be hacked.
Even the 360 hasn't completely been hacked, all that can be done on it is to flash the DVD rom firmware to play pirated games.
No way to replace the main OS and run stuff like XBMC and emulators on it yet.


RE: Correction
By Pirks on 10/14/09, Rating: -1
RE: Correction
By invidious on 10/14/2009 5:08:55 PM , Rating: 1
And mabye no one will make any more stupid posts on the internet, but history suggests otherwise for both your claim and mine.


RE: Correction
By Pirks on 10/14/09, Rating: 0
RE: Correction
By Alexstarfire on 10/15/2009 1:57:27 AM , Rating: 1
Very little effort has been put into hacking the PS3 for very obvious reasons. There is little to be gained by hacking the PS3 other than playing pirated games. Problem with that is Blu-Ray is shit expensive so it's cost prohibitive all around, for the media and the drive. No one wants to make a $10 coaster.

I will say that if this iteration of the iPhone turns out to be unhackable that I will officially eat these words. Though there is very little that hasn't been hacked when you look back at things. Usually things that haven't been hacked haven't had a lot of effort put into them and become obsolete before it gets hacked. Some may call things like that unhackable.... but I'm not one to think that. Only way to have something unhackable is to not have human interaction at all, save perhaps the quantum computer. But if there is no human interaction then it's probably going to be useless anyway.


RE: Correction
By Darkefire on 10/14/2009 4:34:12 PM , Rating: 2
That's partially because there's little incentive. Until recently the PS3 was far and away the most expensive home console, so anyone that owned one would likely have more than enough money for games and little reason to break into their very expensive machine for such a low return on investment. Additionally, Blu-Ray media and burners are still quite expensive in comparison to the older DVD media used by the 360 and Wii; many games will soon be using the dual layer format, and a single blank dual layer BD-R disk will easily cost $20. You make a single coaster when trying to duplicate a game and you've pretty much spent as much on blank media as you would have on a used copy from Gamestop.

Finally, what's the point? There are so few 5 star titles exclusively for the PS3 that an owner wouldn't have already. I've been resolved to only buy a PS3 (and an HDTV, for that matter) when God of War 3 comes out, but seeing the catalog they have I'm wondering if I'm not better off just renting the console and the game for a week and saving myself $300.


RE: Correction
By invidious on 10/14/2009 5:06:26 PM , Rating: 2
There is plenty of incentive. If nothing else the fact that no one else has been able to do it is enough incentive for many in the hacking community.

The idea that no one wants to hack the ps3 is a tired and innacurate reasoning.


RE: Correction
By Reclaimer77 on 10/14/2009 7:11:37 PM , Rating: 1
+6 post.

They have just now, finally, released a game worth playing in my opinion called Deamon's Souls. I mean, how long has the thing been out lol


RE: Correction
By Pirks on 10/14/09, Rating: -1
RE: Correction
By jdietz on 10/14/2009 4:04:55 PM , Rating: 2
So they made the PSP moddable on purpose?
Note: They fixed themselves...current PSP models are not moddable (PSP 3000 + PSP Go).
They must of hired some hardware security engineers shortly after release of the PSP.


RE: Correction
By Pirks on 10/14/09, Rating: -1
RE: Correction
By corduroygt on 10/14/2009 10:09:48 PM , Rating: 2
Why do you so adamantly wish the iphone to become unhackable? I would never have bought mine if it couldn't be jailbroken and won't replace it with an unhackable model. And no I don't pirate the 3-5 dollar apps, I use it for tethering, voip over 3g, and unlocking to use different sim cards when I travel abroad.


RE: Correction
By Pirks on 10/14/09, Rating: -1
RE: Correction
By mmntech on 10/14/2009 10:57:36 AM , Rating: 1
SACD is a good example of that. It's supposedly uncrackable. Nobody has succeeded so far.

I can't help but wonder how much money Apple waste fighting this though versus royalties "lost" through iTunes. It's not as if OS X is a closed platform.


RE: Correction
By Dribble on 10/14/2009 11:21:33 AM , Rating: 3
That's mostly because no one can be bothered.


RE: Correction
By Goty on 10/14/2009 11:23:33 AM , Rating: 2
There difference there (and it's a big one) is that there isn't much drive to crack SACD copy protection. There are relatively few SACD players on the market and even fewer people who actually buy SACDs. Honestly, outside of Audiophiles and some tech enthusiasts, most people don't even know what SACD is.

Compare this situation to that of the iPhone, where everyone and his brother has and wants to unlock their phone. There's a much larger demand for the crack and probably at least an order of magnitude more people working on the problem.


RE: Correction
By lazylazyjoe on 10/16/2009 11:12:40 PM , Rating: 2
DVD audio is cracked though. Similar tech. 192/96


RE: Correction
By chick0n on 10/14/09, Rating: -1
RE: Correction
By mattclary on 10/15/2009 7:55:39 AM , Rating: 2
The only way to make something uncrackable is to deny physical access to said something.

If Apple keeps insisting on breaching it's own security efforts by actually allowing humans to purchase the iPhone, it will keep getting jail-broken.


RE: Correction
By MrBlastman on 10/14/2009 10:57:47 AM , Rating: 5
Wait,

quote:
Apple Kills any remaining desire of mine (however minute) to buy an i-phone by being draconian and Jailbreaking the Newest iPhone 3GS


Fixed again. ;)


RE: Correction
By icanhascpu on 10/15/2009 2:59:59 PM , Rating: 2
Its pretty clear they dont want you business anyway, guy.


RE: Correction
By Xavier434 on 10/14/2009 11:22:43 AM , Rating: 2
Exactly. This is absolutely nothing new. What is the worst that will happen? People who intend to jailbreak their newly purchased iPhones will need to wait a bit longer? Oh heavens no! Say it ain't so!

How many people who intend to go through with the jailbreak does Apple think will actually decide to not do it after all just because they need to wait for a new solution? My guess is very few or close to none.

Meanwhile, the legit user will continue to get screwed by the restrictions while the jail breakers bask in the glory.


RE: Correction
By Reclaimer77 on 10/14/2009 11:29:36 AM , Rating: 5
Ah Apple, the only company I can think of that has such obvious disdain for it's customers and can STILL get the idiots to line up and ooohhh ahhhh their newest sub-par gadgets.


RE: Correction
By stirfry213 on 10/14/2009 12:46:33 PM , Rating: 2
And what does that tell you about the general public?


RE: Correction
By ersts on 10/14/2009 2:46:29 PM , Rating: 2
You do know the prime reason Apple does this, so that people who jailbreak their phones can't get apps from the App Store for free, right?

They have an obligation to protect the marketplace. If they don't, then developers will move elsewhere.

I don't care really because I'm not going to get an iphone, and those who legally use their phones and pay for their apps don't care either.


RE: Correction
By Reclaimer77 on 10/14/2009 6:29:46 PM , Rating: 2
quote:
They have an obligation to protect the marketplace. If they don't, then developers will move elsewhere.


Yeah right because NOBODY develops for open source, right ? And where elsewhere are they gonna move to ? Some other large company who constantly enforces draconian closed source profit mongering practices ? Hmmm...I can't think of any others who operate like Apple.

The idea that developers will only work for profits has been readily disproved, I mean hellooo, you are on the Internet. Go see for yourself.

This is why I won't buy and use Apple products. Not only do you pay more for less, that's not good enough, but then they also tell you how you can USE the product as well.


RE: Correction
By ersts on 10/14/2009 8:27:17 PM , Rating: 2
Like that draconian browser called WebKit that Apple created and how KDE, Nokia, Palm, Epiphany and others use? You know, the one that is GPL?

Nobody said you can't have an open source app that got compiled as a binary on the app store either. Nobody forces you to charge for it either, and unlike Microsoft, Apple doesn't charge you $99 for each app submitted.

Tell me how many games you like for the Wii, PSP or any other commercial system. Now tell me your favorite GPL game that you like to play on the GPX2.

Funny too, nobody complains that the Wii is updated as well to remove hacks that allow people to save their game files, steal from the Wii Store, or allow it to run home brew apps either.


RE: Correction
By Alexstarfire on 10/15/2009 2:11:42 AM , Rating: 1
Actually, there are very few people complaining about Apple on this one. At least 3/4th of the posts are regarding someone's statement that it is now "unhackable." I only noticed 2 that were complaining about it, though I don't understand why. Apple is trying to prevent people from stealing there shit.... ohh no. We should really bitch about that. Puhlease. This isn't like the last time where they were bricking the jailbroken iPhones. That was truly a messed up reaction from Apple.

Not many complain about the Wii simply because there isn't much to complain about. I'm not quite sure what you mean by "remove hacks that allow people to save their game files." If by that you mean basically copying the disc then it's quite obvious why they don't allow you to do that. Only thing to complain about is the home brew "apps," but let's face it, the Wii wasn't designed with them in mind. You could call it an unfortunate side effect of preventing people from stealing from them. It's not like the iPhone/iTouch that is pretty much designed around the App Store and little else.


RE: Correction
By ersts on 10/15/2009 3:46:59 AM , Rating: 2
The latest firmware upgrade for the Wii will remove such save files "illegally" saved on SD cards if it finds them (it warns you about this before you update). Currently networked games like Mario Kart Wii will not allow you to save your files to SD cards nor back them up. This sucks because if your Wii dies, so does all your save files.

While I run Wii Brew on my Wii for fun (which gives me the ability to move files btw the old GC cards as well), it does allow me to cheat with the Gecko OS app, play DVDs and music. However, each update tries to kill that functionality, because cheating isn't nice to do against others :)

Btw, the whole "bricking" thing is so stupid. Jason Mick references his article every time, even though no iphone has ever been "bricked."

When you "brick" something, it means you turned it into something that acts like a brick - useless. A WRT54GL router "bricked" will not boot, nor will it respond to anything save for a JTAG cable. Apple warned people about firmware updates bricking phones because of the uncertain nature of updates; its so easy to with dd-wrt on routers - don't do the 30/30/30 reset or prep files and you may have a $100 dead router.

iphones back in that article (if they were jailbroken) simply went back to the state where it required a legitimate activation on Att's network.


RE: Correction
By PrinceGaz on 10/14/2009 12:38:18 PM , Rating: 2
It is only a matter of time, but exactly how much time depends on whether the iPhone Dev Team have other as yet unused exploits they can use against this new bootrom (if so, they could potentially immediately release a new fix) and just how soon they would want to make such an exploit public (it is best to always keep something else in reserve for after Apple fix whatever you have been holding back, as if you play all your remaining cards, it could be quickly stopped and you are left with no way of responding until something new is discovered).

This new bootrom will no doubt be worked around one way or another, but it may take a little while before the exploit is made public as there is no compelling reason to do so (wide availability of exploitable 3Gs models already). When it comes to this sort of exploit, it is better for the general public if they are not made known for quite a while so as to avoid Apple blocking it on new models sold sooner rather than much later.


RE: Correction
By ChristopherO on 10/14/2009 1:56:46 PM , Rating: 3
Not really. DirecTV managed to create an unhackable encryption method for their set-top devices. It took them a long time (and many smart-card iterations) to understand how people were circumventing their protections, but they got to the point where you can't circumvent their stuff.

Apple probably can get to the same place, but it doesn't mean that current hardware can do it. I don't have an iPhone, so I don't know how they're unlocking them, but eventually the cat and mouse game will go in Apple's favor since each attempt to hack their device will reveal one more method they can secure, and eventually eliminate all of them (which might require dumb hardware-hacks, but obviously almost no one would do those since it takes specalized skill).


RE: Correction
By corduroygt on 10/15/2009 4:26:22 PM , Rating: 2
Of course the issue is will the device become obsolete before all the holes are patched.


"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki