Print 30 comment(s) - last by bfellow.. on Oct 12 at 9:54 AM

Two bootrom exploits, two jailbreak solutions; only one can survive

Today was supposed to be the big day for GeenPois0n, an iOS 4.1 jailbreak tool based on the SHAtter exploit. However, Geohot dropped in to steal the show yesterday with the release of his own Limera1n tool.

The problem comes from the fact that Geohot's Limera1n tool uses a different bottom exploit than the one that was supposed to be released today based the work of the Chronic Dev Team and the iPhone Dev Team. Since Apple likely wouldn't release a new hardware revision for current generation devices to block the bootrom exploit, it would be useable until Apple releases its next generation iOS devices.

Instead of releasing two separate bootrom exploits in short succession, giving Apple the opportunity to kill both of them at once when the latest crop of iOS devices are released, the Chronic Dev Team has made the decision to delay its SHAtter-based exploit and instead release a new tool based on Geohot's implementation according to Redmond Pie.

The Chronic Dev Team states:

Thanks to the irresponsible antics of geohot, we will have to delay the release of greenpois0n (new ETA = as soon as possible), so that we have time to clean up his little mess and integrate the exploit he uses in limera1n into greenpois0n. This way, we can save SHAtter for future devices that may still be vulnerable to it.

We know that this is not what some people want to hear, but due to geohot needing to feed his ego (as usual) and revealing his limera1n exploit, we do not have any other responsible options.

The Chronic Dev Team seems especially peeved that Geohot's Limera1n is simply a beta release and has plenty of bugs in it, and that it was seemingly released a day before GreenPois0n just to steal the spotlight. In addition, Geohot's jailbreak only works on Windows-based machines -- for now.

But the good news is that a jailbreak solution for the iPhone 4 and iPod touch 4G is now available, albeit in less than optimum form. If you want to take your chances and use Geohot's solution, you can grab it here (Windows-only). However, it may be a safer bet until GreenPois0n is updated to take advantage of Geohot's exploit.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Before anyone says otherwise...
By CZroe on 10/10/2010 6:17:55 PM , Rating: 4
Now, as for the accusations of him "stealing" Comex's exploit, understand this: Comex has never called him a theif or his actions "stealing." Also, people keep saying that it is a new/unreleased exploit when it isn't. Basically, there are two exploits needed for an untethered Jailbreak. The first is code execution with escalation and the second involves getting it to persist after a reboot. When Comex's "Jailbreakme" exploit launch recently, there was the code escalation "PDF browser" exploit to initially Jailbreak the device and then an "untether" trick where the code gets loaded in the frame buffer during boot (the corruption on the Apple logo screen) in order to persist. Apple patched the PDF part of the exploit and left the untether part of it alone because, well, they had already patched the only exploit known to use it. That said, they almost certainly would have patched it too in the next major iOS revision. Comex's untether exploit is open source and documented. People keep saying he has a "new" exploit that he shared with Geohot in confidence but this is NOT the case. He simply adapted it to the latest iOS version. Geohot himself expressed surprise that it wasn't patched yet. WHICHEVER exploit was released first deserved to use Comex's untether trick because it should be used while it still can, considering that Apple was already aware of it and will fix it very soon. Comex himself expressed some disappointment that it was used without his approval, but he NEVER said that Geohot "stole" anything. All "thief!" accusations come from others who are either every bit as confused as the unwashed masses or are expressing sour grapes at being out-played by Geohot.

So, why did Chronic Dev insist on releasing SHAtter first when that would burn TWO exploits even if Geohot never released anything? The only conceivable reason is because it was nearly ready and they didn't want to waste the untether trick on Geohot's only to release their first JB as a tethered JB. Both are short-sighted reasons that negatively impact the community and harm Cydia developers by causing them to miss out on many potential customers who are stuck with unjailbreakable devices... not to mention the people themselves stuck with a device they can't use as they please. It was good for the devs, good for the users, and good for the legitimacy of the growing market. Aren't they supposed to be fighting for their legal legitimacy against Apple? Geohot did NOT want to be tasked with this exploit (he "retired," remember?) and offered it to them for them to use in Greenpois0n but they refused, forcing his hand. If they had accepted, all it would have meant was a delay in Greenpois0n and another "thanks Geohot!" in the readme.txt file, yet people mischaracterize this as Geohot trying to steal the limelight from them.

Please don't have the same knee-jerk reaction and realize that this is for the best. There are a many reasons why Geohot's actions were the right course of action and not one supporting Chronic Dev. Yes, it would be frustrating to have to let go of most of your work and then use it to make someone else's better in such short notice, but that's not what this is about and exploiting the exploits effectively should be TOP priority.

*this message was split because Dailytech thought it was SPAM!*

RE: Before anyone says otherwise...
By bbomb on 10/10/2010 8:53:43 PM , Rating: 1
This is all a dick measuring contest over software that is offered for free that Apple will eventually kill.

By chagrinnin on 10/11/2010 12:00:07 AM , Rating: 2
By alexton108 on 10/10/2010 8:57:30 PM , Rating: 2
We love Geohot's great work and 100% support their decision to release the first jailbreak for Iphone 4.1.
It's good to know that we also have another secret weapon for the next major Apple iOS. Thanks Geohot and Chronic Dev.

"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki