• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Dev-Team Confirms: New Bootrom Defeats 24kpwn

    image via StealthBravo.com

    As noted here on MMi last night, new iPhone 3GSes are shipping with an updated bootrom that is resistant to 24kpwn. Dev-Team member MuscleNerd confirms that the new bootrom, iBoot-359.3.2, is no longer vulnerable to the memory segment overrun exploit.

    This is the first time Apple has upgraded the bootrom during a normal production cycle, rather than when a new model is introduced. The bootrom is a snippet of code that runs at startup time, and checks on the status of the boot image. It's generally used to verify that the image has not been corrupted, but can also be used to check for unauthorized firmware. The 24kpwn exploit - otherwise known as 0x24000 Segment Overflow - bypassed the signature checks on iBoot and allowed unsigned firmware to be loaded. The new bootrom makes that impossible, so currently shipping 3GS phones cannot be jailbroken until a new exploit is found.

    To determine if your new 3GS is running the new bootrom, just check System Profiler while the phone is in DFU mode. Versions of iBoot prior to 359.3.2 should still be able to be jailbroken using known methods.
    This article was originally published in forum thread: Dev-Team Confirms: New Bootrom Defeats 24kpwn started by Paul Daniel Ash View original post
    Comments 102 Comments
    1. 08lexus250's Avatar
      08lexus250 -
      Quote Originally Posted by Poseidon79 View Post
      ^^^ I completely and totally disagree 100%. The 3GS with a 50% faster processor and double the RAM makes it extremely impressive. The iPhone 3G is worthless and freezes and lags and runs out of memory.
      Agree... but such a PTA
    1. Ipodtouchwarrior's Avatar
      Ipodtouchwarrior -
      Quote Originally Posted by pauldanielash View Post

      image via StealthBravo.com

      As noted here on MMi last night, new iPhone 3GSes are shipping with an updated bootrom that is resistant to 24kpwn. Dev-Team member MuscleNerd confirms that the new bootrom, iBoot-359.3.2, is no longer vulnerable to the memory segment overrun exploit.

      This is the first time Apple has upgraded the bootrom during a normal production cycle, rather than when a new model is introduced. The bootrom is a snippet of code that runs at startup time, and checks on the status of the boot image. It's generally used to verify that the image has not been corrupted, but can also be used to check for unauthorized firmware. The 24kpwn exploit - otherwise known as 0x24000 Segment Overflow - bypassed the signature checks on iBoot and allowed unsigned firmware to be loaded. The new bootrom makes that impossible, so currently shipping 3GS phones cannot be jailbroken until a new exploit is found.

      To determine if your new 3GS is running the new bootrom, just check System Profiler while the phone is in DFU mode. Versions of iBoot prior to 359.3.2 should still be able to be jailbroken using known methods.
      Can i jaibreak on 359.3 3gs cause that is what i have.
    1. confucious's Avatar
      confucious -
      359.3.1 or 359.3.2?
    1. souledge316's Avatar
      souledge316 -
      Got my 3GS last night, it came 3.1 fw with the updated baseband out of the box, but I was able to jb just fine. So either there's still hope or it'll be a gamble for people buying it more recently depending on how fast that particular store sells and restocks 3GS units.
    1. 08lexus250's Avatar
      08lexus250 -
      yep pretty much like gambling at this point
    1. Rcooley617's Avatar
      Rcooley617 -
      This S*** jus breaks my heart!!!! ;-( I'm about to go buy mines & I hear this. I understand about Apple protecting their services, but as others say if I purchase something, I should have the right to do what I like w/ it if i'm not doing anything illegal to it...And modding your iphone w/ themes, sounds, & vtones(just to name a few) is not illegal. I know the dev-team is the pwn guru's of the iphones but this new boot-rom scares me b/c it let you know that, as i said before, mmi is a wide-recognize blog now & I'm pretty sure they're apple ppl on here looking at everything we say. Its funny tho b/c I feel like w/ ppl not being able to j/b they won't be any or as much updates. Thats the only reason they update beside features they should of had when I first came out. There is much features that are still wanted on the iPhone, but once the new phones come out & there is no JB watch how less jb will come out.. They say they're doing to save their product, but they're only doing it for they don't have to do as much work, so they don't have to update all the time to stop us form j/b
    1. zhenquan108's Avatar
      zhenquan108 -
      bought a new 3gs last thursday cant jailbreak
    1. confucious's Avatar
      confucious -
      What week number is it ?(4th and 5th digits of serial number)
    1. chromium's Avatar
      chromium -
      Quote Originally Posted by lkailburn View Post
      haha nice!

      has anyone confirmed shipment dates of the new 3gs's with this bootloader?

      -Luke
      I bought one 5 days ago and it had the new bootloader [iBoot-359.3.2], so they are definitely out there.

      I have since learnt that you can work out from the serial if you will have the new bootloader. The 4th and 5th digits are the week of manufacture. Me and a friend bought ours together, mine was week 41 and hers was week 40. Mine had [iBoot-359.3.2] and hers had [iBoot-359.3].

      I really hope a new hack is found.

      Quote Originally Posted by Rcooley617 View Post
      This S*** jus breaks my heart!!!! ;-(
      Try buying one last week and then spending a whole day trying to JB and wondering why it isn't working only to find out later that you have the new boot rom
    1. confucious's Avatar
      confucious -
      They started shipping in week 40 - some made in Week 40 are the old one, some the new.
    1. JudgeDredd67's Avatar
      JudgeDredd67 -
      Thank you all for this very useful information. This is my first post on this forum and I am sure will not be my last. I am a die hard WindowMobile guy. I have owned just about every HTC device made, my current phone is ATT Fuze. But I am very board with WM and started looking into the iPhone when I found this thread. I have not purchased my iPhone yet, I wanted to make sure it could be JB. I am due for an upgrade next month and after reading this went strait to my local store ( they know me very well ) and started checking SN's of the iPhones they had. I am in luck, as the 4 32g 3GS phones they had where from week 35 to 38 nothing newer. So they agreed to hold one back for me. So thank you for this wonderful information and I am looking forward to my iPhone and participating in this wonderful forum.

      JD
    1. devorama's Avatar
      devorama -
      I just upgraded to the 3GS this week. I just flat out asked the sales reps to check the serial numbers for a model older than week 40. They were really cool about it. The busy flagship store didn't have any that old, but the less busy store had one from week 37 so I bought it. It had OS 3.1 and the older bootrom. They asked me why I wanted an older phone and I said my friend that knows a lot about phones said the new ones weren't as good.
    1. chromium's Avatar
      chromium -
      Quote Originally Posted by devorama View Post
      I just upgraded to the 3GS this week. I just flat out asked the sales reps to check the serial numbers for a model older than week 40. They were really cool about it. The busy flagship store didn't have any that old, but the less busy store had one from week 37 so I bought it. It had OS 3.1 and the older bootrom. They asked me why I wanted an older phone and I said my friend that knows a lot about phones said the new ones weren't as good.
      That's exactly what I would've done had I been armed with this knowledge 6 days ago
      I knew the new ones were coming but I didn't think they would have been in the shops quite as quickly as they were, especially here in Australia.
    1. confucious's Avatar
      confucious -
      @devorama - you were unlucky - some week 37 phones still have 3.01 on so you could have unlocked as well.
    1. lkailburn's Avatar
      lkailburn -
      Quote Originally Posted by devorama View Post
      I just upgraded to the 3GS this week. I just flat out asked the sales reps to check the serial numbers for a model older than week 40. They were really cool about it. The busy flagship store didn't have any that old, but the less busy store had one from week 37 so I bought it. It had OS 3.1 and the older bootrom. They asked me why I wanted an older phone and I said my friend that knows a lot about phones said the new ones weren't as good.
      nice! i'll have to try this

      -Luke
    1. Chevyman209's Avatar
      Chevyman209 -
      Damn that sucks... oh well it probably only take like 6 months to find a new way.
    1. will042082's Avatar
      will042082 -
      Can the bootrom be updated via iTunes updates or a firmware update? Or is this something that can only be updated when the device is originally made?
    1. confucious's Avatar
      confucious -
      iBoot and BL can not be updated - what you get is what you live with (apart from BL5.8 and Fuzzy, of course)
    1. will042082's Avatar
      will042082 -
      that's ******* music to my ears!!
    1. confucious's Avatar
      confucious -
      Make sure you let Cydia grab your files and you should be OK.