Dev-Team Confirms: New Bootrom Defeats 24kpwn
image via StealthBravo.com
As noted here on MMi last night
, new iPhone 3GSes are shipping with an updated bootrom that is resistant to 24kpwn. Dev-Team member MuscleNerd confirms
that the new bootrom, iBoot-359.3.2, is no longer vulnerable to the memory segment overrun exploit.
This is the first time Apple has upgraded the bootrom during a normal production cycle, rather than when a new model is introduced. The bootrom is a snippet of code that runs at startup time, and checks on the status of the boot image. It's generally used to verify that the image has not been corrupted, but can also be used to check for unauthorized firmware. The 24kpwn exploit - otherwise known as 0x24000 Segment Overflow - bypassed the signature checks on iBoot and allowed unsigned firmware to be loaded. The new bootrom makes that impossible, so currently shipping 3GS phones cannot be jailbroken until a new exploit is found.
To determine if your new 3GS is running the new bootrom, just check System Profiler while the phone is in DFU mode. Versions of iBoot prior to 359.3.2 should still be able to be jailbroken using known methods.