Geohot is back with limerain Monday

[Macgod79]

Breaking news from twitter straight from the chronic dev team is news that geohot has a exploit that WILL jailbreak all iOS devices. This has of course upset psoninja who doesn't wanna delay the release of greenpoison. Geohot is pushing him to release it with greenpoison and he doesn't want the delay. It's also been confirmed by Ih8snows twitter showing photos of all the iOS devices with a pic of limerain. He is talking bout releasing it Monday. Hmm fighting in the jailbreak community. More soon

[Macgod79]

I bet the greenpoison gets delayed and geohots exploit gets used for now

[Orby]

I bet the greenpoison gets delayed and geohots exploit gets used for now

I can tell you right now that is NOT happening.

https://twitter.com/cdevwill/status/26791671101

I think however that the two sides (Chronic Dev, Geohot) are working out an agreement; probably will be Cdev's USB exploit going first (as there are fewer devices it works for, and therefore is a "less potent" exploit) with Comex providing userland JBs to stem the wait with Geohot waiting in the wings for the next round of hardware revision.

At least that's how I'd do it. Hopefully all the hackers can be reasonable adults, compromise, and thus maximize their tools for the benefit of the community.

[iYeow]

If both releases their jailbreaks, everyone will be happy

[ShredNasty]

In my opinion, **** geohot. **** him right in his ***! He's starting drama just because he can. That makes him a ***** in my book. Period.

[mortopher]

In my opinion, **** geohot. **** him right in his ***! He's starting drama just because he can. That makes him a ***** in my book. Period.

You can cuss, you're cool.

[bellyfrog]

They should delay the release to use Geohots exploit obviously. They are the ones being stupid by asking him to wait.

Geohots exploit will work for all devices. If they release Greenpois0n as is 3GS users are still stuck.

Delaying Greenpois0n by one day to use Geohots exploit would be a lot better.

Still, nothing has been confirmed about whether it's coming monday or not that is still just rumors. Hopefully it will.

[Orby]

I am not revealing any information not already revealed via Twitter or the iPhone Wiki in this post, before anybody freaks out.

I can confirm via several sources (including the front page of this website), barring any insane and/or unforeseen shenanigans, George intends to release his new tool "limera1n" on the one-year anniversary of the launch of blackra1n, i.e., 10-11-10.

It's more complicated than just saying "Chronic Dev. should wait" though. Pieces of SHAtter have been publicly released--Pod2G's usb_control_message(0xA1,1) for the iPT2G is almost assuredly an abbreviated version of SHAtter; Apple should now know full well that the basis of SHAtter starts with a heap overflow and following forced reboot in DFU mode's bootrom. They can get a hardware revision out fairly quickly to halt the exploit.

If that exploit is not utilized rather quickly, that hole (and comex's accompanying userland exploit to get the device booting untethered) will be sealed with a hardware revision by Apple before it can get wide usage.

Also, you know Geohot's exploit will be sealed on at least the 8930 devices shortly after it's released--they'll probably punt on the 3GS at this point the same way they did with the 3G at this time last year in relation to 24kpwn/Pwnage2. However, Geohot's disappearing off the grid also means that Apple likely has less than zero clues as to what he's been cooking since April--the chance of his hole being sealed before use is far lower than SHAtter's so long as nothing leaks.

Case in point, limera1n's family of exploits are still 0-day. SHAtter's not; its clock has to be ticking--if I were an Apple hardware engineer, I'd be busting my tail trying to find that heap overflow and reboot from 0xA1 and a way to shut it immediately. Therefore you can be assured Apple is working overtime on a solution.

If SHAtter is released first, between kernel exploits like the other half of greenpois0n and other library-based userland exploits like Spirit or Star, limera1n will be a 0-day jailbreak for the fifth iteration of iOS devices next year. If limera1n is released first, or if both SHAtter and limera1n release simultaneously, both holes will be sealed by the next hardware revision.

Never mind the egos at work here...

[bellyfrog]

Of course burning an exploit isn't the smartest thing. But in the short term it is the best thing for all these people (including me) with 3GS that are currently paperweights.

Long term is a different story. However, it does seem that they ALWAYS find an exploit... So does it really matter that much if they burn one?

[moon#pie]

Of course burning an exploit isn't the smartest thing. But in the short term it is the best thing for all these people (including me) with 3GS that are currently paperweights.

Long term is a different story. However, it does seem that they ALWAYS find an exploit... So does it really matter that much if they burn one?

yes it matters. why burn two exploits when 4.2 is just around the corner?

[bellyfrog]

yes it matters. why burn two exploits when 4.2 is just around the corner?

I guess it depends where your jailbreaking priorities lie.

I don't care personally (and I'm sure a lot of others are in this boat) about 4.1 or 4.2, because I need jailbreaks purely for unlocking. Until the new baseband is unlocked it doesn't matter for me whether there is a jailbreak or not.

For me it's more important that all the currently unlockable devices are able to be jailbroken (see 3GS 4.0.2 etc).

So for me and a ton of others, this limera1n release is awesome news. For other people who just want to jailbreak the latest iOS maybe it's not so awesome.

[Madman604x]

i haz limera1n too



kekeke yes im joking.

[Orby]

yes it matters. why burn two exploits when 4.2 is just around the corner?

Apple /will/ seal all four (yes four) holes--the userland and iBoot parts of GP and LR respectively will be sealed in the firmware immediately following their releases--therefore the USB-based SHAtter will go tethered until another userland exploit is cooked up and (I believe) limera1n will not be usable until another iBoot-level hole is exploited.

Also, Apple /will/ seal both hardware-level holes with extreme prejudice as soon as humanly possible. I doubt there will be a 5-week transition period like with 24Kpwn--I imagine once a fix for either hole passes QA, Apple will halt all production, try and get as many units in the field as possible be returned for retrofitting or destruction, and resume production/refurbishment of fixed units only--holiday rush be damned.

EDIT: By insisting limera1n be released to satiate a small number of third-generation device owners who have no SHSH blobs on file and upgraded their firmware or purchased a new 3GS; you're spitting at months of work that Pod2G, p0sixninja, and others spent preparing SHAtter: that bootrom exploit will be sealed, benefiting nobody, and Geohot's will be sealed all the same. In my opinion, you're screwing the community as a whole for the next wave of hardware by demanding this new jailbreak. Besides, if your 3GS is already on or has been on iOS 4.1, you cannot unlock even if you get a new jailbreak (yet and for the foreseeable future).

PS: p0sixninja just tweeted saying Geohot is only forcing limera1n out now because of Greenpois0n's announced launch date. His hash tag is all that needs to be said... https://twitter.com/p0sixninja/status/26808309413

[bellyfrog]

Apple /will/ seal all four (yes four) holes--the userland and iBoot parts of GP and LR respectively will be sealed in the firmware immediately following their releases--therefore the USB-based SHAtter will go tethered until another userland exploit is cooked up and (I believe) limera1n will not be usable until another iBoot-level hole is exploited.

Also, Apple /will/ seal both hardware-level holes with extreme prejudice as soon as humanly possible. I doubt there will be a 5-week transition period like with 24Kpwn--I imagine once a fix for either hole passes QA, Apple will halt all production, try and get as many units in the field as possible be returned for retrofitting or destruction, and resume production/refurbishment of fixed units only--holiday rush be damned.

I wonder why Apple would be so hell bent on blocking any devices that are already out there from being jailbroken at the cost of so much sales? It's not like they are hurt a lot by Jailbreaking, the only potential money they lose is from the app store by people installing cracked apps, and even a large amount of the jailbreak community is against pirated apps anyway.

I can understand wanting to fight jailbreaking, but to that extent seems counter-productive from Apples POV.

EDIT- By the way orby, you seem to be very in the know possibly you could help me with something I've been wondering. limera1n is supposed to be a 4.1 jailbreak, has there been any indication for whether it will work on 4.0.2? I'm curious as to how a 3GS on 4.0.2 could be jailbroken or whether you will have to update to 4.1, and if so, if you will be forced to upgrade baseband.

[Orby]

I wonder why Apple would be so hell bent on blocking any devices that are already out there from being jailbroken at the cost of so much sales? It's not like they are hurt a lot by Jailbreaking, the only potential money they lose is from the app store by people installing cracked apps, and even a large amount of the jailbreak community is against pirated apps anyway.

I can understand wanting to fight jailbreaking, but to that extent seems counter-productive from Apples POV.

EDIT- By the way orby, you seem to be very in the know possibly you could help me with something I've been wondering. limera1n is supposed to be a 4.1 jailbreak, has there been any indication for whether it will work on 4.0.2? I'm curious as to how a 3GS on 4.0.2 could be jailbroken or whether you will have to update to 4.1, and if so, if you will be forced to upgrade baseband.

They did that with the old iPhone 2G on the eve of the launch of the 3G--the 2G was discontinued and all the unsold 2G devices were sent back to the factory as of June 9th, 2008--a little over a month before the 3G starting shipping on July 11th. Might have been due to BootNeuter, but who knows.

Also, Apple tried snapping up all the 5.8-bootloader 3G units made as a run-up to the iPhone launch due to the exploit in that particular bootloader. They did a pretty good job; further exacerbating launch shortages of the device. Only a few weeks' models made it out there.

And 24Kpwn--that whole fiasco.

Apple probably now uses such just-in-time inventory that if there's not an internal recall, the transition from exploitable to fixed hardware will happen across all factories within a week (and therefore those new fixed devices will be sold by the end of that week). They do NOT screw around when it comes to hardware exploits getting fixed and the new unit's distribution.

EDIT: I would imagine that there will be a PwnageTool/sn0wbreeze update allowing you to restore to a custom-cooked 4.1 IPSW with the old, exploitable baseband OR that either Greenpois0n/limera1n is ported back to 4.0.2--shouldn't be too hard to do either, as the exploits are hardware and undiscovered software. So your unlock should be safe.

[bellyfrog]

They did that with the old iPhone 2G on the eve of the launch of the 3G--the 2G was discontinued and all the unsold 2G devices were sent back to the factory as of June 9th, 2008--a little over a month before the 3G starting shipping on July 11th. Might have been due to BootNeuter, but who knows.

Also, Apple tried snapping up all the 5.8-bootloader 3G units made as a run-up to the iPhone launch due to the exploit in that particular bootloader. They did a pretty good job; further exacerbating launch shortages of the device. Only a few weeks' models made it out there.

And 24Kpwn--that whole fiasco.

Apple probably now uses such just-in-time inventory that if there's not an internal recall, the transition from exploitable to fixed hardware will happen across all factories within a week (and therefore those new fixed devices will be sold by the end of that week). They do NOT screw around when it comes to hardware exploits getting fixed and the new unit's distribution.

EDIT: I would imagine that there will be a PwnageTool/sn0wbreeze update allowing you to restore to a custom-cooked 4.1 IPSW with the old, exploitable baseband OR that either Greenpois0n/limera1n is ported back to 4.0.2--shouldn't be too hard to do either, as the exploits are hardware and undiscovered software. So your unlock should be safe.

All good info, thanks

Yeah I know they do it, I just wonder why. It doesn't seem like they would lose much money from jailbroken devices so why go to such extreme lengths?

[GoldfishTX]

All good info, thanks

Yeah I know they do it, I just wonder why. It doesn't seem like they would lose much money from jailbroken devices so why go to such extreme lengths?

Perhaps they are concerned that people will find and use these exploits for less "productive" tasks?

Personally, I think it's irresponsible to blow two exploits at once, but rationality and ego very rarely share the same path.

[Ackms421]

I wonder what relations are like between Saurik and Geohot. It'd be intriguing to get those two genuises together.

[bellyfrog]

It seems to me this whole situation is fraught with drama.

It's kind of silly that they revealed some info about the exploit before releasing the jailbreak really, since now their excuse for not delaying it is that Apple will close the exploit immediately and SHAtter will be useless soon.

I suppose maybe Geohot wouldn't release Limera1n if he didn't know he was screwing over the Chronic Dev Team though, does seem to be some i-beef between these guys lol...

Ah well... If I can jailbreak my 3GS in the next few days I certainly won't be complaining ^_^

[ShredNasty]

But you will be complaining down the road when you end up waiting for months because geohot coughed up an exploit just to be a d*ck.

And SHAtter won't be useless. Its a hardware exploit in the A4. I'd like to see them close it immediately. Greenp0ison will be closed. That's the software exploit.