+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 35

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: New Baseband Hack at Pwn2Own, But No Unlock (yet)

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
A new method of unlocking the iPhone baseband will be revealed at this year's Pwn2Own conference, with a new, and potentially malicious, feature: the ability to turn your phone into
...
  1. #1
    MMi Staff Writer Paul Daniel Ash's Avatar
    Join Date
    Aug 2009
    Location
    Union Square, Somerville, Mass.
    Posts
    919
    Thanks
    6
    Thanked 995 Times in 401 Posts

    Default New Baseband Hack at Pwn2Own, But No Unlock (yet)


    A new method of unlocking the iPhone baseband will be revealed at this year's Pwn2Own conference, with a new, and potentially malicious, feature: the ability to turn your phone into a spying device. Ralf Philipp Weinmann, a research associate at the University of Luxembourg, will be discussing a huge bug in the firmware of baseband processors commonly used on iPhones and Android devices at the CanSecWest conference in Vancouver, Canada, which begins March 9. However, there's no update on the arrival of a deployable iPhone unlock, whether or not connected to this exploit.

    Weinmann says he has identified some serious security holes in Qualcomm and Infineon firmware for GSM baseband processors. As a demonstration of how his exploit completely defeats the data protection engineered by the manufacturers into this firmware, Weinmann says he will show "how to use the auto-answer feature present in most phones to turn the telephone into a remote listening device."

    Baseband hackers and security analysts alike are impressed with the sophistication of the exploit. "[It's] like tipping over a rock that no one ever thought would be tipped over, said a forensic and anti-forensic researcher who is known only as 'the Grugq' to protect his own identity. "There are a lot of bugs hidden" in the baseband firmware, he added. "It is just a matter of actively looking for them." Don Bailey, a security consultant with Isec Partners, calls Weinmann's work "an extremely technical attack," but notes that it's unlikely to turn into a problem for everyday phone users because an attacker would need his own cellular base station. However, he notes that using OpenBTS and as little as $2,000 worth of equipment, anyone can create their own tower: something that used to cost tens of thousands of dollars. "Now it's a completely different game," Bailey says.

    Weinmann hacked a non-jailbroken iPhone in last year's Pwn2Own contest and exflitrated the SMS database in about 20 seconds. By loading a web page in Safari, Weinmann triggered an exploit that ran entirely inside the iPhone sandbox using the privileges of a non-root user called 'mobile'. With this exploit, Weinmann said, "I can do anything that 'mobile' can do." Weinmann is also credited with finding the TMSI overflow hole that was patched in iOS 4.2. The expectation is that the details on this exploit will also be kept secret until Apple patches the hole.

    Source: PC World

  2. The Following 4 Users Say Thank You to Paul Daniel Ash For This Useful Post:

    dimplenicko (01-20-2011), LEVMAN (01-19-2011), noob_ipod (01-19-2011), reaves205 (01-18-2011)

  3. #2
    Super Moderator Cowboy's Avatar
    Join Date
    Apr 2009
    Location
    Owasso,OK
    Posts
    30,665
    Thanks
    1,048
    Thanked 3,865 Times in 2,205 Posts

    Interesting to say the least
    Follow me @LoganWesterman

    Need Your iPhone Unlock Click HERE or Here
    Needs Your iPhone Fixed Pm Me!
    Have a question about Jailbreaking Pm Simon, Annie, Or just about any other member on here

  4. #3
    iPhone? More like MyPhone
    Join Date
    Sep 2008
    Location
    Mtl, Canada
    Posts
    188
    Thanks
    18
    Thanked 4 Times in 4 Posts

    nice. like to hear the talk about unlocks after like months of silence

  5. #4
    iPhoneaholic LSZ33's Avatar
    Join Date
    Sep 2007
    Location
    Killeen, Texas, United States
    Posts
    363
    Thanks
    72
    Thanked 30 Times in 24 Posts

    wonder if any good will come out of this hack.

  6. #5
    iPhone? More like MyPhone nautical79's Avatar
    Join Date
    Mar 2008
    Location
    Baja Mexico
    Posts
    124
    Thanks
    13
    Thanked 0 Times in 0 Posts

    almost every hack means good for the whole community.
    Common Sense Its Not So Common

  7. #6
    Green Apple
    Join Date
    Sep 2007
    Location
    california
    Posts
    75
    Thanks
    5
    Thanked 5 Times in 4 Posts

    Cool. Looking forward to the event.

  8. #7
    Drinks the Kool Aid Captinsmooth's Avatar
    Join Date
    Mar 2010
    Location
    New York
    Posts
    1,322
    Thanks
    131
    Thanked 351 Times in 199 Posts

    Amazing stuff!
    This post infers no rights and is provided as is.

    Click here to follow me on twitter

  9. #8
    Retired Moderator stlcaddie's Avatar
    Join Date
    Jul 2007
    Location
    Saint Louis, MO
    Posts
    1,087
    Thanks
    139
    Thanked 128 Times in 90 Posts

    Krazy, with a K

  10. #9
    iPhone? More like MyPhone
    Join Date
    Jul 2010
    Posts
    203
    Thanks
    16
    Thanked 13 Times in 12 Posts

    Nice one!! Creative hacks tho

  11. #10
    Livin the iPhone Life steve-z17's Avatar
    Join Date
    Sep 2007
    Location
    Utah
    Posts
    2,224
    Thanks
    91
    Thanked 141 Times in 121 Posts

    Can't wait to see it.

  12. #11
    iPhone? More like MyPhone thechronic's Avatar
    Join Date
    Jul 2008
    Posts
    122
    Thanks
    9
    Thanked 9 Times in 8 Posts

    Very cool stuff. I have wanted to build my own tower for a while. Maybe now I will...

  13. The Following User Says Thank You to thechronic For This Useful Post:

    Snozberries (01-19-2011)

  14. #12
    My iPhone is a Part of Me delusion950's Avatar
    Join Date
    Aug 2008
    Location
    The Patriots Area
    Posts
    796
    Thanks
    56
    Thanked 75 Times in 60 Posts

    nice cant wait to see

  15. #13
    Green Apple iwannamod's Avatar
    Join Date
    Apr 2010
    Posts
    59
    Thanks
    6
    Thanked 3 Times in 3 Posts

    That weinmann dudes a genius! How did he hack a non-jb iphone?? The potential there is scary to say the least.

  16. #14
    iPhone? More like MyPhone
    Join Date
    Apr 2008
    Posts
    242
    Thanks
    11
    Thanked 17 Times in 12 Posts

    not to be the debbie-downer of the group, but seeing as how this event is happening in early march, we probably won't see an unlock from this guy any sooner than we will from the dev team (since they said they're waiting until 4.3)

  17. #15
    What's Jailbreak?
    Join Date
    Jan 2009
    Posts
    14
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by iwannamod View Post
    That weinmann dudes a genius! How did he hack a non-jb iphone?? The potential there is scary to say the least.
    That is how you jailbreak a device..by hacking into it.

  18. #16
    King Theme-aling subywrex's Avatar
    Join Date
    May 2008
    Posts
    2,634
    Thanks
    334
    Thanked 3,852 Times in 883 Posts

    Quote Originally Posted by iwannamod View Post
    That weinmann dudes a genius! How did he hack a non-jb iphone?? The potential there is scary to say the least.
    Essentially jailbreakme.com hacks non jb iPhones to jailbreak it using a security hole.

  19. #17
    Green Apple
    Join Date
    Jan 2011
    Posts
    64
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by iwannamod View Post
    How did he hack a non-jb iphone??
    ... we'll find out March 9th.

  20. #18
    My iPhone is a Part of Me coolguy742's Avatar
    Join Date
    Jul 2010
    Location
    Oklahoma
    Posts
    526
    Thanks
    213
    Thanked 37 Times in 30 Posts

    Cool, it's funny how simple glitches can be so destructive


    Sent from my iPod touch using ModMyi

  21. #19
    iPhoneaholic
    Join Date
    Oct 2007
    Posts
    405
    Thanks
    8
    Thanked 35 Times in 23 Posts

    Haven't you guys realized yet that Apple has finally found a way to stop people from unlocking their iPhone 4. Its by releasing updates so frequently. By doing this it scares the hackers to not release the unlocks/untethered jailbreaks.

    I don't even have an iPhone anymore and I say just release the ******* **** already. If people are retarded enough to update without waiting then its their own fault.

  22. #20
    iPhoneaholic
    Join Date
    Sep 2007
    Posts
    305
    Thanks
    1
    Thanked 12 Times in 11 Posts

    Yeahh Totaly agree.. Release the darn thing... one day they are going to patch it wether you like it or not.if its gonna be patched in 4.4 or 4.5 or 5.0 ITS GONNA BE PATCHED...

    so releasing the Unlock later or sooner for it not being patched is just a stupid excuse..
    We all know for now that 4.3 is going to have the same BB as for 4.2.1... there is not going to be any BB updates till iPhone 5 is released

    iPhone 5 or iPhone 4 (S) is at he Horizon already and we all see on many website that its going to have New CPU Hardware and stuf meaning BB Updates...

    So Dev Teams release the Unlock...

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts