Page 1 of 2 12 LastLast
Results 1 to 20 of 21

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: iPhone 4 Bootrom Exploit Found!!!!!!!

  1. #1
    Livin the iPhone Life mortopher's Avatar
    Join Date
    Jul 2009
    Location
    Pittsford, NY via Dallas, TX
    Posts
    2,742
    Thanks
    549
    Thanked 622 Times in 346 Posts

    Default iPhone 4 Bootrom Exploit Found!


    Any members here that follow the key players in the jailbreak community on twitter certainly had their interests piqued Tuesday night as numerous tweets sprang up referring to the awesomeness of the hacker pod2g. For those of us who were left uncertain of what was going on, our greatest hopes had come true. It was announced to the rest of us yesterday that pod2g has found a bootrom exploit on the iPhone 4.

    For those of you that are unsure of what this means, this vulnerability will be unlike the recent ones found and exploited by Comex. Both Spirit and Star (Jailbreakme.com v2) were "soft" jailbreaks in that they were user-land jailbreaks that Apple would be able to (and have) patch simply by releasing iOS updates (4.0, 4.0.2, 3.2.1, 3.2.2). pod2g's exploit differs from these in that it is found within the bootrom, the first code to run on an iDevice at it's startup. This bootrom is hardwired into the iDevice itself and therefore Apple will not be able to patch it any other way than to actually update the bootrom on future productions.

    Basically, if all goes well, any iPhone 4, iPod Touch 4 and iPad (has the same IBoot-574.4 as both i4s) that is produced before Apple updates the bootrom will be jailbreakable for the life of the device! Those of you familiar with the iPhone 2G, 3G and the old boot rom 3GS essentially being jailbreakable for life are already well aware of the tremendous benefits of such a discovery.

    I've already got my Paypal account ready and waiting to donate to another great member of our community. Congratulations to pod2g and a big thanks goes out to him for all of his hard work.



    As with all jailbreaks, there is not and will not be a ETA but I'm certain his twitter account will be harassed nonetheless.

    Twitter / pod2g: iPhone 4G iBSS 4.0.1: iv=9 ...
    Bootrom - The iPhone Wiki
    Attached Thumbnails Attached Thumbnails -screen-shot-2010-09-09-1.30.09-am.png  
    Last edited by mortopher; 2010-09-09 at 11:46 AM.

  2. The Following 2 Users Say Thank You to mortopher For This Useful Post:

    Robcoffee (2010-09-09), Trooper Sam (2010-09-09)

  3. #2
    Livin the iPhone Life mortopher's Avatar
    Join Date
    Jul 2009
    Location
    Pittsford, NY via Dallas, TX
    Posts
    2,742
    Thanks
    549
    Thanked 622 Times in 346 Posts

    UPDATE:

    Attached Thumbnails Attached Thumbnails -screen-shot-2010-09-09-4.40.24-am.png  

  4. The Following User Says Thank You to mortopher For This Useful Post:

    Trooper Sam (2010-09-09)

  5. #3
    almost there
    "If You're Not First, You're Last" - Ricky Bobby


  6. #4
    Yay
    Can't wait
    Hopefully will work for the ip4 White at Christmas lol


    Like A Boss

  7. #5
    What's Jailbreak? timmywoodz's Avatar
    Join Date
    Oct 2009
    Location
    dayton oh
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by paganizonda83 View Post
    UPDATE:

    Purrrrfect.

  8. #6
    Livin the iPhone Life
    Join Date
    Sep 2009
    Location
    Manchester, England
    Posts
    2,101
    Thanks
    361
    Thanked 544 Times in 404 Posts

    I guess the real question is "are
    We there yet"

  9. #7
    Having an exploit is great news - but still a long way to go yet before it's usable.
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  10. #8
    Great news, just a shame the exploit was made public so quickly. I hope a new jailbreak is released before the new bootrom chips start appearing in devices.

  11. #9
    What do you mean it's 'a shame the exploit was made public so quickly.' - it hasn't been!
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  12. #10
    My iPhone is a Part of Me Trooper Sam's Avatar
    Join Date
    Jul 2010
    Location
    Somewhere in California
    Posts
    503
    Thanks
    51
    Thanked 78 Times in 62 Posts

    It's public the moment it's announced. Now Apple is actually looking for the weakness with the intent of replacing the bootroms with something less vulnerable. Probably by the time white iPhone 4s appear, they'll have new bootroms, along with iPT4Gs and iPads.

  13. #11
    ^You really don't know what you are talking about, do you?
    There are other exploits that have been found, Apple can look all they want. Until the exploit is released they will not find them. When an exploit is released it will be patched, but if this is, indeed, a bootrom exploit then they will not be able to patch existing devices.
    By your reckoning no exploit should ever be released....
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  14. #12
    Sorry I had only jet woken up when I saw the post this morning. What I meant was now Apple can see & verfy hackers have gained access to the bootrom keys surely they will update the chip on future models?

  15. #13
    I see what your saying that apple is tryn to fix it already, but I'm sure they have people on payroll tryn to hack devices all day to find the weakness. There is a undetermined amount of exploits with any device it just depends on what you find. Apple might find 2 exploits but notthat third that will be released. In there apple can find a 100 of them but if it is not the one dev team is working on exploiting then it is a moo point. I believe that's how it works but correct me if I'm wrong?

  16. #14
    Livin the iPhone Life mortopher's Avatar
    Join Date
    Jul 2009
    Location
    Pittsford, NY via Dallas, TX
    Posts
    2,742
    Thanks
    549
    Thanked 622 Times in 346 Posts

    ^Without knowing the exploit, how will Apple know what parts of the bootrom to update?

    Just because I call the doctor and tell him I am sick doesn't mean that he can diagnose and write a prescription for it until he examines me.

  17. #15
    My iPhone is a Part of Me Trooper Sam's Avatar
    Join Date
    Jul 2010
    Location
    Somewhere in California
    Posts
    503
    Thanks
    51
    Thanked 78 Times in 62 Posts

    No, no, I don't at ALL mean they should never be released. I just mean that Apple's radar has been focused on this one little area now, and they'll throw a lot of effort into discovering it, and updating the bootrom to fix it. It's not as though they lack expertise and skill.

    What I meant was that it might have been better had it been kept quiet right up until a tool was ready to release. However, now that I think about it, that probably wouldn't have been of much advantage, as the tool itself would point out to Apple exactly what needed fixing.

    Therefore, I need to admit that there was a flaw in my reasoning. Do forgive me, I work nights and I had just awakened when I wrote my initial reply.

  18. #16
    Retired Moderator Poseidon79's Avatar
    Join Date
    Jan 2008
    Location
    Austin, TX
    Posts
    8,264
    Thanks
    819
    Thanked 1,681 Times in 1,159 Posts

    Apple won't know where the exploit is until the final jailbreak tool is released to the public. There are vulnerabilities in every program... that's just a fact... hell Apple and MS patch HUNDREDS of these every year in their operating systems. All the Devs have done is tell Apple they found one... that doesn't let Apple know which line of code it's in or what exact command was used to crash the code. It's infinitely more complicated than most of you all think.

  19. #17
    My iPhone is a Part of Me Trooper Sam's Avatar
    Join Date
    Jul 2010
    Location
    Somewhere in California
    Posts
    503
    Thanks
    51
    Thanked 78 Times in 62 Posts

    I'll admit that I did oversimplify it in my mind.

  20. #18
    While it's great news that pod2g and posix have found a bootrom exploit, the fact that it is tethered will disappoint some.

  21. The Following User Says Thank You to confucious For This Useful Post:

    Poseidon79 (2010-09-09)

  22. #19
    Haha I work nights too. Suuuuucks

  23. #20
    They won't, breath and relax. They don't have a team if hackers, what they have us there programs looking for the code. They are working on new bootrom not because of this but it's what they do.

    When the exploit is release in the form of a jailbreak then and only then will they look at it and fix it in next device.

    Relax and enjoy the ride this is incredible news if accurate.

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •