Would you believe this news?
Well you should if you are a Apple user and have devices such as iPhone 4s, iPad 2 / 3, iPad mini, iPod touch 5.
It has been reported that iOS hacker iH8sn0w has discovered a way to untether jailbreak devices powered by the Apple A5(X) processor for life, which includes the iPhone 4s, iPod touch 5, the iPad 2 / 3 and iPad mini.
However, for the time being details are not yet available as to how this could be possible. But it is assumed that in days to come the good news would actually be made available and old Apple devices holders will take a sigh of relief for life!!
There are many sources on the net which are giving an indication to this direction. The first came when iH8sn0w posted A5 AES keys on Twitter:
Well you should if you are a Apple user and have devices such as iPhone 4s, iPad 2 / 3, iPad mini, iPod touch 5.
It has been reported that iOS hacker iH8sn0w has discovered a way to untether jailbreak devices powered by the Apple A5(X) processor for life, which includes the iPhone 4s, iPod touch 5, the iPad 2 / 3 and iPad mini.
However, for the time being details are not yet available as to how this could be possible. But it is assumed that in days to come the good news would actually be made available and old Apple devices holders will take a sigh of relief for life!!
There is yet another clue as Saurik took to a thread on Reddit to shed some light on the situation:
For informational purposes (as many people reading might not appreciate the difference), to get the encryption keys you only need an "iBoot exploit", not a "bootrom exploit". It is easier to find iBoot exploits (being later in the boot sequence, it has a larger attack surface: it has to be able to parse filesystems, for example), and they do afford more power over the device than an untethered userland exploit (in addition to letting you derive firmware encryption keys, you can boot custom kernels, and you might be able to dump the bootrom itself), but they are software updatable as part of new firmware releases from Apple and may have "insane setup requirements" (like, you might pretty much need an already-jailbroken device to actually setup the exploit). You thereby wouldn’t see an iBoot exploit used for a jailbreak (unless everyone is out of ideas for a very long time): instead, you’d see it hoarded away as a "secret weapon" used by jailbreakers to derive these encryption keys, making it easier to find and implement exploits on newer firmware updates for the same device (especially kernel exploits, where even if you have an arbitrary write vulnerability you are "flying blind" and thinking "ok, now where should I write? I can’t see anything… :’(").
Now the big question is that would this news ever go public? Well the following Twitter message by Wincom is disturbing:
But let us keep our fingers crossed - may be someday the miracle happens.....
For informational purposes (as many people reading might not appreciate the difference), to get the encryption keys you only need an "iBoot exploit", not a "bootrom exploit". It is easier to find iBoot exploits (being later in the boot sequence, it has a larger attack surface: it has to be able to parse filesystems, for example), and they do afford more power over the device than an untethered userland exploit (in addition to letting you derive firmware encryption keys, you can boot custom kernels, and you might be able to dump the bootrom itself), but they are software updatable as part of new firmware releases from Apple and may have "insane setup requirements" (like, you might pretty much need an already-jailbroken device to actually setup the exploit). You thereby wouldn’t see an iBoot exploit used for a jailbreak (unless everyone is out of ideas for a very long time): instead, you’d see it hoarded away as a "secret weapon" used by jailbreakers to derive these encryption keys, making it easier to find and implement exploits on newer firmware updates for the same device (especially kernel exploits, where even if you have an arbitrary write vulnerability you are "flying blind" and thinking "ok, now where should I write? I can’t see anything… :’(").
Now the big question is that would this news ever go public? Well the following Twitter message by Wincom is disturbing:
via Redmond Pie
You may follow us on Twitter or like our Facebook page to keep yourself updated on all latest Tech News and Solutions
0 comments:
Post a Comment