Welcome to the family, iPhone 3GS!
Jul/090
And the iPhone Dev Team has answered: redsn0w 0.8 now officially supports jailbreaking of the iPhone 3GS. saurik has also updated the MobileSubstrate and WinterBoard packages for use with the 3GS, according to the iPhone Dev Team’s post here. However, the same old warning applies to all 3GS users to obtain the iBEC and iBSS files. They are now looking for more holes to exploit considering 3.1 would probably have a fix, and that would mean (temporarily) bad news for soon-to-be owners of the 3GS. To quote the Dev Team, “For those of you without 3GS phones, it’s a race against the clock to use this particular hole. There’s nothing we can do about that, but we will always be looking for new holes.”
ultrasn0w 0.8 has also been released which will support the iPhone 3GS. However, it is crucial that you do not upgrade to anything beyond 3.0, including the 3.1 beta software. Quoth the Dev Team: “Apple has gotten very serious with the latest baseband — they’ve removed 180 (!) commands in an effort to cut down their exposure to holes. So please always stay away from stock Apple IPSWs and instead use our tools as we release them. These tools let you update your firmware without updating your baseband.”
And good news for those using Linux: redsn0w has also been released for you guys as well. (: Get your redsn0w while it’s, er, cold! And obtain ultrasn0w by adding repo666.ultrasnow.com to the list of repositories in Cydia.
New Apple iPhone Exploit Gives Attacker Root Access
Jul/090
It was bound to happen… Apple users have long enjoyed a relatively smooth ride with regard to virus’ and malicious attacks, but this morning xaminer.com posted info on this serious iPhone expoit, discovered Charlie Miller:
It’s well-known that binary code can be sent to mobile devices using SMS. Normally the sent code isn’t executed, but Miller found that the iPhone operating system automatically processes the code without any user intervention. Not good. Knowing this, Miller developed code using the principle of Sulley Fuzzing, a method of injecting random data into program after first forcing the operating system to trust the new code.
And they go on to confirm the worst:
Another vulnerability that Miller found was the ability to use the SMS function to gain root access to the iPhone, more or less giving an attacker the “keys to the kingdom”.
On a positive note, Apple appears to already be working on a patch for this serious security vulnerability. We all know Apple’s history with timely updates though, so don’t hold your breath.
Get the full scoop here: http://www.examiner.com/x-14651-Minneapolis-Information-Technology-Examiner~y2009m7d3-Apple-iPhone-SMS-exploit-allows-attacker-to-control-phone
So… who’s gonna beat Apple to the punch with a security patch that jail broken iPhone users can apply? :)
Surprise! iPhone 3GS Jailbreak for Software 3.0 released!
Jul/090
After the long and grueling wait, iPhone 3GS users can finally rejoice: the jailbreak for the iPhone 3GS has been released first by geohot with his software, purplera1n, which only runs on Windows for now (with the Mac version coming later). He was originally in the Dev Team before he got kicked out. According to his blog post dated today,
Normally I don’t make tools for the general public, and rather wait for the dev team to do it. But guys, whats up with waiting until 3.1? That isn’t how the game is played. We release, Apple fixes, we find new holes. It isn’t worth waiting because you might have the “last” hole in the iPhone. What last hole…this isn’t golf. I’ll find a new one next week. Also your purplera1nyday files ensure that you can always get back to a jailbroken state, so if you have it it’s just a matter of tools.
The iPhone Dev Team is still keeping mum on this issue. Whatever it is, the jailbreak program is posted here. Either that, or you can get the file from the official site. Apparently, it is “it’s smaller than C++ hello world” and there will be no need for the IPSW files. Kudos to you, geohot!
[UPDATE] According to saurik (one of the iPhone Dev Team members) in his few tweets, “The PurpleRa1n 3GS jailbreak (like the unofficial 3.0 beta QuickPwn jailbreaks) is missing critical patches required for WinterBoard (etc.)” He continued: “ADDITIONALLY, WinterBoard /will/ need work on the 3GS (new instructions), but I can’t even begin looking at that until we get fixed patches.”
So hold your horses folks! It’s better if the iPhone Dev Team makes an official release and we wait until 3.1 comes out. That’s when other developers will start developing and modifying code for the 3GS for several programs that might have compatibility issues with the 3GS.