Well lookey see here, sounds like v1.1.1 isn't all doom and gloom after all. The iPhone dev community's apparently not only
moved past accessing the nigh-unbreakable file system protections
Apple implemented in the latest
iPhone and iPod touch firmwares, they've also managed to hack the SpringBoard app into shape enough to properly launch 3rd party apps (which were, as expected, recompiled to function with the new iPhone frameworks). The iPod touch has apparently also been hacked for root access, and apparently those freshly recompiled apps are functioning there as well. But it's still not without some bad news: unfortunately, it sounds like most (if not all) of these new hacks rely solely on that single TIFF exploit in Mobile Safari, meaning that everyone's back to square one the moment Apple beams v1.1.2 to the public at large.
Read - Hacker toc2rta confirms the exploit and functionality
Read - iPhone jailbroken, apps installed
Read - iPod touch jailbroken
posted October 8th 2007 10:24PM
Think of all the great 3rd party apps these talented individuals could be writing instead of having to spend their time and efforts fighting Apple for the ability to do so. Thanks Apple.. I'm sure Apple will brick it again..
1.1.2 is going to be a Safari update that blocks TIFF images.
Is this the same john as in all the other posts?
there are an awful lot of us who didn't think through choosing the name for our comments. Some of us are lowercase j (see above), some are uppercase (
There's one thing that confuses me. Am I right in that these hacks all require taking advantage of an exploit? In other words... does that mean that we're on Apple's case for closing security holes that could be used to execute arbitrary code? I know that the 3rd parties writing these apps are doing it for the greater good, but couldn't someone use these same exploits for less honorable means?
I mean, if iPhones were having security problems we'd be bashing the hell out of Apple for leaving holes in the system.
I think I'm just confused. Can somebody tell me the diff between the good security holes and the bad ones?
I have a funny feeling that things will change when Leopard ships.
openmoko, nuff said...
@halfeatenfish
It's exactly what it looks like. Aside from clearing the Springboard plist, Apple redid the poor security from 1.0x thereby making it difficult for unauthorized 3rd party apps to get back in. A new security hole was discovered, and 3rd party apps are back. Theoretically, all the work used to hack native support again, could be used to hack the crap out of your phone, should you navigate to the wrong website.
You could find yourself with a new icon on your home screen, that you couldn't remove... automatically treating you to spyware and NSFW moments at its leisure... ON YOUR PHONE (I can see the YouTube spoof right now, cueue the music). I knocked Apple for the dialerbug problem (lets you fake the number the user okayed to call), and the WiFi flaw wasn't pretty either. Hopefully they get this one too. I'm going to hand it to these guys, but still wait for Apple's 3rd party solution. This isn't the way. I'm hitting the iPhone Tech Talk today here in Beantown.
@mushrooshi
Why not click on his name and see his profile and find out?
@Cleverboy - I agree that ultimately nasty types could also use these exploits for nefarious deeds, which is why i think Apple should just relent and provide everyone with an honest-to-goodness SDK for mobile OSX.
...And if they don't, we can always update and wait for the pirate versions of those Apple-supported apps that are obviously on the gravy train to Cupertino ;)
Another pic
http://www.hackint0sh.org/forum/showthread.php?t=10373
Awesome
Just as i said: "Its just a matter of time." hack the iphone!!!
You bless us with your mighty prediction, Oracle
Slap a gui on that sucker and make it a 1 click process.
Buying a $399 iPod Touch is only the beginning of the fun part~
See a Gateway laptop price is diving under $300!
I'd love to see you stuff that 15.4" widescreen laptop in your pocket.
This is really getting ridiculous. Steve Jobs said it himself: It's a cat and mouse game. I found it unbelievable that a company like Apple would play such a game. It is CLEAR that consumers want 3rd-Party Applications, so what is the business gain behind trying to disable them? I would see 3rd-Party apps as being a big marketing plus for Apple, and considering the number of tools already available based on hacked toolchains, if Apple wrote a real SDK imagine the possibilities. Seriously Apple, stop playing games and trying to disable useful/fun software that has already been written (without any assistance from you!)
Uh, the business gain in disabling 3rd party apps that consumers clearly want?
Oh, let's see...maybe the money Apple can make both charging a licensing fee to software developers AND charging their beloved customers for the software?
My guess would be that Apple wants a piece of the application profits. I'm not sure how they are considering implementing such a mechanism, but it must be the reason they are fighting this. Again, Apple COULD be doing this to ensure a high quality phone first, but I wonder.
You cannot create apps to curcumvent their carrier locks! That's disgracing the mighty Apple policy of screwing their fanbase over!
I think it has to do with more with ATT than simply Apple wanting to make more money selling apps. If you look from an ATT business model that they have used in the past, they cripple phones functions, make you pay data plans that cost more than the iphone data plan, charge you monthly fees for apps, ringtones, videos.
I saw a third party program that made the iphone gps-like by using triangulation. Well, ATT and other carriers like Verizon would rather charge you $10 a month for the kind of service so they force the manufacturers to cripple built-in GPS chips. Also crippling blutooth so that it can only be used with headsets rather than sending files is another example. I think Apple might be hamstrung by their contract with ATT, although they can always blame ATT for the contract while still taking in a percentage of the monthly fees that ATT brings in.
The thing is, now that Apple started the game, they can't just back out and give the cheese to the mouse. It makes the cat look weak.
Let me get this straight...
There is only ONE exploit that Apple needs to close to prevent the new jailbreak from working and engadget is TELLING them what it is?
Nice work guys. Keep it up.
Apple would have found out rather quickly, if not even for news/blogging outlets. All they have to do is peek into the hacking community and viola.
You know felines like to play with their prey before they GO for the kill...
As long as there is a demand for hacking apps and hackers willing to devote time to making them, this will continue. Apple ought to take a hint from the large number of Windows exploits over the years; people will always find a way around safeguards/restrictions/DRM.
Anyone else notice that open-source Linux is much more secure than Windows? That's because any developer can make improvements to it.
I'll keep my T-Mobile 1.02 for now. It's not like I'm gonna BUY music anyway. :)
WHY does this remind me of PSP homebrews...?
Because its very similar, only Sony were never stupid/evil enough to intentionally brick peoples PSPs
Because its very similar, only Sony were never stupid/evil enough to intentionally brick peoples PSPs as a scare tactic
Umm, Xavier Gill, Sony did show some malice - PSP's sporting TA-082 motherboards (and rumour has it one or two of the others) will brick if one tries to install a geniune PSP FW after having downgraded it before. Sony messed with the later FW so that if some checksums didn't match-up it bricked.
Actually, Sony made a specific PSP motherboard TA-082 that would brick when you tried to downgrade to the 1.50 kernel.
Needless to add (one would hope) that there is no proof whatsoever that Apple intentionally bricked the iPhones with 1.1.1. and as a matter of fact, according to none other than Erica Sadun, one of the core members of the 1337 hackers, Apple probably tried hard to PREVENT hacked iPhones from bricking. So...
ENOUGH WITH THIS CONSPIRACY THEORY FOR CRYIN' OUT LOUD. At least, stick with innocent until proven guilty.
Not saying they bricked them intentionally. Just the idea of cat and mouse with a new patch that breaks apps and then a new hack that makes it ok again then another patch that breaks and so on... it reminds me of PSP homebrew (which is a "war" no one will ever win)
Oops, sorry Yan, I was replying to Xavier. Shoulda made that clearer.
that title was a little misleading ryan. you got my hopes up for apps on the ipod touch, I think you need to reword that
Does this seem eerily familiar to anyone? Sounds like the same kind of stuff going on with Sony and the PSP - hee hee
I really hope Apple doesn't play the bullshit game of trying to beat hackers with new firmware, maybe someone should show them how successful that is (PSP anyone?).
So, does this mean full iCal on the touch or should i hold off on buying a touch for a while longer? I just want a freaking iPDA.
LOL!
I suggest holding off for iPDA. I sure am!..or an unlocked proper iphone, or a better phone from a competitor (that doesn't have sharing issues).
Great job Dev team. Anybody taking bets as to when the new firmware (bug fixes inc. safari exploit) will appear?
You know Apple, you better take it while you can. One day no one is going to care.
Can someone explain this TIFF exploit? Is this TIFF the same as the image format and how does that have anything to do with unlocking an operating system?
Maybe it sounds a lot like PSP because like, ya know, it's the same exploit and the same person?
Hmmm...
Just as i said: "Its just a matter of time." hack the iphone!!!
Can we not just have a separate iPhone section already so that those of us who don't care don't have to wade through every minute piece of non-news that gets posted?
I mean, seriously, on what other phone would be it news-worthy that someone has found a way of using your own ringtones? It's a farce.
Relax. That's all I have to say.
I am relaxed.
I'm just sick and tired of being bombarded with so much iPhone-related spam.
Um... How do i put this... There is a way. A separate feed. Eat the feed.
I second the motion for a seperate iPhone feed - but not because I am sick of the iPhone stuff. To the contrary, I can't really get enough. But perhaps it would be a good idea to have an Apple feed, not just a dedicated iPhone one.
from now on anytime engadget posts a news entry about samsung lcd's instead of skipping past them as I usually do, I'm going to click on them, then click to comment about how much disdain I have for said article.
why do these idiots keep popping up? STOP BREEDING!
I'm not after a feed, I'm after the ability to read a what is, otherwise, an excellent tech-related blog without every second story being something related to the iPhone which, if it wasn't made by Apple, would never come anywhere near being news-worthy.
And, 'kenpo' feel free to think or do what you want but I fear that your comments and actions will prove that only one of us is the idiot - and it won't be me.
If you can't see the ridiculous bias in coverage this one item gets over everything else and how many of the articles that are posted about the iPhone are completely redundant then, frankly, you must be blind. You say you'll spam every article about Samsung displays - so that'll be product releases and reviews, as opposed to separate news stories for every app released, every step in trying to unlock and re-unlock the iPhone, stories *counting down* to a commercial piece of software being released to unlock the iPhone.
Whilst I don't expect everyone to agree with me (ie not iPhone owners and Apple fanboys), my point is valid.