GeoHot
Latest
Hacker GeoHot claims release of PS3 root key
Last week, hacking group fail0verflow claimed to have found a method for discovering a PlayStation 3's "private key," each system's unique code restricting access to unsigned code. GeoHot (who found another PS3 exploit a year ago) says he has released the PS3's METLDR root key to the public, which allows access to the PS3's loaders, and reportedly could be used to allow any unsigned code to be run on the system. In addition, fail0verflow has started releasing development tools for the PS3. In a brief note on his site, GeoHot congratulated the fail0verflow team and noted that "I do not condone piracy," and then suggested that the three current console manufacturers contact him if they want secure systems. "It'd be fun to be on the other side."
iOS 4.2.1 Jailbreak hits with updated redsn0w
The Dev-Team Blog was just updated with a new redsn0w version 0.9.6b4 jailbreak (based on Geohot's Limera1n bootrom exploit) for iOS 4.2.1. Unfortunately, iOS device owners won't find jailbreaking as easy as navigating to a website. And the 4.2.1 jailbreak is currently "tethered" so owners of the iPhone 4, iPad, and newer iPhone 3GS and iPod touch models will have to reattach to a PC or Mac to boot into a jailbroken state each time your device loses power or needs a reboot. Those of you who rely on the ultrasn0w unlock should hold off for now -- good advice for anyone not comfortable with terms like "SHSH blobs" or "Cydia." Everyone else can hit up the link below with a detailed how-to provided by Redmond Pie.
Limera1n and Greenpois0n iOS 4.1 jailbreaks now available for Mac, Linux
We thought it was a wee bit ridiculous that Geohot's original iOS 4.1 jailbreak only worked on Windows, but that's a thing of the past now -- limera1n now supports Mac as well, and the Chronic Dev Team's greenpois0n variant can purportedly free your device from the Apple shackles of any of OS X, Linux or Windows. Mind you, there's still no working carrier unlock for iOS 4.1, so be sure to back up your baseband and don't expect to be making calls on T-Mobile USA -- and remember kids, there are always risks to playing chicken with the Apple firmware train. [Thanks to everyone who sent this in]
Limera1n jailbreaks the iPhone and iPod touch running iOS 4.1, angers dev community and neuters one of our phones (video)
Looking for a jailbreak for your iPod touch or iPhone running iOS 4.1? Your chariot is named limera1n -- assuming you're willing to risk your device on a software developer showdown. The infamous Geohot just upstaged the iPhone Dev Team and Chronic Dev Team by releasing a reportedly buggy beta exploit of his own, which you can find at our download link immediately below. It only works on Windows at the moment, hacks only official releases and iPhone 3GS isn't supported right now, and it claims to be an unpatchable, untethered release for those of you who appreciate what those terms mean. As you can imagine, rival developers aren't terribly happy that Geohot's back in the limelight. MuscleNerd (of the iPhone Dev Team) claims that limera1n will re-lock iPhones that were unlocked by his team's ultrasn0w software, and recommends you skip limera1n, but the main reason the iOS hacking community is angry at Geohot is because if more than one exploit is released simultaneously, Apple can fix them both in one fell swoop. By releasing first, Geohot has allegedly forced other teams to decide between the good of iPhone users over the short term (by releasing a different, more stable exploit) or over the long term (by saving their exploit for future use) and so far it looks like both teams have chosen to prolong the fight -- the iPhone Dev Team is asking folks to withhold its Shatter exploit, and Chronic Dev Team says it will modify its greenpois0n jailbreak to use Geohot's hack instead. What a weird, wild world we live in. Update: How might this work on an iPad, given that beta versions of iOS (like 4.2) aren't currently supported? Good question. We've struck all references to iPad accordingly, until the powers that be figure it out. Update 2: Video after the break! Also, we're hearing that some folks have jailbroken their iPads successfully with limera1n, and we personally got it working quickly on a pair of iPhones with iOS 4.1... but one of the two was missing icons upon restart and didn't regain App Store, Maps, Game Center and Calendar even after a restore. Be careful, now! Sam Sheffer contributed to this report. [Thanks to everyone who sent this in]
Geohot teases iPhone 4 jailbreak, no plans for release
Is this the honest-to-goodness iPhone 4 jailbreak we've been waiting for, or just another userland JB? It's hard to say from here... but either way, don't expect Geohot to release it into the wild. In a mildly jaded blog post, the original iPhone hacker makes it clear that whatever he did here was for his own amusement, and judging by the title of that entry ("Meh") the whole breaking-and-entering bit isn't giving him quite the same chuckles it used to. That's a shame, but we hear the iPhone Dev Team is making progress apace, so let's leave Geohot to tackle one of his other promised hacks, mmmkay? [Thanks to everyone who sent this in]
iPad jailbreak: thanks Geohot, Comex (update: video!)
See that iPad above, notice anything peculiar? Yeah, blackra1n jailbreak as predicted with the Cydia app installed. No details or downloadables yet but it won't be long. All courtesy of Geohot, natch. Update: Though geohot broke the news, looks like @comex was a major contributor. Video of iPad as N64 console and more pics after the break. [Thanks to everyone who sent this in]
PS3 hacker claims custom firmware revives 'Other OS' in 3.21, provides video proof
What the PS3 homebrew community hoped was an April Fool's joke by Sony turned out not to be, as the latest system update for the console (3.21) axed the ability to install another operating system, i.e. Linux, on it. The feature has been absent from the PS3 "Slim" since its release, but owners of the original form factor probably never expected to lose the functionality. Enter Geohot, the person who in January claimed to have "hacked the PS3." He now claims to have created a custom firmware update that not only reintroduces the Other OS feature to original PS3 units, but potentially the Slim systems as well. Geohot writes on his blog that "this can be installed without having to open up your PS3, just by restoring a custom generated PUP file, but only from 3.15 or previous. It's possible this CFW will also work on the slim to actually *enable* OtherOS." He also takes Sony to task for removing the feature in the first place, saying it is "potentially turning 100000+ legit users into 'hackers.'" The YouTube video we've embedded after the break purports to show Geohot's PS3 booting Linux thanks to his custom v3.21 firmware. He hasn't put a firm date on the release of the hack, but simply divulging its existence was probably more than enough to get Sony's lawyers drawing up the paperwork for a cease and desist. [Via Engadget]
Geohot brings back other OS support with PS3 3.21OO custom firmware
Well, Geohot promised a workaround for Sony's removal of the "install other OS" feature in PS3 firmware 3.21 and now Geohot has delivered. While it's not available to the public just yet, Geohot's 3.21OO custom firmware will apparently be simple to install and, as you can see in the video after the break, it works just as you'd expect and simply restores the "other OS" option to its previous place. Geohot even says that the custom firmware might actually enable the other OS feature on the PS3 Slim, but he hasn't yet had a chance to try it out. [Thanks, Milo]
Geohot advises against updating PS3, will find 'safe way' around losing OS support
In case you hadn't heard, there's a PlayStation 3 firmware update coming this Thursday that'd knock out the "install other OS" option and remove any currently-installed non-PS3 platform. Our guess is it's not going to affect the majority of owners, but the diehard users are certainly up in arms, and no one really likes losing a feature, even if it's rarely used. Leave it to Geohot, then, to right the wrong. Arguably the reason for Sony's reversal (see: PS3 exploit), the famed hacker has published not only a letter of sorrow at the company (unsurprising), but also a call for users not to update. Instead, he claims he will "look into a safe way of updating to retain OtherOS support" and issued a tech-savvy threat about "touching the CFW," much to the company's chagrin (trust us, you don't even want to know what he's talking about here -- far too scary). We wouldn't normally say a war's brewing, but ol' George Hotz has proven himself more than capable at starting something fierce. [Thanks to everyone who sent this in!]
Geohot teases untethered jailbreak that 'will probably work on iPad' (video)
Is it April 1st already or does Geohot actually have something real to show? There's no way to be certain that what the self-promoting master of iPhone (and PS3) hacking is demoing is what he says: "The jailbreak is all software based, and is as simple to use as blackra1n. It is completely untethered, works on all current tethered models(ipt2, 3gs, ipt3), and will probably work on iPad too." Given his track record, we'll play along for now. The only thing we can say for sure is that the chosen music accompanying his iPod touch theatrics makes us want to break something, jailtime or not. See it go down after the break. [Thanks to everyone who sent this in]
PlayStation 3 hacked; GeoHot releases 'coveted PS3 exploit' - ramifications 'unclear' says DigitalFoundry
Update: Reader Kevin K shared this link from Eurogamer's resident egghead, Richard Leadbetter of DigitalFoundry, who notes that "it remains unclear what the ramifications of the hack actually are" and that "right now there has been no "hello world" homebrew code executed that typically demonstrates that the hacker actually has full control over the system." Read the entire piece for a fascinating look into the challenge of hacking the PS3 and the safeguards put in place on Sony's black box. You may also want to read this BBC interview with Mr. Hotz, in which he says, "I can now do whatever I want with the system. It's like I've got an awesome new power - I'm just not sure how to wield it." He also tells the BBC that he "would publish details of the console's 'root key'"; however, DigitalFoundry writes, "Once the root key is available, it's essentially game over for the system's security for all-time, but it's here that some of the claims being made for the hack don't really add up. PSP has been compromised on many levels again and again, but its root key apparently remains unknown." Original post: It has begun. With iPhone hacker George Hotz (the kids call him GeoHot) releasing his PlayStation 3 exploit to the world today, he's kicked off what's sure to be a non-stop game of cat-and-mouse between the global hacking community and the Japanese consumer electronics giant. "This is the coveted PS3 exploit," Hotz writes on his blog, linking to the exploit while noting that it "gives full memory access and therefore ring 0 access from OtherOS." Okay, we really only understood that first part but we're sure "full memory access" is synonymous with "bad news" for Sony's engineers. When first revealing his progress last Friday, Hotz wrote, "I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3." Of course, we've seen this very same game played out on the PSP front with a constant stream of firmware updates designed to patch up the portable's porous security and, yes, even add some new features now and again. With the PS3 already the victim of an onerous amount of updates, we worry the hack may result in a glut of mandatory security patches. But who knows what wonders (no, we don't count the inevitable piracy amongst those wonders) this hack holds for PS3 owners – since the hack "is known to work with version 2.4.2 only" we suspect most people reading this won't even be able to tinker. Caveat emptor! [Via Engadget]
PlayStation 3 exploit released, hackers rejoice
In case you ever doubted his feat, or you simply wanted to recreate for sport, iPhone hacker extraordinaire George "Geohot" Hotz has released the exploit code he devised for properly hacking the PS3. This should give any aspiring minglers full memory access, and while he's only tested it with firmware version 2.4.2, he "imagine[s] it works on all current versions." A guide might follow sometime in the future, he says, but if you're really antsy to get your coding kicks, we wouldn't wait up. Update: EuroGamer's got a pretty thorough piece on what Geohot is claiming to have accomplished and what it means to the community -- and as Joystiq points out, until we see some "Hello World" proof of concept program, we don't quite know the extent of his claims. The guy's got a helluva track record, at least with iPhone, so we presume that's next on his and the community's list of to-do's. [Thanks to everyone who sent this in]
Blacksn0w unlocks iPhone OS 3.1.2 and baseband 05.11.07
For the last several months, anyone who had updated to iPhone OS 3.1 or greater without following a pre-update procedure lost the unlock on their iPhones due to new software in the modem firmware or the baseband. Using the at+xemn crash as an injection point, iPhone hacker Geohot (of the original hardware unlock) was able to unlock the latest firmware on any iPhone. What does this mean? The iPhone can be unlocked for any GSM carrier, allowing you to use it on more than your country's authorized carrier or other carriers as you're traveling abroad. Geohot suggests that you update to a fresh copy of iPhone OS 3.1.2 directly from Apple before performing his unlock. He has all the instructions available on his site.
Blackra1n jailbreak now available for iPhone OS 3.1.2, iPod touch 3G
Wow, judging by our tips jar we'd say you're all pretty darn excited about Geohot's Blackra1n jailbreak, which lets you open up iPhone OS 3.1.2 devices including the iPod touch 3G and new iPhone 3GSs -- but you can't unlock yet, so don't get any big ideas about switching carriers. Windows-only at the moment, but with this level of enthusiasm out there we can't imagine a Mac version is far behind.[Thanks to everyone who sent this in]
iPhone 3GS jailbreak released by GeoHot ahead of Dev Team
Be warned, this is beta stuff and we haven't been able to test it ourselves. However, a number of breathless tipsters and commenters are reporting a successful jailbreak and unlock of their iPhone 3GS. The magic begins with a 3GS jailbreak released by GeoHot. See, George is fed up with the Dev-Team's insistence on waiting until Apple releases iPhone OS version 3.1. As he puts it:Normally I don't make tools for the general public, and rather wait for the dev team to do it. But guys, whats up with waiting until 3.1? That isn't how the game is played. We release, Apple fixes, we find new holes. It isn't worth waiting because you might have the "last" hole in the iPhone. What last hole...this isn't golf. I'll find a new one next week. Meeeeow. After performing the jailbreak, ultrasn0w should then take care of the unlock although we haven't seen official comment on this by GeoHot or the Dev-Team yet. Good luck, backup, and kiss the children goodbye -- it could be a long weekend if you brick your new iPhone. Now hit the read link if you must.[Thanks to everyone who sent this in]
iPhone 3GS exploit confirmed, jailbreak and unlock coming 'soon'
And so it continues. Geohot has returned with some help from hacking buddies chronic, posixninja, and pod2g with news that the same "24kpwn" exploit used to cracked open the iPod touch 2G will work on the iPhone 3GS. That means a jailbreak and unlock can be launched just as soon as the existing tools are updated for the iPhone 3GS (which won't be long). As George Hotz laments, On a personal note, I'm sad. Apple, it took me a week to break through your new defenses. And to let us reuse an exploit like that; 24kpwn was so 5 months ago. Although I imagine it must have been painful watching the devices roll by on the assembly line, knowing they all had a hole in them and you couldn't fix it. Oh George.[Via Dev-Team Blog]
Software-only unlock for the current iPhone firmware announced
As many have you have emailed to tell us (thanks everyone), hacker teen wonder George Hotz a.k.a. GeoHot, of the hardware iPhone unlock heard 'round the world, has apparently made something unexpected: a software-only unlocking procedure for the iPhone's 1.1.2 and 1.1.3 firmware versions. With George's tools in hand (freely downloadable from his website), iPhone owners in non-supported countries should now be able to work their way up to the current release, wiggly icons and all. It's worth noting, as Endgadget has already mentioned, that you unlock your phone entirely at your own risk; never mind the fact that a future update may brick you (although we hope not!). If the procedure seems daunting -- it involves downgrading to the 1.02 firmware to start -- blogger Pinky's Brain is working on a walkthrough that should simplify things (link via Apple 2.0). The ModMyiPhone boards also indicate that a version of the unlock, runnable on a 1.1.1 jailbroken phone, is packaged and in the repository there. Is it worth diving into a new unlock tug-of-war with the official SDK (and, presumably, more exploits closed off with updates) in the near future? Guess that depends on how much you like having your iPhone working in the remote corners of the globe.
Out of the box 1.1.3 iPhones now software unlockable
Mr. GEOrge HOTz did it again. He just loosed a world of hurt on AT&T with a software unlock for 1.1.3 iPhones. That's right, the software is said to work on any fresh from the Apple store, shrink-wrapped iPhone sporting the latest 1.1.3 firmware and 4.6 bootloader, something the AnySIM unlock can't do. GeoHot's instructions (and dev / elite team smack talk) posted after the break. We haven't tested yet so, as always, take care.[Thanks to everyone who sent this in]
1.1.2 iPhones now unlocked... 3 days too late
Teenager George Hotz, aka GeoHot, the original iPhone unlocker is back. In a post to his personal blog he states that he has successfully unlocked a 1.1.2 firmware and bootloader 4.6 iPhone. Better yet, he posts the not-for-dummies version of the instructions to downgrade the bootloader to version 3.9 in preparation for running AnySim. We haven't tried this ourselves so remember, as GeoHot himself states, this hardware method "could brick your iPhone." You haven't upgraded to 1.1.3 already have you? If so, you're stuck with AT&T.Update: We're now hearing that a software unlock for 1.1.2 / 4.6 iPhones is right around the corner. So don't crack that case just yet kids.[Thanks, fantastico]
NJ teen trades his unlocked iPhone for three more and a sports car
While the rest of us patiently wait for either UniquePhones or iPhoneSIMfree to call high noon on AT&T's legal team and release their software unlocks, 17-year-old George Hotz is cashing in on all those hours of work it took him to work his hardware magic: Terry Daidone, the founder of phone reseller CertiCell, traded three locked 8GB iPhones and one Nissan 350Z to get his hot little hands on Geohot's unlocked unit. Geohot says he'll give the three phones to his first PayPal contributor and two of his hacking accomplices, and we're betting that car will come in handy when he heads off to college this week. Hey, we've got an unlocked iPhone sitting around here somewhere -- but we're not settling for anything less than an actual sentient KITT.
