Devices with Apple A5x processors can now be jailbroken for life. This is the position that the popular hacker iH8sn0w have made us see in one of the tweets he posted.
In the words of iH8sn0w
"So looks like all my A5(X) devices are fully untethered and jailbroken for life now.
A5 AES Keys anyone? 4S 7.0.4 iBSS -iv 3a0fc879691a5a359973792bcd367277 -k 371e3aea9121d90b8106228bf2b5ee4c638a0b4837fefbd87a3c0aca646e5996
All A5(X) AES Keys will be posted on @icj_’s icj.me/ios/keys as soon as I clean this up a bit more "
Not many people understand what that means. Basically, What it means is that no matter what iOS version you are running on your A5x device, it will always be jailbreakable just like how iPhone 4 (A4 devices) can be jailbroken tethered on any iOS version.
Now the exploit found by iH8sn0w is a iBoot exploit (Not bootrom exploit) which is not in a complete state yet. However, when it does become complete those that have an iPhone 4S, iPad 2 & 3, iPad mini and iPod touch 5 will able to untether jailbreak their devices whenever a new iOS device is released.
While this is a kinda good news, its not so much knowing that these devices with the A5x processors will become obsolete soon enough perhaps with only iOS 8 to be supported on them.
Furthermore, because the exploit is an iBoot exploit, it can easily be patched by Apple in subsequent iOS firmware.
Jay Freeman (Saurik) puts it this way
For informational purposes (as many people reading might not appreciate the difference), to get the encryption keys you only need an "iBoot exploit", not a "bootrom exploit". It is easier to find iBoot exploits (being later in the boot sequence, it has a larger attack surface: it has to be able to parse filesystems, for example), and they do afford more power over the device than an untethered userland exploit (in addition to letting you derive firmware encryption keys, you can boot custom kernels, and you might be able to dump the bootrom itself), but they are software updatable as part of new firmware releases from Apple and may have "insane setup requirements" (like, you might pretty much need an already-jailbroken device to actually setup the exploit). You thereby wouldn’t see an iBoot exploit used for a jailbreak (unless everyone is out of ideas for a very long time): instead, you’d see it hoarded away as a "secret weapon" used by jailbreakers to derive these encryption keys, making it easier to find and implement exploits on newer firmware updates for the same device (especially kernel exploits, where even if you have an arbitrary write vulnerability you are "flying blind" and thinking "ok, now where should I write? I can’t see anything… :’(").
Actually, its a little too soon to say how this exploit will develop into something really big if it will ever be, but we shall keep close eyes on this to see how things finally turn out in the future for the jailbreak community.
Until then, stay close to this blog and like our Facebook page and follow us Twitter for more smartphone news.
0 comments:
Post a Comment