Apple is currently hiring and is in search of an iPhone OS platform security manager. What does the particular job consist of? Here is the low down:
The team is responsible for secure booting and installation of the OS, partitioning and hardening of security domains within the OS, cryptographic services, and risk analysis of security threats. The team is made up of a variety of security experts with backgrounds in system security and reverse engineering.
The more secure Apple makes the OS the harder it will become to find and use a particular exploit — for good, like our beloved jailbreak, or for evil, like we’ve seen with computer viruses, malware, etc.
Now don’t get us wrong, we are pretty sure that one person will not do away with our beloved jailbreak but this does raise some questions. Is Apple really concerned popular mobile devices will get attacked the way PCs do today? Or are they just done putting the practice of preventing jailbreaking (and the unlocking and app piracy that sometimes goes with it) on the back burner?
What do you think this may mean for the future of the jailbreak if anything? Sound off in the comments below!
We’ve warned you previously about some of the security vulnerabilities that come with jailbreaking your iPhone. Turns out a Dutch hacker has gone and made a point to a countless number of jailbroken devices by using a port scanning technique along with some networking smarts. Then after he gained access to the jailbroken iPhones the rest was easy. All of the devices that were hacked had unchanged root passwords along with SSH enabled. You’d know if you were hacked if the following message popped up on your screen:
If you don’t pay, it’s fine by me, but remember, the way I got access to your iPhone can be used by thousands of others-they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It’s just my advice to secure your phone.
Like promised, no harm was done or will be done. It turns out the hacker just wanted to teach people a simple lesson – change your root passwords and disable SSH. He’s even been nice enough to post directions on how to make sure your jailbroken iPhone is not at risk.
iPhone hacker extraordinaire, Geohot, blaming successful initial testing, has moved up the release for blacksn0w, his new iPhone 05.11.07 unlock tool, to… today! More specifically, noon today (Eastern time). And it looks slick:
If you are a loyal blackra1n user who kept the blackra1n.app on your iPhone, run it. You will see Icy replaced by an option “ra1n”. Install this to upgrade your app. After upgrading, run blackra1n.app again. You will see “sn0w”. Install this, and enjoy your unlocked iPhone.
He has notes up for new jailbreakers, pwnagetool users, and iPhone 2G owners as well (who don’t need blacksn0w but rather BootNeuter, as always).
(If you’re a Twitter user, show him love by helping #blacksn0w trend.) Lastly, a warning:
Also, a note. This may be the best iPhone users ever have it. Be sure, if you have a 3GS or iPod Touch 3, to use Cydia’s “On File” or Firmware Umbrella in order to be able to restore to 3.1.2 in the future. And as always, the baseband cannot be downgraded, so be super careful with updates if you need the unlock.
iPhone hacker, geohot, has released blackra1n RC2 for your enjoyment. It corrects a few small bugs from the first release and can be downloaded here.
Fixed 3G issues
Tethered jailbreak for 3.1 OOTB ipt 8GB and new 3GSes
Fixed icy issues
Both Windows and Mac
If you used RC1 with success, no need to rerun
So nothing earth shattering but it is worth a mention and on the unlock side, geohot is not working on that but the Dev Teams MuscleNerd is. So rest be assured an unlock is being worked on, we just have to be patient.
It seems like just the other day TiPb linked to a concept rendering of what Apple’s Mac Exposé might look like for the iPhone, and now Steve Troughton-Smith, creator of Stacks for iPhone, has gone and brought it to Jailbreak.
It’s not publicly available yet, not via Cydia much less via Apple. But do we want?
Did Apple close the 24kpwn exploit in the latest shipments of the iPhone 3GS due to app piracy? MobileCrunch thinks it’s certainly a factor:
While jailbreaking allows for countless wonderful (but otherwise disallowed) apps to run on the iPhone, it also allows cracked versions of paid applications to be installed. As a result, piracy is mind-blowingly, soul-crushingly rampant on the iPhone. Many iPhone developers – such as those behind the popular IM client, Beejive – are reporting that 80 percent of their users are pirates. Yep. For every 10 users on Beejive, 8 of them didn’t pay for it. I’m no saint myself, and all of us here fully understand that a download does not equal a lost sale – but when 80% of the people using your app (and in Beejive’s case, your servers) aren’t paying to keep the lights on, it’s likely seen as a big issue.
As Jeremy posted yesterday, Apple has begun shipping iPhone 3GS with new boot ROMs patched against the longstanding 24kpwn exploit commonly used to Jailbreak the devices. We also saw some reports on the state of app piracy from Pinch Media.
What do you think? Would Apple turn a blinder eye towards Jailbreaking if app piracy wasn’t a factor? Or is Apple duty bound to patch known security exploits no matter what?
UPDATED: According to @geohot on Twitter, blackra1n for Mac is now live.
ORIGINAL: When George Hotz released his all iPhone/iPod 3.1.2 jailbreak application for Windows, blackra1n, he was unsure whether or not he would write a Mac OS X version. According to a recent post on Twitter it seems as if he’s had a change of heart.
blackra1n for mac coming soon…actually reuses code…NSRunAlertPanel causing crashes…and can anyone blackify the purplera1n mac icon?
It would be nice if this upcoming Mac version includes an exploit for the new bootrom but the probability of that happening is highly unlikely. For the latest news and tips for jailbreaking/unlocking your iPhone, visit our iPhone Jailbreak/Unlock forums.
iClarified is reporting some very unsettling news for those of you looking to pick up a new iPhone 3GS as they say Apple is now shipping iPhone 3GS devices with a new bootrom blocking the 24kpwn exploit. Devices with the iBoot-359.3.2 bootrom began shipping last week and are now being sold in Apple and AT&T stores. This means if you are unfortunate enough to land one of these new devices you will not be able to jailbreak until the Dev Team or George Hotz can come up with a solution.
For those of you who can’t wait to jailbreak your new iPhone 3GS, we suggest you listen to iClarified and try to pick up a refurbished unit or try to locate some older stock. The race is now on, who will be the first to find a new exploit to take advantage of – George Hotz or the Dev Team?
The cat and mouse game has just got a bit more interesting…
The Dev Team has just released PwnageTool 3.1.4 for Mac OS X. This release supports the 3.1.2 iPhone software for the following devices: iPhone 2G/3G/3GS and iPod Touch 1G/2G.
The iPhone 3GS is now supported out of the box in PwnageTool 3.1.4 (or if you have upgraded to 3.1.x in iTunes)
The iPod 2G is still supported in PwnageTool 3.1.4 but you must already be jailbroken (we’ll update this if there’s a big demand from non-jailbroken ipt2G owners)
The iPod touch 3G is NOT supported
If you’ve Unlocked your iPhone under 3.0, and want to maintain your unlock, it’s vital to remember:
This release allows your baseband to remain unlocked at 3.1.2, but it does not unlock a new baseband put there by restoring to official 3.1.x. It is super important that people who need the unlock to understand they can keep it only by starting at 3.0 (or earlier) and updating solely to custom IPSWs that don’t update the baseband.
If you used some other method, including blackra1n that involved upgrading to Apple’s 3.1.2, your baseband has also been updated and there’s no unlock until (if?) someone figures it out, and the Dev Team has no time table for that.
For the full details please visit the Dev Teams blog and read carefully as TiPb is not responsible for your jailbreak outcome, good or bad.
