[Edward Kirk]

As some of you may recall, the Dev Team released a few videos of a mysterious unreleased hack they had been working on that jailbroke an iPhone via iTunes itself. The hack used iTunes to restore the iPhone to an already jailbroken and activated version of the latest firmware, version 1.1.4. Now they have shed some light on the hack, what it does, and when you can expect it.

They call it the "Pwnage" project. They explain that "Pwnage is based on an exploit found in the lower levels of the iPhone/iTouch bootloader. We can now “pwn” Apple by patching the device to allow unsigned code. This opens the door to unlimited possibilities."

The hack would enable users to install customized .ipsw files directly through iTunes. Essentially what this means is that there would no longer be the need to continuously jailbreak the device every time Apple released a new version of the firmware. Instead, users would be able to "pwn" the device just once and then be able to select a jailbroken and activated version of the firmware and install it.

The concept is based on a low-level security flaw in the firmware, which you can read about in detail on their web page here.

They plan to eventually release two tools:

• iPwner - tool to make your iPhone/iTouch “pwned”. You will have to use this tool just once


• IPSW Builder - by using this tool you will be able to modify the .ipsw filesystem, i.e. pre-jailbreak, pre-unlock, pre-activate, and create a complete custom .ipsw installation. In case you are already unlocked you can even tell it to disable the baseband update, just in case. Restore or Update from iTunes with custom .ipsw file and Voila! no more hassles after that.

[iphwn.org via Digg]

[Pyromatrix2k2]

I must admit, this is a HUGE step for the DevTeam and the entire iPhone modifying community itself, but there's one or two things that bother me about this.

If they're going to say that you'll need to do the Pwning process only once, what's to keep Apple from updating the "small security flaw" for FW1.1.5 and higher? Speaking of which, WHY would you post the security flaw in the first place?! Wouldn't Apple look at it and say "whoops, my bad" and turn around and patch it? I know they can't do that without a FW update, but still, don't advertise "this is what's wrong with it and its how we're going to exploit it!" Keep it a secret, for the love of god. I don't know if I'm reading into it too deeply, or if it is even something they can easily patch, but hell, its Apple. They made the damn thing, after all.

Definatly a major kudos for the DevTeam regardless!

[Bernie]

You can brag about how well it works without telling well, how it works!

[ghp2006]

iPwner - tool to make your iPhone/iTouch “pwned”. You will have to use this tool just once
IPSW Builder - by using this tool you will be able to modify the .ipsw filesystem,

Therefore, you (or those in the know) would null out the effects in any subsequent version prior to updating. Seems logical enough to me

Quote:

Originally Posted by Pyromatrix2k2

I must admit, this is a HUGE step for the DevTeam and the entire iPhone modifying community itself, but there's one or two things that bother me about this.

If they're going to say that you'll need to do the Pwning process only once, what's to keep Apple from updating the "small security flaw" for FW1.1.5 and higher? Speaking of which, WHY would you post the security flaw in the first place?! Wouldn't Apple look at it and say "whoops, my bad" and turn around and patch it? I know they can't do that without a FW update, but still, don't advertise "this is what's wrong with it and its how we're going to exploit it!" Keep it a secret, for the love of god. I don't know if I'm reading into it too deeply, or if it is even something they can easily patch, but hell, its Apple. They made the damn thing, after all.

Definatly a major kudos for the DevTeam regardless!