June 22, 2010 :: Posted by - SoSly :: Category - News

A lot of users have been asking for custom 4.0 firmwares for their i-devices. All of the custom firmwares below are basic firmwares with no custom logos, default partitions, and the default cydia package installed. The custom firmwares were made using the iPhone Dev Teams Updated Pwnagetool 4.0.1 which fixes iBooks problem.

iPhone 3GS Old Bootrom 4.0, Unactivated (Need legit att sim card), Default Logos, No Baseband Update

http://www.multiupload.com/DPMX950U2Y

iPhone 3GS Old Bootrom 4.0, Hacktivated (No legit sim card needed), Default logos, No Baseband Update

http://www.multiupload.com/JKEU2PISEQ

FAQ:

• You can only use these firmwares on an iPhone 3GS old bootrom. If you have an iphone 3gs that has a serial number XX938XXXXXX or higher it’s a new bootrom, if its XX937XXXXXX or less you can use one of the firmwares above.
• It is recommended that you be on firmware 3.1.2 and jailbroken with blackra1n or redns0w. That way you can just put your iphone in recovery mode and restore like normal.
• If you’ve never jailbroken your iphone 3gs but have a compatible one, put your iphone in dfu mode (How To HERE) and then restore using one of the firmwares from above.

June 22, 2010 :: Posted by - SoSly :: Category - News

June 21, 2010 :: Posted by - SoSly :: Category - News

Geohot gave a talk at Nuit du Hack explaining the history of iPhone hacking and revealed that there is an unreleased exploit in the bootrom of every iPhone, iPod, and iPad.

“There is also, I hinted to this a couple times, an unreleased exploit in every iPhone, iPad, and iPod touch in the bootrom to get code execution. And you know if I ever do another jailbreak, that’s the exploit I have. If you’ve seen I posted like a picture of 4.0 jailbroken. I posted my iPad jailbroken. All before Spirit was released. And I used like a completely different set of exploits which maybe when iPhone 4 comes out will be out.” Read more…

March 29, 2010 :: Posted by - SoSly :: Category - News

Geo Hot’s Response :  “Welcome to proper challenge response, guess someone at Apple finally read a book on security. At least it’s not in the bootroms yet.”

The firmwareumbrella published in his blog that he found a new key named APTicket that might be a means for Apple to stop us jailbreakers from restoring to versions of firmwares that are not signed anymore.

This would mean Apple would get complete control over what you restore and when you restore it. While jailbroken devices are able to accept custom firmwares, the new bootroom 3gs and the ipt3g and MC can’t Read more…

February 07, 2010 :: Posted by - SoSly :: Category - News

The iPhone Dev-Team has released PwnageTool 3.1.5 for Mac OS X which lets some iPhones upgrade safely to the 3.1.3 firmware.

Using PwnageTool to upgrade will preserve your jailbreak and ultrasn0w unlock. If you are using the blacksn0w unlock at baseband 05.11.07 you will need to stay at 3.1.2.

—
iPhone 3GS users (regardless of unlock) should stay away from this and all 3.1.3 jailbreak tools unless you know you have your “SHSH hashes” backed up via Cydia. That’s because if you make a mistake you may find yourself stuck at official 3.1.3 with no way to jailbreak or come back down to 3.1.2 to jailbreak. Read more…

October 26, 2009 :: Posted by - SoSly :: Category - News

Geohot has released RC2 of his Blackra1n jailbreak for the iPhone and iPod touch. This version provides a tethering jailbreak for the new iPhone 3GS with the updated Bootrom.

What’s New:
- Fixed 3G issues
- Tethered jailbreak for 3.1 OOTB ipt 8GB and new 3GSes
- Fixed Icy issues
- Both Windows and Mac
- If you used RC1 with success, no need to rerun

Via iclarified.com

October 18, 2009 :: Posted by - SoSly :: Category - News

The bootrom for new 8GB iPod Touch shows that it’s still got 24K overflow…it *may* simply need some address tweaks

Update #1 10/17/2009

We can now confirm that the new 8GB iPod touch is not vulnerable to 24Kpwn. It took just 6 bytes for Apple to fix this:
load_module+16 43 68 LDR R3, [R0,#bdevImg.totalSize]
load_module+18 9A 42 CMP bufsize, R3
load_module+1A 13 D3 BCC FAIL find_named_image(illb): 000100d8 00024100 696c6c62 696d6733
dataSize totalSize illb img3 Given how small the fix is, it seems likely that it was also applied to that updated bootrom of very recent iPhone 3GS devices. We’ll be able to confirm this once we have an actual one of those in hand.

Update #2 10/17/2009

Confirmation that the new 8GB iPod touch is at least a tethered jailbreak. This device doesn’t require personalized img3 files in the way that the iPhone 3GS and iPod touch 3G do. For this reason, it will “always” be jailbreakable (no need to rush and get your ECID signed hashes like you do for the 3GS and ipt3G). But for the foreseeable future, it will be a tethered jailbreak only.

via xsellize.com

October 16, 2009 :: Posted by - Thomas :: Category - News

Apple has reportedly begun shipping iPhone 3GS units with a new bootrom, which might help combat hacks enabling installation of unauthorized software. However, iPhone hackers say Apple’s new firmware only causes a temporary inconvenience for jailbroken devices, and the handset is still hackable.

“It’s not going to be impossible to jailbreak even if the exploit we used is gone,” said Eric McDonald, a member of the iPhone Dev-Team, which publishes tools to jailbreak the iPhone, in a phone interview with Wired.com.

McDonald explained that Read more…

October 14, 2009 :: Posted by - SoSly :: Category - News

Apple is now shipping the iPhone 3GS with a new Bootrom that is not vulnerable to the 24kpwn exploit.

The iBoot-359.3.2 started to ship last week. A screenshot posted by Mathieulh shows the new version number.

MuscleNerd from the iPhone Dev-Team has confirmed that the loss of the 24kpwn exploit would mean a normal jailbreak would be impossible for the time being.

oh oh, from what @cpich3g + @Mathieulh have found so far, a normal untethered JB may be in jeopardy in brand new 3GS units

For the time being we would suggest locating old stock or refurbished units. Hopefully, the dev teams will be able to find another exploit for the new bootrom.

September 15, 2009 :: Posted by - SoSly :: Category - News