iPhone 1.1.1 Hacked
The main bad news is that it relies on an easily closed exploit in Safari, so the next update will close it. At least though there is hope to get to the 1.1.1 feature set. I must say that it looks like Apple is going to win this arms race to close their system. Too bad… I thought this chronology was fascinating though…
# Apple releases iPhone, which was obviously cracked six ways from Sunday.
# Through firmwares 1.0.1 and 1.0.2 Apple does not block these hacks in any way.
# Firmware v1.1.1 is released for iPhone and iPod touch, which completely locks out file system access (and thus 3rd party software).
# Awkward silence from Apple fans and the dev community as everyone ponders how to crack the new file system protections.
# Hackers dinopio, edgan discover the symlink hack, which takes v1.0.2 iPhones up to v1.1.1 with read / write file system access. In other words, the hack only works on v1.0.2 iPhones (not the iPod touch) when being upgraded to v1.1.1, and still doesn’t grant the ability to execute loaded programs.
# The next version of dinopio & co.’s symlink hack (which hasn’t yet been released to the public) grants the coveted execute privilege (so you can run those 3rd party apps), and enables another hack (by pumpkin) to make the new SpringBoard (the application launcher) recognize the freshly recompiled iPhone apps.
# Hacker Niacin (aka toc2rta) and Dre claim they’ve managed to combine the symlink hack with a TIFF vulnerability found in the v1.1.1 firmware’s mobile Safari, which grants access to the file system. This is the hack we’re testing here.
Note: Due to the nature of this hack, it’s to be considered ephemeral. Apple needs only to patch the TIFF vulnerability and file system access on v1.1.1 is out, with the touch and iPhone back to their previously not-too-hackable state.
Powered by ScribeFire.