Jailbreak iPhone, iPod Touch, iPad

MuscleNerd from the iPhone Dev-Team has posted some details on the upcoming untethered jailbreak from pod2g.

All info below is tentative and subject to last minute refinements

@pod2g’s 5.1.1 jailbreak+untether is working out great. All devices are covered except for AppleTV3,1, which currently has no path for jailbreaking.
- the initial 5.1.1 plan used a kernel exploit from @westbaer which unfortunately precluded use in iPod3,1 and iPhone2,1
- @planetbeing stepped up and provided a kernel exploit that covers both of those. Those two JBers are the bomb!

The 5.1.1 A5 JB is very similar to the A5 5.0.1 JB. @pimskeks has done a tremendous job supporting both 5.0.1 and 5.1.1 in absinthe

Similar to 5.0.1, there will also be a 5.1.1 CLI “cinject” binary and redsn0w version of the 5.1.1 JB+untether. Absinthe, cinject, and redsn0w will all provide the same JB in different fashions.
- timing is indeterminate. Plans are for this week, but a number of factors can influence that.

For those wishing to donate, we’ve set up a new 5.1.1 paypal URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=4U6DQGJ2NRVUN

Please don’t pirate AppStore apps (seriously, please do not).

Pod2g has recently announced in twitter that the untethered jailbreak of iOS 5.1.1 is just days away from release. This is great news for many iPhone, iPad and iPod users.

Thanks to awesome work of @planetbeing and @pimskeks, we’re near ready for a release. Now it’s a matter of days.

Here is the list of devices that are known to work for sure :

Read the rest of this entry »

Pod2g опубликовал список устройств, которые будут поддерживаться ожидаемым отвязанным джейлбрейком пршивки iOS 5.1.1:

Устройства, которые точно работают с отвязанным джейлбрейком:

• iPhone 4
• iPhone 4S
• iPad 1
• iPad 2 Wifi
• iPad 3 Wifi

Устройства, которые пока не поддерживаются:

Read the rest of this entry »

Sadly pod2g has discovered that his untether does not work on the iPod 3G or iPhone 3GS, according to a recent tweet by the hacker.

Sad news. Just tested the untether on an iPod 3G. The kernel vulnerability don’t happen on this one. I think iPhone 3Gs is out too.

the iOS version don’t really matter. It’s about the hardware.

This means these devices can only be tethered jailboken.

This will be disappointing news for many although it’s possible a kernel vulnerability could yet be found for these older devices. For those wondering, pod2g reminds us that the old bootrom 3GS will be untethered jailbroken for life.

Pod2g has announced via Twitter that he successfully made untethered jailbreak of the iPhone 4 on iOS 5.1. Previously, three parties had demonstrated the jailbreak of iOS 5.1: I0n1c, the iPhone Dev-Team, and Chpwn/Phoenixdev. Only I0n1c claimed untethered jailbreak, but made it clear that he will not be releasing his jailbreak to the public.

Thankfully pod2g has announced that he’s also succeeded in untethering the jailbreak.

Heya! My iPhone 4 running iOS 5.1 is now untethered

Obviously, this is an important step towards public release of the iOS 5.1 jailbreak. This past Monday pod2g revealed the discovery of 2 big vulnerabilities. 1 kernel land and 1 root land. It appears that progress is being made!

The GEVEY Ultra 5.1 for the GSM iPhone 4 has been recalled since it used Loktar Sun’s free method (aka SAM unlock) to unlock your device which has been disabled by Apple. Apple N Berry is offering a full refund to customers who purchased the device. You can read their official statement here.

Hackers and users all around the world are amazed, that Apple N Berry was selling free stuff for $50. Here is @sherif_hashim comment on twitter:

unacceptable mistake on @applenberry ’s side, selling FREE loktar_sun server bug for $50 , http://www.applenberry.com/blog/gevey-ultra-recall/ , real scam!!!

UPDATE: Gevey Ultra 5.1 does not work any more.

Gevey has released the Ultra 5.1 to unlock the GSM iPhone 4 on iOS 5.1. The new version supports the following modem versions: 01.59, 2.10, 3.10.1, 4.10.1, 4.11.08, and 4.12.01.

The new GEVEY Ultra unlocks your GSM iPhone 4 running iOS 5.1 and earlier and now supports modem firmware versions 1.59, 2.10, 3.10.1, 4.10.1, 4.11.08, and 4.12.01. Currently, a tethered Jailbreak is available for iOS 5.1 for iPhone 4, and you will also need to install the latest Furious Mod file for proper operation.

You can purchase the GEVEY Ultra 5.1 for $49.99 here.

The iPhone Dev-Team has updated RedSn0w with the ability to save iPhone unlock tickets (SAM unlock).

redsn0w 0.9.10b8 adds the ability to backup arbitrary directories or files from your device into a zip file on your Mac or PC. The new button is Extras->Even More->Backup and it requires your device to be jailbroken with the afc2 service enabled (most jailbreaks include that). By default it will backup your activation records from /var/root/Library/Lockdown, which is useful for everyone taking advantage of today’s SAM unlock using Loktar_Sun’s trick

You can download the new version of RedSn0w 0.9.10b8 here.

You can save unlock tickets through Extras -> Even More -> Backup.

A new unlock has been discovered that works for all iPhones and all 5.x firmware versions, all basebands are supported.

The method discovered by Loktar_Sun appears to exploit a logical bug in Apple’s server and can be performed on any jailbroken iOS device. His procedure involves using Sam Bingner’s SAM (Subscriber Artificial Module) package to perform a series of steps that unlocks your phone to use a specific SIM.

It has been confirmed working by iPhone Dev-Team member MuscleNerd who notes an update may be coming to SAM from @sbingner to make the procedure simpler.

We will post detailed step by step unlock instructions soon.

UPDATE: Tutorial is ready! You can find it here.

This week Gareth Wright reported that Facebook’s app for iOS has a security vulnerability through which malicious users can access login credentials saved in a .plist file of the app. With a copy of that .plist file malicious users could automatically log into the affected user’s Facebook account on another device. Reportedly, the vulnerability also exists on Android devices.

Wright describes several different ways in which your login credentials could be obtained by a malicious user, including hidden applications installed on shared PCs, customized apps, or modified speaker dock that could copy your plist.

According to Facebook, the issue only affects jailbroken or lost devices, as it requires physical access or installation of a custom app on the device. But Wright and The Next Web pointed out that simply plugging into any device would be sufficient for malicious users to gather these files.

The Next Web has confirmed that Dropbox for iOS is also vulnerable to this issue. Given that two such high-profile apps as Facebook and Dropbox are vulnerable to credential theft, it is likely that other apps are also affected by the issue.

As many reports note, this method of gathering login credentials is not actively utilized in a malicious manner, and users can protect their data for the time being by not plugging their devices into shared computers and charging stations.