Apple Stepped Up Their Game to Combat Jailbreaking in iOS 5

When Apple announced iOS 5 a few weeks ago, there was some speculation that its hundreds of new features would deter a lot of folks from jailbreaking . In fact, iOS 5 was thought by some to be a jailbreak killer.

While it doesn’t look like the promise of new features has phased the jailbreak community, there are some things in iOS 5 that are troubling. The Dev Team recently posted a report on some things they are seeing in iOS 5 that are making them nervous…

The team of iDevice hackers posted “Blob Monster” on their blog to give the community a heads up on some things they have found in iOS 5 so far.

Remember how we’ve always told you to save your blobs before you upgrade? Apparently that old trick doesn’t work anymore.

“The LLB and iBoot stages of the boot sequence are being refined to depend on the authenticity of the APTicket, which is uniquely generated at each and every restore (in other words, it doesn’t merely depend on your ECID and firmware version… it changes every time you restore, based partly on a random number). This APTicket authentication will happen every boot, not just at restore time. Because only Apple has the crypto keys to properly sign the per-restore APTicket, replayed APTickets are useless.”

Did you catch all that? Essentially, saved blobs worked because restores could happen based on your device’s ECID number. Apple has changed this sequence so that restores now require a key that only they have.

The good news is that all of this crazy new stuff happens after GeoHot’s limera1n exploit occurs in the boot process, so tethered jailbreaks will still be possible for susceptible devices. Restoring to older firmwares will also still be possible, but you might end up needing older versions of iTunes to do it.

The group ends the note by saying:

“Although it’s always been just “a matter of time” before Apple started doing this, it’s still a significant move on Apple’s part… although there may still be ways to combat this, a beta period is really not the time or place to discuss them. We’re just letting you know what Apple has already done in their existing beta releases — they’ve stepped up their game!”

The bottom line is that jailbreaking iOS 5 is still possible. It’s just that restoring devices back to older versions of firmware might get a bit tricky. However, it does seem like Apple is getting a lot more aggressive with its fight against jailbreaking, and these next few months could get rather interesting.

What do you think?

- Posted from my iPhone4

No comments: