Apple patches Limera1n Bootrom Exploit in Newer iDevices to prevent Jailbreaking

Posted by unlocker under Jailbreak on Thursday Jan 13, 2011

Some users claimed that they cannot jailbreak the Apple devices that they bought recently with Redsn0w. There have been a lot of speculations and one is that Apple might have patched the limera1n exploit that has been used in Redsn0w to jailbreak the iOS 4.2.1 in newer iPhones, iPads and iPod Touches.

Limera1n was first introduced way back in October by Geohot as a jailbreaking tool for iOS 4.1 using a bootrom exploit. Since it was bootrom exploit or in the hardware level, it means that Apple could not stop the exploit from being used in existing iDevices and to prevent users from jailbreaking their gadgets. However, Apple can now prevent their newer iDevices from jailbroken by patching the bootrom exploit.

One user told in a forum that he believed that Apple already patched the exploit to newer iDevices. He said, “I made a trip to the Apple Store today to get an iPad for my old lady (Christmas present). She told me she’d love it jailbroken, so I sat down in front of my computer to redsn0w this 4.2.1 iPad. One problem–redsn0w 0.9.6b6 could not upload a pwned iBSS (hanged at the white screen on OS X, upload timed out and rebooted into jailed state with Windows). Furthermore, the device constantly stalls when attempting to dump its bootrom. This leads me to believe the injection vector used via USB has been patched in DFU mode. Case in point: Any iOS device with a serial number xx050 (this week) or higher might be unable to be jailbroken via the limera1n exploit. Slightly older devices may be invulnerable as well.”

You can find out if you can still jailbreak your iPhone, iPad or iPod Touch with limera1n by looking at the serial number to find out which week your iDevice was manufactured. The serial number can be found on the iTunes summary page or Settings App –> General –> About –> Serial Number. The first two digits of the serial number gives you the factory ID of where it was manufactured and the next three digits (Digits 3-4-5) tells you when it was manufactured.

Based on speculations, new iPhone, iPod Touch and iPad manufactured from the 50th week of 2010 may have the updated bootrom. This is not the first time that Apple did this to stay ahead in the cat and mouse chase with the jailbreaking community. October last year, Apple started shipping iPhone 3GS with newer bootrom to prevent jailbreaking.

ADD COMMENTS | Tags : , , , , ,

Activate iPhone without Official Carrier Sim; Fix Poor Battery Life Issue after Unlocking

Posted by unlocker under Jailbreak, iPhone Hacks on Friday Dec 17, 2010

Poor battery life was observed by iPhone users after they unlock their handsets using the combination of PwnageTool or Redsn0w to update baseband to 06.15.00 and Ultrasn0w 1.2 for iOS 4.2.1.

Be worry free since the developer of the application already figured out to fix the issue of poor battery life of unlocked iPhones. The developer recently released a jailbreak app called SAM (Subscriber Artificial Module). Even if you unlocked your iPhone with Ultrasn0w, it tricks your iPhone and iTunes into legitimate activation tickets.

Thanks to this wonderful application and you will get the full-blown benefits of the push applications and also addresses the poor battery life issue that you may encounter after unlocking your iPhone. The iPhone Dev Team said that developer @sbinger hit two birds with one stone.

You can follow these simple steps to install your jailbroken iPhone with SAM.

  • Add http://repo.bingner.com as a repo in Cydia
  • Install “SAM” and “SAMPrefs”
  • Follow the steps in Troubleshooting/Hacktivated with redsn0w or PwnageTool
  • Go to Settings > SAM and touch “De-Activate iPhone”
  • Activate with iTunes
  • If iTunes says invalid SIM, you will need to manually select the appropriate carrier under one of the methods besides “Automatic” and click on a SIMID.

If you already hactivated your iPhone with PwnageTool or Redsn0w, then you can follow these easy steps to revert the handset into stock lockdownd.

  • Option #1: redsn0w for iPhone 3G or 3GS on firmware 4.0 or later

1. Download redsn0w 0.9.6b6 or later from http://blog.iphone-dev.org.

2. Run redsn0w and select the “Deactivate” option.

  • Option #2: my custom stockify program - works on any phone 3.0+

1. With SAM and SAMPrefs installed; install openssh and secure shell into your phone. Run “stockify” and it will revert your lockdownd to a stock lockdownd.

2. Reboot your phone.

ADD COMMENTS | Tags : , , , , , ,