Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Finally Unlock iPhone 3G

Posted by Soulskill on from the information-and-iphones-want-to-be-free dept.

nandemoari quotes a story at Infopackets: "2009 has gotten off to a great start for a team of iPhone enthusiasts with little regard for Apple's licensing requirements. They've finally figured out a way to get the phone to work with any cell phone carrier (and not just AT&T). The iPhone Dev Team is best known for their work on 'jailbreaking;' the technique of altering an iPhone so that you can run any applications on it, not just those approved by Apple. Given the company's questionable vetting policy for entry to the official App store, it's not surprising many users approve of jailbreaking."

17 of 186 comments (clear)

  1. Finally by slugtastic · · Score: 4, Interesting

    I can use Opera Mini on my iPhone.

    1. Re:Finally by schmidt349 · · Score: 5, Informative

      Um, you should probably watch the iPhone Dev Team's recent presentation at CCC if you want to sound like you have any idea what you're talking about. This wasn't some simple privilege escalation coming out of a buffer overflow in the web browser. Apple signs the shit out of every binary on the phone. The kernel won't execute a binary in userland unless it's signed; the firmware loader won't execute the kernel unless it's signed; the low-level bootloader won't execute the firmware loader unless it's signed.

      The iPhone 3G is a paragon of embedded device security, at least by way of making sure unapproved code doesn't run on the device, and it's a testament to just how amazing the iPhone Dev Team guys are that they actually found a way to (a) defeat the whole chain of trust in the iPhone firmware in order to jailbreak it. This by the way doesn't even take into account their real genius, the hack into the baseband firmware for the S-Gold radio device, which executes code in its own universe, completely separate from the S5L application processor.

      In short, this hack wasn't some bunch of script kiddies having a sleepover and cracking the copy protection on Arkanoid 2 for the C64. This was a brilliant circumvention of some of the tightest security ever found on a PDA or mobile phone. So please don't disrespect the people who made it possible.

    2. Re:Finally by xmpcray · · Score: 5, Interesting

      And to add to this, they explicitly say they don't want any donations.

      We've seen some comments about you lovely people wanting to donate money to us. We'd just like to say that we DO NOT accept donations. There is no paypal account associated to us, there is no way to donate to us, we do this as a hobby and don't want to be paid and we fund all of this ourselves and it works out just fine.

      Anyone who says "donate to DevTeam" in our name is lying, so don't send them anything, you'll just fund their crack habit.

      Keep your dough for the lovely shiny Apple products, we think you'll need it.

      If you do want to send us something, please send a scan of a postcard from your city, handwrite a nice message scan it and sent it over to blog@iphone-dev.com

      http://blog.iphone-dev.org/post/41744653/donations-to-dev-null

      --

      --
      I refuse to answer that question on the grounds that I don't know the answer.
    3. Re:Finally by DECS · · Score: 4, Informative

      Except for a multitouch screen. And Android doesn't support Bluetooth any better than Apple's nearly worthless level of support.

      What exactly do you even have in mind when you say "all the features"? Because the features of the iPhone that are novel are not supported in Android, and those that are nothing special. What sets the iPhone apart is mainly its user interface, its software store, its smart integration into iTunes/iPod stuff. Android offers none of those things. It give users a DIY-UI, a software "store" without security, merchandising, or sales, and no PC connectivity.

      Google's Android Platform Faces Five Tough Obstacles

  2. Yes! by XPeter · · Score: 5, Funny

    I can't wait to put Windows Mobile on my 3G!

    --
    "The difference between genius and stupidity is that genius has it's limits" - Albert Einstein
  3. Is it worth it? by rolfwind · · Score: 4, Interesting

    I've been thinking about one, but:

    a)How do you get around activation at purchase time?
    b)Does Apple break this later on, especially when I need it?

    I could buy a legally unlocked iPhone from Hong Kong, but it costs $700+. In the unlocked countries, Apple prices it through the roof, I suppose. Although there has been talk about a prepaid version here for some time...

  4. Re:I do not understand... by Mononoke · · Score: 5, Insightful

    Please, somebody tell me why anyone should buy an iPhone.

    Because it meets their requirements, and the manufacturer support and aftermarket accessory selection is second to none.

    --
    NetInfo connection failed for server 127.0.0.1/local
  5. Re:I do not understand... by Anonymous Coward · · Score: 4, Insightful

    ... why people NEED to have an iPhone. There are alternatives in the market.

    Few people NEED to have an iPhone. Many people WANT to have an iPhone. I won't buy an iPhone due to the operator locking-thingie/price, so I'd be happy to hear about the alternatives.

    Please, somebody tell me why anyone should buy an iPhone.

    It is a nice device. It reportedly works very well.

    What the nerd community most often fail to realize is that all features aren't equal. A well implemented and well integrated feature in a convenient interface is worth way more than the same feature implemented crappy, or accessed through a annoying interface.

  6. Rather than linking to some random blog... by oPless · · Score: 5, Informative

    Why not link to http://blog.iphone-dev.org/ themselves ?

    Oh wait ... this is /.

    My Bad.

  7. This is also an excellent case study by Sycraft-fu · · Score: 4, Insightful

    In why DRM is retarded. As you say, this is some of the tightest security ever found. Yet, it has been broken by some very smart people. Such is the fate of any DRM that is sufficiently widespread that smart people care to go after it. You can be as clever as you like with your DRM scheme, you are going to find someone as clever as you will likely break it.

    Also annoys me since I think some of these technologies are a good idea, if they weren't implemented in an assholish way. Code signing, for example. I really like the idea as a potential security measure for users/administrators. When I download Firefox, the fact that it is signed by Mozilla gives me a pretty high degree of certainty that it is legit, safe code. It's not 100%, of course, someone could break/steal their certificate, or someone inside could sign bad code, or my system could be compromised, but it is a good additional check. Also if anyone trys to break something like that, I'll say they are up to no good.

    However when it is implemented in this "You may only run things we bless," well then you are being a jerk. People are going to break it because they want to be able to run their own stuff.

    Personally I think Apple should have gone the route of having store with signed code but allowing unsigned code. If you install a signed app from their store, it installs with no question. If it is another app you get a "Warning, this code is unsigned and could be unsafe," box with a button for more info. Ask for more info and it explains that Apple has looked at signed apps and decided they are ok and aren't going to mess up your phone. They haven't looked at unsigned apps so they don't know, and if it messes up your phone they can't really help you.

    Yes, that would mean people could have apps that'll mess up your phone... You know just like every other smart phone out there. Doesn't seem to have killed that market, I don't think it'd kill the iPhone.

    Fortunately, there are people like this that will break their DRM, so you can use it as you wish.

    1. Re:This is also an excellent case study by rsmith-mac · · Score: 4, Interesting

      As you say, this is some of the tightest security ever found. Yet, it has been broken by some very smart people.

      To be fair, at least for the iPhone itself, the DRM wasn't very good. Apple used the same S5L processor and encryption key set on both the iPhone 2G and iPhone 3G. With the iPhone 2G at launch, everything ran as root and a trivial Safari exploit could be used to remote execute code as root - being able to run that code allowed key retrieval. Since Apple did fix the root security issues with iPhone OS 1.1.3 and later with all applications now running as the very limited user Mobile, but since they did not change the keys for the 3G it was not very hard (in the scale of breaking DRM at least) to crack open the firmware of the iPhone 3G and jailbreak that too. The iPhone's primary hardware should not be considered a strong DRM platform because Apple did not properly implement it before it was broken for good.

      This of course does not apply to the S-Gold radio; that was completely changed between the iPhone 2G and iPhone 3G, and the Dev Team beating that is indeed an amazing hack. Never the less, it took them 5-6 months to break it, which is actually rather remarkable. This was another case where Apple learned its lesson, as the 2G's radio was not properly secured, either.

      Futhermore, if you want to look at an iPhone device properly secured, look at the iPod Touch 2G. Apple did change the keys that time, and so far it has not been possible to break it for 4 months. At a bare minimum, a remote code execution exploit and a local privilege execution exploit must be found in the Touch in order to have a chance at capturing its keys, and that's just to decrypt the firmware. We have no idea what other surprises are on the Touch since no one has made it that far yet.

      I'm not entirely convinced that it's impossible to build an unbreakable device. DRM has been getting better over the years, the Xbox 360 still doesn't have a way to execute unsigned code (without hardware modification), for example.

  8. Re:I do not understand... by knutkracker · · Score: 5, Insightful

    Because compared to the windows mobile device I had for three years previously, the iPhone's interface and tight integration of functionality feels like having a scented massage from a bikini-clad swedish pin-up girl.

    Pretty much *everything* I wanted to be able to do previously is now possible in an elegant way, and I'm serendipitously finding that loads of oh-so-simple intuitive shortcuts have been quietly added and left to be discovered.

    I won't bore you with details, but there is a good comparison to be made with open source - you sometimes need the BDFL to bring out the best in a project, simply to avoid the endless conflicts and design by committee which can lead to a product which does everything poorly, rather than doing a small number of things in a superbly polished way.

    I have only bought an iPhone in the last three months, having held back since their launch on the grounds that slack-jawed fanboi drivel was not something to take seriously, but I've had to grudgingly admit that Apple have got something very right. Perhaps best summed up with Oliver Wendell Holmes' famous quote (take note, usability engineers!):

    "I would not give a fig for the simplicity this side of complexity, but I would give my life for the simplicity on the other side of complexity."

  9. Trusted Computing by Britz · · Score: 4, Interesting

    Trusted Computing used to be treated as one of the most evil things here on Slashdot:

    http://www.youtube.com/watch?v=XgFbqSYdNK4

    The appstore (where Steve decides what is trustworthy and what is not, to quote the video) sold the "I am rich"-app for cryin' out loud. Among a bunch of other crap. Other apps that are very useful are not given a chance and won't run.

  10. Re:I do not understand... by mr100percent · · Score: 5, Informative

    Haptic response?
    If that's the case, why do critics HATE the Blackberry storm and rumor has it that Verizon is dealing with a ton of returns?

    Just get firemail for iPhone and type your emails in landscape mode

  11. Re:I do not understand... by JaredOfEuropa · · Score: 5, Interesting

    I cite two reasons why people are buying iPhones

    Those are good reasons, but the most important reason I think is that the user interface just works so damn well. It does for me... I am no Apple fanboy (the only other Apple device I own is an iPod, the rest is all Windows stuff), but I bought one, despite
    - no out-of-the-box todo lists
    - no notepad that is actually useful (and syncs)
    - no cut & paste (a major omission), and poor (if any) communication between apps
    - crippled Bluetooth (only works with headsets, can't use it to hook up a Bluetooth keyboard or other peripherals).
    - locked down OS (can't replace the standard keyboard with a custom one, for instance).
    - rumours of poor battery life and poor reception (I haven't noticed any of these. Tip to increase battery life: turn off location services; the GPS chip is power hungry... like it is on any other cell phone).

    So why are people buying despite all this? I don't think having a built-in iPod and some amusing apps make up for this. The following, however, does:
    - Form factor. It's small. And I thank Apple for not putting a damn physical keybord inside, which would make it considerably bulkier.
    - Ease of use. The UI is simple and responsive certainly compared to WME.
    - The multi-touch screen: brilliant not because of the cute "pinch" zoom gesture, but because I can operate it with my fat fingers. Whereas my other smart phones required me to use a fingernail or the stylus, I can operate the iPhone 1-handed using my thumb.

    Typing messages is actually pretty good on the iPhone. As you'd expect, typing speed is somewhere between the on-screen keyboard & stylus of WME phones, and phones with a physical keyboard. But that's not what Apple needs to work on to capture the business market. Apple needs to address security by offering a mandatory PIN login that cannot be disabled by the user, and a remote wipe function. Without those two, you can forget about corporations allowing these things to VPN in and access the Exchange server.

    --
    If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
  12. Re:I do not understand... by ijakings · · Score: 4, Interesting

    Luckily there are apps for a jailbroken iphone that build on the functions of the default apps. iRealSMS is a brilliant messaging app for the iphone, of course it will never be avaliable on the appstore as it competes with their rubbish sms app. Its got real inboxes outboxes and sent messages templates drafts landscape typing.

    This is why un-jailbroken iphones arent as good. If an apple official app sucks, well thats just too bad.

  13. DRM might actually work for iPhone by pikine · · Score: 4, Informative

    This is also an excellent case study in why DRM is retarded. As you say, this is some of the tightest security ever found. Yet, it has been broken by some very smart people. Such is the fate of any DRM that is sufficiently widespread that smart people care to go after it.

    If you watch the video, you'd see the only reason they're able to break it is because the bootrom (initially run by the hardware) is modifiable yet not signature checked. I suppose that's because they want to be able to upgrade the bootrom but signature checking is only implemented in software and not hardware. All the NOR and NAND flash memory and the processor is built inside an integrated chip, so it is possible that future revisions of the chip will also integrate a TPM to verify the signature of bootrom. Let's suppose Apple will do that. You will then have a completely working DRM framework on the iPhone.

    TPM doesn't work on PC because you always have access to hardware without TPM, allowing you to run whatever you want and patch the software that requires TPM such as the hackintosh Mac OS X. However, for the iPhone, you can only buy the hardware from Apple that always has TPM on it (or settle for a previous generation iPhone without TPM). The whole point of iPhone craze is that you want to buy iPhone made by Apple, and all the restrictions follow from that, including choice of carrier and applications you can run.

    Code signing, for example. I really like the idea as a potential security measure for users/administrators. When I download Firefox, the fact that it is signed by Mozilla gives me a pretty high degree of certainty that it is legit, safe code.

    Do you have any means to verify that Firefox certificate is signed by someone you could trust? I could generate a certificate that looks like it's issued by Mozilla, and then sign a tempered copy of Firefox with it. Even if you can verify the mozilla.org certificate, the chain of trust ultimately leads to a root certificate that you must trust. Are you really sure that VeriSign or Thawte or other certificate issuing institutions cannot be compromised? I remember a past Slashdot story about one of the root issuer happily generating certificate for any domain name without verification.

    Fortunately, there are people like this that will break their DRM, so you can use it as you wish.

    If you have to use Apple's iPhone, your freedom is already automatically compromised, if not now, sooner or later.

    --
    I once had a signature.