Browser-Based Jailbreak For iPhone 4 Released

WrongSizeGlass writes "Apple Insider is reporting on a browser-based 'jailbreak' for iPhone 4. Hackers on Sunday released the first 'jailbreak' for the iPhone 4, a browser-based exploit that allows users to run unauthorized code. Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser. Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad. Some users have reported that the modification results in broken MMS and FaceTime functionality. This jailbreak does not work on iPads running iOS 3.2.1. "

Apple Insider? Pah!

[Richard_at_work]

This made the BBC news website front page - http://www.bbc.co.uk/news/technology-10836692

Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

Re:Apple Insider? Pah!

[dwightk]

http://lifehacker.com/5599406/disable-spotlight-searches-to-improve-iphone-3g-performance-on-ios-4

turn off the parts of spotlight you don't use

Does the jailbreak patch the exploit?

[Gopal.V]

If a website can run unauthorized code by just visiting a page, does the jailbreak "innoculate" against the exploit it uses?

Or would apple's fix for the bug also break the jailbreak? (they'll do that, I guess).

Re:Does the jailbreak patch the exploit?

[xded]

That's what they did with the previous jailbreakme.com exploit (which was for iPhones 2G on 1.1 firmware): exploit the libtiff vulnerability, install Installer (the Cydia of the time) and patch libtiff afterwards. Apple of course patched the flaw on the very next 1.2 version.

Re:Does the jailbreak patch the exploit?

[TheRaven64]

You've got to love the iPhone spin on this. On any other platform, this would be termed a remote root hole - jailbreaking doesn't just require running arbitrary code, it requires becoming a privileged user who can install arbitrary software as well. On the iPhone, it's a browser-based jailbreak. With a vulnerability like this, you could easily write a worm that would infect a large proportion of iPhone users (just have their phones email / IM the URL of the exploit + payload to everyone in the address book), but somehow the publicity talks about how great it is that you can use it to regain control over the device that you own, rather than about how anyone else can do the same.

Re:Does the jailbreak patch the exploit?

[E+IS+mC(Square)]

The reality is different in apple world. Those silhouetted zombies with white earbuds are real there.

Re:Does the jailbreak patch the exploit?

[ColdWetDog]

You've got to love the iPhone spin on this...

Your Reality Distortion Field is getting a bit weak. Time to head out to your local Apple store and buy something new and shiny to refresh the Field.

Then you will feel better.

Re:Does the jailbreak patch the exploit?

[clone53421]

somehow the publicity talks about how great it is that you can use it to regain control over the device that you own, rather than about how anyone else can do the same

Yeah... strange things happen when security is designed to keep users boxed in rather than to keep bad guys shut out.

Re:Does the jailbreak patch the exploit?

[Rexdude]

Why do I need to hack the firmware of a device that I bought, to make it do what other company products can do without meddling? This hole should serve as a wakeup call to those who talk about jailbreaking as a counter argument to the innate restricted nature of the iPhone. There's only one reason to hack a Symbian phone - to add one's own root CA to the keystore for installing self signed apps (which are usually pirated). The phones are not restricted in any other way, and even with hacked phones nothing can install itself or modify anything without user intervention.

Re:Does the jailbreak patch the exploit?

[cbhacking]

Thank you for saying this. It's always astounded me how people look at Jailbreaking as though it's a good thing that it's possible. What part of "0-day bug gives root access" (which is exactly what this is) sounds like a good thing? I've heard people tell me that they use Apple products because there are no exploits for them in the same 5 minutes that they tell me that they've jailbroken their phone, or at least considered it.

I'm glad, for the sake of people who have iPhones, that there exists a way to give them control over their shiny little handheld computers. I despair for the idiots who use Apple because "they don't get viruses [by which they mean have security vulnerabilities]" and consequently completely ignore security best practices. Yes, Apple malware is uncommon, but that's not because it's hard to write; it's because you can't make as much money exploiting OS X as you can exploiting Windows, and malware is all about profit these days. In the whitehat world, Apple has been quite conclusively demonstrated to be Swiss cheese.

Apple's security is really, really bad. I mean, seriously terrible. I have a co-worker who came by my office a week or so back witha proof of concept explot he'd found with a home-built fuzz testing tool in his own time. He's employed full-time (and it's not like our jobs involve a lot of goofing off time) and it's most definitely not to work on Apple software; it just doesn't take any significant amount of time. In a recent talk at CanSecWest, a security researcher found that Apple's PDF Preview app crashes about 100 times as often as Adobe Reader when given malformed files.[1] In roughly a million fuzzed PDF files he found 3 exploitable bugs in Adobe Reader... and 60 in Preview. When your software fares that badly in comparison to Adobe's, you should be afraid. This is not the work of a company that understands software security, and no amount of UNIX core can make up for that.

[1] Babysitting an army of monkeys: an analysis of fuzzing 4 products with 5 lines of Python - Charlie Miller, Independent Security Evaluators

Re:Does the jailbreak patch the exploit?

[mcvos]

There's only one reason to hack a Symbian phone - to add one's own root CA to the keystore for installing self signed apps (which are usually pirated).

Why are self-signed apps usually pirated? Who signs my app for me if I write one myself and want to test it? How do third-party app stores sign their apps?

The ability to install unapproved apps is the entire reason for jailbreaking, and from what you're saying, Symbian doesn't sound very different from iOS.

Re:Does the jailbreak patch the exploit?

[Rexdude]

There's a 'symbian signed' program that was started for individual developers to sign their code with a developer certificate without having to pay license fees. Apps with a dev. certificate display a warning that they might not work correctly when you install them. On Symbian, the keystore file is stored in a protected folder on the phone's internal memory. This can be updated with the necessary self signed CAs. It does not involve reflashing the firmware or anything as drastic, and while subsequent firmware updates will revert your modification, there's no danger of bricking your phone because of this.

Re:Does the jailbreak patch the exploit?

[Rexdude]

Also- correct me if I'm wrong - jailbreaking was also done to enable multitasking on older iPhones, and to allow tethering and other features that Apple had restricted. My point was that no part of a Symbian phone is restricted; and self signed certificates are the only reason to tamper with its internals.

Re:Does the jailbreak patch the exploit?

[madllama]

Yup Apple will be in a big hurry to patch as it certainly does leave the phone wide open for other nasties to break it. The jailbreak doesnt patch the hole, but it does allow for the installation of a package that can provide some protection. More info here. http://www.cultofmac.com/software-hack-to-plug-jailbreak-pdf-hole-is-released/53557

Re:Does the jailbreak patch the exploit?

[mcvos]

Not sure about multitasking, but tethering apps were indeed refused by Apple. To get tethering, you need to be able to install third-party apps, and for that you need to jailbreak.

Or pay for the SDK, get the source for the app, and install the app that way.

So the only way Symbian can be superior to the iPhone in this particular respect, is if anyone can get any app signed with a developer certificate, and others will be able to install that app on their phones without requiring the source or an SDK. (Although a free SDK would still be marginally better than the iPhone situation.)

Re:Does the jailbreak patch the exploit?

[Rexdude]

The bottom line is you don't need to hack your Symbian phone (or any other smartphone for that matter) to do the following(and some of these capabilities have been there since 2002):

• Use with any operator
• Tethering
• Bluetooth file transfer.
• Customize the UI with themes, or outright shell replacements.
• Multitask (yes i know iPhone 4 finally added this)
• Install apps from anywhere, without being restricted to an app store with arbitrary rules and regulations.

Security issue?

[miffo.swe]

Isnt this a very large gaping security issue? I would assume its much worse than the Android one where you had to trick the user into installing a kernel module manually.

Re:Security issue?

[Netshroud]

I'm sure Goatse Security is on to it.

Re:Security issue?

[Jeffrey+Baker]

Yes, but there has never been a time where Mobile Safari was free of remotely exploitable flaws. If you look at the history of the iPhone OS release notes, you will always find gaping holes that were closed in Safari, and many of them were uncovered by third parties. For example see the release notes of iOS 4.0 which contain nuggets like "Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution" due to CVE-2009-2195 in WebKit.

Re:Security issue?

[rsmith-mac]

CVE-2009-2195 is in fact what allowed the previous Spirit jailbreak.

Re:Security issue?

[Timmmm]

Indeed. "Custom versions of Android can be easily created" gets reported as "Android vulnerable to rootkits!", but "Huge security flaw in mobile safari" gets reported as "Unlock your iPhone 4!"

Re:Security issue?

[elrous0]

No way. Apple would never use a security firm that was so wide open.

Re:Security issue?

[Jeffrey+Baker]

In which case the current story is non-news (as usual around here).

Re:Security issue?

[dave024]

It must be a security issue that Safari is able to install an app. Can't imagine what else it can do. Glad to have the jailbreak though. I will be using the donate button.

Re:Security issue?

[whisper_jeff]

I'm sorry, but are you trying to imply that there's a negative bias against Android and a positive bias towards the iPhone on Slashdot lately? Really? Maybe you haven't been reading the site for the past year or so but, things have changed, quite a bit...

Re:Security issue?

[numbski]

Yes, because the only way to have the ability to write to the root filesystem of your own desires is to find a vulnerability and exploit it first.

If you were able to do it on your own without their "permission" (which you'll never get), then you wouldn't have hackers (the good guys here) looking as hard. In fact, at the end of the day this is a win/win for apple. The only downside is that by smacking the unlockers down, situations like the 3.1.2 to 3.1.3 upgrade arise. A vulnerability has been found, but not publicly disclosed because they need to "sit on it" until the new hardware comes out so Apple won't fix it and can be utilized later.

From a security standpoint, this whole situation really is just that braindead. Pair this with the advent of iPhones "phoning home" to ask permission for whether or not you can load a specific firmware on your own device - I think the reporting here is the least of our concerns.

Re:Security issue?

[ArcCoyote]

Yes it is. Just staring at some hexdumps, it's not a hole in the browser, it is a hole in PDF Type1C font loading. Escalates to kernel space via an IOSurface allocation bug. A malicious PDF (think iBooks...) could do far nastier things than jailbreak for you.

CAPTCHA: "clothing" ... Wolf in sheep's, that is.

Re:Security issue?

[CharlyFoxtrot]

All OS's have security flaws. How else do Android users "root" their phones ?

Re:Security issue?

Indeed. "Custom versions of Android can be easily created" gets reported as "Android vulnerable to rootkits!", but "Huge security flaw in mobile safari" gets reported as "Unlock your iPhone 4!"

This is revealing of who really owns the hardware.

Android: "Someone could steal my phone!"
iPhone: "I can steal Apples phone!"

Re:Security issue?

[not+already+in+use]

All OS's have security flaws. How else do Android users "root" [androidandme.com] their phones ?

Well I unlocked my Nexus One with a documented command line switch that came with the Android SDK. I was then able to flash rooted roms with the stock firmware flasher.

It's a beautiful thing when you can do what you want with that which you own.

Re:Security issue?

[mjwx]

I'm sorry, but are you trying to imply that there's a negative bias against Android and a positive bias towards the iPhone on Slashdot lately? Really? Maybe you haven't been reading the site for the past year or so but, things have changed, quite a bit...

Nope, he's quite correct, I wonder which Slashdot you've been reading. The more popular Android became over the last year the more rabid the iFanboys have become, the tide hasn't turned against them. In fact they've pulled in the ranks and are getting modded up more then ever (I guess they've given up on trying to mod down pro-android posts)

In all seriousness, this is a remote exploit (code execution) and it's being reported as a wonderful thing. If this was IE, all the rabid Linux and Apple fanboys would be attacking it left, right and centre, if it were Firefox the anit-FOSS zealots will be using to prove the inherent vulnerability of FOSS and the Firefox fans will be reassuring everyone it will be fixed in the next patch. But because this is Apple, an exploit that can execute code is considered a good thing(TM), if someone can use this for jailbreaking, cant someone else use this for malicious purposes. Pretty much if you can Jailbreak an Iphone, you can easily run a spambot or data miner on it.

In this case, shouldn't Iphone users switch to an alternate browser?

Re:Security issue?

[E+IS+mC(Square)]

I have been reading this site for 10 years and have not seen ANY change in the naked bias towards Apple either in the stories posted or in the comments. If at all, things have changed for the worse. But you keep repeating this and the fanbois will keep modding you up.

So in other words

[bm_luethke]

You have a remote rootkit running from simply visiting a website?

Wasn't it just yesterday or the day before we called rooting your android (which has to be tethered), erasing your old operating system, and installing a new "custom" one with a rootkit installed on it which allows remote activiation of root an attack vector (note that even a rooted Android device can't get outside the Dalvik VM)?

I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!

Re:So in other words

[jamesh]

You have a remote rootkit running from simply visiting a website?

That was my first thought too. Apple have left a hole in iPhoneOS (IOS, no matter how you case it, will always be Cisco in my mind :) wide enough that you can get root on it simply by getting to a website? I haven't RTFA so maybe there is more to it than that but i'm a little worried. I wonder how long until I can upgrade to Android on the iPhone...

Re:So in other words

[CharlyFoxtrot]

I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!

Yeah that could happen, it's unlikely though since users get their apps from the App Store. This isn't like Windows where users surf the web in search of apps.
Besides what's new, all OS's have these types of flaws including as you point out Android. Still Apple will probably need to fix this in the next release of iOS.

Re:So in other words

[Hal_Porter]

This would be cool thing for Google to do actually. Launch a getandroid.com website which downloads some root code which installs android on iPhones. Keep updating it as Apple fix bugs.

Re:So in other words

Lmao I like your opinion on this. But lets not forget the necessity to click on random things they shouldn't click on is often why people move toward apple product.

Re:So in other words

[bm_luethke]

Yea, because people would *never* fall for something like this in their e-mail box: "Hey, I just found this *really* cool app for my iPhone. Apple will not allow it on their app store, they are afraid it would make them look bad for not putting on the phone in the firs place!!!! Just click on and install it!" (then it e-mails everyone in the person's contact list once installed). Nope, never in the history of computing have people fallen for things like that in their e-mail. Won't happen because Apple has an *app store*. Nor has any worm propagated around the internet that way either. No, nothing to worry about having a simple to use web-based root-kit that anyone can embed - the App Store will apply its magic shield to protect us.

The difference here is the number of people who consider this a *good thing* that is occurring. I've said many a time that as we begin to realize these are general purpose computers more and more of this will happen and *no* device is immune from it, if you think that you are going to get away from it with either an iPhone, Android, or SuperPhoneOS. For whatever reason many Apple users think they are safe from it because Apple will protect them from it in some mystical magical way (which that belief will make it easier to click on said links, after all *everyone* knows Apple doesn't have these things). Google doesn't talk about how they are immune to this type of thing and do not make a great deal of their sales from it either.

In Apples defense they do not totally buy the spin either, they just take advantage of it.

Re:So in other words

[The+MAZZTer]

Don't worry, when you can, you'll be able to do it just by visiting the website. :)

Re:So in other words

[CharlyFoxtrot]

Yea, because people would *never* fall for something like this [SARCASTIC RANTING] Won't happen because Apple has an *app store*. [MORE SARCASTIC RANTING]

I didn't claim it's impossible but don't underestimate the strong mental association between getting apps and the App Store. Normal users are heavily conditioned to get apps at the App Store because 100% of their apps where downloaded that way. Especially people who aren't very comfortable with technology and would be most at risk tend not to stray outside of their comfort zone.
Aside from that point Apple also include to customary anti-phishing and anti malicious site protection in their mobile browser.

The difference here is the number of people who consider this a *good thing* that is occurring. I've said many a time that as we begin to realize these are general purpose computers more and more of this will happen and *no* device is immune from it, if you think that you are going to get away from it with either an iPhone, Android, or SuperPhoneOS.

I've said as much elsewhere in this thread.

For whatever reason many Apple users think they are safe from it because Apple will protect them from it in some mystical magical way (which that belief will make it easier to click on said links, after all *everyone* knows Apple doesn't have these things). Google doesn't talk about how they are immune to this type of thing and do not make a great deal of their sales from it either.

Your characterization of Apple users, taken is a whole, is just plain wrong; a stereotype used in "holy wars." Apple using the number of OSX viruses in the wild is no different than Linux users gloating over the number of Windows vulnerabilities compared to Linux all these years: it's juvenile but makes for good PR.

Re:So in other words

[aristotle-dude]

It is a hole in the library used to parse PDFs and load fonts apparently. If other platforms (linux desktop and android) use the same version of that library for PDFs, they too could be vulnerable to a remote exploit such as this.

Re:So in other words

[Bert64]

Cant get outside of Dalvik? I have a nexus one, and i can get a root bash shell on it (legitimately, not via any exploiting/jailbreaking process), and from here i can run native binaries easily.

Re:So in other words

[bm_luethke]

"I didn't claim it's impossible but don't underestimate the strong mental association between getting apps and the App Store."

And I'm claiming never underestimate the stupidity of individuals to click on e-mail links and follow what the web page says. Indeed, I would have to look it up but there are a few studies where a large number of people will click even if it plainly and clearly tells you it is a virus/worm. Especially true when it is coming from a "friend" (who either was the first one going outside of the app store or was also following some e-mail sent to them too).

I rather suspect the vast majority (not just most) do not know or care about all of this. They want a sleek sexy looking phone they can surf the internet on. I bet the vast majority only have a strong sense to use the app store because it is *all* they can use and if the think someone has a neat app that requires clicking a few buttons on a web page they will click.

Further I bet the vast majority aren't geeks and have taken the Apple fanboi message of it being secure and "just works" to the point of assuming if it looks official and only takes a few clicks - then well it must be OK.

The whole point of this is that it *bypasses* all those things that Apple puts in to stop it, otherwise it wouldn't be so easy to do.

I also rather suspect Apple patches this fairly quickly for that reason too. They only drink some of their ow kool-aid.

"Your characterization of Apple users, taken is a whole, is just plain wrong; a stereotype used in "holy wars." "

No, it isn't, nor did I mean it as a "taken in whole" as many also see it as a tool, nothing else. Yet many also have some sense of contentment because "Apple is protecting them" (which they can't). Lots of Apple fanbois, Linux zealots, and other people who are otherwise quite intelligent and think thing through just don't with respect to that. It isn't all, so yea I guess taken as a whole that isn't correct, yet taken a "many" is quite true.

Ultimately you are making the same point too, they expect to be protected by the app store and anti-malware actions of the phone. Unfortunately this bypasses that and remotely roots the phone and shows said protection to be "magic" (that is only an illusion). If it becomes a worm before it gets patched then Apple is going to have problems, if they patch it quickly then few will even know about it.

"Apple using the number of OSX viruses in the wild is no different than Linux users gloating over the number of Windows vulnerabilities compared to Linux all these years: it's juvenile but makes for good PR."

Yup, preaching to the choir there.

linux or android

[StripedCow]

This is a great step.

However, only if I can run linux or android on it, I might buy an iPad.
Yes, linux or andoid may not perform that well on this device (cpu and battery-wise), but the mere openness of these OSes is sufficient for me.

Re:linux or android

[zlogic]

Android is Linux. In fact it's probably the best Linux distribution for touchscreen interfaces, only MeeGo is comparable (and very promising) but has a lot of catching up to do. After rooting Android you'll get a terminal with all the standard Linux console utils.
Running Gimp, OpenOffice, Firefox or any other desktop-oriented app on such a device is suicide.

Re:linux or android

[aristotle-dude]

This is a great step.

However, only if I can run linux or android on it, I might buy an iPad.
Yes, linux or andoid may not perform that well on this device (cpu and battery-wise), but the mere openness of these OSes is sufficient for me.

Are you really that foolish that you would spend your money on hardware and install another OS on it knowing that it will not perform well compared to the native OS? I assume that you don't "earn" your money and that you are some rich kid living on a trust fund because no sane person would do that because it is "open" with their own hard earned money.

If you are that careless with your money, I suggest sending some of it my way so that I can feed some homeless people.

Do you know why certain countries hate us so much? Because we have been so blessed by the creator but we wasted our riches on wrecking things for the "fun" of it.

Re:linux or android

Why the hell would you buy yesterday's technology?

http://www.slashgear.com/notion-ink-adam-hands-on-0969281/

16 hours browsing, usable in direct sunlight (Pixel Qi display), rotating camera for videoconferencing and picture taking, microSD, USB ports, integrated HDMI... and Adobe Flash support (which you can choose not to use of course)!

It's expected retail price is $350-800 depending on features.

Re:linux or android

[not+already+in+use]

In fact it's probably the best Linux distribution for touchscreen interfaces

No shit. That's what happens when someone with a little common sense realizes that using a legacy display manager on touchscreen devices may not work so well and ditches X. Morons think you can just hack debian onto a cell phone and add telephony and voila, you have a phone.

Problem FIXED. Claim of iOS 4 on iPad.

According to Appadvice, the problems have been fixed and even if you already used it to jailbreak your iDevice, it is easy to undo the damage:

http://appadvice.com/appnn/2010/08/jailbreakmecom-issues-resolved/

They also claim iOS 4 can be installed on an iPad! Has anyone verified this? Are there any downsides? (I'd love to get the "folders" working on mine).

I no longer login because I feel that while attacking a company's products is fair game (specifically Apple), having stories singling out their users as "selfish" and unkind is not "news for nerds stuff that matters". Am I an Apple fanboi? Let's just say I've used NIX for decades (yes I'm old) and I'm not talking OS X.

Note: Userland Jailbreak, Not Bootrom Jailbreak

[rsmith-mac]

Just as a heads up to anyone thinking of buying and/or jailbreaking an iPhone 4, keep in mind that this is a userland jailbreak (like Spirit) and not a bootrom jailbreak like 24Kpwn. This is significant because this jailbreak only works on iOS versions with the vulnerable component, which means that Apple can and surely will patch it out in 4.1. This is also why Apple is signing their firmware: once they do release 4.1 they'll stop signing 4.0.x and it will be impossible to jailbreak new iPhone 4/3GSes as those devices will ship with 4.1 and it will be impossible to downgrade. Existing owners should be sure to backup their SHSH blobs using Cydia or Tiny Umbrella so that you can downgrade or reinstall 4.0.x in the future, otherwise you will be trapped just like new iPhone owners. 3G owners are also encouraged to backup their SHSH blobs, as Apple is soft-signing iOS 4.x on those devices (even though the hardware can't enforce it).

Anyhow, while I'm excited to see an iPhone 4 jailbreak, I'm a bit worried about the fact that it's another userland jailbreak. No one has successfully exploited the Apple bootrom since iBoot-359.3.2 was released last year, which is troubling. It's not possible to replicate the complete jailbreakability of the iPhone/3G without a bootrom exploit, and as iOS can quickly be updated to stamp out new userland exploits there's a distinct risk of the hackers running out of practical ways to jailbreak the platform through such limited means. Unless someone does find a new bootrom exploit, the "golden age" of jailbreaking has probably already sailed, and in the long run this is a very bad thing. The (practically) unhackable computer marches in on all fronts...

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[bemymonkey]

That's troubling on a great deal of levels. Android seems to be going the same way...

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[theshowmecanuck]

this jailbreak only works on iOS versions with the vulnerable component

It seems strange to me that while the FCC says that people have the right to install whatever software they want on their devices, Apple is still 'fixing' the OS on the devices so that their users cannot install their choice of software without jailbreaking the device, which Apple then fixes so that the user cannot install the software they want GOTO LINE 1

While I particularly hate the overly litigious attitude that permeates the United States (note that I like many other aspects a great deal), isn't this a very good case for a class action lawsuit? That is, Apple keeps blocking the users attempts to install their choice of software and possibly corrupts already installed software based on Apple's priorities, not the users.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[Sir+Lollerskates]

That is why you need to save your iOS signatures, so you can restore to 4.0.1 at any time, even when apple stops signing.

Use this tool to do it: http://thefirmwareumbrella.blogspot.com/

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

No, FCC said that jailbreaking is legal. They said nothing beyond that. That doesn't mean that Apple must make things easy for you.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[rsmith-mac]

Well yes and no. PDF was created by Adobe, but it's actually an ISO standard (ISO 32000). Adobe does tend to extend it though...

Anyhow, it's not an Adobe plugin that's doing this. Apple writes their own PDF software, and indeed Mac OS X has had native PDF capabilities its whole life. This is a flaw in Apple's PDF handler - Adobe for once has nothing to do with this.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[Nerdfest]

Android remains an open OS, but what some phone manufacturers are doing is very bad (fused ROMS, locked bootloaders). I'm hoping word spreads and people avoid those phones.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[dave024]

This vulnerability just came out, and Apple hasn't fixed it yet. I wish they would fix it though. A PDF shouldn't be able to install software. Happy to have the jailbreak though. They shouldn't be sued for fixing this hole.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[bemymonkey]

Which manufacturers aren't doing it? The only phone that's rootable without finding some sort of vulnerability to exploit is still the Nexus One afaik ...

The fact that Moto is the only manufacturer that's succeeded in locking the bootloader down so far that nobody's been able to crack it doesn't mean that others haven't tried. What we need is a completely user accessible operating system, similar to the PC. Something like OpenMoko or the N900, but good :p

Unfortunately, most consumers prefer to be spoonfed whatever junk their carrier has to offer, and wouldn't dream of rooting or applying a custom ROM.

Android is only open in that anyone can use it for their hardware. However, 99% of the hardware that's meant to run with Android is locked down. A pity, really.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

are you serious? "the ship has sailed"...

are you retarded or just trolling?

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[mrogers]

The (practically) unhackable computer marches in on all fronts...

It would march a little slower if hackers refused to buy locked-down devices.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[theshowmecanuck]

How the fuck is this offtopic? The only reason people are doing this is because Apple is fucking over their customers. Likely an Apple Fanboy moderator.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[mjwx]

That's troubling on a great deal of levels. Motorola seems to be going the same way...

Motorola Droid != Android. This is the reason the OS is developed independent of the hardware.

HTC are still quite open, not sure about Samsung.

I like my Motorola Milestone, but because of Moto's locked down boot loader I'll be getting a HTC phone next. Probably the HTC Vision as it looks to have the same keyboard as the Dream.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[cbhacking]

Recent talk by a security researcher at CanSecWest: Babysitting an army of monkeys: an analysis of fuzzing 4 products with 5 lines of Python - Charlie Miller, Independent Security Evaluators

The gist of it was that with a dead simple fuzz testing tool (a program that modifies valid files to produce invalid ones, then feeds the invalid files into parsers to try and break them) this guy found 60 different exploitable vulnerabilities in Apple's Preview app (their home-grown PDF reader). The same fuzzed files found only 3 exploitable holes in Adobe Reader, and triggered only 1 crash in Reader for every 95-ish in Preview.

I hate to say it, but Apple users should use Reader, *not* Preview, wherever possible. When your security is orders of magnitude worse than Adobe's, you have serious problems.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[bemymonkey]

You should read up on rooting current HTC phones. Moto => HTC is currently very much an "Out of the fire, back into the frying pan" kind of move, because HTC seems to be locking their handsets down prety strongly too. No encrypted bootloaders, but people losing root (permanently, as it seems) when upgrading to the latest official updates, and the Desire hasn't even been fully rooted yet (no read/write access to /system/).

I just made exactly the same switch (Moto Milestone => HTC Desire), and it seems that even though Moto was horrible in terms of being locked down, HTC doesn't seem to be that much better, and the general tone/trend seems to be that HTC phones are getting harder to hack/open up.

Of course, full custom ROMs are available, and read/write access to system is possible via ADB in Recovery (which is, unlike on the Milestone, permanently flashable, so no need to run an update.zip from the SD-Card every time you need a Recovery), so much better already. I'm just a little apprehensive about future phones - HTC seems to be closing root-holes at a very rapid pace.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[mjwx]

but people losing root (permanently, as it seems) when upgrading to the latest official updates

Umm... that's always been the case.

Fairly logical too. Of course the new version of the OS will re-write permissions and fix whatever hole was used to create root access. Which is why most people who want root access typically start using a community ROM. If you haven't figured this one out, you need to go back to the very basics of modding. Every modding guide since 1.1 has come with a warning saying "official updates will likely remove root".

No encrypted bootloaders,

Case in point. Open/replaceable bootloader == no problems.

I just made exactly the same switch (Moto Milestone => HTC Desire), and it seems that even though Moto was horrible in terms of being locked down,

I haven't. My next phone will be a HTC Vision if it's decent enough and drops below A$600 (quite possible if the AUD-GBP rate doesn't change 1:0.57) due mainly to the hardware KB which looks to be the same KB as the old HTC Dream (which was a fantastic KB). But this will depend on modability as I dont like HTC Sense.

I'm just a little apprehensive about future phones - HTC seems to be closing root-holes at a very rapid pace.

So long as you have an unlocked bootloader you dont really need this. I recognise that most users shouldn't have root and now most functions dont require it. But the few that do want it should be able to get it via a means that does not place any software support onus on the manufacturer.

It's only a matter of time before efuse is broken however.

Re:Note: Userland Jailbreak, Not Bootrom Jailbreak

[bemymonkey]

"Case in point. Open/replaceable bootloader == no problems."

Then why are the latest Desires currently unrootable? Shouldn't their bootloaders allow anything to be loaded? An unencrypted bootloader is easier to crack/unlock, but difficult nonetheless, and it doesn't mean that you can just load anything you want on the phone.

"I haven't. My next phone will be a HTC Vision if it's decent enough and drops below A$600 (quite possible if the AUD-GBP rate doesn't change 1:0.57) due mainly to the hardware KB which looks to be the same KB as the old HTC Dream (which was a fantastic KB). But this will depend on modability as I dont like HTC Sense."

Exactly what I meant... you're planning on making the switch from Moto to HTC too ;). Didn't mean to imply that you'd already switched :D. I was in the same boat though - don't like Sense, so I got the Desire because AdamG on XDA-Developers maintains a great ROM (OpenDesire) that's compiled directly from Android source, so it's basically a completely stock Android. :)

Hopefully someone will do the same for the Vision, because that looks like a pretty cool handset.

"It's only a matter of time before efuse is broken however."

I wouldn't bet on it. And it's not the eFuse we need to worry about, in case you're talking about Moto's new offerings - bypassing the signature check in the bootloader would be more than enough, I suppose.

I'm just trying to say: The grass is greener on the other (HTC) side, but not by that much :p. Read/Write access to /system/ as we have it on the Milestone is a good thing, and is currently still missing from HTC Desire root, and I'm guessing the Vision will use the same kind of protection.

Facetime/MMS fixed

[RandyOo]

The Facetime and MMS issues were due to a permissions problem, which has already been sorted out, per planetbeing's Twitter feed.

Re:Facetime/MMS fixed

[Skuld-Chan]

I think its wonderful how you can visit a website to fix a local filesystem permission issue ;).

Serious security hole

[wvmarle]

Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad.

This sounds like a huge security hole. If simply visiting a web page can modify the OS of the phone, then this can surely be used for more malicious purposes. Maybe the user has to make some more clicks but then how hard is it to social engineer a user into doing that, and the attacker can do anything they like. Such as installing back doors, keyloggers, whatever. This I think is more than just a jailbreak: this is a root exploit in the browser. Scary, to say the least.

The jailbreak itself may not work on other versions of iOS, but as it involves Safari I wouldn't be surprised if the root exploit itself works there as well. Binary patching of the running O/S (which is what I guess they are doing) of course works only against a specific version, minor revisions may break it, so no surprise it doesn't work for the iPad.

This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.

Re:Serious security hole

[CharlyFoxtrot]

This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.

It's old hat. There was a vulnerability back in iPhoneOS 1.1.2 that allowed pretty much the same thing, in fact the domain name dates from that period, and the sky didn't fall down on our heads then either.

Re:Serious security hole

[mac84]

visiting the site "starts the process". What else is needed to complete the process? Does the user need to take other actions to complete it?

Re:Serious security hole

[tivoKlr]

Visit jailbrakeme.com, slide the "jailbrake" slider. Get coffee, sip coffee, wait. Jailbrake complete. You'll probably still have some coffee left.

Re:Serious security hole

[Dracker]

It pops up a slider like the "slide to unlock" when you press the home button. Only this time it says "Slide to jailbreak"

Re:Serious security hole

[wvmarle]

Now to come back to the actual question:

Does it REQUIRE any action by the user? Or is this just a technicality, and can the actual exploit be run without any further user intervention?

Re:Serious security hole

[dave024]

This website requires user action. The vulnerability itself is done simply by opening up a PDF. So all a web site has to do is trick a user to click on a link.

Re:Serious security hole

fuck you, asshole!

Re:Apple Insider? Pah!

[Vectormatic]

just tried that on my ipod (which is basically iphone 3g hardware), and loading the ipod-app still takes noticable time, rather then being instantanious in 3.1.3

i really regret upgrading the ios 4, the only added function i can find is threaded email (of which apple's implementation SUCKS), and i got a serious performance drop

Oh, you will pay!

[elrous0]

Steve is already readying his police cronies to kick down some doors to stop this. And don't think some hippie court ruling is going to stand in Steve's way! He'll say this is malicious hacking.

Re:Oh, you will pay!

[MobileTatsu-NJG]

Steve is already readying his police cronies to kick down some doors to stop this. And don't think some hippie court ruling is going to stand in Steve's way! He'll say this is malicious hacking.

Then Steve'll go home and stomp on newborn kittens! Then he'll set an orphanage on fire!! After he's done pointing and laughing at that, he'll go down into the Apple Labs and roll up their cure for cancer and smoke it!!!

Re:Apple Insider? Pah!

[Richard_at_work]

Sod loading anything, my 3G takes a noticeable period of time to react to UI inputs, screen rotations et al when it didn't under the previous OS. iOS4 sucks for the 3G, I don't know why Apple included it in the release.

Re:Apple Insider? Pah!

[kdogg73]

Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

Try doing a hard reset to the 3G phone x2. My wife's phone was unusable after the iOS4 update. This did the trick. It's worth a try.

Re:Apple Insider? Pah!

[jimboindeutchland]

I just tried it too. I noticed a definite improvement in performance across all apps. The music app still takes forever to launch but it's better than it was with spotlight enabled. I don't think I've ever used spotlight on my iPod so disabling was a small price to pay for a bit of extra performance and probably better battery life.

I agree with everything you've said but your post makes it sound like disabling spotlight doesn't help at all which might discourage people from trying this hack.

Re:Apple Insider? Pah!

[Vectormatic]

hmm, i havent noticed serious input lag, just that safari doing loading wont respond at all to inputs, and apps like ipod-app hang for ~5 secs when you open them

i hope they fix it, if they dont however, i wont care all that much, in a few months my ancient symbian powered nokia will be replaced by a HTC android device, which will also make my ipod redundant

Meanwhile...

[CuriousGeorge113]

Meanwhile, everyone else using Palm, Blackberry, Windows Mobile, Android or Symbian devices, can keep being awesome. We don't have to jailbreak our phones to use them how we want to.

Re:Meanwhile...

[rickb928]

Actually, I had to root my G1 to change the software. Now I'm running a 2x radio, DangerSPL, and CM6RC2.

But it had to be rooted, which is 7331 slang for jailbreaking. As do most all Android phones, except DEV phones, which are, wait, they had to be rooted too.

Now slick is to root the HD2 and run Android on it. Ultimate bugfix.

Re:Meanwhile...

[mjwx]

But it had to be rooted, which is 7331 slang for jailbreaking

You really are 7331. Rooting is not the same as Jailbreaking.

First, rooting is done to unlock SU, Jailbreaking is to unlock user space (non SU on most *nix systems) as well as SU.

Secondly, Android permits application installation from any source, jailbreaking is required to allow application installation from any source other then Itunes.

Thirdly, Rooting is used to gain access to the driver level when API's for that function do not exist (this is getting smaller with each Android revision, with 1.1 I needed root for a lot but with 2.1 I dont need root at all). Jailbreaking is used to gain access to applications that would work without SU and/or on existing API's but Apple will not permit them.

The use of Root and Jailbreak are completely different. Even the implementation is different and Google aren't fighting you tooth and nail with each release. Once rooted, you keep it until you install a non rooted ROM. BTW, with my first HTC Dream mod (JesusFreake 1.5.3), I didn't have root or Danger SPL. It wasn't until Cyanogen 3 I installed DangerSPL.

Re:Apple Insider? Pah!

[Vectormatic]

well, just played a bit more, and it looks like ipod-launchtime is down to ~1 second, still noticably slower then before the ios4 update (and in my opinion completely unacceptable for a device sold as a music player), but this does help.

Perhaps i'll try rebooting the thing as well..

Re:Apple Insider? Pah!

We also need is a fix for people who try to install Windows 7 on their old 386 and complain when it won't work right. Oh wait, people don't do that.

If your hardware is two or more iterations out of date please don't complain if the latest OS isn't great on it. Either upgrade your device or downgrade your OS.

That said, a full restore and turning off spotlight completely helps quite a bit.

MMS/Facetime issues have long since been resolved

In typical fashion Slashdot is WAY late posting this story and the MMS/Facetime issues have long since been fixed. Anyone doing a new jailbreak will never see the issue as the jailbreakme.com site has been updated to correct it and anyone who already jailbroke and has the issue can simply go into Cydia and accept the automatic update and they will be fixed also. Again, THERE ARE NO LONGER ANY MMS/FACETIME ISSUES and there haven't been for almost 12 hours now. In fact they were fixed within an hour of being confirmed by Comex. It would be nice if Slashdot made the slightest attempt to make sure their stories are accurate, especially one of this magnitude.

Broken IPhone

[helix2301]

I think its defiantly nice that you have the freedom to jailbreak the phone if you want. Now websites like this are legitimate and people with jailbroken Iphones don't have to hide them.

WTF? When was it ever ILLEGAL?

I've been jailbreaking my iPhone since the beginning. I own the iPhone. I can do whatever I want to it. This is probably why the government has just officially stated that "it's legal" to jailbreak it. I'm just not sure about this browser-based jailbreak. I'm kinda scared that visiting a website can modify my OS on my phone. I actually hope Apple will fix this hole. I want the hackers out there to come up with an exploit similar to how Spirit jailbreaks the 3GS and prior.

Well, it's a good thing the government made all this legal....cause they definitely wouldn't have stopped me from jailbreaking MY OWN phone. Shit, I'll do what I want with any of my possessions. And this will always be the case. NO ONE will tell me what I can or can't do with my possessions.

Re:WTF? When was it ever ILLEGAL?

If you've been jb'ing since the beginning, you must remember the first Safari based jailbreak, I do, it was on the original iPhone, and I remember jailbreaking a display iPhone OTA while in the Cherry Creek Apple Store (God I hate that place).

It was trivial to do (as is this) and was entertaining to boot, as this was before the app store, so the jb added a ton of extra functionality to that one display phone...

Re:WTF? When was it ever ILLEGAL?

[nurb432]

Sure you can do what you want with your device legally. but you can also lose your warranty and have your contract canceled, with an early termination fee. Both parties have their rights. its NOT all about you.

Tho there is some fuzzyness on when you actually own the device, since its being subsidized via your service..

Re:WTF? When was it ever ILLEGAL?

[pclminion]

You can do what you want with your possessions, but you have no reason to expect that the objects are designed in a way to make it easy for you to do what you want. The phone is what it is. You can try to do something to it and fail because of the design of the phone. This is simply a property of the object, not a trampling of your rights. If you don't like it, get something else.

Re:MMS/Facetime issues have long since been resolv

[dave024]

Calm down. It came out yesterday, as far as I know. And some users have "reported that the modification results in broken MMS and FaceTime functionality" in the forums that I have seen. They are simply reporting what has happened. If it has been fixed that is great.

Re:Apple Insider? Pah!

[Lumpy]

Disable the damn search junk you dont use anyways. IT sped my wifes 3G up a lot.

If there was one thing I wish the jailbreaking community would od is submit a patch to remove the useless search on the iphone.

Forget about apple and android - it's the past

[dbIII]

Nokia has a phone where you don't need to jailbreak it, you have root access in the default OS and full control to even boot from different media into a different operating system. They are probably not the first and I definitely think it's a trend that will catch on if only because the phone DOESN'T CARE where your mp3 or movie comes from, that hot new app will not be blocked or delayed for arbitrary reasons and you don't have to buy crap shareware just to get something as trivial as a stopwatch app.
Most mobile phone companies don't really care about pushing some platform, they just want to sell phones. If a fully open platform is the cheap and easy way out that gives people the features that sell phones then that is the way they will go.

Re:Forget about apple and android - it's the past

[Hal_Porter]

The problem with that is operator subsidy. Apple get $325-$480 in subsidy per device depending on who you believe. Most smartphones get much less. Operators love closed devices - they have a higher average revenue per user. Most people would much rather have a $99 device which is locked than a $500 device which is not.

Re:Forget about apple and android - it's the past

[mini+me]

The iPhone 4 is available carrier unlocked in most countries. They still don't give you root access.

Re:Forget about apple and android - it's the past

What are you talking about? You pay $99-$199 upfront, make a 2 year contract and slowly pay off the rest. You will end up paying the same amount or even more. US people still don't understand this?

Re:Apple Insider? Pah!

[Nerdfest]

They included it so people would buy new hardware would be my guess.

Re:Apple Insider? Pah!

[Lumpy]

I do...

iAds.

Re:Apple Insider? Pah!

[Nerdfest]

I'm terribly sorry, I thought Apple "Just Works". Turns out that's true with iOS 4 on the 3G, but in a different way.

And just another note...

[denmarkw00t]

If you're doing this and getting the purple background of death (just hangs and doesn't install) try this:

Method 1
-Click Home
-Double-click Home to bring up running apps
-Click and hold on Safari
-Close Safari, try again

Method 2
-Go to Settings->Safari
-Clear cache, history, cookies (some reported clearing History IN Safari to work)
-Try again

Method 3 (only thing that worked for me)
-Go to jailbreakme.modmyi.com instead of jailbreakme.com (just a mirror)

3GS 4.0.1

Re:And just another note...

[Coward+Anonymous]

worked for me, thanks!

Re:And just another note...

[denmarkw00t]

Just curious, which method and phone/os? I tried 1 and 2 over and over along with rebooting, restoring to backup, full restore etc but then #3 worked out of the blue.

Re:And just another note...

Method 3 (only thing that worked for me)
-Go to jailbreakme.modmyi.com instead of jailbreakme.com (just a mirror)

3GS 4.0.1

Wow. So now if a script kiddy has got a bank password stealing rootkit with the jailbreak, all he needs to do is post a URL with jailbreak in it.
Please note that I accuse of no such thing. Just pointing out the potential here.

IS news

[tivoKlr]

This IS news for those of us that were stuck on ios4 on a 3gs which had not previously been jailbroken. A carrier unlock is soon to follow, and given the fact I'm flying to Amsterdam this fall and want to use a prepaid sim while I'm there, this is BIG NEWS for me.

Re:IS news

[Hal_Porter]

Ah Apple. You can have a secure browser with outrageous roaming charges or an insecure browser which anyone can run arbitrary root code and no roaming charges.

Re:IS news

[Bert64]

Many operators let you do a legitimate unlock these days, o2 in the uk for instance will unlock your iphone for free if you have it on contract while some other providers will charge you.
You can also buy factory unlocked iphones from apple now...

Having a legit unlock on my 3gs means i don't need to worry about baseband updates relocking the phone.

Sometimes I believe Apple puts these back doors in

[line-bundle]

To have the "cutting edge" people test out new features.

Security risk?

[Stooshie]

If this is just a URL couldn't a user be pointed to this unwittingly and there phone would have it's warranty nullified without the user having done anything?

Re:Security risk?

[irving47]

Seems that way to me, too.
But maybe it's a good thing in that Apple won't have a leg to stand on.
I don't care how strict the EULA is. No court is going to let them void thousands of warranties when all the action that was required was visiting a website or being redirected to one against the users will or knowledge.

Re:Security risk?

[davidbrit2]

Probably not. You have to manually initiate the process once the page loads.

Re:Security risk?

[BarryJacobsen]

Probably not. You have to manually initiate the process once the page loads.

Just because this website has the user initiate the exploit via a manual process, doesn't mean a nefarious website couldn't do it automatically.

Re:Security risk?

[cbhacking]

Sure... or I could send you an email with a PDF in it (which is the attack vector that this remote exploit^W^Wjailbreak uses) and completley take over your phone. Read all your mail, monitor your calls and text messages, see all your websites and intercept all your passwords, follow your GPS location (even if you think you have the GPS turned off), make copies of all your photos, videos, and other files, purchase apps for you, and send all this wealth of info back to me and anybody who wants to pay me for it. Hell, I could use your phone as part of a botnet sending spam email or DoS attacks, or as a place to store kiddie porn or other illegal data, or as an anonymous proxy to commit cybercrime (tracable back to you, and no gurther).

An iPhone is a computer, and this is a elevation of privilege arbitrary code execution vulnerability, in a component that runs without you needing to do anything in particular (I could embed the PDF in a web page and you'd get taken over just for visiting). It's the kind of security vulnerability that gives sysadmins nightmares. It's one step shy of the holy grail of exploits (remote exploit with EOP and arbitrary code that requires no user interaction at all) and can be paired with any non-interactive exploit to get that holy grail. It's the kind of thing that gets flagged CRITICAL in patch info.

The really sad thing? It's about three steps past the worst level of exploit most Mac users think is possible at all (bear in mind that most Mac users have never even heard of Slashdot) and this isn't the first such exploit to be found.

Rooting is a local sploit

[Nicolas+MONNET]

jailbreakme.com is a remote exploit, and that's much, much, MUCH nastier.

Re:Rooting is a local sploit

[CharlyFoxtrot]

Good thing Android has never had a remote exploit huh ? (Oops.)
At least Apple as very judicious about pushing out updates (and Apple users generally update very frequently) while some manufacturers send out handsets with old Android versions and don't care that much about providing their users with the latest and greatest.

Re:Rooting is a local sploit

Did you even bother reading your article you linked? Or are you just an Apple Fanboy?

"Media libraries are extremely complex and can lead to bugs, so we designed our mediaserver, which uses OpenCore, to work within its own application sandbox so that security issues in the mediaserver would not affect other applications on the phone such as email, the browser, SMS, and the dialer"

So, basically, the only thing that "exploit" allowed you to do is nothing that the video player couldn't already do (display stuff on screen, access the web). Fixed 2 days after being told?

As oppose to a complete Jailbreak: gaining root / administrative access to your phone from your browser? There's no sandbox checking for the browser, and the all Froyo based browsers are still twice a fast in Javascript performance?

What the hell?

Re:Rooting is a local sploit

The RDF is strong with this one.

Wake me when there's an actual system level remote exploit in Android.

Until then, have fun browsing on your iPhone. I can't believe that you think that a random website gaining complete access over your phone just by visiting it is a good thing, but you seem pretty thoroughly brainwashed.

Re:Apple Insider? Pah!

[crispy_one]

Tell me that Steve Jobs did not write this article... http://www.computerandvideogames.com/article.php?id=258165

A jailbreak for the iPhone 4 has been engineered and released by hackers, meaning that dodgy users can gain access to all kinds of unofficial content.

Re:Apple Insider? Pah!

[rjch]

Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

Apple has already released a fix for this. It's called upgrading to an iPhone 4.

It does work!

[ffohwx]

I can't figure out why people keep saying that is does not work on iOS 3.2.1 for iPad. I did it last night, and it worked perfectly. On top of that, it is also on the list of official supported devices and software versions.

Jailbreak DOES work on iPad iOS 3.2.1

[Schlopper]

I beg to differ, but my iOS 3.2.1 iPad was jailbroken within 10 minutes of the jailbreak release.

Not a first.... ?

[Mr+Stubby]

The blurb says this is a first, but I seem to recall maybe 3 years ago so on iphone OS 1.1.1ish was also jailbroken through the browser.. I don't recall all of the details but the URL was the same and i remember at the time watching a clip of Woz jailbreaking Kathy's iphone in the back of a limo with no PC software or tethering.

Re:Apple Insider? Pah!

[Kenz0r]

There is a video tutorial on cnet tv that shows you how to downgrade a 3G if you regret installing iOS4.

Do so at your own risk, YMMV, etc...

Re:Apple Insider? Pah!

[bjoast]

Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

It seems like Apple is already looking at the problem.

Re:Sometimes I believe Apple puts these back doors

yea... sure... lol

Re:Apple Insider? Pah!

[nurb432]

Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

There is a fix: upgrade the device. If you had done your research you would have known upfront the CPU in the 3g ( and 2g ) doesn't have the power needed. Only the 3Gs had the power of the existing devices.

Re:Apple Insider? Pah!

[nurb432]

I don't know why Apple included it in the release.

Damned if you do, damned if you don't.

Re:Sometimes I believe Apple puts these back doors

This particular would have been stupid to put in on purpose though, considering it's a giant security hole just waiting for someone to exploit.

Re:Apple Insider? Pah!

[mini+me]

The iPhone 4 only became available three days ago. iOS 4 became available over a month ago. The iPhone 3G was only one generation behind the currently available model up until last week, and that was if you could even get your hands on one.

^ != 1337

[VortexCortex]

But it had to be rooted, which is 7331 slang for jailbreaking.

7331 = ... rooted, which is [noob / not elite] slang for jailbreaking.

I think you meant this instead:

But it had to be rooted, which is 1337 slang for jailbreaking.

1337 = ... rooted, which is [leet] slang for jailbreaking.
In which case you've proven yourself to be 7331.

-- 1337 5p34k 6r4mm4/2 ]\[4221?

Re:Apple Insider? Pah!

[fredmosby]

I wonder what they added that slowed it down so much. Multitasking is disabled in the 3G. As far as I can tell the new version has added folders, desktop pictures and some minor changes to the email. Yet it feels considerably slower.

Re:Apple Insider? Pah!

[Ksevio]

I'm with you on that one. I downloaded the iOS 4 since it was free and suppose to have new features. Well it's sluggish and I've seen a lot more crashes - but worst of all, the battery seems to drain a lot faster than it ever did before.

If I could downgrade easily to iOS 3 I would.

Re:Apple Insider? Pah!

[MobileTatsu-NJG]

Try doing a hard reset to the 3G phone x2. My wife's phone was unusable after the iOS4 update. This did the trick. It's worth a try.

Count me in as somebody who had this work. It was still a little slower than 3.x, but it was usable again.

Any way?

[ddubbleya]

Is there any way to get to a shell on iPhones? Does jail-breaking it let you install an app or ROM that will allow that. It would be nice to have root and be able to use a package manager or somthing like that. I just got one for work so I'm an iPhone noob.

doesn't work on 3.2.1?

[vhone]

"Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser."
I remember another jailbreak at least a coupe of years ago that also used a hole in mobile safari

"This jailbreak does not work on iPads running iOS 3.2.1."
really? it worked marvelously on mine, which came with 3.2.1

Re:Apple Insider? Pah!

[ncc74656]

I wonder what they added that slowed it down so much. Multitasking is disabled in the 3G. As far as I can tell the new version has added folders, desktop pictures and some minor changes to the email. Yet it feels considerably slower.

I had 4.0 running on my 3G for a couple or three weeks. I got tired of apps not starting up, extreme sluggishness, etc., so I ended up downgrading to 3.1.3. I enabled native multitasking (my phone is jailbroken), but it seemed to be less capable than the multitasking provided by Backgrounder. If I left a webpage or two open in Safari, odds were good that attempts to start other apps would fail. Even if I rebooted the phone, it'd take an interminably long time to open most apps. I had half a thought to have PwnageTool make an image with native multitasking disabled, but the final straw that sent me back to 3.1.3 was that 4.0 broke AirVideo's TV-out capability. The ability to group related apps together was nice (went from six or seven pages of apps down to just two), but iOS 4.0 caused too much other breakage for my taste.

Re:Apple Insider? Pah!

[Zelgadiss]

Bingo.

That's why it's also free, unlike the iOS 3 where Apple charge me to upgrade my ipod touch.

Re:Apple Insider? Pah!

HUH?
If they said the OS would not work on Iphone 3G and Ipod TOuch 2nd gen or older, then that would have been a motivation for people to upgrade hardware. As it is now, you have people with devices that used to perform great are now performing like shit. Do you really think those people will want to spend on upgrading hardware thanks to getting "burned" by a shoddy OS upgrade?

Re:Apple Insider? Pah!

[Thomasje]

I'm not happy with iOS 4.0 on my iPod touch (second generation), either. General UI sluggishness, sometimes to the point of making Mail react so slowly to the keyboard that it becomes unusable, and at that point the only way to get things back to normal is a reboot. There is some new functionality in Mail 4.0 but I don't use it. It appears that it is possible to downgrade back to 3.1.3; I'm going to try that next...

well it is..

a government exploit, not surprisingly it's high tech. There are powerful lobbyists desperate to crush SME's
A factime/videophone revolution would spur economic growth around the world and they may well have a multi-pronged solution to stop that from happening.

Sorry to break the bad news!

Re:Apple Insider? Pah!

[mjwx]

Sod loading anything, my 3G takes a noticeable period of time to react to UI inputs, screen rotations et al when it didn't under the previous OS. iOS4 sucks for the 3G, I don't know why Apple included it in the release.

Apple included it in the release because the fanboys carry on and on about how not every Android phone has 2.2 yet. Not doing so would blunt their biggest attack on Android. Besides this, wasn't the "Snappiness"* of the UI Apples only real selling point?

* Snappiness is an unquantifiable measurement, thus useless anyway.

Re:Sometimes I believe Apple puts these back doors

[mjwx]

To have the "cutting edge" people test out new features.

Using Occams razor and common sense. Apple doesn't put these in, they just don't test it's products properly.

Never attribute to competence that which is easily explained by stupidity.

This hole will be closed in short order. Apple cannot abide you having control over your own phone.

pfah

[amnezick]

woke up this morning at 6:45am. no power in the building, got bored. went to work. got to work. open slashdot. read about brilliant jailbreak solution for my 3gs with 4.0 on it which was vanilla pretty much since 4.0 was released. jailbreak after 5 seconds reading the article. jailbreak finished in minutes. so the rest of the day will be mostly about reinstalling cydia apps back. thanks slashdot for finding good use for my time.

Re:Apple Insider? Pah!

[Vectormatic]

i figure apple is hoping to achieve a similar effect as in the windows-pc world, people keep installing updates and new stuff till their PC just slows down to the point of uselessness, they go out, and buy a new one.

I have to admit, if i were more of a mindless drone, i'd probably use my ipod's slothyness as an excuse to get an iphone 4 early (before my current contract is up), or to upgrade to a newer, more spacious ipod

As it is though, i'll not only kick my ipod to the curb when i can, but i'll get a high end android phone rather then an iphone, having a command line shell on my phone >> AWESOME

Re:Apple Insider? Pah!

[Vectormatic]

Pretty much, my GFs iphone 3GS impressed me so much last year that i got an ipod touch as a sort of PDA, then 4.0 came along and killed the responsiveness to the point where i will kick it out as soon as i get a decent android phone

Re:Apple Insider? Pah!

[dwightk]

Maybe this will help more:

http://lifehacker.com/5572003/how-to-downgrade-your-iphone-3g%5Bs%5D-from-ios-4-to-ios-313

Downgrade to 3.1.3