They can only ban you if you perform persistent modifications or connect while using invasive temporary modifications. Right now, hypothetically loading Linux from the PSJailbreak exploit will not make any permanent changes and should not affect your chances of being banned on PSN in the future (if you choose to update, or if you perform some other hack to avoid the update, assuming said hack is not detectable). Meanwhile, installing custom pkgs is basically guaranteed to make Sony notice you.
In practice and in my experience, it does. Examples: On the Xbox1, after the ripped SDK became the defacto homebrew platform, OpenXDK never took off. On the Wii, after libogc became the defacto homebrew platform (while its author hid the fact that most of it was decompiled from the Nintendo SDK, which came to light when it was too late), nobody cared to make a legal replacement.
Once people become accustomed to using inherently illegal but convenient software, it is extremely hard to gather support to build a legal alternative. It's just too easy to keep things as they are instead of starting over from scratch.
They didn't take anything out, they just disabled it. lv1 is the same under GameOS and OtherOS, except with less limitations. Theoretically, you can use the psjailbreak exploit to make a Linux bootloader that replaces lv2, and enjoy the old OtherOS Linux with little to no modifications, plus the capability to use the RSX.
That's because the Xbox 360 is more secure than the PS3. The 360 was attacked first because the PS3 had OtherOS, but now we're finding out that the PS3's native OS is a lot less secure than previously thought.
In particular, the 360's hypervisor model is a lot better, and they have hardware memory signing and encryption for the hypervisor and executable code. The only reason the PSJailbreak works is because the PS3 doesn't implement W^X at all inside lv2 (!), and it has nothing resembling memory encryption or signing. Its only really redeeming security feature is the secure SPE, but that does nothing to prevent you from owning the rest of the system and using it as a crypto oracle.
Nope, I'm sure Sony's upper management is thrilled to see that homebrew is being created using their leaked SDK. This guarantees that PS3 homebrew is and always will be illegal, and therefore can never be legitimate in the grand scheme of things. Sony will be free to legally threaten any homebrew communities.
People, this is the wrong way to go. It will just end up like the Xbox1, whose homebrew scene was underground (except for linux-based stuff). Not a good plan. Instant satisfaction (using Sony's leaked tools instead of writing your own) only works in the short term. This can be fixed, but only if people care instead of going for the quick and dirty way.
We already have a perfectly good port of Linux to the PS3, capable of replacing lv2 while gaining RSX/3D funcionality thanks to the new exploits. How about we concentrate on getting that to work instead of illegally using Sony's OS and tools?
Plus, nobody really knows how Sony's software ecosystem works yet. For all we know, at one point, all users who have ever installed a homebrew pkg (even if they update later) will have their consoles permanently banned from PSN.
Try clearing your cookies. Google does special tests for some people. By using a national site that you normally don't use, you force Google to treat you as a random new user, as it won't see your cookies for the main site.
For example, I do not get the gray typing logo in my main browser, but I do get suggestions with interleaved results as I type in the box. On a fresh browser profile, I get the typing logo and no results in suggestions.
There is a pretty fair chance that a modchip manufacturer hired one of the better PS3 hackers to pull this off. Heck, more than one such hacker has hinted at having worked on "something", and if you follow the clues it isn't hard to put together one or two suspects.
Not the hypervisor. GameOS. The exploit only provides access to the GameOS kernel (and the original PSJailbreak dongle, practically speaking, only lets the end-user access the application level code via packages, as the GameOS patchset/payload is fixed). We can't access the underlying hypervisor without the RAM glitching attack so far (although future exploits might).
Technically - jailbreaking is a specific technical term that means escaping a filesystem jail. Jailbreaking an iPhone exposes your iPhone's root filesystem with root privileges via an AFC share via USB (as opposed to the regular data share that exists on stock iPhones). This is the origin of the term. None of this applies to the PS3.
Practically - iPhone jailbreaking was initially a means to load native code on the iPhone (before Apple had an SDK) and loading unapproved native code is still its primary goal, as evidenced by Cydia being the main application installed by jailbreaks. A common secondary goal is carrier unlocking. Piracy does exist, but it is generally not endorsed by the people behind jailbreaks, and installing piracy tools and pirated apps is left entirely up to the user. The PSJailbreak is primarily a piracy device, as there is no homebrew SDK, none was provided, and the only provided application (which was created with Sony's leaked SDK) is a game copier.
Morally - the PSJailbreak is a for-profit device sold at a hugely inflated price (actual cost is more like $5-$10) with the knowledge that it will be rendered useless with the next firmware update (which, in fact, just came out: 3.42), in order to make a quick buck. iPhone jailbreaks are free (except for scammers who try to sell them).
The PSJailbreak has nothing to do with jailbreaking. Just because they took the term and used it doesn't mean this is morally, technically, or practically equivalent or even remotely similar to iPhone jailbreaks.
There is no "cheap" Cell SDK that is usable for the PSJailbreak. It allows booting apps... that were compiled using the leaked official SDK (much like the "Backup Manager" that they offer was). There are no libraries in existence currently that would enable people to compile for the PS3 using GCC and the like, and the PSJailbreak also does not allow reinstatement of Other OS because they blew their chance at incorporating that functionality into the dongle, and it can't be done using purely application software.
There probably will be legit homebrew for the PS3 at some stage, but the PSJailbreak is certainly more about piracy than anything else.
The exploit has nothing to do with Sony's service jig. It uses the service jig code as a handy way to stash 64 bytes into memory, but it neither passes jig auth nor does anything related to what the jig does at Sony's repair centers. In fact, I think the exploit could be reworked not to emulate a device with the jig's ID at all. The core exploit relies on random (non-specific unidentified vendor) USB devices with wacky descriptors.
The exploit also only has permissions at lv-2 level (GameOS). Breaking into lv-1 will require extra work, and breaking into the secure SPU is still impractical.
It's trivial - it's a hole in GameOS (lv-2), which is part of updates and nowhere near the early bootloaders. They're probably working through their very first case of "oh-shit-we-need-to-patch-this-now" bureaucracy. They'll get faster for upcoming iterations of the exploit-patch-release cycle.
Even worse, he's directly responsible for bricking hundreds of consoles due to shoddy code (his "custom updater" and "custom downgrader" saga; at one point running one of his tools bricked your console 100% of the time) and generally speaking hasn't made any contributions to homebrew, instead opting to cobble together pieces of homebrew code to make pirac^H^H^H^H^Hbackup tools, often without following the licences.
He's only jumping on the PS3 bandwagon to get some attention, which is something he loves. If he ever releases anything halfway meaningful for the PS3, I can pretty much guarantee it'll be a port or simple combination of existing tools in a slightly more "marketable" way, with a "healthy" dose of his sponsor's logos, as his Wii releases always have been.
True story: he released his USB loader about 20-30 days after someone actually wrote a high-speed USB driver, which was the final piece of the puzzle. For kicks, after his announcement but before the release, I proceeded to independently create an equivalent USB loader, to gauge how much work had to go into it. ~200 lines of code and 6 hours, not counting time spent writing a silly menu and slapping in logos.
As far as copyright law is concerned, the "one-time-pad" would be a derivative work of the Linux ISO and the porn film, and thus would be considered to contain the information.
I know about the isolated SPU, and this has nothing to do with it. Sure, the PS3 has some interesting real security. That's orthogonal to the obscurity that is also present. The obscurity is simply the inability to analyze the software, as externally it just appears encrypted and signed. I am especially talking about PowerPC code, such as the hypervisor and GameOS code, which form the bulk of the software running on the PS3.
People underestimate the importance of obscurity. Sure, obscurity is undesirable in things such as encryption algorithms and Internet security protocols, which should be open and still secure. However, there is an entire continuum of security vs. obscurity, and things such as "secure" consumer devices like game consoles fall somewhere in the middle, where obscurity plays a very important role in delaying the inevitable analysis of the security (which will never be fully secure, as it's too complicated).
On the extreme end of the scale, media DRM schemes are 100% obscurity. Real security is fundamentally impossible with a DRM system, by definition.
My personal opinion is that the PS3 has inferior security to the Xbox 360 (no RAM encryption or hashing, privileged hypervisor is freely available for glitching in insecure external memory), but had superior obscurity, plus discouraged analysis by providing an officially supported way of running unsigned code (Other OS). Sure, there's the isolated SPU in the Cell that handles crypto, and breaking into it is nearly impossible, but that's not necessary in order to significantly compromise the system. The fact that the SPU is isolated is its limitation, as it can do little when software outside of it is compromised. Sure, it can do "stuff" securely for you, decrypt executables, check signatures, etc., but once you break into the PPU hypervisor nothing prevents you from just ignoring the SPU and running your own code. You can also use the SPU to decrypt official code for you. Sure, you'll never get the keys, but you don't need them.
Re:What has this to do with sony yanking linux?
on
PS3 Hacked via USB Dongle
·
· Score: 5, Interesting
The PS3 was secure through obscurity (besides any actual security present), much like the Wii was in its infancy (Wii drivechips notwithstanding, those are a whole different ballgame). Obscurity works a lot better than security for consoles, because they are big, complex systems that inevitably have holes. Obscurity is useful up until the first hack is published, which is when people finally get to poke at dumps of your software and expose your bugs. The more you can delay that from happening, the better. The Wii did a good job of this by encrypting and signing every piece of data on Wii game discs, for example. There were bugs, but nobody could figure them out without access to decrypted binaries.
We don't know if someone involved in PS3 homebrew hacking had anything to do with this, but it's certain that whoever did this at the very least used techniques developed as a result of the Other OS remioval during development. Specifically, until the Other OS fiasco happened, there was no way to dump PS3 software and analyze it for exploits. Now there is.
Both the Wii and the PS3 obscurity-breaking hacks were almost identical: RAM glitching to escalate privileges from an unprivileged mode in order to access secure areas. The Twiizer Attack on the Wii glitched the RAM address lines in order to dump secure software and keys from insecure GameCube mode, and geohot's PS3 exploit used RAM glitching in order to make the hypervisor unwillingly give you read/write access to secure RAM while in insecure Other OS mode. When software is obscure, hardware is the only way to go. This Wii attack paved the way for Wii software exploits, and certainly this PS3 USB device is based upon exploits uncovered by dumping via the memory glitching exploits released earlier this year after Sony pulled Other OS.
So yes, Sony basically asked for this by pulling Other OS and angrying legitimate hackers who used Other OS, and now they got what they asked for. I'm just glad some piracy company did it first instead of repeating the story of the Wii where pirates piggyback on homebrew.
The one sad, sad thing is that this is called "PS3 jailbreak". Jailbreak is a very specific term that describes breaking out of a filesystem jail (e.g. on the iPhone), and it's being used on the PS3 purely for "brand recognition". This will just make people associate jailbreaks with piracy.
I don't think the jailbreak updates the OS to include su
It does. The deb dependency chain is cydia -> essential -> dpkg -> coreutils-bin. Stock iPhones have very little of the standard UNIX/BSD filesystem and utilities left.
if you have an exploit like the PDF exploit and are able to run arbitrary code, then you can su and the root password is known
No you can't, because nothing on the phone cares about that password. UNIX kernels don't read/etc/passwd. You need a sudo-root utility like su to handle authentication. There is no such mechanism on a stock iPhone, so passwords in/etc/passwd mean nothing. The iPhone makes no attempt to conform to standard POSIX semantics, especially in userland. In fact, they have their own application sandboxing system on top of normal UNIX permissions.
If order to jailbreak an iPhone, you need a kernel (or bootloader) exploit besides a userland exploit. Knowing the root password is useles, because nothing on the phone is actually capable of accepting that password and giving you root. And even if you have root, you aren't all-powerful like root is on a normal UNIX OS. The kernel is still off-limits, and you still need a kernel hole to break in.
Does anyone know if the jailbreak requires the root password to be alpine to work?
You can't su to root. There is no su on a stock iPhone. The privilege escalation from the PDF exploit was accomplished using a kernel vulnerability, not su.
The passwords mean nothing until you jailbreak and actually put a reasonable UNIX userland on the phone.
They patched both the kernel vulnerability and the PDF exploit, so yes, it's patched for good. Even if they only patched the PDF exploit, there's no other way to deliver the jailbreak to a 3GS or 4 anyway. You need both a way to run userland code on the phone and an exploit to get into the kernel.
You do realize that this is currently the only way to jailbreak on an iPhone 4 and newer iPhone 3GS, right? Unless you have SHSHs on file and can therefore downgrade to 4.0.1 (and subsequently use jailbreakme), you're stuck without a jailbreak for now.
Slashdot Mirror
They can only ban you if you perform persistent modifications or connect while using invasive temporary modifications. Right now, hypothetically loading Linux from the PSJailbreak exploit will not make any permanent changes and should not affect your chances of being banned on PSN in the future (if you choose to update, or if you perform some other hack to avoid the update, assuming said hack is not detectable). Meanwhile, installing custom pkgs is basically guaranteed to make Sony notice you.
Better be safe than sorry.
In practice and in my experience, it does. Examples: On the Xbox1, after the ripped SDK became the defacto homebrew platform, OpenXDK never took off. On the Wii, after libogc became the defacto homebrew platform (while its author hid the fact that most of it was decompiled from the Nintendo SDK, which came to light when it was too late), nobody cared to make a legal replacement.
Once people become accustomed to using inherently illegal but convenient software, it is extremely hard to gather support to build a legal alternative. It's just too easy to keep things as they are instead of starting over from scratch.
They didn't take anything out, they just disabled it. lv1 is the same under GameOS and OtherOS, except with less limitations. Theoretically, you can use the psjailbreak exploit to make a Linux bootloader that replaces lv2, and enjoy the old OtherOS Linux with little to no modifications, plus the capability to use the RSX.
We're working on it.
That's because the Xbox 360 is more secure than the PS3. The 360 was attacked first because the PS3 had OtherOS, but now we're finding out that the PS3's native OS is a lot less secure than previously thought.
In particular, the 360's hypervisor model is a lot better, and they have hardware memory signing and encryption for the hypervisor and executable code. The only reason the PSJailbreak works is because the PS3 doesn't implement W^X at all inside lv2 (!), and it has nothing resembling memory encryption or signing. Its only really redeeming security feature is the secure SPE, but that does nothing to prevent you from owning the rest of the system and using it as a crypto oracle.
Nope, I'm sure Sony's upper management is thrilled to see that homebrew is being created using their leaked SDK. This guarantees that PS3 homebrew is and always will be illegal, and therefore can never be legitimate in the grand scheme of things. Sony will be free to legally threaten any homebrew communities.
People, this is the wrong way to go. It will just end up like the Xbox1, whose homebrew scene was underground (except for linux-based stuff). Not a good plan. Instant satisfaction (using Sony's leaked tools instead of writing your own) only works in the short term. This can be fixed, but only if people care instead of going for the quick and dirty way.
We already have a perfectly good port of Linux to the PS3, capable of replacing lv2 while gaining RSX/3D funcionality thanks to the new exploits. How about we concentrate on getting that to work instead of illegally using Sony's OS and tools?
Plus, nobody really knows how Sony's software ecosystem works yet. For all we know, at one point, all users who have ever installed a homebrew pkg (even if they update later) will have their consoles permanently banned from PSN.
Unless your modchip can hook into internal buses in the Cell silicon die, you won't get anywhere. The secure SPU runs entirely off of internal SRAM.
Try clearing your cookies. Google does special tests for some people. By using a national site that you normally don't use, you force Google to treat you as a random new user, as it won't see your cookies for the main site.
For example, I do not get the gray typing logo in my main browser, but I do get suggestions with interleaved results as I type in the box. On a fresh browser profile, I get the typing logo and no results in suggestions.
There is a pretty fair chance that a modchip manufacturer hired one of the better PS3 hackers to pull this off. Heck, more than one such hacker has hinted at having worked on "something", and if you follow the clues it isn't hard to put together one or two suspects.
Not the hypervisor. GameOS. The exploit only provides access to the GameOS kernel (and the original PSJailbreak dongle, practically speaking, only lets the end-user access the application level code via packages, as the GameOS patchset/payload is fixed). We can't access the underlying hypervisor without the RAM glitching attack so far (although future exploits might).
Technically - jailbreaking is a specific technical term that means escaping a filesystem jail. Jailbreaking an iPhone exposes your iPhone's root filesystem with root privileges via an AFC share via USB (as opposed to the regular data share that exists on stock iPhones). This is the origin of the term. None of this applies to the PS3.
Practically - iPhone jailbreaking was initially a means to load native code on the iPhone (before Apple had an SDK) and loading unapproved native code is still its primary goal, as evidenced by Cydia being the main application installed by jailbreaks. A common secondary goal is carrier unlocking. Piracy does exist, but it is generally not endorsed by the people behind jailbreaks, and installing piracy tools and pirated apps is left entirely up to the user. The PSJailbreak is primarily a piracy device, as there is no homebrew SDK, none was provided, and the only provided application (which was created with Sony's leaked SDK) is a game copier.
Morally - the PSJailbreak is a for-profit device sold at a hugely inflated price (actual cost is more like $5-$10) with the knowledge that it will be rendered useless with the next firmware update (which, in fact, just came out: 3.42), in order to make a quick buck. iPhone jailbreaks are free (except for scammers who try to sell them).
Of course, but the PSJailbreak device (as sond by distributors) cannot (and, as far as I can tell, is not updatable).
The PSJailbreak has nothing to do with jailbreaking. Just because they took the term and used it doesn't mean this is morally, technically, or practically equivalent or even remotely similar to iPhone jailbreaks.
There is no "cheap" Cell SDK that is usable for the PSJailbreak. It allows booting apps... that were compiled using the leaked official SDK (much like the "Backup Manager" that they offer was). There are no libraries in existence currently that would enable people to compile for the PS3 using GCC and the like, and the PSJailbreak also does not allow reinstatement of Other OS because they blew their chance at incorporating that functionality into the dongle, and it can't be done using purely application software.
There probably will be legit homebrew for the PS3 at some stage, but the PSJailbreak is certainly more about piracy than anything else.
We did have a choice (do not update), and we did get beat up if we chose it (no PSN, no newer games).
The exploit has nothing to do with Sony's service jig. It uses the service jig code as a handy way to stash 64 bytes into memory, but it neither passes jig auth nor does anything related to what the jig does at Sony's repair centers. In fact, I think the exploit could be reworked not to emulate a device with the jig's ID at all. The core exploit relies on random (non-specific unidentified vendor) USB devices with wacky descriptors.
The exploit also only has permissions at lv-2 level (GameOS). Breaking into lv-1 will require extra work, and breaking into the secure SPU is still impractical.
It's trivial - it's a hole in GameOS (lv-2), which is part of updates and nowhere near the early bootloaders. They're probably working through their very first case of "oh-shit-we-need-to-patch-this-now" bureaucracy. They'll get faster for upcoming iterations of the exploit-patch-release cycle.
Even worse, he's directly responsible for bricking hundreds of consoles due to shoddy code (his "custom updater" and "custom downgrader" saga; at one point running one of his tools bricked your console 100% of the time) and generally speaking hasn't made any contributions to homebrew, instead opting to cobble together pieces of homebrew code to make pirac^H^H^H^H^Hbackup tools, often without following the licences.
He's only jumping on the PS3 bandwagon to get some attention, which is something he loves. If he ever releases anything halfway meaningful for the PS3, I can pretty much guarantee it'll be a port or simple combination of existing tools in a slightly more "marketable" way, with a "healthy" dose of his sponsor's logos, as his Wii releases always have been.
True story: he released his USB loader about 20-30 days after someone actually wrote a high-speed USB driver, which was the final piece of the puzzle. For kicks, after his announcement but before the release, I proceeded to independently create an equivalent USB loader, to gauge how much work had to go into it. ~200 lines of code and 6 hours, not counting time spent writing a silly menu and slapping in logos.
As far as copyright law is concerned, the "one-time-pad" would be a derivative work of the Linux ISO and the porn film, and thus would be considered to contain the information.
I know about the isolated SPU, and this has nothing to do with it. Sure, the PS3 has some interesting real security. That's orthogonal to the obscurity that is also present. The obscurity is simply the inability to analyze the software, as externally it just appears encrypted and signed. I am especially talking about PowerPC code, such as the hypervisor and GameOS code, which form the bulk of the software running on the PS3.
People underestimate the importance of obscurity. Sure, obscurity is undesirable in things such as encryption algorithms and Internet security protocols, which should be open and still secure. However, there is an entire continuum of security vs. obscurity, and things such as "secure" consumer devices like game consoles fall somewhere in the middle, where obscurity plays a very important role in delaying the inevitable analysis of the security (which will never be fully secure, as it's too complicated).
On the extreme end of the scale, media DRM schemes are 100% obscurity. Real security is fundamentally impossible with a DRM system, by definition.
My personal opinion is that the PS3 has inferior security to the Xbox 360 (no RAM encryption or hashing, privileged hypervisor is freely available for glitching in insecure external memory), but had superior obscurity, plus discouraged analysis by providing an officially supported way of running unsigned code (Other OS). Sure, there's the isolated SPU in the Cell that handles crypto, and breaking into it is nearly impossible, but that's not necessary in order to significantly compromise the system. The fact that the SPU is isolated is its limitation, as it can do little when software outside of it is compromised. Sure, it can do "stuff" securely for you, decrypt executables, check signatures, etc., but once you break into the PPU hypervisor nothing prevents you from just ignoring the SPU and running your own code. You can also use the SPU to decrypt official code for you. Sure, you'll never get the keys, but you don't need them.
The PS3 was secure through obscurity (besides any actual security present), much like the Wii was in its infancy (Wii drivechips notwithstanding, those are a whole different ballgame). Obscurity works a lot better than security for consoles, because they are big, complex systems that inevitably have holes. Obscurity is useful up until the first hack is published, which is when people finally get to poke at dumps of your software and expose your bugs. The more you can delay that from happening, the better. The Wii did a good job of this by encrypting and signing every piece of data on Wii game discs, for example. There were bugs, but nobody could figure them out without access to decrypted binaries.
We don't know if someone involved in PS3 homebrew hacking had anything to do with this, but it's certain that whoever did this at the very least used techniques developed as a result of the Other OS remioval during development. Specifically, until the Other OS fiasco happened, there was no way to dump PS3 software and analyze it for exploits. Now there is.
Both the Wii and the PS3 obscurity-breaking hacks were almost identical: RAM glitching to escalate privileges from an unprivileged mode in order to access secure areas. The Twiizer Attack on the Wii glitched the RAM address lines in order to dump secure software and keys from insecure GameCube mode, and geohot's PS3 exploit used RAM glitching in order to make the hypervisor unwillingly give you read/write access to secure RAM while in insecure Other OS mode. When software is obscure, hardware is the only way to go. This Wii attack paved the way for Wii software exploits, and certainly this PS3 USB device is based upon exploits uncovered by dumping via the memory glitching exploits released earlier this year after Sony pulled Other OS.
So yes, Sony basically asked for this by pulling Other OS and angrying legitimate hackers who used Other OS, and now they got what they asked for. I'm just glad some piracy company did it first instead of repeating the story of the Wii where pirates piggyback on homebrew.
The one sad, sad thing is that this is called "PS3 jailbreak". Jailbreak is a very specific term that describes breaking out of a filesystem jail (e.g. on the iPhone), and it's being used on the PS3 purely for "brand recognition". This will just make people associate jailbreaks with piracy.
Yes.
# dpkg-query -S /bin/su /bin/su
coreutils-bin:
coreutils-bin is a jailbreak package.
It does. The deb dependency chain is cydia -> essential -> dpkg -> coreutils-bin. Stock iPhones have very little of the standard UNIX/BSD filesystem and utilities left.
No you can't, because nothing on the phone cares about that password. UNIX kernels don't read /etc/passwd. You need a sudo-root utility like su to handle authentication. There is no such mechanism on a stock iPhone, so passwords in /etc/passwd mean nothing. The iPhone makes no attempt to conform to standard POSIX semantics, especially in userland. In fact, they have their own application sandboxing system on top of normal UNIX permissions.
If order to jailbreak an iPhone, you need a kernel (or bootloader) exploit besides a userland exploit. Knowing the root password is useles, because nothing on the phone is actually capable of accepting that password and giving you root. And even if you have root, you aren't all-powerful like root is on a normal UNIX OS. The kernel is still off-limits, and you still need a kernel hole to break in.
It doesn't.
You can't su to root. There is no su on a stock iPhone. The privilege escalation from the PDF exploit was accomplished using a kernel vulnerability, not su.
The passwords mean nothing until you jailbreak and actually put a reasonable UNIX userland on the phone.
Yup, already out for testing.
Thu Aug 12 15:20:25 unknown MobileSafari[421] : MS:Notice: Loading: /Library/MobileSubstrate/DynamicLibraries/PDFPatch_CVE-2010-1797.dylib
[...]
Thu Aug 12 15:20:56 unknown MobileSafari[421] : Prevented PDF Exploit
Thu Aug 12 15:20:56 unknown MobileSafari[421] : FT_Load_Glyph failed: glyph 1: error 130.
Thu Aug 12 15:20:56 unknown UIKitApplication:com.apple.mobilesafari[0xc4c][421] : Thu Aug 12 15:20:56 iphone MobileSafari[421] : FT_Load_Glyph failed: glyph 1: error 130.
And suddenly jailbreaking is the smart security option for all the users that Apple left behind.
They patched both the kernel vulnerability and the PDF exploit, so yes, it's patched for good. Even if they only patched the PDF exploit, there's no other way to deliver the jailbreak to a 3GS or 4 anyway. You need both a way to run userland code on the phone and an exploit to get into the kernel.
You do realize that this is currently the only way to jailbreak on an iPhone 4 and newer iPhone 3GS, right? Unless you have SHSHs on file and can therefore downgrade to 4.0.1 (and subsequently use jailbreakme), you're stuck without a jailbreak for now.