Hackers claim iPhone 2.0 breakthrough

It hasn't even been released yet, but iPhone hackers claim to have already figured out a way to jailbreak Apple's iPhone 2.0 software.

The iPhone Dev Team said yesterday (thanks, Gizmodo) it has figured out a way to hack into the iPhone's bootloader by taking advantage of the way the iPhone authorizes code that can be written to memory. After some modifications, this apparently allows any code to be written to the iPhone, such as applications that haven't been authorized by Apple, and it should work with any new software version Apple releases, according to the team.

It seems the iPhone hacking community has already found a way to get unofficial applications on the iPhone 2.0 software.

(Credit: iPhone Dev Team)

The team released a screenshot of what is supposedly an iPhone running external applications on the beta 2.0 software, which can be obtained by downloading the iPhone SDK. It's hard to tell exactly which version is shown in the screenshot, although the inclusion of the App Store is a pretty big hint. Still, Adobe sells a lot of copies of Photoshop for a reason.

Unlike previous hacks, this one isn't specific to the latest firmware version, it exploits the way that Apple designed the iPhone's main bootloader. According to the iPhone Dev Team, the iPhone verifies whether or not firmware code has been signed with an RSA certificate before allowing it to be written to memory. The team has apparently figured out a way to disable that check and allow unsigned code to be written to memory. A detailed explanation of the exploit can be found here.

The hacking community believes this jailbreaking method (which will also let you unlock your iPhone) can't be fixed by Apple in a production version of the 2.0 software. Even though Apple has released the SDK, it seems pretty likely that hacking will continue as long as the company maintains its one-carrier, one-country policy and if Apple chooses to exclude lots of third-party applications that conflict with its goals.

[fredtheviking]

It seems like Apple is fighting a losing Battle...

What else is there to say?

[JoshF1026]

I wouldn't be so sure Apple is "fighting"

They have everything to gain from this kind of hacking, the losers are AT&T. Apple has to make it look like they are trying, but jailbroken iPhones only lead to more hardware sales and more money for Apple. Apple makes no money on iPhone software (though they will make a little from priced 3rd party software to come), and they know that most iPhone users are probably not tech savvy or brave enough to mess with their $400 phone.

[appledogx--2008]

As long as there are control freaks...

there will be those who fight that control. Apple is deluding
itself if it thinks it can maintain total control of any platform.

I love Apple, but I love freedom more. I think that sums up the
attitude of many users. Freedom: that's the force that drives
these hackers. It is unthinkable for many users to tolerate that
the manufacturer can dictate what you will run on the device
and from where you can obtain it. Whether Apple's aims are
practical or greedy, benevolant or whatever really takes second
fiddle to freedom.

If Apple keeps up in its losing battle, in a few years we will
become accustomed to the generic news "Hackers have broken
iPhone N.n". Remember 1984? Now who's the one on the
screen?

[groink_hi]

A minute on "freedom"...

If you were locked up in a country you were born in, with no means of moving out, then yes freedom would be a goal.

But you bought a $$$$ piece of electronics. You knew what type of company (Apple) you were dealing with. You knew all the lockdowns of the device. But despite all of that, you basically moved into a communist country and now want free water and electricity. THAT isn't freedom to me.

Freedom is something like Linux on an ACME-branded PC. You still need to reset the iPhone to factory condition before sending to Apple for repairs. To me, that's like putting on a disguise and attempt to sneak back into the country because you like the food there. If you like the country for its food, you should've stayed there in the first place.

[montex66]

Not losing at all

Apple seems to have done a fine job of keeping viruses and
malware off the Macintosh OS X platform. I hardly think it's likely
that the iPhone will spin away from Apple's lock. And that's a
good thing!

I don't want to let hackers into my iPhone no matter how much
"freedom" I can potentially obtain. I've had an iPhone since day 1
and I have tons of personal information on it. Anyone who
intentionally jailbreaks their iPhone is a fool, because no matter
how unimportant you think you are, there is identity information
in your iPhone that someone could use against you.

Apple has the most secure platform out there. I fully support
their effort to keep it so. If you want pollute the platform with
risky software, go get the alien crap Google has to offer.

[johnqh]

I don't think Apple minds it

Does Apple mind unlocked/jailbreaked iPhones? Of course now. They are extra sales in their pocket.

The whole point of having restrictions is to set a limit on the tech support. If you unlock/jailbreak it and have problems, Apple has all the right to say "sorry, you are on your own". And most people who installed hacks will know not to bother Apple if there are problems.

It has nothing to do with Apple wanting to control your phone. It is a business decision to control their user experience and support cost. All mobile device SDK has restrictions. Take a look at Windows Mobile - see how much it costs to get your application code signed, and what kind of software they allow with the certificates.

And of course, people hack that too. For the same reason, if someone hacks the WM to install some software, he knows not to blame Microsoft if his phone breaks down.

[DrtyDogg]

Maybe a little

As they also get a piece of the monthly action from AT&T and this hack allows it to be used with any carrier too.

[Raed1]

Yes but....

I don't know if anyone watched the SDK unveiling or has been
paying attention, but this idea that it can't be defeated is the
same hubris that keeps the DRM engineers in business.

Consider that Apple "turned on" features in the iphone WITHOUT
AN UPDATE when they implemented photo galleries on .mac.
Also consider that your phone, unless in airplane mode, is
constantly talking to the cell phone network. Then try to recall
the portion of the SDK event when the iphone was "turned off"
by a command from the server.

If there is something truly malicious out there I would imagine
that AT&T and Apple would have no problem (and legal standing
if your read your iphone licenses) to the iphone software, over
the air. Look they won't probably do that but, and this is key. If
people are out their wreaking havoc I think it would be trivial to
"brick" phones that don't have the correct keys and unmolested
software on them.

[lawrencewinkler]

Security and my freedom

That "freedom" may be defined as "free to hack the iPhone"
bumps up against my freedom to have the information, data and
resources of and in my iPhone secure from attack.

I don't want malware entering the iPhone. We have enough
problems with the Internet now, being that 90% of email traffic is
spam. And I moved to the Mac for various reasons, a key reason
was security.

There is no question that being locked into AT&T is unfortunate.
I, first, would want to see real competition in mobile segment --
not just the 2 biggies -- Verizon and AT&T in the U.S. That is
not an Apple problem, but at least Cingular was willing
(desperate) to allow the unknown Apple push the envelope of
the cell phone industry. For that, we owe Cingular some
grateful acknowledgement, in spite of their weaknesses.

At least for me, freedom is not and should be not defined as the
right get away with anything you want to do.

[faceless128]

What you want isn't freedom

You have the freedom to keep your data safe. Do not connect a device that has sensitive data to a network.

[benjwah]

Security & your "freedom"

If you don't want malware, don't install the jail break. Other people doing it doesn't affect your security at all. And freedom isn't getting away with anything you want to do. But being locked into a ridiculously anti-competitive contract in the supposedly free-market isn't freedom either, which is why it's perfectly within other peoples rights to hack the hardware and software they paid for.
If you're really concerned about the freedom you assert to have your information, data & resources be secure from attack, I'd look long and hard at your own government and Cingular. They're not concerned at all.

[g15host]

Any News is Free Advertisement

For every news story of iPhone broken 'free', Apple probably gets
1000 more people interested in checking out the phone. Just a
week ago everybody was up in arms about Flash not getting on the
iPhone. 24 hours later nobody cares. Apple haters and hardcore
hackers and Mac newbies all want to play on the phone. What
consumer device in recent history has generated such creativity
from all angles? Oh if only every company can suffer such 'bad'
news in the headlines... ;-)

[jumpjetta]

Agreed

The iPhone with more apps is more valuable.

[ajhoughton]

Who cares?

Who cares?

$99 to sell (or distribute for free, if that's what you want to do)
an app is a really low barrier to entry.

The only people who need to be able to circumvent the
signature check are the writers of viruses and other malware.
Even FOSS projects can afford a one-off payment of $99.

Users certainly shouldn't unlock their iPhones after the App
Store goes live; the only extra choice it's going to get you is the
freedom to install malware, accidentally or otherwise. The fact
that iPhone developers have to positively identify themselves is a
good thing for the consumer, and intentionally defeating that is
irresponsible.

(And for those who are dumb enough to think that a jailbreak is
going to let people e.g. do VoIP over EDGE, think again. AT&T
will almost certainly block *that* in their network.)

[coisman]

A lot of people.

Apparently, you don't seem to understand the many restrictions of the SDK. First off, apps can't run in the background, which makes any program like Instant Messaging useless, because as soon as you close out of it, or receive a phone call, that program will automatically close and it will sign you out.
Secondly, the SDK forbids you from writing any app that 'executes another program's code'. This includes a HUGE amount of stuff, including Flash, Java, and Safari plugins. Right now, the open toolchain can do just about EVERYTHING the SDK can do, including all that stuff that the SDK restricts you from doing, with the exception of Remote Debugging (but I've heard that it is very possible and, now that the SDK is out, will probably be added in future versions). So is there a reason to jailbreak, still? I would say...DEFINITELY. At least, until Apple releases a real SDK, and not a pile of crap.

[inachu]

Apple or Hackers. WHERE ARE THE GAMES?!!?!?

I am so sick and tired waiting for games that can be installed on my iphone.
Good quality games like Quake or Age of Empires or anything of that quality.

[Seaspray0]

Not games like that

You've set your sights too high. the iphone is not on the same calaber as a computer or a game console. I hope you like solitare games.

[kensta12]

Apple announced iphone, apple, iphone 2, iphone 3g, new iphone complete features visit here
http://iphone2-apple.blogspot.com

[extremeiit]

Can I unlock my iPhone from AT&T and use it in the Uk on and O2 sim card plan? If so, is there a different way of doing it?