We’re calling it, folks: famed jailbreak hacker, Comex, has uncovered another PDF exploit in iOS that will allow for a userland jailbreak, ala JailbreakMe.
This is based off the above teaser image, which Comex just announced on his Twitter and is available for viewing on jailbreakme.com. If our detective work is correct, we expect a new, untethered, userland jailbreak for iOS.
Charlie Miller, a security expert who managed to jailbreak iOS 4.3 during the Pwn2Own hacking contest, has revealed an interesting piece of information about 4.3.1. According to Mr. Miller, the Safari exploit uncovered at Pwn2Own is still un-patched in Apple’s latest build of iOS.
An official jailbreak has yet to be released for 4.3.1, but the fact that this obvious exploit still exists points to the possibility of a jailbreak solution similar to JailbreakMe. There is no concrete evidence that this bug will be used in a jailbreak tool for iOS 4.3.1…
Getting confused from all of the Ra1n? There’s BlackRa1n, LimeRa1n, PurpleRa1n, and the upcoming RubyRa1n. It’s enough to confuse even the best meteorologist.
To add to the level of confusion, someone(s) impersonating renowed iPhone hacker GeoHot has released a site called Ra1nb0wRa1n with little to no fan fare.
The fact that it received hardly any pub before going live was the first thing that struck us as weird. The fact that the site is actually pointing to a Chinese website, is the real thing that sent up our red flags.
For the record, although the site’s whois records feature Hotz’s name and a New Jersey residence, Ra1nb0wRa1n does not appear to be associated with GeoHot in any way, shape, or form…
So far, RedSn0w has been the only publicly released tool that can jailbreak iOS 4.2.1. The Dev Team warned users about the dangers of updating their iOS firmware to 4.2.1 before the RedSn0w beta was released. Around that time, the iPhone hacker, P0sixNinja, said that the GreenPois0n jailbreak would be ready for 4.2.1 around the same time as RedSn0w.
The GreenPois0n jailbreak has still not come out for 4.2.1, a LimeRa1n update is nowhere to be found, and all we have had is a somewhat unstable RedSn0w beta. Luckily, PosixNinja has recently said that the GreenPois0n (most likely tethered) jailbreak will actually be ready very soon. And Geohot could always come out of the woodwork and surprise us like he did with LimeRa1n.
After some drama about a leaked SHAtter exploit in mid-December, the jailbreak developer community has seemed to be a little more divided. Comex, a prominent personality in the jailbreak community, was supposed to be working on an untethered jailbreak tool for 4.2.1. However, it seems he might be saving his hack for iOS 4.3…
As soon as the Mac version of GreenPois0n came out, I went ahead and jailbroke my device. It wasn’t the same eye-candy that JailbreakMe was, or even Comex’s first jailbreak, but it worked and I didn’t have to wait long. Here’s a few quick things that I immediately noticed.
LockScreen PIN Delay
After a fresh reboot or a respring, I can no longer dive right in to tap the PIN to access my device. The problem is either a delay or the first tap or two is not recognized. But it definitely slows me down a little bit…
The Dev Team recently confirmed there will not be a jailbreak for iOS 4.0.2 because iOS 4.1 is right around the corner and really, it would be a waste of time, but most importantly, a waste of exploit. This being said, I bet our favorite team of hackers is currently working hard on the iOS 4.1 beta release, trying to find a hole in there.
This week has gone by faster than usual. Perhaps the Apple event made the days come and go quicker but nevertheless it’s Friday. This is the day I’ve been known to spout off about a topic that I feel needs further attention. This week I go after those who feel the need to warn people that jailbreaking your iPhone can “brick” it.
I recently posted an article announcing the recent jailbreak of my iPhone 4. Having been away from the dark side since my iPhone 3G, I wasn’t sure what to expect from the process.
After weeks of self debate and bugging Sebastien about the possibilities of jailbreaking my iPhone 4, I took the leap of faith Wednesday night and cracked opened my device. I must say that the whole process was unbelievably painless and took no more than 5 minutes to perform the hack and update the Cydia packages.
I used JailbreakMe to perform the procedure and I will vouch for the website any day. After 2 or 3 minutes of loading, the device was jailbroken and ready to be used. Perhaps it was the Apple aroma in the air after their event, but nevertheless having jailbroken my iPhone 4 makes it feel like launch day all over again…
I usually leave it up to Sebastien to provide our loyal readers with the jailbreak information but I’ll take the reigns this time. PMP Today has posted a couple of alternative sites for those wishing to jailbreak their iPhone after individuals claimed they were having difficulties performing the hack with JailbreakMe.
If you’re among those experiencing troubles with the self titled URL, it is recommended that you try using jailbreakme.com/index.html or accessing the Canadian site of jailbreakme.ca to perform the process. If none of those work for you, you can always try what iDB reader Joe suggested by visiting jailbreakme.com/blob.html from your iPhone.
The Dev Team wrote a blog post this morning telling they are working on a fix for iPhone 2G and iPod Touch 1G who were left out of yesterday’s iOS update. Apple released iOS 4.0.2 to fix a PDF security hole that was used by JailbreakMe to jailbreak the iPhone. This security glitch could have also been exploited by malicious softwares, which explains why Apple was so quick to release a fix for it.
The problem is Apple completely denied support for older models like the original iPhone and iPod Touch. Even though Apple acknowledges the severity of the holes, they didn’t deem it necessary patching them on these older iDevices.
This is where the Dev Team steps in. The jailbreak community had already developed a quick fix (PDF Loading Warner) but it was more of a safety net than anything else. According to the Dev Team, “Saurik has been burning the midnight oil coding a Cydia package that will fix the holes for all devices and all firmware versions (even going back to version 2.x!).”
UPDATE: PDF Patch is available in Cydia for free.
The fix will go through a short testing period and will then be available for download in Cydia. As I said earlier, JailbreakMe highlights the irony of jailbreaking. Apple has always claimed jailbreaking could expose your iPhone to safety risks. Today it proves that jailbreaking your iPhone is the best way to keep your iPhone safer, as Apple won’t do it if you’re still using an older iPhone or iTouch.
Well, it only took Apple 4 days to realize they should block access to JailbreakMe.com from their stores’ wifi network to stop those pranksters from jailbreaking iPhones, iPads and iPods. According to 9 to 5 Mac, pointing a device to www.JailbreakMe.com from inside the store redirects to Apple’s website.
An Apple spokeperson told CNET they are well aware of the security exploit found in iOS and they are apparently already working on it:
We’re aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update.
This security glitch found in the way iOS handles PDF documents allowed the Dev Team to create JailbreakMe, which uses this exploit to inject the jailbreak code in your iPhone. Some security experts were quick to realize that this exploit could be used to inject malicious softwares in your iDevices and brought up this issue to the general public. The jailbreak community quickly developed a fix for it which can be downloaded directly from Cydia.
This morning I highlighted the irony of the situation. Apple has always claimed jailbreaking can put your iPhone at risk but it proved to be the other way around as so far, your iPhone is more secured once it is jailbroken and the exploit has been patched.
We don’t know when Apple will release this software update, which will most likely come with 4.1. Apple usually isn’t quick to fix things up so if I had a guess I’d say we won’t see this update until the end of the month.