Apple has been battling against the jailbreak scene for nearly 4 years. Every time hackers find an exploit, Apple is right there to release a software update to patch it. But boot-level exploits, like GeoHot’s Limera1n, are much harder to fix.
In fact, Limera1n continues to be used for iOS 5 jailbreaks on pre-A5 devices. So, Apple had to think outside the box with their latest mobile software update. They had to come up with something to try and slow down the hackers. And they did…
According to the Dev Team, users who upgrade to future versions of iOS 5 won’t be able to downgrade like they previously did. Apple has changed the way that they authenticate software restores, so saved SHSH blobs won’t help.
We touched on this back in June, when the Dev Team first spotted the change. But with everyone updating to iOS 5, it’s definitely worth mentioning again. As of right now, there is no way to downgrade versions of iOS 5 after Apple is done signing.
“Starting with iOS 5 beta, the role of the “APTicket” is changing — it’s being used much like the “BBTicket” has always been used. The LLB and iBoot states of the boot sequence are being refined to depend on the authenticity of the APTicket, which is uniquely generated at each and every restore (in other words, it doesn’t depend merely on your ECID and firmware version…it changes every time you restore, based partly on a random number). This APTicket authentication will happen at every boot, not just at restore time. Because only Apple has the crypto keys to properly sign the per-restore APTicket, replayed APTickets are useless.”
So what does this mean for jailbreakers? Nothing, at the moment. As we reported yesterday, iOS 5 is eligible for a tethered jailbreak, and this doesn’t change that. But this can cause major problems once Apple starts pushing out iOS 5 updates.
As things sit right now, if Apple patches a required exploit with a future version of iOS 5, those who accidentally update would essentially be stuck there. For example, you wouldn’t be able to downgrade from iOS 5.1 firmware to iOS 5.0.
But it’s not over until it’s over. Dev Team frontman MuscleNerd believes there will be workarounds for this issue. And users with saved SHSH blobs should always be able to downgrade to iOS 4 (excluding iPhone 4S users, obviously).
Even though Apple just released iOS 5 yesterday, it’s likely that they won’t push out an update for the next couple of weeks. Let this be a jailbreaker’s reminder to be extremely cautious about updating software in iOS 5. Apple has definitely stepped up its game.