If for some strange reason you updated to 4.0.2 when Apple released it to patch the PDF exploit that was used for the JailbreakMe jailbreak and your running a iPhone 3G or iPod Touch 2G (Non MC Model) then you can still jailbreak your new protected iOS. The current version of the jailbreak tool redsn0w will still work on both the iPhone 3G and iPod Touch 2G as long as it’s a Non-MC model. Just point redsn0w to the 4.0 firmware to ‘trick’ it then you’ll be away with your new jailbreak.
Yesterday I provided you with Custom Firmware Restore files for all the iDevices that support the new update and can be jailbroken. This morning the Dev-Team released an update as it had the same issue as redsn0w to cause a problem with iBooks. Obviously if you don’t intend on using iBooks you don’t need to re-download it but I will be re-uploading the firmwares (without custom boot logos) with the fix for iBooks.
Please read this Dev-Team article before using any of the custom restore files.
iPhone 3GS iOS 4 Custom Restore (Root Size 831MB)
Hactivated – iPhone2,1_4.0_8A293_Custom_Restore_(Hacktivated).ipsw
Not Hactivated – iPhone2,1_4.0_8A293_Custom_Restore.ipsw (Alt Link – MegaUpload)
iPhone 3G iOS 4 Custom Restore (Root Size 756MB)
Not Hacktivated w/Multitasking Enabled – iPhone1,2_4.0_8A293_Custom_Restore_(Multitasking_Enabled).ipsw
Not Hacktivated – iPhone1,2_4.0_8A293_Custom_Restore.ipsw
Hacktivated w/Multitasking Enabled – iPhone1,2_4.0_8A293_Custom_Restore_(Hactivated_Multitasking_Enabled).ipsw
Hactivated – iPhone1,2_4.0_8A293_Custom_Restore_(Hactivated).ipsw
iPod Touch 2G iOS 4 Custom Restore (Root Size 688MB)
With Multitasking Enabled – iPod2,1_4.0_8A293_Custom_Restore_(Multitasking_Enabled).ipsw
Without Multitasking Enabled – iPod2,1_4.0_8A293_Custom_Restore.ipsw
Over the past week there has been a lot of news over unsecured SSH on iPhone. First about the Dutch hacker who wasscanning the network for jailbroken users who had not changed their default SSH password. Now a hacker who goes by the name of “ikee” from Australia, created a worm that changes the home screen background to Rick Astley.
As I’m sure your aware by now this only affects users who have jailbroken their phone and installed OpenSSH, not just general users or who have jailbroken their device. If you have jailbroken your device and have got OpenSSH installed please read this guide on how to change your default password to ensure none of these worms or hacks will affect you.
ikee says this is how the worm spread: “The code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra’s IP Ranges (I think the reason Optus got hit so hard is because the other 2 are NAT’d) then a random 20 IP ranges. I’m guessing a few phones hit a range that another vulnerable phone was on.”
Once one phone is infected it searches for phones with the default password and then begins the process again.
This release starts with PwnageTool 3.1 for Mac OS X – this application supports the iPhone 1st Generation (2G), the iPhone 3G and the iPod touch 1G. NB: THIS DOES NOT SUPPORT THE 3GS OR 2G/3G IPOD TOUCH. redsn0w for Mac OS X and Windows will follow sometime in the near future, please don’t bug us about it – we’ll release when we have something ready.
- GOLDEN RULE: If you are using a 3G iPhone with ultrasn0w and rely on ultrasn0w to obtain cellular service, then you should only upgrade to 3.1 with a PwnageTool created .ipsw. – Stay away from Apple’s direct updates as described here and here please get up to speed on the whole subject by reading the information contained in these posts.
- If you have an original iPhone (1st generation) then 3.1 unlock works with this PwnageTool release. iPhone 3G users upgrading to 3.1 will need to continue using ultrasn0w with a PwnageTool created 3.1 .ipsw
- Please read all parts of this post before downloading and using these tools.
- Read items 1, 2 and 3 again and again.
- At the bottom of this post are the bittorrent files for the 3.1 capable version of PwnageTool.
- This app is suitable for the recent 3.1 release.
- This version of PwnageTool will NOT work for the iPhone 3GS.
- PwnageTool WILL work for Original iPhone (1st Generation), Original iPod touch (1st Generation) and the iPhone 3G.
They released this information:
The 3.0.1 release is a “branch” from 3.0 that occurs (code-wise) before all the 3.1 betas. The programs redsn0w needs to change for the jailbreak are identical when you compare the 3.0 and 3.0.1 versions. It seems pretty much the only changes Apple made were for the SMS bug, which affects programs that redsn0w doesn’t touch. That’s why you can re-use redsn0w 0.8 on 3.0.1 even though it was written for 3.0.
And since 3.0.1 doesn’t touch the baseband either, ultrasn0w 0.9 works for those needing the soft unlock. Just install it from the repo666.ultrasn0w.com repository using Cydia as usual.
We’ll at some point fix redsn0w to recognize both 3.0 and 3.0.1 IPSW’s, but really that’s the only change that would be made to it. Everything else would be identical, so there’s no need to wait for the “proper” version that recognizes the 3.0.1 IPSW as valid.
So to jailbreak the new firmware just use the old tools and you should have no problems.
Apple earlier today released the latest iPhone OS, version 3.0.1. This update fixes the major SMS security issue that they have finally fixed.
There hasn’t been many changes in the latest firmware release that have been found other than the SMS fix, feel free to email them in if you find any.
If you want to jailbreak your device it has been reported that in most cases it works fine but maybe wait a while until everything gets checked out.
Jonathan Zdziarski, a member of the iPhone Dev-Team, says that Apple’s encryption on the iPhone 3GS for business users is not as good as it should be and could put company data at risk. He said that the encryption is so weak, that it could be cracked in two minutes using nothing more than some easily available freeware.
He said after making this discovery: “I don’t think any of us developers have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security.”
The iPhone 3GS is the first device to officially feature encryption, but Zdziarski says sensitive information like credit card numbers and social security digits on a 3GS are just as easy to access as they were on the 3G and first generation iPhone.
He used Redsn0w and PurpleRa1n to install a custom kernel on the device, then he installed used an SSH client to port the raw disk image onto his computer.