Unreleased iPhone 2.0 May Already Be Hacked 183
The as-yet unreleased second iteration of iPhone hardware may already be compromised, reports Engadget and News.com. Members of the 'iPhone Dev Team' have (supposedly) made use of the recently released SDK to gin up a Beta 2.0 software hack. "Unlike previous hacks, this one isn't specific to the latest firmware version, it exploits the way that Apple designed the iPhone's main bootloader. According to the iPhone Dev Team, the iPhone verifies whether or not firmware code has been signed with an RSA certificate before allowing it to be written to memory. The team has apparently figured out a way to disable that check and allow unsigned code to be written to memory."
Firmware 2.0 (Score:4, Informative)
Re:Feasable? (Score:3, Informative)
The best you could do would be to alter the hardware (the actual CPU, not some external module) to verify cryptographic signatures. That would prevent you from accidently loading software like this, but it has it's own problems. For one, you have to stick your cryptographic key on the CPU. If they get compromised, they can't be updated. If they can be updated, then someone who cracks the device can just update to their own key and they are now in charge.
You could have a second CPU, acting as a watchdog, monitor the bus and make sure code is signed, nothing weird is going on, etc. That would be very difficult though.
Your best option that could be implemented now would be sending hashes across the network to verify stuff all the time. Since most people aren't going to have the ability to play man-in-the-middle with the cell phone network, this would be reasonably secure. That said, it would be a pain (especially with 3rd party programs going to be available). It would also tie up the cell network.
What they've done seems quite reasonable to me, for the amount of time it probably took to implement.
Re:Pertinent word... (Score:5, Informative)
Re:Pertinent word... (Score:5, Informative)
Here we go again.
Has it been proven it was deliberate? Because there was an update later on (1.1.2, I believe) that fixed all the "bricked" phones. Which would mean that whoever unlocked their phone, the software was done poorly enough that the updates were screwed up. Even the iPhone Elite Team says it's due to a messed up unlock patch [google.com]. A hack
And Apple said it will brick phones if they unlocked the phone and update. The solution was to avoid updating until later...
Heck, Nintendo has to start warning too that their updates may brick the Wii, as well, if there were any third-party modifications done to it.
Re:Pertinent word... (Score:3, Informative)
Re:Nice (Score:2, Informative)
The RSA encryption on the Wii is used for everything, but has an implementation bug.
This bug is exploited by Datel to create Freeloader and by homebrewers to create Wii channels, fake update partitions, etc.
Re:Pertinent word... (Score:3, Informative)
It's VERY easy to refuse an update. Now, if they were forced down over AT&T, that'd be a different story.