Here’s a quick summary of where things are as of 11 February, 2011 with unlocking iPhone 4, Jailbreak iOS 4.2.1, iPad Baseband 6.15.00 downgrader etc:
ASLR or Address Space Layout Randomization is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process’s address space (Wikipedia).
According to Steffan Esser, a German programmer and the person behind antid0te, all iOS versions up to version 4.2.1 is vulnerable to attacks and especially more so on jailbroken iPhones. In his presentation during POC 2010 (Power of Community Conference), he mentioned that:
- iPhone / iPad / iPod does not have any address space randomization
- libraries are always mapped at the same address for performance reasons
- ASLR is considered costly by Apple
- iOS performance optimizations and the codesigning feature make ASLR tricky or impossible
This is already changing as Apple will start implementing ASLR from iOS 4.3. While ASLR will make your iPhone safer, it also means that it will be harder for jailbreakers to jailbreak future iPhones. @comex et al has already confirmed the presence of ASLR on the iOS 4.3 SDK in his Twitter.
Hackers will have to get around much more complex and sophisticated systems to run third-party code in the future. @P0sixninja acknowledged that while it will make it more difficult but also fun (his words) writing a new jailbreak, it is a good move forward by Apple to improve the safety of the devices, even when they are jailbroken.
About 2 months ago we reported that Apple started replacing the normal screws on iPhone 4 to torx screws. Since torx screw drivers are relatively easy to find, Apple once again replaced them with another type of screw – the Pentalobe screw. The Pentalobe screw first appeared on the battery section of a Macbook Pro laptop in 2009 and it also can be found on the exterior of Apple’s new MacBook Air notebook.
Pentalobe Screw (courtesy of thinkcrack.com)
This is in line with Apple’s infamous philosophy of maintaining absolute control over its products, sources said U.S. Apple stores are replacing screws on iPhone 4s brought for servicing with tamper-proof screws to prevent anyone else from opening the device.
The next time you go to your nearest Apple store, you may want to check with them about this. Someone also made an analogy of this – imagine if you took your car in for service and they welded your hood shut, what would you feel?
It was not clear how widely used the replacement screws are, but one of these people said the screw swap was begun in the fall and is now standard practice at U.S. Apple stores.
Apple had no comment for this story, but it is well-known that Apple discourages individual modifications of its products.
The latest iOS 4.3 SDK version was just released a few days ago. The change log mentioned that it comes with new baseband 4.08.00 for iPhone 4 and baseband 7.11.00 for iPad. iOS 4.3 and beyond will no longer support iPhone 3G.
For unlockers who do not mind using iPad’s baseband 6.15.00 which can be unlocked using ultrasn0w 1.2, you still have a few weeks left before Apple replaces it with version 7.11.00. The new baseband will definitely patch the vulnerability of version 6.15.00. If this happens, the only possible way to have 6.15.00 on your iPhone 3G or 3GS is by installing a custom firmware.
Meanwhile, @MuscleNerd from the iPhone Dev Team had confirmed that the unlock (most likely for iPhone 4) will not be released until iOS 4.2.5 or iOS 4.3 is out, whichever is last. If Apple did not fix the exploit found in basebands 2.10.04 and 3.10.01, then the new unlock will be able to unlock 3 different iPhone 4 basebands at the same time! So it does make sense for the Dev Team to hold the unlock.
Just be aware that by updating to the latest iOS blindly, you will risk of losing your jailbreak and for unlockers – you may lock up your iPhone for an extended period of time. For AT&T customers, you may have received a text message to update your iOS to 4.2.1 a few days ago! A slightly different tactic by AT&T to trick ultrasn0w unlockers!
Stay tuned and subscribe to us for updates! We will let you know as soon as the unlock is out. If you don’t see it here, that means it’s still not out. :)
A few days ago, Apple released iOS 4.3 beta 1 to developers. It appears iOS 4.3 will not be available for iPhone 3G and iPod touch 2G. Both devices are not listed on the iOS developer website.
This indicates that the final iOS built for iPhone 3G and iPod touch may be iOS 4.2.1. iPhone 3G has an older processor and has always been slow to run on iOS 4.x. There was a slight increased in speed and performance on iOS 4.2.1 but as the iOS becomes more sophisticated and complex, iPhone 3G will not be able to handle the any iOS beyond 4.2.1.