iH8sn0w is a well known guy in the jailbreaking scene who’s responsible for some awesome jailbreaking apps like f0recast, iREB, iFaith, p0sixspwn and not to forget sn0wbreeze. You can check out iH8sn0w’s website or catch him on twitter.
He’s recently figured out how to exploit a new vulnerability that he found to exist on all A5 devices. He claims the bug he found will render the device jailbroken for life and Apple should never be able to patch it in any future iOS releases. This is really good news if you happen to jailbreak, or plan on jailbreaking any one of the A5 devices including iPad 2, iPad mini, iPhone 4S, iPod Touch 5th generation and the Apple TV 3rd generation.
He’s decided to keep the method he used a secret for now, making it a round in the chamber, ready to fire in the never-ending war Apple is waging on jailbreakers, which has been going once since the very first iPhone was released about 7 years ago.
What makes this particular bug discovery so important is that it’s not a userland jailbreak, which are easily patched by Apple, but rather it’s an iBoot exploit, making it very powerful. From what I understand, there are three types or methods of jailbreaks. There are many variations and different bugs across a whole range of devices but the level of jailbreak can be broken down to three most basic levels. I’ll try describe the difference between them as best I can or as far as I understand them.
Userland exploit jailbreak:
Exploits a bug in found running within the operating system, as in iOS itself. When this bug is hacked, it allows root access to the file system and the code is patched to the iOS files. This is the weakest type of break and will always be patched by Apple whenever the next iOS is released.
iBoot exploit jailbreak:
iBoot exploits are much better because the patch for jailbreaking is applied before iOS boots up. Think of it like the how the bios loads first in a PC. iOS is jailbroken from this level, before it even starts up. Depending on the type of bug exploited and the method used, it can be very hard for Apple to patch, if not impossible as it would seem by iH8sn0w’s latest findings.
Bootrom exploit jailbreak:
The best of them all is the bootrom exploit. This type of exploit takes advantage of bugs found in the hardware code of the device. Once a device is exploited from this level it can never, ever be fixed by Apple. This is because the actual firmware/device hardware is patched or hacked in the process. The device would have to be recalled to the factory to fix this type.
iDevices are awesome but Apple really needs to start opening up and start providing more API freedom for developers and adding more user requested features more often, rather than having people jailbreak in order to use 3rd party features, which should be there!
More on this story to come, as soon as iH8sn0w lets us know how it’s done.