Unreleased iPhone 2.0 May Already Be Hacked

The as-yet unreleased second iteration of iPhone hardware may already be compromised, reports Engadget and News.com. Members of the 'iPhone Dev Team' have (supposedly) made use of the recently released SDK to gin up a Beta 2.0 software hack. "Unlike previous hacks, this one isn't specific to the latest firmware version, it exploits the way that Apple designed the iPhone's main bootloader. According to the iPhone Dev Team, the iPhone verifies whether or not firmware code has been signed with an RSA certificate before allowing it to be written to memory. The team has apparently figured out a way to disable that check and allow unsigned code to be written to memory."

Pertinent word...

WAS...

I'm sure the iPhone 2 will be held back until this is fixed.

Re:Pertinent word...

Well, it's funny that Jobs likes to lecture the music and movie industry about the futility of DRM, but then he tries to lock down the iPhone.

If he were rational (which is not to say that irrational precludes being brilliant), I don't think he'd really care that much about iPhone hacking, unless people started to look at it as something safe and normal and that Apple should support those hacks.

When somebody solders a modchip onto a game console motherboard, he knows very well that he's on his own. But when a hacked up iPhone starts to feel normal to users, then Apple loses the ability to control the release cycle. They don't want their new products to compete with hacks for their existing ones, because they've discovered the secret of the software subscription model Microsoft toyed with a few years ago: you don't call it a subscription, you call it spiffy new hardware.

Of course, he might well be totally ape-shit over iPhone hacking, I don't know. I don't think like him, which is why I'm not rich.

Re:Pertinent word...

If he were rational (which is not to say that irrational precludes being brilliant), I don't think he'd really care that much about iPhone hacking, unless people started to look at it as something safe and normal and that Apple should support those hacks.

This is precisely the concern. Have you ever worked in support? I worked technical support for several years. The worst part of the whole ordeal was dealing with all of the unpredictability on the other end. This is the only reason we had no official Linux support. It was the reason we only needed 3 people to handle all Macintosh calls. The more predictable the workspace on the other end of the line, the better a technician can deal with a situation.

This also applies to software development. This is what makes game consoles attractive, you have a reliable set of expectations to target. You know, when you have a device as sophisticated in software as the iPhone (it's got an entire OS, not just some execution firmware like non-smartphones) it is infinitely helpful to be able to predict what will or will not be going on there.

So, while I'm sure Apple has no realistic expectation to avoid firmware hacking, I do believe they try to keep the expected cases in place as best as they can without getting ridiculous so the quality of software can remain high. So they can provide what they claim to provide in the device.

While a more savvy person may realize their phone is running out of battery twice as fast because of some software they put on there themselves, the average consumer is not going to understand any of this reasoning. Apple doesn't want to deal with phone calls and complaints that root from things the user did to themselves unwittingly. The easiest way to avoid that is making it hard for users to do it to themselves. Make it an effort to get hacked firmware and unapproved software and you achieve this goal. You don't have to prevent it 100%, and therefore, there is no logical argument that Apple is being hypocritical about their DRM stance. This isn't DRM, this is the virtual version of that welded bolt on the back of a service-only machine.

Any geek willing to break the seal is willing to forego support when they inevitably break the machine.

Re:Pertinent word...

I find it amusing that they even try to lock it down. Unless they seal the thing in adamantium or lock it away in a secure server facility, any system is hackable. Even if it comes down to slicing lines on a PCB or soldering in a modchip between the memory and the northbridge.. it's just absolutely absurd to hand someone a device and tell them they can't hack it.

Re:Pertinent word...

The point isn't to make it unbreakable.

It's to make it enough of a pain in the ass that those who manage it realize they're wading into unsupported waters.

Re:Pertinent word...

But the other poster's point is that anybody who's willing to open the device and make a modification already knows they're in unsupported waters. Making it difficult just wastes everyone's time.

Re:Pertinent word...

"Unsupported" != "Deliberate device disablement via updates for hacked devices"

Here we go again.

Has it been proven it was deliberate? Because there was an update later on (1.1.2, I believe) that fixed all the "bricked" phones. Which would mean that whoever unlocked their phone, the software was done poorly enough that the updates were screwed up. Even the iPhone Elite Team says it's due to a messed up unlock patch [google.com]. A hack

And Apple said it will brick phones if they unlocked the phone and update. The solution was to avoid updating until later...

Heck, Nintendo has to start warning too that their updates may brick the Wii, as well, if there were any third-party modifications done to it.

Re:Pertinent word...

Yes, allowing the user to modify a device complicates support. But this can be dealt with - look at how e.g. HP and Dell manage user support nowadays? "Reset your system to the factory-shipped state with the included Restore partition - problem solved." This is even easier to do with the iPhone.

Thing is, users don't have to install any third-party software, if they want a "guaranteed quality experience". Why not simply allow people the choice about how they use their device? Hell, put up a warning on install - "You are now straying from the Apple Way - Abandon All Hope!" - but to assume that *every* customer is incapable of managing their own device is just insulting.

What bugs me most is how Apple apologists go on about how the iPhone is so great because "it's got an entire OS!" (like this is new) - and then claim that every limit on this OS, every restriction and removal of user choice, is actually somehow for the user's benefit. "No 3G? Might kill battery. No Flash? Might kill performance. No plugins? Might, um, break something." It really gets old.

Yeah yeah, vote with my wallet, I don't have to buy one. I'd really like to buy one, they've done so much right with it, but these decisions are deal-breakers for me, and the continual excuses don't give me hope that this will change.

Re:Pertinent word...

worked technical support for several years. The worst part of the whole ordeal was dealing with all of the unpredictability on the other end.

Saving money on doing tech. support has nothing to do with Apple's response to iphone hacks! Anyone who would have the capability to hack an iphone would know that if you hack it, you can't get support for it.

Apple is concerned with money. More specifically, they got big bucks from AT&T to make it exclusive. AT&T have a vested interest to make sure that their investment is worth it. Apple has to prove to AT&T that all possible measures are being taken to ensure that if someone buys an iphone, they use AT&T service. That's what's in play here. Tech support is irrelevant.

I bet Jobs personally at least sympathizes with those who want to hack iphones so they can use them with any phone services. The deal with AT&T may not have been his call in the end.

off-topic, Parent post is a troll in disguise...basically he's ranting about frustrations of doing tech support and somehow managed to loosely connect it to the topic

Re:Pertinent word...

Any geek willing to break the seal is willing to forego support when they inevitably break the machine.

Right. As an iPhone owner, I hacked mine a while back. It was really easy. Part of the problem, though, is that the OS has been changing often enough that most apps won't work unless they're written for the specific firmware you're using, so the payoff of hacking your phone is diminished. I think lots of developers stopped keeping up figuring they'd wait for the official SDK.

Anyway, I don't doubt that the iPhone will keep getting hacked for as long as it's useful to hack it. I'm betting either Apple will be very reasonable about letting people distribute on iTunes, or else people will immediately hack a different distribution method for unauthorized apps. Either way you'll be able to get the apps you want with a minimum of hassle.

It's going to happen, and the iPhone will be a cool platform. If Apple's smart (which they often show themselves to be) then they won't fight it.

Re:Pertinent word...

I know that you made this comment in jest, but a few years back when I was a hardware engineer at Apple, we literally only had 5 or 6 IT guys for the whole campus, which probably implied 5 or 6 guys for approximately 5000 computers. Sure, a lot of that was because you were more or less trusted to operate a computer (at least in engineering, but I think it applied in other buildings too), but that's still a massive accomplishment. The university lab I'm at now is dedicated to computational electromagnetics and they do fairly well with only two guys for the 200 or so computers here. But that's largely because we can't do much of anything without their say so. I think the Mac, when properly understood and matched up with the proper IT philosophy, can do wonders. And I bet you can't guess how many people ran the iTunes Music store hardware. It was pretty darn awesome.

Re:Pertinent word...

Well, it's funny that Jobs likes to lecture the music and movie industry about the futility of DRM, but then he tries to lock down the iPhone.

Yes, but Apple only does this as a safeguard to help protect more timid users. Apple, unlike the music studios, knows it will be broken and does not really care.

If he were rational (which is not to say that irrational precludes being brilliant), I don't think he'd really care that much about iPhone hacking

He doesn't, which is why the last iPhone update did not break jailbroken phones.

Re:Pertinent word...

I never got the impression that Apple has ever intentionally break jailbroken iPhones. I doubt they even test their updates against them before release. The original jailbroken phones changed some stuff the update wasn't expecting and so you ended up with a broken phone. The more recent updates happen to not interfere with jailbreak. I'd think that is as much coincidence as intentional.

Re:Pertinent word...

write again when andriod is actually out on a smart phone.

Not a single manufacture is using it yet. When they release an actual product I will then judge it, until then it is vaporware with source code. As Android is worthless without hardware.

Re:Pertinent word...

the whole iphone dev system is interesting in that it is an attempt to finally invert the usual "blacklisted software" security system that has so often been the rule. rather than the busted concept of allowing all software to run, and then chasing down 'bad' ones with antivirus programs, rootkit detectors, spyware removers etc, they're moving to a whitelist. default deny, selective approve, with revocation.

just as any sane firewall is set up. (it would be nuts to set up a firewall to default allow all ports, and then start selectively blocking them only once an exploit that uses it becomes apparent, but then you have today's software security model doing just that.) forcing devs to buy a cert means they have somewhat of a point of authentication and also a hook to revoke all of a dev's apps if they fail to toe the line by releasing a virus, trojan, phish etc. Or "something that reduces apple's revenue" ;)

I believe leopard has the (currently unused) capability to do this built in as well. looks like the iphone is going to be a bit of a testbed for the concept. this kind of thing is only possible really with a "brand new" os where you can start from day 1 with no backward compatibility problems. it's also the reason you're not allowed to run interpreters like java or javascript... else Sun would get a valid cert to load the java interpreter, which in turn could run anything on the planet bypassing the "run only whitelist code" concept.

I can't say i agree with such "mandatory*" restrictions on a computing device I purchased, but as a matter of security philosophy it really is quite interesting.

*well, mandatory if you want to run snazzy new SDK apps. they really should set up an "unsupported, you may be SORRY!!" class of signature that would let you run, at your own risk, anything from that signature.

Re:Pertinent word...

....restrictions on a computing device ....

The iPhone is a PHONE a wireless PHONE. Repeat this a thousand times. It is NOT a general purpose computer. Most people who bought or will buy this expensive gadget want a phone first of all and want that to work as reliably as any other phone at LEAST. Apple will and must do everything in its power that their phone or ipods don't become another Windows like portal for propagating all sorts of malware aimed at emptying unsuspecting people's bank accounts.

In that regard, Apple can simply inform iphone users in no uncertain terms that warranties on hacked devices are null and void. They are also within their rights to warn users that any update from Apple may indeed inadvertently brick their hacked devices. Unauthorized customer modifications and use of manufactured goods and machines have always resulted in lost warranties at the very least. Sometimes human lives are at stake.

Re:Pertinent word...

The iPhone is a PHONE a wireless PHONE.

It's a device that can make phone calls, amongst other functionality. My Power Mac 7500 was making and receiving phone calls 10 years ago; that didn't transform it into a single-purpose appliance that would crash and burn if I did anything else with it.

Also, the iPod touch is not a phone.

It is NOT a general purpose computer.

Why not? It runs Unix, and its API looks a whole lot like that for Mac OS X. Apple may not want you to think of it as a computer, but objectively speaking it is.

Most people who bought or will buy this expensive gadget want a phone first of all and want that to work as reliably as any other phone at LEAST.

And yet if there's any way to run apps not approved by Apple, these same people who insist on reliability above all else will be stampeding to download malware-infested porn apps from the Elbonian mafia?

Firmware 2.0

They hacked firmware 2.0, which will run on current iPhones, there's no mention of new hardware for this stuff...

Feasable?

This thread is probably going to be full of sofware security bashing, deservedly or not. Let's get something constructive out of this... Anyone know of any way to make software security function the way business people dream of? Namely, only approved code running approved processes. I think given access to the hardware any machine can be "hacked" given enough interest and manpower. Even putting security features in the chips themselves, as I've heard they are developing, will just be a relatively minor roadblock.

Bill Gates just announced...

First person to get windows running on the iphone 2.0 will receive a free copy of Microsoft Vista.

Re:Bill Gates just announced...

First person to get windows running on the iphone 2.0 will receive a free copy of Microsoft Vista.

The second person will receive two copies of Microsoft Vista.

let me get this straight

now even hackers are releasing vaporware?

Jailbreak is the only way to test programs

Given that Apple is slow to approve developers, the only way to test your OpenGL ES program is to Jailbreak the iPhone.

You are supposed to test your program with the iPhone Simulator, called Aspen. The Aspen simulator is part of the free download SDK for the iPhone. However, Aspen does not support OpenGL ES, which is hardware acceleration for cool effects & fast 2D or 3D.

To deploy to the iPhone, Apple must give you a certificate, and they only do that to those paid developers whom they select.

In other words, most game developers can not test their programs because they can not deploy their programs to the iPhone.

I want to play around/learn. I have avoided Jailbreak solutions to date, but I see no other way.

No it bloody wouldn't. As you should know.

on any other platform... this would be called a security vulnerability

No it bloody wouldn't. It would be called "of course you can install your own firmware on an iPaq, or a Treo, or what have you". It would be called "why shouldn't you be able to install programs on your own handset". It would be called "yes, of course that's the way it works".

Of course it's a good thing. Of course it's also a waste of time. Of course you're better off getting a phone where you don't have to screw around looking for DRM backdoors. What I can't figure is how anybody who knows it's a waste of time could possibly be stupid enough to honestly think "this would be called a security vulnerability". Right?

Re:Uh, did this ring a warning bell with anyone el

Except for the fact that it requires hacked firmware to do it. This requires you to first put the phone into emergency restore mode and physically plug it into your PC/Mac and then run a program to alter it. That's not called a virus or a security vulnerability that's called"I have physical access to my own iPhone and I WANT it hacked"