iPhone Root Password Hacked in Three Days 311
unPlugged-2.0 writes "An Australian developer blog writes that the iPhone root password has already been cracked. The story outlines the procedure but doesn't give the actual password. According to the story: 'The information came from an an official Apple iPhone restore image. The archive contains two .dmg disk images: a password encrypted system image and an unencrypted user image. By delving into the unencrypted image inquisitive hackers were able to discover that all iPhones ship with predefined passwords to the accounts 'mobile' and 'root', the last of which being the name of the privileged administration account on UNIX based systems.' Though interesting, it doesn't seem as though the password is good for anything. The article theorizes it may be left over from development work, or could have been included to create a 'false trail' for hackers."
Re:Prediction... (Score:3, Interesting)
What? This wouldn't have that effect at all. It would have the -opposite- effect. Those who had not planned to purchase may think they could mod it like a ps2 and poof, instant super-phone.
Yes, we aren't quite there... But I have little doubt we'll get there pretty quickly.
Now if they manage to unlock it -and- provide access to run any app I compile, I would be very interested.
I'm still amazed that... (Score:1, Interesting)
Re:Prediction... (Score:3, Interesting)
Re:Prediction... (Score:0, Interesting)
people believe it's insecure. Even if you could reflash your iPhone with your own firmware
(unlikely without dedicated hardware) what's to stop unofficial ROMs being made available on
the net that contain trojan horses etc, boasting to have some cool new app? All it takes is
one stupid user to download it and have his phonebook copied to Russia, call premium rate
lines without his knowledge etc.
Being spammed on your phone is going to be far more irritating than email spam and, with North
American users paying to receive calls and texts (ha ha ha), will cost big bucks.
Re:Not that big a deal (Score:4, Interesting)
see how the original xbox hacker (whose name I forget) captured it's encryption key by "simply" (yeah, not that simple) monitoring the bus.
Passwords on my device (Score:4, Interesting)
Custom software (Score:3, Interesting)
But you should consider: a) the phone doesn't support custom software b) thousands of geeks who bought the phone want to write apps for it.
Maybe knowing the root login is a tiny step in that direction, if you get what I mean. I have the feeling we'll be seeing AT&T disabling remotely phones that have been hacked with custom apps. Same as MS did with modded XBOX360.
Re:Not that big a deal (Score:5, Interesting)
Then you understand nothing. The iPhone critics are thinking "this is a fully-fledged handheld computer, running the same operating system as my laptop, that has been intentionally crippled to protect the artificial market segmentation desired by AT&T and Apple."
Re:root disabled? (Score:5, Interesting)
In my opinion, the biggest news here is not as how it was reported, but rather that people now can easily modify the default image and try booting it on the iPhone...
I'm wondering if it's intentional (Score:5, Interesting)
Jobs could play the innocent claiming that hackers did it all the while happy that yet another iPhone went out the door.
they've never done it for iPods... (Score:4, Interesting)
Apple have said they intend to provide updates, changes, additions, etc. to the iPhone over time. They have a policy of supporting older computers with new OS releases, and I don't see why they wouldn't migrate this approach to their new market.
Except they don't do it for iPods. Each new "generation" of the iPod has run a different firmware *and* had different capabilities, like being able to search. The older iPods never got the functionality of the newer ones, ever. Clickwheel iPods can't "search", nor do they get the newer iPod games, etc. This is just like digital camera manufacturers, home network gear makers, etc. Very, very, very rarely do they take advantage of the firmware updates to increase functionality in any way. Why should they, when they can make you but version N+1?
Most of the time they update the iPod firmware only to give it compatibility with the latest iTunes, and these days, the only updates to iTunes are security fixes and bloat (the glorified pedometer, Apple TV, the iPhone, etc. Anyone else remember when you could sync contacts and appointments onto your iPod through iSync?) My second-gen nano (or Mini, or whatever the hell it's called these days) still crashes 50% of the time when I go to play a podcast after syncing it with my mac. I'm not holding my breath waiting for them to fix it.
Emulation/Virtualization (Score:5, Interesting)
hmm... GPL? (Score:1, Interesting)
strings 694-5259-38.dmg | grep -i gpl
(www.memtest86.com). At the time of writing it is free (GPLd).
yes, it's just memtest, yes we can get it on our own... but apple, where's the modified source?
there are many more interesting(?) things you can glean from running strings on the non-encrypted but non-functioning (for me) disk image.
Re:Prediction... (Score:3, Interesting)
By the way do we know yet why they don't let developers run their own apps on the iPhone? It seems that this would make it into something PDA-like very easily. Is it a choice by Apple or was it forced on them?
Just mount the stinkin' file system already... (Score:1, Interesting)
I'm sure someone else has probably figured this out by now but it's pretty easy to mount the firmware image under linux. First get yourself a copy of the firmware from the Apple site and then:
Code:
$ unzip iPhone1,1_1.0_1A543a_Restore.ipsw
$ dd if=694-5259-38.dmg bs=2048 skip=1 of=/tmp/iphone.img
# mount
Then:
Code:
$ ls -l
total 4
drwxr-xr-x 1 root root 9 2007-06-26 20:40 bin
drwxr-xr-x 1 root root 2 2007-05-22 22:54 dev
lrwxr-xr-x 1 root 80 11 2007-06-26 20:40 etc -> private/etc
drwxr-xr-x 1 root root 2 2007-05-22 18:05 mnt1
drwxr-xr-x 1 root root 2 2007-05-22 18:05 mnt2
drwxr-xr-x 1 root root 3 2007-06-19 17:42 private
drwxr-xr-x 1 root root 8 2007-06-26 20:40 sbin
drwxr-xr-x 1 root root 4 2007-06-26 20:40 System
drwxr-xr-x 1 root root 7 2007-06-26 20:40 usr
Re:hmm... GPL? (Score:2, Interesting)
Mea culpa, but no need to be a jerk.