Forgot your password?
typodupeerror
Cellphones Iphone Apple

Hackers Finally Unlock iPhone 3G 186

Posted by Soulskill
from the information-and-iphones-want-to-be-free dept.
nandemoari quotes a story at Infopackets: "2009 has gotten off to a great start for a team of iPhone enthusiasts with little regard for Apple's licensing requirements. They've finally figured out a way to get the phone to work with any cell phone carrier (and not just AT&T). The iPhone Dev Team is best known for their work on 'jailbreaking;' the technique of altering an iPhone so that you can run any applications on it, not just those approved by Apple. Given the company's questionable vetting policy for entry to the official App store, it's not surprising many users approve of jailbreaking."
This discussion has been archived. No new comments can be posted.

Hackers Finally Unlock iPhone 3G

Comments Filter:
  • Re:Finally (Score:5, Informative)

    by schmidt349 (690948) on Saturday January 03, 2009 @09:47AM (#26311189)

    Um, you should probably watch the iPhone Dev Team's recent presentation at CCC [google.com] if you want to sound like you have any idea what you're talking about. This wasn't some simple privilege escalation coming out of a buffer overflow in the web browser. Apple signs the shit out of every binary on the phone. The kernel won't execute a binary in userland unless it's signed; the firmware loader won't execute the kernel unless it's signed; the low-level bootloader won't execute the firmware loader unless it's signed.

    The iPhone 3G is a paragon of embedded device security, at least by way of making sure unapproved code doesn't run on the device, and it's a testament to just how amazing the iPhone Dev Team guys are that they actually found a way to (a) defeat the whole chain of trust in the iPhone firmware in order to jailbreak it. This by the way doesn't even take into account their real genius, the hack into the baseband firmware for the S-Gold radio device, which executes code in its own universe, completely separate from the S5L application processor.

    In short, this hack wasn't some bunch of script kiddies having a sleepover and cracking the copy protection on Arkanoid 2 for the C64. This was a brilliant circumvention of some of the tightest security ever found on a PDA or mobile phone. So please don't disrespect the people who made it possible.

  • by oPless (63249) on Saturday January 03, 2009 @10:06AM (#26311285) Journal

    Why not link to http://blog.iphone-dev.org/ [iphone-dev.org] themselves ?

    Oh wait ... this is /.

    My Bad.

  • by mr100percent (57156) on Saturday January 03, 2009 @10:26AM (#26311401) Homepage Journal

    Haptic response?
    If that's the case, why do critics HATE the Blackberry storm and rumor has it that Verizon is dealing with a ton of returns?

    Just get firemail for iPhone and type your emails in landscape mode

  • by frdmfghtr (603968) on Saturday January 03, 2009 @10:33AM (#26311427)

    I already had ATT so wtf do i care about jail breaking.

    You're confusing jailbreaking with unlocking.

    Jailbreaking=running third-party apps from sources other than the app store. Lots of people have jailbroken phones that are still SIM locked to AT&T. I used to have one until I sold it on eBay.

    Unlocking=using a wireless carrier other than AT&T.

  • Re:Is it worth it? (Score:3, Informative)

    by Richard_at_work (517087) <richardprice.gmail@com> on Saturday January 03, 2009 @11:29AM (#26311711)
    The UK has prepaid versions on sale currently - 8GB for ~ £350GBP/$510USD, and 16GB for ~ £390GBP/$570USD. Free 3G internet access on O2 for the first year with the purchase of the handset, and you buy voice minutes and sms credit.
  • by Anonymous Coward on Saturday January 03, 2009 @11:29AM (#26311717)

    Please, somebody tell me why anyone should buy an iPhone.

    Because it meets their requirements, and the manufacturer support and aftermarket accessory selection is second to none.

    It also has one of the best UIs on any mobile device. How many other phone makers actually show off their OS in their commercials?

  • by garcia (6573) on Saturday January 03, 2009 @11:31AM (#26311727) Homepage

    It is a nice device. It reportedly works very well.

    It's just like every other device out there... It has its good points and it has its really bad points. What it does really well is viewing webpages as they were meant to be seen and playing music/video. These things are second to none on any device I have used.

    What it doesn't do well are too numerous to list. Do I own one? Yes. Why? Because I ride the bus every day to work and I wanted music/video as well as good web surfing. Unfortunately what it doesn't do is type with ease, which I am used to from the 4 years I used a Sidekick, and run applications in the background. Seriously, that is the hardest thing for me to get used to (what do you mean I don't have IM running all the time?)

    If T-mobile didn't suck so hard and the Sidekick wasn't marketed to douchebags, I'd probably go back to owning one in a heartbeat over the iPhone. But for now, it does most of what I want it to and I'm about 50/50 with the device.

  • Re:Yes! (Score:1, Informative)

    by Anonymous Coward on Saturday January 03, 2009 @11:55AM (#26311851)

    looks like that one went WAY over your head

  • by frdmfghtr (603968) on Saturday January 03, 2009 @12:53PM (#26312199)

    Apple needs to address security by offering a mandatory PIN login that cannot be disabled by the user, and a remote wipe function. Without those two, you can forget about corporations allowing these things to VPN in and access the Exchange server.

    The remote wipe [apple.com] was added with the 2.0 software. From the Apple website:

    IT administrators can securely manage any iPhone that contains confidential company information using remote wipe and enforced security and password policies. These device configuration and remote management capabilities allow IT departments to quickly and seamlessly deploy iPhone throughout their companies.

    This may also answer your concern for mandatory password/PIN protection.

  • by pikine (771084) on Saturday January 03, 2009 @01:16PM (#26312343) Journal

    This is also an excellent case study in why DRM is retarded. As you say, this is some of the tightest security ever found. Yet, it has been broken by some very smart people. Such is the fate of any DRM that is sufficiently widespread that smart people care to go after it.

    If you watch the video, you'd see the only reason they're able to break it is because the bootrom (initially run by the hardware) is modifiable yet not signature checked. I suppose that's because they want to be able to upgrade the bootrom but signature checking is only implemented in software and not hardware. All the NOR and NAND flash memory and the processor is built inside an integrated chip, so it is possible that future revisions of the chip will also integrate a TPM to verify the signature of bootrom. Let's suppose Apple will do that. You will then have a completely working DRM framework on the iPhone.

    TPM doesn't work on PC because you always have access to hardware without TPM, allowing you to run whatever you want and patch the software that requires TPM such as the hackintosh Mac OS X. However, for the iPhone, you can only buy the hardware from Apple that always has TPM on it (or settle for a previous generation iPhone without TPM). The whole point of iPhone craze is that you want to buy iPhone made by Apple, and all the restrictions follow from that, including choice of carrier and applications you can run.

    Code signing, for example. I really like the idea as a potential security measure for users/administrators. When I download Firefox, the fact that it is signed by Mozilla gives me a pretty high degree of certainty that it is legit, safe code.

    Do you have any means to verify that Firefox certificate is signed by someone you could trust? I could generate a certificate that looks like it's issued by Mozilla, and then sign a tempered copy of Firefox with it. Even if you can verify the mozilla.org certificate, the chain of trust ultimately leads to a root certificate that you must trust. Are you really sure that VeriSign or Thawte or other certificate issuing institutions cannot be compromised? I remember a past Slashdot story about one of the root issuer happily generating certificate for any domain name without verification.

    Fortunately, there are people like this that will break their DRM, so you can use it as you wish.

    If you have to use Apple's iPhone, your freedom is already automatically compromised, if not now, sooner or later.

  • More details (Score:1, Informative)

    by theillien2 (1426175) on Saturday January 03, 2009 @01:42PM (#26312505)
    PCWorld.com has a brief write-up [pcworld.com] detailing methods to ensure the unlock works. Additionally, they link to a chart on the yellowsn0w website [yellowsn0w.com] which lists "supported" carriers. This answers my previous question/post.
  • Re:Finally (Score:5, Informative)

    by DECS (891519) on Saturday January 03, 2009 @02:09PM (#26312679) Homepage Journal

    Except for a multitouch screen. And Android doesn't support Bluetooth any better than Apple's nearly worthless level of support.

    What exactly do you even have in mind when you say "all the features"? Because the features of the iPhone that are novel are not supported in Android, and those that are nothing special. What sets the iPhone apart is mainly its user interface, its software store, its smart integration into iTunes/iPod stuff. Android offers none of those things. It give users a DIY-UI, a software "store" without security, merchandising, or sales, and no PC connectivity.

    Google's Android Platform Faces Five Tough Obstacles [roughlydrafted.com]

  • by MtViewGuy (197597) on Saturday January 03, 2009 @04:04PM (#26313629)

    You have to remember haptic touch response is still in its infancy and as such the Blackberry Storm and LG Incite may have limitations in terms of usability. But once we understand how to improve haptic touch response, I'd like to see Apple incorporate this technology into the third-generation iPhone, because with reasonably fast typing the iPhone can become a true competitor to the Blackberry and Palm Treo devices so commonly used by business customers.

There is no royal road to geometry. -- Euclid

Working...