Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

It's Official, the iPhone has been Hacked

Less than two weeks from the release of the iPhone, the researchers (#iphone @ irc.osx86.hu) who have been rapidly progressing towards controlling the iPhone have finally succeeded. Even though their most promising approach, via the bootloader, was cut short when it was discovered that they could not load arbitrary code into the bootloader without Apple's 1024-bit private RSA key, they have now claimed success through their filesystem investigation methods.

Despite not having developed a complete toolchain, as they were expecting to have done prior to controlling the iPhone, they have claimed complete control over the device, providing a slightly blurry screenshot as evidence of their achievements.

According to the detailed instructions that they have posted online, it will soon be possible (once they commit the code to the SVN) for anybody with an iPhone and the intent, to be able to take full control over their device. The detailed instructions do require two reboots along the way to taking control over the device (a third reboot then gives complete control), with both reboots into the device's Recovery mode. As part of this process, the researchers have been able to escape the chroot jail that was blocking most of their forward progress.

After so much effort has been expended into researching ways to take control over the device, it appears that it comes down to a simple permissions change on 'fstab', and a simple addition to the 'Services.plist' file. Of course, simple is relative, prospective hackers and researchers still need the as-yet unreleased 'iPhoneInterface' version.

While the researchers involved do not wish for direct links to their development wiki, it is simple enough to find for those who search for it.

Now that this milestone has been released, it will be interesting to wait and see what sort of homebrew community develops around being able to have system-wide access to the iPhone, to see what Apple's response to this breakthrough will be, and to see what sort of influence this event has (remember, the number of iPhones in circulation isn't much more than a million).

10 July 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.