I'd assume that there are two options.

Firstly is that the app is sent via email to the individual registered user, and it's up to the user to install the app onto the phone.

Second is that the app is packaged in a one-click type thingy like iNdependence which jailbreaks the phone, installs apps etc.

There are two problems with both these approaches - first requires the user to have jailbroken the phone, have SSH etc. (i.e. have some basic hacking knowledge, though tools like iNdependence make it easy now). There will be some complete n00bs buying the unlock app and screaming about how the hell they get the app on their phone...

The second poses the question - which OS? If I've paid my cash and someone sends me a Windows one-click installer, they will get my most indignant elitist Mac-snob attitude in reply

To be honest I hope they just send a zipped iPhone .app package, so everyone can install it in whichever way they choose. If it requires a net connection and activation confirmation then it could even be distributed via AppTappInstaller.

What I really *don't* want is some sort of app that hijacks the usbmuxd daemon or frigs with iTunes or pisses around with restore mode, since this is not only likely to be OS dependent (and I *don't* run Windows, for anything) but also, with a closed-source app messing with the iPhone USB connection / restore mode, I start getting paranoid about it potentially damaging my system stability / causing problems.

The simplest method, a straight iPhone .app bundle, would be best.

The idea of resellers or an anonymous unknown group (the IPSF guys) actually SSH'ing into my iPhone - meaning I'll need to give them root access to one of my devices? You have to be fucking joking. That's never going to fly, and certainly not to anyone round here with *any* hacker credentials at all (though I admit that running their app on your iPhone effective runs closed-source code as root, which is potentially just as bad, but at least I can monitor the data sent / received whilst running and remove the app after unlock).

How many of you here who consider themselves to have 'skillz' still have 'dottie' as the root password and permit SSH root logins from external networks, FFS???

(note, the 'mobile' account is GID zero as well, so that needs locking down too)