Thats why I posted only a link to a non-existent site ;-)

Originally Posted by zorlak

The bootloader is digitally signed and can only be changed for another properly signed and versioned bootloader. And as we don't have the key to sign it, then we can´t change it.

just wanted to touch on the digital signing issue:

If anyone here was involved in Direct TV hacking, they know about the HU card hack. It had the same protection (requiring digital signatures for valid packets) but was ultimately defeated through a hardware fault, which would allow for unsigned packets to pass when the voltages to the clock were "glitched". Perhaps looking at a hardware exploit, in addition to the current efforts of a soft spot in the soft code would be of benefit. Obviously, the iphone, its sim card, and IC chips are much different than a directv HU card; just wanted to chime in.....

Originally Posted by king_westTdot

just wanted to touch on the digital signing issue:

If anyone here was involved in Direct TV hacking, they know about the HU card hack. It had the same protection (requiring digital signatures for valid packets) but was ultimately defeated through a hardware fault, which would allow for unsigned packets to pass when the voltages to the clock were "glitched". Perhaps looking at a hardware exploit, in addition to the current efforts of a soft spot in the soft code would be of benefit. Obviously, the iphone, its sim card, and IC chips are much different than a directv HU card; just wanted to chime in.....

I have the same opinion. There is a will, there is a way rite ?

Originally Posted by king_westTdot

just wanted to touch on the digital signing issue:

If anyone here was involved in Direct TV hacking, they know about the HU card hack. It had the same protection (requiring digital signatures for valid packets) but was ultimately defeated through a hardware fault, which would allow for unsigned packets to pass when the voltages to the clock were "glitched". Perhaps looking at a hardware exploit, in addition to the current efforts of a soft spot in the soft code would be of benefit. Obviously, the iphone, its sim card, and IC chips are much different than a directv HU card; just wanted to chime in.....

glitching is always a way into. but tell me: how could glitching in this case become a way for the masses? the battery is soldered onboard... ok you could unload the battery and the build a device between the usb connector and the iPhone... but lemme repeat: is this a solution for the masses? I don't think so...

Hi everyone, 150 posts later, I'm the OP of this thread. I was just wondering, is this headline a result of information learned in this thread? If so, I feel pretty important for starting it, even though I didn't do jack to help it But I'm glad I at least inspired some people smarter than me.

A lot of people are working on trying to understand the 4.6 bootloader code... anyone with experience in RCE feel free to join us in this effort, get your hands on IDA (or any other disassembler of your choice)...

This next step may take a little while, as someone may find a bug tomorrow, next week or never... so it's impossible to predict anything.

I really don't know if someone is trying a hardware hack again, maybe geohot... I really don't know... it would be interesting tought...

just a tought,

if you corrupt the baseband with hardware erase method, isnt it possible to just recover the phone with 1.0.2 or any other version that have the baseband firmware?

or boot loader is below this?


cheers,


cRACKn

You know what?

I am so deperate, if someone posts a step by step guide for a hardware hack I will be the first to try it!!

Ok. Right now iPhone Justice League is in the virtual Hall cooking up what might be the answer to OOB 1.1.2 iPhoners. Props to everyone who makes this possible and those who teach us, the less gifted, that when things are more difficult, it doesn't mean they are closer to impossible, but closer to fun!!!

Keep on the trail, iPJL

Indeed, is i finde this process very interesting and provide alot of information about the very fundemental content of the device which makes it very tempting for "newbies" like me.