Has GeoHot the answer to our problem?
George Hotz recently posted on his blog that you could upload almost everything in DFU mode, no exploits needed:
Does this means that you can re-load the bootloader, just as we could through the testpoints method?
Also, heres why a certain person claimed the DFU was the key. You could, without any exploits, upload the 114 iBoot(even to the 3g), the 114 kernelcache(ok, this crashes on the 3g), and a hacked ramdisk. But the filesystems don't mount. And even if they did, you'd need a way around sig checking.
Developers, please help us! GeoHot also wrote a piece of code that, to my understanding will let us run anything while in DFU mode.
Here's the post and link to the file.
Here is a little program(with source of course) to run whatever you want at the DFU level; an implementation of the dev pwnage 2.0 exploit. Pass it a binary file, it will start executing at the start of the file(no file formats to deal with). I'll leave it to dev to explain the exploit used.