Page 1 of 2 12 LastLast
Results 1 to 10 of 11
Discuss iBSS certificate next week still available? at the iPhone 3GS - Hackint0sh.org; hi i bought an italy iPhone 3GS, and had it sent to a relative down ...
  1. #1
    Senior Professional Array

    Join Date
    Aug 2007
    Posts
    300
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    24

    Default iBSS certificate next week still available?

    hi

    i bought an italy iPhone 3GS, and had it sent to a relative down there.
    next week, we're going there and getting it.

    i just wonder, will i still be able to get my iBSS certificate by then?

    or does it depend on
    a) apple not releasing 3.0.1
    b) apple not shutting down/modifying there signing service
    c) nothing and i could get the certificate even in a month when a/b impacted?

    well, c) sounds too nice to be true, but can somebody shed some light in the situation?



  2. #2
    Super Moderator Array n1ckn4m3's Avatar

    Join Date
    Mar 2009
    Location
    USA
    Posts
    2,717
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    145

    Default

    I think a lot of people are misunderstanding why the dev-team has told people to take care in their purchases and to get the IBSS cert as quick as possible... You should be fine waiting the week, purplera1n.com will most likely still be up and serving requests...

    The only thing that would stop you from being able to read the ECID from a factory 3.0 3GS would be if Apple made a change to iTunes's Mobile Device Support libraries to mask that information.

    Alternately, if you got a phone with 3.0.1 on it, you may encounter difficulty -- but that is purely speculation right now. There is nothing to prove that 3.0.1 WILL block your ability to get the ECID, it's just that it's a pretty big attack vector and it is expected Apple will patch it with the first firmware release.

    That said, 3.0.1 is just rumor now -- it hasn't been seeded to devs yet, it's not likely to be available for another 2 weeks or so. We just got a new iPhone 3G S from the second batch of AT&T shipments and they still have 3.0 on them and there is no difference.

    In short, no, you should have no problem unless you update iTunes or manually install 3.0.1 on the device prior to getting the ECID. Nor should anyone else who currently has or has recently purchased an RTM iPhone.

    That doesn't mean this won't change in the future!

  3. #3
    Senior Professional Array

    Join Date
    Aug 2007
    Posts
    300
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    24

    Default

    thanks a lot.
    i think i now understand

    I remember the old days, when i hardware unlocked my iPhone 2G the same day geohot posted on his blog.
    he too said that we should keep the "seczone" somewhere save. eventhou i didn't ever need it, its always good to have something, rather than needing it an not having it

  4. #4
    Super Moderator Array n1ckn4m3's Avatar

    Join Date
    Mar 2009
    Location
    USA
    Posts
    2,717
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    145

    Exclamation

    Also, something I was unaware of in my initial post -- the purplera1n site is apparently utilizing some kind of something from Apple's servers to generate the ECID cert and the widely held belief is that Apple can pull the plug on this at any point. I hate to say I don't know enough about how the ECID certs are being generated to shed any specific light on the process.

    That said, my initial comment that you should be OK so long as you don't upgrade to 3.0.1 or install a new iTunes is not necessarily correct -- Apple can pull the plug on the cert signing at any point in time, so the general consensus is to get your ECID cert as soon as possible to ensure that you have it at your disposal for future iBoot exploits.

  5. #5
    Administrator Array

    Join Date
    Oct 2007
    Posts
    4,145
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Correct. Apple can block request coming from purplera1n.com if they want to.
    Let's hope that they are content to play the cat & mouse game because ultimately they rely on the hacking community to patch exploits that went through inspections
    ** If you just want to support hackint0sh.org with a donation click here **


  6. #6
    Newbie Array

    Join Date
    Nov 2008
    Posts
    1
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Well I don't think the site is working anymore. I tried it today with a friends phone and it s not generating the file.

  7. #7
    Senior Professional Array

    Join Date
    Aug 2007
    Posts
    300
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    24

    Default

    Well, it still worked for me.
    not on my own iPhone but the one from a friend.
    Got the cert, hope it still works on tuesday

  8. #8
    Board Hero Array

    Join Date
    Dec 2007
    Posts
    1,044
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    74

    Default

    Quote Originally Posted by n1ckn4m3 View Post
    That said, my initial comment that you should be OK so long as you don't upgrade to 3.0.1 or install a new iTunes is not necessarily correct -- Apple can pull the plug on the cert signing at any point in time, so the general consensus is to get your ECID cert as soon as possible to ensure that you have it at your disposal for future iBoot exploits.
    Just to understand something (probably too simplistic, I hope you'll forgive me) -- if Apple stops the signing, doesn't that mean that it must also stop checking the signature? How can they expect to block non-signed img3-files if they don't sign them anymore? Wouldn't that also stop "official" users from updating? In other words, can they pull the plug on this trick that easily, or does it require a new version of iTunes?
    iPhone 3GS / 3.1.2 JB (PwnageTool) / 04.26.08 carrier-locked, Carrier Logo Fixer / Cydia / 1000 posts on Hackint0sh

    Installing Cydia programs on a phone that has no internet connection: read this.

    Editing binary .plist, .strings, .nib and .xib files:
    * on your computer: Windows tool / conversion website.
    * on your iPhone: convert those files in a terminal with plutil (installed with Erica Utilities) or edit them with iFile (Cydia links).

  9. #9
    Professional Array

    Join Date
    Apr 2007
    Posts
    73
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by Jim Danner View Post
    Just to understand something (probably too simplistic, I hope you'll forgive me) -- if Apple stops the signing, doesn't that mean that it must also stop checking the signature? How can they expect to block non-signed img3-files if they don't sign them anymore? Wouldn't that also stop "official" users from updating? In other words, can they pull the plug on this trick that easily, or does it require a new version of iTunes?
    What people are afraid of is that Apple will stop signing this exploitable version of iBoot. Which they most certainly will once 3.1/3.0.1 comes out.

    What I reckon is gonna happen is that eventually we'll find an exploit lower in the chain of trust, and just not use iTunes to flash iPhone at all.
    Last edited by Rekoil; 07-08-2009 at 11:45 AM.

  10. #10
    Professional Array

    Join Date
    Sep 2007
    Posts
    73
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    It is simple...

    The iphone 3GS hardware now REQUIRES that before updating a firmware this is signed PER DEVICE (different signature per device). The signature is generated by apple servers (not itunes).

    So basically itunes sends to apple the ID of the phone and gets back a valid signature. Then itunes send the signature to the hardware (iphone) and it then allows the firmware update.

    When 3.1 is released apple will most likely stop SIGNING older firmware. THIS MEANS THAT UNLESS YOU HAVE THE BSS,BEC there is no way to install an older firmware (no shift-restore). You have to install the latest version because this is only what apple will provide signatures for.

    And this is hard to break... (it is hard given the device ID and the firmware to generate a signature without the secret keys that are stored in apple servers). This means that it is probably very hard for the dev team to bypass the signature checks unless there is some exploit.


    If we have the signature (BEC, BSS) then we can write a tool that fakes itunes, sends first the signature for version 3, and then the iphone gives the ok to flash version 3 that is jailbreakable and unlockable.
    Last edited by mapas; 07-08-2009 at 03:47 PM.


 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. I have iBEC, IBSS, and ECID. Can I use them?
    By Scienartist in forum iPhone 3GS
    Replies: 3
    Last Post: 10-06-2009, 04:01 AM
  2. How to Retrieve my iBSS/iBEC?
    By Grumps in forum iPhone 3GS
    Replies: 14
    Last Post: 09-27-2009, 06:21 PM
  3. 3.0 restore with ibcc ibss
    By ggonxhi in forum iPhone 3GS
    Replies: 3
    Last Post: 09-21-2009, 03:29 AM
  4. Replies: 88
    Last Post: 09-18-2009, 07:14 AM
  5. ECID or iBEC/iBSS or both?
    By bob808 in forum iPhone 3GS
    Replies: 3
    Last Post: 08-13-2009, 11:24 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 02:19 AM.
twitter, follow us!