Saturday, August 29, 2009

The Odds are against us but we must fight!

It is most likely that the iPod touch 3G will have a new s5l7920x bootrom with the ECID field, new iBoot, more parameters in the kernel to kill code, and all of this with 3.1. This is no good for those who want a jailbreak. Because pwnage and 24kpwn will no longer work, jailbreaking will be tough. I suggest once you get your iPod touch 3G you should really get your generated Signed ECID.

The way I see it two methods for a "hack" are plausable.

•1. Check the BootRom for laggs. Aka the bootrom timing out on code and passing it on as 0xnull, this would be unlikely and probobly unexploitable, but it's still a thought

•2 a Custom s5l7920x Bootrom Dump routene, basically changing the nature of the routene for a bootrom dump. Thanks to WestBaer and GeoHot for discovering the dump itself. Now if you make it so that the chain of trust continues with out the RSA Signature check, then you could try patching everything else. And might get something nice.

Finally a method that I think is pointless, pay $99 for Apple certification or dev certification and sign jailbroken apps and run them under differant directories.

Otherwise wait for either
-iPhone Dev Team
-Chronic Dev
-other "leet" hackers.

We might try to tackle this feat but we will probobly need help from higher people. Were good at patching on the software level but really this is hard stuff.


Post a Comment

Subscribe to Post Comments [Atom]

<< Home