Apple May Have Patched Limera1n Bootrom Exploit In Newer iPhone, iPad And iPod Touch To Prevent Jailbreaking


Limera1n

A forum member of ModMyI claims that he was not able to jailbreak his iPad that he had bought recently using Redsn0w.

This has led to speculation that Apple might have patched the limera1n exploit that has been used in Redsn0w to jailbreak iOS 4.2.1 in newer iPhones, iPads and iPod Touches  that are being shipped.

To give you some background, back in October, Geohot had released a jailbreaking tool called Limera1n to jailbreak iOS 4.1 using a bootrom exploit. Since it was a bootrom (hardware level) exploit, it meant that Apple couldn’t stop the exploit from being used in existing iDevices to prevent them from being jailbroken but could do so in newer devices by patching the bootrom exploit.

ModMyI’s forum member believes that Apple has done just that and patched the exploit in newer iDevices. He writes:

I made a trip to the Apple Store today to get an iPad for my old lady (Christmas present). She told me she’d love it jailbroken, so I sat down in front of my computer to redsn0w this 4.2.1 iPad.

One problem–redsn0w 0.9.6b6 could not upload a pwned iBSS (hanged at the white screen on OS X, upload timed out and rebooted into jailed state with Windows).

Furthermore, the device constantly stalls when attempting to dump its bootrom. This leads me to believe the injection vector used via USB has been patched in DFU mode.

Case in point: Any iOS device with a serial number xx050 (this week) or higher might be unable to be jailbroken via the limera1n exploit. Slightly older devices may be invulnerable as well.

You can find out if your iPhone, iPad or iPod Touch is jailbreakable using the limra1n exploit by checking your serial number to find out which week your iPhone was manufactured.  You can find out which week your iPhone was manufactured from the serial number (seen in iTunes summary page or Settings App –> General –> About –> Serial Number). The first two digits of the serial number tells you the factory ID of where it was manufactured and the next three digits (Digits 3-4-5) tells you when it was manufactured.

Example: xx050xxxxxx – the 0 means 2010, and the 50 is the week of 2010 that it was manufactured.

So according to the speculations, new iPhone, iPod Touch and iPad manufactured from the 50th week of 2010 might come with updated bootrom. It won’t be the first time Apple has done it to stay ahead of the cat and game with the iPhone jailbreaking community, in October last year, Apple had started shipping iPhone 3GS with newer bootrom to prevent jailbreaking.

Please note that these are still speculations at this stage, we will let you know as soon as any further information and a confirmation from the iPhone Dev Team.

Let us know your thoughts about Apple’s latest attempt to prevent jailbreaking (assuming the speculation turns out to be true) in the comments.

[via ModMyI, Redmond Pie]

Like this post? Share it!