iPhone hacker pod2g of the Chronic Dev Team has just announced that he has discovered a new bootrom based exploit.
pod2g announced the discovery of the new exploit via the following tweet:
iPhone 4G iBSS 4.0.1: iv=91f94e5d726a2d2f2c7ffad58d4f3b77 key=d05c3c40db40e738926f811b8b1314038d26096c410246 1698a49098c47a3fe6
and later confirmed that it also worked on iOS 4.1:
Works on 4.1 (!) iBSS iv=c2c5416472e5a0d6f0a25a123d5a2b1c key=1fbc7dcafaec21a150a51eb0eb99367550e24a077b128831b28c065e61f894a0
iPhone Dev Team confirmed it and reiterated that users who want to jailbreak and unlock their iPhone should avoid upgrading to iOS 4.1:
congrats to @pod2g for the latest exploit and also @p0sixninja who have been trying for months.
Crazy timing that @pod2g got latest exploit just as 4.1 went public (lots of work left…keep away from 4.1 for now!)
A bootrom exploit is not like the userland exploit used by Comex in JailbreakMe. A bootrom exploit is a low level exploit that can’t be fixed by Apple with a software update like it did with iOS 4.0.2 to patch the security hole used by JailbreakMe.
Apple can prevent jailbreaking by releasing devices with a new bootrom that patches the exploit, but Apple won’t be able to stop users from jailbreaking devices with the older bootrom.
However, as iPhone Dev team has pointed out don’t expect tools to jailbreak iOS 4.1 using this exploit anytime soon as there is lot of work still to be done to release a tool to users.
Thanks Naveed for the tip!