Apple Fixes Untethered Exploit In iOS 4.3.4; So Don’t Expect Untethered iOS 4.3.4 Jailbreak To Be Released Anytime Soon

iOS 4.3.4

iPhone Dev team released Redsn0w 0.9.8b3 for iOS 4.3.4 to jailbreak iPhone, iPadand iPod Touch.

But it supports only a tethered jailbreak, which means that you need to connect your iOS device to the computer on every reboot.

iPhone hacking expert Stefan Esser who goes by the Twitter handle i0n1c, credited for developing the untethered jailbreak used in tools like Redsn0w, PwnageTool and Sn0wbreeze for iOS 4.3.1, iOS 4.3.2 and iOS 4.3.3 has tweeted that it may not be possible to release an untethered jailbreak for iOS 4.3.4 anytime soon.

In a series of tweets he has revealed that Apple has also fixed the untether exploit in iOS 4.3.4:

Don’t expect a iOS 4.3.4 untether anytime soon.

In a way it is nice to see that Apple instead of merely fixing vulns add more mitigation checks. But for jailbreakers this suxx.

The dynamic linker performs additional checks on the mach-o header to stop a class of attacks against the dynamic linker.

This is how Apple broke your hearts: ADD.W R3, R11, #0xFFFFFFFF – CMP R3, #9 – BHI get_out_of_here

It checks the demux_count in ndrv_setspec

Actually no. That code is the code that fixes the untether exploit.

Apple has also fixed the security vulnerability used by Comex in JailbreakMe 3.0 to jailbreak iPhone, iPad and iPod Touch.

So the only option you have if you want to enjoy an untethered jailbreak would be to avoid upgrading to iOS 4.3.4 and ensure that you have taken a backup of the SHSH blobs via Cydia or using TinyUmbrella for iOS 4.3.3, so you can downgrade to an older jailbreakable iOS version if required.

Apple has again upped the ante in its cat and mouse game against the jailbreaking community. It has already made it difficult if not impossible to unlock iPhone on the latest basebands and with iOS 4.3.4 update it looks like it is also targeting jailbreaking.

Sometimes we wonder whether Apple would have taken a different stance if jailbreaking was not used for illegal activities such as piracy of apps. It was good to see Comex requesting jailbreakers using JailbreakMe 3.0“Please don’t use this for piracy”. The jailbreaking community probably needs to do more to prevent it altogether to get rid of the stigma of piracy associated with jailbreaking.

What are your thoughts? Let us know in the comments.

[via Twitter (Stefan Esser)]