Headline Feeds
Apple (Nasdaq: AAPL) has begun shipping new units of the iPhone 3GS that reportedly cannot be jailbroken using common methods.
These new units have a new boot ROM that apparently can't be touched by the exploit, 24kpwn, from the iPhone Dev Team.
The news comes just days after jailbreaking icon George Hotz released his blackra1n jailbreak.
The Boot ROM Caper
A so-called jailbroken iPhone has had its software unlocked and modified so that it can run third-party applications not approved by Apple.
Apple has been fighting jailbreaking for years. Almost every new iPhone software update that the company issues must be picked apart by jailbreaking experts so that a new method of opening the software can be discovered and distributed online. The new boot ROM fix is its latest move in an ongoing war.
Boot ROM (read only memory) with boot code is integrated directly into the silicon of some chips. This lets them perform boot sequences on their own and load boot programs from various sources such as NAND flash, which is used in the iPhone.
Apple reportedly updated its boot ROM to defend against the 24kpwn exploit developed by the iPhone Dev Team. This has been widely used to jailbreak iPhones since it was released earlier this year.
Apple did not respond to requests for comment by press time.
The change in boot ROM followed Cupertino's release on Oct. 8 of version 3.1.2 of the iPhone OS, which was not vulnerable to the Dev Team's Pwnage Tool and redsn0w at that time. That state of affairs didn't last long -- on Oct. 13, the Dev Team released the latest version of its PwnageTool 3.1.4 for Mac OS X. This supports iPhone 3.1.2 for all versions of the iPhone and iPod touch.
The latest version of PwnageTool 3.1.4 had a side feature to jailbreak the iPhone 3GS that leveraged a simple implementation of the USB control message hole found by several hackers, including the Dev Team's "gray" and George Hotz, better known as "geohotz."
The iPhone Dev Team, one of the best-known iPhone hacker groups, has developed several tools to enable the use of apps that have not been approved by Cupertino on the iPhone and iPod touch. Other tools let iPhone owners in the U.S. use the device on carriers other than AT&T (NYSE: T).
Hotz Loves Colors
George Hotz made headlines when he unveiled his latest jailbreak, blackra1n, on Sunday. Blackra1n is a jailbreak app that Hotz claimed would break any device running the iPhone OS 3.1.2 in 30 seconds.
Blackra1n succeeds purplera1n, another iPhone 3GS jailbreak for Windows that Hotz released in July. Purplera1n was the first public software exploit for jailbreaking the iPhone 3GS.
Hotz has been hacking the iPhone for years. Back in 2007, when Hotz was 18 years old, he announced that he had executed the first hardware unlock of the iPhone as a member of a team of hackers. The unlock allowed the iPhone to be used on the wireless carrier T-Mobile's network.
The War over Jailbreaking
Almost from the time the iPhone was first launched, Apple has played cat-and-mouse with hackers in order to retain control of what network the device runs on and what applications it can run. In fact, the company is seeking to criminalize jailbreaking by invoking the Digital Millennium Copyright Act. Its opponents on that front include browser vendors such as Mozilla and online rights advocate the Electronic Frontier Foundation (EFF), as well as hackers themselves.
Apple is fighting the jailbreakers for two reasons, said Carl Howe, director, anywhere research at the Yankee Group. First, it doesn't want its carrier partners to lose money because owners of jailbroken iPhones are using other carriers. Second, it wants consumers to have a good and predictable experience with their products.
"Both these goals are undermined by jailbroken phones," Howe told MacNewsWorld. "Apple doesn't lose money to jailbreakers directly, but it can lose brand value, which is harder to recover."
The battle between Apple and the jailbreakers will continue, Howe said. "I don't expect this to be the last go-around."
Expect more jailbreak attempts and more attempts to stop them, Allen Nogee, a principal analyst at In-Stat, told MacnewsWorld. "I think both Apple and the hackers consider this a challenge," he said. "Neither side wants to lose."
Of more importance is Apple's attempt to criminalize jailbreakers by using the provisions of the Digital Millennium Copyright Act (DMCA). This would give Apple the legal teeth to crush jailbreakers.
Online rights activist group the Electronic Frontier Foundation has been battling Apple's efforts in this area. The EFF is comfortable with Apple's boot ROM changes, but it insists Apple's attempt to leverage the DMCA's provisions against jailbreakers is wrong.
"Apple is certainly entitled to modify its hardware as it likes -- just like Toyota can use nonstandard parts to make it hard on replacement part makers," Fred von Lohmann, EFF's senior staff attorney, told MacNewsWorld. "What Apple should not be entitled to do is invoke the DMCA to block hobbyists from tinkering with their own property -- just like a car company shouldn't be able to use the DMCA to prevent me from using replacement parts of my choice."
Whether or not the DMCA will protect Apple against jailbreakers could be clearer by the end of the month, when the U.S. Copyright Office is expected to make a ruling on the latest DMCA regulations.
Talkback: 
