Skip Links

Second iOS jailbreak hack due Sunday

Pioneering iPhone hacker George Hotz will release LimeRa1n for all iOS devices

By John Cox on Sat, 10/09/10 - 3:40pm.

[This is a repost of a news story elsewhere on our site]

Two iOS hacks to let iPhone users load their own applications are due to be released tomorrow, October 10, perhaps within hours of each other. Some websites already are running polls to see which one users prefer.

“Jailbreaking” is the term given to a code exploit that “frees” the iPhone to load applications outside of Apple’s iTunes-based App Store. For a group of computer-savvy endusers, this is an unalloyed benefit, letting them load any applications they wish. For enterprise IT, jailbroken iOS devices can pose a security risk.

The latest GreenPois0n exploit, for iOS 4.1 on devices with the Apple A4 chip, has been promised for some time, with a due date of Sunday October 10, at 10:10:20 am (presumably GMT). It’s being developed by the Chronic Dev Team.

But the hacker community is roiling with excitement and argument over the surprise announcement of another jailbreak, LimeRa1n, which promises to open up any and all current iOS devices.

Leaks about LimeRa1n began surfacing on the Web, with various hackers claiming or claiming to confirm that it was being created by George Hotz, more commonly known by his online handle Geohot. (iPhone Download Blog has a good summary of the swirl of claims.) Hotz is usually given credit for the first iPhone jailbreak.  But he announced via Twitter in July 2010 that he was giving up his iOS hacking.

A new jailbreak blog, LoadingChanges.com, posted a photograph that shows 4 different iOS devices sporting a green teardrop on their displays, emblematic of LimeRa1n.

Hotz’s new jailbreak tool apparently exploits a vulnerability in the iOS boot ROM. The new GreenPois0n version apparently makes use of a different one. And that’s unfortunate, tweeted a member of the iPhone Dev-Team hacking group, with the handle Musclenerd.  “As dramatic as geohot's last-minute all-device JB [jailbreak] is, still a shame that two bootrom holes will be burned at once,” he posted. Later, he added, “The ultimate goal should be not wasting 2 bootrom holes at once, all other issues aside.”

That’s because, by exposing these low-level security holes, Apple software engineers can plug them.

Hotz and the Chronic Dev Team apparently are working together to substitute the boot ROM weakness uncovered by Hotz in the GreenPois0n release due out tomorrow. But the hacker group has vowed not to miss its release target, according to one member, Joshua Hill, tweeting as @pOsixninja.