The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Unsolved problems"
(added more) |
m (update) |
||
(18 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
== Exploits Needed == |
== Exploits Needed == |
||
− | * [[Unlock 2.0|X-Gold 608 Baseband unlock]] - Partly done ([[ultrasn0w]] uses [[AT+XAPP Vulnerability]] which is available in all versions up to [[ |
+ | * [[Unlock 2.0|X-Gold 608 Baseband unlock]] - Partly done ([[ultrasn0w]] uses [[AT+XAPP Vulnerability]] which is available in all versions up to [[05.13.04]]) |
* [[Baseband Bootrom|X-Gold 608 Baseband Bootrom]] - breaking the chain of trust |
* [[Baseband Bootrom|X-Gold 608 Baseband Bootrom]] - breaking the chain of trust |
||
* [[Baseband Bootrom|X-Gold 618 Baseband Bootrom]] - breaking the chain of trust |
* [[Baseband Bootrom|X-Gold 618 Baseband Bootrom]] - breaking the chain of trust |
||
− | * [[ |
+ | * [[T8020|A12 Bootrom]] ([[Bootrom 3865.0.0.4.7]]) and newer - breaking the chain of trust |
+ | * Find a bootrom exploit that allows unsigned code execution (preferrably on startup) on newer devices ([[A12]]+). |
||
− | * [[S5L8940|A4 Bootrom]] ([[Bootrom 838.3]]) - breaking the chain of trust |
||
− | * [[S5L8942|A4 Rev A Bootrom]] (Bootrom ?) - breaking the chain of trust |
||
− | * [[S5L8945|A4X Bootrom]] ([[Bootrom 1062.2]]) - breaking the chain of trust |
||
− | * [[S5L8950|A5 Bootrom]] ([[Bootrom 1145.3]]) - breaking the chain of trust |
||
− | * [[S5L8955|A5X Bootrom]] ([[Bootrom 1145.3.3]]) - breaking the chain of trust |
||
== Work to be done == |
== Work to be done == |
||
− | * [[iPhoneLinux|Port Linux to the iPhone]] [http://www.iphonelinux.org/] |
||
− | ** [[Port (Google's mobile OS) to the iPhone]] [http://code.google.com/android/ Android Link] |
||
* Increased [[Bluetooth]] Profile Support |
* Increased [[Bluetooth]] Profile Support |
||
− | * [[Patch iOS 4.X to work on iPhone 2G & iPod Touch 1G]] |
||
* IP over [[iTunes]] |
* IP over [[iTunes]] |
||
* Getting NMEA output from the GPS |
* Getting NMEA output from the GPS |
||
* IPFW kernel extension |
* IPFW kernel extension |
||
+ | * Get kernel extensions working on 2.x+ |
||
− | * Find out how to activate the Broad-comm radio/wireless N chip |
||
== Investigation == |
== Investigation == |
||
* [[Research: Pwnage Patches]] |
* [[Research: Pwnage Patches]] |
||
* [[Research: Re-allowing unsigned ramdisks and boot-args with the 2.* iBoot]] |
* [[Research: Re-allowing unsigned ramdisks and boot-args with the 2.* iBoot]] |
||
+ | |||
− | * [[2.0 and 1.1.4 dual boot]] |
||
+ | '''See Also: ''[[Timeline]]''''' |
Latest revision as of 03:15, 21 January 2022
Exploits Needed
- X-Gold 608 Baseband unlock - Partly done (ultrasn0w uses AT+XAPP Vulnerability which is available in all versions up to 05.13.04)
- X-Gold 608 Baseband Bootrom - breaking the chain of trust
- X-Gold 618 Baseband Bootrom - breaking the chain of trust
- A12 Bootrom (Bootrom 3865.0.0.4.7) and newer - breaking the chain of trust
- Find a bootrom exploit that allows unsigned code execution (preferrably on startup) on newer devices (A12+).
Work to be done
- Increased Bluetooth Profile Support
- IP over iTunes
- Getting NMEA output from the GPS
- IPFW kernel extension
- Get kernel extensions working on 2.x+
Investigation
See Also: Timeline