The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Limera1n"
(→Controversy) |
(→Controversy) |
||
Line 84: | Line 84: | ||
[[User:Geohot|geohot]]'s rationale is that Apple has already discovered, through internal testing, the [[limera1n]] exploit, making it very likely that it will be fixed in the next bootrom. Because iBoot code is present both in the bootrom and firmware, and because firmware is refreshed much more often that bootrom code, any fix in this code branch would appear first in firmware. geohot observed his [[limera1n]] exploit was closed in firmware and concluded that it would almost certainly be fixed in the next bootrom revision, whereas SHAtter still has a chance of remaining usefull in iPhone 5 should it not be disclosed at this time. |
[[User:Geohot|geohot]]'s rationale is that Apple has already discovered, through internal testing, the [[limera1n]] exploit, making it very likely that it will be fixed in the next bootrom. Because iBoot code is present both in the bootrom and firmware, and because firmware is refreshed much more often that bootrom code, any fix in this code branch would appear first in firmware. geohot observed his [[limera1n]] exploit was closed in firmware and concluded that it would almost certainly be fixed in the next bootrom revision, whereas SHAtter still has a chance of remaining usefull in iPhone 5 should it not be disclosed at this time. |
||
− | |||
[[limera1n]]'s [[Untethered jailbreak|untethered userland exploit was obtained by [[User:Geohot|geohot]]under questionable circumstances from [[User:Comex|comex]]. [[User:Comex|comex]] did in fact end up giving his approval for the exploit to be included in [[limera1n]]. |
[[limera1n]]'s [[Untethered jailbreak|untethered userland exploit was obtained by [[User:Geohot|geohot]]under questionable circumstances from [[User:Comex|comex]]. [[User:Comex|comex]] did in fact end up giving his approval for the exploit to be included in [[limera1n]]. |
Revision as of 04:24, 11 October 2010
Contents
Introduction
This is geohot's jailbreak utility. It uses his undisclosed exploit, along with comex's userland exploit, to achieve an untethered jailbreak on newer devices.
- iPhone 3GS (New bootrom is now working with Beta 3)
- iPhone 4
- iPod touch 2G (support announced, not released)
- iPod touch 3G
- iPod touch 4G
- iPad
It has been demonstrated multiple times by geohot, using blog posts on his now private blog. Geohot showed off a high-res picture of Cydia on an iPhone 4. He displayed an iPod touch 3G with an untethered jailbreak that met MuscleNerd's requirements for a good video. In addition, he took a picture of Cydia and blackra1n icons on his iPad's SpringBoard.
limera1n beta 1 was released on October 9, 2010, delaying the release of greenpois0n, because greenpois0n has to be rewritten to use the limera1n exploit instead of SHAtter. It only supports Windows at the moment and some devices have issues.
Release text
iPhone 3GS, iPod Touch 3G, iPad, iPhone 4, iPod Touch 4G
4.0-4.1 and beyond+++
limera1n is unpatchable
untethered thanks to jailbreakme star comex
released today to get chronicdev to do the right thing
brought to you by geohot
hacktivates
Mac coming soon
follow the instructions in the box, sadly limera1n isn't one click
that's the price of unpatchability
as usual, donations appreciated but not required
still in beta, pardon my ragged edges
AppleTV is technically supported, but theres no apps yet
Credit
- geohot - the program itself, and bootrom exploit.
- comex - userland exploit that allows limera1n to run untethered.
Changelog
RC1 beta 1 | 9 Oct 2010 XX:XX GMT | 2f2b09a6ed5c5613d5361d8a9d0696b6 | First release. |
RC1 beta 2 | 9 Oct 2010 XX:XX GMT | a70dccb3dfc0e505687424184dc3d1ce | Fixed kernel patching magic. Rerun BETA2+ over BETA1. |
RC1 beta 3 | 9 Oct 2010 XX:XX GMT | 81730090f7de1576268ee8c2407c3d35 | Fixed an issue with iPhone 3GS (new bootrom) |
RC1 beta 4 | 9 Oct 2010 XX:XX GMT | d901c4b3a544983f095b0d03eb94e4db | Uninstall fixed, respring fixed |
Technical Information
Basics
- limera1n does not use SHAtter.
- limera1n uses a bootrom exploit to achieve the tethered jailbreak and unsigned code execution.
- limera1n uses a userland exploit to make the jailbreak untethered, which geohot was developped by comex.
Exploits
limera1n uses an undisclosed bootrom exploit.
Process
The jailbreak appears to execute something like the following (in no particular order):
- In recovery1,
"setenv debug-uarts 1 setenv auto-boot false saveenv"
Controversy
The release of this jailbreak is specifically designed to pressure Chronic Dev into not releasing the SHAtter exploit, instead implementing the limera1n exploit into greenpois0n. Now that geohot has released limera1n, releasingSHAtter would uselessly disclose another bootrom exploit to Apple.
geohot's rationale is that Apple has already discovered, through internal testing, the limera1n exploit, making it very likely that it will be fixed in the next bootrom. Because iBoot code is present both in the bootrom and firmware, and because firmware is refreshed much more often that bootrom code, any fix in this code branch would appear first in firmware. geohot observed his limera1n exploit was closed in firmware and concluded that it would almost certainly be fixed in the next bootrom revision, whereas SHAtter still has a chance of remaining usefull in iPhone 5 should it not be disclosed at this time.
limera1n's [[Untethered jailbreak|untethered userland exploit was obtained by geohotunder questionable circumstances from comex. comex did in fact end up giving his approval for the exploit to be included in limera1n.