Apple Kills Untethered Jailbreaking in iOS 4.3.4 | Cult of Mac

Apple Kills Untethered Jailbreaking in iOS 4.3.4

By

Image courtesy of Christian Bryan on Flickr
Image courtesy of Christian Bryan on Flickr

Apple released its promised iOS 4.3.4 software towards the end of last week to fix a security vulnerability in mobile Safari that made the latest JailbreakMe exploit possible. It goes without saying, then, that updating your device will eliminate the possibility of jailbreaking with JailbreakMe, but it will also kill all other untethered jailbreaks too!

Just like iOS 5, iOS 4.3.4 blocks the untethered exploit that jailbreakers have been using since iOS 4.1. Ion1c, the hacker responsible for the first untethered jailbreak of iOS 4.3, explained Apple’s fix in messages posted to Twitter:

For those that did not get it: iOS 4.3.4 does not only fix jbme3 as announced, but also silently kills the ndrv_setspec() integer overflow.

In addition to that iOS 4.3.4 also adds code to dyld to detect attacks with binaries using “incomplete code signing”.

“Incomplete codesigning attacks” were used for all untether exploits from at least iOS 4.1.0

Wonder if [Apple] only tried to stop my xploit from modifying LCs at runtime with the new check, or if they knew it would stop [incomplete codesigning] attacks.

Until the iPhone Dev-Team finds another method of untethered jailbreaking then, you’re stuck with a tethered option… unless, of course, you cling on to your iOS 4.3.3 firmware. That might be easy to do now, but will you be able to put up with it when all your friends upgrade to iOS 5 this fall?

For those that do want to upgrade and are happy to go ahead with a tethered solution, you’ll be pleased to know RedSn0w was updated last week to work with Apple’s latest iOS release.

[via iDB]