In the endless game of cat and mouse that is Apple vs. the jailbreak scene, the cat just put a pretty nasty gash in the mouse’s face.
For the past seven months, jailbreaking (opening an iPhone to applications not signed by Apple for installation) has relied on an exploit dubbed “24kPwn”. We’ll skip the technical voodoo for the sake of not putting you straight to sleep, but here’s the important bit: in the latest batch of iPhone 3GS units to hit the shelves, the exploit has been fixed. Unless a new exploit is discovered (and, with each patch, this is becoming less and less likely), any iPhone 3GS to ship after last week will not be jailbreakable.
If you want the full technical rundown of the exploit, you can find it here. In its simplest form: as with all computers, the iPhone requires something called a “Bootrom” to startup. During the startup process, one stretch of code in the Bootrom fails to ensure that the content being loaded is within a certain size limit. By throwing more instructions at that chunk of code than it’s intended to handle, exploiters are able to make the iPhone do damn near whatever they want; in this case, the jailbreaking process.
The first to notice that the 24kPwn exploit was no longer functioning was France’s Mathieu H.. A few hours later, others had confirmed the news. The latest Bootrom, iBoot-359.3.2, was no longer vulnerable to 24kPwn.
So, why would Apple do this? The exploit wasn’t really a security risk to the user; it wasn’t accessible without physical access to the handset, and the process was just intense enough that it couldn’t be done accidentally. Sure, it theoretically allowed malicious code to be run on the iPhone which might brick the handset – but that has by no means been an issue thus far. There’s only one other reason, then.
Even as Apple continues to open up APIs and (very) slowly loosen their restrictions on the App Store, there are many, many (legal) reasons why jailbreaking is fantastic; alas, there’s one why it’s not: piracy. While jailbreaking allows for countless wonderful (but otherwise disallowed) apps to run on the iPhone, it also allows cracked versions of paid applications to be installed. As a result, piracy is mind-blowingly, soul-crushingly rampant on the iPhone. Many iPhone developers – such as those behind the popular IM client, Beejive – are reporting that 80 percent of their users are pirates. Yep. For every 10 users on Beejive, 8 of them didn’t pay for it. I’m no saint myself, and all of us here fully understand that a download does not equal a lost sale – but when 80% of the people using your app (and in Beejive’s case, your servers) aren’t paying to keep the lights on, it’s likely seen as a big issue.
Will another exploit be found? Most likely. There is no such thing as perfect code – especially in something as complex as an operating system. It may be difficult, and it may require waiting through an update or two, but eventually someone will find a way back in.