The news is good for iPhone jailbreakers everywhere this morning — but for Apple? Not so much.
Just minutes after the iOS 4.1 update became available to all, iPhone hacker pod2g has revealed that they’ve discovered a new bootrom exploit, with all recently released iOS hardware seemingly being vulnerable. In less geeky words: the iPhone 4? the new iPod Touch? If it was built anytime before today, it’s theoretically jailbreakable — and there’s not a whole lot Apple can do to fix that.
You see, there are many dozens of components in any iOS product that can serve as a means for jailbreakers to get their tweak on. Most of the components that can potentially be exploited are stored in a rewritable state; if an exploit is discovered, Apple can simply push out a new firmware update, overwrite that rewritable chip, and bam, exploit patched. A very, very small handful of the potentially exploitable components, however, are not rewritable. If an exploit is discovered in one of these components, no one — not even Apple — can fix it on hardware that has already been shipped.
The exploit in question here seems to focus around the boot rom, which, as you might have guessed from the preamble, is one of these non-rewritable components. Apple can patch up this exploit in any new hardware before it leaves the factory (they’ve shipped revised hardware as a result of similar exploits in the past), but once that boot rom is flashed and the phone is assembled, it’s a done deal.
From here, the iPhone Dev Team and the rest of the hacking community should be able to churn out jailbreaking software for just about any recently shipped iOS device. Once the exploit is made public, Apple will almost undoubtedly begin shipping hardware with revised boot roms eventually (last time, it took seven months) — but until then, expect a whole lot of jailbreaking to go down.