The Apple iPhone jailbreak exploit 24kPwn is no longer working after Apple updates its bootram file.
Reports are surfacing that Apple has taken
steps to ensure a new shipment of iPhone 3GS smartphones is more hack-proof
than ever. Various jailbreakers around the globe began posting on the social
networking site Twitter that the software exploit known as "24kPwn" was no
longer working. Apple's updated Bootrom file, iBoot-359.3.2, which started
shipping last week, patches the hole and renders the exploit useless.
France-based Twitter user "Mathieulh" was one of the first iPhone owners to
notice the updated version number. A member of the iPhone Dev-Team (a group of
hackers in the iPhone OS community), MuscleNerd, also posted on Twitter and
confirmed the loss of 24kPwn.
Over the summer Apple ratcheted up the
rhetoric over the issue of jailbreaking its iPhone, warning allowing rampant
unlocking of the device could lead to potential cyber-attacks, cell tower
manipulation and increased drug deals. Apple argues that not only does
jailbreaking violate a license agreement between Apple and the purchaser of an
iPhone, but it could lead to cell tower disruption by hackers looking to wreak
"Before partnering with Apple to provide
voice and data services, it was critical to AT&T that the iPhone be secure
against hacks that could allow malicious users, or even well- intentioned
users, to wreak havoc on the network," the company said in a July release.
"Because jailbreaking makes hacking of the BBP software much easier,
jailbreaking affords an avenue for hackers to accomplish a number of
undesirable things on the network." These include manipulating the ECID (Exclusive Chip
Identification) number that identifies the phone to the cell tower. With access
to the BBP via jailbreaking, Apple charges that hackers may be able to change
the ECID, which in turn can enable phone calls to be made anonymously, which
Apple points out would be desirable to drug dealers, or charges for the calls
to be avoided. Apple claims if changing the ECID results in multiple phones
having the same ECID being connected to a given tower simultaneously, the tower
software might react in an unknown manner, including possibly kicking those
phones off the network, making their users unable to make phone calls or send
and receive data. Despite Apple's documented dissent over jailbreaking, some
business professionals are as likely as consumer to want their iPhone or
competing smartphone jailbroken. eWeek senior analyst Wayne Rash recently pointed
out the positives and negatives IT departments might encounter when considering
unlocking smartphones. Rash noted one of the advantages
of unprovisioned smartphones is that its easier to implement consistent
compliance, backup and security features when the company provisions the phone itself.
Nathan Eddy is Associate Editor, Midmarket, at eWEEK.com. Before joining eWEEK.com, Nate was a writer with ChannelWeb and he served as an editor at FierceMarkets. He is a graduate of the Medill School of Journalism at Northwestern University.