|reply to loli |
Re: [JB] How they did it - AWSOME
Did it myself; watched the Linux version Jailbreak two devices with strace -ff -s4096 ./evasi0n.x86_64 2>&1|tee /tmp/jailbreak.log
That's just client-side with push-pull, didn't watch iOS. When a "white-hat" exploit driven OS compromise dubbed "Jailbreak" is released it's trivial to see how they did it. The real art itself is the vulnerability discovery and packaging. I'll tip my hat to evad3rs, well done, and a very well packaged "idiot" ready solution across Windows, OS X, and Linux. I would encourage supporting these folks through PayPal.
I would be more concerned with post-Jailbreak if the security issues are address in the form of deb/Cydia patches. Through their awesomeness they've defeated ASLR, code-signing, a read-only filesystem (mount -o remount,ro / == yummy), and the illusion of walled garden security. I'd love to see a DMCA-friendly errata backport method for patching the same vulnerabilities that allowed us to free our devices.