Posted by on under edge data, edge internet, iphone, proxy server, recent developments, iphe, firmware, 3g, wifi, socks, hackers, laptop, amp | 
Instructions for tethering your iPhone 3G or iPhone with 2.0 firmware are here
Recent developments have allowed iPhone hackers to compile background applications for the iPhone - among the most interesting so far is
srelay, a SOCKS proxy server.
srelay running on your iPhone opens up a very exciting possibility - you can use your iPhone's EDGE connection with a laptop or other Wifi-enabled device.
A note of caution: Accessing your EDGE data plan through a laptop may be against your AT&T terms of service. Even modifying your iPhone to enable this service may be a violation. Please check before attempting this procedure.
Currently these instructions only work for Windows - as I don't have a Mac I can't really test anything on that side. I was hoping a...
Read the rest of this post
Tagi: edge data, edge internet, iphone, proxy server, recent developments, iphe, firmware, 3g, wifi, socks, hackers, laptop, amp
Posted by on under iphe, o reilly, emerging technologies, sdk, hackers |
I'll be hanging out in ##iphone and #iphone-hackers over on irc.freenode.net . Check out the
Freenode IRC instructions if you're new to IRC.
##iphone is for general stuff, and #iphone-hackers is specifically for people who want to create applications for the iPhone (SDK or hacked).
Oh, and I will be talking at the O'Reilly Emerging Technologies conference about iPhone development (with a brief history, and a how-to). The conference is March 3-6 this year, and I'll be speaking on Monday morning.
Check out ETech today - spots are filling fast.
Tagi: iphe, o reilly, emerging technologies, sdk, hackers
Posted by George Hotz on under coue, iphone, source tools, mey, dev team, iphe, accesses, wikipedia, dev wiki, hackers, ace, web pages, spam |
I see a real problem with the iPhone hacking community. Most of the knowledge about the iPhone is somewhere within the dev team. If the dev team disbands and even a minor update is made which breaks things, all we'll have is a couple closed source tools and random information scattered around the internet. And I've had less and less time to work on this, so I can't keep up anymore.
We used to have an open wiki, actually it hasn't been open for a long time at iphone.fiveforty.net But whoever was managing it allowed it to fall apart, until it finally went offline, destroying information. I *hate* losing information. I wish I'd managed that wiki from the beginning, it's almost too late now.
Now we have the iPhone dev "wiki". According to wikipedia "A wiki is a collection of web pages designed to enable anyone who accesses it to contribute or modify content". So I guess it's not really a wiki.
yiphone.org got 400,000 hits. If even 1% of those people contribute to
The iPhone Wiki, it will be so awesome. I already added a lot of information. Anyone can create an account and edit, even the main page. I don't filter content, only spam.
I tried really hard to make the wiki a neutral place for information. The hosting costs are paid for by the ads on this blog; I figured I should do something good with the money, so there will never be ads or donate links on the wiki. I'm trying to pass the knowledge of the iPhone onto the next generation of hackers. Will you help me?
Tagi: coue, iphone, source tools, mey, dev team, iphe, accesses, wikipedia, dev wiki, hackers, ace, web pages, spam
Posted by planetbeing on under recovery mode, csts, fashi, boot menu, auto boot, battery voltage, promed, pmu, iphe, nand, iboot, phe, upshot, opti, aces, gaps, programmers, hackers, variables, banks |
While I was waiting for CPICH to finish the first bits of the NAND FTL reverse engineering work, I've been trying to fill in some of the gaps we had in other places, such as the PMU. As promised, there is also now an easy way to install openiboot onto the iPhone. This is great because it will eventually lead to an even leaner and easier QuickPwn in the future.
One of the annoying parts about iBoot in recovery mode is that the thing refuses to charge the iPhone while sitting in recovery mode. The battery just eventually entirely drains. With the new PMU code, openiboot now recharges the battery, so programmers using it (read: me) can just have it sit on the console screen indefinitely. You can also do neat things like check the current battery voltage and check the power supply type the phone is charging from.
The "installation code" consists of porting over my knowledge of reading and modifying img3 files from working on the jailbreaks. I was too lazy to port over the entire xpwn framework, but I wrote up a "diet" version that is sufficient to read and modify img3 files in a limited fashion. img3 files are sort of the new native format of the main part of the NOR (just a bunch of img3 files concatenated together). The upshot is that you can load openiboot as an img3 through iBoot (just like sending an iBEC image) and then type "install" at the console and openiboot will be a permanent stage in your bootloader chain. =P
You can, of course, keep booting up to the iPhone OS as you always do by selecting the option in the boot menu. Installing openiboot isn't very useful except for hackers wanting to hack openiboot.
I also figured out how to parse and modify the NVRAM banks (storing environment variables like "auto-boot", etc.), which was actually pointless complicated (in my opinion). They have two banks consisting of a bunch of partitions with these headers that Apple uses a pointless one-byte custom checksum on. The entire bank is also checksumed with adler32. When NVRAM is modified, the oldest bank is overwritten with the data and becomes the newest bank (which is tracked by an epoch number on each bank). This is so if one bank becomes corrupted, the other can be used as a backup. However, NVRAM hardly contains anything high value so the value of all this trouble is doubtful. Being able to write to NVRAM, though, makes it possible to set auto-boot on and off within openiboot so that we can easily control whether or not to enter iBoot's recovery mode.
Someone asked me how "safe" it was to do the installation, etc. Well, I've been doing it every time I make an update these days, so it's fairly safe. The worst that can happen in the usual case is that you may be forced into a DFU mode restore. Everything will be undone with a restore. Early on, I did have bugs that really screwed things up so that a DFU mode restore was no longer possible, but even that was recoverable. I'll just go over how briefly:
The important thing is to have a backup of the NOR. As I described in a previous posting, it's possible to really screw things up if you erase the SysCfg section of the NOR. If you do that, the iPhone OS will refuse to boot at all since iBoot cannot properly populate the device tree for the kernel. Since restore ramdisks rely on XNU booting, this is Bad News Bears. In addition, the SysCfg section is device specific, so if you do not have a backup, it will be difficult to ever completely recover from erasing it.
Therefore, before you proceed, MAKE A BACKUP OF YOUR NOR. openiboot can do this for you (and subsequently restore your backup if things go wrong).
Load openiboot via loadibec and select the console. Connect with the oibc client. Type in: nor_read 0x09000000 0x0 0x100000
This will read all of NOR into memory. Then type: ~nordump.bin:0x100000
This will transfer the dump over USB onto your computer and save it as nordump.bin.
Supposing you filled the entire NOR with garbage somehow and are unable to boot. You have to get into openiboot to restore the NOR. The problem is that openiboot is only designed to operate in a post-LLB or post-Recovery Mode context, so it cannot be directly booted from DFU mode. Basically, you've got to load a pwned WTF, then a pwned iBSS, and then a pwned iBEC (all of which is available from a custom IPSW). After that, you can use loadibec to load openiboot. Then, you can restore the NOR thus:
!nordump.bin
nor_write 0x09000000 0x0 0x100000
After that, you can reboot and everything should be normal.
Also, I received a few responses for people volunteering to do the art. I'm not sure what the best thing would be, since I don't want anyone putting in effort for nothing, but we do want the best possible results. So, I'll be getting back to you guys about that.
Tagi: recovery mode, csts, fashi, boot menu, auto boot, battery voltage, promed, pmu, iphe, nand, iboot, phe, upshot, opti, aces, gaps, programmers, hackers, variables, banks
Posted by Chris on under cat and mouse game, 3gs, download and save youtube videos, ape inc, versis, worth the trouble, reas, cat and mouse, camera lens, iphe, goliath, ly, apps, hackers, buzz, lt, laptop, struggle, freedom, truth |
David, meet Goliath. iPhone Jailbreak, meet Apple Inc.
The struggle to free iPhone’s software from proprietary Apple restrictions, by way of the process dubbed “iPhone Jailbreak,” is often described as a cat and mouse game. And for good reason.
Each time Apple releases an iPhone update, the iPhone dev team scrambles to crack it. Each time the hackers find a new way to Jailbreak, Apple scrambles to develop the next best way to block them.
This back-and-forth between Apple and the Jailbreak team has been ongoing since day one, and it’s all because people want the right to do what they want with their iPhones. For example, iPhone Jailbreak lets you:
- Change the look and feel of your iPhone
- Download and save YouTube videos on your iPhone
- Record video using iPhone’s camera lens (for non-3GS users)
- Tether your iPhone to your laptop
- Set SMS privacy levels using the Kate app
- Unlock your iPhone for use on other carriers
Lofty is the list of things you can do with a Jailbroken iPhone. Loftier still is the number of complaints about the Jailbreak process on the comment thread of one of my old iPhone Jailbreak guides.
The problem is that confusion over Jailbreak software and iPhone versions makes iPhone Jailbreak impractical.
Whether an iPhone can be Jailbroken depends on its “baseband,” and if you have the wrong baseband for the Jailbreak software that you’re using, it could cause you some trouble.
In principle, I would love the freedom to modify my iPhone without restrictions, and I agree that an open iPhone is a better iPhone; but in practice I find myself too uninformed, too busy or too worried to Jailbreak my iPhone.
Is iPhone Jailbreak Worth the Trouble?
At the moment, I can’t Jailbreak my iPhone 3GS because I installed the official iPhone 3.1 update. As of this writing, you can Jailbreak an iPhone 3GS only if it runs the 3.0 software, which means you miss out on all the new augmented reality apps that are all the buzz.
The truth is I haven’t Jailbroken my iPhone lately because it’s just too complicated to keep up with all the updates, from both Apple and the iPhone Jailbreak team.
Worse, Jailbreak voids your iPhone warranty. So if your Jailbroken iPhone breaks because of a problem that was Apple’s fault, well good luck with that, because the Geniuses ain’t gonna help you — not for free anyway.
Do You Play the Cat & Mouse Game?
Do you Jailbreak your iPhone? Are the benefits of Jailbreak worth the risks? Please share your opinion in the comments.
Tagi: cat and mouse game, 3gs, download and save youtube videos, ape inc, versis, worth the trouble, reas, cat and mouse, camera lens, iphe, goliath, ly, apps, hackers, buzz, lt, laptop, struggle, freedom, truth
