iPhone & Android Jailbreaking

Sunday, November 14, 2010

Marnix van Meer


If you leave a door open, most of us will not try to get in. Once a door is locked we are all curious, and tempted to open it.

The same applies to mobile phone users dividing us in two groups.

The first group embraces a brand and sticks to the rules of the vendor. The second group is dedicated to bend the rules if they can.

The iPhones have all been jailbroken and will be in the future (also the Apple TV has been jailbroken, see here).

Next in line is the Google phone, known as G2, see here.

The protection

The latest jailbreak for the G2 uses a clever exploit in the NAND lock of the phone. The NAND lock makes the RAM memory read-only.

The RAM memory does not have a genuine read only state, but the phone has a bootloader that can lock the NAND.

The NAND lock in that case makes the OS believe there is no memory available. An attempt to change the data of a locked NAND will result in a "not enough memory" error.

The challenge

The challenge has been to modify the bootloader. You first need to get temporarily root access via VISIONary after which you replace the files hboot-eng.img, wpthis-OTA.ko and wpthis-pre-OTA.ko on your phone.

The guide can be found online but keep in mind that you can brick your phone. For those amongst you with a successful jailbreak you are now officially part of the second group of mobile phone users.

The lesson

Building a secure NAND lock will close that gap but it only changes the focus to the next weakest spot and it is just a matter of time. 

While most people are impressed by the security measures to prevent this, I'm more impressed by the creativity to find workarounds.

Most operating systems will be vulnerable to jailbreaking or gaining root access.

Both Adroid and iPhone are vulnerable and if you cannot make a choice you could allways install Android on iPhone, see here.

Possibly Related Articles:
PDAs/Smart Phones
Mobile Devices Smart Phone Exploits Jailbreaking NAND
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.