Be our facebook's fan page!

Monday, June 27, 2011

explains why the DevTeam iPhone OS 5 does not allow downgrading firmware

In a post from the DevTeam released some minutes ago, is to elucidate the possible reasons that make it impossible to downgrade the IOS of 5.

Here's the translated post:

    
It seems that Apple wants to aggressively fight the so-called "replay attack" that allowed users to date, using iTunes to restore previous versions of the firmware using the save dell'Ecid.

    
Those of you who made the jailbreak in the past will surely have heard of the need to periodically save the ECID (SHSH), in order not to lose the ability to downgrade the operating system, and having to do it via Cydia or TinyUmbrella. Save the ECID of a given firmware on a specific device used to restore a previous version of the same even after Apple has given up "sign." All this, however, is about to change.

    
Since the beta version of iPhone OS 5, in fact, Apple has changed the role of '"APTicket", which is now being used in a manner very similar to "BBTIcket". The steps in the sequence of iBoot LLB and restart an iPhone now depend on the authenticity of the key tied to APTicket, the key is generated at each reset: in practice, now the success of the recovery phase of downgrades depends not only saved dall'ECID and firmware version, but also by a random number linked to APTicket and that only Apple can control and manage. Authentication APTicket, in fact, not only does each recovery, but also every time you restart the device, and since only Apple has the cryptographic keys to sign a properly firmware prior to the present, any attempt to reproduce the APTIckets by third would be useless.

    
All this will take effect only with Apple's iPhone OS 5 and will be able to enable or disable this check at will by closing or opening the signing of APTIcket (just as is already the case for the baseband BBTIcket).

    
Fortunately, the exploits used by geohot with limera1n will still be usable, because it works before you start the new type of control created by Apple. This means, therefore, that at least tethered jailbreak is safe (for now), but not downgrade.

    
All the talk we had on the downgrade only applies if you want to restore a future firmware to a previous one, but always IOS 5. That is, until today, those who already wanted to go back to IOS IOS 5 and 4 can still do it (perhaps using an older version of iTunes), while in the future, who will install iPhone OS 5.1 (example) is never to return to iOS 5.

    
It is therefore an important step for Apple in the fight to jailbreak, but there is still room to try to circumvent this "block". But it is still in beta 5 iPhone OS, it would be premature to talk about.

No comments: