What's new

iOS 4.3.4 Stops Untethered Jailbreaks Too

Maura

iPhoneForums.Net News Team
Staff member
Joined
Jun 18, 2010
Messages
4,891
Reaction score
1,050
iOn1c.JPG
[FONT=&quot]
[/FONT]
[FONT=&quot]TiPb reports today that the iOS 4.3.4 update that Apple just issued to plug the PDF exploit that had enabled JailbreakMe.com’s latest jailbreak, also patched another exploit that has been used for untethered jailbreaks since iOS 4.1. This information comes from the Twitter of i0n1c, whose tweets on the issue were quoted by TiPb as follows: [/FONT]

“For those that did not get it: iOS 4.3.4 does not only fix jbme 3 as announced, but also silently kills the ndrv_setspec() integer overflow.

In addition to that iOS 4.3.4 also adds code to dyld to detect attacks with binaries using ‘incomplete code signing.’

‘Incomplete codesigning attacks’ were used for all untether exploits from at least iOS 4.1.0

Wonder if {Apple} only tried to stop my xploit from modifying LCs at runtime with the new check, or if they knew it would stop [incomplete codesigning] attacks.”
[FONT=&quot]As TiPb notes, i0n1c’s last tweet in that list addresses the issue of whether or not Apple is just trying to plug security leaks, or if it is also actively trying to specifically close down jailbreak exploits.[/FONT]

Source: iOS 4.3.4/4.2.9 also kills untethered exploit dead | TiPb
 
yep, i saw the tweet about 4.2.9 but not about 4.3.4... it took apple long enough lol but i bet the next un tethered jb will be a while like with 4.2.1
 
not enough though, there will be another un tethered with in time, most likely after 5.0 though, whats the point in releasing an un tethered for 4.2.9 or 4.3.4 now? none
 
Unleashed said:
not enough though, there will be another un tethered with in time, most likely after 5.0 though, whats the point in releasing an un tethered for 4.2.9 or 4.3.4 now? none

+1. It's crazy so late in the game. I'd rather go back to 4.2.6 than to go to these future updates except 5 of course. Apple needs to give users what they want and maybe the jailbreak world would fade into the darkness.
 
apologies if I've missed earlier discussions -- and maybe am being really noobish here -- but... was there not a rumor (maybe that's all it was) of a chip-level vulnerability that supposedly was to put an end to this continuing b.s. of firmware updates rendering previous jb's useless at least until the next chip (A5?) comes out? Or is this "super-exploit" still being kept under wraps for the forthcoming IOS? For now, I guess, I'll stay w/ my 4.2.1 since it seems to be working just fine.
 
Top