P0sixninja Is Getting Close To Dumping The BootROM Of All Newer iOS Devices Including The iPhone 5 And iPad 4
A new bootrom exploit has never been discovered for devices that feature an A4 chip or newer, and thus Jailbreaks for these devices are scarce. What a bootrom exploit like LimeRa1n means is that the device is essentially Jailbroken for life. This is why if you have an A4 iOS device, when Apple releases new firmware versions, tethered Jailbreaks are often times available the next day.
On Friday hacker @P0sixninja tweeted that he was working on something bigger than the iPhone 5 Jailbreak. At the time it was not know what this “bigger” thing was, but now P0sixninja has followed up by tweeting that it is “BootROM and decryption keys for A5/A5X/A6/A6X.”
This is some VERY BIG news! As P0sixninja explains himself “[bootROM and decryption keys is] a starting point for finding a new bootrom exploit, and makes userland jailbreaks 1000% easier.”
Let’s get one thing straight before we move on however, P0sixninja has not claimed that he had found these decryption keys yet (as some blogs would like you to believe). He is simply stating he is working on obtaining them and has made some good progress. In fact, he said “[there is] not much left to do but find a few more addresses and a bit more luck.” Furthermore, even once these keys are found, it doesn’t mean a new bootrom exploit will be discovered for newer devices like the iPhone 5 and iPad with Retina display. It simply means it will make things easier, and speed up the amount of time the iOS 6 untethered Jailbreak will take to be released.
Nevertheless it is still some exciting news, don’t get me wrong.
It sounds like P0sixninja is working solo on this project however, and it will be separate from the solution Chpwn, MuscleNerd and other hackers are working on. In response to P0sixninja’s earlier tweet about the status of the iPhone 5 Jailbreak looking grim, @Chpwn replied “Grim, eh?” Signifying the he knew something P0sixninja did not.
MuscleNerd also tweeted today “lots of tweets today about a “bootrom exploit” being found. Bootrom hasn’t even been dumped since 2010, let alone crashed or exploited.” He is indeed right, and if P0sixninja was able to dump the A5/A5X/A6/A6X bootROM it would be a game changer.