For nearly half a decade, teams of hackers and programmers have worked tirelessly to crack Apple’s iOS software code in order to inject new features, themes, and applications. Now, a team led by noted former jailbreak developers Will Strafach, otherwise known as “Chronic”, and Joshua Hill, known as P0sixninja, is working to secure Apple’s mobile platform. The duo, along with a list of unnamed former jailbreak developers, has been working on a new comprehensive platform to secure iOS devices for both enterprises and consumers. Strafach provided us with a preview of the platform known as “Apollo,” the first security product from his new company Sudo Security Group.
Although the decision was made by the Librarian of Congress in October to make unlocking cellphones illegal, tomorrow marks the end of a 90-day grace period when the new rule will officially go into effect. As noted by TechNewsDaily, the policy will not apply to devices purchased before tomorrow or change unlocking policies for carriers. However, the policy will make it illegal for end users to unlock new devices they purchase. It will still be possible to buy an unlocked iPhone direct from Apple, while Verizon iPhones come unlocked out of the box, and AT&T will continue unlocking devices off contract. Several users have taken to Twitter to voice their concerns about the new law.
While iPhone hackers might have some issues with unlocking going forward, tomorrow could mark the release of iOS 6.1GM to developers. That could also mean a release of an iOS 6 jailbreak…
Late last month, we reported Swedish security firm Micro Systemation claimed its “XRY” application was capable of cracking an iOS device’s passcode, logging keystrokes, and accessing data like GPS, call logs, contacts, and messages. The video showing the app in action is now removed, but the firm’s claims are coming under scrutiny by at least one fellow hacker. Will Strafach, better known in the jailbreaking community as “@chronic,” just posted his summary of what is really happening with the software to clarify the issue.
While explaining XRY does not use exploits similar to jailbreak programs, as claimed by many covering the story, Strafach clarified the tool is “simply loading a custom ramdisk by utilizing the publicly available ‘limera1n’ exploit by George Hotz. The ramdisk is not even very special, because anyone could put together their own using open source tools.” He continued by explaining the “two-minute” claim of Micro Systemation is only true if a passcode is “0000.” The time increases when a more complex passcode is set.
Chronic also noted XRY cannot be used on iPhone 4S, iPad 2, and third-gen iPads, something most publications are not reporting. Here is his explanation: