Bad news for all those you look for a solution other than a tethered iOS 4.3.1 jailbreak for iPhone, iPad and iPod touch. Comex of the iPhone Dev Team has today announced in a number of tweets that iOS 4.3.1 untethered jailbreak tool is going to be delayed because Apple has fixed the untethered jailbreak exploit in iOS 4.3.1 firmware update.
As noticed by @0naj, my kernel exploit was fixed in 4.3.1.
I try not to be paranoid, but it is really hard to explain this as anything but a leak.
The funny thing is that my “new” kernel exploit is actually the kernel exploit used by JailbreakMe 2.0. It was never properly fixed.
It stayed there from 4.0.2 through 4.3, but was magically found in time for 4.3.1. well, go go @MuscleNerd and @i0n1c I guess
So it’s pretty obvious now that Comex and the team will have to start working on a new untethered iOS 4.3.1 jailbreaking tool altogether, because of the fact that Apple has ultimately fixed Comex’s untethered jailbreak exploit. Don’t expect Geohot to come out with an untethered iOS 4.3.1 jailbreak tool, as he is pretty busy fighting Sony in court.
All eyes are on the Chronic Dev Team to release an untethered iOS 4.3.1 jailbreak tool. On the other hand, iPhone security expert Stefan Esser uploaded a new video on YouTube in which he shows untethered iOS 4.3.1 running on a fourth generation iPod touch. The same exploit that he used to jailbreak iOS 4.3 has been used again to jailbreak iOS 4.3.1 untethered on iPod touch 4G.
From the video description on YouTube:
Meanwhile everyone should have noticed that my prediction became true and Apple released iOS 4.3.1 in order to fix the PWN2OWN vulnerability in Safari.
It was very unlikely that Apple also fixed the kernel vulnerability I used for my untether exploit. Mainly because the kernelcache binary is about 8-10 MB in size and the likelihood that Apple finds the same vulnerability in that short amount of time was very low.
However you never know until you try it. So this morning when I woke up and saw that Sn0wbreeze 2.4 beta was released I thought it would be fun to create a new video.
Unfortunately Sn0wbreeze does not work with my iPad 1 and so I had to test with my iPod 4G.
In the video you can see how I switch off the iPod, then restart it, show the version, show that it is tethered and has the multitasking gestures, i show that you can buy ringtones and then I show cydia and the ninja jump game from last time.
Because several people misunderstood me in the past:
a. I repeatedly stated that I will not release a jailbreak tool – I will only give out the untether. I did not try yet, but if it is feasible the untether could be a cydia package.
b. While the vulnerability I use is in the iPad 2 kernel my untether will NOT SUPPORT the iPad 2, because there is no way to install it there (bootrom exploits fixed). – however Comex is working on that part.
c. I am not giving out any ETA again, because the Jailbreak community is simply nuts. Last time I gave an ETA and even before that had passed I got constantly insulted by people that were demanding an immediate release. Sorry guys the more you insult people with the knowledge to actually do what YOU WANT the less motivation there is to use our free time to give it to you.
d. The only reason why I did not finish the untether before the ETA was due to unexpected work overload in my real job. It had nothing todo with the untether being too hard or unreal.
e. I don’t know why the dev team has not released a redsn0w that does tethered jailbreak for 4.3.1 – I would prefer that to be available, cause sn0wbreeze obviously does not work 100% yet.
f. If you want to learn more about iPhone kernel hacking/exploitation you should come to SyScan Singapore at the end of April.http://syscan.org/index.php/sg/program
So its true that an untethered iOS 4.3.1 jailbreak exploit is out there, but it looks like Stefen has no plans of releasing it any time soon, or at all. Currently, the only way to jailbreak iOS 4.3.1 tethered is through PwnageTool on Mac and Sn0wbreeze on Windows.