The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:Bluefreeze"
(more infos) |
|||
Line 22: | Line 22: | ||
:Thank you very much for clarifying. And it can be made an untethered downgrade with another bootrom exploit (if your missing ios 4.1 shsh and downgrade to that firmware and you run geohot's limera1n tool, you will get an untethered downgrade). I don't however understand what you mean by "no real downgrade". This is a tethered downgrade solution, and one that does not require ios 5.0.1 kernel (so the exploit found by Charlie Miller will work on it). And if in the future we have another bootrom exploit, but is only untethered on ios 5.0, people can downgrade (using bluefreeze) and achieve an untether if they forgot to save their shsh for ios 5.0. Anyway, thanks a lot! {{unsigned|J0ker|15:39, December 13, 2011 (MST)}} |
:Thank you very much for clarifying. And it can be made an untethered downgrade with another bootrom exploit (if your missing ios 4.1 shsh and downgrade to that firmware and you run geohot's limera1n tool, you will get an untethered downgrade). I don't however understand what you mean by "no real downgrade". This is a tethered downgrade solution, and one that does not require ios 5.0.1 kernel (so the exploit found by Charlie Miller will work on it). And if in the future we have another bootrom exploit, but is only untethered on ios 5.0, people can downgrade (using bluefreeze) and achieve an untether if they forgot to save their shsh for ios 5.0. Anyway, thanks a lot! {{unsigned|J0ker|15:39, December 13, 2011 (MST)}} |
||
+ | |||
+ | ::If we discover another low-level / untethered bootrom vulnerability (like 3GS with old bootrom), the device is jailbroken for live with any firmware - no need to downgrade ever. And according to IH8sn0w: "''After you boot it, once you put the device to sleep, kernel will notice LLB is invalid and reboot. then --> DFU.''" This means it's pretty useless. And the reason that 4.1 works untethered is that Apple still allows its installation (for some devices, see [[SHSH]]), so you can downgrade to that without ANY tool. All this info / warning is missing in the article. -- [[User:Http|http]] 12:44, 14 December 2011 (MST) |
Revision as of 19:44, 14 December 2011
Claiming false functionality
What? Are you joking? It works, have you tried it yet? I've worked countless hours trying to get this right, and you say it doesn't work? Look, try it before you say such things, I assure you it works. And where did I break the ground rules? These are all false claims. --The preceding unsigned comment was added by J0ker (talk) 14:45, December 12, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- These rules may come into play, but I only remembered to add them to the Ground rules page last night. (Previously, they were on Category:GUI Tools, but still enforced.) This page was created before the addition of these rules, but you were still involved with the program's creation, and creating the page yourself looks a bit like you're just trying to advertise yourself, which conflicts with this rule. --Dialexio 10:08, 12 December 2011 (MST)
- i just wanna say i thing, stop thinking that you are a hacker. Learn Reverse Enginer, C, C++, Pyhton, Exploitation and etc. After you can say that you made an exploit :) --Zmaster 07:52, 12 December 2011 (MST)
- I don't think I'm a hacker, I'm learning how to reverse engineer, I know java, I'm gonna start writing my tools in said language (probably). I specifically said it is not an exploit. And anyway that doesn't justify deleting this page. As I said before Bluefreeze works! And I have not broken any rules. --The preceding unsigned comment was added by J0ker (talk) 15:03, December 12, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- i just wanna say i thing, stop thinking that you are a hacker. Learn Reverse Enginer, C, C++, Pyhton, Exploitation and etc. After you can say that you made an exploit :) --Zmaster 07:52, 12 December 2011 (MST)
- You say it does work w/o SHSH blobs saved from TinyUmbrella or iFaith, however, tutorials I have seen say to drag some SHSH file onto iFaith. It may work for yyou because that is an SHSH blob for your device. Have you thought of using a device that isn't yours? I will not try this out myself as my devices are not for testing, but for everyday use. --Balloonhead66 14:07, 12 December 2011 (MST)
- Yes Indeed, It says to drag an ios 5.0.1 shsh blob (which are available to everyone right now), it then generates a ios 5.0 shsh blob (not available to everyone anymore). This new shsh blob is used for the downgrade. Since the old shsh blob is available to everyone to get, that would not be an issue. I have thought of using a device that isn't mine, several! I have downgraded an iPhone 4 that was purchased two weeks ago to ios 4.1! And many, many others. You don't have to try it, but if you don't try it you have no right to say it doesn't work (and I'm not saying you said that). --The preceding unsigned comment was added by J0ker (talk) 16:38, December 12, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- Look J0ker, the Ground rules (previously stated on the Category:GUI Tools page) say that the author of a software is not allowed to add an entry here. But that's only a simple rule and I wouldn't delete an important article just because of that. While we are all happy that you and many others try to contribute something useful to the scene, it distracts beginners if they see such "tools" that don't work. If you understood how SHSH checking works, then you should know that you need a low-level bootrom exploit to circumvent this check. Even the smartest hackers didn't find any. What you are doing is something different. If you say "it worked", this is simply because you don't understand why. I didn't delete the article right away, because I thought with your tool you could downgrade the user-interface or something. Then we might leave it (with correct explanations). Instead of claiming "it works", "I tried", etc., you would better provide a good technical explanation of what you (your tool) is doing, or how it circumvents the signature verification. And not what you think it's doing. Every claim with a proof please. It is not worth to try anything that cannot work by design. You cannot "generate" SHSH signatures without having Apple's private key. Please open Cydia on your "magically downgraded iPhone 4" and look at the listed blobs. You will see the version you downgraded to listed there (or in iFaith). This is why you can downgrade. And it can be done without your tool much easier. -- http 18:16, 12 December 2011 (MST)
- Wow, that's an intense amount of under-estimating you've just done, you act like I've never even opened cydia before. I'm writing up an explanation of Bluefreeze right now. Is this how pathetic I look? I'm mean I'm ashamed someone would even accuse me of such stupidity--The preceding unsigned comment was added by J0ker (talk) 17:50, December 12, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- J0ker, let me explain something here. I just tried your method on my old iPhone 3GS (no SHSH blobs saved whatsoever) to get from 5.0.1 to 5.0. I tried it to see if your method actually works, or, if what the other highly respected nerds on this talk page have been saying, that you just have SHSH for the version you downgraded to. Guess what, they're right. My 3GS in fact couldn't be downgraded by iTunes (and yes, I followed your instructions to the letter) because it just doesn't work. Felt like putting my 2 cents in, so there they are. --rdqronos 20:44, 12 December 2011 (MST)
- Where did you get stuck? Give me some sort of info so I can work to get it fixed dude. "because it just doesn't work". Do you know what happens to your credibility when you say this? It goes away because it clearly demonstrates that you have a bias opinion against Bluefreeze, I'd love to help you out, but the verbal attack is not going to help you. Which also leads me to think that you actually didn't try it, you just like to troll people, for your sake, I hope that is not the case. Please tell me, where you get stuck.--The preceding unsigned comment was added by J0ker (talk) 17:50, December 12, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- iTunes gave me first a "This device is not eligible for the requested build" error (checked my hosts/tinyumbrella, no issues there), so I redid the IPSW and tried it again, this time giving me a corrupted IPSW error. Both times, my iPhone 3GS was in pwnd DFU mode from iFaith. --rdqronos 13:23, 13 December 2011 (MST)
So in short, all that your tool does is to change to iOS version in the iFaith file so that iFaith accepts it to build a cfw. Why do you think that IH8sn0w added this check into iFaith? For sure not to annoy us. I'll ask him if he can provide some more infos, as I don't know what exactly happens next. -- http 05:25, 13 December 2011 (MST)
Ok, after talking with IH8sn0w and reading your last part, I think it works. But it's completely useless, no real downgrade, and that could be achieved way simpler. But it also means we can remove the deletion request and instead clean up the article. iFaith has a protection that you don't use it with the wrong firmware for your own safety. You actually remove that protection and allow an unsigned firmware to get installed. The device detects this and goes into DFU or recovery loop, which can be overcome to boot by using limera1n exploit (redsn0w). The problem only is that users usually want to downgrade to get an untethered jailbreak. This is not possible, because for every boot you need to get out of that DFU or Recovery loop by entering DFU mode and exploiting with limera1n, even if you haven't jailbroken your system. So I don't see what that could be used for. The devices this works on can have a tethered jailbreak with the latest firmware - always. and that booting is much simpler. And for devices like the iPad 2 or the 4S it cannot work, because there's no bootrom vulnerability. If someone wants to cleanup the article, feel free to remove the deletion request, but also clearly state that it's not a downgrade in the usual sense. -- http 14:10, 13 December 2011 (MST)
- You can jailbreak those tethered firmware with userland jailbreaks like jailbreakme.com--Marghost 16:25, 13 December 2011 (MST)
- Thank you very much for clarifying. And it can be made an untethered downgrade with another bootrom exploit (if your missing ios 4.1 shsh and downgrade to that firmware and you run geohot's limera1n tool, you will get an untethered downgrade). I don't however understand what you mean by "no real downgrade". This is a tethered downgrade solution, and one that does not require ios 5.0.1 kernel (so the exploit found by Charlie Miller will work on it). And if in the future we have another bootrom exploit, but is only untethered on ios 5.0, people can downgrade (using bluefreeze) and achieve an untether if they forgot to save their shsh for ios 5.0. Anyway, thanks a lot! --The preceding unsigned comment was added by J0ker (talk) 15:39, December 13, 2011 (MST). Please consult this page for more info on how to sign pages, and how to fix this.
- If we discover another low-level / untethered bootrom vulnerability (like 3GS with old bootrom), the device is jailbroken for live with any firmware - no need to downgrade ever. And according to IH8sn0w: "After you boot it, once you put the device to sleep, kernel will notice LLB is invalid and reboot. then --> DFU." This means it's pretty useless. And the reason that 4.1 works untethered is that Apple still allows its installation (for some devices, see SHSH), so you can downgrade to that without ANY tool. All this info / warning is missing in the article. -- http 12:44, 14 December 2011 (MST)