Main component of latest iPhone jailbreaking code released
The Chronic Dev team have released one of the major components of greenpois0n, the software for jailbreaking Apple's iPhones, iPads and iPods with the iOS operating system. Once jailbroken users can bypass Apple and install arbitrary software on their devices. The component in question is the "syringe" injector module. The module sends the exploit to the device and then boots the device out of recovery mode and into a jailbroken state.
Initially, the released code only appears to be interesting in as much as it gives insight into the way the jailbreaking mechanism works. However, it also harbours a new danger: Boot loader jailbreaks such as greenpois0n could potentially be exploited to completely remove an iPhone's code lock. This would make the data on stolen iPhones accessible to intruders – excluding data encrypted with a separate password by individual apps.
When jailbreaking a device, greenpois0n modifies the previously locked system in such a way that the system will load apps that haven't been signed by Apple, and places a loader app for downloading the Cydia package manager on one of the device's home screens. It might as well have removed the code lock. There are ads on the internet that offer to remove the code lock for around £20 – with the now released "injector", it's possible to build tools that would make easy work of stripping the owners private data from stolen iPhones. It's likely such tools will soon appear for sale online too.