Separate names with a comma.
Discussion in 'iPad Hacking' started by yousefsaad, Jun 20, 2011.
Heey guys can any one help me to jailbreak my ipad 2.....?????
No we can not.
Please refer to the Hacking section on this forum, specifically the Official iPad 2 Jailbreak Chat Thread. And do please read it.
Tap on the iPad 2 jailbreak news link in my signature.
The search button is always your friend!
iFrog - Sent from my iPad2 using iPF
Yousef u need to help urself first it seems..check some threads..u will find the jb..its coded..u need to hack it..no one has been able to do so yet!
Leigh, correct me if I am wrong.
Awwww, Grayson, there's a few bits wrong there.
I thought you did your research... I'll need a wee while to correct it....
It's right now.
It sure is. Well done but deleting all your mistakes doesn't make you smart again
Here is a very basic and over simplistic explanation of the bootrom:
The "boot" "rom" controls how the device boots and is stored in ROM (Read Only Memory), which means it is hard coded into the chip in the iPad and cannot be changed unless Apple makes a revision to the chip.
A jailbreak needs a way to get onto the system and work it's magic. Think of it like a door. An exploitable bug in the bootrom code is one such door, and it is a very useful one, because if you can control HOW the device boots then you probably have a very good chance of doing whatever you like to bypass the various levels of security Apple puts on their devices. As you know, the A4 chip in iPad1, iPhone4, and iPT4G all have a flaw which you correctly said can be exploited with limera1n. That's why, when you pwn the bootrom with limera1n, you can install a custom firmware made with sn0wbreeze or pwnage. You control the boot so can force it to accept a custom firmware.
In order to get a look at the bootrom, you dump it. Apple made that much more challenging with the iPad2. From what I understand the bootrom part of the chip is only powered up for the moment where it is needed and is then switched off. Without being switched on it is a real challenge to get it dumped. Without a dump, the code can't be analysed for possible exploits...
However, you don't have to have a bootrom exploit to jailbreak. As I said, it is just a door. A userland exploit is a bug in a software application running on the device which can be used as a door to get in. However, because a userland exploit is in the software, once the jailbreak is released Apple will likely update whatever part of the software it is that is being used and so stop the jailbreak from working on future versions of IOS.
So we don't NEED a bootrom exploit like you suggested, but it would be great to get one eventually as the new jailbreak which will be release soon for the iPad2 will likely be immediately patched and will therefore only work for iPad2 owners with firmware up to 4.3.3. Of course, as soon as Apple patch the userland exploit they will ship a new version of iOS on all new iPad's preventing new owners from jailbreaking.
That is just a very simple explanation of a very complex process. Hope that clears it up a little for you