Saved SHSH Blob Restores almost at an end?

Discussion in 'iPad Hacking' started by f4780y, Jun 26, 2011.

  1. f4780y

    f4780y
    Expand Collapse
    Super Moderator
    Staff Member

    Joined:
    Sep 11, 2010
    Messages:
    7,114
    Thanks Received:
    648
    MuscleNerd has tweeted several messages in the last hour which signal that the golden age of SHSH Blob replay attacks may be nearing an end.

    After iOS5 is released it looks as though it will no longer be possible to save new SHSH Blobs and play them back to iTunes to fool it into restoring a previous firmware which is no longer being signed.

    Whilst restores of 4.x and 3.x should still work if you have saved blobs and a supported version of iTunes (e.g. 10.3), new 5.x blobs will not be of use if you save them away and try and use them later.

    According to MuscleNerd Apple is introducing a "number used once" (nonce) to the signing window just as they do for the baseband at the moment which will defeat the replay attack which is currently exploited to allow saved Blobs to work.

    Sad news indeed. This will make it even more important to take great care with your upgrades / restores / and installs when jailbroken OR when waiting for a jailbreak!

    If you install something old / incompatible with your device and have to restore you could be in for a world of pain if the "current" firmware is not jailbreakable... :(
     
    #1 f4780y, Jun 26, 2011
    Last edited: Jun 27, 2011
  2. Lakerfanalways

    Lakerfanalways
    Expand Collapse
    iPad Fan

    Joined:
    Jul 14, 2010
    Messages:
    293
    Thanks Received:
    0
    Good thing I saved my SHSH blob of 4.3.3 on my brand new iPad..I had a feeling Apple would try something sneaky like that
     
  3. f4780y

    f4780y
    Expand Collapse
    Super Moderator
    Staff Member

    Joined:
    Sep 11, 2010
    Messages:
    7,114
    Thanks Received:
    648
    The iPhone DevTeam have updated their blog with an article on it now - Dev-Team Blog
     
  4. SweetPoison

    SweetPoison
    Expand Collapse
    iPad Legend

    Joined:
    Jun 20, 2010
    Messages:
    14,913
    Thanks Received:
    133
    I was just going to tell you that, Leigh! Can you believe it?:D
     
  5. SweetPoison

    SweetPoison
    Expand Collapse
    iPad Legend

    Joined:
    Jun 20, 2010
    Messages:
    14,913
    Thanks Received:
    133
    Does this mean that we don't have to save our blobs anymore?
     
  6. KaiHD

    KaiHD
    Expand Collapse
    iPad Junkie

    Joined:
    May 30, 2011
    Messages:
    562
    Thanks Received:
    0
    God, no. I wonder how they are going to combat this? Doesn't look good.

    - Sent from my BRAND-NEW iPad 2! :D
     
  7. f4780y

    f4780y
    Expand Collapse
    Super Moderator
    Staff Member

    Joined:
    Sep 11, 2010
    Messages:
    7,114
    Thanks Received:
    648
    Well, you should certainly save the blobs you have just now because you will always be able to reinstall 4.3.3 because of this. It's just saving them after 5.0 is released looks as though it will be futile. But as Musclenerd said in the article, there may be ways to combat the new system, but before it is released is not the time to discuss it in the open!
     
  8. sutty0000

    sutty0000
    Expand Collapse
    iPad Fan

    Joined:
    May 11, 2011
    Messages:
    168
    Thanks Received:
    0
    As one door closes another door opens. Hopefully that's the case anyway.
     
  9. iRuthlessPad

    iRuthlessPad
    Expand Collapse
    iPad Enthusiast

    Joined:
    May 19, 2011
    Messages:
    389
    Thanks Received:
    0
    LOL I think geohot will be the saviour once again :)

    Sent from my iPad using iPF
     
  10. Wookiee2cu

    Wookiee2cu
    Expand Collapse
    iPad Junkie

    Joined:
    Mar 13, 2011
    Messages:
    555
    Thanks Received:
    18
    Sounds like GeoHot is going to be busy with his new job over at FaceBook.
     

Share This Page