top | item 21094350

(no title)

mstg | 6 years ago

If I've understood this correctly, it was an iBoot vulnerability enabling the exploitation of the BootROM vulnerability untethered (without connecting to a computer again). Since the iBoot vulnerability is patched, the phone has to be connected to a computer every time to boot if there has been any tinkering (custom FW or any change in boot sequence).

So prepatch you could exploit the BootROM vulnerability untethered with the iBoot vulnerability, but postpatch have to connect to a computer to boot every time if you have done any tinkering which is why it is currently only adviced for security researchers. Tinkering with the BootROM also leads to invalidations of APTickets (so a future restore may be impossible without special gear).

discuss

No comments yet.