Inside the Corona Jailbreak

Pod2g has published a blog post detailing the inner workings of the recently released untethered iOS 5 jailbreak, named “Corona”—which pod2g reveals is an anagram for the IPSec daemon racoon. The article is pretty technical, but if you’re interested in programming or OS security, you may find it interesting.

Thus, for Corona, I searched for a way to start unsigned code at boot without using the Mach-O loader. That’s why I looked for vulnerabilities in existing Apple binaries that I could call using standard launchd plist mechanisms.
Post a response / What do you think?