Why can't someone just add Cydia/Rock to an ispw and restore to it?

Discussion in 'iPod touch' started by iPwn, Mar 18, 2010.

  1. iPwn

    iPwn Community Development Staff Member

    Joined:
    Feb 5, 2010
    Messages:
    7,336
    Likes Received:
    525
    Device:
    Nexus 4
    If we needed untethered, why can't someone just extract an ispw and add cydia into the files and repackage it for custom FW untethered? Isn't that really easy?
  2. xXrkidXx

    xXrkidXx Well-Known Member

    Joined:
    Mar 27, 2009
    Messages:
    4,594
    Likes Received:
    129
    Device:
    iPhone 5 (Black)
    Nope. Because for everybody that needs this to work right now, is probably on 3.1.3. And Apple still sees a custom firmware as the correct firmware it is. So if your talking about a 3.1.3 -> 3.1.2 using a custom, it wont work. But if your just talking about a 3.1.2 custom(non SHSH devices) then people with Macs can use Pwnedge tool to create the exact thing your talking about.
  3. Bubalooshi

    Bubalooshi Active Member

    Joined:
    May 22, 2008
    Messages:
    2,432
    Likes Received:
    0
    Device:
    iPhone 3GS (Black)
    If it was that easy, I'm sure the Dev Team would know that by now

    Please Register or Log in to view images

  4. SoBe

    SoBe Banned

    Joined:
    Sep 1, 2009
    Messages:
    3,788
    Likes Received:
    1
    Device:
    2G iPod touch
    just adding cydia is probably not enough to fully exploit the whole firmware.
  5. ibizaGTi

    ibizaGTi New Member

    Joined:
    Dec 19, 2009
    Messages:
    638
    Likes Received:
    0
    Device:
    iPhone 4 (Black)
    The jailbreak is tethered because of the BootRom, not the firmware. The firmware and the bootrom are two completely different things. The BootRom is burnt into the chip, and can never be changed/modified.
    The Jailbreak works by finding an exploit in the BootRom, and using that to inject the payload into the firm and complete the exploit. When firmware is updated, the BootRom exploit still exists, but the Payload will no longer exploit the firmware.

    When the BootRom is updated (like on the 3rd Gen touch), a new BootRom exploit must be found...that is the hard part of the jailbreak.
  6. Jarlath

    Jarlath Retired Moderator

    Joined:
    Mar 21, 2008
    Messages:
    2,321
    Likes Received:
    0
    The reason is this; as explained before, Cydia needs the locks on the OS broken to run. This means full file system access and root user access. This is what jailbreak is. That's also why you can't just upload Cydia via USB to an unjailbroken iPod - it can't access the filesystem outside of /var/mobile due to the locks, and the root user is disabled, so it can't run anyways. A tethered firmware means that anytime the iPod starts up, you have to enable the jailbreak again - it doesn't stick as it is run externally and the code to jailbreak can't be run on the iPod. Untethered means the jailbreak happens all on the iPod, so it can reboot jailbroken.
  7. Coca Cola

    Coca Cola Member

    Joined:
    Dec 12, 2009
    Messages:
    801
    Likes Received:
    19
    Device:
    iPhone 4S (Black)
    So how do you find a exploit in the bootrom, files?
  8. SoBe

    SoBe Banned

    Joined:
    Sep 1, 2009
    Messages:
    3,788
    Likes Received:
    1
    Device:
    2G iPod touch
    You have to find a way, which takes a long time, and alot of work.

Share This Page