It looks like iOS 5 will finally let Apple put a stop to some of the jailbreakers they’ve been after. The latest beta prevents users from downgrading to earlier versions of iOS. Meanwhile, untethered jailbreaks are effectively out the window.
The iPhone Dev Team found that the role of SHSH blobs jailbreakers have been using up to now has been undone by Apple’s new design. The change centres around APTicket authentication:
Starting with the iOS5 beta, the role of the “APTicket” is changing – it’s being used much like the “BBTicket” has always been used. The LLB and iBoot stages of the boot sequence are being refined to depend on the authenticity of the APTicket, which is uniquely generated at each and every restore (in other words, it doesn’t depend merely on your ECID and firmware version…it changes every time you restore, based partly on a random number). This APTicket authentication will happen at every boot, not just at restore time. Because only Apple has the crypto keys to properly sign the per-restore APTicket, replayed APTickets are useless.
Sucks! This change affects devices using iOS 5 and onward, as it apparently fits into Apple’s new OTA update strategy. Folks using pre-iOS 5 releases can still downgrade, but with older versions of iTunes.
Tethered jailbreaks will still be possible for people using geohot’s limera1n exploit as it takes place before the APTicket authentication. It’s just uncertain how the Dev Team and other jailbreakers will respond to the new developments. The game is afoot! [Dev Team via Cult of Mac]