1. jdavis530's Avatar
    I was reading Joshua Hill's (p0sixninja) twitter and saw the following post. Do you think their exploit has leaked out, or is this just something they post to warn people to not release their code?
    12-15-2010 03:24 PM
  2. BLiNK's Avatar
    when i received this tweet yesterday i have to admit i got kind of excited thinking we're getting a little closer?...
    12-15-2010 03:27 PM
  3. Devorikk's Avatar
    Someone named iHaz3 apparently leaked a SHAtter exploit that was going to be used on next-gen iDevices (iPhone 5/iPad 2).

    Allegedly, one of the dev-teams or @comex developed it and lent it to "law enforcement" to use for dumping info off of iDevices they confiscate or some nonsense. I'm sure Apple would be glad to give law enforcement whatever tools they need to get information off of iDevices, why the hell would law enforcement rely on dev-team tools?

    So now all these 20 yr olds working on jailbreaking 4.2.1 are sad their stuff is leaking and trying to scare people by pretending law enforcement is going to go after them.

    Whether that answers your question or not, who knows....I just think it's ridiculous. People are deleting their twitter accounts over this.

    I'm just a spectator
    12-15-2010 03:30 PM
  4. Airwolf's Avatar
    Sigh. It never ceases to amaze me how much drama there is in the Apple jailbreak community. It makes me appreciate my HTC EVO 4G more and more every day. If only there was a tablet running Android as good as the iPad...
    12-15-2010 07:18 PM
  5. crystus's Avatar
    Pod2g developed the SHAtter exploit and it was copyrighted. The rights to the shatter exploit were extended to the chronic and dev teams to use in their tools. Ihaz3's website was the subject of a ddos attack and was down for a while. In response he was going to post the shatter exploit for all to see. Last I had heard was that Ihaz3 was holding off on posting it as of yet. I am not sure whether or not they have. Chronic's response as the coding to use the exploit is copyrighted was to threaten legal action against anyone who would post their code. Law enforcement was unable to get co-operation from apple with the software and the software the chronic developed was able to access information that normally is not disclosed. For example your iphone stores a database of websites and gps coordinates in the memory. Chronic team created the tool for LE to be able to dump a phone to see where it had been, messages that were sent, and such.

    Apple and Google both have been relutant to disclose certain api's for LE and governmental use. The Army has been looking at using iphones and android phones to provide real time battle information to soldiers from drones and such. They have gotten the programs to work but have needed access to some of the security api's to make the connection more secure. Apple and Google have not granted that access. Thus why LE went to the hacker community for help.

    What it boils down to is that if the code gets out, the exploit and the code used to make it functional which is an integral part of the software that LE uses, the tool that LE has is effectively useless and data can be erased or modified by criminal enterprises. They never threatened that LE was going to go after them. They just stated that they would not be happy if the source code to their tool was released to the public. They only legal action that has been threatened was copy right infringement and C&D letter to those who publish the code and are not authorized to do so.
    jdavis530 likes this.
    12-16-2010 01:02 PM
  6. jdavis530's Avatar
    Thank you for that info.
    12-16-2010 01:16 PM
  7. Devorikk's Avatar
    LE using hacker-community tools is alleged, there's no way to know that's true. To me, it's a way to garner sympathy for them not keeping a tight lid on their code. Looks like it's working.
    12-16-2010 02:40 PM
  8. Totalimmortal363's Avatar
    Granted the police and FBi have used hackers before, I see what you mean. A TAD far fetched...
    12-16-2010 03:19 PM
  9. crystus's Avatar
    LE using hacker-community tools is alleged, there's no way to know that's true. To me, it's a way to garner sympathy for them not keeping a tight lid on their code. Looks like it's working.
    If you look through p0sixninja's time line to months ago there is a link to an article that explains the work that he helped with. It is not alleged it is a fact.
    12-16-2010 04:03 PM
  10. crystus's Avatar
    12-16-2010 04:15 PM