Following up on my old DRM thread: lately comes news that the iPhone Dev Team have succeeded in jailbreaking the iPhone 3G. The Slashdot post about it contains some pertinent comments:
schmidt349 wrote:
This wasn't some simple privilege escalation coming out of a buffer overflow in the web browser. Apple signs the shit out of every binary on the phone. The kernel won't execute a binary in userland unless it's signed; the firmware loader won't execute the kernel unless it's signed; the low-level bootloader won't execute the firmware loader unless it's signed.The iPhone 3G is a paragon of embedded device security, at least by way of making sure unapproved code doesn't run on the device, and it's a testament to just how amazing the iPhone Dev Team guys are that they actually found a way to (a) defeat the whole chain of trust in the iPhone firmware in order to jailbreak it. This by the way doesn't even take into account their real genius, the hack into the baseband firmware for the S-Gold radio device, which executes code in its own universe, completely separate from the S5L application processor.
In short, this hack wasn't some bunch of script kiddies having a sleepover and cracking the copy protection on Arkanoid 2 for the C64. This was a brilliant circumvention of some of the tightest security ever found on a PDA or mobile phone.
followed by sycraft-fu, who added:
This is an excellent case study in why DRM is retarded. As you say, this is some of the tightest security ever found. Yet, it has been broken by some very smart people. Such is the fate of any DRM that is sufficiently widespread that smart people care to go after it. You can be as clever as you like with your DRM scheme, you are going to find someone as clever as you will likely break it.
