Dev-Team Blog
To find yourself, think for yourself © Socrates 469 BC
iBoot unlaced…. 

For the 800 of you who wanted a video, here it is.

This is the command line to talk to your iPhone’s “BIOS” of sorts. It decides what gets run (if it’s signed correctly) or not. Normally it’s very restrictive. Unless it’s been pwned.

Pwnage breaks the chain of trust from the very earliest boot stage, and as the video shows, this chain has now been broken on the iPhone 3G. Given that the only thing lower than this is ROM, Apple will have to change the hardware to prevent us from getting in, and we don’t expect them to ask for your phone back so they can “fix” it. 

Please note that this has been anything but trivial, and it wasn’t as easy as porting our old code to the 3G iPhone. Many of our best hackers have been working in long shifts all weekend on this, and continue to do so as I write this post, we like to think of these guys as our very own master cobblers.

Note that this is indeed what geohot was talking about when we first talked to it almost a year ago, ironically we (that includes geohot at the time) were unable to do anything with it then. iBoot exists because iTunes needs something to interact with when restoring the phone, but as mentioned above, is normally heavily restricted, only allowing Apple-approved code to run, obviously this isn’t the case anymore ;)

Quoting geohot a year ago:

P.S: n82ap is the model code for the 3G iPhone.