Filed under: Analysis / Opinion, iPod Family, Bad Apple, iPhone
Saurik live chat: Learn about Apple's new signature server
Something new, unexpected, and possibly worrying has popped up in iTunes. iTunes now "calls home" to the Apple mothership whenever you restore an iPhone or iPod touch. It tells you that it's "Verifying restore with Apple...", checking your device identifier and the firmware with Apple's new signature server.Today, TUAW has the pleasure of talking with Jay Freeman, otherwise known as "Saurik", the developer of Cydia. Saurik has constructed a server that duplicates Apple's functionality, ensuring that you'll be able to downgrade your iPhone or iPod in the future, even if you have not jailbroken your device. This topic is for all iPhone users, regardless of whether they use jailbreaking. Please join us with your questions and comments as we hear from Freeman about why this move matters to you. Read on to see the full live chat transcript.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Buran said 4:31PM on 9-24-2009
Transcript, please. Not all of us can hear.
Reply
Buran said 4:48PM on 9-24-2009
Replying myself to say that I'm a moron; turns out it IS a text chat. I was misled by the video-player-like play button and "watch now". Sorry!
Spedione said 4:32PM on 9-24-2009
Transcript of everything that has occured so far:
Erica: Hi everyone. We're still getting set up and we'll start in just a few minutes.
4:16
Erica: And I think we're good to go.
4:17
Erica: I want to welcome everybody to our chat today. Today, we have the pleasure of talking with Jay Freeman. You might know him better as "saurik". He is the developer of Cydia and the godfather of the jailbreak world.
4:17
Jay Freeman (saurik): Hello!
4:17
Erica: We have several TUAWians who will be hopefully showing up to join in the chat as well. In addition to me, we should be seeing Mike Jones, Megan Lavey, and Josh Carr
4:18
Megan Lavey: I'm here! Good afternoon, Erica and Jay!
4:18
Michael Jones: Good afternoon everyone!
4:18
Erica: The big motivating factor for today's chat is Apple's new signing server. Jay, can you offer a brief overview of what it is, and what it means to iPhone users?
4:19
4:19
Jay Freeman (saurik): Gladly. In order for things like jailbreaking to work (or any homebrew development in a hostile environment), bugs need to be found and exploited in the software that runs on the device.
4:20
Jay Freeman (saurik): Unfortunately, hackers tend to have the fundamental advantage in such wars: software is released, and it must "stand the test of time": users may choose to simply never update their devices, and wait for exploits to be uncovered.
4:21
Jay Freeman (saurik):
Apple's response to this problem has been to make their new devices, the 3G[S] and the craazy new iPod (the larger sizes of the third generation iPod Touch), verify that, when the device is "restored" (when it is erased and the software is put back onto it) that software is considered "secure".
4:22
Jay Freeman (saurik):
This happens by having iTunes contact the Apple firmware signature server, gs.apple.com, sending it information about the device in question and the software that you are trying to load. In fact, every single individual file being sent to the device goes through this process (although one request to Apple's server can ask for multiple signatures at once).
4:23
Jay Freeman (saurik): So, to answer the question that some people have been asking in the "comments" section of this chat: yes, in order to restore your new i-devices, you will need to have an internet connection at the time of the restoration.
4:24
Jay Freeman (saurik): The device then has algorithms in it to verify the validity of that signature.
4:25
Jay Freeman (saurik): However, the way Apple implemented this allows for something called a "replay attack": where you take a recording of Apple signing the software, and then "reply" that process to the device, which gets confused and accepts the signature. Nothing about the process includes, for example, the current time, which could be used to verify "is this an original, or a recording".
4:26
Erica: Apple has always been proprietary about controlling the iPhone family of devices. How does this new step compare to previous moves on Apple's part, and how does it affect people who want to downgrade or jailbreak? And, is there any legal or ethical questions about your replay attack approach?
4:28
Jay Freeman (saurik): This next step is right in line with that their previous work in this area, and is in essence the next logical step to protecting the device. This method should, were it implemented correctly, keep users from not only downgrading their device to older firmwares but also keep users from being able to maintain a device on an older version by simply never upgrading: if anything happens to the device and the software has to be reloaded, for any reason, the user will be forced to use currently "ok" versions of the firmware.
4:29
Jay Freeman (saurik): To answer the question about "legal or ethical questions" about the replay attack, I will first state that I am not a lawyer, but will say that I do not believe there to be any issues regarding this technique.
4:30
Erica: I understand that you have set up a server that mimics Apple's. Can you tell us more about this?
Reply
snobordr720 said 4:37PM on 9-24-2009
Continuing.
Jay Freeman (saurik):
There is a specific "protocol" (the description of the interactions and what is allowed to be said back/forth) used between iTunes and Apple's signature server to ask "is this file ok". This protocol is neither encrypted nor obfuscated in any manner: it is actually entirely transparent to people trying to understand it.
4:34
Jay Freeman (saurik):
(For any techno-geeks out there: Apple sends an XML "plist" formatted Property List to the server including base64 digests of hashes of parts of the file, as well as the chip/board identifiers that determine what kind of device it is, and finally the per-device ECID: the server then returns a plist of signatures.)
4:34
Erica: Can you tell us more about the ECID SHSH? What is the ECID and is Apple tracking their users here a little too closely for comfort?
Spedione said 5:17PM on 9-24-2009
You can feel free to delete this comment
Mike said 4:52PM on 9-24-2009
Do you think greenpois0n will kill redsn0w?
Reply
bill.g said 5:24PM on 9-24-2009
I'm supposed to read that whole text chat to figure out why I should care about this to read the text chat?
In other words, this isn't anything anyone cares about.
Reply
cowfodder said 8:06PM on 9-24-2009
I, and many others who pay attention to the jailbreak community, actually care quite a bit. Perhaps you don't mind not being able to use your device in a manner of your own choosing, but for those of us that do this was a good bit of information.
Just because you don't care doesn't mean you need to be a douche.
bill.g said 12:38AM on 9-25-2009
To reiterate more clearly, this article applies to a minority of iphone users, but the lack of explanation and sensationalistic "click here to read about something that concerns everyone with an iphone!!!1" would lead the reader to think otherwise.
Cheap clicks.
mark said 3:25AM on 9-25-2009
No there is nothing that you care about.
Odd you spent your time posting how you don't care.
Chump.
bill.g said 11:54AM on 9-25-2009
Not reading what you're replying to: check.
cowfodder said 1:53PM on 9-25-2009
So what you're saying is that if a firmware update came out that completely borked your iPhone, but you couldn't downgrade to a stable firmware due to Apple no longer signing it, it wouldn't effect you?
This has possible implications for all iPhone and iPod Touch owners. Maybe you shouldn't lecture others about not reading something when you obviously didn't do so yourself.
bill.g said 2:14PM on 9-25-2009
I don't downgrade. I hold off upgrading a safe amount of time to minimize exposure to that type of serious issue. I also don't "jailbreak" or need to use my cell phone as a toaster.
Getting back to my point, I'd prefer the article actually summarize what the issue is and why I care instead of baiting me to click and scroll through an instant message conversation.
A topic for all iphone users indeed... who the crap has heard of cydia?
Aman said 6:09PM on 9-24-2009
After reading the chat tex, I know understand clearly that my newly purchased iPhone 3GS will not be jailbroken as I don't have ECID signature with Cydia :(
So all I have to do is wait and pray that the DevTeam or someone else comes with a magic answer.
Reply
Look said 6:10PM on 9-24-2009
OMG, The GOOGLE-GIRL IS BACK! And she is worried;)
Reply
Jon said 10:54AM on 9-25-2009
This is terrible news. For those of us with 3Gs devices, it sounds like we won't be jailbreaking anytime soon, if ever.
As soon as ATT gets a decent Android device, I'm going to seriously consider selling my iphone. I love my iphone, but I'm sick of Apples policies.
Reply