The famous hacker Pod2g (the man behind Absinthe iOS 5.1.1 Jailbreak) gave an interview to guys at iphonetweak.fr detailing about his career startup in jailbreaking world to a successful hacker. He also gave a brief on ways of finding exploits and revealed that he would be working on to jailbreak iOS 6.
In another interview earlier pod2g has already confirmed that they are have half cooked jailbreak for iOS 6 even before the release of iOS 6 and its any betas. Pod2g also mentioned Comex and Geohot as great minds and hackers. Here is the full interview.
Question: pod2g Hello! For starters, can you introduce yourself?
pod2g: Hello, I’m Cyril, I’m 32 and I live in France. I work as a Java developer with regard to my job.
Question: I want to know first of all, why did you one day you decided to embark on research on IOS vulnerabilities?
pod2g: Actually, I was very frustrated when I bought my first iPod 2G. Like everyone else, I made a turn on the App Store, I tried a few games, some apps, but I wanted to go further and I was quite jealous of all the tweaks available on iPhone 3G at the time. The possibility of developing amongst other apps, without having to buy an Apple developer account I was also very interested.
Question: Beautiful story, your name pod2g thus comes from there?
pod2g: Exactly, lack of imagination, I looked a nickname so I can connect to the iPhone wiki and post a comment on Chronic, and this is the first nickname that came to mind! At the time, had begun to repay Chronic iBoot of the iPod 2G on Google Code, and explained what were the fundamental differences with the iPhone 3G. Basically, why it was not jailbreakable. Then Chronic announced on the wiki that there was a command named “ARM7 go” in iBoot that did not seem locked like the others, which would normally be restricted to the iPods development, but had no test to verify like other development orders. But the problem is that he could not make it work. At this point, I knew absolutely nothing in the world of the iPhone, it was new to me but I tried to run this command, and in just two hours, I thought, “But wait, it executes the code there, for sure, the iPod crashes when I upload data and I ‘ARM7 go” . So I commented on the wiki saying that I managed to run the command, and Chronic invited me on IRC. They drive with redeeming CPICH at the time of this vulnerability. I started at that time and I documented on MRA. I started to repay the iBoot, I dumped the bootrom and then a few weeks after it was 24kpwn!
Question: Very exciting about your beginnings, and in what year it was for us a little background?
pod2g: early 2009′s basically the luck of it all, like destiny, it’s weird. As if everything was traced to 24kpwn.
Question: How can you now find flaws and exploit them?
pod2g: To find flaws, this is the hard, we must focus on the area of operations and try different possibilities. There is a bit of flair, and then all means are good:
- Static code analysis open source XNU
- Static Code Analysis in IDA closed iOS
- Search for bug reports on the Internet for open source components
Question: In this connection, see the crash concocted to find faillles, is still relevant?
pod2g: That would be not bad to have a Web interface to enter the bug, so that the system checks the operability of the crash report , to filter a max of unnecessary cases and explain to people that the GUI bugs are completely useless. But the problem is 100% Apple fixes flaws used each time and usually, the IOS should come with 6 Kernel ASLR. When iOS 5.1 and Corona, they took great delight in correcting every tiny flaw.
Question: Do you think this to be the jailbreak iOS 6?
pod2g: Yes, I’ll be there for iOS 6. I look forward to this challenge!
Question: Ok, that promises great things! I’ve seen in a video conference in Amsterdam that research in the bootrom were now complete.
pod2g: I think it is currently impossible.Tant Apple will not add new features, such support for USB 3 or an entirely new chipset USB management, we will not see flaws in the bootrom.The iBoot is different, I think it is flawed, in fact we know cause crashes, but it remains to find a way to exploit them.
Question: This is a track for the future iOS 6?
pod2g: One of the possible tracks yes, but there are others.
Question: Besides, do you know most other hackers, and what relations do you maintain them?
pod2g: I know p0sixninja, Pimskeks, and iOPK Planetbeing that are part of the Chronic Dev Team with me. I also discussed with Geohot the past and I must say he has talent. As for comex is a true genius, there is nothing to say about it.
Question: Many French readers do not understand exactly why you are using mainly English on your blog and your Twitter. Can you explain this little dot?
pod2g: This is simply because English is the universal language. I touch more people with English.
Question: How did you meet and iPhoneSoft iPhoneTweak?
pod2g: I have a colleague who has you in its RSS and so I began to read from time to time but I am overbooked … unfortunately
Question: It is well understood. It is on these last words that we will leave. Thank you for granting us this interview and see you soon!
pod2g: It was with great pleasure!