Oct 28
I wanted to take a moment to say thank you to a very important group of people working through the evenings and holidays - our employees, partners and customers. You know who you are.

For most of us, holidays are a great time to catch up with friends and family. They're also a time of mad scrambles. As I'm sure isn't unique to the American tradition, some among us postpone holiday shopping until the very last minute (today, even). Which leads to a late surge in infrastructure requirements from those businesses that continue to bet the world will ever get its shopping act in gear (I'll take the other side of that bet, any day).

This leads to a late surge in purchase orders (for the record, we love that part, planned or otherwise), and then a late surge in shipment activities (not all datacenters are near airports, sadly), and then a late surge in installation activity - yielding a lot of travel for those responsible.

In a perfect world, we'd then be done, and home with friends and family.

But then it doesn't end.

Christmas Day is a day of massively high load for Sun's customers across the world. This year will undoubtedly set a pile of new records. Millions upon millions of network enabled gifts will be given in December, and a huge chunk will be unwrapped and turned on tomorrow. Digital still and video cameras will start pumping content to photo/video sharing services. Mobile phones will need to be provisioned, and will start downloading and sharing content (on a global basis, the network load from New Year's Eve MMS messages goes beyond staggering). Set top boxes, networked picture frames, video game consoles, navigation devices, stuffed animals, sports equipment and automobiles - will all come on-line tomorrow. On the same day. And everyone will (and should) expect flawless service.

For some of our customers, it's their single highest load day of the year - and single most valuable opportunity to shape their brands. For Sun and our partners, it's a day we're very focused on making successful. So to all of you working over the holidays - thank you. I and my team are aware and appreciative of your efforts, and you are making a big difference.

Please take the time to rest when the work is done. Remember, the difference between humans and computers is that our uptime is a function of our downtime.


Tagi: infrastructure requirements, phes, line tomorrow, flawless service, set top boxes, millis, datacenters, video cameras, holiday shopping, perfect world, day of the year, amg, sports equipment, picture frames, late surge, chunk, video game, great time, even

Oct 28
I don't see it happening anytime soon.

The old exploits aren't there anymore. The hope would be finding an exploit in the new baseband code itself to run a large chunk of code. But I think the bootloader is pretty well locked down.

First of all, downgrading the bootloader from software is out of the question. The bootrom exploit runs before the current bootloader, so it can access the bootloader. But when the bootloader boots, it locks down its sections of flash. So after the bootloader runs, the bootloader can't be touched.

Secondly, the only secpack that validates on 4.6 is >= 1.1.3 They made a change to the format of the secpack so the older ones don't validate. So if we looked for an exploit in the baseband itself, it would have to be on post 1.1.2

Firmware is written as it is uploaded, and this is what IPSF and AnySim take advantage of. The old bootloader just relied on waiting for the sig to verify before writing the first 0x400 bytes, which contain the start vector. The new bootloader also needs the "secpack" in 0x3c0000 to not verify. So we would have to find an exploit which can write the first 0x400 and erase 0x3c0000.

The IPSF unlock itself uses an RSA hack in bootloader 3.9 This has been thoroughly patched in 4.6

Also even if we found a way to brute force the NCK's in reasonable time, we can't get the information to do the brute force off 4.6 The only hope here is to find the Apple algorithm used to generate the NCK. I don't think this is possible, unless we have a spy in Apple :)

I hope I am wrong, and some clever person will come along with a software unlock.

Tagi: bootloader, nck, wrg, ipsf, brute force, chunk, firmware, algorithm, vector, hack, boots, pers, spy

Dec 15
So, less than a week ago we have announced Icy 1.0, a lightweight alternative to the popular Cydia installer. During the week, a tremendous amount of people have downloaded it, and we have received a lot of feedback.

Based on the feedback we are pleased to announce an immediate availability of Icy 1.1. There are still stuff we'd like to implement, but overall, this release addresses a fair chunk of what you have asked for:

  • Recent Packages;
  • Support for More Info / Screenshots links in packages;
  • When there are package updates available, Updated tab will be shown by default in the Installed section;
  • Supports Conflicts package specification;
  • Added custom Cydia header to requests so Icy is indistinguishable from Cydia from the repository point of view now;
  • Moved Install/Remove buttons to the toolbar;
  • Shows console log for dpkg failures;
  • Recursive dependencies supported much better now;
  • Support for WinterBoard so Icy should be themeable now;
  • Removed Essential tag in the Icy's own info (mistakingly copied from Cydia);
  • Some cosmetic and minor fixes;
  • Some code profiling to speed up the UI even more.

Recent Packages may look odd at first, by listing all of the available packages. This is because APT repositories has no per-package "date" information so we have to store the information about when a particular version has appeared by ourselves. So first time when you refresh your sources, you will see a lot of 'recent' pages -- this will go away in a few refreshes when real changed packages are being picked up.

Source refreshes are still strictly manual. Next updates of Icy will allow a setting to enable automatic refreshes.

If you don't like how Icy looks, we encourage you to create a WinterBoard theme for it. :)

If you'd like to see Icy in your native language (as it's fully localizable), we will post the files that need to be translated on the blog tomorrow. We got Russian and German covered (German is coming in the next minor update), so we will be glad to add your language to the mix too!

Tomorrow the work on 1.2 will start -- next thing in the pipeline is the dependencies view.

Tagi: th release, package updates, minor fixes, native language, repositories, dependencies, chunk, butts, repository, point of view, ui

next >