Downgrading iOS: From past to present - tihmstar
33c3 - Security - 12/28/2016
This talk is about the iOS secure boot chain and how it changed throughout different iOS versions, while focusing on downgrading despite countermesures.
It will explain basics like what SHSH blobs and APTickets are and how IMG3 and IMG4 file format works.
Also a new technique called "prometheus" will be introduced which allows for the first time downgrading 64bit devices.