The hacking genius took out Apple's system at the age of 17 and cracked Sony PS3: George Holtz and Allegra

"If I can, I'd like to talk to Steve Jobs face to face."

- George Hotz

The hacker genius killed the Apple system at the age of 17, cracked Sony PS3, was fully supported by the two major hacker organizations, even Facebook shook an olive branch to it, Sony asked it to give lectures for its own programmers, what is so legendary and sacred?

George Holtz and Allegladine won't disappoint.

1. Young talent defeats Apple Empire: 17 years old cracks Apple system

About five or six years ago, if you asked what was the most sought-after personal electronic device? If your answer is Apple's iPhone and iPad, then you are out. At least the answer is not exact, and the exact answer should be, jailbroken iPhones and iPads.

On January 9, 2007, Apple and Cingular Telecom launched the Apple iPhone that made the world look at it, and it was officially launched in the United States on June 29, 2007, because Apple computers have always been known for their user-friendliness and ease of use, and these advantages have been inherited and carried forward by the iPhone with MacOS X system. The interface, operation, functions and concepts of the iPhone are all epoch-making, interactive, humanized and the speed of operation are amazing, this is clearly the mobile version of the Apple computer, the iPhone makes the whole world scream, when it comes to its love, people are used to calling it "love crazy", meaning, love crazy.

As the world's largest mobile phone manufacturer and the largest PC manufacturer, Apple has always led the trend of the world's electronic technology with very personalized products and super stability, and in March 2012, driven by the surge in iPad and iPhone sales, its market value surprisingly exceeded 500 billion US dollars, becoming a well-deserved leader in the electronics industry.

In addition to the profits from hardware sales, Apple's iTunes store, which sells third-party software in addition to the software that comes with the iPhone, is also a lot of revenue. The iPhone comes with a lot of trial software, when users think that these software functions are good, if you want to use it further, sorry, open your wallet and take money to buy it.

Electronic devices and operating systems in devices are copyrighted, including certain fee-based software in the system. In order to stabilize their own economic income, manufacturers often install corresponding software for their electronic devices in advance, and have access rights, such as not allowing unlicensed users to use superuser rights, and some paid software is limited in function.

This makes many people feel unhappy: spending money on mobile phones, and having limited functionality. Especially when users purchase expensive Apple products, they find that some software in the system cannot be deleted, forcibly occupying system space, wasting network traffic, and slowing down the operation speed of the entire system; There are also some software that cannot be installed through abnormal channels, or although it is genuine software, most functions are limited due to fees; Even when taking photos with an Apple phone, there is always a crappy clicking sound, although it does not affect the use, but it always feels very upset.

The operating system and core technology used in the world's smartphones are basically monopolized by several giant companies, Apple's iOS, Nokia's Symbian, and Google's Android, each operating system is not compatible with each other, just like China's Unicom and Mobile, although they are engaged in wireless communication, but always seem inseparable. Unlike Apple's operating system, Symbian (currently obsolete) and Android systems can meet general use in addition to not allowing users to delete system programs without authorization, while in Apple's iOS, user permissions are extremely low and can only install and use applications sold through the Apple Store. The benefits brought to users are obvious, the Apple system is extremely difficult to be attacked by viruses, strong stability, power saving, almost never crash, so in addition to creating Apple's economic interests, but also created Apple's rock-solid reputation.

The other side of the "double-edged sword" of user permissions is that Apple's mobile phone cannot personalize the interface as it wants, cannot delete the applications that come with the system, cannot use third-party input methods or even third-party software on non-iTunes platforms.

Anyone who has used a computer knows that Windows users can change the system desktop and icons at will, giving the same system a visual sense of common newness. Well, on such a powerful Apple phone, some of the most basic functions are not available, which cannot but feel awkward.

Just two months after Apple launched its first iPhone, a young man destined to make a name for himself appeared, just by name, simple and ordinary: George Hotz.

The original iPhone was released in the form of AT&T contract mobile phones, that is, iPhone users can only use AT&T's wireless terminal network for communication, and Holtz, who was only seventeen years old at the time, was a T-Mobile user, but accidentally, he bought an iPhone without knowing but could not use the original calling card, so the genius Hotz had a whim and began to study the iPhone in his hand.

The problem Hotz faces is much like the egg-laying rooster in Zhao Benshan's sketch, not its job to let it do, which is somewhat whimsical, and Hotz, like all young people his age, is eager to try every challenging thing, and making a machine run a function that it shouldn't run at all is undoubtedly very exciting. Or to put it another way, Hotz was born with a special knack for being a fighter in a rooster.

Smartphones work much the same as ordinary computers, except that they use the CPU to receive and process data, and then go to the corresponding software to run it. The key to cracking this phone is to find a way for the phone's baseband processor to recognize Holtz's instructions to achieve the goal.

Hotz flipped through the manuals of the mobile phone, then disassembled the phone, according to the electrician knowledge learned in school and the relevant introduction on the Internet, tried to solder a pair of wires on the baseband processor, and then connected the baseband processor with a 5V current, disrupting the operating frequency of the baseband processor like hypnosis, and then he wrote a program for the cracking machine so that it could correctly identify the wireless phone card signal of any operator and automatically receive and transfer it to the corresponding processing program, thus realizing Hotz's wishes.

With the help of two classmates, Hotz spent nearly a month and finally achieved his goal after breaking three mobile phones, and in the middle of the night on August 27, Hotz inserted his T-Mobile calling card into the self-modified iPhone phone and then called his aunt in Japan, "The voice was surprisingly clear, and my aunt even said that she could hear my excited heartbeat." ”

Hearing the heartbeat is obviously exaggerated, but it is undeniable that the moment the phone is connected, for a seventeen-year-old boy, this should be regarded as the first glory in his life.

Next, Hotz set up the camera, sat down and reopened a new phone, recorded the entire details of the modification, and then proudly posted the video online. The video of the creation of the world's first cracked iPhone quickly attracted 2 million views.

The media was in an uproar. "Young talent defeats the Apple empire", these words alone are enough. The next day, the headlines of the world's top ten news websites were all marked with George Hotz, and then CertiCell, a mobile phone repair company based in Louisville, Kentucky, contacted Holtz, and in the deal with Hotz, CertiCell used a Nissan 350Z sports car and three latest iPhones with 8GB capacity to obtain the source code of the program that Holtz wrote in the phone.

After Hotz has been so transformed, the iPhone can not only use all calling cards, but also download and use any software that can run on the iPhone, and most importantly, it breaks Apple's restrictions on the iPhone, even the use of software can be fully functional and free.

In an interview with CNBC, Holtz said: "I would like to talk to Steve Jobs face to face if I can. Apparently busy Steve Jobs would not be interested in this proposal.

After the hit of the American drama "Jailbreak", the operation of opening user permissions for the mobile phone was also named "Jailbreak", and the image was vivid and full of excitement.

2. Take out the PlayStation 3

Hotz can be considered a genius anyway, even if he doesn't crack the iPhone. The first computer program he wrote was a small reminder recorder to remind him of important schedules, which was not very difficult, but for a five-year-old child, it was a different matter; At the age of 14, he was a finalist for the Intel International Science and Engineering Fair with his homemade mapping robot, and two years later he made a brainwave control system look good. You know, similar systems, many well-known electronics companies do not know where to start, just after he cracked the iPhone, he was again shortlisted for the Intel International Science and Engineering Awards final. "I'm a born hacker, and I'm not a hacker because of some idea, but because I'm bored. Cracking is fighting the system. I'm fighting with the original author of the hardware. When the crack entered a computer system, I felt bloody. ”

On December 26, 2009, Holtz wrote a headless sentence on his blog: "It's time. Some of Hotz's die-hard fans felt that there was another deep meaning, and when fans asked rhetorically, Hoz replied confidently: "I want to challenge a more difficult thing, that is, the so-called impregnable wall of the iron wall, standing proudly for three years without cracking Sony's flagship PlayStation 3." ”

As we all know, Sony's PlayStation series of game consoles (hereinafter referred to as PS) is the world's authoritative game products, its core code is national secrets, in this product, users are strictly limited to the expansion of software functions, Sony company in the manual clearly marked, all game software must be downloaded and paid on the designated website before it may be received by the system, like the iPhone, this makes almost all users annoyed and overwhelmed, can only be at the mercy of Sony.

Hotz's challenge ushered in a lot of attention, including countless fans cheering and Sony personnel waiting to see what happened, but none of this seemed to change Hotz's determination, "I just want to kill it." ”

Over the next few weeks, Hotz stayed at home, dismantling the few PS machines he had and forcefully implanting a new program into the system, which was so large that he had to expand the memory for the PS machine. A month and a half later, the disheveled and bloodshot Hotz finally got out of customs, and he put a new sentence on his long-interrupted blog. "Please stand up and applaud me."

The applause was thunderous.

A fan replied to him: "I thought you were dead." Or ran away because of failure. Holtz replied with a smiley icon: "Great Hotz, Finnegan's Wake" is the protagonist of Joyce's last novel, about Finnegan, a brick mover, who falls off a ladder and everyone thinks he is dead and he is unharmed.

To this end, he specially added the cover of the book "Finnegan Awakening" to the cracked PS3 startup screen, and this "jailbroken" PS3 is also rightfully called Finnegan PS3.

Sony intercepted the cracked PS3 for the first time and made an upgrade patch for the system specifically for the cracked program. But Hotz obviously studied the core code of PS3 more thoroughly than Sony's technical engineers, and after each official patch for the cracked version of PS3 appeared, it would not be long before Hotz would launch a new version of the cracked program, and in the subsequent continuous refinement, Hotz mastered the underlying key of PS3, which is now often called Root Key permission.

In order to completely defeat Sony, Hotz did not exchange the cracked program for money this time, but sent it to the Internet together with the cracking tutorial for free sharing by PS3 users around the world, so that Finnegan PS3 can not only uninstall the original system, but also play pirated games, Hotz used a piece of less than 1,000 lines of code to break Sony, so that the Sony Game Store, the pillar industry that Sony Computer Entertainment strives to create, has no income.

The Japanese were furious. In contrast to Apple's silent response, Sony took Hotz to court in desperation for violating the federal Computer Fraud and Abuse Act and infringing the company's copyrights.

Holtz's fans, including those who had to buy genuine game software for their PS3 consoles, of course, sided with Holtz, believing that Holtz was defending freedom of information and maintaining worldwide information commonality, that Sony foolishly deprived consumers of the right to dispose of purchased goods, and that Sony's actions claimed in the public complaint that Holtz's actions not only violated Sony's registered copyright, but also led consumers to cheat on the game, and also violated consumers who had paid for genuine games , trying to pull up those consumers who have pulled their wallets to stand on their side and speak for Sony.

In fact, those consumers who have paid for game software, even if they no longer continue to pay for new games, rush to the Holtz camp, Sony is alone, and Hotz is very noisy.

In the end, the court sided with Sony, ruling that Hotz could no longer crack or disseminate information about Sony's products, and that Sony also had the right to monitor the changes of Hotz's personal account on the Internet. What's more, Sony is entitled to the IP address of the person who used the "jailbroken" PS3 to watch and download the video.

This undoubtedly exposed the personal privacy of all Sony PS3 users, and the verdict alone was enough to cause a tsunami of public anger.

3. "Congratulations"

Anonymous has always been a "godfather" hacking group. Its members are all over the world, the top personnel are relatively fixed, and the WikiLeaks incident is described in the chapter "The X Files of the E Era - Assange and His WikiLeaks" in my book A Brief History of Hacking - Empire in the Prism. He once cheered for Assange and attacked government websites and frequently succeeded, stealing the limelight for a while.

On April 4, 2011, Anonymous publicly stated on the Internet, claiming responsibility for the recent hacking of Sonycom and PlayStationcom, and released information such as the private phone numbers and home addresses of Sony executives, organized and called on protesters to physically harass Sony staff, and demanded that Sony abandon all lawsuits against cracking PS3.

The incident of Hotz facing the world's largest electronic equipment manufacturer Sony is itself full of legend, and the feeling that some unknown juniors in martial arts novels challenge the gate faction is eye-catching enough, and the addition of Anonymous is even more fueled, and the incident is developing towards white heat.

On April 19, 2011, Sony's four sets of servers were illegally invaded, nearly 100 million users' personal information data leaked, including passwords, birthdays, email addresses and residential addresses and other personal information, including some users' credit card data and other financial information, Sony had to temporarily shut down the server and carry out system transformation and upgrades, for which Sony's weekly losses reached a staggering $10 million.

The hacking itself is collective, and LulzSec, a world-class hacking group like Anonymous, also hacked into Sony Picture's central server in mid-April, successfully stole more than a million user passwords, and posted a message on the Internet announcing the backstage intrusion method of Sony Pictures' central server, calling on hackers to go to Sony's server to "get what they need." ”

Under the leadership and instigation of these two hacker organizations, major hacker organizations and individuals have mobilized to ravage the Internet under the banner of robbing the rich and helping the poor, Japan's well-known game console manufacturers Nintendo (Nintendo) and Sega (Sega) have not been spared, and Electronic Art, the News Cooperation, Booz Allen Hamilton, NATO (NATO) and other non-Japanese game manufacturers, news organizations, commercial companies, and government agencies were also affected.

"They started out just to defend internet freedom, but they started this bloody storm." Faced with a chaotic online world, Holtz showed complete helplessness, "I think hackers are just a group of people with computer technology, and technology is not guilty." After much discussion with Anonymous and Sony, Hotz released a statement on April 29, 2011:

"I, George Hotz, have always done things honestly and have never done anything that violates the morality of the rivers and lakes. I strongly disagree with Anonymous's behavior, and I hope Sony will not put this account on my head. Creating and exploring is wonderful, but even with villains like Sony, theft is the most shameful act. You're smearing the hacker's name. ”

While distancing itself from the two major hacking groups of Anonymous and LulzSec, Sony reached a settlement with Hotz in the face of pressure. Sony publicly renounced all prosecutions against Hotz, and Hoz was banned from the technical protection measures of Sony products for life. Sony even demoted himself and invited Hotz to Sony's headquarters in the United States to give a lecture to the PS3 engineers.

But it is clear that this paper peace treaty only works for both Holtz and Sony, and Holtz fans still show the most complete intransigence. Every day, large numbers of people gather in front of Sony's stores to demonstrate and spit on the Sony logo.

The growing Hotz now looks quite mature and stable, the up-and-comer, hacker elite, disappeared for nearly a year after the Sony incident, according to well-informed sources, the world's largest social networking site Facebook recruited Hotz to become the company's cybersecurity leader.

"Facebook is a good place, efficient and young. I probably won't do it for long, though. As for cracking electronic devices, sorry, I may still find something to study at random, but I will no longer post the crack information on the Internet, and I have already 'graduated' at this point. ”

4. The best bug in apples

Like Hotz, Apple has another genius kid, about the same age as Hotz, but with an extra beard.

Nicholas Allegra, screen name "Comex", looks like Harry Potter. Need to seriously declare that this young man after 90 is a super Apple controller, love Apple's various electronic products, whenever there is a new product launch, Allegra has to get one back for the first time to taste, and his way of trying is different, he likes to disassemble the new machine to find out, especially cracking the charging software, is regarded by the hacker community as a wizard in the field of Apple products, he began to teach himself programming at the age of 9, June 2011, 19-year-old Allegra used his own Jailbreak ME system to successfully crack the iPad 2, and became famous for a while, and then he published an improved version of this string of code on the Internet, any user of Apple electronic products can download it for free, using it in tens of seconds to break through Apple's extremely strict technical protection on the iPhone and iPad devices, while users rejoice, angry Apple vomit blood.

In the wake of the Hotz affair, Apple began implementing safeguards in 2008 called "code signing," a technology that can monitor code and instructions from users running non-Apple systems on Apple's electronic devices at any time. This set of technical measures can protect Apple's original system under the premise that hackers find system vulnerabilities and successfully enter the iOS system, that is, only those software and commands allowed by Apple's system can be used, and all internal instructions of non-Apple products are strictly prohibited under the filtering of this firewall.

"Code signing" is obviously vulnerable in Allegra's view, and Allegra specially improved the program segment for "code signing" in the subsequent release of Jailbreak ME 30, so that the Apple system believes that Jailbreak ME 30 is legally present in Apple devices, so that iPad 2 with Jailbreak ME 30 installed and all Apple devices using Apple iOS 433 before can be jailbroken smoothly. This forced Apple to work overtime to produce iOS434 just nine days after the launch of the iOS433 system, blocking the system vulnerabilities that could be used to jailbreak, and using dynamic code change technology to randomly change the position of the code in memory, making it difficult for hackers to find instructions and carry out any form of cracking.

Still, more than 1.4 million users jailbroke their iOS devices with the tool, provided that as long as they don't update their Apple systems, they can use third-party software for free forever. Of course, Allegra is not idle, after the introduction of the improved version of Jailbreak ME 30 for 434, Allegra miraculously treats the dynamic code with its human way, and also uses dynamic code technology to make Apple's anti-jailbreak code unable to catch its own code, and after the two programs are messed up in memory, it is finally Allegra's program segment that wins.

"I've spent quite a bit of time on this. I have to admit that Apple's programmers are the best and most dedicated programmers in the world, but I'm certainly better than them. Allegra firmly had the upper hand and told the Fox reporter who interviewed him with a sense of accomplishment.

In this contest of one foot high and one foot high, Allegra went to the meeting alone, which made the huge Apple very embarrassed, and Apple finally had to make a decision to block the Allegra program download website JailBreakMecom in its operating system. And this approach, in the eyes of the hackers, is undoubtedly admitting their failure, although blocking the Jailbreak ME30, but technically bowing down.

"Well, I admit Apple, this electronics industry behemoth lost to a smelly hairy boy." Dino DaiZovi, a program security researcher and contributing writer for the book "Bugs in Apples", confessed in the book that the complexity and technology of the Jailbreak ME program are highly comparable to the Gigafactory virus Stuxne of the year, and claimed that among the hackers in the world who are still skilled in technology, Allegra can be ten in the world, "at least five years behind the other hackers, so we have reason to believe that Allegra is the most powerful of all Apple bugs."

In the United States, this practice of jailbreaking mobile phones is legal, and although many electronics giants have jointly appealed for heavy fines for cracking electronic devices, Allegra's behavior is at least not for profit, and no matter what legal provisions, there is nothing that can be done about Allegra's practice.

"I'm not trying to exploit the law or make a fortune from it, in fact if I put the energy into writing Jailbreak ME and research anything else, it could be the pinnacle and bring me great fame and wealth." I just thought it was so much fun, and it was amazing for me to face a huge world-class opponent alone and take him down on my own. Forgetting to say, at the end of all this, Allegra was only a twenty-year-old college student.

In view of Allegra's superb technology and special status, after interviewing him, the reporter jokingly suggested in a press release that Apple could consider recruiting the talented teenager to the company's software security team. Later, foreign media commented, "Go to Apple for an internship? What about a six-figure salary and a private office? ”

That's a good idea, but I don't know if Allegra will condescend to work for his defeated men.

Young people tend to act more impulsively, and some hacking often has a Robin Hood-like feeling, and driven by this feeling, hackers often walk on the edge of crime, with heaven on the left and hell on the right. The copyrights and commercial interests of major companies are protected by law, and although Hoz and Allegra's actions are applauded by everyone in the world, they often get themselves into a lot of trouble and even jail time.

In the contest between Holtz and Sony, not only did they finally go to court, but even caused the world's major hacker organizations to flock to sweep the major websites in Japan, although these behaviors highlight the tenet of "all information should be transparent and free" in the hacker world, but also violate the world conventions and the laws of various countries, they amaze the world and touch the bottom line of the law. At the same time, it will make some equally passionate young people eager to follow suit, and once this chain effect is out of control, it will make these elite-level computer technology talents subject to legal punishment, making talents become criminals, which is regret and loss for both individuals and the whole world.

Hackerpedia:

Gigafactory virus Stuxne: This is the world's first destructive virus written specifically for industrial control systems, which can run on both Windows operating systems and Siemens SIMATIC WinCC systems and carry out malicious attacks against security vulnerabilities unique to both operating systems. Because Siemens' CNC machine tool system monopolizes the global CNC electronics market, the outbreak of the virus has caused significant damage in almost all important industries such as steel, power, energy, and chemicals, such as steel, power, energy, and chemicals, and the most famous time was that the virus caused Iran's nuclear power plants to delay power generation. On September 25, 2010, the virus was first captured by the China Virus Joint Defense Library.

Jailbroken iPhone: Apple phones are shipped with "closed" user rights. As an ordinary user, it is impossible to obtain the root permission of iOS, let alone install some software into the mobile phone by itself, and can only buy some software through Apple's dedicated software store (of course, there are also free ones), but this way firmly binds users to Apple's jurisdiction.

The jailbreak of the iPhone is to obtain the highest access to the system through abnormal means. Jailbreaking is not necessary, but jailbroken phones will be more convenient and fun to use for some users. After jailbreaking, you can use a lot of software for free, which can further enhance the ease of use of the phone.

Meizu hacking incident: On August 15, 2012, the new generation of domestic mobile phone brand Meizu held the "IQ competition, see who is faster and smarter" competition. The fastest person who answers all ten questions correctly will receive a cash prize of 100,000 yuan; As long as you answer 3 questions correctly in a row, you can get a 300 yuan voucher, and you can get a discount of 300 yuan by purchasing the new dual-core and quad-core Meizu MX in the official website online store. On the day of the event, the number of visits to Meizu's official website exceeded 4 million, and a considerable part of these 4 million visits were hacker attacks, they bypassed the answering link, directly sent the system to answer the three questions correctly, so that the system kept spitting electronic coupons, at the same time, Taobao and other major online shopping pages, but also with a variety of eye-catching words to the voucher price range from 5 yuan to 100 yuan, resulting in the sales of Meizu that month surged to tens of thousands of units, a momentary explosion, because Meizu mobile phone became popular.