Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Nucleus OS                             from real-time operating systems to unlocking iPhones                              ...
Nucleus OS                                                  Facts              •      Real-time operating system          ...
RTOSTuesday, December 14, 2010
RTOS    Requires tasks to be executed within a given timeframe    Neglects throughput    Guarantees either Hard- or Soft r...
RTOS                             Soft                       Hard                       Lateness is tolerated   Task failes...
DesignsTuesday, December 14, 2010
Designs                             Event driven                 Time sharing      task switch only occurs on events of   ...
ArchitectureTuesday, December 14, 2010
ArchitectureTuesday, December 14, 2010
KernelTuesday, December 14, 2010
ConnectivityTuesday, December 14, 2010
StorageTuesday, December 14, 2010
SecurityTuesday, December 14, 2010
Application PlatformTuesday, December 14, 2010
Application Platform                     Inflexion UI                Multimedia                    Window System           ...
Real world examplesTuesday, December 14, 2010
Handheld Devices                              TI n-Spire series - graphic calculatorsTuesday, December 14, 2010
Signal Processing                              BLU-800 Digital Signal ProcessorsTuesday, December 14, 2010
Cellphones/Multimedia Devices                              iPhone/iPod/iPad - S-Gold2/X-Gold 608Tuesday, December 14, 2010
iOS Hardware Architecture                                     Application Processor                                       ...
iOS Hardware           audio          display                               Architecture                        WIFI      ...
Boot sequenceTuesday, December 14, 2010
Boot sequence                                        signature                signature                                   ...
Unlocking                             signature                signature                               check              ...
Unlocking                                    1. truly unlock                             by altering lock-state in seczone...
Unlocking                                                         2. unlock on-the-fly        run deamon process on        ...
Questions ?                             slides and additional info on jailbreaking iOS                                  av...
Upcoming SlideShare
Loading in …5
×

from Realtime Operating systems to unlocking iPhones in less than 30 slides

2,080 views

Published on

a very brief introduction to Nucleus OS, RTOS in general and the topic of unlocking iOS devices.

Published in: Technology
  • Be the first to comment

from Realtime Operating systems to unlocking iPhones in less than 30 slides

  1. 1. Nucleus OS from real-time operating systems to unlocking iPhones in less than 30 slides HdM Stuttgart Media University Computer Science and Media 2010 - Kai ArasTuesday, December 14, 2010
  2. 2. Nucleus OS Facts • Real-time operating system • developed by Mentor Graphics • written in C • Closed Source • Eclipse based SDK starting at $2995 USD • Supported Platforms: ARM / MIPS / Freescale / PowerPCTuesday, December 14, 2010
  3. 3. RTOSTuesday, December 14, 2010
  4. 4. RTOS Requires tasks to be executed within a given timeframe Neglects throughput Guarantees either Hard- or Soft real-time performanceTuesday, December 14, 2010
  5. 5. RTOS Soft Hard Lateness is tolerated Task failes after deadline May cause adaption of May cause critical service quality system-failureTuesday, December 14, 2010
  6. 6. DesignsTuesday, December 14, 2010
  7. 7. Designs Event driven Time sharing task switch only occurs on events of task switch occurs on regular clock higher priority interruptTuesday, December 14, 2010
  8. 8. ArchitectureTuesday, December 14, 2010
  9. 9. ArchitectureTuesday, December 14, 2010
  10. 10. KernelTuesday, December 14, 2010
  11. 11. ConnectivityTuesday, December 14, 2010
  12. 12. StorageTuesday, December 14, 2010
  13. 13. SecurityTuesday, December 14, 2010
  14. 14. Application PlatformTuesday, December 14, 2010
  15. 15. Application Platform Inflexion UI Multimedia Window System Framework GUI Designer support for many codecs Hardware accelleration Hardware accellerationTuesday, December 14, 2010
  16. 16. Real world examplesTuesday, December 14, 2010
  17. 17. Handheld Devices TI n-Spire series - graphic calculatorsTuesday, December 14, 2010
  18. 18. Signal Processing BLU-800 Digital Signal ProcessorsTuesday, December 14, 2010
  19. 19. Cellphones/Multimedia Devices iPhone/iPod/iPad - S-Gold2/X-Gold 608Tuesday, December 14, 2010
  20. 20. iOS Hardware Architecture Application Processor iOS User interaction Applications ... Baseband Processor NucleusOS Radio communicationTuesday, December 14, 2010
  21. 21. iOS Hardware audio display Architecture WIFI BT camera GSM Application Processor Baseband Processor UART I2S GPIO DMA controls power sim/net-lock !managmentTuesday, December 14, 2010
  22. 22. Boot sequenceTuesday, December 14, 2010
  23. 23. Boot sequence signature signature check check Bootrom Bootloader Firmware (Nucleus OS) ROM NOR seczone protected area contains: encrypted lock-stateTuesday, December 14, 2010
  24. 24. Unlocking signature signature check check 2. unlock on-the-fly by constantly overriding netlock checks in firmware Bootrom Bootloader Firmware (Nucleus OS) ROM NOR X seczone 1. truly unlock protected area by altering lock-state in seczone contains: encrypted lock-stateTuesday, December 14, 2010
  25. 25. Unlocking 1. truly unlock by altering lock-state in seczone hasn‘t been done yet due the tha lack of bootrom exploitsTuesday, December 14, 2010
  26. 26. Unlocking 2. unlock on-the-fly run deamon process on by constantly overriding netlock application processor checks in firmware exploit code execution * (requires jailbreak) vulnerabilities to override netlock „on-the-fly“ unlockd iOS Nucleus OS X seczone NOR UART Application Processor Baseband ProcessorTuesday, December 14, 2010
  27. 27. Questions ? slides and additional info on jailbreaking iOS available at http://blog.010dev.comTuesday, December 14, 2010

×