Skip to content

Instantly share code, notes, and snippets.

@coolstar
coolstar / sileo-featured-rules.md
Last active August 22, 2024 01:19
Requirements for packages to be featured on Sileo
@Cryptiiiic
Cryptiiiic / ios16_downgrading.txt
Created March 1, 2023 00:10
The unfortunate state of iOS downgrading
Unfortunately I have some bad news for downgrading.
Before I explain the bad news at the end of this post, I first need to introduce a background of iOS devices.
In iOS 16, Apple introduced a new firmware component known as Cryptex1. Technically, this is a "virtual" co-processor.
It's purpose is to allow Apple to push RSRs (Rapid Security Responses) which are separate from traditional iOS updates and can be installed much faster.
Like other firmwares, it also has a signing ticket locked to a cryptographic nonce (number-used-once).
We commonly refer to the Apple signing tickets as SHSH blobs.
Meaning the firmware can't be installed without a valid signing ticket as well as a matching nonce.
The "big two" components we deal with signing/nonces are AP and SEP. AP is basically the main device chip (Application Processor).
SEP is the security chip (Secure Enclave Processor).
With regards to APNonce, Apple conveniently gave us the com.apple.System.boot-nonce NVRAM property which we use to set the APNonce generator.