Exactly. It would keep all the modern ui fans happy with a locked down desktop, and allow the rest of us an official way to do more without having to fight Microsoft's attempts to keep it locked.
Windows RT 8.1 anti-jailbreak differences
- Thread starter Myriachan
- Start date
Exactly. It would keep all the modern ui fans happy with a locked down desktop, and allow the rest of us an official way to do more without having to fight Microsoft's attempts to keep it locked.
V
Vistaus
Guest
And not so much Google with Android. Palm (and on HP still there) with webOS, Nokia with MeeGo, Mozilla with FirefoxOS... (and Symbian could install apps without developer mode) And probably others.
I totally agree that MS needs to give us this option for WinRT 8.1
It won't be far off. Look at WP8. They are adding developer goodness (access to preview)
I hope this to happen once WP merges with RT
This won't happen. If anything, they're going to completely remove the desktop from the RT line. Look how they removed the desktop icon from machines that came with RT 8.1...
Thanks, starting to understand the problem now.
So I'm guessing we can't just patch ci.dll to trust any old OID we like. Or could we ? Any reason not to jump the CipMinCrypt* call and return STATUS_SUCCESS without actually running it.
EDIT:
Last edited:
You can't get a modified ci.dll to load, the kernel (which is checked by the UEFI) checks it before it loads.
V
Vistaus
Guest
I dunno what device you're using but when I received my Surface 2 after pre-ordering it I got the desktop icon on my Start screen...
G
GuestX0011
Guest
When i got mine from retail i had to add it to my start screen to get into desktop modw.
Sent from my LG-LS970 using Tapatalk
Sent from my LG-LS970 using Tapatalk
Okay so ive been reading all through the forums as I picked up an RT on black friday for a good deal. One thing I was curious about. Since 8.1 is released and final now is this twitter link https://twitter.com/Myriachan/statuses/365350790803619840 no longer valid? Or is there still actually an avenue actively being per sued?
Think of it like a race.
The next jailbreak is fair-game until Myriachan releases one publicly. Maybe some unknown dev will post one before then.
In my experience the public will adopt the first working "released" jailbreak, regardless of whom or when it was developed. The second guy to jailbreak Windows RT 8.1 never get's an Ed Bott article.
Just saying.
The next jailbreak is fair-game until Myriachan releases one publicly. Maybe some unknown dev will post one before then.
In my experience the public will adopt the first working "released" jailbreak, regardless of whom or when it was developed. The second guy to jailbreak Windows RT 8.1 never get's an Ed Bott article.
Just saying.
The surface pro is windows 8/8.1 not windows RT so why you are even referring to the pro at all is beyond me.
Is anyone else working on this?
I dimly remember some other devs working on this before abandoning their efforts due to OP claiming to come out with a fix "soon" ... this obviously was all just a load of BS, so I thought it might be a good idea to circle back to some of the other devs ...
I dimly remember some other devs working on this before abandoning their efforts due to OP claiming to come out with a fix "soon" ... this obviously was all just a load of BS, so I thought it might be a good idea to circle back to some of the other devs ...
Disappointing no 8.1 jailbreak yet. Maybe I should see what I can get for selling the device. Or tackle reinstalling 8.0 I suppose.
Sell more likely.
Would have thought the cheap RTs would entice more devs ... guess I was wrong
Chromebook was my best bet.. Installed Ubuntu on it and working smoothly
Also check Myrias twitter.. Lots of updates on there about the jailbreak..
Chromebook was my best bet.. Installed Ubuntu on it and working smoothly
Besides her cat, I can't see anything useful for our purposes from a while in Myrias tweets.
Ya i think jailbreack stoped in the time
Sent from my GT-I9000 using xda app-developers app
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
11It looks like they locked out the jailbreak from 8.1 by invalidating all old signatures. Windows RT 8.1's ci.dll does not trust the "1.3.6.1.4.1.311.10.3.6" OID in certificates anymore, only a new "1.3.6.1.4.1.311.10.3.21" OID. Both are required now. How it works is, if a certain configuration bit is not set in the call to CipMinCryptToSigningLevel, attempting to load an executable with a *10.3.6 OID on the certificate but not a *10.3.21, CipMinCryptToSigningLevel will explicitly fail with STATUS_INVALID_IMAGE_HASH--it won't even bother to consider it a 0 signing level.
I bet that this time, they will not give device manufacturers anything but executables that require booting Windows in test mode, something only Microsoft and device manufacturers can accomplish due to Secure Boot.
Microsoft Office's executables are signed with both the 2010 and 2011 keys, presumably so that it can run on both 8.0 and 8.1.
Visual Studio 2012's remote debugger doesn't work anymore, either. I bet that they're working on further locking down the remote debugger to avoid letting us use it to jailbreak.
The only good news I see is that NtUserSetInformationThread sub 7--the kernel exploit--has not been fixed.7Some good news:
There is a method of booting with any unsigned EFI file (for example Linux GRUB) on Asus VivoTab devices with the recent firmware.
This also allows loading a "cracked" bootmgfw.efi that does not check for signatures of Windows kernel modules, and after patching the ci.dll - you'll be able to run any app or load any unsigned driver (even the boot-mode driver, unlike the 8.0 jailbreak).
The limitations of my method:
- It works only on Asus VivoTab RT tablets. Surface is not supported due to differences in UEFI firmware modules.
- Bitlocker should be disabled (manage-bde.exe -protectors -disable c: )
- There would be a line stating that secureboot is incorrectly set up, you can see it in the lower-right corner of the screenshot.
- The most inconvenient thing: it requires a FAT32-formatted USB stick with a "hack" file to be inserted on boot.
And, obviously, the "hole" could be closed by Asus in one of the next firmware updates. So Windows Update should be switched to manual mode (8.1 allows to select this from GUI).
So this should be considered as a temporary method until something universal would be found. But it can be used to start developing Linux (or android) for Tegra3.
I'll publish the instructions after 8.1 would be released.3Is anyone else working on this?
I dimly remember some other devs working on this before abandoning their efforts due to OP claiming to come out with a fix "soon" ... this obviously was all just a load of BS, so I thought it might be a good idea to circle back to some of the other devs ...3I upgraded foolishly thinking that there would be a way to jailbreak. Luckily, I was able to downgrade back to RT 8.0. I use my Surface RT as a second screen to my laptop on the road so I NEED Synergy. I also use SumatraPDF as my default PDF reader because the Windows Store readers are terrible. Microsoft just doesn't get it. I understand it is a security hole and must be fixed but at least provide a "DEVELOPER OPTION" that allows you to run applications in desktop mode that are unsigned. If you enable "DEVELOPER OPTION" a warning box comes up with disclaimers, etc. Google figured this out with Android. Why does Microsoft have to be so dense.3
Sadly, no, for two reasons. The first is that Windows RT's enforcement of what is allowed to run is enforced by the same kernel driver that enforces what kernel drivers can run, ci.dll. ci.dll has a hard-coded list of certificates that it trusts and there is no way to add additional certificates.
The second is that the certificates aren't really the problem - the object identifiers (OIDs) are. Windows 8.1 didn't invalidate the 8.0 certificates in the ordinary certificate revocation sense; rather, they changed ci.dll to require that a new OID be present in any signature for it to be trusted in 8.1. None of the 8.0 signatures have this OID.
Windows Apps seem to use a different signature system overall. Unsigned Apps can be used if you have a developer certificate, and Apps installed by 8.0 are still valid in 8.1. Similarly, there is something special going on for sideloading. I don't personally know how any of that works, but I do know that sideloading isn't useful, because the privilege level of Apps is too low to be useful for much of anything.
By the way, progress on breaking 8.1:
https://twitter.com/Myriachan/statuses/365350790803619840
New posts
-
Question Do you still need a screen protector, is the 12 a scratch magnet?
- Latest: RussianBear
-
