Talk:SHSH

iOS 4.2 SHSH for Apple TV
As I see iOS 4.2 for Apple TV is still signed. I could save the SHSH of my new Apple TV 2G and I can restore it without any SHSH blobs from Saurik or TinyUmbrella to iOS 4.2.
 * Puzzling, maybe they are still signed, but Apple doesn't require them for restore... --5urd 23:18, 7 January 2011 (UTC)

3.1.x for iPod touch 2G
I need someone with an iPod touch 2G (old bootrom) to verify this... I believe Apple actually introduced soft SHSH checks with iOS 3.1.1 for the iPod touch 2G. Further evidence includes my inability to restore to iOS 3.1.1 and 3.1.2 (unless I use SHSHs that I apparently saved, or a custom IPSW), and iTunes says it will verify the restore with Apple. I know that Apple was still signing iOS 3.1.1 and 3.1.2 when they released iOS 3.1.3, though. Is anyone able to back up my info? Do not respond with "No, Apple introduced the SHSH check with 4.0" unless you have tested this yourself. -- Dialexio 01:55, 14 February 2011 (UTC)
 * I had thought there was something weird going on with this. I was guessing that iTunes phone'd home to Apple to see if the firmware was acceptable/current/safe before restoring it [provided the IPSW has the right tags to indicate it is a production firmware]. I think, but it is probably wrong, that when you point the your hosts file to Saurik he mimicks the response that the firmware is acceptable but does not actually give hashes for it. On the other hand I'm probably totally wrong because I remember tinyumbrella let you save hashes for 3.1.x. Iemit737 00:46, 15 February 2011 (UTC)

Error 3194 on iPod Touch 2G
I am unable to get hashes for my friend's MC iPod Touch 2G. iTunes simply will not issue them. I have tried restore and I keep getting error 3194, any suggestions? Revolution 03:27, 26 May 2011 (UTC)
 * I thought it is clearly mentioned in the article that the ipt2g does not use SHSH blobs. This means you can install any possible iOS version. Error 3194 usually indicates missing SHSH, but could also be something else. This wiki cannot support user problems. Anyway: I would suggest to check if hosts file is clean, iTunes is newest version and iOS version is supported on device. Contact me on Twitter or ask jailbreakqa site for help if this doesn't solve your problem. --http 06:41, 26 May 2011 (UTC)

iOS 5+
Does it make sense to continue this list beyond iOS 4.x? Since 5.0 nonces are used, so the replay attack doesn't work anymore anyway. So why list the signing periods? We already have the release dates. -- http 00:52, 25 October 2011 (MDT)
 * I think it's still good to show if 5.0 is still being signed or not; Apple might wind up taking a few days to stop signing it. -- Dialexio 10:57, 25 October 2011 (MDT)
 * I think we should keep it. --5urd 13:59, 26 October 2011 (MDT)

Something totally different related to iOS 5+: Ok, nonces are used and we can't use the replay attack anymore. But why? If I understood that correctly, then the nonce is created in the bootrom. Then it goes all the way up into kernel, iTunes, Apple Server, signed SHSH and during the restore it will get compared again by the bootrom. If it doesn't match, no restore will be possible. If this is not in the bootrom, then we could simply patch it out by pwning the device. And as we have a bootrom exploit for all devices except the iPhone 4S and the iPad 2, we could even patch out this check - and even remove the requirement for valid SHSH at all. But why does this not work? Just not implemented yet? Or is the limerain exploit at such a stage where it's too late for patching this check? But at least we could patch the SHSH comparison if it would be in the kernel/iBoot/any later stage (with the nonce) and restore old 5.x versions with saved SHSH + known nonce. Any insider can clarify that? -- http 14:39, 26 October 2011 (MDT)

Switch timeline list to reverse chronological order?
I believe that most of the time when people look at this page, the information that they're interested in is the signing status of the latest iOS versions. To help them find what they're looking for more quickly, it seems to make sense to change this list to sort in reverse chronological order instead of chronological. What do people think? Britta (talk) 14:48, 21 November 2014 (UTC)
 * Agreed. --5urd (talk) 21:02, 21 November 2014 (UTC)

Apple Watch
So, the watch has been out for some time now. I assume it uses SHSH, but, according to ipsw.me, there is no signing status for OTA updates. Additionally, I'd like to know if the Apple Watch uses 1) blobs, 2) APTickets, or 3) both.

--Citrusui (talk) 18:23, 16 August 2015 (UTC)