Just watch out if your computer dies and you have no way to start iTunes and click "Deactivate". 5 dead computers later and all your purchases are history.
... except for the part where you can fire up iTunes on your new computer, sign into your account without activating, and click "Deauthorize All Computers" and then activate your new computer(s).
The people who use them are generally people who thought the "locked-down" out-of-the-box experience was worth the money they paid, and who find it fun to push it a bit further with a jailbreak.
"The jailbreaker who despises the restrictions imposed by the manufacturer" is a straw man. I'm sure you can find a counterexample (or at least, someone trying to be contrary) if you try hard enough, but in general, "jailbreakers" come in all of these categories but one:
As with the AdMob survey numbers based on web browsing hits this survey is suspicious.
Looking through my web server logs the only smartphone browser hits I get are from iPhone clients...
"Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543a Safari/419.3"
Amazon runs their EC2 cloud computing cluster off iPhones? Something really fishy is going on here.
Yeah, 1A543a is a really really old version of the software (over 2 years old -- it's what the first iPhone launched with). If that's representative of what most of the transactions look like, they're probably bogus.
Googling for these mysterious keys turned up nothing.
Is Apple lying to the court?
You're just looking in the wrong places. There are two 128-bit constants stored in the System Management Controller chip (alongside fan speeds and temperature info) in the keys "OSK0" and "OSK1"; the first time someone accidentally dumped these seems to have been in this forum post. The scheme is documented a bit further in a couple of artictles: "TPM DRM" In Mac OS X: A Myth That Won't Die and Darwin/x86: Mac OS X Binary Protection. I'll leave it to you to manually decode the keys into ASCII, but will point out that they are normally retrieved from the hardware by a kext called "Dont Steal Mac OS X.kext". The reason your "special bootloader" works on vanilla hardware is that it replaces that kext with a version that contains the keys hardcoded into it; it will never install on any machine without replacing or patching that kext, EFI or not. (All of the bootloaders that can use unmodified installation media patch or inject this kext before passing control to the loaded XNU kernel.)
If you've gotten to the point where you're patching that kext, there's not much else that can be done to stop you, which is why they gave the kext its name and included the following plain-text string in the binary:
Your karma check for today:
There once was was a user that whined
his existing OS was so blind,
he'd do better to pirate
an OS that ran great
but found his hardware declined.
Please don't steal Mac OS!
Really, that's way uncool.
(C) Apple Computer, Inc.
A major complication is the fact that today's PDA phones are basically cellular winmodems. [...] In contrast, the humble i300 was literally a cell phone radio bolted to a PalmOS PDA, connected by LITERALLY a serial port.
[...]As I understand it, a phone running Android (or Windows Mobile, for that matter) is kind of like a PC running Linux under VMware under Windows (or vice-versa).
This is not true, at least not in the case of the iPhone (which has an Infineon baseband processor connected to a Samsung "Applications Processor" by "LITERALLY a serial port") or the Palm Pre (Qualcomm baseband, TI OMAP AP).
Qualcomm's product info page for the MSM7201 processor used in the HTC Hero says that it includes "Integrated ARM11 applications processor and ARM9 modem, QDSP4000 and QDSP5000 high-performance digital signal processors (DSP)". It would seem likely that the ARM9 core (in combination with one or both of the DSPs) does all of the modem work; I see no reason to suspect that the ARM11 ever "steals cycles from cpu #1".
In some circumstances, even the exact set of commands used by the programmer is deemed functional rather than creative for purposes of copyright. "[W]hen specific instructions, even though previously copyrighted, are the only and essential means of accomplishing a given task, their later use by another will not amount to infringement."
[...]
Sega's trademark security system (TMSS) initialization code not only enables video game programs to operate on the Genesis III console, but also prompts a screen display of the SEGA trademark and message. As a result, Accolade's inclusion of the TMSS initialization code in its video game programs has an effect ultimately beneficial neither to Sega nor to Accolade. A Genesis III owner who purchases a video game made by Accolade sees Sega's trademark associated with Accolade's product each time he inserts the game cartridge into the console. Sega claims that Accolade's inclusion of the TMSS initialization code in its games constitutes trademark infringement and false designation of origin in violation of [...] the Lanham Trademark Act. Accolade counterclaims that Sega's use of the TMSS to prompt a screen display of its trademark constitutes false designation of origin under Lanham Act section 43(a), 15 U.S.C. Section 1125(a). Because the TMSS has the effect of regulating access to the Genesis III console, and because there is no indication in the record of any public or industry awareness of any feasible alternate method of gaining access to the Genesis III, we hold that Sega is primarily responsible for any resultant confusion. Thus, it has not demonstrated a likelihood of success on the merits of its Lanham Act claims.
This legal issue was later revisited in a slightly different form (with mixed results) in Lexmark V. Static Control Components -- however, in that case, there was a lot more code involved than the boot ROM we're talking about here, so much more room for claims of expressive code.
"You shouldn't make my toaster angry." -- Household security explained in "Johnny Quest"