The race to hack the iPhone is on. Forum threads are buzzing with action, but so far the only achievements are the downloading of the iPhone firmware, and some sniffing of the traffic over the USB cable between iTunes and iPhone

The root password, and that of the default user, named "mobile" have also been cracked. That's significant as the root account gives access to the deepest levels of the operating system (it is also called the "superuser"), but there is no terminal access to enable a login yet.

So what are the immediate goals, and what will be the consequences for both Apple and AT&T?

Bypass activation. This is the big one. If achieved, it will open up the possibility of unlocking the SIM lock and also the Network lock (which ties the phone to a particular provider).

This wouldn't hurt Apple; it would just sell more phones, but AT&T makes its money from phone contracts. Allowing the iPhones to use other networks, or on no network at all, would undermine AT&T's exclusive deal with Apple.

For users, an unlocked phone would allow them to use the iPhone with Wi-Fi or as an advanced iPod: they would get everything but voice and data. The $600 price tag might be expensive for an 8GB iPod, but for an iPhone with WiFi, Mail, web browsing and Google Maps, it's not too bad.

Install Third Party Software.There were a lot of complaints when Steve Jobs revealed at Apple's WWDC programmers conference that there would be no software development kit (SDK) for the iPhone. This is understandable. You hardly ever see an SDK on a v1.0 product as the manufacturer wants room to tweak before opening up the platform. Open it too early and simple v1.1 fixes can break third party applications.

This won't stop hackers trying to install their won software. The iPhone runs full OS X, albeit stripped of the parts a phone doesn't need, like printer drivers. If hackers can gain access to the file system, they'll be able to install anything on there. Currently the file system is sandboxed, meaning the the iPhone offers little if any hooks for other programs, but like we say, it's OS X in there. It won't be long.

Consequences

Hackers are a curious bunch. They can't help but tinker.

Apple and AT&T have nothing to fear, and geeks might turn the iPhone into a hacker magnet, like the WRT54g wireless router from Linksys. Because Linksys built the router on open-source software, they were obliged to release details of it's inner goings on, and the router sold like hot cakes.

Below is a list of what we know about the state of the iPhone hacking world. Some of this information is from the forums and has not yet been corroborated.

The iPhone runs OS X, which means there is a UNIX layer under there, which means shell access should be possible.

The iPhone file system is sandboxed inside iTunes, which means that it should be impossible to load anything unauthorized onto the iPhone from there. Any hacks will have to go straight into the phone, However, the hacks might possibly be reset upon subsequent iTunes syncs.

The root password for all iPhones is now known (alpine). So is the password for the "mobile" user account (dottie).

A simple client application has already been written (Mac and Windows) which will print a listing of the sandboxed files in the iPhone. It should work without activating the phone first.

Once the iPhone has been activated (and only then), non AT&T iPhone SIM cards will not work. Various error messages are displayed.

BUT:

(Unconfirmed) Erica Sadun of TUAW claims that her iPhone will work as an iPod, with WiFi enabled (Safari and Mail work fine) when using an inactive SIM after activation with a on a pre-pay AT&T plan. It also works without a SIM.

This thread over at Hackint0sh details the root password crack.