Skip to main content

Jailbreak

See All Stories

Jailbreaking generally refers to the removal of iOS software restrictions on Apple devices by means of software exploits. Jailbreaking affords root access to the iOS file system, allowing users to install tweaks and utilities that provide extensive functionality to iOS.

Jailbreak tools vary from jailbreak to jailbreak. Some tools consist of tiny utilities that must be executed from a Mac or Windows machine, while other jailbreak methods can be executed right on device without needing to connect to a computer.

Jailbreaks have been released for all iOS hardware categories, including the iPhone, iPad, iPod touch, and Apple TV. The most recent Apple TV jailbreak, made available for the 4th generation Apple TV, required users to stay on an earlier version of tvOS. Of all iOS-related devices to date, only the third-generation Apple TV never saw a jailbreak during its lifetime.

Since jailbreaking takes advantage of security vulnerabilities, Apple works hard to patch these vulnerabilities. Once a vulnerability is patched, a new version of iOS is released and the signing window for previous susceptible versions are closed, making it impossible for users to upgrade or downgrade to the vulnerable version of iOS.

Cydia, a third-party app and tweak resource, is frequently mentioned in the same breath as jailbreaking, although it has nothing to do with the exploits responsible for the jailbreak itself. Cydia is by far the most popular way for jailbroken users to acquire apps and tweaks to modify their jailbroken devices.

The most recent jailbreak is from Chinese hacking team, Pangu. Pangu’s jailbreak works with iOS versions 9.3.3, 9.3.2, 9.3.1, 9.3, 9.2.1, and 9.2. The Pangu jailbreak is available for the iPhone, iPad, and iPod touch. At the moment, Pangu’s official iOS 9.3.3 jailbreak is Windows-only, and available in Chinese.

00

Review: Stride 2 jailbreak tweak brings a customizable gesture-based passcode to iOS 7 devices

If you’ve been around the jailbreak community for a while, it’s possible that you’re familiar with the popular iOS 5/6 gesture-based lock screen tweak Stride. This tweak worked as a lock screen passcode alternative and allowed users to set a custom gesture to unlock an iOS device.

Created by the popular tweak developer Adam Bell, Stride is making a comeback and is fully compatible with iOS 7 devices. This exciting release provides a very similar experience, but has been given a very clean makeover. This results in a beautiful native-like iOS 7 gesture-based lock screen and I just can’t get enough of it.


Expand
Expanding
Close

Site default logo image

Chinese iOS malware stealing Apple IDs and passwords from jailbroken devices

Security researcher Stefan Esser (via ArsTechnica) has discovered that an issue reported on Reddit as causing crashes on jailbroken iPhones and iPads is actually a piece of malware designed to capture Apple IDs and passwords from infected devices.

This malware appears to have Chinese origin and comes as a library called Unflod.dylib that hooks into all running processes of jailbroken iDevices and listens to outgoing SSL connections. From these connections it tries to steal the device’s Apple-ID and corresponding password and sends them in plaintext to servers with IP addresses in control of US hosting companies for apparently Chinese customers.

Early indications are that the source of the malware is likely to have been from a tweak downloaded from somewhere outside of Cydia. Esser has identified that the code only runs on 32-bit devices, meaning that the iPhone 5s, iPad Air and iPad mini with Retina display are safe, while other devices are vulnerable.

The blog post says that the malware is easy to check for, but may not be easy to remove. Using SSH/Terminal, check the path /Library/MobileSubstrate/DynamicLibraries/ for the presence of either Unflod.dylib or framework.dylib.

Currently the jailbreak community believes that deleting the Unflod.dylib/framework.dylib binary and changing the apple-id’s password afterwards is enough to recover from this attack. However it is still unknown how the dynamic library ends up on the device in the first place and therefore it is also unknown if it comes with additional malware gifts.

We therefore believe that the only safe way of removal is a full restore, which means the removal and loss of the jailbreak.

Cydia developer Jay Freeman, aka Saurik, pointed out on Reddit that adding random download URLs to Cydia is as risky as opening attachments received in spam emails.

Review: ProWidgets is the ultimate widget platform for jailbroken iOS devices

Site default logo image

ProWidgets is a brand new tweak for jailbroken iPhones and iPads that builds on the foundation of a previous tweak called Tap to Widgets (both by developer Alan Yip) to provide the most solid and complete widget platform on iOS. With nine built-in, fully-featured widgets and an architecture that allows third-party developers to add their own, ProWidgets is one of the best tweaks you can get right now.

Keep reading for a full breakdown of everything this tweak can do for you.


Expand
Expanding
Close

Site default logo image

Evad3rs team again addresses iOS 7 jailbreak concerns: no money exchanged, disappointed w/ cracked release

After much controversy surrounding the surprise release of a public iOS 7 jailbreak from well-known jailbreakers the evad3rs, the team has published another open letter to clear up some questions and concerns related to the release.

The biggest questions many are still asking are related to why and how the group made a deal with Taig, an app store of sorts that was installed on jailbroken devices in China, while not including an updated Cydia store in the release. While the group cleared up much of the situation in its first letter and removed Taig following piracy concerns, the latest letter addresses questions specifically regarding if any money was exchanged with Taig. It also expresses disappointment that the company released a cracked version of the jailbreak.

The full letter is below:

Privacy and Taig

First and foremost, and of utmost concern, is privacy. No one’s data was ever sent anywhere. Of course, as a member of the community whose work frees devices, it would be against everything we’ve worked for the last 7 years to jeopardize the security of the users of our software. To reiterate, no Taig software was installed unless the computer’s language was set to Chinese. Furthermore, no Taig software would run unless the user opened the Taig application.

After rumors abound of encrypted data being sent for users in China who’ve installed Taig, we decided to do what we do best – reverse engineer the code of Taig to understand what was being sent. Taig transmitted data similar to what Cydia transmits. Unique device identifiers were transmitted in encrypted form similar to how Cydia uses SSL to protect the privacy of its users. Taig did not transmit any private user data from the devices at all.

Piracy and Taig

Our written and verbal agreement with Taig banned it. They assured us it was not in there. We did not check every package in their store but a cursory examination before release found no problems. However, after investigation and after notification from the community, we found examples, including pirated tweaks, Apple App Store apps, and even pod2g’s PodDJ app. We dropped the ball on this. While we at first did not believe Taig purposefully violated our agreement, the depth of the transgression against the software developers and the jailbreak community cannot be overlooked and we could not move forward after that even if it were fixed. We terminated our relationship with them. We are very disappointed that they have decided to put up a cracked version of the jailbreak on their site that installs Taig. We did not give them any permission or source code.

We have refused all monies from Taig

There have been a lot of rumors listing various amounts we’ve been paid. We have received no monies from any group, including Taig. We will not be accepting any money. Our donations are being given to Public Knowledge, Electronic Frontier Foundation and Foundation for a Free Information Infrastructure to help protect jailbreaking as your legal right.

Jailbreak Updates

We are working hard to fix the problems with the jailbreak. Unfortunately, it’s the holidays and we would like to spend time with our friends and family. The events of the last couple of days have been extremely stressful for us and we need some time to recover. We will work as hard as we can to resolve any remaining issues. Thank you for your understanding.

We worked very hard to bring this jailbreak free of charge to the community. We hope you can all enjoy it.

evad3rs

Following evasi0n jailbreak release, A4 devices on iOS 6.1.5 also untethered via “p0sixspwn” Cydia package

Site default logo image

Yesterday the iOS jailbreaking community was caught off-guard by the sudden release of an updated evasi0n tool compatible with iOS 7. Now, users with an iPhone 4 or fourth-generation iPod touch on iOS 6.1.3 through 6.1.5—versions previously impervious to the iOS 6 jailbreak—can also get an untethered jailbreak for their devices. This is an especially welcome release for users of the fourth-gneration iPod touch and original iPad, both of which are incompatible with iOS 7.

As you can see from the directions, the actual jailbreaking part takes place in the existing redsn0w application, which has been used to jailbreak iOS 6 and other versions in the past. However, this part of the jailbreak is “tethered,” which means the user must connect to a computer and re-run the software in order to boot it or run many stock apps.

To achieve the “untethered” status and allow reboots with no need to connect to a Mac or PC, users can install a newly-released package from Cydia. The package, dubbed “p0sixspwn,” was created by iH8snowwinocm, and several other veteran jailbreak developers.


Expand
Expanding
Close

Site default logo image

iOS gaming news two-pack: Deus Ex disables shooting with jailbreak and Rovio Stars releases Tiny Thief

Today in iOS gaming news, Rovio’s publishing label, Rovio Stars, released their latest title on the App Store dubbed Tiny Thief. Following in the success of the publisher’s first title, Icebreaker: A Viking Voyage, which debuted on the App Store only a few weeks ago, Tiny Thief  puts players in control of a cartoon-styled thief with the ability to sneak and steal in order to solve a variety of puzzles and defeat enemies. Based on the promotional video, it appears players can interact with the game’s background in order to solve unique, location-based missions throughout the side-scrolling adventure. We haven’t gotten our hands on it just yet, but you can download the universal title from the App Store for $2.99.

In other news, we reported earlier that Deus Ex: The Fall, a new story set in the world of Square Enix’s popular PC game Deus Ex: Human Revolution, would hit the iOS App Store today for $6.99.

It appears that after the game was released to the public this afternoon, many players are having trouble running the game on a jailbroken device. Kotaku reports that playing the game on either a jailbroken iPhone or iPad will block the ability for players to use the game’s trigger functionality, one of the most crucial controls of the game.

“Encountered by Redditor KipEnyan and verified by several user reviews in the app store, jailbroken players starting up the first mobile installment of the Deus Ex series are treated to a few cutscenes and a movement tutorial before running into the message above. It comes up during the game’s shooting tutorial, and while one would assume players could still stealth through the game, I’m not sure they can progress beyond that point without tranquilizing those guards.”

While the move may have been the developer’s only option to combat piracy on iOS devices, it probably would’ve been best to give mention of the restriction in the app’s description on the App Store so that players would be informed of the measure before purchase.

There is a way to get around the jailbreak detection, though. A free tweak available in Cydia called xCon is designed to cut off apps’ ability to determine if a phone has been jailbroken. Installing xCon will let you use the app that you paid for with no ridiculous restrictions while maintaining all of the customization options of a jailbroken device.

Hack brings Russian subscription TV service ‘UnliMovie.tv’ to Apple TV, no jailbreak required

Site default logo image

Russian blog iGuides.ru points us to a new hack for Apple TV users that brings Russian subscription TV & movie service Unlimovie.tv to the device with no jailbreak required. The service, which is currently in beta, requires users to manually change the DNS on their device (easily accessible from within Settings) in order to access its digital TV service directly through Apple’s own Trailers app.

It isn’t the first hack of its kind: Just a couple weeks back, one of our favorite media servers, Plex, arrived on Apple TV without a jailbreak through what appeared to be a similar hack of the stock Trailers app.

The Unlimovie.tv service is currently in beta, allowing users to access a number of Russian digital TV channels for free, but the creators plan to officially launch the service in September through its paid subscriptions. That is, of course, if Apple doesn’t put an end to it in the meantime.
Expand
Expanding
Close

Developer hacks iOS to route notifications through Google Glass (video)

Site default logo image

An iMessage notification sent to Glass

Adam Bell (@b3ll), a well-known developer for many software platforms, has figured out a way to route all notifications from an iOS device through Google Glass. The implementation, even in its early stage, seems to work quite well. Bell notes that all notifications, such as iMessages and Tweets automatically are shown via the Google Glass interface. Video and more details below:


Expand
Expanding
Close

Hackers release modified T-Mobile carrier update file to amplify iPhone 5 cellular speeds (jailbreak unnecessary)

Site default logo image

Just prior to the official launch of the iPhone, T-Mobile issued a carrier update to enable LTE, improve battery performance and add Visual Voicemail support .  The only problem is that some users were reporting slower speeds after the update.  TmoNews reports that two well known cellular programmers, @joe012594 & @cooldayr2, have successfully modified the carrier update to “increase the amount of bandwidth allowing for better throughput of data and data connection.”  That means you should be able to download apps quicker, browse the web faster and have a better overall experience on your T-Mobile iPhone after applying the patched carrier update.

Before and after speed comparison (via TmoNews):

The update does not require your iPhone to be jailbroken, preface by the coders and instructions for the hack are below.  As always, please be sure to do a full backup of your iPhone prior to modding it in any way.

Expand
Expanding
Close

Site default logo image

MiniPlayer jailbreak tweak updated with brand-new design

Fans of the iTunes 11 mini-player will be excited for the newest version of the jailbreak tweak MiniPlayer. The 2.0 update brings a newly-redesigned interface that better matches the iTunes version, as well as the ability to dock it on either side of the screen. The docked player can be moved up or down the screen as needed to keep it out of the way of whatever app you’re using.

MiniPlayer has a few settings that allow you to hide it on the lockscreen, whenenver the music is paused, or by triggering an Activator action. Tapping the album artwork brings up whichever app is currently playing music (it works with any background audio app), and tapping the metadata of the song brings up playback controls.

MiniPlayer 2.0 is a free update for existing users, or a $1.99 purchase for new users on the BigBoss repo.

Message Box brings systemwide Facebook Chat Heads to iOS [jailbreak]

Site default logo image

Jailbreak developer Adam Bell has just published a new tweak that allows Facebook users to access their Chat Heads from anywhere. The tweak is called Message Box and it works remarkably well. It’s not 100% perfect yet, but it functions well enough to use full time without much of an issue.

Keep reading for more info on the tweak, including where you can get it before it hits Cydia.


Expand
Expanding
Close

Atom for jailbroken iPhones is a welcome lockscreen overhaul

Site default logo image

The iPhone lockscreen hasn’t changed much in the past six versions of iOS, with the exception of the addition of a camera slider. Atom is a new jailbreak tweak that seeks to completely redesign the lockscreen and add new functionality, and it does not disappoint.

Keep reading to find out how Atom can make your lockscreen even more useful.


Expand
Expanding
Close

Review + Giveaway: Abstergo jailbreak tweak finally fixes iOS notifications

Site default logo image

When Apple introduced Notification Center in iOS 5, they changed the way most people manage notification on their iOS devices. For the most part, they were right. Unfortunately, Notification Center introduced its own deficiencies and now people are looking for changes once again.

Today, change has finally come in the form of a jailbreak tweak called Abstergo, and we’ve got five free copies for our readers. Keep reading for a full breakdown of the tweak and more information about how you can win a copy.


Expand
Expanding
Close

Site default logo image

Another impressive lock screen mod shows how much innovation is possible from Apple in iOS 7

We recently showed you some of the possible innovative and or highly requested new features Apple could add in the next version of iOS. It’s unclear whether Jony Ive’s new software design responsibilities will lead to a radically new design for iOS 7, but many features of iOS are becoming more and more outdated with every slick new jailbreak tweak that gets released. One example is the lock screen—something that new jailbreak tweak Peekly aims to revamp.

Peekly brings weather, a selection of clocks, and a 3-month calendar in a two-page theme that reimagines the lock screen:

Peekly is a 2 page lockscreen theme for iOS. On the first page, you get the time and date. Currently you can choose between the default clock, a digital clock or no clock/date at all. More clocks coming soon! Dragging your lockscreen to the right will allow you to “Peek” at a 3 month calendar. This is the default peek. You can currently choose to put in a Twitter feed, yourGoogle Calendar events or an RSS feed. More options will be added soon. Swiping the lockscreen to the left will bring you to page 2, which has today’s weather. “Peeking” to the left on this page will show you a 4 day forecast.

Site default logo image

Evasi0n jailbreak 1.4 coming later today with official support for iOS 6.1.2 (Updated)

[tweet https://twitter.com/planetbeing/status/303966541618233344]

Apple released iOS 6.1.2 earlier today with a fix for the Microsoft Exchange calendar bug that we have covered several times. If you were wondering whether the update would play nice with the latest evasi0n jailbreak, team member Planetbeing just provided an update via Twitter. While noting that not all devices other than iPad mini Wi-Fi-only and iPhone 5 have not been tested, he later tweeted that version 1.4 of the evasi0n jailbreak tool will be released today with support for iOS 6.1.2:

We’ll update you when 1.4 is released. The update will be available through the evasi0n website.

Update: The download is now live.

[tweet https://twitter.com/evad3rs/status/303996839198334977]

Site default logo image

evasi0n Jailbreakers reveal the incredibly complicated methods they used to Jailbreak every Apple iOS device

Forbes posted an article on Tuesday that gave some updates on the highly successful launch of the evasi0n jailbreak tool straight from its creators. After having officially released the jailbreak yesterday at noon, according to stats from Cydia’s Jay Freeman, around 1.7 million people have decided to jailbreak their iOS device. Perhaps more interesting is a description of how exactly the four members of the evad3rds team were able to get the job done. Team member David Wang, aka @planetbeing, walked through the process with Forbes:

Evasi0n alters the socket that allows programs to communicate with a program called Launch Daemon, abbreviated launchd, a master process that loads first whenever an iOS device boots up and can launch applications that require “root” privileges, a step beyond the control of the OS than users are granted by default. That means that whenever an iPhone or iPad’s mobile backup runs, it automatically grants all programs access to the time zone file and, thanks to the symbolic link trick, access to launchd.

Wang described the entire process from finding the initial exploit in the iOS mobile backup system to accessing Launch Daemon and getting around code signing and restrictions at the kernel layer:

Once it’s beaten ASLR, the jailbreak uses one final bug in iOS’s USB interface that passes an address in the kernel’s memory to a program and “naively expects the user to pass it back unmolested,” according to Wang. That allows evasi0n to write to any part of the kernel it wants. The first place it writes is to the part of the kernel that restricts changes to its code–the hacker equivalent of wishing for more wishes.  ”Once you get into the kernel, no security matters any more,” says Wang. “Then we win.”

Go to Forbes to read Wang’s entire step-by-step description of the jailbreak process for evasi0n.

Here’s another third-party analysis. The verdict is the same: incredible work.

Site default logo image

Evasi0n: First untethered iPhone 5 jailbreak to be released Sunday; all other iOS 6.1 devices too

Update: It appears that the developers are planning a Monday release because testing took a little longer than previously thought.

.

With each new release of an iPhone, jailbreaking becomes just one step more difficult. Throw in constant OS updates, and it’s amazing the hacker community is able to jailbreak it at all. So, it’s no surprise it has taken more than four months for an official jailbreak to be released for the iPhone 5.

On Sunday, that may change. A group of jailbreakers, known as the Evad3rs, plan to release its jailbreak tool: Evasi0n. The website, which claimed the team is “Processing the GUI”, has a very clean and simple layout. If all goes as planned and Evasi0n is released on Sunday, it very well may be the easiest jailbreak tool since JailBreakMe.

Evasi0n is an iOS 6.1 jailbreak said to support the iPhone 5, 4S, 4, 3GS, fourth- and fifth-generation iPod Touch, as well as the iPad mini and third- and fourth-generation iPad. Oh, and it is legal after all.


Expand
Expanding
Close

Jailbreak tweak augments Siri with Google Voice Search (Video)

Site default logo image

[youtube=http://www.youtube.com/watch?feature=player_embedded&v=e54gK0UpAxs#!]

The Google Now-like voice recognition features introduced to the Google Search for iOS app last month have been getting a lot of attention. Maps might not be the only area Apple cannot compete with Google. As highlighted in a video comparison we posted earlier this week, Google’s voice search feature has Siri beat. And many users are taking note. Today, AppAdvice pointed us to a new Jailbreak tweak called “NowNow” that allows you to call up Google voice search (from within the Google Search iOS app) by holding down the Home button—just like Siri. It appears you can also select alternate methods to invoke the feature, so you should be able to continue to use both if want. The tweak is available via the BigBoss repository now for free.


Expand
Expanding
Close

Developer gets iOS 6 Maps with Flyovers and turn-by-turn running on iPhone 4

Site default logo image

[youtube=http://www.youtube.com/watch?v=XArIjKcSMZg&feature=player_embedded]

With the introduction of iOS 6 this fall, many iOS users will be left out on some of the new operating system’s flagship features. We already covered Apple’s official list of compatibility for iOS 6 features, and by far one of the most disappointing for iPhone 4 users was the news that they would not have access to the Flyover and turn-by-turn navigation features in Apple’s new in-house Maps app. Today, we have news from Russian website iGuides (via SlashGear) that iOS developer Anton Titkov found a way to get Apple’s new 3D maps up and running on the iPhone 4:

After yesterday’s release of jailbreak iOS 6 developer, well known to all users iGuides Anton Titkov (iTony) decided to dig a little bit in the new firmware, and became the first man in the world, who managed to get working 3D card on the iPhone 4. New tweak from Anton Titkova called 3DEnabler , and at the moment we can confidently say that it adds support for 3D cards on the “old” devices, but it is possible that the “unavailable” Turn-by-turn navigation will be defeated by our talented developer.

iGuides offers instructions for the hack on its website, while another video of 3DEnabler running on iPhone 4 is below:

Expand
Expanding
Close

Site default logo image

How to run Absinthe 2.0 jailbreak on 10.8

[slideshow]

The iOS 5.1.1 untethered Absinthe 2.0 jailbreak unveiled in Amsterdam this morning and is available for download. For those who want to run Absinthe 2.0 on OS X 10.8 Mountain Lion, or for those having trouble with the jailbreak, just browse the slideshow and steps above. It is literally as easy as 1, 2, and 3.

Note: A jailbroken iPhone simply means it is freed from the limitations imposed by Apple for safety measures.

[tweet https://twitter.com/stroughtonsmith/status/206019793688604672]

Thanks, Preston!


Expand
Expanding
Close

Site default logo image

iOS 5.1.1 untethered Absinthe 2.0 jailbreak to be released in the coming days

Ever since the release of iOS 5.1.1, many in the jailbreak community have anxiously waited for the destined release of an untethered jailbreak for the new software. Non other than the prolific pod2g has worked tirelessly to comfort those in need. According to pod2g, the release of the untethered jailbreak does not appear to be that far off — coming this week.

Tethered jailbreaks are available for iOS 5.1.1; however, an untethered jailbreak is much better. It allows users to turn on and off their device without losing a beloved jailbreak.


Expand
Expanding
Close

New iPad jailbroken within hours

Site default logo image

That did not take long. Just hours after today’s launch of the new iPad, jailbreaker MuscleNerd posted (via iFans) screenshots of what he claimed is a jailbroken third-generation iPad. Do not get too excited, because MuscleNerd warned there is “still lots of work to do.” Therefore, the jailbreak is far from prime time. There is “No ETA,” but he provided screenshots of Cydia running for further proof that it is on the way. We will keep you updated as progress is made.

Over on the Dev-Team Blog, a new post noted: “It’s impossible to predict how or when these things turn out,” but the team also highlighted the progress made so far with iOS 5.1, as well as the possibility of jailbreaking the new iPad.

Go past the break for the full breakdown.


Expand
Expanding
Close

Dev-Team: tethered jailbreak for iOS 5.1 with redsn0w ready

Site default logo image

Of course, just like the rest of us, the Dev Team was waiting-by during yesterday’s event to give us an update on the jailbreaking situation following any announcements. Very briefly during the event, Apple told us iOS 5.1 would begin rolling out. The major takeaway of the announcement was Siri support for Japanese users. Over on the Dev-Team Blog, the team outlined everything you need to know about jailbreaking and updating to iOS 5.1. They also confirmed redsn0w is capable of a tethered jailbreak for non-A5 devices. Here is what you need to know:

Expand
Expanding
Close

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications