Over the past few weeks, the entire jailbreak community has watched pod2g work diligently on the iOS 5 untethered jailbreak. All eyes have been on the infamous hacker as he has tested his exploit on device after device running iOS 5.0.1.
Tonight, it appears that all of his hard work has paid off. After waiting more than 2 months for an untethered iOS 5 jailbreak, it’s finally here. You can now completely jailbreak any A4 device running iOS 5.0.1.
The untether is for A4 devices on iOS 5.0.1 only, including the iPhone 3GS, iPhone 4, iPhone 4 CDMA, iPad 1, iPod touch 3G, and iPod touch 4G.
The untether release was a team effort. While pod2g is responsible for most of the leg work, both the Chronic and iPhone Dev teams have released jailbreaks based on his findings. Here’s everything you need to know:
The Dev Team has embedded the new untethered jailbreak into RedSn0w 0.9.10. The Chronic Dev Team has packaged the untether up in a Cydia app called Corona Untether 5.0.1 for those that are already on a tethered iOS 5.0.1 jailbreak.
Those that are already jailbroken are encouraged to download the Cydia package. It’s called Corona 5.0.1 Untether, and you should have no problem locating it. This is by far the easiest way to get an untethered jailbreak on your device. We’ve tested it on an iPhone 4 and can confirm that it works like a charm.
For those who aren’t currently jailbroken, you’ll have to use RedSn0w to do a full jailbreak. You can download RedSn0w here. As always, we will post a step-by-step tutorial on how to jailbreak using these programs as soon as possible.
- Folks that depend on an unlock should use the Custom IPSW option found in RedSn0w (under “Extras”) before moving forward with the jailbreak.
- There is still no jailbreak available for A5 devices, but it’s being worked on.
- This does not work for iOS 5. You will have to update to iOS 5.0.1 for this to work properly. p0sixninja says they’re still working out bugs with the iOS 5 untether.
- To learn more on how to apply the untether, see our Corona Untether 5.0.1 guide
- For jailbreak instructions, see our RedSn0w 0.9.10 tutorial
Oh, and one more thing. pod2g has put a lot of work into something he just gave away to the jailbreak community for free. If you happen to run into him on Twitter, feel free to show him some love.
Chronic Dev TeamCoronaDevTeamiOS 5iOS 5.0.1iPadiPhoneSours: https://www.idownloadblog.com/2011/12/27/ios-5-untethered-jailbreak/
Jailbreaking an iPhone allows users to gain root access to the device, as well as to install unauthorized applications. You might not know that Apple has a stringent App Store policy, and that it routinely rejects apps for a number of reasons, including smuttiness and other “content issues.” Jailbreaking your iPhone will let you download unauthorized content from Cydia, which is the jailbroken equivalent of the App Store (don’t worry–you’ll still be able to use the real App Store).
For the first time, users do not need to manually supply their device’s IPSW file. What this means for you is that the new Redsn0w jailbreak is extremely quick and easy to perform on any iOS 5 device (minus the iPad 2 and the iPhone 4S). The Dev-Team is working on an untethered jailbreak, but for now the tethered version is all that’s available.
Can I Jailbreak My iOS Device?
Currently this jailbreak works only with the following devices (all must be running iOS 5):
At the moment no jailbreak is available for the iPad 2 running iOS 5, or the new iPhone 4S.
The Risks of Jailbreaking
This jailbreak is currently incompatible with phones that have unlockable basebands. Do not try this if your phone has an unlockable baseband (and you want to keep it that way). Your baseband is unlockable/unlocked if you can use it on any (GSM, or SIM-card-using) network. You do not want to use this method if you either purchased an unlocked iPhone from Apple or unlocked your iPhone using a tool such as Ultrasn0w.
This is a tethered jailbreak, which means that each time you reboot your iOS device, you’ll need to have it connected to a computer running Redsn0w, the jailbreak program. Basically, you won’t be able to reboot the device if you’re not close to your computer, so keep that in mind.
Before you do anything (even update to iOS 5), be sure to back up your device. How you back up depends on what type of data you have on your phone; I had a lot of photos, for instance, so I used Image Capture on my Mac to save all of my pictures to my computer.
When you jailbreak your iOS device, you risk turning your new toy into a paperweight–and if you accidentally brick your iDevice, Apple probably won’t help you out. I’ve never had any problems with jailbreaking, but that doesn’t mean you won’t, so proceed cautiously.
How to Jailbreak an iOS Device Running iOS 5
Step 1: Install iOS 5
To perform this jailbreak, your device must be running iOS 5. To get iOS 5, plug your device into your computer and open iTunes. Find the device and select Update. Your music, apps, and data may be erased from your device, but you can update to iOS 5 without losing your data if you prepare properly.
Step 2: Download Redsn0w
To jailbreak your iOS 5 device, you’ll be using the Redsn0w jailbreak tool from the iPhone Dev-Team. Download either Redsn0w 0.9.9b6 for Windows or Redsn0w 0.9.9b6 for Mac.
Step 3: Open Redsn0w, and Jailbreak
Double-cliick on Redsn0w to open it. A window will show two options: Jailbreak and Extras. Choose Jailbreak.
Make sure your device is plugged in, and turn it off (if it isn’t plugged in, plug it in first and then turn it off).
Then, click the Next button. Be ready, as you’ll be prompted to hold down a series of buttons quickly in order to enter Device Firmware Update (DFU) mode. Redsn0w will walk you through this, but just so you’re prepared, the series is as follows:
1. Hold down the Power (upper-right) button for approximately 5 seconds.
2. Keep holding the Power button and hold down the Home button at the same time for 10 seconds.
3. Release the Power button but keep holding the Home button for about 10 seconds.
Once you enter DFU mode, Redsn0w will do the rest. Redsn0w will go through a series of screens–don’t do anything, just wait.
Step 4: Install Cydia
Once your phone is jailbroken (don’t unplug it yet!) Redsn0w will ask you to ‘select your options’.
Make sure Install Cydia is checked, and click Next. (As mentioned earlier, Cydia is the jailbroken equivalent of the App Store.)
You’ll see some stuff flash across your iOS device’s screen, and then your device will reboot (tethered) in a jailbroken state.
Step 5: How to Perform a Tethered Reboot
Now that your iOS device is jailbroken, you can reboot it only while it’s tethered to your computer. (If you reboot untethered, Cydia and Safari may crash.)
To accomplish this, connect your device to your computer and open Redsn0w. Click Extras and then Just boot. The program will prompt you to enter DFU mode, and then your device will reboot.
That’s it–your iOS 5 device is now jailbroken. For more information, tips, and answers, check out the iPhone Dev-Team’s blog.
Introduction: Jailbreak IOS5!
There are many guides for jailbreaking your ipod or phone out there, but few show you how to jailbreak apples current version of iOS, version 5. (iOS5 is the current version of software as of 11/6/11).
***FOR ALL THOSE STILL ON TETHERED JB 5.0.1-
If you are currently operating an A4 device which has a tethered jailbreak using Redsn0w, Ac1dSn0w or Sn0wbreeze then you can simply launch Cydia from your Springboard and download a package named ‘Corona’ which will provide you with an untethered jailbreak."
THIS MEANS YOU DO NOT HAVE TO RE-JAILBREAK IF YOU ARE ON 5.0.1 TETHERED
(thanks redmond pie! http://www.redmondpie.com/jailbreak-5.0.1-untethered-on-iphone-ipad-ipod-touch-a4-devices-now-using-redsn0w-0.9.10b1-corona/ ) ***
**** UPDATE!!!! AN UNTETHERED JAILBREAK HAS BEEN RELEASED. I WILL TRY TO GET INFO UP SOON!! SO UNTIL THAT IS UP, PLEASE DISREGARD THIS INSTRUCTABLE! (12/28/11) ****
***UPDATE #2. IPAD 2 AND IPHONE 4S JAILBREAK RELEASED. MORE INFO HERE! http://www.engadget.com/2012/01/20/absinthe-a5-jailbreak-released-for-iphone-4s-hacker-dream-team/ (1/21/12) ***
This hack will NOT work with an iPhone 4S OR for an iPad 2. Currently the jailbreak teams are working on a release. Supported devices include the iPad 1, iPhone 3GS, iPhone 4, iPod touch 4, and iPod touch 3. Also: Note that if you are using ultrasn0w or are looking to unlock your SIM, I would NOT recommend a jailbreak, I am not sure what it will do to your device. If you want more information, I am afraid you are going to have to find it somewhere else :-(
Step 1: Safety and Warnings
As usual, there is an inherent risk in jailbreaking your ipod. Things could go wrong, possibly leaving your ipod/phone "bricked" (non-functional). Please be aware of this fact, as neither I, nor the jailbreak teams are responsible for any damage done to your phone.
This jailbreak is (I think) in BETA stage.
ALSO know that this hack WILL VOID your warranty with Apple. Please use this if you want to check your support coverage (or ETA until warranty expires)
This is also a TETHERED hack. A description from wikipedia- ". A tethered jailbreak requires that the device be connected to a computer each time it needs to be booted; an untethered jailbreak allows the device to be powered without computer assistance. " If you are using an iPhone 3GS, however, an UNTETHERED jailbreak is available.
There is a Cydia app that allows a "semi-tethered" jailbreak for iOS5, allowing your ipod to reboot without a computer, but all jailbroken apps and tweaks will NOT function if phone is restarted.
ALSO from wikipedia, "Under the Digital Millennium Copyright Act, jailbreaking Apple devices is legal in the United States, although Apple has announced that the practice "can void the warranty"."
Also, just to put this out there: This instructable is meant for educational purposes, not for illegal activities. Please do not use these hacks for illegal purposes.
Step 2: !! IMPORTANT !! Backing Up Your Device.
It is VERY important to make a backup of your device, pre-jailbreak, as something could go wrong, leaving your ipod messed up or crazy. I recommend backing up in iTunes, as well as in iCloud.
Here I will show you how to do it in iTunes.
Step 1: Open iTunes and plug in your device
Step 2: Right click on your ipod name (in the leftmost bar)
Step 3: Back up iPod
Step 4: Wait till it is finished :)
(This wont work if your ipod is syncing. Either cancel the sync or wait until it is finished)
Step 3: Backing Up in ICloud
This will back your ipod data on iCloud, where you can download it again from the ipod if it ever is reset/restored.
If you do not have an iCloud account, this step is not required. Just recommended :)
Step 1: Open settings on your iPhone
Step 2: Go to iCloud- log in if you have not done this before
Step 3: Go to Storage and Backup
Step 4 (optional): Go to Manage Storage. From this you can manage the data that you backup :) If you choose not to do anything, it will automatically backup your app data and photo stream.
ICLOUD WILL NOT BACKUP ANY OF YOUR MEDIA OR APPS! IT WILL JUST BACKUP APP DATA (progress, achievements, etc)
Step 5: When in Storage and Backup, scroll down to the bottom whre you will see a "Back up Now" button
Step 6: Click button and wait. I recommend using a power source to charge your ipod while doing this, as backups can take a long time.
Step 4: Download Redsn0w
Download and install your version of Redsn0w.
Current version is 0.99 beta 8 as of 11/6/11
Step 5: JAILBREAK!!!!
Time to get started!
Step 1: Open Redsn0w on your computer
Step 2: Click on jailbreak
Step 3: Turn your device OFF and click next
Step 4: Follow the instructions to enter DFU mode
Step 5: After a minute, you will see a screen in which you can select your options. Just click next :)
Step 6: Redsn0w will now exploit the jailbreak and enter your ipods software. Just wait through the menus; everything is automatic
Step 7: Your ipod should now boot. Code will flash across the screen, just wait it out. A jailbreak should take about 5 minutes max on it, but if it takes longer, just let it go.
Step 8: Dont get too excited, Cydia wont work yet....
Step 6: Boot Tethered
Now we have 1 last step before you can run Cydia.
Step 1: Open Redsn0w (if it isnt already)
Step 2: Click extras (Ignore image note here)
Step 3: Make sure your device is turned OFF
Step 4: Click Just Boot
Step 5: Follow instructions into DFU mode and wait till device reboots
Step 6: You can now use Cydia
Step 7: Install SemiTethered
I recommend following the guide here to install SemiTether to your ipod. SemiTether will keep your device in a usable state if it happens to die or restart. The mail app and any Cydia apps/themes currently will not work if your ipod restarts from SemiTethered.
Step 8: Tweak
You can now tweak and hack your ipod. A link to hacks that are supported with this jailbreak is here.
Step 9: How to Restore
If anything bad goes wrong with your ipod, you can restore it to a non jailbroken state easily (please note that there may be alternate methods of restoring) All you need to do is:
Step 1: Connect your ipod to iTunes and click restore. THIS WILL ERASE ALL DATA AND MEDIA ON THE IPOD. BACKUPS WILL NOT RE-SYNC MEDIA, ONLY APP DATA. YOU WILL HAVE TO RE-SYNC ANY MUSIC OR VIDEOS YOU HAVE ON THE IPOD. THIS WILL ALSO NOT SAVE ANY NEW DATA SINCE YOU HAVE JAILBROKEN, SO IF POSSIBLE BACK UP PHOTOS AND OTHER VALUABLE INFORMATION YOU NEED
Step 2: After a while, your device should come on with a grey screen asking you to set it up as a new device. Click on either iCloud or iTunes restore
Step 3: Select the backup of your device you made pre jailbreak. This will reinstall the firmware on the ipod, but will not sync and media to the device.
Step 4: Re sync your media in itunes.
Thanks so much for reading my guide, and please feel free to message me or comment below with questions, I will try to answer them the best I can.
Be the First to Share
Did you make this project? Share it with us!
Lamps and Lighting Contest
3D Printed Student Design Challenge
Removal of limitations from Apple's iOS devices
On Apple devices running iOS operating systems, jailbreaking is a privilege escalation executed to remove software restrictions imposed by the manufacturer. Typically it is done through a series of kernelpatches. A jailbroken device permits root access within the operating system and provides the opportunity to install software not available through the iOS App Store. Different devices and versions are exploited with a variety of tools. Apple views jailbreaking as a violation of the end-user license agreement, and strongly cautions device owners from attempting to achieve root access through exploitation of vulnerabilities.
While sometimes compared to rooting an Android device, jailbreaking is the bypass of several types of Apple prohibitions for the end user. Since it includes modifying the operating system (enforced by a "locked bootloader"), installing non-officially approved (not available on the App Store) applications via sideloading, and granting the user elevated administration-level privileges (rooting), the concepts are different.
One of the reasons for jailbreaking is to expand the feature set limited by Apple and its App Store. Apple checks apps for compliance with its iOS Developer Program License Agreement before accepting them for distribution in the App Store. However, their reasons for banning apps are not limited to safety and security and may be regarded as arbitrary and capricious. In one case, Apple mistakenly banned an app by a Pulitzer-Winning cartoonist because it violated its developer license agreement, which specifically bans apps that "contain content that ridicules public figures." To access banned apps, users rely on jailbreaking to circumvent Apple's censorship of content and features. Jailbreaking permits the downloading of programs not approved by Apple, such as user interface customization and tweaks.
Since software programs available through APT and or Installer.app (legacy) are not required to adhere to App Store guidelines, many of them are not typical self-contained apps but instead are extensions and customization options for iOS and its features and other apps (commonly called tweaks). Users install these programs for purposes including personalization and customization of the interface by tweaks developed by developers and designers, adding desired features such as access to the root file system and fixing annoyances, and making development work on the device easier by providing access to the filesystem and command-line tools. Many Chinese iOS device owners also jailbreak their phones to install third-party Chinese character input systems because they are easier to use than Apple's.
In some cases, jailbreak features are adopted by Apple and used as inspiration for features that are incorporated into iOS.
|Adopted Feature||Jailbreak Tweak|
|iOS Version||Description||Title||Developer||Originally released for|
|5.0||Emoji support||Vmoji||Vintendo/ManChild Technologies||iOS 4|
|Keyboard shortcuts||Xpandr||Nicholas Haunold||iOS 4|
|Delete individual calls||Call Delete||IArrays||iOS 4|
|7.0||Control Center||SBSettings||BigBoss||iOS 2|
|Translucent Notification Center||BlurredNCBackground||Phillippe||iOS 5|
|8.0||Interactive Notifications||LockInfo||David Ashman||iOS 4|
|biteSMS||biteSMS Team||iOS 5|
|Third-Party Keyboards||Fleksy Enabler||Sea Comet||iOS 6|
|Predictive Text||PredictiveKeyboard||Matthias Sauppe||iOS 7|
|9.0||Cursor Control||SwipeSelection||Kyle Howells||iOS 4|
|Lowercase Keys in Keyboard||ShowCase||Lance Fetters||iOS 4|
|10.0||Drawing on Messages||Graffiti||IanP||iOS 5|
|Floating Notification Center||Floater||Skylerk99||iOS 8|
|Bubble Notifications||WatchNotifications||Thomas Finch||iOS 8|
|Clear All Notifications||3D Touch to Clear Notifications||MohammadAG||iOS 8|
|Stickers in Messages||StickerMe||Alexander Laurus||iOS 8|
|Separate Control Center Pages||Auxo||A3Tweaks||iOS 9|
|11.0||Cellular Data Control||SBSettings||BigBoss||iOS 2|
|Customizable Control Center||CChide/CCSettings||plipala||iOS 8|
|Colored Controls||Cream||CP Digital Darkroom||iOS 8|
|One-Handed Keyboard (iPhone)||OneHandWizard||TheAfricanNerd, sharedRoutine||iOS 8|
|Low Power Mode in Control Center||CCLowPower||Cole Cabral||iOS 10|
|Notification design tweaks||CleanNotification10||Ayden Panhuyzen||iOS 10|
|13.0||Dark Mode||Eclipse||Guillermo Morán||iOS 7|
|Download manager in Safari||Safari Plus||BigBoss||iOS 8|
|Redesigned volume HUD||Melior||SparkDev||iOS 7|
|Ultrasound||Ayden Panhuyzen||iOS 11|
|Wi-Fi/Bluetooth settings in Control Center||WeatherVane||ATWiiks||iOS 11|
|Unlimited app download limit on Mobile Data||Appstore Unrestrict||iJulioverne||iOS 11|
|Third-party Controller Support||nControl||Kevin Bradley||iOS 12|
|14.0||Hide apps from Home screen||Poof||BigBoss||iOS 6, possibly older|
|Compact Call Interface||CallBar||Elias Limneos||iOS 7|
|App Library||Vesta||SparkDev||iOS 13|
|Changing CarPlay background||Canvas||Leftyfl1p||iOS 13|
|Picture in Picture on iPhone||Titan||TheSaltaCracka||iOS 13|
|Home Screen Widgets||HSWidgets||dgh0st||iOS 13|
|Smaller Siri||SmallSiri||Muirey03||iOS 13|
|15.0||Separation Alerts||Proximitus||LaughingQuoll||iOS 11|
|Low Power Mode (iPad)||LPMPad||iCraze||iOS 13|
|Focus||PureFocus||Dave Van Wijk||iOS 13|
|Notification Priority||Contacy||XCXiao||iOS 13|
|Redesigned Notifications||Quart||LaughingQuoll||iOS 13|
Jailbreaking also opens the possibility for using software to unofficially unlock carrier-locked iPhones so they can be used with other carriers. Software-based unlocks have been available since September 2007, with each tool applying to a specific iPhone model and baseband version (or multiple models and versions). This includes the iPhone 4S, iPhone 4, iPhone 3GS, and iPhone 3G models. An example of unlocking an iPhone through a Jailbreak utility would be Redsn0w. Through this software, iPhone users will be able to create a custom IPSW and unlock their device. Moreover, during the unlocking process, there are options to install Cydia the iPad baseband.
Installation of malware
Computer criminals may jailbreak an iPhone to install malware or target jailbroken iPhones on which malware can be installed more easily. The Italian cybersecurity company Hacking Team, which sells hacking software to law enforcement agencies, advised police to jailbreak iPhones to allow tracking software to be installed on them.
On iOS devices, the installation of consumer software is generally restricted to installation through the App Store. Jailbreaking, therefore, allows the installation of pirated applications. It has been suggested that a major motivation for Apple to prevent jailbreaking is to protect the income of its App Store, including third-party developers and allow the buildup of a sustainable market for third-party software. However, the installation of pirated applications is also possible without jailbreaking, taking advantage of enterprise certificates to facilitate distribution of modified or pirated releases of popular applications.
A package manager or package-management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs. For jailbreaks, this is essential for the installation of third-party content. There are a few package managers specifically for jailbroken iOS devices, of which the most popular are Cydia, Sileo, Zebra and Installer 5.
Security of the device
Upon jailbreaking the device, a lot of the built-in security is lost due to the vast amount of kernel patches that go into building the tool. Security structures like Apple Mobile File Integrity, Sandbox, Read-Only Root File system and trusted apps get disabled or otherwise tampered with, in order to achieve the goals of the jailbreaking tool. This, in turn, creates potential security issues for the jailbreak user.
Jailbreak users are also often forced to stay on an inferior iOS version that is no longer supported by Apple, because newer versions usually cannot be jailbroken right away. This has the potential to introduce security issues because for these older versions there are known security vulnerabilities, exploits and exploit proof of concepts published.
In March 2021, jailbreak developer GeoSn0w has released a tweak called iSecureOS which could alert the users of security issues found on their devices. The application works akin to an antivirus software, in that it scans the files on the user device and check them against a database of known malware or unsafe repos.
In June 2021, ESET Research has confirmed that malware did exist on one of the piracy repositories in the jailbreak community. The malware actively targeted iSecureOS to try to bypass the detection, but updates to the security app have been quickly released and have mitigated the malware.
Comparison to Android rooting
Jailbreaking of iOS devices has sometimes been compared to "rooting" of Android devices. Although both concepts involve privilege escalation, they do differ in scopes.
Where Android rooting and Jailbreaking are similar is that both are used to grant the owner of the device superuser system-level privileges, which may be transferred to one or more apps. However, unlike iOS phones and tablets, nearly all Android devices already offer an option to allow the user to sideload 3rd-party apps onto the device without having to install from an official source such as the Google Play store. Many Android devices also provide owners the capability to modify or even replace the full operating system after unlocking the bootloader.
In contrast, iOS devices are engineered with security features including a "locked bootloader" which can not be unlocked by the owner to modify the operating system without violating Apple's end-user license agreement. And on iOS, until 2015, while corporations could install private applications onto corporate phones, sideloading unsanctioned, 3rd-party apps onto iOS devices from sources other than the App Store was prohibited for most individual users without a purchased developer membership. After 2015, the ability to install 3rd-party apps became free for all users; however, doing so requires a basic understanding of Xcode and compiling iOS apps.
Jailbreaking an iOS device to defeat all these security restrictions presents a significant technical challenge. Similar to Android, alternative iOS app stores utilizing enterprise certificates are available, offering modified or pirated releases of popular applications and video games, some of which were either previously released through Cydia or are unavailable on the App Store due to these apps not complying with Apple developer guidelines.
Types of jailbreaking tools
Many different types of jailbreaks have come out over the years, differing in how and when the exploit is applied.
When a jailbroken device is booting, it loads Apple's own kernel initially. The device is then exploited and the kernel is patched every time it is turned on. An untethered jailbreak is a jailbreak that does not require any assistance when it reboots up. The kernel will be patched without the help of a computer or an application. These jailbreaks are uncommon and take a significant amount of reverse engineering to create. For this reason, untethered jailbreaks have become much less popular, with none supporting recent iOS versions.
A tethered jailbreak is the opposite of an untethered jailbreak, in the sense that a computer is required to boot. Without a computer running the jailbreaking software, the iOS device will not be able to boot at all. While using a tethered jailbreak, the user will still be able to restart/kill the device's SpringBoard process without needing to reboot. Many early jailbreaks were offered initially as tethered jailbreaks.
This type of jailbreak allows a user to reboot their phone normally, but upon doing so, the jailbreak and any modified code will be effectively disabled, as it will have an unpatched kernel. Any functionality independent of the jailbreak will still run as normal, such as making a phone call, texting, or using App Store applications. To be able to have a patched kernel and run modified code again, the device must be booted using a computer.
This type of jailbreak is like a semi-tethered jailbreak in which when the device reboots, it no longer has a patched kernel, but the key difference is that the kernel can be patched without using a computer. The kernel is usually patched using an application installed on the device without patches. This type of jailbreak has become increasingly popular, with most recent jailbreaks classified as semi-untethered.
History of tools
JailbreakMe and AppSnapp
A few days after the original iPhone became available in July 2007, developers released the first jailbreaking tool for it, and soon a jailbreak-only game app became available. In October 2007, JailbreakMe 1.0 (also called "AppSnapp") allowed people to jailbreak iPhone OS 1.1.1 on both the iPhone and iPod touch, and it included Installer.app as a way to get software for the jailbroken device.
In February 2008, Zibri released ZiPhone, a tool for jailbreaking iPhone OS 1.1.3 and iPhone OS 1.1.4.
The iPhone Dev Team, which is not affiliated with Apple, has released a series of free desktop-based jailbreaking tools. In July 2008 it released a version of PwnageTool to jailbreak the then new iPhone 3G on iPhone OS 2.0 as well as the iPod touch, newly including Cydia as the primary third-party installer for jailbroken software. PwnageTool continues to be updated for untethered jailbreaks of newer iOS versions.
In November 2008 the iPhone Dev Team released QuickPwn to jailbreak iPhone OS 2.2 on iPhone and iPod touch, with options to enable past functionality that Apple had disabled on certain devices.
After Apple released iOS 3.0 in June 2009, the Dev Team published redsn0w as a simple jailbreaking tool for Mac and Windows, and also updated PwnageTool primarily intended for expert users making custom firmware, and only for Mac. It continues to maintain redsn0w for jailbreaking most versions of iOS 4 and iOS 5 on most devices.
purplera1n & blackra1n
George Hotz developed the first iPhone unlock. In 2009, he released a jailbreaking tool for the iPhone 3GS on iPhone OS 3.0 called purplera1n, and blackra1n for iPhone OS version 3.1.2 on the 3rd generation iPod touch and other devices.
In October 2010, George Hotz released limera1n, a low-level boot ROM exploit that permanently works to jailbreak the iPhone 4 and is used as a part of tools including redsn0w.
Spirit and JailbreakMe
Nicholas Allegra (better known as "comex") released a program called Spirit in May 2010. Spirit jailbreaks devices including iPhones running iPhone OS 3.1.2, 3.1.3, and iPad running iOS 3.2. In August 2010, comex released JailbreakMe 2.0, the first web-based tool to jailbreak the iPhone 4 (on iOS 4.0.1). In July 2011, he released JailbreakMe 3.0, a web-based tool for jailbreaking all devices on certain versions of iOS 4.3, including the iPad 2 for the first time (on iOS 4.3.3). It used a flaw in PDF file rendering in mobile Safari.
Chronic Dev Team initially released Greenpois0n in October 2010, a desktop-based tool for jailbreaking iOS 4.1 and later iOS 4.2.1 on most devices including the Apple TV, as well as iOS 4.2.6 on CDMA (Verizon) iPhones.
As of December 2011, redsn0w included the "Corona" untether by pod2g for iOS 5.0.1 for iPhone 3GS, iPhone 4, iPad (1st generation), and iPod touch (3rd and 4th generation). As of June 2012, redsn0w also includes the "Rocky Racoon" untether by pod2g for iOS 5.1.1 on all iPhone, iPad, and iPod touch models that support iOS 5.1.1.
The iPhone Dev Team, Chronic Dev Team, and pod2g collaborated to release Absinthe in January 2012, a desktop-based tool to jailbreak the iPhone 4S for the first time and the iPad 2 for the second time, on iOS 5.0.1 for both devices and also iOS 5.0 for iPhone 4S. In May 2012 it released Absinthe 2.0, which can jailbreak iOS 5.1.1 untethered on all iPhone, iPad, and iPod touch models that support iOS 5.1.1, including jailbreaking the third-generation iPad for the first time.
The hackers together called the evad3rs released an iOS 6.X jailbreak tool called "evasi0n" available for Linux, OS X, and Windows on Monday, February 4, 2013, at noon Eastern Standard Time. Due to the high volume of interest in downloading the jailbreak utility, the site initially gave anticipating users download errors. When Apple upgraded its software to iOS 6.1.3 it permanently patched out the evasi0n jailbreak.
In April 2013, the latest versions of Sn0wbreeze was released, which added the support for tethered jailbreaking on A4 devices (i.e. devices not newer than the iPhone 4, iPad (1st generation), or iPod touch (4th generation)).
evasi0n7 and p0sixpwn
On December 22, 2013, the evad3rs released a new version of evasi0n that supports jailbreaking iOS 7.0.x, known as evasi0n7. On December 30, 2013, winocm, ih8sn0w and SquiffyPwn released p0sixspwn for untethering devices on iOS 6.1.3 – 6.1.5. Initially, it was necessary to jailbreak tethered using redsn0w and install p0sixpwn at Cydia. A few days later, on January 4, 2014, the same team released a version of p0sixpwn for jailbreaking using a computer.
iOS 7.1 patched the exploits used by evasi0n7, and on June 23, 2014, Pangu, a Chinese untethered jailbreak was released for iOS 7.1.
On October 22, 2014, Pangu Team released Pangu8 to jailbreak all devices running iOS 8–8.1. The first versions did not bundle Cydia, nor was there an iOS 8 compatible version of Cydia at the time.
On November 29, 2014, TaiG team released their jailbreak tool called "TaiG" for devices running iOS 8.0–8.1.1. On December 10, 2014, the app was updated to include support for iOS 8.1.2. On July 3, 2015, TaiG 2.3.0 was released, which includes support for iOS 8.0–8.4.
On 10 September 2015, 6 days before iOS 9 was released, iH8sn0w had demonstrated a working exploit on his Twitter page, linking to a YouTube video.
On October 14, 2015, Pangu Team released Pangu9, their jailbreak tool for iOS 9.0 through 9.0.2. On March 11, 2016, Pangu Team updated their tool to support iOS 9.1 for 64-bit devices.
On July 17, 2016, Pangu Team released Pangu93, a semi-untethered jailbreak tool for iOS 9.2–9.3.3. It was the first semi-untethered jailbreak and at the same time made within a sideloaded app, and included support only for 64bit devices.
On mid-March 2017, jk9357 (aka @REALKJCMEMBER), part of the KJC (Kim Jong Cracks) hacking team released the first semi-untethered jailbreak for 32bit devices on 9.1–9.3.4. This jailbreak made use of some of the Pegasus vulnerabilities.
yalu+mach_portal and extra_recipe
On December 21, 2016, well-known hacker Luca Todesco released a beta semi-untethered jailbreak tool for iOS 10.1 known as yalu+mach_portal for select 64-bit iOS devices. The jailbreak made use of Ian Beer's, of Google Project Zero, mach_portal exploit. This version is extremely unstable and was only meant for developers. On January 26, 2017, with help from Marco Grassi, a more stable version for iOS 10.2 was released, eventually supporting all 64-bit iOS devices except for the iPhone 7 and 7 Plus, which is only supported by the older, more unstable version for 10.1.1. This jailbreak made use of Ian Beer's, of Project Zero, extra_recipe exploit. Both jailbreaks are installed through a computer application known as Cydia Impactor, which allows signing of apps not in the App Store. Todesco said that the newer version would be eventually updated to support the iPhone 7 and 7 Plus up to iOS 10.1.1, however, he left the jailbreaking scene on March 28, abandoning both jailbreaks before it was released.
On August 6, 2017, Siguza and tihmstar released the semi-untethered Phoenix jailbreak for 32-bit devices on iOS 9.3.5.
On September 19, 2017, tihmstar released EtasonJB, a jailbreak for all 32-bit devices on iOS 8.4.1. An exploit was found so that users of the 9.3.5 Phoenix jailbreak could downgrade to 8.4.1 without the use of SHSH blobs as 8.4.1 is an unsigned version of iOS.
On October 15, 2017, the hacker Abraham Masri (known on Twitter as @cheesecakeufo) released the Saïgon jailbreak for all 64-bit devices on iOS 10.2.1.
On December 6, 2017, Abraham Masri released Houdini, the first semi-jailbreak for iOS 10, compatible with iOS 10.x up to 10.3.2 for all 64-bit devices. The application allows installation of themes, resolution changes etc. from basic Cydia repos. It is untethered, but it needs to run the exploit again to install content. The tool has been updated to beta revision 1, adding the compatibility with iOS 11 up to 11.1.2.
On December 11, 2017, Ian Beer released async_wake, an iOS 11.0 up to 11.1.2 exploit that allows tfp0. The exploit has been updated and it has allowed jailbreak apps on jailed devices such as FilzaJailed, FilzaEscaped (which allows root access on a jailed device), MTerminal-Jailed by Ayden Panhuyzen (which allows the execution of commands on a jailed device) and Torngat by 1GamerDev (a tweak manager that can set a boot logo, change resolution, disable OTA updates and more on a jailed device).
On December 23, 2017, Abraham Masri released to.panga, an iOS 11 up to 11.1.2 WIP jailbreak for developers based on the async_wake exploit by Ian Beer. It has Cydia included but since the jailbreak used a KPPless exploit, Cydia and Substrate have to be rewritten. Abraham Masri has since stated that the project wouldn't be updated due to other tools with the same goal.
On December 24, 2017, tihmstar released h3lix, a semi-untethered jailbreak for all 32-bit devices, compatible with all iOS 10 versions.
Shortly after the release of h3lix, tihmstar and Siguza released doubleH3lix, a semi-untethered jailbreak for 64bit devices (excluding the iPhone 7) on iOS 10.x.
On December 26, 2017, the hacker Jonathan Levin (known on Twitter as @Morpheus____) released LiberiOS, a WIP developer-only jailbreak based on the async_wake exploit by Ian Beer for iOS 11.0 to iOS 11.1.2. Jonathan Levin later stated that LiberiOS would not be officially released with Cydia.
On January 29, 2018, Zimperium, whose goal is to assess issues and locate a possible iOS sandbox escape, released two crucial bugs, one of which is a major vulnerability that leads to execution of arbitrary code on different crucial daemons, found in iOS 11.2 up to 11.2.2. The second bug is a full relative (ASLR bypass) control on the stack in CoreBluetooth, that leads to memory corruption (also on 11.2 – 11.2.2).
On February 26, 2018, developer CoolStar (known on Twitter as @CStar_OW) released a public version of the Electra jailbreak for iOS devices on 11.0–11.1.2. This jailbreak uses a KPPless exploit. As Cydia Substrate had not been updated for iOS 11, Electra uses a Substrate alternative known as Substitute.
On June 6, 2018, Abraham Masri released an update to Houdini, the first semi-jailbreak. The tool has been updated to beta 3 revision 1, adding the compatibility with iOS 11 up to 11.3.1.
On July 6, 2018, developer CoolStar updated the Electra jailbreak for iOS devices on 11.0–11.3.1 (it previously only supported up to 11.1.2). It continued to use a KPPless exploit and Substitute in place of Cydia Substrate.
On August 17, 2018, developer Ben Sparkes released a public version of Meridian, a jailbreak for iOS versions 10.x on all 64-bit devices.
Totally Not Spyware and JakeBlair420
On September 3, 2018, a web-based jailbreak called "Totally Not Spyware" was released by an unknown user named "JakeBlair420". It eventually came out that it was developed by FoxletFox, Ben Sparkes, littlelailo, siguza, stek29, and was based on the works of 5aelo, Ian Beer, Niklas B, Jamie Bishop, Luca Todesco, REALKJCMEMBER, Sam Bingner, sticktron, theninjaprawn, tihmstar, and xerub. It used a WebKit-based exploit to bootstrap either Meridian or doubleh3lix.
unc0ver iOS 11
On October 14, 2018, former Electra team member and developer Pwn20wnd (known on Twitter as @Pwn20wnd) released a public version of the unc0ver jailbreak for iOS devices on 11.0–11.4.1. This jailbreak uses the three KPPless exploits provided by Ian Beer for iOS 11 (async_wake, empty_list and multi_path). Sam Bingner, Pwn20wnd's associate, also worked with Jay Freeman, the original developer of Cydia, to get Cydia Substrate reupdated to iOS 11. It was released on December 17, 2018.
Osiris Jailbreak for iOS 12
On February 1, 2019, developer (GeoSn0w) released the very first proof of concept for a jailbreak compatible with iOS 12.0 to iOS 12.1.2, called Osiris Jailbreak / OsirisJailbreak12. It was a developer-only jailbreak meant to demonstrate how a basic jailbreak can be achieved on iOS 12 using the new tfp0 kernel exploit released at that time by Google Project Zero security researcher, Brandon Azad. OsirisJailbreak12 has then been released as Open Source on GitHub, but remained developer-only and thus incomplete.
unc0ver iOS 12
On February 22, 2019, developer (Pwn20wnd) released a public update for the unc0ver jailbreak for iOS devices on 12.0–12.1.2. This version of unc0ver uses exploits provided by tihmstar and SorryMyBad for iOS 12 (v1ntex, v3ntex, and voucher_swap). Pwn20wnd once again worked with Jay Freeman to get Cydia and Cydia Substrate updated to work on iOS 12.
On April 29, 2019, the Electra team released Chimera, a public jailbreak for iOS 12.0–12.1.2, which included support for all devices, including devices with A12 chips, which had major security reinforcements compared to other devices. This jailbreak uses Substitute, an alternative to Cydia Substrate, to allow tweaks to run.
On June 12, 2019, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 12.1.2–12.2. The jailbreak did not support A8 and A7 devices to begin with, but support for those devices has now been added for iOS 12.1.2–12.2.
On August 18, 2019, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 12.4 following a mistake by Apple that reintroduced the vulnerabilities patched in 12.3. This version of unc0ver used the sock_puppet exploit, developed by Ned Williamson and the sock_port exploit, developed by Jake James.
checkm8 and checkra1n
On September 27, 2019, security researcher (axi0mX) released an exploit for some iPhone bootroms dubbed checkm8 (read as checkmate), that executes when the device is started up, and cannot be patched by Apple. This exploit affects A5-A11 (iPhone 4s–iPhone X) devices, and due to the nature of the exploit it supports any iOS version running on these supported devices. According to the developer, an exploit this powerful has not been released since 2010. Although checkm8 is purely an exploit tool, and not a jailbreak tool, a semi-tethered jailbreak has been achieved as of September 27, 2019, and a beta version of checkra1n, a jailbreak tool that uses checkm8 has been released for macOS and Linux, with a windows version in the works.
On December 9, 2019, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 12.4.1. This version of unc0ver used the AppleAVE2Driver exploit, developed by 08Tc3wBB, who submitted/sold the exploit to ZecOps for the Task-For-Pwn 0 Bounty.
On January 22, 2020, tihmstar released EtasonATV, a jailbreak for Apple TV (3rd generation Rev A) on iOS 8.4.1–8.4.4.
On January 28, 2020, tihmstar released a public update to the EtasonATV jailbreak, to add support for Apple TV (3rd generation).
unc0ver iOS 13
On February 15, 2020, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 13.0–13.3 for A12 and A13 devices. The jailbreak did not support A11 and below devices to begin with, but has since been updated to do so.
On May 20, 2020, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 13.3.1-13.5 for all devices that support that version range.
On June 9, 2020, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 13.5.5~b1.
unc0ver iOS 14
On February 27, 2021, developer (Pwn20wnd) released a public update to the unc0ver jailbreak, to add support for iOS 14.0-14.3 for all devices that support that version range, alongside 12.4.9-12.5.1 and 13.5.1-13.7
By device and OS
|Device||OS||Release date||Jailbreak date||Jailbroken|
|iPhone 2G||iPhone OS 1.0||June 29, 2007||July 10, 2007||11||(no name)||iPhone Dev Team|
|iPod touch||September 5, 2007||October 10, 2007||35||JailbreakMe||niacin and dre|
|iPhone 3G||iPhone OS 2.0||July 11, 2008||July 20, 2008||9||PwnageTool||iPhone Dev Team|
|iPod touch (2nd generation)||September 9, 2008||January 30, 2009||143||redsn0w||iPhone Dev Team and Chronic Dev Team|
|iPhone OS 3.0||June 17, 2009||June 19, 2009||2||PwnageTool||iPhone Dev Team|
|iPhone 3GS||June 19, 2009||July 3, 2009||14||purplera1n||George Hotz|
|iPad||April 30, 2010||May 3, 2010||3||Spirit||comex|
|iOS 4.0||June 21, 2010||June 23, 2010||2||PwnageTool||iPhone Dev Team|
|iPhone 4||June 24, 2010||August 1, 2010||38||JailbreakMe 2.0||comex|
|Apple TV (2nd generation)||September 1, 2010||October 20, 2010||49||PwnageTool||iPhone Dev Team|
|iPad 2||March 11, 2011||July 5, 2011||116||JailbreakMe 3.0||comex|
|iOS 5.0||October 12, 2011||October 13, 2011||1||redsn0w||iPhone Dev Team|
|iPhone 4S||October 14, 2011||January 20, 2012||98||Absinthe||pod2g, Chronic Dev Team, iPhone Dev Team|
|iPad (3rd generation)||March 16, 2012||May 25, 2012||70||Absinthe 2.0||pod2g, Chronic Dev Team, iPhone Dev Team|
|iOS 6.0||September 19, 2012||September 19, 2012||0||redsn0w||iPhone Dev Team|
|iPhone 5||September 21, 2012||February 4, 2013||136||evasi0n||evad3rs|
|iPod touch (5th generation)||October 23, 2012||February 4, 2013||104||evasi0n||evad3rs|
|iPad (4th generation)||November 2, 2012||February 4, 2013||94||evasi0n||evad3rs|
|iPad Mini||November 2, 2012||February 4, 2013||94||evasi0n||evad3rs|
|iOS 7||September 18, 2013||December 22, 2013||95||evasi0n7||evad3rs|
|iPhone 5C||September 20, 2013||December 22, 2013||93||evasi0n7||evad3rs|
|iPhone 5S||September 20, 2013||December 22, 2013||93||evasi0n7||evad3rs|
|iPad Air||November 1, 2013||December 22, 2013||51||evasi0n7||evad3rs|
|iPad Mini 2||November 12, 2013||December 22, 2013||40||evasi0n7||evad3rs|
|iOS 8||September 17, 2014||October 22, 2014||35||Pangu8||Pangu Team|
|iPhone 6||September 19, 2014||October 22, 2014||33||Pangu8||Pangu Team|
|iPhone 6 Plus||September 19, 2014||October 22, 2014||33||Pangu8||Pangu Team|
|iPad Air 2||October 22, 2014||October 22, 2014||0||Pangu8||Pangu Team|
|iPad Mini 3||October 22, 2014||October 22, 2014||0||Pangu8||Pangu Team|
|iPod touch (6th generation)||July 15, 2015||July 16, 2015||1||TaiG, PP Jailbreak||TaiG, PP Jailbreak|
|iOS 9||September 16, 2015||October 14, 2015||28||Pangu9||Pangu Team|
|iPhone 6S||September 25, 2015||October 14, 2015||19||Pangu9||Pangu Team|
|iPhone 6S Plus||September 25, 2015||October 14, 2015||19||Pangu9||Pangu Team|
|iPad Mini 4||September 9, 2015||October 14, 2015||35||Pangu9||Pangu Team|
|iPad Pro||November 11, 2015||March 11, 2016||121||Pangu9||Pangu Team|
|Apple TV (4th generation)||September 9, 2015||March 23, 2016||196||Pangu9||Pangu Team|
|iPhone SE (1st generation)||March 31, 2016||July 24, 2016||115||PPJailbreak||PPJailbreak, Pangu Team|
|iOS 10||September 13, 2016||December 21, 2016||99||Yalu||Luca Todesco|
|iOS 11||September 19, 2017||December 26, 2017||98||LiberiOS, Electra, Unc0ver and Osiris Jailbreak (developers only)||Jonathan Levin, Pwn20wnd, CoolStar, GeoSn0w|
|IOS 12||September 17, 2018||February 22, 2019||158||unc0ver, Chimera, checkra1n, and Osiris Jailbreak (developers only)||Pwn20wnd, CoolStar, sbingner, Ian Beer, Brandon Azad, Jonathan Levin, PsychoTea, xerub, ninjaprawn, stek29, GeoSn0w|
|IOS 13||September 19, 2019||October 13, 2019||24||unc0ver, Odyssey and checkra1n||Pwn20wnd,CoolStar, sbingner, Ian Beer, Brandon Azad, Jonathan Levin, PsychoTea, xerub, ninjaprawn, stek29|
|Apple A10 and below (officially supported)|
Apple A11 (preliminary support)
|iOS 14||September 16, 2020||September 21, 2020||5||checkra1n||qwertyoruiop, argp, axi0mX, danyl931, jaywalker, kirb, littlelailo, nitoTV, nullpixel, pimskeks, sbingner, Siguza|
|Apple A14 and below||iOS 14||September 16, 2020||February 27, 2021||164||unc0ver, Taurine||Pwn20wnd, CoolStar, Sam Bingner, Siguza, Jake James, Ubik, Dennis Bednarz, exDeveloper|
Table of tools
|JailbreakMe 3.0||July 5, 2011||||1||4.2.6||4.2.8|
4.3 – 4.3.3[a]
|Seas0npass||October 18, 2011||2nd generation Apple TV||4.3||5.3|
|4.3 – 5.3|
|redsn0w 0.9.15 beta 3||November 1, 2012||1||1||4.1||6.1.6|
|iPhone Dev Team|
|Absinthe 2.0.4||May 30, 2012||1||5.1.1||Yes||pod2g, Chronic Dev Team, iPhone Dev Team|
|evasi0n||February 4, 2013||6.0||6.1.2||Yes||pod2g, MuscleNerd, pimskeks, and planetbeing (evad3rs)|
|evasi0n7||December 22, 2013||5||7.0||7.0.6||Yes||pod2g, MuscleNerd, pimskeks, and planetbeing (evad3rs)|
|p0sixspwn||December 30, 2013||6.1.3||6.1.6||Yes||winocm, iH8sn0w, and SquiffyPwn|
|Pangu||June 23, 2014||5||7.1||7.1.2||Yes||dm557, windknown, ogc557, and Daniel_K4 (@PanguTeam)|
|Pangu8||October 22, 2014||5||8.0||8.1||Yes||windknown, ogc557, Daniel_K4, zengbanxian, INT80 (@PanguTeam)|
|TaiG||November 29, 2014||8.0||8.4||Yes||TaiG|
|PPJailbreak||January 18, 2015||8.0||8.4||Yes||PanguTeam and PPJailbreak|
|Pangu9||October 14, 2015||9.0||9.1||Yes||PanguTeam|
|Pangu9||March 23, 2016||4th generation Apple TV||9.0||9.0.1||Yes||PanguTeam|
|LiberTV||March 3, 2017||4th generation Apple TV||9.1||10.1||Semi-Untethered||Marco Grassi, Luca Todesco, Jonathan Levin|
|LiberTV 1.1||December 24, 2017||4th & 5th generation (4K) Apple TV||11.0||11.1||Semi-Untethered||Marco Grassi, Luca Todesco, Jonathan Levin|
|PPJailbreak||July 24, 2016||9.2||9.3.3||Semi-Untethered||PanguTeam and PPJailbreak|
|mach_portal + Yalu||December 22, 2016||Pro||10.0.1||10.1.1 (depends on device)||Semi-Untethered||Luca Todesco|
|yalu102||January 26, 2017||6||10.0.1||10.2||Semi-Untethered||Luca Todesco and Marco Grassi|
|Phœnix||August 6, 2017||9.3.5||Semi-Untethered||Siguza and tihmstar|
|Etason||September 19, 2017||8.4.1||Yes||tihmstar|
|Saïgon||October 15, 2017||10.2.1||Semi-Untethered||Abraham Masri|
|h3lix||December 24, 2017||10.0||10.3.4||Semi-Untethered||tihmstar|
|Meridian||January 4, 2018||10.0||10.3.3||Semi-Untethered||Sparkey, Ian Beer, Siguza, xerub, stek29, theninjaprawn, ARX8x, cheesecakeufo, FoxletFox, Sticktron, nullpixel, arpolix, EthanRDoesMC, CydiaBen, Comsecuris UG, Brandon Saldan, Lepidus, Cryptic, Samg_is_a_Ninja, M1sta|
|g0blin||January 13, 2018||10.3||10.3.3||Semi-Untethered||Sticktron, Siguza, Ian Beer, windknown, Luca Todesco, xerub, tihmstar, saurik, uroboro, Abraham Masri, arx8x, PsychoTea, Cryptic|
|Spyware.lol||September 7, 2018||iPod Touch (6th Gen)||10.0||10.3.3||Semi-Untethered||JakeBlair420|
|LiberiOS||December 25, 2017||11.0||11.1.2||Semi-Untethered||Marco Grassi, Luca Todesco, Jonathan Levin, Ian Beer|
|Electra1112||January 12, 2018||11.0||11.1.2||Semi-Untethered||CoolStar, Ian Beer, xerub, Siguza, theninjaprawn, stek29, angelXwind, comex, isklikas, and goeo_, DHowett, and rpetrich|
|Electra1131||July 7, 2018||11.0||11.4.1||Semi-Untethered||CoolStar, Ian Beer, xerub, Siguza, theninjaprawn, Brandon Azad, stek29, Jamie Bishop, Pwn20wnd|
|ElectraTV||July 12, 2018||4th generation Apple TV||11.0||11.4.1||Semi-Untethered||nitoTV|
|unc0ver||October 13, 2018||11.0||13.5.5~b1 (excludes 13.5.1)||Semi-Untethered||Pwn20wnd, Sam Bingner, Ian Beer, Brandon Azad, Jonathan Levin, xerub, sparkey, stek29, theninjaprawn|
|Chimera||April 30, 2019||12.0||12.5.1||Semi-Untethered||Coolstar, Jamie Bishop, tri'angle, ninjaprawn, Brandon Azad, PsychoTea, Ayden Panhuyzen, Umang Raghuvanshi, aesign|
|checkra1n||November 10, 2019||12.0+||14.5||Semi-Tethered||argp, axi0mx, danyl931, jaywalker, kirb, littlelailo, nitoTV, nullpixel, pimskeks, qwertyoruiop, sbingner, siguza, haifisch, jndok, jonseals, xerub, lilstevie, psychotea, sferrini, Cellebrite, et al.|
|EtasonATV||January 22, 2020||3rd generation Apple TV||7.4+||Yes||tihmstar|
|Odyssey||August 28, 2020||All iPads that support iOS 13||iPhone 6s or newer||7||13.0||13.7||Semi-Untethered||CoolStar, Hayden Seay, 23Aaron, Tihmstar|
|unc0ver||February 27, 2021||A14 and below that support iOS 14||A14 and below that support iOS 14||A10 and below that support iOS 14||14.0||14.3||Semi-Untethered||Pwn20wnd, Sam Bingner, Siguza, Jake James, Ubik, Dennis Bednarz, exDeveloper|
|Taurine||April 1, 2021||A14 and below that support iOS 14||A14 and below that support iOS 14||A10 and below that support iOS 14||14.0||14.3||Semi-Untethered||CoolStar, tihmstar, Diatrus, 23 Aaron, ModernPwner, pattern-f|
History of exploit-disabling patch releases
Apple has released various updates to iOS that patch exploits used by jailbreak utilities; this includes a patch released in iOS 6.1.3 to software exploits used by the original evasi0n iOS 6–6.1.2 jailbreak, in iOS 7.1 patching the Evasi0n 7 jailbreak for iOS 7–7.0.6-7.1 beta 3. Bootrom exploits (exploits found in the hardware of the device) cannot be patched by Apple system updates but can be fixed in hardware revisions such as new chips or new hardware in its entirety, as occurred with the iPhone 3GS in 2009.
On July 15, 2011, Apple released a new iOS version that closed the exploit used in JailbreakMe 3.0. The German Federal Office for Information Security had reported that JailbreakMe uncovered the "critical weakness" that information could be stolen or malware unwillingly downloaded by iOS users clicking on maliciously crafted PDF files. Before Apple released a fix for this security hole, jailbreak users had access to a fix published by the developer of JailbreakMe.
On January 27, 2015, Apple released iOS 8.1.3 that patched up the exploits used in jailbreak for iOS 8.0–8.1.2. It was not possible to jailbreak until the iOS 8.3 update.
On August 13, 2015, Apple updated iOS to 8.4.1, patching the TaiG exploit. Pangu and Taig teams both said they were working on exploiting iOS 8.4.1, and Pangu demonstrated these chances at the WWDC 2015.
On September 16, 2015, iOS 9 was announced and made available; it was released with a new "Rootless" security system, dubbed a "heavy blow" to the jailbreaking community.
On October 21, 2015, seven days after the Pangu iOS 9.0–9.0.2 Jailbreak release, Apple pushed the iOS 9.1 update, which contained a patch that rendered it nonfunctional.
On August 4, 2016, Apple released iOS version 9.3.4 to patch the semi-untethered jailbreak for 64-bit devices.
On August 25, 2016, Apple released iOS version 9.3.5 to patch three important vulnerabilities used for the secret jailbreak from the Pegasus Malware from the NSO Group.
On January 23, 2017, Apple released iOS 10.2.1 to patch jailbreak exploits released by Google for the Yalu iOS 10 jailbreak created by Luca Todesco.
On December 2, 2017, iOS 11.2 was released and included a patch to the async_wake exploit by Ian Beer of Google Project Zero.
On May 29, 2018, iOS 11.4 was released, including a patch to 2 exploits (empty_list and multi_path) by Ian Beer of Google Project Zero.
On January 22, 2019, iOS 12.1.3 was released, including a patch to an exploit (voucher_swap), found independently by both Brandon Azad of Google Project Zero, and Zhuo Liang of Qihoo 360 Nirvan Team.
On May 13, 2019, iOS 12.3 was released, including a patch to an exploit (sock_puppet) by Ned Williamson of Google Project Zero. However, on the 18th of August 2019, it became known that Apple accidentally reintroduced these vulnerabilities in iOS 12.4, making it possible to jailbreak 12.4 with the same exploits as pre-12.3 versions.
On August 26, 2019, Apple released the 12.4.1 update, re-patching the exploit (sock_puppet) by Ned Williamson of Google Project Zero.
On November 10, 2019, a group of developers released a jailbreak named "Checkra1n", which exploits the chips found in devices ranging from A5-A11 devices. This was the first jailbreak to feature a bootrom exploit in a decade. The tool utilizes the "Checkm8" exploit developed by Axi0mX.
On December 10, 2019, Apple used DMCA takedown requests to remove posts from Twitter. The tweet contained an encryption key that could potentially be used to reverse engineer the iPhone's Secure Enclave. Apple later retracted the claim, and the tweet was reinstated.
On June 1, 2020, Apple released the 13.5.1 update, patching the 0 day exploit used by the Unc0ver jailbreak.
The legal status of jailbreaking is affected by laws regarding circumvention of digital locks, such as laws protecting digital rights management (DRM) mechanisms. Many countries do not have such laws, and some countries have laws including exceptions for jailbreaking.
International treaties have influenced the development of laws affecting jailbreaking. The 1996 World Intellectual Property Organization (WIPO) Copyright Treaty requires nations party to the treaties to enact laws against DRM circumvention. The American implementation is the Digital Millennium Copyright Act (DMCA), which includes a process for establishing exemptions for non-copyright-infringing purposes such as jailbreaking. The 2001 European Copyright Directive implemented the treaty in Europe, requiring member states of the European Union to implement legal protections for technological protection measures. The Copyright Directive includes exceptions to allow breaking those measures for non-copyright-infringing purposes, such as jailbreaking to run alternative software, but member states vary on the implementation of the directive.
While Apple technically does not support jailbreaking as a violation of its EULA, jailbreaking communities have generally not been legally threatened by Apple. At least two prominent jailbreakers have been given positions at Apple, albeit in at least one case a temporary one. Apple has also regularly (though possibly somewhat jokingly) thanked jailbreak communities for detecting security holes in iOS release notes.
Apple's support article concerning jailbreaking claims that they "may deny service for an iPhone, iPad, or iPod touch that has installed any unauthorized software." Therefore, anyone who is jailbroken, warranty or not, may or may not get support from Apple considering assistance with jailbreaking.
In 2010, Electronic Frontiers Australia said that it is unclear whether jailbreaking is legal in Australia, and that anti-circumvention laws may apply. These laws had been strengthened by the Copyright Amendment Act 2006.
In November 2012, Canada amended its Copyright Act with new provisions prohibiting tampering with DRM protection, with exceptions including software interoperability. Jailbreaking a device to run alternative software is a form of circumventing digital locks for the purpose of software interoperability.
There had been several efforts from 2008–2011 to amend the Copyright Act (Bill C-60, Bill C-61, and Bill C-32) to prohibit tampering with digital locks, along with initial proposals for C-11 that were more restrictive, but those bills were set aside. In 2011, Michael Geist, a Canadian copyright scholar, cited iPhone jailbreaking as a non-copyright-related activity that overly-broad Copyright Act amendments could prohibit.
India's copyright law permits circumventing DRM for non-copyright-infringing purposes. Parliament introduced a bill including this DRM provision in 2010 and passed it in 2012 as Copyright (Amendment) Bill 2012. India is not a signatory to the WIPO Copyright Treaty that requires laws against DRM circumvention, but being listed on the US Special 301 Report "Priority Watch List" applied pressure to develop stricter copyright laws in line with the WIPO treaty.
New Zealand's copyright law allows the use of technological protection measure (TPM) circumvention methods as long as the use is for legal, non-copyright-infringing purposes. This law was added to the Copyright Act 1994 as part of the Copyright (New Technologies) Amendment Act 2008.
Jailbreaking might be legal in Singapore if done to provide interoperability and not circumvent copyright, but that has not been tested in court.
The law Copyright and Related Rights Regulations 2003 makes circumventing DRM protection measures legal for the purpose of interoperability but not copyright infringement. Jailbreaking may be a form of circumvention covered by that law, but this has not been tested in court. Competition laws may also be relevant.
The main law that affects the legality of iOS jailbreaking in the United States is the 1998 Digital Millennium Copyright Act (DMCA), which says "no person shall circumvent a technological measure that effectively controls access to a work protected under" the DMCA, since this may apply to jailbreaking. Every three years, the law allows the public to propose exemptions for legitimate reasons for circumvention, which last three years if approved. In 2010 and 2012, the U.S. Copyright Office approved exemptions that allowed smartphone users to jailbreak their devices legally, and in 2015 the Copyright Office approved an expanded exemption that also covers other all-purpose mobile computing devices, such as tablets. It is still possible Apple may employ technical countermeasures to prevent jailbreaking or prevent jailbroken phones from functioning. It is unclear whether it is legal to traffic in the tools used to make jailbreaking easy.
In 2010, Apple announced that jailbreaking "can violate the warranty". This may be affected by the Magnuson–Moss Warranty Act.
Digital Millennium Copyright Act exemptions
In 2007, Tim Wu, a professor at Columbia Law School, argued that jailbreaking "Apple's superphone is legal, ethical, and just plain fun." Wu cited an explicit exemption issued by the Library of Congress in 2006 for personal carrier unlocking, which notes that locks "are used by wireless carriers to limit the ability of subscribers to switch to other carriers, a business decision that has nothing whatsoever to do with the interests protected by copyright" and thus do not implicate the DMCA. Wu did not claim that this exemption applies to those who help others unlock a device or "traffic" in software to do so.
In 2010, in response to a request by the Electronic Frontier Foundation, the U.S. Copyright Office explicitly recognized an exemption to the DMCA to permit jailbreaking in order to allow iPhone owners to use their phones with applications that are not available from Apple's store, and to unlock their iPhones for use with unapproved carriers.Apple had previously filed comments opposing this exemption and indicated that it had considered jailbreaking to be a violation of copyright (and by implication prosecutable under the DMCA). Apple's request to define copyright law to include jailbreaking as a violation was denied as part of the 2009 DMCA rulemaking. In their ruling, the Library of Congress affirmed on July 26, 2010, that jailbreaking is exempt from DMCA rules with respect to circumventing digital locks. DMCA exemptions must be reviewed and renewed every three years or else they expire.
On October 28, 2012, the US Copyright Office released a new exemption ruling. The jailbreaking of smartphones continued to be legal "where circumvention is accomplished for the sole purpose of enabling interoperability of [lawfully obtained software] applications with computer programs on the telephone handset." However, the U.S. Copyright office refused to extend this exemption to tablets, such as iPads, arguing that the term "tablets" is broad and ill-defined, and an exemption to this class of devices could have unintended side effects. The Copyright Office also renewed the 2010 exemption for unofficially unlocking phones to use them on unapproved carriers, but restricted this exemption to phones purchased before January 26, 2013. In 2015, these exemptions were extended to include other devices, including tablets.
BigBoss (previously TheBigBoss.org) is a software repository and blog for jailbreaking. It publishes news on the topic and allows developers to host tweaks and other extensions. It was one of the first repositories to exist for the Cydia package manager, launched in April 2008 by Sleepers Repository. It comes preinstalled with all copies of Cydia.
While the majority of the packages are for older iOS versions, it still receives a steady flow of new packages. While it was originally founded by pseudonymous developer and namesake, BigBoss, it is currently run by 0ptimo, who maintains it and ensures its reliability.
In addition to the news and software hosting website, BigBoss also distributed many utilities that ran on jailbroken devices. These included SBSettings, BossPrefs, BossPaper, Categories, and Flashlight.
On October 18, 2008, the site rebranded from Sleepers Repository to TheBigBoss.
On March 8, 2009, Cydia Store launched, allowing users to purchase software products from the repository. Previously, it had only consisted of free software.
In July 2014, the website was hacked, leaking the entire database and collection of packages (including paid products).
In November 2017, other significant early Cydia Store repositories, ModMy and ZodTTD, shut down, making BigBoss one of the last original repositories standing.
In December 2018, the Cydia Store shut down, meaning that no new packages could be purchased.
Security, privacy and stability
The first iPhoneworm, iKee, appeared in early November 2009, created by a 21-year-old Australian student in the town of Wollongong. He told Australian media that he created the worm to raise awareness of security issues: jailbreaking allows users to install an SSH service, which those users can leave in the default insecure state. In the same month, F-Secure reported on a new malicious worm compromising bank transactions from jailbroken phones in the Netherlands, similarly affecting devices where the owner had installed SSH without changing the default password.
In 2010 blogger John Gruber, who is close to Apple, said that users misunderstood some jailbreak exploits and that they were more serious than they appear. He commented that "it's odd how the press is mostly covering this as 'jailbreaking now more convenient' rather than 'remote code exploit now in the wild'", pointing out that the exploit allowed the creator of a malicious website to take control of iPhones accessing it. Restoring a device with iTunes removes a jailbreak. However, doing so generally updates the device to the latest, and possibly non-jailbreakable, version, due to Apple's use of SHSH blobs. There are many applications that aim to prevent this, by restoring the devices to the same version they are currently running whilst removing the jailbreaks. Examples are, Succession, Semi-Restore and Cydia Eraser.
In 2012, Forbes staff analyzed a UCSB study on 1,407 free programs available from Apple and a third-party source. Of the 1,407 free apps investigated, 825 were downloaded from Apple's App Store using the website App Tracker, and 526 from BigBoss (Cydia's default repository). 21% of official apps tested leaked device ID and 4% leaked location. Unofficial apps leaked 4% and 0.2% respectively. 0.2% of apps from Cydia leaked photos and browsing history, while the App Store leaked none. Unauthorized apps tended to respect privacy better than official ones. Also, a program available in Cydia called PrivaCy allows user to control the upload of usage statistics to remote servers.
In August 2015, the KeyRaider malware was discovered, affecting only jailbroken iPhones.
In recent years, due to the technical complexity and often rarity of legitimate jailbreaking software, most especially untethered jailbreaks, there has been an increase in fake websites which falsely claim to jailbreak iOS devices. These websites often ask payment or make heavy use of advertising, but have no jailbreak to offer. Others install a fake, lookalike version of the Cydia package manager. In some cases, users have been asked to download free-to-play apps or fill out surveys to complete a (non-existent) jailbreak.
- ^The Verizon CDMA iPhone 4 ran on iOS 4.2.5 to 4.2.10, with incremental updates being bugfixes that were simultaneously applied from 4.3.1 to 4.3.5.
- ^"Unauthorized modification of iOS can cause security vulnerabilities, instability, shortened battery life, and other issues". Apple Support. Archived from the original on April 3, 2019. Retrieved March 12, 2019.
- ^Chris Foresman (December 13, 2010). "iPhone jailbreaker set to bring Cydia to Mac OS X". Ars Technica. Condé Nast. Archived from the original on August 21, 2011. Retrieved August 2, 2011.
- ^Steve Kovach (13 April 2013). "Frustration Builds With Apple's Inconsistent Rules For App Developers". Business Insider. Archived from the original on 6 August 2013. Retrieved 23 August 2013.
- ^Ryan Singel (April 15, 2010). "Apple App Store Bans Pulitzer-Winning Satirist for Satire". Wired. Archived from the original on March 26, 2011. Retrieved February 12, 2011.
- ^"Rejected Apps". imore.com. Archived from the original on 2014-07-15. Retrieved 2017-02-19.
- ^"Jailbreak! New Rules Allow Unapproved iPhone Apps". Fox News. 2015-03-27. Archived from the original on 2013-05-21. Retrieved 2012-12-07.
- ^ abAdam Dachis (March 14, 2011). "How to Get the Most Out of Your Jailbroken iOS Device". Lifehacker. Gawker Media. Archived from the original on December 25, 2015. Retrieved August 2, 2011.
- ^Jenna Wortham (May 12, 2009). "Unofficial Software Incurs Apple's Wrath". The New York Times. Archived from the original on December 22, 2013. Retrieved August 2, 2011.
- ^Zdziarski, Jonathan (2008). iPhone Open Application Development: Write Native Applications Using the Open Source Tool Chain. pp. 3–4. ISBN . Archived from the original on 2017-02-19.
- ^Landau, Ted (2009). Take control of your iPhone. p. 107. ISBN . Archived from the original on 2017-02-19.
- ^Nathan T. Washburn (May 4, 2012). "Apple Discovers a New Market in China: Rich Boyfriends". HBR Blog Network. Harvard Business Review. Archived from the original on November 9, 2012. Retrieved January 9, 2013.
- ^Manalo, Amboy. "60 iOS Features Apple Stole from Jailbreakers". Gadget Hacks. Retrieved 22 October 2020.
5 jailbrack ios
Q: What is checkra1n?
A: checkra1n is a community project to provide a high-quality semi-tethered jailbreak to all, based on the ‘checkm8’ bootrom exploit.
Q: How does it work?
A: Magic hax.
Q: Why was the beta release delayed?
A: We didn't want the release quality to end up like iOS 13.2, you deserve better.
Q: wen eta?
A: bruh we're past that.
Q: How do I use it?
A: Open the checkra1n app, and follow the instructions to put your device into DFU mode. Hax happens auto-magically from that point and the device will boot into jailbroken mode. If you reboot the device without checkra1n, it will revert to stock iOS, and you will not be able to use any 3rd party software installed until you enter DFU and checkra1n the device again.
Q: Ugh, I don't like GUI?
A: Ok, you can use "./checkra1n.app/Contents/MacOS/checkra1n -c" from the console, or download a Linux CLI build.
Q: Is it safe to jailbreak? Can it harm my device / wipe my data?
A: We believe jailbreaking is safe and take precautions to avoid data loss. However, as with any software, bugs can happen and *no warranty is provided*. We do recommend you backup your device before running checkra1n.
Q: I have a problem or issue to report after jailbreaking.
A: Many problems and bootloops can be caused by buggy or incompatible tweaks. Remember many tweaks never saw iOS 13 in the pre-checkra1n era. If you suspect a recently installed tweak, you may attempt to enter no-substrate mode by holding vol-up during boot (starting with Apple logo until boot completes). If the issue goes away, a bad tweak is very likely the culprit, and you should contact the tweak developers.
Q: I have a problem or issue to report and I don't think it's related to a bad tweak.
A: Please check here and follow the bug report template.
Q: I lost my passcode. Can checkra1n decrypt my data or get access to a locked device?
Q: Can I ssh into my device?
A: Yes! An SSH server is deployed on port 44 on localhost only. You can expose it on your local machine using iproxy via USB.
Q: I love the project! Can I donate?
A: Thanks, we love it too! The project does not currently take any donations. If anyone asks for donations, it's a scam.
Q: Where are the sources? I want to write a dark-mode theme and publish the jailbreak as my own.
A: checkra1n is released in binary form only at this stage. We will release the full checkra1n source once we have a Windows GUI version. We had hoped to get there in 2020, but we didn't manage to. But PongoOS, the kernel patchfinder and the SEP exploit are already open source on GitHub.
Q: When is Windows support coming?
A: Soon™. We need to write a kernel driver to support Windows which will take time. Rest assured however, we are working hard on it.
Going out into the street and taking a deep breath, I realized that I am happy, even if I am a whore, but I am happy and I dont want to change anything in my life. In the army, the most intense period is not military exercises of various profiles, as various correspondents recklessly write, sometimes completely unfamiliar with the specifics of army everyday life, but such a seemingly prosaic period as a transfer to the reserve.
There are certain subtleties here, you need to prepare documents and travel cards on time, you need to draw up lists of dismissals so that everyone disperses evenly, prepare a replacement and gradually send those discharged to the reserve. Yes, and the parents of some guys who are inadequate with joy and subsequent drinking, who have served their time, should be informed that their beloved offspring.
Will soon leave the location of our unit, welcome.
You will also be interested:
- Xenon blue headlights
- Don murray imdb
- Photoshop tutorials 2017
- Wall switch plate
- Smooth jazz music
- Jabra bluetooth earbuds
- Brian 636 bike
- Mercedes of westwood
The room by that time, but her plump, sensual lips still wanted more. Having finished smoking, she took a few more sips from the glass, and then dipped her mouth in the champagne and slowly. Carefully, tastefully licked it. Finally, she took a banana from the tray, freed its fragrant white flesh from its tough peel, and began to leisurely run the.