180 comments

[ 4.4 ms ] story [ 233 ms ] thread
Can't connect for 30 minutes now, stuck on the "Just a moment..." screen.

Can anyone provide mirrors?

(comment deleted)
(comment deleted)
(comment deleted)
Here are the official mirrors:

box.net

Linux - https://evad3rs.box.com/shared/static/5dped2c9ejnk5r6ahfpg.l... SHA1: c9e4b15a161b89f0e412721f471c5f8559b6054f

Mac OS X - https://evad3rs.box.com/shared/static/du66n0g9wl1j4ta57hpx.d... SHA1: 23f99a0d65e71fd79ff072b227f0ecb176f0ffa8

Windows - https://evad3rs.box.com/shared/static/tg1t0cz7oakvq7hsv0bd.z... SHA1: 2ff288e1798b4711020e9dd7f26480e57704d8b2

MEGA

Linux - https://mega.co.nz/#!0kUkXBLC!Q8e53kQZpLbGL7PquHWgQFhMU9Ru3W... SHA1: c9e4b15a161b89f0e412721f471c5f8559b6054f

Mac OS X - https://mega.co.nz/#!5h0BwQoa!KdRLFwNJ3OjMS-7Zs2YGQnsvPxAKEs... SHA1: 23f99a0d65e71fd79ff072b227f0ecb176f0ffa8

Windows - https://mega.co.nz/#!d9ciUApQ!AkwevVU1OtUrEUU7U4fE-V8qqM9aIN... SHA1: 2ff288e1798b4711020e9dd7f26480e57704d8b2

RapidShare

Linux - http://rapidshare.com/files/2561828874/evasi0n-linux-1.0-3c5... SHA1: c9e4b15a161b89f0e412721f471c5f8559b6054f

Mac OS X - http://rapidshare.com/files/3010870584/evasi0n-mac-1.0-3c53b... SHA1: 23f99a0d65e71fd79ff072b227f0ecb176f0ffa8

Windows - http://rapidshare.com/files/3503186483/evasi0n-win-1.0-3c53b... SHA1: 2ff288e1798b4711020e9dd7f26480e57704d8b2

Already Jailbroken. Thank you Evasi0n!
Warning: jailbreaking your phone is now illegal:

http://investorplace.com/2013/01/jailbreaking-your-phone-wil...

Not yet:

https://www.eff.org/is-it-illegal-to-unlock-a-phone

Incidentally, can anyone comment on whether it's worth it to jailbreak your iPhone these days? Are there any must-have improvements, and do they come at a cost of stability? Is there any public review on security of the jailbreaks/apps, i.e. have they have had backdoors/steal your data? I would have no idea how to identify a "trustworthy" developer from someone random.

The only one I can think of is f.lux but that's more useful on an iPad anyway. Most of the other ones are really much more useful on an iPad than an iPhone.

Unless you use emulators, that is.

I use about half a dozen tweaks which I really wouldn't want to live without. LockInfo is my favorite though.
Yes, absolutely. My must haves:

http://intelliborn.com/intelliscreen.html http://stereopsis.com/flux/ios.html http://www.ijailbreak.com/cydia/activator-1-5-8-cydia-tweak/ http://igotya.com/ http://www.idownloadblog.com/2011/01/17/fakeclockup-makes-yo... http://www.makeuseof.com/tag/install-sbsettings-toggles-life...

You can also override pretty much anything, e.g. turn on tethering without paying extra for data you already paid for etc.

With regard to data stealing / backdoors: It is the same as installing apps on a computer. You lose the walled garden of Apple but this is only the same as any other computer system has been since computers existed.

That's a very misleading article. It's conflating jailbreaking with carrier unlocking, and they're two different things - in iOS community terminology, "jailbreaking" is removing software restrictions so that you have root on your own device, and "unlocking" is about carrier unlocking.

In any case, unofficial carrier unlocking isn't illegal now - it's just in a legal grey area for newer devices. See the EFF's corrections to sensationalized articles like this one: https://www.eff.org/is-it-illegal-to-unlock-a-phone

I always wonder, how can you U.S. guys tolerate this stupid carrier lock-in with year-long contracts? When in other parts of the world they are planning or already have laws obliging carriers to provide call forwarding to your new number after you switch away.
A multi-year contract is an option here, not a requirement, and some carriers will cut you a break to bring your own phone. Also, you take your phone number with you when you switch carriers.

update: rhetorical

Thanks for clarification! It must be that the internet coverage of the issue is heavily skewed towards disappointed people, as always.
My understanding is that we already have number portability (but I've never tried it). As for the carrier lock-in, I believe most people get subsidized phones with a contract requirement, by the time the contract is up people are moving onto their next phone (and/or carrier) anyways. So right now it's not been a mainstream issue.
It's happening in Europe too, and I don't see the big problem.

It's what makes it economically possible for carriers to offer a subsidized up-front price on the phone. You're free to buy the much more expensive unlocked phone, even in the US, on apple.com, no?

Its completely unnecessary. If you sign up for a 1 year contract, you still have to pay out the rest of the contract, regardless of whether your phone is unlocked or not. The only reasons to lock the phone are to force users to pay roaming charges, and to stop people from switching carriers after the contract has expired.
Why did subsidy catch on for describing contract phones?

I'm pretty sure the carrier is making a nice big profit on the loan, making subsidy a terrible word choice.

I suppose many of the cheap prepaid phones actually are subsidized though.

"I always wonder, how can you U.S. guys tolerate this stupid carrier lock-in with year-long contracts?"

How? Because we have a limited competition between carriers in the US. We "tolerate" because until very recently, there were not unsubisidized plans available (and even still, there are very few being offered.)

T-Mobile is pretty reasonable.

Unlimited data, with 2Gigs at 'high' speed for $40 / month, with 1000 minutes and unlimited texting.

Pretty decent deal. This is one of the 'Value' plans, with no subsidy.

(comment deleted)
Yeah, AFAIK they only very recently started offering that value plan and marketing to people who would bring their phone over.
People go for long contracts because the carriers will help pay for your phone if you do, and until recently, you got no discount for not signing up for a contract. So, I could pay $600 for my phone and $X/month for service with no contract, or I could pay $200 for my phone and $X/month for service with a two-year contract. If I'm not planning to switch carriers anyway, why not save $400?

This is starting to change, with T-Mobile leading the way toward giving people discounts if they bring their own phones or buy at full price. However, it's been the case for a long time that you could get service with no contract if you were willing to pay what it takes.

(comment deleted)
What I fail to understand is how it can be legal to make unlocking (throwing, destroying or eating) your phone illegal?
(comment deleted)
(comment deleted)
Some interesting strings from the binary. Hopefully there will be a write-up explaining the exploit in detail soon.

  /var/mobile/DemoApp.app
  Media/Recordings/.haxx/DemoApp.app/Info.plist
  Media/Recordings/.haxx/Library/Caches/com.apple.mobile.installation.plist
  Media/Recordings/.haxx/timezone
  Media/Recordings/.haxx/var/evasi0n/evasi0n

Edit: I also spotted a few references to Racoon, the VPN client which I think was abused in an earlier jailbreak as well?
/var/mobile/Media/Recordings is a folder that you can upload files to from a PC. I would bet that some stage of the jailbreak copies those files to their proper place in the filesystem (places that the PC uploading interface doesn't have permissions to write).
Here is a more detailed analysis: http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks...

The lazy binding is really interesting. There is lots of interesting stuff in the kernel, dyld, and libSystem. I would encourage you to have a look! You can do interesting things like run code before libSystem_init[1]

[0]:

https://github.com/Apple-FOSS-Mirror/dyld/tree/master/src

https://github.com/Apple-FOSS-Mirror/Libsystem/blob/master/i...

https://github.com/Apple-FOSS-Mirror/xnu/blob/master/bsd/ker...

[1]: https://gist.github.com/jevinskie/4615901

I haven't Jailbroke my iPhone for a few years. I did out of curiosity, but updating OS was just too much pain.

Been thinking what are the real benefits of doing that? Why? Is it customizing UI, adding more effects? Or is it just downloading apps outside app store? I think it brought value when we didn't have notification center etc, but still people doing it?

If you work in mobile security, you essentially have to jailbreak the devices you use for testing. Things like being able to edit /etc/hosts are critical, as is being able to decrypt applications for analysis.
I do it for integration with Google Voice (with Phone GV and SMS GV) so that I can place calls from the built in dialer and send free texts through Messages.

The other thing I use frequently is NCSettings, which is much like SBSettings, but well integrated into notification center. It has a couple of pages you can swipe through, and gives immediate access to toggles for wifi, data, volume, brightness, VPN, location services, and more. http://modmyi.com/info/ncsettings.php

I also use Chrome on my phone, mostly because I use it on my desktop and laptop and like to have access to open tabs from my computers. It's doable without jailbreaking, but being able to set it as the default browser makes it a lot better.

I believe it is becoming less and less useful. To begin with, it was the only way to get any third party apps on iOS devices. Later it became the only way to have custom wallpapers, multitasking, better notifications etc. Obviously all these things have now been added officially, and in most cases the official implementation is more user friendly and more integrated.

There is still increased ability for theming with jailbreaking, and some unapproved apps such as emulators etc. as well as a few general tweaks such as allowing extra apps in the dock or allowing the home screen to be rotated on iPhone, but the benefits are slowly decreasing as iOS gets improved. But there is still benefit to it for some.

It's the same case with rooting Android devices; at a time it was almost essential to address the shortcomings of the OS. Now, it is barely even required for most users, due to the improvements of the OS. (stuff like taking screenshots, making backups of app data, tethering etc. used to require root on Android; now it's all baked right into the OS)

I'd say it's noteworthy though that these features may never have made it to their respective official OSes had they not been so popular with jailbreak/root users, so it's an important part of the OS improvement process in my opinion.

For most people it's about customizing iOS: adding extra features to the interface, disabling features you don't like, personalizing how it looks - generally finding ways to improve it so that it works better for you. Instead of just looking at interesting concept designs for new iOS features, you can install them. Here's a long thread from the jailbreaking subreddit where a bunch of people discussed the first packages they planned to install after jailbreaking: http://www.reddit.com/r/jailbreak/comments/17gm4g/since_this... - I think it provides a decent cross-section of some benefits that people get excited about.

Also, if people are interested in technical details about what the jailbreak actually does, this old HN thread with comments from saurik is very informative: http://news.ycombinator.com/item?id=4127801

I still use it for SBSettings, which allows me to turn bluetooth, wifi, etc. on by swiping the top of the screen.

And I use it for tethering or setting up a wifi hotspot from my phone (MyWi).

Plus a bunch of other things :).

Consider NCSettings. It's slicker than SBSettings and doesn't require activator if you're one of the many who have a thing against activator. It builds itself into the notification centre rather than replacing it with its own.
Generally it is getting less useful but there are till a few tweaks i couldn't live without: zephyr - task switching via a 2 finger swipe. A great way to switch back and forth between 2 apps Swipeshiftcaret - move the cursor around by swiping rather than having to hold and then position it, which I always find fiddly. Great to make quick corrections. AndroidlockXT - unlock my phone via a swipe pattern rather than a number code. Looks much cooler and is quicker I feel. Sbsettings/ncsettings - easier access to things like wifi and Airplane mode which I use more often than you think

There some other ones like 5 icon dock and double decker switcher which are cool but not really essential. And zeppelin to change my carrier name to any logo I like.

Most people have already replied why but I just want to touch on the point of updating the OS: I just do not do it. What's the point anyway?

I only upgrade when too many apps stop working or when I brick my phone. I think I have upgraded my 3GS two times now.

I know some people use it to do a proper replacement of Apple Maps.
The big one for those of us with an AT&T unlimited data plan is tethering. They had to grandfather our plans in because they sold them to us as unlimited, but they will not offer tethering as they are trying to force all users off of those plans and on to the 5GB plan.
Do those apps actually still work on AT&T? I thought AT&T detected their operation and blocked them.
They certainly did on my iPhone 4 (as recently as 6 months ago). I haven't tried it on my iPhone 5, though, because I haven't jailbroken it yet. I guess I'll find out soon enough.
Your sha for OSX does not match those listed on the site.

Also the size is different: 9.6M evasi0n-mac-1.0-3c53ba10e2448d311b0f4157f2d7eb568f106c4f-release (1).dmg 9.2M evasi0n-mac-1.0-3c53ba10e2448d311b0f4157f2d7eb568f106c4f-release.dmg

I'm choosing not to open yours.

Choosing to check SHA is always a good idea for mirrors.
Odd.
I also checked the shasum by comparing 2 files.

The Mega link (Mac client) from the official web page: bd9fe1e58343a5c03295a975697de3e64e65b42c

asiekierka's Mac link: bd9fe1e58343a5c03295a975697de3e64e65b42c

Both file sizes are the same (9,690,941 bytes, 9.7 MB on disk). Maybe the discrepancy has to do with -a flag for 224, 256, 384, or 512 or something.

I think his mirror is safe. It's the one I used to successfully jailbreak my iPad 3. Now I can SSH into my iPad and change the hosts file for some ad-blocking and installed Flux for "easier on the eyes" nighttime reading.

I don't look forward to Apple's next update which will wipe out my jailbreak, so I don't want to customize things too much. Last time I did a jailbreak for my iPod Touch, it messed up an in-app purchasing mechanism for a game I was testing. After this experience, I dread that jailbreaks will cause unforeseen problems and prefer not having to customize every single little tech option. Still, I performed this jailbreak mostly to get ad-blocking in MobileSafari.

Actually, one snag I have: the iPad time was totally wrong, insisting that it was 8 hours ahead, and the General Settings wouldn't properly automatically update the time. Had to do a lot of fiddling with Location services and Date & Time to fix it.

Jailbreakin' ain't all that it's cracked up to be!

Another glitch: the volume controls don't work correctly. No matter what level your volume is at, if you press the down button just once, the volume will go completely to 0! You have to keep pressing up again to reach the proper level. Quite annoying when the volume is a function used so many times a day. Jailbreaking may allow you to get more features, but it usually brings a whole host of headaches, too. I'll probably just stick with the standard iOS system after the next update.
Shame it doesn't happen in the browser this time around. That PDF exploit last year was slick.
If it was a browser exploit, wouldn't that put all users at a great risk, and also put more pressure on Apple to rapidly patch?
Yes. Good thing it's not.
I do agree, though, that visiting a page, pressing a "jailbreak" button and finding Cydia installed and running, was, to use the scientific term, slick.
In such a case what is to stop a malicious site having a "free porn" button which installs something much more nasty.
Nothing, of course.
In which case I'm surprised there wasn't a widespread epidemic of malware infected iOS devices.
Because that would require someone to invest time and money in writing malware which will only ever make it on to a handful of devices and will be removed when those devices are updated.
There are a huge number of iphones in circulation. If the malware had jailbroken privileges would it not be able to disable the update mechanism on the phone?
In the case of JailbreakMe 2.0 (the exploit last year), the makers of the JB actually released a Cydia patch for that exact reason. In that instance, the JB'ed device was in that regard more secure than the stock device.
Apple will want to rapidly patch this either way. They still see it as a large security flaw, even if it needs a physical connection, and they hate jailbreaking.
4.2.1 is still vulnerable to a remote safari exploit, capable of gaining root. There's no way for iPhone 3G users to update past that point. They don't care about security.
Do you mean the JailbreakMe web-based exploits? JailbreakMe is not available for iOS 4.2.1. It's available for 3.1.2-4.0.1 and 4.3-4.3.3 - see http://en.wikipedia.org/wiki/JailbreakMe#Compatible_iOS_vers... for details.
Yeah, but there's nothing stopping someone from porting JailbreakMe to 4.2.1 — it already works on 4.2.8 for the Verizon iPhone 4, and the other versions are similar enough. The hardest part would be the CPU (armv6 vs armv7), but it's clearly possible.
To be clear, you're arguing that [Apple doesn't show adequate concern] about (a theoretical) security (risk to a handset that was discontinued 2 years, 8 months ago)?
A proven exploit that is publicly known, on a device that millions of people still browse the web with daily. Just because it is discontinued doesn't mean that it doesn't exist anymore.
3 years should not be the lifecycle of a highly advanced device costing many hundreds of dollars. That is utterly insane.
Well hon, welcome to the mobile industry. Here's your complimentary chalice of mercury.
IIRC, the first jailbreakme.com used a PDF exploit that Apple patched REALLY fast, for the very reason you cited.
May have been TIFF?
Aye, I believe it was the TIFF exploit.
The original jailbreak was a browser exploit too. I believe it involved serving up a malformed TIFF.

I remember stories of people going and jailbreaking every iPhone and iPod touch in the apple stores.

I remember an early PSP jailbreak (SKU PSP-1000/-2000) being based on an exploit in libtiff through an image loaded in the browser.

I wonder if it was the same exploit.

Is this a tether jailbreak or is it permanent?
Untethered (permanent).
The UI says "untethered". I'm waiting on a reboot, so I can't confirm.
It's an untethered jailbreak (allows the device to reboot on its own without using a desktop tool to help it boot), if that's what you mean by permanent. I probably wouldn't call it "permanent" since you can easily remove the jailbreak by restoring the device with iTunes.
JB worked like a charm! Thx evasi0n! :-)
Does it really work? ever for New iPad (3gen iPad)?
I just jailbroke my iPad 3 with it, works like a charm, on iOS 6.1
omg. can't wait get to my ipad to do this. christmas once again.
The last time I had a jailbroken phone was at the time of iOS 2, back then I didn't think it was worth it.

What has changed in the last four years?

Mods such as SwipeSelection and Auxo did it for me. Features that I think Apple should have thought of to begin with.
I do like having OpenVPN and better wireless scanning/details.
there is a official openvpn support in the appstore now, fyi.
What do you use for wireless scanning?
Sorry late response... One is WiFi Analyzer. Shows Channel, strength, encryption, ssid. Has a nice little great with signal strength along with min/max/avg. Not sure if you can get it from appstore now as someone else pointed out can get OpenVPN officially there now :)

Also... I'm curious as to why Apple hasn't added a SBSettings / NCSettings type feature as most other smartphones have toggle buttons in the "notification area" which make life a lot easier.

AdBlock in MobileSafari is also nice
Jailbreaking doesn't let you write to /etc/hosts?

disclaimer: ignorant, but curious Android user.

Reversing engineering apps is always educational. You can see a lot just with a class-dump of an unencrypted binary.
I want to do it so I can enable LTE on my network that Apple doesn't have a special deal with
You can enable chrome as the default browser and allow it to use the Nitro engine.
You can also give it a full-screen button. And a save to [insert read later service here] button.
Essential things for me: having openSSH running so I can upload files to my device from linux, and installing a custom "hosts" file to get rid of advertising.
The most important part of jb for me is the ability to run an host based firewall, and have per application rules. I use FirewallIP on iOS 5, I hope it works on iOS 6. I block hundreds of ad and tracking servers as global policy. This functionality doesnt exist on android... I've yet to find anything except moxies firmware for the nexus (now MIA) that has this.
I've been running FirewallIP on iOS 6 for a few months now, it works great.
FirewallIP is my killer IOS app. Once I can get the equivalent for Android, I'll happily leave the Apple ecosystem.
I'm on my phone so I don't know the complete FirewallIP features but Droidwall is pretty useful.
I'm on my phone so I don't know the complete FirewallIP features but Droidwall is pretty useful.
Seems to be crashing on me instantly on 10.8 with my 3rd Gen iPad:

Application Specific Information: * error for object 0x10fea00: pointer being freed was not allocated

Definitely waiting until tonight to jailbreak. Last few times my phone got slightly screwed up when I jailbroke right after it came out, followed by a couple updates/fixes to the jailbreak program the same day.
The last time I jailbroke my devices they slowed to a crawl and crashed frequently. Felt like I had installed Windows on my iOS device. I'd much rather have my walled garden of reliable bliss.

I'll still donate to the cause however. Keep up the fine work gents! :)

That's odd. Which device and which jailbreak was it, if you can remember? From my experience, it was almost certainly a piece of software (e.g. from Cydia) that caused the instability, not the jailbreak itself.
Actually, that's just standard iOS behavior.

Disclaimer: ex-iPhone user now on Android

It would have been the apps that you installed, not the jailbreak itself.
Awesome! Does anyone know if SMS GV/Phone GV extension is working or not? I tried the tethered jailbreak on the 3GS and it wasn't working then. Only the Phone GV was working but it was slow.

I have an iPhone 5 now and hopefully the day ends early today so I can go home and jailbreak. Can't wait to get NCsettings and Google voice integration!

They aren't updated for iOS 6 yet, but I believe the developer is planning on updating them. You can email him for more information if you like - his email address is listed at the bottom of his website (http://gvexts.appspot.com/).
I installed Sms GV extension, then the iPhone 5 keep rebooting... I recovery it try again, them keep rebooting again.... ><
So you guys use a closed source program from 'hackers' to be able to fully use your phone? So you have all the disavantages of paying for something and all the disadvantages of using some keygen binary to use as it was pirated.

and i'm worried about what lies in the binary blob of my phone's boot1 and radio driver....

Closed source probably for practical reasons, to make it harder for Apple to quickly release a "fix".
By the time a patch is publicly released like this, I'm sure Apple will have it decompiled and know what the exploit is within weeks if not days since the actual exploit code won't be much code to analyze (as opposed to digging through all of iOS like the jailbreakers have to do find an exploitable location).

Plus, Apple I'm sure has plenty of software/hardware debuggers they can attach to their own hardware that'd let them know what is happening even if they didn't have the closed/open binary.

(Days matter.) Another issue is that open-sourcing the exploit makes it easier to use for nefarious purposes in the mean time, and it isn't like knowing exactly how the exploit works actually helps end users protect themselves, due to Apple's platform policies. In essence, this is all a really dangerous ethical tightrope to be walked.
It's an honor to get a response from the great saurik himself, especially on a day when I'm sure you're very busy trying to keep Cydia up.

Thanks for the info.

That's not my experience of the Apple jailbreaking community. I'm starting to see the same mentality in the Android rooting community too.

When I went to jailbreak an Apple TV 2, I was presented with lists of software to buy. WTF? Show me the code.

I'm sure you're not using a closed source binary anywhere in your day to day usage of computing devices.
Sure, but my laptop's graphics driver isn't preventing me from sharing a torrent while trolling^Wbrowsing HN.
not from someone who i know nothing about like this.

i will let you know the last time i install something from a blog.

Just a nitpick, but news.ycombinator.com is for "hackers". These guys are the real, unquoted hackers.
Am I the only one getting a stream of NetDB errors (with the occasional HTTP 500 or 502)? I guess I'll just have to wait until... whatever server it's trying to connect to is up and running. I haven't had a chance to install a single package yet.

Edit: Popping over to r/jailbreak confirms it, I guess it'll be a while before things calm down. I just hope I can get f.lux before I have to go to work.

Confirming this as well... If you see this error, NetDB, Failed to fetch, etc., it is not any problem with your iDevice, Cydia, the jailbreak, or really anything at all. In fact, if you are seeing this right now on 2/4/2013, it most likely means everything is working properly!

The servers that provide the apps, the 'sources', are overloaded with people trying to download. Waiting until the servers are less loaded is the only solution, right now.

I'm also getting this error.
Almost all the Cydia sources become slow because the heavy load.
(comment deleted)
Almost all the Cydia sources become slow because the heavy load.