JailbreakMe
Encyclopedia
JailbreakMe is a series of jailbreaks for Apple
's iOS mobile operating system
that take advantage of flaws in the Safari browser
on the device, providing an immediate one-step jailbreak unlike more common jailbreaks, such as Blackra1n
and redsn0w
, that require plugging the device into another computer and running the jailbreaking software from the desktop. Jailbreaking allows users to install software that is not approved by Apple on their iPod Touch
, iPhone
, and iPad
; JailbreakMe automatically includes Cydia
, a package management interface that serves as an alternative to the App Store.
JailbreakMe's first version in 2007 worked on iPhone
and iPod touch
firmware 1.1.1, the second version was released in August 2010 for firmware 4.0.1 and earlier, and the third version was released in July 2011 for iOS versions 4.3 to 4.3.3 (and was the first jailbreak for the iPad 2). JailbreakMe 3.0 has been used to jailbreak at least two million devices. Apple Stores and other Apple mobile device retailers (such as Best Buy
) block JailbreakMe.com on their Wi-Fi networks.
and iPod touch
running the 1.1.1 version of iPhone OS
. Using a TIFF exploit against Safari
, this installed Installer.app
. It involves downgrading from iPhone OS 1.1.1 to iPhone OS 1.0.2, jailbreaking, and upgrading back to iPhone OS 1.1.1. The vulnerability used in this exploit was patched by Apple in the 1.1.2 firmware.
This tool, also called "AppSnapp", was created by a group of nine developers.
in the FreeType
library used while rendering PDF files. This was the first publicly available jailbreak for the iPhone 4, able to jailbreak iPhone OS 3.1.2 through iOS 4.0.1 on the iPhone, iPod Touch, and iPad models current at the time. This jailbreak was activated by visiting the jailbreakme.com web page on the device's Safari web browser.
The vulnerability used by JailbreakMe 2.0 was patched by Apple in iOS 4.0.2.
A few days before release, a JailbreakMe 3.0 testing beta was accidentally leaked to the public, and comex said on Twitter that this put him on a "time limit" to release the final version quickly.
The JailbreakMe website looks similar to downloading an App Store
app. It includes a blue button saying "FREE", which turns into a green button with the word "INSTALL" when pressed once, much like any application on the App Store. After tapping "INSTALL", Safari closes, Cydia loads as a new app, and the device is now fully jailbroken with no reboot necessary.
On July 15, Apple released iOS 4.3.4 (GSM) and 4.2.9 (CDMA) to patch the flaws used by JailbreakMe.
Comex received a "Pwnie" award at the Black Hat conference
2011 for "Best Client-Side Bug" for this work.
Comex was hired by Apple as an intern in August 2011.
Apple Computer
Apple Inc. is an American multinational corporation that designs and markets consumer electronics, computer software, and personal computers. The company's best-known hardware products include the Macintosh line of computers, the iPod, the iPhone and the iPad...
's iOS mobile operating system
Mobile operating system
A mobile operating system, also known as a mobile OS, mobile software platform or a handheld operating system, is the operating system that controls a mobile device or information appliance—similar in principle to an operating system such as Windows, Mac OS X, or Linux distributions that controls a...
that take advantage of flaws in the Safari browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
on the device, providing an immediate one-step jailbreak unlike more common jailbreaks, such as Blackra1n
Blackra1n
blackra1n is a program that jailbreaks versions 3.1, 3.1.1 and 3.1.2 of Apple's operating system for iDevices, known as iOS.The program uses a bug in the USB code of the firmware for iDevices, allowing unsigned code to be executed. Blackra1n uses this exploit to patch the firmware of the iDevice...
and redsn0w
Redsn0w
redsn0w is a free iOS jailbreaking tool developed by the iPhone Dev Team, capable of executing jailbreaks on many iOS devices by using low-level boot ROM exploits...
, that require plugging the device into another computer and running the jailbreaking software from the desktop. Jailbreaking allows users to install software that is not approved by Apple on their iPod Touch
IPod Touch
The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line...
, iPhone
IPhone
The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007...
, and iPad
IPad
The iPad is a line of tablet computers designed, developed and marketed by Apple Inc., primarily as a platform for audio-visual media including books, periodicals, movies, music, games, and web content. The iPad was introduced on January 27, 2010 by Apple's then-CEO Steve Jobs. Its size and...
; JailbreakMe automatically includes Cydia
Cydia
Cydia is a large genus of tortrix moths, belonging to the tribe Grapholitini of subfamily Olethreutinae. Its distinctness from and delimitation versus the tribe's type genus Grapholita requires further study....
, a package management interface that serves as an alternative to the App Store.
JailbreakMe's first version in 2007 worked on iPhone
IPhone
The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007...
and iPod touch
IPod touch
The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line...
firmware 1.1.1, the second version was released in August 2010 for firmware 4.0.1 and earlier, and the third version was released in July 2011 for iOS versions 4.3 to 4.3.3 (and was the first jailbreak for the iPad 2). JailbreakMe 3.0 has been used to jailbreak at least two million devices. Apple Stores and other Apple mobile device retailers (such as Best Buy
Best Buy
Best Buy Co., Inc. is an American specialty retailer of consumer electronics in the United States, accounting for 19% of the market. It also operates in Mexico, Canada & China. The company's subsidiaries include Geek Squad, CinemaNow, Magnolia Audio Video, Pacific Sales, and, in Canada operates...
) block JailbreakMe.com on their Wi-Fi networks.
JailbreakMe 1.0
JailbreakMe, started in 2007, was originally used to jailbreak the iPhoneIPhone
The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007...
and iPod touch
IPod touch
The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line...
running the 1.1.1 version of iPhone OS
IPhone OS
iOS is Apple's mobile operating system. Originally developed for the iPhone, it has since been extended to support other Apple, Inc. devices such as the iPod Touch, iPad, and Apple TV. Apple, Inc. does not license iOS for installation on third-party hardware...
. Using a TIFF exploit against Safari
Safari (web browser)
Safari is a web browser developed by Apple Inc. and included with the Mac OS X and iOS operating systems. First released as a public beta on January 7, 2003 on the company's Mac OS X operating system, it became Apple's default browser beginning with Mac OS X v10.3 "Panther". Safari is also the...
, this installed Installer.app
Installer.app
Installer.app was a free software installer for the iPhone created by the development team RipDev, first released in summer 2007 and maintained until summer 2009. Installer allowed users to install third-party applications into the iPhone's Applications directory where native applications are kept...
. It involves downgrading from iPhone OS 1.1.1 to iPhone OS 1.0.2, jailbreaking, and upgrading back to iPhone OS 1.1.1. The vulnerability used in this exploit was patched by Apple in the 1.1.2 firmware.
This tool, also called "AppSnapp", was created by a group of nine developers.
JailbreakMe 2.0 ("Star")
JailbreakMe 2.0, released by comex on August 1, 2010, exploits a vulnerabilityVulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
in the FreeType
FreeType
FreeType is a software library written in C that implements a font rasterization engine. It is used to render text on to bitmaps and provides support for other font-related operations.-Details:...
library used while rendering PDF files. This was the first publicly available jailbreak for the iPhone 4, able to jailbreak iPhone OS 3.1.2 through iOS 4.0.1 on the iPhone, iPod Touch, and iPad models current at the time. This jailbreak was activated by visiting the jailbreakme.com web page on the device's Safari web browser.
The vulnerability used by JailbreakMe 2.0 was patched by Apple in iOS 4.0.2.
JailbreakMe 3.0 ("Saffron")
JailbreakMe 3.0, released on July 6, 2011, can jailbreak most iOS devices on iOS 4.3-4.3.3 and iPad 2 on 4.3.3. It is the first publicly-available jailbreak for iPad 2. JailbreakMe 3.0 exploits a FreeType parser security flaw (similar to JailbreakMe 2.0), using the form of a PDF file rendered by Mobile Safari, which then uses a kernel vulnerability to complete the untethered jailbreak. Comex also released a patch for this FreeType flaw, called "PDF Patcher 2", which is available as a free package installable via Cydia.A few days before release, a JailbreakMe 3.0 testing beta was accidentally leaked to the public, and comex said on Twitter that this put him on a "time limit" to release the final version quickly.
The JailbreakMe website looks similar to downloading an App Store
App Store
The App Store is a digital application distribution platform for iOS developed and maintained by Apple Inc.The service allows users to browse and download applications from the iTunes Store that were developed with the iOS SDK or Mac SDK and published through Apple Inc.. Depending on the...
app. It includes a blue button saying "FREE", which turns into a green button with the word "INSTALL" when pressed once, much like any application on the App Store. After tapping "INSTALL", Safari closes, Cydia loads as a new app, and the device is now fully jailbroken with no reboot necessary.
On July 15, Apple released iOS 4.3.4 (GSM) and 4.2.9 (CDMA) to patch the flaws used by JailbreakMe.
Comex received a "Pwnie" award at the Black Hat conference
Black Hat Briefings
The Black Hat Conference is a computer security conference that brings together a variety of people interested in information security. Representatives of federal agencies and corporations attend along with hackers. The Briefings take place regularly in Las Vegas, Barcelona and Tokyo...
2011 for "Best Client-Side Bug" for this work.
Comex was hired by Apple as an intern in August 2011.
Ownership transition
On October 7, 2011, MuscleNerd said on Twitter that the jailbreakme.com domain had been sold by its original owner to an unknown third party, so the domain could no longer be trusted for hosting jailbreaking tools, and that the tool would be moved to a new domain owned by the Dev Team. On October 8, Jay Freeman (saurik), the developer of Cydia, said on Twitter that he had acquired the domain from the third-party owner, so the jailbreakme.com domain can continue to be a safe place for jailbreaking tools.Compatible iOS versions
Device |
Can be Jailbroken | Firmware versions compatible with JailbreakMe |
---|---|---|
iPhone IPhone (original) The iPhone—retroactively labeled the original iPhone, iPhone 2G, or iPhone EDGE—was the first generation of iPhone designed and marketed by Apple Inc. and was succeeded by the iPhone 3G. It was announced on January 9, 2007 after months of rumors and speculation. It was introduced in the United... 2G (Original iPhone) |
3.1.2 to 3.1.3 | |
iPhone 3G IPhone 3G The iPhone 3G is the second generation of iPhone designed and marketed by Apple Inc.. It was the successor to the original iPhone, and is succeeded by the iPhone 3GS. Introduced on June 9, 2008 at the WWDC 2008 at the Moscone Center, San Francisco... |
3.1.2 to 4.0.1 | |
iPhone 3GS IPhone 3GS -Camera:The iPhone 3GS features an improved 3 megapixel camera manufactured by OmniVision. In addition to the higher megapixel count, it also features auto-focus, auto white balance and auto macro and is capable of capturing VGA video... |
3.1.2-4.0.1, 4.3-4.3.3 | |
iPhone 4 IPhone 4 The iPhone 4 is a touchscreen slate smartphone developed by Apple Inc. It is the fourth generation iPhone, and successor to the iPhone 3GS. It is particularly marketed for video calling , consumption of media such as books and periodicals, movies, music, and games, and for general web and e-mail... (GSM) |
4.0-4.0.1, 4.3-4.3.3 | |
iPhone 4 IPhone 4 The iPhone 4 is a touchscreen slate smartphone developed by Apple Inc. It is the fourth generation iPhone, and successor to the iPhone 3GS. It is particularly marketed for video calling , consumption of media such as books and periodicals, movies, music, and games, and for general web and e-mail... (CDMA) |
4.2.6-4.2.8 | |
iPod Touch IPod Touch The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line... 1G |
3.1.2 to 3.1.3 | |
iPod Touch IPod Touch The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line... 2G (2nd Generation) (MB model) |
3.1.2 to 4.0 | |
iPod Touch IPod Touch The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line... 2G (2nd Generation) (8GB MC model) |
3.1.2 to 4.0 | |
iPod Touch IPod Touch The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line... 3G (3rd Generation) |
4.3, 4.3.2, 4.3.3 | |
iPod Touch IPod Touch The iPod Touch is a portable media player, personal digital assistant, handheld game console, and Wi-Fi mobile device designed and marketed by Apple Inc. The iPod Touch adds the multi-touch graphical user interface to the iPod line... 4G (4th Generation) |
4.3-4.3.3 | |
iPad IPad The iPad is a line of tablet computers designed, developed and marketed by Apple Inc., primarily as a platform for audio-visual media including books, periodicals, movies, music, games, and web content. The iPad was introduced on January 27, 2010 by Apple's then-CEO Steve Jobs. Its size and... (Wi-Fi model) |
4.3-4.3.3 | |
iPad IPad The iPad is a line of tablet computers designed, developed and marketed by Apple Inc., primarily as a platform for audio-visual media including books, periodicals, movies, music, games, and web content. The iPad was introduced on January 27, 2010 by Apple's then-CEO Steve Jobs. Its size and... (Wi-Fi + 3G model) |
4.3-4.3.3 | |
iPad 2 IPad 2 The iPad 2 is the second and current generation of the iPad, a tablet computer designed, developed and marketed by Apple. It serves primarily as a platform for audio-visual media including books, periodicals, movies, music, games, presentations and web content, and is available in black or white... (Wi-Fi model) |
4.3.3 | |
iPad 2 IPad 2 The iPad 2 is the second and current generation of the iPad, a tablet computer designed, developed and marketed by Apple. It serves primarily as a platform for audio-visual media including books, periodicals, movies, music, games, presentations and web content, and is available in black or white... (Wi-Fi + 3G model) |
4.3.3 | |
iPhone 4S IPhone 4S The iPhone 4S is a touchscreen slate smartphone developed by Apple Inc. It is the fifth generation of the iPhone, a device that combines a widescreen iPod with a touchscreen, mobile phone, and internet communicator. It retains the exterior design of its predecessor, iPhone 4, but is host to a range... |