Jailbreaking the Verizon iPhone 4 on 4.2.6 firmware with greenpois0n



Page 2 of 2




Step 5.

Launch Cydia. You'll see the message Initializing Filesystem. When it has finished Cydia will close. Launch it again. Read the screen, make your choice and press the Done button. You can change this setting later if you want.

iPhone       iPhone



You should see this screen next (relaunch Cydia again if you need to). Press the Ignore (Temporary) button. We need to address the message that is underneath first. Read this screen carefully. My ECID is an example, displaying all 0s. Yours will be unique to your iPhone.

Basically, what this is talking about is when the next version of firmware is released for the Verizon iPhone, let's call it 4.2.7, Apple will no longer approve firmware restores to version 4.2.6 (which you may have on your phone now), in order to make it more difficult for you to jailbreak your iPhone. Jailbreaking an iPhone is legally allowed under the Digital Millennium Copyright Act, as found in the United States Code of Federal Regulations, Title 37 Part 201.40. You can read this at the Library of Congress' website here. Paragraph two specifically applies to jailbreaking.

By pressing the Make my life easier, thanks! button in Cydia right now, you are sending your ECID number to the Cydia server so that it can save this number in order to allow you to restore to your current firmware (or future firmwares) indefinitely, even if Apple doesn't approve of this. When you do want to restore to an unapproved firmware, you will use Cydia in conjuntion with a file called an SHSH to authorize unapproved restores.

iPhone       iPhone



Press the Make my life easier, thanks! button now. After a few seconds the screen will refresh, the message will go away and you'll see the default Cydia welcome screen. Notice the line toward the top: This device has a pending TSS request. This means Cydia is in the process of sending your ECID to the Apple firmware authorization server to record the digital signature it would normally send back to your iTunes program when attempting to restore your iPhone. By doing this, Cydia can take the place of the Apple server.

iPhone       iPhone



Let's go back to the ignore button we pressed earlier. Press the Changes button. On the next screen press the Upgrade button. This will install updates to the items in this list. Press the Confirm button.

iPhone       iPhone



Cydia will download and install the various programs. Press the Reboot Device button when it appears.

iPhone       iPhone



Three days later I received this message. This means that Cydia has my 4.2.6 firmware SHSH on file, and that I can restore to 4.2.6 firmware indefinitely.

iPhone




Step 6.

While we are waiting for Cydia to get your SHSH on file, we will also use a program called TinyUmbrella which will capture this file right now and store it locally on your computer. The advantages to using TinyUmbrella are it operates independently of a jailbreak (you could have done this before step 1 if you wanted), and it directly allows you to restore to unapproved of firmware.

Download TinyUmbrella here. Ensure you are downloading the beta version for OS X. You'll have this file. Double click it to install it. Note this program is updated frequently, your version may be newer than the one depicted below, that's okay. Your iPhone needs to be connected to your Mac with the USB cable.

iPhone



Once you've installed the program, launch it. In my example I have several iPhones listed. You may only have one showing. Note: I blur out my ECID and serial number for privacy reasons.

iPhone



Look where it says connected devices. That is your iPhone (you can rename it here as well) in the list so click it to select it. Now look to the right and click the button that says Save SHSH. After a few seconds you will see it appear in the window below (highlighted in blue).

iPhone



These are my particular settings found in the Advanced tab. Note the text box where it says save SHSH directory. This is where your SHSH files are stored. My path may be different than yours. I recommend backing up these files for safe keeping. Doing this is easy. Copy the path in this box. Note: If you ever want to restore to stock firmware from Apple then you must uncheck the box where it says "Set Hosts to Cydia on Exit."

iPhone



Click on your desktop. Click the Go menu, then select Go to Folder...

iPhone



Paste that path in the pop up window. Click the Go button.

iPhone



All your SHSH files are stored here. You should copy them some place else for safe keeping.

iPhone



For a more detailed desciription of the ECID, the SHSH, and the process involved, you can read this tutorial.



Restoring the iPhone back to stock configuration

If you want to remove all evidence of the jailbreak and the unlock, then simply restore your iPhone using iTunes. Keep in mind clicking update or restore may put you on newer firmware that can not be jailbroken.



Updating your iPhone to newer firmware

Once a new firmware has been released it takes time to craft a new jailbreak. Do not update your jailbroken iPhone if you value its current state of operation. I will post a tutorial on how to get newer firmware installed when it is possible.



Changing the carrier name

There are two methods for changing the carrier logo: using a graphic, or using text.

I must give credit to "HellKatzX" over at the ModMyi.com forums as he figured out how to use a graphical logo for the carrier name. Someone will probably turn the graphical mod into a Cydia package, but in the mean time here is how to do it the hard way...

First read my OpenSSH tutorial here. Then navigate to your /private/var/mobile/Library/Carrier Bundles/iPhone/Zeppelin_US.bundle on your iPhone. Copy the Zeppelin_US.bundle to your computer and then make a duplicate of the bundle to keep as a backup in case you do something wrong. Using one of the copies, right click it and select Show Package Contents. Right click the carrier.plist file and open it in an editing program like BBEdit. Then look for these two lines of code:

<key>StaticNATType</key>
<integer>448</integer>

Directly below them copy and paste this code:

<key>StatusBarImages</key>
<array>
<dict>
<key>AllowPrefixMatching</key>
<false/>
<key>CarrierName</key>
<string>Verizon</string>
<key>DefaultImage</key>
<string>Default_CARRIER_Zeppelin_US.png</string>
<key>FullScreenOpaqueImage</key>
<string>FSO_CARRIER_Zeppelin_US.png</string>
<key>StatusBarCarrierName</key>
<string>Verizon</string>
</dict>
</array>

Then save the carrier.plist file in your editing program and it'll update the file in the bundle. Now you need two graphics. "HellKatzX" also supplied these which I'm displaying below. Simply drag them into the bundle folder where you just modifed the .plist file.

iPhone       iPhone



Close the package contents view window for the bundle, then drag the bundle file back into the iPhone folder at /private/var/mobile/Library/Carrier Bundles/iPhone and replace the original bundle file. Respring your iPhone and the graphic will display.

iPhone




You can also change the text to say something else. Launch Cydia and install the program FakeCarrier. When it's finished, press the home button and launch the FakeCarrier app. Enter the name you want and press the Set button and it will instantly change the name.

iPhone       iPhone







Return to top of page