Read me first

Updated: February 3, 2012

I have a lot of content on this site so I made this page as an introduction to the iPhone hacking scene. Consider it a good starting point for what I have to offer. My tutorials require an Intel-based Mac.

These are the topics I will cover:

What is jailbreaking, and why should I do it?

Jailbreaking is a process where you modify your iPhone to run unsigned code. Without getting too technical, all the programs on the iPhone run inside of a programming sandbox so to speak. Apple does this so that you and I can not bring our own toys to play with in Apple's sandbox. By bringing our own programs, this increases the functionality of the iPhone. Once jailbroken, you can now run non App Store programs, or modify the iPhone's file system in ways that Apple doesn't approve of.   It doesn't matter to Apple if these programs are safe, or if they are beneficial to you. Apple only wants their approved of programs running on your iPhone. Apple does this to protect their business model. Apple also likes to claim they are protecting the iPhone's security and that of their cell phone network partners' security. The iPhone has suffered from security holes over the years. Many of these have been discovered by jailbreakers. The jailbreak community usually puts out a fix for these security short comings within a couple of days. Ironically, jailbreakers have more secure iPhones than the iPhone you can buy in the Apple store when these discoveries are made.

Jailbreaking an iPhone is legally allowed. The Library of Congress included jailbreaking as an allowed exemption to the Digital Millennium Copyright Act (DMCA) as found in the United States Code of Federal Regulations, Title 37 Part 201.40, in 2010. You can read their ruling here. Paragraph 2 specifically applies to this. Note: jailbreaking was never illegal. This decision only gives end users legal grounds when jailbreaking.

Jailbreaking is a generally risk-free process that will not void your warranty (provided you can restore it with the original firmware provided by Apple). Even Apple employees at the retail stores can be seen with jailbroken iPhones. To undo the jailbreaking process you simply restore your iPhone with iTunes, and all evidence of the jailbreaking is removed. Jailbreaking is a transparent process. Everything on your iPhone should continue to work normally once you have jailbroken. The number one reason to jailbreak an iPhone, is so that you can unlock it for use with any GSM cellular phone service provider in the world! Keep in mind Apple does offer an official unlocked version of the iPhone in the United States. Jailbreaking is not unlocking. Those are two different things...



How is unlocking different from jailbreaking?

First you must understand there are two types of cell phone service providers in the United States: those that use GSM technology (AT&T, T-Mobile) and those that use CDMA technology (Verizon, Sprint, Cricket). There are probably other smaller regional carriers as well. They are also be divided into these cateogries.

While jailbreaking lets you use any programs you want to on the iPhone, unlocking is an additional process performed on already jailbroken iPhones. Unlocking is removing the restriction put in place by Apple or your cell phone service provider, that limits the iPhone to operating only on their particular network. You can roam, but at greatly increased rates of service. When you unlock an AT&T iPhone, it allows it to operate on any network in the world that uses the GSM standard (the most widely adopted cellular phone standard on the planet). You simply remove one SIM card, and insert the SIM card of the network you want to use, and the iPhone will accept it. Apple sells the iPhone unlocked at a premium price. It may be worth it to purchase an iPhone this way, as it will eliminate a lot of headaches for you. The process of unlocking via the jailbreak process requires owners to be vigilant and resist the urge to update to new firmware when it is released as you will lose your unlock, perhaps forever.

iPhone

Unlocking does not apply to the Sprint or Verizon networks. These providers must provision your iPhone to work on their network. You can't just run an unlocking program to gain access to their network at will, like you can with GSM networks.

Unlocking an iPhone (or any other cell phone) is legally allowed! The Library of Congress approved unlocking as an allowed exemption to the Digital Millennium Copyright Act (DMCA) many years ago, and this exemption continues to be upheld. You can read their ruling here. Paragraph 3 specifically applies to this.

iPhones that use GSM technology only can not be made to operate with CDMA providers. The iPhone 4 S is a "world phone" which means it has a radio that operates on CDMA and GSM. If you are a United States resident, keep in mind the 3G frequencies that AT&T and T-Mobile use are not the same. If you want 3G connectivity and T-Mobile service, then purchase a T-Mobile phone. If you use an iPhone you will only have EDGE (2G) connectivity to the Internet, besides Wi-Fi.





iPhone


While Apple's App Store is fantastic, it doesn't provide you with many things that you can install once you are jailbroken. In fact, there are many things you will never see on the App Store because of Apple's strict, and often capricious rules for approval. Cydia (an alternative to the App Store) is the program that is automatically installed when jailbreaking, and the vast majority of the content it offers is free!

What are some of these programs?

How would you like to use Siri on your iPhone 4? If you jailbreak it and use the Spire program, then you can! Of course you will need access to an iPhone 4 S so that you can retrieve data keys from it to enable on other iPhones. I have tutorials for two different methods on how to do this. There is even a free program that lets Siri translate phrases into other languages! This is all free!

iPhone       iPhone



If you have an iPhone 4 S you can greatly expand on what Siri can do for you by adding new commands, and even customizing its replies through a program called MyAssistant. You can even use Siri hands free if you install the Hands-Free Control program!

iPhone       iPhone




How about the ability to tether with your iPhone, without a tethering plan? Ultimately it's your responsibility if you comsume lots of data with your iPhone and your service provider wants you to pay for a tethering plan. This is a convenient feature when you are on the go and there is no Wi-Fi to be found for your laptop computer. Yes you can tether with an AT&T GoPhone plan, Simple Mobile, Sprint, T-Mobile, and Verizon. I have a tutorial for how to do this.

iPhone




Would you like to potentially increase your odds of retrieving your lost or stolen iPhone? While Apple has the Find My iPhone service that provides you with a map location of your iDevice, and allows you to set a remote passcode lock and perform a remote wipe, there are a couple of jailbreak only programs that do more to aid in the recovery of your iPhone.

ICaughtU (free) and ICaughtU Pro (paid) - Takes a picture using the front facing camera when the passcode is entered incorrectly (you set the attempt threshold), or when someone attempts to turn the phone off, and then uses e-mail or SMS to send the photo or the location of the person.

iGotYa' - Offers a 10 day free trial. It has the same features as ICaughtU, but also offers a Secure Mode where you can still have access to your iPhone even after entering the passcode incorrectly, however all your personal data (SMS, pictures, call history, contacts, etc.) will be hidden.

iPhone




How would you like to use FaceTime over your 3G / EDGE / GPRS connection when you are on the go, instead of being restricted to Wi-Fi? Well if you jailbreak you can! All you have to do is purchase 3G Unrestrictor. You can also download programs larger than 20 megabytes from the App Store over 3G, which is normally restricted to Wi-Fi only. You can also watch YouTube videos in high quality, or watch TV programs over SlingPlayer or other TV applications.
iPhone
iPhone




iPhone
Would you like to have the ability to opt out of data mining services which have their code embedded in some App Store applications? The reasons for this data mining seem harmless enough - developers just want to track how users use their program. If you would like the option to not be tracked, you can install a program called PrivaCy. This program was made by the creator of Cydia and in conjunction with the data tracking service companies in question. Once installed, you are presented with a control panel for opting out of each individual service.
iPhone




iPhone There are free games written specifically for jailbroken iPhones like MacMan. This is only available via Cydia.




While Apple includes a notification center to place (most) important information directly on your lock screen, you do have options that can further expand this functionality. IntelliScreenX and LockInfo to the rescue! You can add practically anything to the lock screen like e-mail, weather, the stock ticker, FaceBook, Twitter, RSS feeds, missed calls, calendar events, notifications and SMS.

From left to right: Apple notification center, IntelliScreen and LockInfo. There are numerous possible configurations, these images display only one configuration. Both IntelliScreen and LockInfo offer trial versions.

iPhone




WinterBoard can "theme" the look of your iPhone with just a couple button pushes. Themes can be quite extensive and change the visual look of most everything on your phone like the Mail application, or Weather, Calculator, Messages, your iPod player and your lock screen. Below you are seeing different home screen themes. The themes pictured below are called Chromatic Neon, Glass Orb and Vending Machine Free and can be found in Cydia. I have instructions for how to theme your iPhone.

iPhone       iPhone       iPhone




Since this is a phone, and you’ll be spending a lot of time dialing phone numbers, why not change the phone keypad as well? The standard phone keypad sure is rather plain looking. Check out this pay phone style look. On the far right is a personal photo of mine. Even better! I have a tutorial for how to do this.

iPhone
iPhone
iPhone




iPhone




















If you jailbreak you can even change the fonts system wide! I have a tutorial for how to do this.

While Apple provides three fonts for use with the Notes application: (Helvetica, Marker Felt and Noteworthy), you can add many others to suit your taste. Pictured from top to bottom are Walt Disney, Blade Runner Movie and Atari8bit.



















iPhone You can customize the event sounds on your iPhone when you slide to unlock, dial a phone number, receive a new email or SMS and relock your phone just to name a few. Why be stuck with the same exact sounds that every other iPhone has? There are many WinterBoard themes that can do this, or you can use SSH to do it yourself. I have a tutorial for how to do this.




iPhone Apple has lots of features on the iPhone that can be turned on and off. The problem is these buttons are all buried in different menus and it can be confusing where to find them quickly, or just tedious to have to do over and over again.

There’s a program called SBSettings, which adds a convenient control panel to the iPhone. It is a one stop shop for turning on and off various services on your phone like: 3G, Edge, Wi-Fi, Bluetooth, SSH, Airplane mode, GPS location, adjusting screen brightness, killing processes, SSH, Tethering, et cetera. It is activated by simply swiping your finger across the status bar.

SBSettings also has a control panel for hiding the various program icons installed. If you are like most people who don’t use the Stocks application, you can just make it disappear by sliding its toggle to off.

There are a plethora of options to explore in the completely free and amazing program.




One of my favorite programs is iBlacklist. It allows you to selectively block incoming calls from phone numbers that you don't want bothering you. This is great for blocking telemarketers, or around election time. You can also use it to block text messages. There is a similar program called MCleaner. Both applications are for sale. iPhone iPhone




iPhone Another little known fact is that the iPhone is limited to eleven pages of icons. Once you reach this limit, any new programs you install through the App Store will not display on the iPhone, so you won't have any way to run those programs unless you do a Spotlight search for them. With 4.0 firmware Apple finally introduced folders, but implements them in a limited way: you can only have 12 icons in a folder. Why this limitation?

If you jailbreak, you can use a program called Infinifolders, which allows an unlimited amount of applications in a folder! If you buy more programs from the App Store, no problem. When you go to sync your iPhone through iTunes, the new application is placed on the next avaialable page of your iPhone and you just simply drag it over to the folder you'd like it in. This is a paid program in Cydia.

Look at that. There's at least 16 icons in this folder...




If you really like cramming your screen full of icons you could install the programs Five Icon Dock, Five-Column SpringBoard, and Five Icon Switcher.

iPhone       iPhone




Or if you'd rather see just how few icons you can have on your screen, or be able to arrange them in any pattern you'd like (with gaps), then check out the Gridlock program. I've made my dock, the spotlight icon and the page dots disappear with other themes.

iPhone




OpenSSH is a great program for interfacing with the file system on the iPhone. It allows for secure Wi-Fi (or USB) access between the iPhone and your Mac. This allows for transferring of files to and from, and for installation and removal of programs. You will also need an SSH client on your Mac (unless you choose to use the Terminal). I have a detailed tutorial for how to install this program on both the iPhone and your Mac. When you install SSH, you can also change the well-known passwords for the root and mobile accounts which will make your iPhone more secure. I have a tutorial for how to do this.

iPhone




iRealSMS greatly expands the abilities of SMS and MMS on the iPhone. It offers folders, drafts, text-to-voice, quick reply and quick send (from within other applications), contact pictures, smileys, templates, search ability, forward via mail, privacy settings, sent notifications, password lock, a character counter and more. Another popular SMS program is called BiteSMS.

iPhone       iPhone       iPhone




iPhone
iPhone
ShakeToUndo Killer is a favorite of mine. I use the Notes application when I go grocery shopping. Sometimes just moving the phone around in my hand (or placing it in its case while I grab something off the shelf) causes the Notes application to prompt me to undo my typing. Sometimes it likes to tell me that there is nothing to undo... This program stops that behavior.




If you enjoy watching videos on YouTube and wish you could save them easily, then MxTube is just for you. Simply search for the videos you want, then choose whether to download them in low or high quality. They will then be stored on your iPhone. If you install OpenSSH onto your iPhone you can even save the videos to your computer.

iPhone       iPhone       iPhone




Hate that Newsstand icon and don't want to put it on its own page? Sure there's a trick where you can put it in a new folder (with great difficulty), but that brings up other issues. Cydia has a tweak which eliminates the icon (then places your Newsstand content on the springboard as individual icons instead). Check out NoNewsIsGoodNews.

iPhone       iPhone       iPhone




There are several video game console emulators on Cydia. Here are some screen shots from NES 3 (which is a Nintendo emulator). You can also play games in landscape mode.

iPhone




Cydia also allows for developers to sell their programs, if they wish. This should be a welcome alternative to those developers who are rejected by the App Store, to still reach their target audience. Programs for sale stand out from free programs as they have a purchase button on their information page.
iPhone
iPhone




The iPhone hacking community is well established, and has been around since the day the first iPhone went on sale in the summer of 2007. With the creation of Installer, and Cydia, the community created the foundation for the distribution of third party applications. Apple saw this, and witnessed the success of these two distribution models. They were a driving force behind the creation of the App Store (so much for web apps huh?), so Apple could make money from distributing third party software on the iPhone. Cydia offers the majority of its programs for free.

Here are the interfaces for Cydia and the App Store. Pretty similar looking. They function essentially the same too.

iPhone       iPhone




Let's jailbreak and unlock!

As a general rule when Apple releases new firmware for the iPhone it isn't immediately jailbreakable upon release. It can take a few weeks until a jailbreak is released. It can take even longer before an unlock for a new firmware is released, and is generally a more complicated method to follow.

These are the topics I will cover next:

Jailbreaking issues

There are some things you should know before you perform anything on this site. There is some minor risk involved here. In a worst case scenario you simply restore your iPhone using iTunes and your phone will be back to normal. Doing this will cause you to lose your jailbreak and / or unlock, and perhaps for some time.
  • You potentially risk voiding your warranty (if you can't restore your iPhone to stock firmware).
  • Any modifications you perform on your iPhone, including bypassing activation, jailbreaking and unlocking, could be reset (or the option to rejailbreak or unlock blocked) if you should install a firmware update provided by Apple. It is usually just a matter of re-doing everything you previously did to get your iPhone back the way you had it.
  • Read the instructions in their entirety. If you can't follow directions, the potential is there for damage (only in extreme cases) to occur to your iPhone requiring a replacement that will most likely be paid for by you.
  • I am not responsible for your results if they are less than what you expected. You assume all risks. I recommend seeking help in iPhone hacking forums or in the various IRC channels. The tutorials I create record the exact procedure I used on my iPhone(s).
  • If you have not activated your iPhone via one of the official cell phone providers (AT&T, Sprint, Verizon, et cetera), and do not pay them for your cellular phone service, then you will lack the ability to use visual voicemail and possibly FaceTime.
  • Jailbreaks and unlocks may have bugs in them causing undesirable side effects that have yet to be discovered. Sometimes these problems are solved when the programs are updated. I try to document widespread issues, but can't document everything.


iPhone models

Before you can do anything you need to determine what iPhone you have. There are currently five generations of iPhones:
  • The first generation iPhone (also called the 2G because it offered EDGE data connectivity, a second generation cell phone technology), released in the summer of 2007. This phone can not run firmware higher than 3.1.3.
  • The second generation iPhone (also called the 3G), released in the summer of 2008. This phone can not run firmware higher than 4.2.1.
  • The third generation iPhone (also called the 3G S) released in the summer of 2009.
  • The fourth generation iPhone (also called the iPhone 4) released in the summer of 2010 for the AT&T network, and in February 2011 for the Verizon network. An unlocked GSM version was released in June 2011.
  • The fifth generation iPhone (also called the iPhone 4 S) released in the fall of 2011 for the AT&T, Sprint and Verizon networks. The iPhone is now a world phone. Because of this there is only one model of phone that handles the CDMA and GSM functionality instead of two separate models like the iPhone 4.
It is very easy to distinguish the first generation iPhone from the others. Looking at the graphic below, and at the iPhone on the far left, you can see that not only is the back side of the first generation iPhone largely made of a brushed metal, but the lower portion has a black plastic cover. The two iPhones in the middle are second generation models (the third generation models look identical). They are distinguished by the tapered ends at the top and bottom of the case. The entire back of the phone is a black, or white plastic. To tell the 3G S from the 3G simply look at the back of the phone. The imprinting will all be in bright silver (not just the Apple logo like the 3G).

iPhone



The iPhones on the far right are the fourth and fifth generation models (GSM and CDMA respectively) and are easily distinguished by the steel band that runs throughout the middle of the phone, with round volume buttons. It also has an all glass back panel. To tell the AT&T model apart from the Verizon model, simply look on the side opposite the volume buttons. The AT&T phone has a SIM tray, the Verizon phone does not. For the iPhone 4 S there will be a SIM tray and the steel band will have two breaks in it on both sides.



What firmware is jailbreakable/unlockable?

To determine which firmware(s) you have on your iPhone, launch the Settings application, press General, then press About. Look at the entry for "Version" (also referred to as firmware or OS). It will have a number next to it and another number in parantheses. We're only concerned about the first two (or three) digit number. In my example I have 5.0 firmware. So when you hear: Apple is releasing new firmware, that is the number they are referring to.


There's another firmware number you should be aware of. This is the one that says "Modem Firmware". This is also referred to as baseband. Usually every time you update your firmware or OS (i.e. 5.0), the modem firmware gets updated too. If you aren't interested in unlocking then you don't need to concern yourself with this number.


While modem firmware updates are good for most iPhone users, they are usually bad for those who want to unlock their iPhones. New firmware releases (and hasty updates by iPhone owners) cause the modem firmware to be updated. It usually takes a long time for a new unlock to be released as a vulnerability must be found in the modem firmware to allow for the unlocking process to work. Here's a real world example: When 4.0 firmware was released an unlock came out not long after. There has yet to be another unlock since. No one has found an exploit in over 1 year!


The image to the right is from an iPhone 4. I have outlined in red, the two version numbers.


If you are using 5.x firmware, then check out my Step 1 tutorials found in the "Start here" menu of my navigation bar (viewable via the Member Access button on the main page). Not a member? Click the donation banner at the bottom of this page to join today!


If you are using 4.x firmware through 1.x, then click here for those tutorials.

Below is a list of the most recent firmwares and modem firmwares. Listings in red can not be unlocked.

5.05.16.05 (3G S)4.11.08 (4)1.0.11 (4S)
5.0.15.16.05 (3G S)4.11.08 (4)1.0.13/14 (4S)
iPhone




Step 1 tutorials

There are three Mac programs for jailbreaking on 5.x firmware: Absinthe, PwnageTool and redsn0w.

Absinthe is made by the Chronic Dev Team (who has been around the jailbreaking scene since 2008) and the iPhone Dev Team. It is specifically for jailbreaking the iPhone 4 S and the iPad 2 only. Eventually the redsn0w program will be updated to do this as well.

PwnageTool and Redsn0w are made by iPhone Dev Team, a group that has been creating jailbreaking programs for free since the iPhone first came out in the Summer of 2007. They also provide the free unlocking software (yellowsn0w, ultrasn0w) for the iPhone. It's probably confusing to most why there are two jailbreaking programs. The unique feature of PwnageTool is its ability to create a custom firmware file that contains the jailbreak exploit, Cydia, and all your favorite Cydia programs pre-installed. Redsn0w can not do this. I've noted the main differences in these programs below in red.

Do not pay for these programs! I know there are shady businesses out there that sell them!

Absinthe: Works with firmware 5.0 and 5.0.1 on the iPhone 4 S only
iPhone
  • Is a one size, fits all program for jailbreaking. There is only 1 button to click.
  • Requires you to be on the firmware you intend to jailbreak before use.
This tutorial is available to members only. To become a member click here.
The jailbreak tutorial is here.


PwnageTool: Works with firmware 5.0.1 on the iPhone 3G S and iPhone 4
iPhone
  • Does not require you to be on a specific firmware before use. You will create a custom firmware file with PwnageTool and restore with that. You can use this file repeatedly, and on multiple iPhones.
  • Offers a simple mode and an expert mode for greater control over custom firmware creation.
  • Allows custom root partition sizing.
  • Can include Cydia programs into the firmware file for quick installation.
    •
  • Can create custom firmware which preserves older modem firmware for unlocking.
  • You can not unlock the iPhone by using this program. You will use the ultrasn0w program (available through Cydia) to unlock the iPhone.
  • Hacktivates the iPhone if you are using an unsupported carrier's SIM card.
  • Allows you to decide whether or not you want to install Cydia.
  • Assists you with entering DFU mode.
This tutorial is available to members only. To become a member click here.
The jailbreak tutorial is here.

Note: This program has a couple issues in the jailbreak. It needs to be updated. You could still use this program, but once you jailbroke your iPhone with its custom firmware file, you'd need to run the redsn0w jailbreak (minus Cydia installation) over it to fix the PwnageTool jailbreak.


Redsn0w: Works with firmwares 5.0 and 5.0.1 on the iPhone 3G S and iPhone 4
iPhone
  • "Stitches" SHSH/APTicket blobs to a custom firmware file. This allows for restoring to unapproved firmware. This is very useful when new firmware is released and it takes a long time until a new jailbreak is released (especially an untethered one). You will create a custom firmware file with redsn0w and restore with that. You can use this file repeatedly, but only on the specific iPhone you have the SHSH/APTicket for.
  • Has a recovery mode fix option.
    •
  • Can create custom firmware which preserves older modem firmware for unlocking.
  • You can not unlock the iPhone by using this program. You will use the ultrasn0w program (available through Cydia) to unlock the iPhone.
  • Hacktivates the iPhone if you are using an unsupported carrier's SIM card.
  • Allows you to decide whether or not you want to install Cydia.
  • Assists you with entering DFU mode.
These tutorials are available to members only. To become a member click here.
The jailbreak tutorial is here.
The jailbreak and simulated unlock tutorial is here.



Return to top of page