How to Jailbreak an iPhone


iPhone Image Gallery An iPhone fresh out of the box is modeled in Hong Kong in 2008. See more iPhone pictures.
­AP Photo/Kin Cheung

­When the first generation iPhone was released in 2007, the only way to run software on it was with Web applications (apps for short) in a browser -- limited to those published by Apple. But with the release of the iPhone 3G and the launch of Apple's iTunes App Store in 2008, iPhone users were suddenly able to choose from thousands of apps that could actually be installed on the phone itself. To date, there are more than 30,000 apps available in the store [source: 148Apps]. That may sound like a lot to choose from but there are at least a million users who want even more [source: Von Lohmann and Granick]. iPhone jailbreakers, that is.

People turn to jailbreaking because there are limitations to the iPhone and the App Store offerings. On the iPhone, Apple restricts some basic abilities that other cell phones offer standard, including recording video, custom ringtones, photo zoom and the ability to change the look and feel (including icons). Jailbreaking the iPhone bypasses these limitations and allows users to take advantage of third-party apps. Specifically, third-party apps that Apple has declined to distribute through the App Store (because they're deemed objectionable, risqué or duplicative among other reasons). These programs are instead distributed by the developer (usually to avoid the distribution fee charged by Apple).

It's not just the unsanctioned apps that appeal to jailbreakers, though. For those who are more technically oriented, jailbreaking an iPhone can mean more than adding a video app. The iPhone runs on a basic variant of Mac's OS X operating system, which is Unix-based. This means that if you're so inclined, you could jailbreak the iPhone platform and install certain Unix applications such as a lightweight Apache Web server with PHP or SSH daemon to accept remote connections -- thus turning the iPhone into a tiny computer.

­Aside from third-party applications, one of the most common reasons for jailbreaking an iPhone is to unlock it. Jailbreaking and unlocking an iPhone are often confused with each other but they aren't the same thing. Unlocking an iPhone breaks the lock on the SIM card and allows the phone to work with all carriers, not just the official, Apple-approved carrier (which differs from country to country).

­

Jailbreaking your iPhone

The new Apple iPhone 3G is advertised in Palo Alto, Calif., Monday, July 7, 2008.
The new Apple iPhone 3G is advertised in Palo Alto, Calif., Monday, July 7, 2008.
AP Photo/Paul Sakuma

­

­Jailbreaking an iPhone doesn't mean you've unlocked it (although to unlock an iPhone, first you'd need to jailbreak it). Rather, it's a hack that opens up the phone's firmware to allow the installation of third-party applications. Just as hardware is the physical part of a device and software consists of the programs you run on the device, firmware is a bit of both. Firmware is code that contains the operating instructions for hardware, such as how an iPhone should function, what features are enabled and any security patches that are needed. Periodically, Apple releases updated firmware to upgrade features and fix bugs.

When an iPhone boots up, it walks through a "chain of trust," which is a series of signature checks among software components always done in a specific order. It begins with boot ROM, moves on to loading low-level bootloader (LLB) software (which controls general data storage and transfer between computers and digital devices, in this case flash memory), then iBoot, then the operating system kernel, and finally the operating system kernel loads the user applications. As the chain of trust is executed, checks are being done for any unauthorized software.

When you jailbreak an iPhone you're modifying, or patching, the iBoot and operating system kernel in this process, rendering them unable to do the digital signature checks that evaluate and distinguish authorized or unauthorized software.

Jailbreaking an iPhone differs from iPhone to iPhone (and iPod Touch) -- it depends on what version of firmware the phone is running and if your computer is Windows or Mac. To do it you need an iPhone, a computer with the latest version of iTunes installed, a downloaded jailbreaking program with instructions and some time. You'll also need to know what version of firmware is installed on your phone.

While we're not giving away the download here, with a little Web searching you can find links to the needed tools -- usually with detailed directions and accompanying screenshots. Some of the more popular programs are QuickPwn (which will jailbreak an iPhone 3G running the most current firmware version 2.0+) and PwnageTool (which can also jailbreak first and second-generation iPod Touches), both from the iPhone dev team. Third party applications can then be browsed, downloaded and installed with software such as Cydia (think of it as the store for nonsanctioned apps), which is conveniently included in jailbreaking tools.

Keeping up to date with jailbreaking software is like a game of cat and mouse -- Apple updates its firmware and hackers scramble to release a jailbreak of the new code.

Problems with Jailbreaking Your iPhone: Second Thoughts

A man uses his iPhone in Moscow. Russia has a thriving market in phones that have been unlocked or jailbroken.
A man uses his iPhone in Moscow. Russia has a thriving market in phones that have been unlocked or jailbroken.
­AP Photo/Sergey Ponomarev

­

If the very idea of hacking your phone makes you nervous, there's a safety net -- sort of. When you decide to jailbreak your phone, you do it with the understanding that you could damage it. Phones can be restored to their out-of-the-box state by reinstalling original firmware through iTunes, but only sometimes. Worst-case-scenario and your phone becomes an expensive brick, commonly referred to as an iBrick.

Be forewarned: Jailbreaking is not sanctioned by Apple (that's why it's called jailbreaking). The practice voids the warranty and any new firmware upgrades Apple releases erase any previous jailbreaking efforts (it overwrites them).

Security concerns arise as well. When you buy apps through Apple's App Store, Apple has vetted them. When you download and install unsanctioned third-party apps, you can't be sure what you're getting -- the hottest new way to upload a video to YouTube or a malicious piece of software? You won't know until you install it.

Additionally, according to comments Apple filed with the U.S. Copyright Office in early 2009 as part of the 2009 Digital Millennium Copyright Act (DMCA) triennial rulemaking, jailbreaking an iPhone constitutes a DMCA violation and copyright infringement.

DMCA allows the company to block anything from working on devices they produce without having first approved it. If you download unapproved third-party apps, you're in violation because your phone is no longer under Apple's security controls. And copyright infringement comes into play here because in order to jailbreak an iPhone, someone must first write code that is a tweak of the existing Apple code -- but is reverse engineering fair use or copyright infringement? That's something for the courts to decide.

Related HowStuffWorks Articles

Sources

  • 148Apps. http://148apps.com/10000/
  • Apple. "Apple Reports First Quarter Results." 2009. http://www.apple.com/pr/library/2009/01/21results.html Apple. "iPhone to Support Third-Party Web 2.0 Applications." 2007. http://www.apple.com/pr/library/2007/06/11iphone.html
  • Apple. "What is firmware?" http://support.apple.com/kb/HT1471
  • Beschizza, Rob. "What The Hack? iPhone Hacking Terms Explained." Gadget Lab. Wired.com. 2007. http://blog.wired.com/gadgets/2007/10/what-the-hack-i.html
  • Electronic Frontier Foundation. "ReCellular and FlipSwap in Support of Proposed Class 5D."2009. http://www.eff.org/files/filenode/dmca_2009/EFF2009replycomment_0.pdf Elmer-DeWitt, Philip. "iPhone App Store: 30,000 apps, but slowing?" Apple 2.0. FORTUNE. http://apple20.blogs.fortune.cnn.com/2009/03/26/iphone-app-store-30000-apps-but-slowing/
  • iPhone Dev Team. http://blog.iphone-dev.org/
  • Iwatani Kane, Yukari. "Breaking Apple's Grip on the iPhone." The Wall Street Journal. 2009. http://online.wsj.com/article/SB123629876097346481.html
  • Krazit, Tom. "The Great iPhone Hack, round 3." CNET News. 2007. http://news.cnet.com/8301-13579_3-9795769-37.html
  • Long, Ben. "The iPhone Hacking Kit, step by step." iPhone Central. http://iphone.macworld.com/2007/08/the_iphone_hacking_kit_step_by.php
  • Murphy, David. "iPhone 3.0: What Happens to Your Jailbreak?" PCWorld. 2009. http://www.pcworld.com/article/161253/iphone_30_what_happens_to_your_jailbreak.html
  • Railsback, Kevin. "iPhone SSH access enabled." Inside Tech. InfoWorld. 2007. http://weblog.infoworld.com/railsback/archives/2007/07/ssh_on_iphone.html
  • Seltzer, Larry. "Busting Out of the iPhone Joint." SecurityWatch. PCMag.com. 2007. http://blogs.pcmag.com/securitywatch/2007/10/busting_out_of_the_iphone_join.php
  • Seltzer, Larry. "Please Don't Jailbreak Your iPhone." SecurityWatch. PCMag.com. 2009. http://blogs.pcmag.com/securitywatch/2009/03/please_dont_jailbreak_your_iphone.php
  • Tech-FAQ. "What is Firmware?" http://www.tech-faq.com/firmware.shtml
  • Von Lohmann, Fred and Jennifer S. Granick. "Comments of the Electronic Frontier Foundation in Support of Proposed Classes 5A, 5D, 11A and of The Wireless Alliance,