How To: Jailbreak your iPhone, iPad, and iPod touch (and get lots of cool stuff)

Apple makes cool toys. However, Apple has not-so-cool restrictions on these toys. Apple likes to build a “walled garden” around its gadgets: You can’t buy or download apps they don’t approve of, and don’t even think about setting custom ringtones.  Don’t like that icon? That’s too bad, as Apple won’t let you change it.  Luckily, there are ways to blow a hole in this walled garden (without damaging the turnips), and it’s called jailbreaking. Jailbreaking is the process of removing the lock from your device’s root account and allowing the installation of third party apps through the “second” (unofficial) app store, called Cydia. For you Windows geeks out there, essentially jailbreaking gives you administrator access to your device.

NOTE: Before you proceed, realize that jailbreaking is an unofficial, non-Apple supported modification to your device. Although jailbreaking is a fairly safe process, no mod is ever 100% safe. Jailbreaking also voids your warranty. If you decide to jailbreak, you are doing so at your own accord. Locutus, dotTech, Ashraf, nor anyone or anything else besides yourself is responsible for any damage done to your shiny gadget. Proceed with caution.

Also realize this guide does not cover unlocking your phone to be used on another carrier, which requires a slightly different jailbreaking technique.  If you want to unlock your device, ask around on the iPhone Dev Team’s blog.

Why jailbreak?

You may think that your iPhone is perfectly fine without breaking down the wall; but let me ask you: Can you quickly turn 3G off to save battery, or change icons and docks, or hide those apps you don’t want (Contacts, I’m talking to you)? If you don’t jailbreak, you can’t.  If you do jailbreak, the world is your oyster.  (In the USA jailbreaking even allows you to break the bonds of the monster known as AT&T, allowing you to use your iPhone 2G, 3G or 3GS on T-Mobile or any other [SIM-using] carrier!)  On my iPod, I can take pictures that are one third bigger than I’m supposed to be able to.  I also have 5, not 4, icons in the dock.  If I had an iPhone I could change my ringtones… to something other than xylophone.  Still not interested? Jailbreaking allows use of Facetime over 3G (iPhone 4 only… duh). Are you interested now? Yeah, I thought so.

Toys can you jailbreak

What devices can you jailbreak?  The answer to that is all of them!  They all have a hardware flaw that allows hardware-based jailbreaking. So even if Apple patches vulnerabilities in an iOS update, jailbreaking developers simply need to update their software to work on the new iOS version.  Depending on the device and firmware you have, it can either be tethered jailbreak’ed or untethered jailbreak’ed.

Tethered and untethered?  What?

What is a tethered jailbreak?  What is an untethered jailbreak?  A tethered jailbreak means that you need to connect your device to your computer and start the jailbreaking software in order to boot your device; unthethered jailbreak can be rebooted normally. Luckily, due to the wide variety of CPU flaws, certain devices are untethered, but unfortunately some devices are tethered.

The first order of business is to find out your firmware version number.  If it is anything below 4.2, then your device is untethered (this applies to all devices)! Otherwise, if you’re on iOS 4.2, your device may be tethered or untethered.

If you have an original iPhone, an iPod touch 1/2g, an iPhone 3G, or one of the earlier iPhone 3Gses, your device has a hardware flaw which allows an exploit for untethered jailbreak on all firmware versions. This means that you can turn your device on and off without needing to connect to your computer.  If you have an iPod touch 3g, iPod touch 4g, iPad, a newer model iPhone 3GS, or iPhone 4, your device’s hardware flaw’s exploit is tethered. This means you’ll need to use the “just boot tethered” option in redsn0w – more on this later.

If you have an iPod touch or iPad, having a tethered jailbreak isn’t a very big deal because your device is probably kept on until it needs battery power, when you plug it into the computer.  If you have an iPhone, being tethered is a slightly bigger deal as you may want to power off your device while away from home. So think about if you can handle tethered jailbreak before you proceed (if applicable to you).

Jailbreaking tools

Oh, so I’ve convinced you?

The first thing you’ll want to do is acquire the latest version of redsn0w (snow with a zero, not an o).  It’s the magic behind the curtains; the women behind the man; the software behind the action.  As of this article, the latest version is 0.9.6b5, which you can download from Google (the iPhone dev team uses Google for hosting, Google didn’t develop it).  Otherwise, you can download the latest version from the Dev-Team Blog (usually near the bottom of the current article).

How to jailbreak

After downloading redsn0w, simply extract it to a place that’s easy to find, like your desktop.  Once you have redsn0w running the first thing you have to do for all devices is find the IPSW file.

The good news is if you updated your device once (doesn’t matter which update it was) you already have this large dump on your computer you can find the IPSW in. Look in the “C:\Users\username\AppData\Roaming\Apple Computer\iTunes” (Vista/7) or “C:\Documents and Settings\users\AppData\Roaming\Apple Computer\iTunes” (XP) folders to see if there’s a folder with Software Updates in its name.  If there is, look inside it.  There should be a file called Device#,1_Version_8C148_Restore.ipsw. Look for one with whatever version of iOS you currently run.  That’s the file you want.  Copy it somewhere easy to navigate to, like your Documents folder.

If you have not updated your device or you don’t have the Software Updates folder or you can’t find the IPSW file, you can download the IPSW file from this handy site.  Be sure to download the IPSW file for the right device and, more importantly, the right firmware version.

Once you have the IPSQ file, run redsn0w:

Click the Browse button to look for ISPW file (the one you either grabbed from the Software Updates folder on your computer or downloaded):

Click Open; redsn0w will process the file:

After identifying which device and firmware version you provided, you will need to click Next.

Once you will Next, redsn0w will patch the kernel and do the heavy lifting on the firmware file:If your computer gets stuck, you may want to close redsn0w manually via Windows Task Manager and run redsn0w in compatibility mode.

When it’s done patching, it’ll ask you what you want to do with your device:

I recommend installing Cydia (else what’s the point of jailbreaking?!). If you want, you can add Battery %, but that’s available as an after-jailbreak option too.

When you’ve decided what to do, click next.  Now you need to be careful because the next screen will vary by device. For any device that has an A4 core – iPod Touch 4G, iPhone 4, or iPad – you’ll see what I saw for my device……and have to do the same steps as me. If you have a different device read the instructions shown on redsn0w – it will tell you what to do. For people with an A4 core device (like me) still read the instructions but I will walk you through in this article (since I have an A4 core device). (If you have a non-A4 core device, do whatever redsn0w tells you and skip down to the part in this article where I talk about redsn0w rebooting your device.) If you have an A4 core device first turn off the device and plug it into your computer (just like redsn0w says). Once you have done that, click Next (be prepared to hold down the power and home buttons). Once you have advanced to the next screen, you must hold down the power button, then hold the power and home buttons, and then just the home button:

It’ll work its magic automatically as soon as your device is put into the correct mode:

When redsn0w is done, it will reboot your device. If you have properly jailbroken your gadget a pineapple will appear on your device’s screen as it boots jailbroken for the first time.

After your device has been booted, you’ll see a blank white Cydia icon on one of your home screens, assuming you decided to install Cydia:

Unfortunately, your device won’t let you open Cydia yet (or at least mine didn’t).  This is because Cydia was only half-installed and your device needs to be rebooted one more time before it will work. If you have an untethered device you can reboot normally. If you have a tethered device, this is the perfect opportunity for learning how to boot your device.

Booting a tethered device

Before rebooting (or even after rebooting – you can do this at pretty much any time) open up redsn0w and select the IPSW file used earlier. Do all the steps as if you will jailbreak the device, but when you get to the “what you want to do” screen, select Just Boot Tethered:

Follow all the instructions written on redsn0w about holding the buttons.  Your phone will reboot. Once rebooting has finished, open Cydia on your device.  If it doesn’t work, try rebooting again (using redns0w).  Every reboot you do must be done via redsn0w until a) an untethered option comes out or b) you restore your device back to normal (ugh, normal).

Cydia

Once Cydia is up and working, you can install all kinds of apps like the ones I described above. (Cydia is an “app store” so you need to run Cydia and download apps from within it.)  For turning off 3G or Wifi or certain home screen icons, install SBSettings.   But the joyous thing is, the cool apps never stop.  After a while, you’ll never be able to turn back! (NOTE: Cydia allows you to pirate apps. dotTech does not support or encourage this type of behavior. Do not pirate apps. Cydia can be used for many other legal purposes – it isn’t just for pirating.)

Conclusion

Jailbreaking your device is fairly safe process (although not 100% – no mods are ever 100% safe) but if you want your warranty, then jailbreaking is not for you because jailbreaking voids warranty. Jailbreaking allows you do to cool things, such as multitasking or anything else your brain can imagine.  If you’ve jailbroken and actually made it through this whole 1000 word article, congratulations on being the latest to the jailbreaking party! Enjoy the wonders of a wall-less digital world.

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

16 comments

  1. Locutus
    Author/

    @Nathan: That part is a bit trickier, and only works if you’ve backed up your SHSH blobs–most non-jailbreakers haven’t.
    http://cogizio.org/operating-systems/ios/3167
    The link is to a guide on my site about how to backup your SHSH blobs. Unfortunately, it’s too late to back them up if you haven’t already backed them up. However, if you have backed them up, you can just use TinyUmbrella to set your HOSTs file to Cydia’s server and then restore using Shift+Click>Browse for the 4.1 firmware.
    You’ll need to download your old firmware–but make sure you can first.

  2. Ashraf
    Mr. Boss

    @Locutus:
    Problem 1) Accidentally drop it in the toilet. Unless you have the Motorola Defy, you will no longer have a working phone.

    Problem 2) Bleh who cares – Eric was showing it off, so it must be official.

    The mobile theme is MIA. It was having some problems not properly showing some posts so I have disabled it for now. It should be back later, although personally I find myself more inclined to view the full dotTech on my phone than the mobile version.

    Lastly… aren’t we encroaching on your article by going off topic? We are such great examples to follow, LOL!

  3. Ashraf
    Mr. Boss

    @Locutus: Because of the many different Android devices, there is no one straight way to root Android devices. I may compile a list of major popular devices, though.

    EDIT: Actually there may be a way. More and more rooting apps are showing up in Android Market that root multiple phones.