''JailbreakMe'' was a series of
jailbreaks for
Apple's iOS
iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
mobile operating system
A mobile operating system is an operating system for mobile phones, tablets, smartwatches, smartglasses, or other non-laptop personal mobile computing devices. While computers such as typical laptops are "mobile", the operating systems used on ...
that took advantage of flaws in the
Safari browser on the device, providing an immediate one-step jailbreak, unlike more common jailbreaks, such as
Blackra1n
blackra1n is a program that jailbreaks versions 3.1, 3.1.1 and 3.1.2 of Apple's operating system for the iPhone and the iPod Touch, known as iOS.
The program uses a bug in the USB code of the firmware for the iPhone and the iPod Touch, ...
and
redsn0w, that require plugging the device into a computer and running the jailbreaking software from the desktop. JailbreakMe included
Cydia
Cydia is a graphical user interface of APT (Advanced Package Tool) for iOS. It enables a user to find and install software not authorized by Apple on jailbroken iPhones, iPads and iPod Touch devices. It also refers to digital distribution pl ...
, a package management interface that serves as an alternative to the
App Store
An App Store (or app marketplace) is a type of digital distribution platform for computer software called applications, often in a mobile context. Apps provide a specific set of functions which, by definition, do not include the running of the c ...
.
JailbreakMe's first version in 2007 worked on
iPhone and
iPod Touch firmware 1.1.1, the second version was released in August 2010 for firmware 4.0.1 and earlier, and the third and final version was released in July 2011 for iOS versions 4.3 to 4.3.3 (and was the first jailbreak for the iPad 2). JailbreakMe 3.0 has been used to jailbreak at least two million devices.
Versions
JailbreakMe 1.0 (iOS 1.1.1)
JailbreakMe, started in 2007, was originally used to jailbreak the
iPhone and
iPod Touch running the 1.1.1 version of
iOS
iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
, then named iPhone OS. Using a TIFF exploit against
Safari, it installed
Installer.app
Installer.app was a freeware software installer for the iPhone created by Nullriver and later maintained by RipDev, first released in summer 2007 and maintained until summer 2009. Installer allowed users to install third-party applications into ...
. The vulnerability used in this exploit was patched by Apple in the 1.1.2 firmware.
This tool, also called "AppSnapp", was created by a group of nine developers.
JailbreakMe 2.0 (iOS 3.1.2–4.0.1)
JailbreakMe 2.0 "Star", released by comex on August 1, 2010, exploited a
vulnerability
Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally."
A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...
in the
FreeType library used while rendering PDF files. This was the first publicly available jailbreak for the iPhone 4, able to jailbreak iOS 3.1.2 through 4.0.1 on the iPhone, iPod Touch, and iPad models then current. This jailbreak was activated by visiting the jailbreakme.com web page on the device's Safari web browser.
The vulnerability used by JailbreakMe 2.0 was patched by Apple in
iOS
iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
4.0.2.
JailbreakMe 3.0 (iOS 4.3–4.3.3)
JailbreakMe 3.0 "Saffron", released on July 6, 2011, will jailbreak most iOS devices on iOS 4.3-4.3.3 and iPad 2 on 4.3.3. It was the first publicly available jailbreak for iPad 2. JailbreakMe 3.0 exploited a FreeType parser security flaw (similar to JailbreakMe 2.0), using the form of a PDF file rendered by Mobile Safari, which then used a kernel vulnerability to complete the untethered jailbreak. Comex also released a patch for this FreeType flaw, named PDF Patcher 2, which is available as a free package installable via
Cydia
Cydia is a graphical user interface of APT (Advanced Package Tool) for iOS. It enables a user to find and install software not authorized by Apple on jailbroken iPhones, iPads and iPod Touch devices. It also refers to digital distribution pl ...
.
A few days before the initial release, a beta tester leaked JailbreakMe 3.0 to the public. Comex said on Twitter that this put him on a "time limit" to release the final version quickly.
The JailbreakMe website looked similar to downloading an
App Store
An App Store (or app marketplace) is a type of digital distribution platform for computer software called applications, often in a mobile context. Apps provide a specific set of functions which, by definition, do not include the running of the c ...
app. It included a blue button indicating "FREE", which changed into a green "INSTALL" button when pressed once, much like an application on the App Store. After tapping "INSTALL", Safari would close,
Cydia
Cydia is a graphical user interface of APT (Advanced Package Tool) for iOS. It enables a user to find and install software not authorized by Apple on jailbroken iPhones, iPads and iPod Touch devices. It also refers to digital distribution pl ...
would load as a new app, and the device would be jailbroken with no reboot necessary.
On July 15, 2011, Apple released iOS 4.3.4 (GSM) and 4.2.9 (CDMA) to patch the flaws used by JailbreakMe.
Comex received a
Pwnie Award at the
Black Hat Conference in 2011 for "Best Client-Side Bug" for this work.
Comex was hired by Apple as an intern in August of 2011.
JailbreakMe 4.0 (iOS 9.1–9.3.4)
JailbreakMe 4.0, released by tihmstar on December 12, 2017, exploited three serious vulnerabilities (), already utilized by a spyware named Pegasus. It was mainly based on HomeDepot, a semi-untethered jailbreak released by jk9357. As for HomeDepot, it targeted all the 32-bit devices between iOS 9.1 and iOS 9.3.4.
The vulnerabilities used by HomeDepot and JailbreakMe 4.0 were patched by Apple in
iOS
iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
9.3.5.
The jailbreak was hosted by Chris Wade (creator of Corellium) a
jailbreak.me Whilst technically semi-untethered, the jailbreak could be made fully untethered with the use of tihmstar's UntetherHomeDepot package.
TotallyNotSpyware (iOS 10)
TotallyNotSpyware, created by the JakeBlair420 team, released on 7 September 2018, is a JailBreakMe-style exploit that works on any 64-bit device running iOS 10. As with JailbreakMe 4.0, the web browser is induced to sideload Cydia using a payload, either Meridian or the doubleH3lix. It is hosted a
spyware.lol and is semi-untethered.
Domain name transfer
On October 7, 2011, Conceited Apps, which had been allowing Comex to use the domain name for hosting, sold the domain name jailbreakme.com to an allegedly "unknown" party. SaurikIT acquired the domain the next day.
Domain redirection
jailbreakme.comwould redirect t
cydia.saurik.comif an incompatible device was detected.
Later, it redirects t
totally-not.spyware.lol
Compatible iOS versions
References
External links
*
{{iOS
IPhone
IOS software
Homebrew software
IOS jailbreaks
Computer-related introductions in 2010