iPhone World

After what seems like forever, it is finally here… Some of you have waited a very long time for an untethered jailbreak, and the wait is now over. Enter Spirit.

With Spirit, you can now jailbreak ALL devices (iPad is ‘beta’) on the latest firmware, in about as much time as it takes to read this, maybe less. Anyone currently using a tethered jailbreak is going to want to do a restore before running Spirit on it.

The beauty of Spirit is that it is a userland jailbreak. To you, this basically means you don’t have to mess around with putting your device into recovery or DFU mode. It’s as simple as plug it in, click, wait for it to reboot.

The timing for Spirit couldn’t have been better as a few hours ago my 3GS decided to freeze, and upon forcing a reboot, proceeded to no longer stay powered on for more than 10 seconds at a time, ending in a ‘fsck failed’ error.

The process is the fastest yet. From the time I clicked the Jailbreak button, to the time I was back at the springboard running Cydia, 2 minutes. That is to say, once I got past this..

At first I realized I had iTunes open, figuring that had to be the problem I closed it and tried again. Same thing. Running it as Administrator also did no good.

All is not lost, and the solution is quite simple. You just have to set the compatibility mode for Spirit to Windows 98. Once I figured that out, the rest was a piece of cake.

Spirit doesn’t have any fancy options, or rather, any options. You can’t set verbose booting, boot logos, installing icy or any packages, but what it does it does very well. And as long as you’ve got Cydia, the rest is just a matter of installing.

Check out the Spirit page for more information and download links for Windows and OSX.

While it can be a bit annoying, I can understand why free apps often come with ads. If done correctly, there is nothing wrong with this, it’s free, so you can’t really complain. What I do have a problem with however, is when the ads are placed so as to make it difficult to use the app without accidentally tapping on the ad. 9 times out of 10, this is done intentionally, and this I have no patience for. Cydia doesn’t have too many ads, but when they do show up, they can get a little out of hand. Lately I have been noticing more and more of the ads that will follow you as you scroll down the page, to the point where they can make it difficult to read app descriptions.

There is a quick easy way to eliminate these ads altogether. To rid yourself of these dreadful things, FTP/SSH to your device, and modify the file /Applications/Cydia.app/package.js. What you are looking for should be on line 209.

Find this

if (depiction == null)

and change it to

if (depiction == null || true)

From that point on, you can enjoy an ad free Cydia. There will however still be ads on the screenshot pages, but at least they will be gone from the app details, and they will load faster also.

The Dev-Team has wasted no time getting the 3.1 jailbreak working. Just posted to there blog is the announcement that PwnageTool has been released for 3.1. Before you get too excited, as always, the first release is the Mac version. Shortly we will have a Windows version, and then finally Redsn0w to make the process a breeze. There will be no need to wait for an updated Ultrasn0w as PwnageTool will preserve your baseband.

The other bad news, it is not yet ready for the iTouch 2G & 3G, or the iPhone 3GS. While some of still have to wait, things are in motion and we are well on our way now.

If you are a Redsn0w user, and rely on the ability to have an unlocked phone, then now is the time to move to PwnageTool. Going forward, each time a new firmware is released, you will need to rebuild it with PwnageTool in order to keep the vulnerable 04.26.08 baseband. Which, for the curious, you can view in Settings by going to General > About, and scrolling down to modem firmware. I am going to repeat it one more time, if you update to 3.1 (or for now, any version beyond that) with the official ipsw and not a custom PwnageTool one, you WILL lose the ability to unlock your phone, possibly forever.

So if you’ve got a Mac, head on over and get your Pwn on

One other thing worth noting, is that everyone except us 3GS owners should be able to use a custom firmware generated by anyone else. So you folks without Macs may want to keep an eye out for someone to post it, as always happens.

If you’re heading over there now, or if you’ve already been through it, let’s hear how it went? Any hiccups?

If you haven’t noticed yet, OS 3.1 was made available today as well as iTunes 9. As always, if you are jailbroken and wish to stay that way, do NOT update to 3.1 just yet. Wait for the Dev-Team to release a 3.1 jailbreak. More importantly, if you require the ability to unlock your phone ala ultrasn0w, DO NOT update to 3.1. The 3.1 update has a new baseband and will render your phone un-unlockable, possibly for good. You will need a custom firmware containing the current (04.26.08) baseband. (You can see the version in the Settings app under General and About, look for modem firmware).

Along with that, before updating, I would recommend launching Cydia at least once more. If you haven’t noticed, there is a new announcement on the main screen. After opting in, the top of the app will say you are pending (didn’t grab a shot of that) and eventually it will change to this

It isn’t totally clear if, when, or how these will be used, but the current assumption is it would allow you to downgrade from 3.1 back to 3.0. If you don’t plan on updating to 3.1 until the jailbreak is released, then I wouldn’t worry about this. If you do update to 3.1, it *may* be possible to downgrade back to 3.0 but doing so will keep the updated baseband preventing you from unlocking unless a new exploit is found. Has anyone tried going back to 3.0 after updating? Were you successful?

As far as what’s new in 3.1, the list is not all I could have hoped for but there are a few notable items. One thing that doesn’t seem to be listed is MMS support (beyond an indirect mention anyhow). Seeing as AT&T is turning on MMS support on September 25th, it would be fair to assume 3.1 will have the capability and it will be enabled through iTunes at that time. On with the list.

• Genius recommendations for Applications
• Support for iTunes 9
• Redeem iTunes Gift cards, codes, and certificates in the App Store
• Display available iTunes account credits in the App Store and iTunes Store
• Browse and download ringtones wirelessly from the iTunes Store
• Save video from mail and multimedia messages into Camera Roll
• Option to "save as new clip" when trimming a video on iPhone 3GS
• Better iPhone 3G Wi-Fi performance when Bluetooth is turned on
• Remotely lock iPhone with a passcode via MobileMe
• Use Voice Control on iPhone 3GS with Bluetooth headsets
• Paste phone numbers into the Keypad
• Option to use Home button to turn on Accessibility features on iPhone 3GS
• Warn when visiting fraudulent Web sites in Safari (anti-phishing)
• Improved Exchange calendar syncing and invitation handling
• Fixes issue that caused some app icons to display incorrectly

With iTunes 9 finally comes the ability to rearrange your icons from your computer, big win! It is also not yet known if iTunes 9 has any effect on AppSync 3.0 or ipa’s that it would be needed for. Let us know if you have upgraded if this still works for you.

If you have already upgraded are there any notable changes not mentioned or subtle but useful features that snuck in?

Last, how is Wi-Fi working for everyone? 3.0 seemed to be plagued with instability and unexplained fluxuations in signal strength along with high packet loss, mostly associated with having push email on. Any improvements there?

If you run SBSettings, as it would seem most jailbroken users do, you’ve no doubt seen the Free Memory feature when viewing processes. This is one of those things that I would definitely not respond well to if it went away. The lack of a swap file in iPhoneOS, means memory is much more of a concern than pretty much everywhere else. If your app uses too much memory, it is swiftly terminated by the OS, no questions asked. Poorly written apps will also cause memory leaks and leave you with less free memory than you started with after running and exiting them. Apple’s solution to this? Reboot.

Wut? No thanks. Boot up time for the iPhone 3GS is anything but lightening fast, and the 3G is takes even longer. Unless it’s absolutely necessary, I don’t typically restart my phone. This is where the ‘Free Memory’ option is crucial.

The free memory option is not limited to jailbroken users. There are a few AppStore apps that have this ability as well, or at least there were. Apple it seems is having a fit over this function and is forcing developers that currently offer it to remove it or have their apps ejected from the AppStore. Why would they do that?!?!?!?

Here’s my best guess… The method used to free the memory works by allocating everything available. The OS will then see memory levels are critical and start terminating background processes. Here, this means Phone, Mail, and iPod. Of course they automatically restart, and in the end you typically have much more memory available. So what is Apple’s problem? When the apps are terminated, a crash log is produced. These are sent to Apple when you sync. Apple is likely getting flooded with these crash logs and so has decided to pull the plug on the ability to use this method.

What is my response to this? Free your RAM every chance you get. Apple has been all but negligent in their AppStore processes and their refusal to approve certain apps or the adamant rejection of apps that use undocumented or restricted API’s, not to mention the rejections that have no real merit whatsoever. Free your RAM every chance you get. Apple is not a company that exercises the skill of listening to it’s users or even acknowledging when problems exist. They come up with blatant lies to discourage and attempt to make illegal the process of jailbreaking YOUR device that YOU own¹. They spew their bullshit claiming they don’t know if Google Voice uses VoiP technologies, or that it hasn’t been rejected, they just haven’t approved it yet. Come on guys, there is no doubt they have plenty of tools at their disposal that will tell them exactly what your app does, what API’s it uses, etc. Free your RAM every chance you get. They charge $99 a year for the privilege of being able to develop iPhone/iTouch apps, so that you can submit them to the AppStore so they can take another 30% of your profits. What about refunds? A little known fact is that if someone purchases one of your apps, and is later granted a refund for whatever reason, the entire purchase price comes out of YOUR pocket while Apple sits back and keeps it’s 30% commission. Apple is obviously annoyed by what results when users free their memory the efficient way, so let’s stick it to them until it hurts.

Free your RAM every chance you get and use one of the few things that has actually gotten Apple’s attention to protest their [mis]management of just about everything related to the AppStore.

1. Apple’s claim to the copyright office in response to the EFF’s request to officially declare jailbreaking a legal activity. It’s a hefty read, I’ll note some of the key pieces of manure here.

5. In testimony, the Electronic Frontier Foundation stated that the iPhone warranty would not apply to an unauthorized modification on an iPhone. Would other services or functionality be affected by “jailbreaking” an iPhone, e.g., would AT&T phone, data, or GPS functionality be affected? Would AT&T be required to provide service to an iPhone modified by the user?

Apple’s Response:

Yes, ..services and functionality of the iPhone can be affected by jailbreaking of the
phone, as well as services .. on AT&T’s phone and data network. The OS controls a critical portion .. known as the “baseband processor” (“BBP”) that is used to connect .. to a .. network and to utilize services .. Once an iPhone is jailbroken, it is much easier to hack the BBP software .. Such modifications can interfere with ..phone, data, and GPS functionality .. Modifications to the BBP software may introduce .. errors into that software or cause it not to function correctly .., which in turn can render the iPhone incapable of connecting to the network at all in order to make phone calls or send/receive data. Such modifications may also interfere with GPS functionality. There is a special GPS chip in the iPhone that .. computes location of the phone .. However, an enhanced functionality called “assisted GPS” enables the location .. to be pinpointed
with greater accuracy than ordinary GPS by utilizing data about the location of the cell tower to which the user is .. connected. If modifications to the BBP software were to render the user unable to connect to the local AT&T cell phone tower, the assisted GPS functionality would, in turn, not function.

It gets better..

…each iPhone contains a unique Exclusive Chip Identification (ECID) number that identifies the phone to the cell tower. With access to the BBP via jailbreaking, hackers may be able to change the ECID, which in turn can enable phone calls to be made anonymously (this would be desirable to drug dealers, for example) or charges for the calls to be avoided.

To me, this sounds like “We didn’t make the devices and network secure enough and people figured it out, rather than fix anything, outlaw jailbreaking!” Seriously guys… We’re on the 4th generation now with the 3GS and they haven’t managed to store this uber-sensitive data in ROM? Implement a secure handshake process between the towers and devices that is based on more than one piece of information? Add a carrier password of some form that the user chooses which is authenticated with the tower? All of the ill-doings Apple is claiming are possible with jailbreaking come down to design faults in the end. Poorly implemented protocols that can be easily hacked. History has proven time and time again that the black box design approach does not work. Security through obscurity is not a solution but an effort to cover up a poor implementation. I also like how they state specifically state “this would be desirable to drug dealers”. Ok, it would also be desirable to illegal telemarketers, robo-callers, collection agencies, scammers, politicians, basically anyone who might want to make an anonymous call.

I could go on and rant about Apple’s incompetence and need to play puppet master for another 15 paragraphs. Perhaps another day as if I continue this is likely going to meander a bit past the “all-ages” rating I aim to keep here.

FREE YOUR RAM EVERY CHANCE YOU GET. Make Apple bend over and take it without any lube while convincing them it’s really better that way, just like they do to their users.

Got something to add? Go.

In keeping up on the logs for the site I’ve noticed quite a few people arriving here after Googling some variation of ‘install cydia over ssh’. So to all of you out there, what exactly is it that you are looking for? The only conclusion I can draw is that folks are searching for jailbreak instructions using incorrect terms. That, or some of you have managed to remove Cydia and now need to get it back. Based on the fact that you cannot have the ability to SSH without first having Cydia, what other possibilities could there be?

If you are looking for jailbreak instructions, there is a guide in the menu on the right.

If you have managed to remove Cydia, first of all, BAD USER! Go stand in the corner! Why would you do that??

All reasons aside, if you’ve managed to get into this situation, you’ve come to the right place as I have a solution for you. First, download the following file.

• Cydia and essentials

Now unzip the file, you will have 2 .deb files. You will need to get them onto your phone using your client of choice (WinSCP, FileZilla, etc).

In an SSH session, change to the folder you put the debs in. Type exactly the following:

• dpkg -i essential_0-1_iphoneos-arm.deb cydia_1.0.2953-59_iphoneos-arm.deb; respring

If you attempt to install either on it’s own you will get errors and it will not work. Once it has finished, your phone should respring, and if all is well, you should again have Cydia on your springboard.

If the situation is that you simply deleted the Cydia.app folder, I can make that available as well but I’m not going to unless it’s requested you can download it as a zip here. I zipped it directly on the device preserving the permissions, so you can either unzip it on the device, or make sure that after FTP’ing, you right click the Cydia.app folder to edit the permissions, set it to 755 and choose the recursive option.

So there you all go. Hopefully this is what you guys have been looking for, if it is not, be sure to make yourself heard in the comments. As you can see, your questions get answered even if you do not ask them, imagine what might happen if you do!

Unpacking cydia (from cydia_1.0.2953-59_iphoneos-arm.deb) …
dpkg: dependency problems prevent configuration of cydia:
cydia depends on essential; however:
Package essential is not installed.
dpkg: error processing cydia (–install):
dependency problems – leaving unconfigured
Errors were encountered while processing:
cydia

likewise, attempting to install just essentials will yield:

Unpacking essential (from essential_0-1_iphoneos-arm.deb) …
dpkg: dependency problems prevent configuration of essential:
essential depends on cydia | com.ripdev.icy; however:
Package cydia is not configured yet.
Package com.ripdev.icy is not installed.
dpkg: error processing essential (–install):
dependency problems – leaving unconfigured
Errors were encountered while processing:
essential

The Dev Team has just announced that the purplera1n method of making sure you’ll be able to [continue to] jailbreak your 3GS is no longer necessary. It seems Apple was nice enough to dump the files in %TEMP% (Windows) and /tmp (Mac) while it is performing a restore.

*EDIT* After actually having time to think about this for a second, unless you have a reason to restore your phone (twice), the purplera1n method is a LOT more convenient. Kudos to the Dev Team for discovering this, but it’s not the best way to go about it. This of course assumes that purplera1n does its job correctly.

The short version

You should copy these files out of the respective temp folder while a restore is happening.

The slightly longer version

Part 1

Make any necessary backups (See the Jailbreaking article for tips on this)

Open Windows Explorer and put %TEMP% in the address bar. If your temp folder is cluttered, you may want to clean it up a bit at this point to make things easier.

If you’re on a Mac, it’s the same basic idea, except you would open Finder and navigate to /tmp.

Open iTunes and begin a restore

***WARNING*** Be certain that you are restoring 3.0  ***WARNING***

If you have been anywhere near the 3.1 beta, be absolutely positive you are restoring to 3.0 or you may lose the ability to jailbreak [forever].

While the restore is running, watch the temp folder, you should see at least one new folder created, probably with a meaningless name.

View the contents of the folder and find iBEC.n88ap.RELEASE.dfu, copy this file elsewhere.

Part 2

Put your phone into DFU mode by first turning it off. Then hold the power/sleep button (the one on the top) and the Home button (the one on the front) for 10 seconds, then release the power/sleep button and continue holding Home. If all goes well, iTunes will tell you it has detected an iPhone in recovery mode and the screen on your phone will remain black. If the apple logo appears and you are still holding the power/sleep button, you will likely have to try again.

Once the phone is in DFU mode, perform another restore, this time looking for the file named iBSS.n88ap.RELEASE.dfu.

And that’s it! Take those files and burn them and go bury them in your backyard! Well, maybe not, but keep them safe! There is no imediate use for them, but you will likely need them when you are able to use Ultrasn0w / Redsn0w.

Stay tuned for more info as it develops…

If you do not require your phone to be unlocked, then this doesn’t apply to you (IE you have service with AT&T and plan to keep it that way), but if you are a Yellowsn0w or Ultrasn0w user, updating could cause you to lose the ability to unlock….forever.

Here is the official update from the Dev Team:

Ultrasn0w users must stay away from any firmware updates past 3.0 (including today’s 3.1 beta) until we release the tools that let you update the firmware without updating the baseband.  For most phones out there, baseband updates are irreversible and you’ll lose ultrasn0w.

The 3.0 jailbreak was one of those (rare) times where both the jailbreak and the unlock coincided (the only other time was 2.2).  It’s important that people realize that *most* firmware releases aren’t like that, and you need to take steps (via the tools) to separate the firmware update from its included baseband update.

This warning does not apply to the iPhone 2G, which uses BootNeuter for the unlock, not ultrasn0w.

We’re still working out the theme a bit here, and while pleasing visuals are nice, users want the information and they want it now. So, in the interest of information over presentation, I’ve put up the first guide.

So stop wasting your time reading this post and head over to the Guide to Jailbreaking with Redsn0w!