iOS Jailbreaking 101 Part 3: Jailbreaking Your iOS Device
Welcome to the third installment of our four-part series on iOS jailbreaking. Before going any further, you should invest a few minutes to read parts 1 and 2, in which we cover basic jailbreaking terminology and the iDevice backup process:
- iOS Jailbreaking 101 Part 1: Understanding Jailbreaking
- iOS Jailbreaking 101 Part 2: Ensuring Your Device's (and Your Data's) Safety
In my opinion, there is no good reason to run your iDevice using firmware earlier than iOS 5. Thus, in this article we constrain our discussion to jailbreaking iOS devices running the following iOS versions:
- iOS 5.0.1
- iOS 5.1
Yet Again, Some Necessary Background Terminology
When you study the online iOS literature, you soon find many references to tethered vs. untethered jailbreaks. What is meant by these terms?
A tethered jailbreak requires that your iDevice be physically plugged into your host computer and associated with your jailbreaking application every time you boot the hardware. By contrast, an untethered jailbreak allows you to reboot your iDevice at will from any location.
Most people feel that an untethered jailbreak is infinitely preferable to a tethered jailbreak because of its inherent freedom. After all, you don't want to find yourself broken down on the side of the highway and forced to reboot a tether-jailbroken device; you'd be out of luck!
The principal reason why some iDevice users make use of tethered jailbreaks is because often this is the only way, at least in the short term, to run the latest iOS firmware and keep your device's jailbroken status. Alternatively, you may have failed or forgotten to save your SHSH blobs from an earlier firmware version, thereby preventing firmware downgrade.
At the time of my writing, there exists no tethered or untethered jailbreak for the iPhone 4S or iPad 2 or 3 running iOS 5.1. By contrast, only tethered jailbreaks exist for earlier iOS 5[nd]based iDevices.
The reason why we classify the iPhone 4S, iPad 2, and iPad 3 differently from earlier Apple mobile devices with respect to jailbreaking is due to their microchip platform. The iPhone 4S, iPad 2, and iPad 3 possess the Apple A5 system-on-a-chip (SoC), while earlier devices have the Apple A4 SoC. This distinction will come in to play later when we select our jailbreaking software.
A second basic distinction we need to cover before proceeding is the difference between Device Firmware Update (DFU) mode and recovery mode. Recovery mode is a special iDevice startup mode that we use to restore our hardware to its latest iOS firmware version and most recent user data backup. We can think of recovery mode as an "escape hatch" in case something goes wrong during the jailbreaking process. In fact, we'll learn how to use recovery mode later on in this article.
DFU mode is also special iDevice startup mode, but its reason for existence is fundamentally different from that of recovery mode. We use DFU mode to restore a custom iOS firmware version on our device. As you may rightly suspect, jailbreaking software requires that our device be placed into DFU mode before the firmware exploit can be applied.
To start your iDevice in DFU mode, follow these steps:
- Connect your iDevice to your host computer with its USB cable and open iTunes.
- Turn off your iDevice.
- Hold the sleep/power and Home buttons simultaneously for 10 seconds. After 10 seconds have elapsed, let go of the sleep/power button but continue holding the Home button until you see the recovery mode prompt in iTunes.
To exit DFU mode, hold down the sleep/power and Home buttons until the device disappears from the iTunes Devices list. Next, start the device normally.
The good news is that many contemporary jailbreaking tools assist you in entering into and exiting out of DFU mode.