Monday, September 23, 2013

Some updates...

Just some brief updates to hopefully lower the number of mentions on my Twitter :P

6.1.3/6.1.4 A5+ Jailbreak status?!

As Apple closed the 6.1.3/6.1.4 signing window for devices capable of running iOS 7, many of you stayed behind on 6.1.3/6.1.4 (which is probably the best thing to do).

Everything for a 6.1.3/6.1.4 A5+ jailbreak is there. We're focusing on fixing bugs that occur internally. These range from Applications automatically deleting themselves from the uicache to iMessage/Facetime activations not working (even on legit sims). As far as a time frame goes for fixing these bugs, we have no idea. We're not lying. Its not like we got a progress bar going up every few minutes or something :P. I'll try to update this specific post as more things progress. 

Does this also apply to A4 devices?
Yes, A4 devices will get the 6.1.3 untether alongside this release.

Why don't you just release it now and release updates later to fix bugs?
Some bugs that are occurring internally sometimes require the user to restore their device in iTunes. This obviously is not good if its an A5+ device as it will kick them out of this window of using the 6.1.3/6.1.4 jb.

Why don't you give ETAs?!
As I tweeted the other day, "Funny thing about ETAs: When one is said but failed to achieve, people get more rowdy than if no ETA was announced at all.". So with that being said, no date/ETA is being given. When its ready it'll be pushed. Again, we have no idea of any time frame as to when it'll get pushed. If anything, before 2014 :P.

Update #1 (Sept. 26, 2013): Looks like even more internal stuff is breaking. Still a work in progress.
Update #2 (Sept. 27, 2013): Added three more entries to blog.
Update #3 (Oct. 5, 2013): In the midst of polishing the 6.1.3/6.1.4 untether. While doing so, I requested people running 6.1.2 jailbroken devices to email me to dump their kernels for reference. In conjunction with that, I also requested people running 6.1.3/6.1.4 to email me as well. However, many seemed to have emailed me expecting to beta test the jailbreak. Not true, this was also for dumping kernels. I'm not sure why many people would want to beta test a jailbreak for an iOS Apple is not actively signing anymore anyways(if something goes, you'd be forced to restore to 7.x). Release is definitely not this weekend, so don't get your hopes up. ETA for it is before 2014. When release is close, we'll tweet it. (Please don't bother tweeting asking for an ETA/progress).
Update #4 (Oct. 6, 2013): Got every iPad 6.1.2 kernel dumped for reference (thanks to everyone who emailed!). Will be putting something together shortly to easily dump 6.1.3 kernels. When I need specific iPads on 6.1.3, I'll be sure to make a tweet. iPhones 4/4S/5 and iPod touch 5 6.1.3 kernels are already dumped, so those devices are not needed.

Be sure to follow @winocm @iH8sn0w and @SquiffyPwn for the latest updates on this.

Why not keep these exploits for an iOS 7 jailbreak?!

They don't work on iOS 7.

iTunes 11.1 - WHAT IS THIS?! GO AWAY?!

Along with Apple pushing iOS 7, they updated iTunes to 11.1. This actually brought more headaches than convenience. 

When a user hits the restore button, they often see "iTunes will erase and restore your iDevice to iOS x.x.x and will verify the restore with Apple". What this does is submit a request to Apple for an apticket + SHSH blobs. Previous revisions of the iTunes Mobile Device Library would just use the BuildManifest included inside of an IPSW to supply the request to Apple with the essential "hashes" of each image within the IPSW. When tools like sn0wbreeze, PwnageTool, seas0npass, or redsn0w modified images such as iBSS, iBEC, ramdisk to avoid signature checks during the restore, iTunes didn't care or know. 

Now, prior to iTunes sending the TSS request to Apple, they ignore the values already in the BuildManifest and "re-hash" every image within the IPSW to create the TSS request. Meaning if 1 byte of any image is modified, when iTunes calculates the new "hash" and sends the TSS request, the TSS server will refuse to fulfill the request (Error 3194 is displayed). This essentially kills iOS 7 custom IPSW restores via iTunes.

Moving on to Error 11... This error seems to only be related to devices with basebands that require bbtickets (So basically the iPhone 4). Even though iFaith/sn0wbreeze removes the baseband requirement, iTunes 11.1 is expecting the iPhone 4 baseband firmware to be signed no matter what and notices that it isn't. This causes it to error out with code 11 (Error 11). It is worth noting that this issue was already present in the Mac OS MobileDevice framework on iTunes 11.0.x. When iTunes 11.1 was released for Windows, it looks like they finally merged code. Thus bringing the issue to Windows with iTunes 11.1. This does not affect the iPhone 3GS (bbfw is always pre-signed), 

A temporary workaround to fixing Error 11 on Windows is by downgrading to iTunes 11.0.x. You can find download links to old revisions of iTunes over here (thanks cj!).

One more thing worth mentioning is iREB for the iPhone 2G, iPhone 3G, and iPod touch 1G is broken with the iTunes 11.1 update. This is on my list of things to fix, but again... a workaround is typed up above.

sn0wbreeze/iFaith updates for iOS 7 please?!

As I have said above, iTunes 11.1 essentially kills iOS 7 custom IPSW restores via iTunes due to the "re-hashing" that is performed prior to the restore. I am working on a workaround for this, it will probably end up being something like the actual restore occurring within sn0wbreeze/iFaith itself (similar to redsn0w's "Restore" functionality).

As far as saving the iOS 7 apticket + SHSH blobs, iFaith can already fetch these blobs by selecting the "Show available caches on server" button and following on-screen prompts. This will work on all devices (including A5+ devices) except for the new iPhone 5C and iPhone 5S. 

Dumping functionality to dump iOS 7 blobs+apticket on the iPhone 4 will come when I get around the silly iTunes issue sorted.


Before you start wanting an iOS 7 jailbreak, you should know that lots of things are currently broken in iOS 7. To list a few: Cydia, MobileSubstrate, and WinterBoard. Not really worth pushing anything at the moment until these issues are sorted out (please don't bug saurik to fix it. He is aware of it already). 

With that being said, there is no use in pushing a user-friendly tethered iPhone 4 jailbreak at the moment.

As for updates on an A5+ iOS 7 jailbreak, follow the @evad3rs for updates on that.

Wednesday, September 18, 2013

Today is iOS 7, WHAT DO I DO?!?!?!?!!!!

Alright, so obviously everyone is freaking out about whether or not to stay on 6.1.3/6.1.4 or to upgrade to iOS 7 right away as there is currently no public jailbreak for 6.1.3/6.1.4. This post should explain everything. PLEASE READ EVERYTHING (no skimming please).

I'm an iPhone 4 user, what should I do?

If you have not already, make sure you save your iOS 6.1.3 SHSH blobs with iFaith, TinyUmbrella, or redsn0w (ipsw required). There is a lot of confusion about having to be running iOS 6.1.3 to obtain such blobs. No, that requirement only applies if you're dumping blobs right off the device. Which also makes me mention, if you have a firmware below 6.1.3 and do not have SHSH blobs for it, make sure to grab those blobs with iFaith. If you obtain these SHSH blobs, you are free to upgrade to iOS 7 and downgrade back down in case of anything getting released (DOES NOT APPLY TO A5 USERS).

I'm using a device with an A5 processor or higher, what should I do?

If you are currently on iOS 7, I would recommend downgrading to 6.1.3/6.1.4 (via DFU).

Why? There is currently a possibility of a potential 6.1.3/6.1.4 untethered A5+ jailbreak being pushed in the upcoming days/weeks.

If you wish to be included if such thing takes place, downgrade now. While you still can! Once iOS 7 goes live later today, the 6.1.3/6.1.4 signing window should close within the hour of the release (possibly even minutes).

If you're still running 6.1.3/6.1.4, today is your last chance to restore and get a "fresh" start.

If you're jailbroken on 6.0 --> 6.1.2 with evasi0n, you're better off staying where you are.

It is worth staying on 6.1.3/6.1.4 while iOS 7 is out if you want the chance to jump on board the potential A5+ 6.1.3/6.1.4 jailbreak. Once an iOS 7 jailbreak goes public, then you should have no concerns about the upgrade.

Also, although many people find it "useless" to save A5+ SHSH blobs, you're not going to lose anything by connecting your device and clicking a button. The saying is "Better safe, then sorry!". If some sort of low level boot loader exploit or apticket loophole goes public, such A5+ SHSH blobs will become useful again. (It is also worth noting that it is currently useless to look into 6.0 --> 6.1.2 A5+ downgrading due to Cydia caching incomplete aptickets. Read more). As usual, you can save A5+ shsh blobs for 6.1.3/6.1.4 by using either iFaith (click Show available caches on server and follow prompts), TinyUmbrella, or redsn0w (ipsw required).

Who should I follow for updates for the potential A5+ 6.1.3/6.1.4 jailbreak?


Please refrain from asking for any "ETAs", updates, etc. other than what is already posted.

Who should I donate to for an A5+ 6.1.3/6.1.4 jailbreak/BETA?!

No one. If you have donated to a non-credible/random dude who claims to be working on a jailbreak, demand a refund or issue a dispute on your credit card/PayPal. Any credible "jailbreak dev" will not ask for donations in advance to create a jailbreak.

Are you going to release an update to sn0wbreeze/iFaith so I can preserve my iPhone 4 baseband when upgrading to iOS 7?!

Yes. Probably sometime this weekend. (Should be able to work on it while in line for the iPhone 5S).
If you need any additional help for learning how to save your device's SHSH blobs, visit JailbreakQA.

Have an A1 day! ;)

Update #1 (September 20, 2013): Apple seems to finally closed 6.1.3/6.1.4 signing windows for devices capable of running iOS 7.