Apple Releases 6.1; Evad3rs Aim to Release JB Within a Week

As soon as Apple had released the latest update to iOS 6, planetbeing announced that he and the rest of the team working on the untethered iOS 6 jailbreak were reviewing the public release and making sure it hadn’t thrown a wrench in any of their exploits. Shortly thereafter, planetbeing confirmed that the JB was on track, saying:

“iOS 6.1 appears to be vulnerable to the exploits we are planning on using. :)”

This set off a flurry of excitement on Twitter; the long wait seems to have made everyone all the more anxious and excited now that the jailbreak is so close.

Still, while the team has test the entire JB process, they still have to work on polishing, so they aren’t quite ready to release. According to planetbeing, we’re looking at about a week more of waiting — possibly sooner, but also possibly later. But the fact that he’s even giving an ETA is a good sign that they’re confident they must be close, because planetbeing doesn’t usually like to give ETAs, as he wrote in a reddit post for the iOS 5 JBs:

“The problem with giving any definite ETAs is that there can always be problems that crop up that blindside us that will take an unknown amount of time to solve (if they are even solvable).”

So the fact that we have an ETA is a good sign. After a long and almost hopeless wait, the untethered iOS6 JB should be here very, very soon.

Even more good news: iOS 6.1 will be jailbreakable, so you can go ahead and update to the latest and greatest without forfeiting your freedom.

Untethered iOS6 JB Update: All Pieces Ready, Waiting for 6.1 Release

In an interview with iDigitalTimes, evad3r team member pod2g revealed that all the pieces are ready for the untethered iOS 6 jailbreak – and maybe even iOS 6.1. Now the team of superhackers just need to wait for Apple to release iOS 6.1 so they can confirm no holes have been patched and protect their exploits in the interim.

Pod2g was also insistent on giving planetbeing and pimskeks the bulk of the credit, saying that it was important to him that everyone know that this jailbreak is primarily their work:

“Now I am helping as much as I can in terms of communication, websites, and also development, but I was not involved the same way as previous, focused on my work and all… Yes, in order @planetbeing, @pimskeks, then me.”

And if all that weren’t enough good news for one day, Pod2g also hinted at work already going toward an iOS 7 JB, stating that he had found vulnerabilities that won’t used for this jailbreak, but “next one certainly…”

Tomorrow is the Last Day to Legally Unlock Your Phone

Mark your calendars: starting January 26, it will become illegal to unlock your cellphone.

The Librarian of Congress gets to decide what slides and what doesn’t when it comes to the US’s draconian anti-hacking law, the Digital Millenium Copyright Act, or DMCA. And back in October 2012, Librarian James Billington decided that unlocking your cellphone shouldn’t be one of the things that slides, so he gave cellphone owners 90 days to free their phones from the clutches of their current service provider.

Unlocking should not be confused with jailbreaking. Unlocking a phone allows it to work on more than one carrier network. Jailbreaking a phone allows it to run different software, and it remains completely legal.

Once the rule comes into effect, it will still be possible to obtain an unlocked phone legally: Verizon’s iPhone 5, for example, comes unlocked, and AT&T will unlock any phone out of contract. You can also usually get an unlocked phone if you pay full price, rather than taking advantage of discounts that come with locking into a contract.

Fun fact: if you do decide to unlock your phone the 26th, the DMCA actually requires you ask your carrier first if it will unlock your phone for you.

Don’t Be Fooled: The Evad3rs Are The One True Team

… and they aren’t taking donations at this time.

pod2g recently tweeted that he, MuscleNerd, planetbeing, and pimskeks are the real heroes working toward the untethered iOS 6 jailbreak, and to avoid any confusion, they’re calling themselves the evad3rs. So don’t be tricked into donating to other teams pretending to be working on an iOS 6 jailbreak.

The evad3rs are mostly the same guys behind the Dream Team of iOS 5 JB glory, with the exception of pimskeks, who’s seems to have filled p0sixninja’s spot.

The jailbreaking community has seen a surge in communal efforts, as jailbreaks have become increasingly difficult with Apple’s ramped up security. Rather than breaking into separate competitive teams, people from across the jailbreaking scene are contributing what they can, and a few key players are coordinating the efforts.

On the recent flurry of progress toward the next long-awaited jailbreak, evad3r team member planetbeing had this to say:

“I think the future is looking bright.”

Jailbreaking’s Status: “It’s Complicated” with Apple

As the grueling wait for an iOS 6 JB drags on, some fans are questioning whether jailbreaking is on the decline. Has Apple become too powerful to beat? Will we ever see another iDevice jailbreak? Is this the end of jailbreaking as we know it?

Well obviously jailbreaking isn’t dead. Even though there’s been a wait for the untethered iOS 6 JB, we already know it’s possible. Chpwn showed us pictures of Cydia on the iPhone 5 running iOS 6 the day after it was released back in September. And Planetbeing recently revealed that he has an untethered jailbreak for iOS 6.0.2 — it just hasn’t be released because it would burn valuable exploits.

Unfortunately, jailbreaking is just a hell of a lot more complicated now, and it’s not about to get any easier. Planetbeing’s current private JB makes use of at least four bugs, and they’ll need to find at least one or two more bugs to keep in reserve before they’re ready to release it publicly. Plus, according to i0n1c, Apple is adding even tougher security protections to iOS 6.1.

Apple has had a lot of time and a lot of iPhone iterations to get serious about security and close exploitable gaps. The first iPhone was relatively easy to jailbreak because there was basically no security at all. But Apple caught on quickly and learned from its mistakes, and the second iPhone was a lot harder to break than the first. And the third was harder still. Apple doesn’t make the same mistake twice, and it has a lot of resources to devote to bolstering security. It’s sort of like playing chess with a really precocious kid — you beat them easily the first time because they’ve never played before, but then they go and get some training and now they’re Bobby fucking Fischer.

Of course, whenever you introduce new code, there’s bound to be some bugs, and some of those bugs might be exploitable. That said, in order to jailbreak an iDevice, you first have to find bugs in the kernel — which is only a few thousand lines long — and then you have to find ways to get past the hardware-level security. As Apple builds more and more walls (and hires the best architects to do it), hackers have to be craftier and craftier at finding the cracks, and they have to find more and more cracks to get inside.

This is a game for grandmasters now. It takes a lot of time, a lot of thought, a lot of planning, and a lot of work. Fortunately for us, though, there are some incredibly talented players who are up to the challenge — and up for the challenge purely for the sake of the challenge. So as long as they’re around, I think the game will still be on.


Jailbreaking Econ 101

I’ve noticed a lot of buzz on Twitter about the monetary motivations behind jailbreaking and how that relates to whether iOS jailbreaks will continue, and it seems like there may be some confusion about the economics of jailbreaking. This is hardly surprising, because it’s an underground market, so there’s not a lot of research or analysis that goes into it. Still, it might not hurt to take a look at the basics.

Jailbreaking isn’t a multi-billion dollar industry, but can be a fairly lucrative — and not just for hackers, but also for the people who sell products and services for jailbroken devices. As of 2011, Cydia was seeing about $10 million in annual revenue. College kids were making upwards of $50,000 a year jailbreaking devices for their friends and fellow students.

Jailbreakers themselves can turn a decent profit too. There are three primary ways you could make money off of a JB:

1. Sell an exploit.

An iOS exploit is worth about $250,000. Browser vulnerabilities in Chrome, Safari, and Firefox can also pull in somewhere between $80,000 – $200,000, according to research compiled by Forbes. However, a lot of the best jailbreakers — especially iDevice jailbreakers — don’t sell exploits on principle.

2. Donations.

A lot of people want to be able to jailbreak their devices, whether it’s to get pirated apps or customize the device in ways they normally wouldn’t be able to. So a lot of people are willing to support the folks who actually have the talent to jailbreak.

Plus, anyone who sells a product or service that relies on a jailbreak is really interested in making sure the latest jailbreak comes out quickly. Funding jailbreakers generally yields a pretty good ROI for them.

3. Ad revenue.

A big jailbreak is a huge popularity boost. With so many more people visiting your website, ad revenue spikes.

Of course, donations and ad revenue aren’t going to make you millions — in fact, hardly anyone in the jailbreaking industry, hacker or otherwise, is making millions off of it. And if you factor in the number of hours jailbreakers spend looking for exploits, the revenue starts to look pretty paltry.

And for the guys who are really good, especially the guys who work on Apple devices, jailbreaking has never been about the money. If they just wanted to make money, they’d sell exploits. They don’t.

So jailbreaking isn’t something you can look at purely from a perspective of supply and demand, of profits and margins and ROI. Jailbreaks are driven by a lot of different factors — a lot of unpredictable human factors. Great jailbreakers generally do it out of the love of the game, and that can be both a purer and a fickler motivator than money. Sometimes people get bored, sometimes they need something new — pod2g, for example, recently built an app. Plus, jailbreaks are several parts luck. Sometimes someone gets lucky and finds a great exploit right away, and sometimes it takes months and months of searching. So while jailbreakers may want to please their fans, market demand usually has very little to do with their motivation.

This is one reason why the advent of JB-free methods of app piracy probably won’t have much effect on whether we continue to see jailbreak releases. It’s long been suspected that the majority of iOS jailbreakers only do it in order to obtain pirated apps. With the rise of methods to pirate apps without needing a jailbreak, there’s some speculation that the demand for jailbreaking may considerably decline — which could lead to the decline of jailbreaking itself. But the developers who work on iOS don’t care about having a massive demand; they’re not in it for the profit. So they’re not likely to quit just because there are fewer people using their exploits.

That said, jailbreaking is an ecosystem, and there are some people who do care about making a profit — like anyone who sells apps and services for jailbroken devices. This includes the service of making sure users can distribute and acquire apps for their jailbroken devices — i.e. Cydia. Saurik could hardly run Cydia if it didn’t at least pay for itself. And a long wait for a jailbreak means less traffic and less revenue, as users opt to upgrade to a non-jailbreakable version of iOS or (gasp!) move to Android. If the demand for jailbroken apps and services declines considerably, the jailbreaking community may see fewer apps and services available — which could become a self-feeding downward spiral. Of course, demand depends largely on JBs being available. So if jailbreaks continue to be released at their current rate, Cydia may eventually lose too many users in between jailbreaks to sustain itself.

Still, Cydia always sees a significant bump whenever a new jailbreak is released, and saurik recently reported that Cydia is installed on over 22.7 million devices.

An even bigger boon to the JB industry than the iOS 6 release would be a killer new app for jailbroken devices — something on par with MyWi. Remind everyone why they love to jailbreak in the first place.

Windows RT Jailbreak: Microsoft Unfazed, Applauds Ingenuity

Over the weekend, a hacker going by the name clrokr claimed he’d found a way to jailbreak a Windows RT device, allowing it to run unsigned desktop apps. Microsoft immediately investigated and verified the claims, but the tech-giant played it cool, claiming the jailbreak did not expose any vulnerabilities or pose any threat to security. It went on to actually “applaud” the hackers who discovered the jailbreak, and particularly their thorough documentation thereof. The company also coyly noted that the jailbreaker’s method – the so-called circumvention method – may not work for long.

Here’s Microsoft’s full statement:

“The scenario outlined is not a security vulnerability and does not pose a threat to Windows RT users. The mechanism described is not something the average user could, or reasonably would, leverage, as it requires local access to a system, local administration rights and a debugger in order to work. In addition, the Windows Store is the only supported method for customers to install applications for Windows RT. There are mechanisms in place to scan for security threats and help ensure apps from the Store are legitimate and can be acquired and used with confidence.

We applaud the ingenuity of the folks who worked this out and the hard work they did to document it. We’ll not guarantee these approaches will be there in future releases.”

According to clrokr’s WordPress site, the JB makes use of a security weakness in the Windows kernel that’s been around for a while.

Clrokr goes on to say that the RT is a clean port of Windows 8, and that Microsoft artificially separates the platforms by enforcing Code Integrity — which doesn’t stop pirates from modifying store apps.  He concludes that banning traditional desktop apps was a bad marketing decision and encourages MSFT to consider making code signing optional.

Exit Hackulous; Enter…?

Ever since Hackulous bid its meme-y Shakespearean adieu, I’ve been wondering what would try to take its place. Piracy sites may come and go, but pirates are here to stay. Look at music piracy. Or movie piracy. Or good-old-fashioned high-seas piracy. ReadWrite’s Dan Rowinksi said it pretty well:

“In the end, the death of Hackulous will be really no different than demise of AOL Message Boards or Usenet. Just because the forum has disappeared does not mean that the people on it are gone. We will likely see a drop in iOS app piracy in the short term. But that will not last forever.”

So I found it pretty unsurprising to see Kuaiyong and Zeusmos getting so much buzz. Hackulous left a big vacuum, and people are bound to capitalize on that.

Even so, neither of these sites could hardly be considered Installous replacements. uhelios has already come out and said it seems that he’s making it harder for people to use Zeusmos for piracy. And Kuaiyong’s exploitation of enterprise licensing will likely attract unwanted attention from Apple. As Tech in Asia put it: how has Apple not killed this?

I think iOS app piracy may be experiencing something similar to jailbreaking. It’s definitely not dead, but it’s a lot harder than it used to be — it’s getting too complicated for the average would-be pirate.

It’s actually a little like the decline of high-seas piracy after its Golden Age. While Europe was embroiled in wars at home, piracy in the Caribbean flourished. But when the dust settled in Europe and the empires could turn their military attention overseas, they cracked down hard on piracy, and it became a lot harder for pirates to roam freely. The average swashbuckler was just no match for a well-trained army with infinite resources. Granted, there were brief resurgences in buccaneering, and pirates are still active today in areas like Somalia, but by and large, piracy’s salad days are done.

So even if we do see some minor resurgences in websites like Kuaiyong, the golden era of app piracy may well be over.

Apple in 2013: Radio, TV?

Widely anticipated and long-overdue, it seems that Apple’s answer to Spotify may finally be released some time in 2013, possibly as a new iOS 7 feature, according to analyst Richard Greenfield. Unfortunately, talks seem to have run aground as Apple and the music labels attempt to negotiate how to split revenue.

iRadio would be a personalized radio, similar to Pandora or Spotify. It would likely be incorporated into the iTunes app and integrated with iTunes for purchases. Greenfield notes that this type of music catalog is becoming increasingly popular with consumers, as opposed to the more traditional ownership model.

As for Apple televisions? Given the difficulty in acquiring licenses for content, Greenfield doesn’t see this one happening any time soon.