TechCrunch has posted an in-depth article on the status of the iPhone 5 jailbreak. The piece includes interviews with Canadian iOS hacker David Wang (@planetbeing) and Jay Freeman, the creator of Cydia.
Wang explains his current iPhone 5 jailbreak:
“This vulnerability is nice because it lets us see what’s going on,” Wang tells me. “We need to be able to look at the code we’re trying to change – get a dump of it. Otherwise, we’re basically working on things in the dark.”
He says iPhone 5 users will be able to jailbreak their phones, hopefully this year and at least before the launch of the next model.
Nowadays, when it comes to work on the next jailbreak, Wang explains it comes down to those who have the time and energy to get involved. Gone are the days of two distinct teams such as the iPhone Dev Team and Chronic Dev Team, but rather individual efforts to contribute to a central repo on GitHub.
“Over time, the teams have broken down a bit,” he says. “The team structure doesn’t really work. It promotes rivalries and you can’t work with who you want. What we have now is better – we work with each other and share knowledge, but it’s kind of compartmentalized. Instead of sharing it with a whole team, we just share with an individual what we think they need to know.”
When a jailbreak is completed, Wang says challenges include trying to find savvy beta testers who won’t leak the jailbreak early; the process takes anywhere from days to weeks.
Apple has secured the bootrom in iOS, the first code that runs on an iPhone, a key source of former exploits. Hackers no longer have access to the bootrom, which Wang suspects Apple closed specifically to prevent jailbreaking.
“The bootrom has been getting smaller and smaller, but we can’t even get a dump of it right now. Even if we get code controlling the entire phone running, like we do, we can’t see the bootrom. And if we can’t dump it, we can’t look for code and mistakes very easily,” Wang says. The reason for this is because today, when the iPhone 5 boots up fully, it now hides the bootrom. This has been the case since “Limera1n” took advantage of an undisclosed bootrom exploit on the iPhone 4 (and earlier devices), which Apple has since fixed.
The increased security in iOS 6 has made finding exploits much more difficult:
“iOS 6 has had significant security improvements. And iOS 6.1 also has even more improvements,” says Wang. “One of the things we’re having trouble with [on the iPhone 5] is the initial injection,”
As for the popularity of jailbreaks? It’s still at all-time highs and the demand is there:
“We all think that the popularity of jailbreaks is going down because of all the improvements Apple has made, but it seems to be still pretty popular,” Wang notes, however.
Cydia founder Jay Freeman revealed to TechCrunch in the past two months, he has logged 22,780,029 iOS devices running Cydia.
Wang has privately held a jailbroken iPhone 5 since last November (hacker @chpwn teased a screenshot of his jailbroken iPhone 5 last September) and recently shared more about his jailbreak on reddit. Even though fellow hacker @pod2g has concentrated his efforts on his company 2G Lab, it appears he has teamed up with @planetbeing to find more iOS exploits recently.
Hey @planetbeing, please look at your IRC, I think I have good news!
— pod2g (@pod2g) January 21, 2013
The iPhone 5 jailbreak does exist but at this point in time, a public release doesn’t look like it’ll come anytime soon. In other words, if you’re waiting for the jailbreak, keep patiently waiting.