iOS jailbreaking

A jailbroken device typically permits root access within the operating system and provides the right to install software unavailable through the App Store.

Apple views jailbreaking as a violation of the end-user license agreement and strongly cautions device owners not to try to achieve root access through the exploitation of vulnerabilities.

Since it includes modifying the operating system (enforced by a "locked bootloader"), installing non-officially approved (not available on the App Store) applications via sideloading, and granting the user elevated administration-level privileges (rooting), the concepts of iOS jailbreaking are therefore technically different from Android device rooting.

"[5] To access banned apps,[6] users rely on jailbreaking to circumvent Apple's censorship of content and features.

[26] A package manager or package-management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs.

There are a few package managers specifically for jailbroken iOS devices, of which the most popular are Cydia, Sileo, Zebra and Installer 5.

As jailbreaking grants freedom over running software that isn't confined to a sandbox typical to that of an App Store application, as well as modifications to system files, it ultimately allows for the threat of malware.

While using older versions of iOS is considered safe in most circumstances, the device may be vulnerable to publicly known security flaws.

In March 2021, jailbreak developer GeoSn0w[27] released a tweak called iSecureOS which can alert the users of security issues found on their devices.

The application works akin to antivirus software, in that it scans the files on the user's device and checks them against a database of known malware or unsafe repos.

Where Android rooting and jailbreaking are similar is that both are used to grant the owner of the device superuser system-level privileges, which may be transferred to one or more apps.

[29] Many Android devices also provide owners the capability to modify or even replace the full operating system after unlocking the bootloader, although doing this requires a factory reset.

[30][31][32] In contrast, iOS devices are engineered with restrictions including a "locked bootloader" which can not be unlocked by the owner to modify the operating system without violating Apple's end-user license agreement.

Any functionality independent of the jailbreak will still run as normal, such as making a phone call, texting, or using App Store applications.

A few days after the original iPhone became available in July 2007, developers released the first jailbreaking tool for it,[35] and soon a jailbreak-only game app became available.

[40] The iPhone Dev Team, which is not affiliated with Apple, has released a series of free desktop-based jailbreaking tools.

[50] In October 2010, George Hotz released limera1n, a low-level exploit of boot ROM code that permanently works to jailbreak the iPhone 4 and is used as a part of tools including redsn0w.

[123][clarification needed] On September 16, 2015, iOS 9 was announced and made available; it was released with a new "Rootless" security system, dubbed a "heavy blow" to the jailbreaking community.

The American implementation is the Digital Millennium Copyright Act (DMCA), which includes a process for establishing exemptions for non-copyright-infringing purposes such as jailbreaking.

[131][132] Apple has also regularly credited jailbreak developers with detecting security holes in iOS release notes.

In November 2012, Canada amended its Copyright Act with new provisions prohibiting tampering with DRM protection, with exceptions including software interoperability.

[139][140] New Zealand's copyright law allows the use of technological protection measure (TPM) circumvention methods as long as the use is for legal, non-copyright-infringing purposes.

[151] In 2007, Tim Wu, a professor at Columbia Law School, argued that jailbreaking "Apple's superphone is legal, ethical, and just plain fun.

[154][155] Apple had previously filed comments opposing this exemption and indicated that it had considered jailbreaking to be a violation of copyright (and by implication prosecutable under the DMCA).

Apple's request to define copyright law to include jailbreaking as a violation was denied as part of the 2009 DMCA rulemaking.

The jailbreaking of smartphones continued to be legal "where circumvention is accomplished for the sole purpose of enabling interoperability of [lawfully obtained software] applications with computer programs on the telephone handset."

[160] In the same month, F-Secure reported on a new malicious worm compromising bank transactions from jailbroken phones in the Netherlands, similarly affecting devices where the owner had installed SSH without changing the default password.

[163][164][165] However, doing so generally updates the device to the latest, and possibly non-jailbreakable, version, due to Apple's use of SHSH blobs.

[166] Also, a program available in Cydia called PrivaCy allows user to control the upload of usage statistics to remote servers.

[168] In some cases, users have been asked to download free-to-play apps or fill out surveys to complete a (non-existent) jailbreak.

Screenshot of Cydia
Cydia , a popular package manager installed on jailbroken devices
Several people (including saurik , p0sixninja, and geohot ) who have contributed to building the early jailbreaking tools such as AppSnapp, greenpois0n, Absinthe, purplera1n, blackra1n, limera1n, and others. August 2011 at DEF CON .