How can I jailbreak an iPhone 4S running iOS 6 firmware? What should I do to install Cydia on my iPhone 4S? Well, just tell me how to jailbreak? These are some of the questions I get to hear frequently. As an iPhone 4S user, I think I have the answers to all these demanding questions.
Let’s breakdown the topic even more, so that we can have a clear idea on what’s happening in the jailbreak community.
iOS 6 Jailbreak:
The iPhone Dev Team is working round the clock to exploit Apple’s latest iOS 6 firmware, and they have succeeded to a certain extent — that is, the brilliant minds were able to fabricate a jailbreak that could work only on a couple of devices. The devices are as follows:
- iPhone 3GS
- iPhone 4
- iPod touch 4G
All of these devices, even if they are on iOS 6, can be jailbroken. The jailbreaking procedure is fairly simple: download RedSn0w for Windows or Mac, setup and install the tool, plug the iOS device to a computer, launch RedSn0w, follow the instructions and wait for a couple of minutes.
All that sounds fine if you have any of the above-mentioned devices. But what if you are using an iPhone 4S running iOS 5?
iPhone 4S Jailbreak:
The straightforward answer on whether we have a working jailbreak for iPhone 4S or not will leave you fairly disappointed (that’s a hint!).
After spending a huge chuck of time and probably losing their sleep, the iPhone Dev Team were finally able to release an iPhone 4S jailbreak for iOS 5 firmwares this year. The jailbreak came in the form of Absinthe, which is the only jailbreaking tool released for iPhone 4S so far.
But iPhone 4S users on iOS 6 firmware are completely out of luck. As there’s no bootroom exploit available for A5/A6 (includes iPhone 5) devices, jailbreaking iPhone 4S/5 on iOS 6 is still a stretched out dream.
Lastly, there’s no iOS 6 Untethered Jailbreak
Only tethered jailbreak is possible on iPhone 3GS/4, iPod Touch 4G running iOS 6 firmware. And for those who don’t know, tethered jailbreak comes with its own set of restrictions — if you restart the device or the battery goes flat, then you have to jailbreak the device once again.
We are still waiting for the untethered jailbreak for iOS 6.
In the jailbreak universe, all we do is report everyone on what we hear from the iPhone Dev Team. Right now, we haven’t heard any good news from them yet. These iOS hackers haven’t even dropped a hint on what they are up to, but we don’t see a jailbreak coming soon for iPhone 4S users, at least not in the next two months.
While you wait for the iPhone Dev Team to release the next jailbreak, you may want to read this interesting article: how iOS jailbreaking works. As you probably know, jailbreaking is all about gaining control over the root and media partition of your iOS device, and this is possible only when /private/etc/fstab is both readable and writable and when security checkpoints are bypassed.
iPhone Dev Team’s member Pod2G says that they need a set of exploitable vulnerabilities to be able to jailbreak, which are as follows:
- a code injection vector: a vulnerability in the core components of iOS that leads to custom, unsigned code execution.
- a privilege escalation vulnerability: it’s usually not enough to have unsigned code execution. Nearly all iOS applications and services are sandboxed, so one often need to escape from the jail to trigger the kernel exploit.
- a kernel vulnerability: the kernel is the real target of the jailbreak payload. The jailbreak has to patch it to remove the signed code enforcement. Only the kernel can patch the kernel, that’s why a code execution vulnerability in the context of the kernel is needed.
- an untethering venerability: when the device boots, it is unpatched, thus cannot run unsigned code. Thus, to start the jailbreak payload at boot time, a code execution vector either in the services bootstrap or in the loading of binaries is mandatory.
Have you upgraded your iPhone to iOS 6? Are you waiting for the next jailbreak? Can the iPhone Dev Team deliver it one more time? Let us know through your comments below.