iPhone Jail Break
February 2010, Apple released iOS 3.1.3, once again blocking jailbreaks. However, most iPhone and iPod Touch models
could be downgraded. The iPhone 3GS and iPod Touch 3G were downgradable only if the user had saved the SHSH blob of
In March 2010, Wii homebrew developer Comex released a video demonstrating a preview of an untethered jailbreak Swift
(as opposed to Blackra1n's tethered jailbreak).
In April 2010, George Hotz (Geohot) announced that he was working on a new untethered exploit, limera1n, and registered
the domain limera1n.com. However no exploit was released for several months, and Geohot announced his retirement from
the jailbreaking scene in July, leading some to speculate that the exploit had been 'hype.
On May 2, 2010 shortly after the iPad 3G release, Comex's Spirit was released. It worked on all iPod touches, iPhones and
iPads running the latest iOS at the time (3.1-3.2), untethered. It functioned similar to Blackra1n, with only a single button to
Apple released iOS 4 on June 21, 2010. Hours later after, the iPhone Dev Team released redsn0w, and in the following
days updated versions of Pwnage Tool and Snowbreeze were released. These exploits allowed jailbreaking of iOS 4 on the
iPhone 3G/S and second generation iPhone Touch, but there was initially no working jailbreak available for the iPhone 4.
On July 25, 2010, the Library of Congress ruled that jailbreaking was explicitly exempted from provisions of the Digital
Millennium Copyright Act.
Comex's Swift jailbreak was defeated by an update to the iPad's iOS in July. On August 1, 2010, Comex released the first
publicly available jailbreak for the iPhone 4 called JailbreakMe 2.0. The jailbreak was activated by visiting a web page
(JailbreakMe.com)[ on the device's Safari web browser. The jailbreak is applied onto the iOS device right from within the
browser. This type of jailbreak had not been used since iOS firmware 1.1.1 on first gen iDevices. It was able to jailbreak
firmware versions 3.1.2 to 4.0.1 on all of the latest iPhone/iPod Touch/iPad models.
Two weeks later Apple released iOS 4.0.2 for the iPhone/iPod Touch and iOS 3.2.2 for the iPad. These upgrades added no
new features, but closed the PDF exploit rendering the JailbreakMe.com method useless.
On August 20, 2010, Apple stopped signing firmware for iOS firmware released before 4.0.2 for the iPhone/iPod Touch and
iOS 3.2.2 for the iPad. This forced users requiring a firmware restore to upgrade to 4.0.2 firmware, which had patched
vulnerabilities allowing jailbreaking.There again followed a period of several weeks in which there was no working jailbreak
available for the iPhone 4 running the latest firmware.
On September 8, 2010, as soon as Apple released iOS 4.1, the Chronic Dev Team announced they were working on a
bootrom vulnerability in the latest iPhone and iPod touch devices. This exploit has been named as SHAtter exploit. The
bootrom exploit has been confirmed to work on iPhone 4, iPod Touch 4G, and iPad, which all contain new CPU, S5L8930.
The nature of the bootrom level exploit, codenamed SHAtter, means that the devices would be jailbroken for life until Apple
makes changes at hardware level. On September 20, 2010, pod2g, the person who discovered the SHAtter exploit
announced he would no longer be working with the Chronic Dev Team
On September 23, 2010, iH8sn0w released sn0wbreeze 2, the first jailbreak available for iOS 4.1. However it was a
tethered jailbreak, and only worked on older devices, not the iPhone 4 or iPod Touch 4G.
On October 7, 2010, the Chronic Dev Team announced the release date of the new jailbreak Greenpois0n for the the iPod
Touch 4G and iPhone 4 running on iOS 4.1, and iPad running on iOS 3.2.2. The jailbreak would be released on 10/10/10 at
10:10:10 a.m. GMT. Greenpois0n was expected to be based on the SHAtter bootrom vulnerability.
However shortly before the planned release of Greenpois0n, George Hotz (GeoHot) came out of retirement with the surprise
release of Limera1n, which he had previously announced in April but had never released. The exploit was the first capable
of jailbreaking the iPhone 4 running on iOS 4.1 and iPad running 3.2.2, and was based on a second, previously
undisclosed bootrom vulnerability.
The Chronic Dev Team subsequently delayed the release of Greenpois0n while they adjusted it to use Geohot's bootrom
exploit rather than SHAtter, stating that releasing the original SHAtter-based greenpois0n would be "a complete waste of a
perfectly good bootrom hole in light of limera1n, and so it can be held until Apple closes limera1nís hole. The Greenpois0n
jailbreak was eventually released on October 12, 2010, and allows jailbreaking of the iPhone 4, iPhone 3GS, iPod Touch
3G/4G running iOS 4.1, and iPad. The software runs on Windows and Linux only, although a Mac version is planned. A Mac
version of limera1n was released by Geohot on October 14 2010, providing the first way to jailbreak iOS 4.1 via Mac. On
October 16, 2010, Chronic Dev Team has released greenpois0n for Mac OS X. On October 18, 2010, Greenpois0n RC4
was released, adding support for iPod Touch 2G. This makes all iDevices running iOS 4.1 or 3.2.2 (iPad), which is the
latest firmware at the moment, jailbreakable.
Credits to <http://www.coveringweb.com/> for this great jailbreak guide