Well, the reason that the Cydia store doesn't work, and that Saurik wasn't included in the discussions, is starting to become clear. A Chinese company paid the evad3rs a rumored 1 million dollars for the jailbreak, forcing their own App Store onto the phone.
If the computer running the jailbreak has Chinese as the main language, then the Chinese 太极 (taiji) market app is install. Cydia is available as an option, but it is deselected by default.
So, if you want to run a heavily obfuscated application that exploits your phone, disables application signing, and installs uid 0 processes running on your phone... sponsored by China, go ahead. (The jailbreak app is heavily protected so that competing Chinese companies can't replace the Taiji app store with their own. But who knows what else is in there?)
This is basically the worst-case scenario for Apple in terms of jailbreaks: For the first time, there's an unknown corporate actor calling the shots, and the high code-signing security of iOS 7 has backfired, causing this to be the only jailbreak on the market.
If this becomes anywhere near as popular as Evasi0n for iOS 6.1 (over 7 million downloads in its first few days), Apple will have not simply lost control of the platform to a bunch of power users, but to a well-funded entity with unclear motives.
Apart from trying some kind of political game in China to shut this down (I don't know how much pull they have there for this sort of thing), I see only one solution, which is to change the rules of the fight: Port Gatekeeper to iOS. Kill the market for jailbreaks altogether.
> (over 7 million downloads in its first few days),
> Apple will have not simply lost control of the
> platform to a bunch of power users
How about checking the number of iOS devices sold, comparing to your 7 millions and stopping big claims about Apple losing control over the platform?
I'd also argue, that there are lot less reasons to jailbreak iOS 7 compared to iOS 6.
Minor nitpick: "Port Gatekeeper to iOS" doesn't make much sense; the built-in FairPlay DRM and code signing stuff is already a "gatekeeper on steroids". It's exactly the type of protection that a jailbreak would work around.
Pretty sure that by "Port Gatekeeper to iOS" he's talking about giving the users the ability to choose whether or not to run signed (or unsigned) code that doesn't come from the AppStore, exactly like you have on the Mac (see the bottom of the "General" tab of "Security & Privacy" in System Preferences.
Oh, you're right. That argument makes much more sense!
Unfortunately though, I doubt we'll ever see Apple giving up control of its App Store. They'll patch this one and move on, like always, making future jailbreaks even more difficult to produce.
At least the major publicity around jailbreaks means Apple will take these vulnerabilities seriously and patch them quickly. Which is a very good thing for the security of regular users. Scary to think of how long 0-day vulns like these would stay alive if there weren't in such demand by tweakers.
I bet someone will reverse engineer this jailbreak to figure out what what hole it uses and write one that is more open and/or installs Cydia by default.
Apple also will study it to find their security hole and close it in an OS update.
Taig could install apps that run out of the sandbox, just like the apps that be installed by cydia. Taig is not removable, if you remove taig, your iOS will be to the DFU mode (Not safe mode).
Saurik did know about the Chinese company and tried to warn Evad3rs about piracy, but I read that Evad3rs thought that the app had nothing to do with piracy. [1]
[1] "In our agreement with Taig, we contractually bind them to not have piracy in their store. This was an extremely important precondition of working with them." http://evasi0n.com/l.html
I'm confused, nobody knows what's going on inside this jailbreak? People with enough technical knowledge to want to jailbreak will install something like that without it being open source?
I think you are overestimating the jailbreaking population. most of the people I know who jailbreak have very little technical knowledge at all. they just want to change their font, or keyboard, or something else of that nature. In fact not a single one of the people I know who actively jailbreak their phones probably even know what "open source" means, let alone the importance thereof
Except that there is never going to be an open source jailbreak. If it were open source, then Apple would be able to easily see what exploits are being used and patch them. In the past, has there ever been an open source jailbreak?
Apple will find the exploits for binary-only jailbreaks, no problem. Also, there's been several source code releases for jailbreaks before, like https://github.com/comex/star_
The details of exploits used in jailbreaks have typically been released [0] or reverse-engineered [1], so open-source or not, Apple will typically fix them in the subsequent release.
That right there put me off upgrading. It's bad enough that to jailbreak my phone, I basically have to accept the fact that I'm running an operating system with known (and unpatched) security vulnerabilities. That evasi0n basically bundles spyware is completely unacceptable.
Freedom to copy your data out of an app into your computer even if the app doesn't "allow" it. E.g., get into Notes.app's sqlite database after they decide to delete all the data when you unlink your account even if it hasn't successfully synced for a year so that you can recover half of it.
Develop apps on your own device without paying $100 and supporting the war on general purpose computing. Also compile and run GPL apps.
Good points, but I'm sorry to point out that buying the iPhone itself supports the war on general purpose computing. Jailbreaking might get you out of this set of digital handcuffs, but what about the next one, or the one after that?
Do you also claim that buying Wii, Xbox, PS also support "the war on general purpose computing"?
What kind of ideas is this? If I buy milk do I support the war on grain based food?
Do those buying Android phones without any intention to develop for the platform or rooting their phones also support the war on general purpose computing?
I come at it from a different angle. I support and assist open source projects where possible, I use an unlocked Nexus device and will be buying a Jolla phone ASAP. I don't like the trend towards closed devices either.
I think the "war on general purpose computing" was a term coined by Doctorow (or Stallman?) and I have to agree with it in principle. I just can't go all the way and use a Longsoon-based MIPS device because of performance concerns.
It's not quite black and white. I can quite happily buy a PS4 (did you see the list of open-source software they used?) and still support the FSF and EFF as necessary.
A smart phone or tablet is increasingly the only access many people have to the net. The implications of control here are in a completely different category from a disposable game console.
iOS 7 isn't available on the iPod Touch 4th Gen, that doesn't change with this news. So, your reasons focus on iOS 6 and lower. iOS 7 imho leaves only a few edge cases to favor a jailbreak, especially on an unlocked device.
You can actually do the first bullet point with software like iExplorer - the app sandboxes are only protected on the device, but when connected to your computer it's all available to you.
Could you go as far as messing with the carrier bundles? I had a problem a while ago where Safari would reinstall the carrier's default bookmarks every time it reopened. To be fair it was irritating, not critical, but I was able to hack the carrier bundle and remove the bookmarks, plus change the carrier name out of spite.
Stuff like that, it doesn't change my life but it makes me mildly happier, all because I can get at the filesystem and have root on my own devices.
iOS has this functionality. For blacklisting, you can block a caller or texter. For whitelisting, you can enable Do Not Disturb, and then whitelist people by adding them to your Favorites.
Regarding the first, I was pretty impressed when I plugged my phone into my Ubuntu machine for the first time and up popped two Nautilus windows giving me read access to my entire iphone5 filesystem.
I'm an avid user of Garage Band for iOS and the method Apple gives you to transfer songs from the phone are surprisingly inadequate.
Linux also assisted with copying all the songs from my girlfriends iPod, which was denied by iTunes due to some DRM silliness.
So, with Linux coming to the rescue I have found less of a desire to jailbreak these devices.
For me, I'd use it for recording calls. I'm also interested in what the mod community comes up with - there's usually a lot of innovation in the JB space that Apple cribs into big iOS updates.
Can you record calls with a jailbreak? Last time I checked (which would have been around iOS 5, I think) it was not possible, as the baseband handled the audio for calls and it never touched the main OS. Several jailbreak apps claimed to be able to do it, but on further investigation they all worked by forwarding your calls through their own phone number and recording on their end, which is pretty awful.
I can unlock the faster Nitrous Javascript renderer for 3rd party apps (Apple gimps 3rd party browsers by restricting this but w/ jailbreak, I can bypass Apple).
I can install different UI interactions that I prefer like swipe up from the bottom edge to close an app (probably won't work well in iOS7 but in iOS6 it was fantastic).
I can install a tweak that saves all Snapchats for unlimited time and adds a lot of stuff on top of Snapchat discreetly.
And just a lot of little tweaks that I really enjoy having.
* It's an easy way to flip values for tweaks for apps and Springboard. Saves a lot of time vs one by one installing these in Cydia. Eg: Staff Mode for Instagram, 5 icon dock, remove ads... Plus many users have saved tweaks to Flex's cloud.
You could also buy a pair of $8 orange safety goggles and a piece of orange cellophane to cover your phone. The frequencies that disrupt circadian rhythm are 500nm to 450nm or so with the strongest response at 470nm. Response is also dependent on duration and ambient light levels, so if you are in the dark, as much as 0.5 lux of blue light over an hour can halt your pineal gland from producing melatonin.
F.lux also shouldn't be relied upon by itself. How well it works is dependent on the particular frequencies emitted by the RGB components of your screen. I have a 470nm band pass filter that I look at light emitters through, and f.lux reduces such emitters, but doesn't stop them completely. I have constructed a removable orange filter as a supplement.
I actually have those goggles, but find they don't fit well over my glasses. Know of any pair designed to work with glasses?
I know flux isn't perfect. But as I don't really use my phone much before bed, it seems to work well enough. The glasses could be useful for late night computer work though.
There is a website that sells over the glasses shades for this purpose, but those are way over priced. Most anything orange stands a good chance of working. You can park an incandescent bulb behind one and look at its spectrum reflected off of a CD or DVD. Look for the blue that looks like the sky on a cloudless day. I'd buy over-glasses safety goggles from a store, then test them at home and return them until you found a pair that works.
For $24, you can get enough orange filter gel to make a filter for your 27" screen, then have enough left over for a couple of iPads and several iPhones.
Does being snarky make you feel better about yourself?
I find it hilarious that someone who knows that staring at a bright blue-white screen is going to impact their sleep, continues to do so. It is even more amusing to think that they'd rather drop $400+ on a new Android phone that can run lux/redshift instead of modifying their own behavoir in a trivial way.
You should not alter your lifestyle to fit the limitations of your possessions. Rather, your possessions should help you to live the way you want to. If you enjoy staring at screens at night (e.g. for reading), you should buy gadgets that enable you to do so.
This reminds me of threads on MacRumors and Apple Discussions. Someone asks how to do X with [gadget]. Someone replies that you can't do X with [gadget]. Then someone asks why you would want to X with [gadget], you're obviously using [gadget] wrong and you should buy Y to do X instead.
The rest of the thread is an argument over whether people should want to do X with [gadget]. Maybe a post explaining how to more or less do X with some hacks thrown in the middle.
You forgot the last and most important step: [gadget] version (n+1) comes out with a new feature: "Do X with [gadget]!" And suddenly everyone is so excited that they can now do that thing that was so clearly wrong to want to do before.
It sure did make me feel better about myself. Did telling that person he was using his phone wrong make you feel better about yourself?
There wasn't even a problem. "I like f.lux." "Or you could not stare at your phone." What were that poster or third party readers supposed to have gleaned from your comment, pray tell?
When someone discusses a problem that has a trivial and obvious solution that they're not using, you should consider that they may have already thought of it and found it wanting.
>You could just stop staring at your iPhone before you fall asleep?
There's this big problem with technology - particularly common with people that is not familiar with it (looking at you @aroch) - where people think that you should adapt yourself to the technology around you where it should always be technology the one that should adapt to your lifestyle.
If you cook something and it tastes like shit, do you eventually become used to the taste of shit? or do you find out what happened and cook in a way that relates more to the kind of flavors that you want?
Interestingly ( perhaps ), in a house fitted entirely with 5600k 96%-daylight spectrum bulbs, I have no problems falling asleep nearly instantly after using a smartphone or laptop.
Perhaps you could try changing the lamp bulbs in you bedroom to daylight-spectrum so there isn't such a sharp distinction between a screen and the ambient light colour?
Could you expand on what prompted you to install those? I had thought the blue light itself was the issue. I don't know what daylight spectrum bulbs are like, but I'm assuming they emit more blue light.
Several years ago I started working from home more, and during the winter found myself really struggling to focus on screens and written text. It seemed to be 'vague' but my eye tests showed no deterioration.
I read online about daylight-spectrum bulbs assisting fine-work ( crafters use them extensively ) and on a hunch I bought a few bulbs. What a transformation! I found myself much more alert and better able to read.
I also like how they seamlessly transition from dusk to pure artificial light, particularly in the rooms we have painted white.
Yep, I recently got a daylight lamp for this very purpose. I point it at my face for 3-4 hours a day, and it improved my concentration a lot. Sometimes (esp. when working on a sleep deficit) the light makes me a bit tired.
Fun fact: When I turn on this lamp it makes me want to tidy up the room, after about 2 minutes. I suspect that's an effect also observed in anti-depressants.
Same. It's funny that the primary reason I haven't upgraded to iOS 7 is because I like my screen red at night. F.lux is the one tweak that I can't live without, and probably would consider a switch to Android if I couldn't make it happen on iOS.
Apple should just implement f.lux-like behaviour in OS X and iOS, maybe with an API to allow it to be disabled temporarily (for Photoshop, etc.)
> Apple should just implement f.lux-like behaviour in OS X and iOS
No. Apple should let people run the programs they want on the devices they purchased. There should be a seriously insane number of hoops to jump through to get to the switch, but the switch should be there.
Apple nailed everything I really jailbroke for in iOS 7 other than F.lux.
But F.lux is so truly fantastic that the day there's a proper, 100% supported jailbreak (i.e. one that actually works well with official versions of MobileSubstrate/Cydia), I'll be jailbreaking just for F.lux.
I'm on an MVNO who doesn't care, but the settings for the network the MVNO runs ontop of override it with a different APN. It's times like this I really hate Apple's operator-relationship BS.
I hate how they make it super hard if not impossible to override the APNs yourself... I change carriers every month, and do all sorts of odd stuff with my SIMs, and my iPhone chokes on them because of it :(
My understanding was that you could change them yourself using either the iPhone Configuration Utility or http://www.unlockit.co.nz. Has something changed in that regard?
Good to know, thanks for the info. Is there no way for carriers to apply these settings directly? I know Bell did some tinkering on my iPad when I got a SIM from them while traveling in Canada, but I don't know if it was anything more advanced than what the user can access.
I'd be surprised if there were more than a handful of people actually doing this, which would explain why your use case doesn't get substantial engineering/UX resources.
They don't need any engineering/UX, they just need to stop locking down all the settings. Android and every dumbphone I ever owned had no problems with this.
Are the settings locked down or do they just not exist? Apple would have to create and test the interface, make sure it's not possible to disable your device with it, etc. Which is a small thing, but easy to miss when there's no obvious need for it (except, of course, a few edge cases).
Of course my use case is very much and edge case, but if they just let me have access to the damned settings it wouldn't be a problem. It's my one gripe with my iPhone
Can you elaborate? How can they detect this other than using methods such as looking at your user-agent or TTL, both of which could be controlled on a jail-broken device?
To my knowledge this is usually because the server responds to the browser's user-agent and serves content appropriate for the mobile device. If you override the user-agent and mimic a desktop browser, how would the traffic pattern be different then?
EDIT: I meant to state if you were to override the desktop's user-agent to mimic a mobile device while tethered.
Depending on what kind of relationship Apple have with your carrier, different features are disabled or not. For instance, LTE is disabled unless an operator has their network whitelisted by Apple.
Honestly, I said the same thing until I switched to Android and was able to optimize that for myself. Being able to use something like Swype is pretty huge and makes me faster and less error-prone.
I've never been a jailbreak user - it simply wasn't worth the trouble.
However there is one reason I would want to jailbreak - f.lux.
Interestingly, this seems to be a common thread among jailbreakers. One of these two reasons almost always applies:
- libertarian hackers who want to do stuff most people don't care about
OR
- installing f.lux
Seems Apple should notice this and integrate f.lux-like behavior or APIs allowing such behavior. Unfortunately, given that the display looks less attractive when f.lux is enabled, they probably never will. That's a shame.
Three things were important for me in the past:
- GuizmoVPN
- Sogou Chinese pinyin keyboard
- Mounting a memory card using the ipad camera connector kit
The first two are less longer important for me now because there is now an official OpenVPN client in the App Store, and the native Chinese pinyin keyboard is much improved (although the predictive text is still far behind those produced for other platforms by large Chinese internet companies).
The last one (using a memory card or USB as extra storage) would still be nice as it would reduce the frequency with which I need to refresh content (mostly online lectures).
I can live without a jailbreak now. 2 years ago I would have downloaded it even after reading saurik's twitter comments (kindly posted to HN by DLay). Now I'm more inclined to wait.
i want f.lux sooo bad, i would definitely jailbreak only for f.lux.
However, what keeps me from jailbreaking is 'using my banking app' on my iPhone :'( Unfortunately the jailbreak also opens the phone operating system to spyware/viruses etc.
Geohot was planning to sell a (stolen) exploit he found but the evad3rs beat him to it. He would sell it to a mediator for ChinaCom (government owned). Apparently there is a lot of drama involved.
Finally! I've been waiting for an iOS jailbreak to finally be able to use bitcoin related stuff on my iPhone and iPad. It's been a pain so far.
This is the first time that the iOS walled garden approach REALLY started to bother me. The other was to do with emulation but that was filed under 'minor nit-pick'.
In order for this to work you have to either register for Apple's enterprise distribution program or register your device with a developer account. But since each developer account is limited to 100 registered devices this doesn't really work as a distribution method.
This is actually my only real dealbreaker issue with iOS. The freedom to install my own software on my own hardware without the permission of a third party seems like a pretty fundamental computing right to me.
IIRC you have to have the phone in question registered as a developer phone to do that. There are sites that will add your phone to their dev account for ~$10 (vs the $100/yr dev program) but it's just a barrier to entry that's a little too high for the average person. Whereas 5 minutes with a one click jailbreak tool + Cydia can make the process much easier and you get app updates (it's been a while since I did iOS work and as I was leaving the scene things like test flight were making it even easier to distribute dev/test/beta copies of an app and even offer a way to update them so my last comment might be out of date).
Your phone is not only registered to the apple dev portal but also as one of 100 to the developers certificate.
With an enterprise certificate distribution is technically possible and many do distibute their beta software this way. But I am sure Apple will revoke enterprise certificates if they are used to distribute apps en masse outside the App Store.
Well, I don't know the dev perspective on this but most things do not readily have .ipas available. For example f.lux is an application I use all the time on my Mac. But I haven't been able to get it into my phone for a while. Couldn't find a .ipa.
Maybe developers want to be able to charge for their apps at some point in the future through the Cydia store ? Just 'cause you can't get your app into the app store doesn't mean you shouldn't make money off it if people love it :) (just speculating, maybe that's not the reason..)
The hardware is just better. The software that Apple has designed works really well, and makes the hardware shine way better than any other device. I've used Droid 1 2009-2011, Galaxy Nexus 2011-2013. The hardware/software synergy is just much better on the iPhone.
Hopefully F.lux works still. That was the worst thing about using a new, unjailbroken iPhone and iPad. Especially now that iOS 7 has a lot of white UI.
Removing F.lux didn't do anything so I thought it was Mobile Substrate, but removing that didn't do anything until I rebooted the device so I can't be sure.
Other apps depending on Mobile Substrate work OK so far, so don't let it turn you off trying things out.
Just in time for Apple to patch iOS 7.1 ahead of its release. What a waste (unless it's been already patched in 7.1 beta and this is the last chance for this to be used by someone).
I suppose that means 7.1 won't be released until they've fixed it. It's so unimaginably stupid that they didn't wait until 7.1 was released so that the general public could get the bug fixes and performance improvements in that release and a jailbreak as well.
And the chinese app store people that they sold out to supposedly mysteriously appears if you change your language to Chinese. Sure you can remove but it just doesn't seem right, especially after it was found they were selling pirated apps.
I read their letter and understand that ppl need to make a living but it just seems wrong. Very wrong!
I used to jb because I needed the unlock.
Then when I saw all the amazing functionality that could be had, I was a big fan.
Since unlocking is no longer relevant, I wish to JB simply for all of the quality Cydia tweaks.
Without a properly functioning version and with some mysterious chinese crap installed, I am not interested.
There's a bunch of twitter drama and rumours making the rounds claiming evaders got a $1m USD paycheck from this chinese pirated apps app store to bundle it for users on chinese locales, and that this exploit had to be released early because it was about to be leaked/stolen/sold out to some other entity right now...
Or maybe people don't know about the look until after they've upgraded? The Software Update page on the device doesn't show any screenshots, it doesn't even say anything about the new look.
Additionally, there are lots of apps which only work on iOS 7, so often enough you don't have a choice.
Even people that otherwise like the iOS 7 look will admit that a lot of the stock app icons look like shit. Safari and mail and settings in particular are a bad joke.
So, I got no lead time on evasi0n7, nor was I asked for an official iOS 7 Cydia; I was not given builds, nor was I asked for things to test.
In fact, @evad3rs didn't even try my testing build of Substrate I gave core developers, so they didn't notice a fundamental incompatibility.
This means they are going to have to push a new version of their untether to fix this oversight before I can push newer builds of Substrate.
As there was also never a tethered jailbreak for iOS 7 that had fully working kernel patches I haven't been able to test much at all myself.
I thereby have no clue what will or will not work, or even what evasi0n7 includes; I hope that people bear with me as I figure this all out.
(In particular, I will point out that the build of "Cydia" included is not official, and couldn't really include the fixes I'd been making.)
(Also, it's 5 AM here; I'm quite tired and had been intending to go to sleep, so I don't have the brain power to react to this all quickly.)