Jailbreaking and Unlocking Guides

Jailbreaking and unlocking (iPhone, iPad or iPod touch) can be a daunting experience to newcomers because there are a lot of things to process. It will definitely take a while before you could piece them up together into one whole picture and gather the courage to start jailbreaking and unlocking on your own.

Here, I try to save you some time by boiling down almost everything related to jailbreaking and unlocking into 1 page. This page is not a complete guide, of course, but it will definitely give you a rough idea of the whole process of jailbreaking or unlocking Apple device and what to “google” for just in case you get stuck at the middle of it.

Note: This page will be updated from time to time to keep it relevant with the latest developments.

1. Terminology

  • Firmware – software that runs the iPhone and iPod touch and provides its built-in functionality. It’s more commonly referred to as the iPhone OS or iOS. The operating system on Apple devices can be updated through iTunes
  • Jailbreak – The process by which an Apple device is modified allowing cool application (or unapproved apps in App Store) to be installed
  • Unlock – Most phones in the US is locked to a particular network. As far as iPhone is concerned, it is locked to AT&T (in the US), O2 (in the UK). Unlocking allows us to use other GSM carrier.
  • Baseband – iPhone baseband is essentially the cellular modem firmware that handles phone line communication on your iPhone. Currently, an iTunes restore will not modify your baseband
  • Bootloader (iBoot) – Normally, this is a very small program that ‘bootstraps’ a processor startup and calls the main program. Its main functions is to provide a protocol for storing an updated version of the main program. In an iPhone, bootloader loads the baseband and iOS into memory before execution
  • SHSH – stands for Secure Handling Signal Handling. It is a signature file that Apple to check the status of your iPhone firmware. The verification is done through iTunes.
  • SHSH ECID (Exclusive Chip ID) – a security measure by Apple to prevent people from downgrading their iOS or firmware to older one.
  • Recovery mode – a special mode that allows firmware restoration. When in this mode, graphic of USB cable and iTunes logo shows up on the screen
  • Device Firmware Update (DFU) mode – A special mode in the device that bypasses the bootloader. The iPhone will have no display on the screen. Many restore problems (firmware downgrade) can be solved by using DFU mode.
  • Cydia – Cydia is a replacement packaging and repository manager for the original Installer.app for the iPhone or iPod touch. It allows a user to browse & download applications for a jailbroken iPhone, iPad and iPod Touch.

2. Jailbreaking VS Unlocking

Jailbreaking is an exciting process of modifying iPhone OS by running some programs like Redsn0w, PwnageTool and Greenpois0n to name a few. A successful jailbreak allows us a full access to the file system. Jailbreaking opens your device to its true potential by having able to download virtually every app available without limitation from Apple.

Those apps can be downloaded through installer applications such as Cydia and Icy. Some jailbreaking tools are capable of unlocking your iPhone at the same time, even though it is not necessary to perform both tasks. Although the iPhone jailbreak legality is crystal clear now as the federal court approved that jailbreaking an iPhone is legal, Apple still insists that if you jailbreak an iPhone, you will void the warranty.

Unlocking iPhone allows it to work with any cell phone carrier. The process is usually done with a software unlock without involving the hardware. In order to unlock, you need to identify what iPhone model you are using (iPhone 2G, 3G, 3GS or 4) and which iOS you want to unlock.

Some of the iPhone unlock software that were used in the past and at present time are PawnageTool, RedSn0w (dead link, link removed), Yellowsn0w (Cydia application), UltraSn0w (Cydia application), PurpleSn0w (Cydia application), Blackra1n and Spirit. .

3. Tethered VS Untethered

A tethered jailbreak means that a successfully jailbroken iPhone needs to be connected to your PC when rebooting. This WILL NOT rejailbreak or restore your iPhone. All it does is booting back your iPhone up for you otherwise it won’t reboot.

Opposite to tethered jailbreak, with untethered jailbreak you have no issue when your iPhone or iPod touch reboot or when they are turned off (no need to connect to your PC).

3.1 How to check if your iPhone is Jailbreakable and Unlockable?

There are several ways to check whether your iPhone is jailbreakable, unlockable, tethered or even checking the bootloader version but these methods are not very convenient to most users because it involves quite a number of steps. We are lucky enough because iH8sn0w introduces f0recast, a small application that can check all the above-mentioned states with a single click.

This tool is very easy to use. Simply launch it when your iPhone and your PC are already connected via USB cable. The F0recast app will then show you the related info.

4. Recovery Mode VS DFU Mode

In recovery mode, bootloader (iBoot) is used when restoring or upgrading your iPhone. iBoot will ensure that you are flashing a firmware version equal or greater than a current one. If the condition is not met, the restoring process will not proceed.

In DFU mode, it bypasses the bootloader, allowing downgrade of the current firmware. Thus downgrading can only take place in DFU mode. For example you can’t downgrade Firmware 4.2.1 to Firmware 4.1 without entering to DFU Mode.

4.1 How to enter Recovery Mode?

  1. You must have the latest version of iTunes
  2. Plug USB cable into your PC.
  3. Turn off your iPhone by holding down the power button until you see “slide to power off”. Swipe it as instructed
  4. Now press and hold the Home button while connecting the USB cable to your iPhone. After iPhone is connected it should power on the device.
  5. Continue holding the Home button, you will see the Apple logo appear and then finally a “Connect to iTunes” will be displayed, now is the time to release the Home button. You will then see the following image.

4.2 How to enter DFU Mode?

DFU mode can be accessed by using several methods (1 and 2) but I strongly suggest the following method because you can easily recognize when your iPhone is in DFU mode. The other methods need several attempts before succeeding and there is potential damage on the home button.

  1. Turn on the iPhone
  2. Connect your iPhone to your PC using USB cable
  3. Make sure iTunes is opened (you are gonna need it to verify whether you are already in DFU mode)
  4. Press and hold the “power button” and “home button” together for 10 seconds
  5. Release ONLY the “power button” but keep holding down the “home button”.
  6. Wait until iTunes confirms that your iPhone is in DFU mode. You will know right away it is DFU mode when the same popup windows that reads “iTunes has detected iPhone in recovery mode” shows up. Your PC will also show that new device has been detected.

Make sure your iPhone screen is blank; if it shows Apple logo, you are not in DFU mode and you need to do it again.