Chapter 1. Breaking Into and Setting Up the iPhone
The iPhone is a closed device. We can’t say this enough. Up to and including version 2.x of the iPhone software, users have been locked out of the operating system and developers have been exiled to a tiny sandbox running in user land. This doesn’t seem to deter a majority of iPhone consumers from breaking free from these chains, but does make it more difficult to get started. Before hacking of any kind can take place, the iPhone must be broken free from its jail—literally.
The iPhone’s interfacing with software, such as iTunes, is run in a chrooted environment, where no user or desktop application—even iTunes—can see into the operating system; this is commonly known in the Unix world as a chroot jail. This jail (and the fact that you can’t simply yank out the hard drive) is the only thing standing in the way of the iPhone functioning as a complete, portable Mac OS X computer. Fortunately, many free tools have been written to make the jailbreaking process simple.
In this chapter, you’ll stage your iPhone for software development
in such a way that you’ll be able to access files outside this jail, and
your applications will be able to run outside of their restrictive
sandbox. This includes breaking free from the chroot jail (called
jailbreaking) so you can access the filesystem.
You’ll also install a BSD Unix world, which is a set of common Unix
binaries, such as ls and cp. This allows you to navigate and manage the
iPhone’s operating system, which is believed to be a version of Mac OS X
10.5 (Leopard) for the ARM processor. Finally, you’ll get a secure login
command environment, SSH, up and running. This is useful for copying files
to and from your iPhone, and we’ll use them to install applications and
run examples.
Jailbreak Procedures
How you jailbreak your iPhone depends largely on what version of the software you are running. There is a lag time of a few weeks between new iPhone software releases and public hacks to jailbreak them. Small changes are generally introduced in new versions to make breaking into it a little bit harder each time. The good news is that once a new jailbreak has been written, all of the free tools available are updated to make it possible for just about anyone to go through the process.
Third-Party Jailbreak Software
There are many free tools available to jailbreak the iPhone, some more reliable than others. The best tools are full-service utilities that also allow you to set up a shell and install third party software with little effort. The best of the breed tools include:
- iNdependence, http://code.google.com/p/independence/ (v1.0.0–1.1.4)
iNdependence is a utility for Mac OS X that performs jailbreak, activation, SSH installation, and even installation of ringtones, wallpaper, and third-party applications on the iPhone. iNdependence is under the GPL, and the author has made a library available called libPhoneInteraction, allowing developers to write other tools to communicate with the iPhone.
- AppSnapp, http://www.jailbreakme.com (v1.1.1 only)
Users running version 1.1.1 of the iPhone firmware can navigate to this website using their iPhones and have the entire jailbreak process performed remotely. AppSnapp takes advantage of a vulnerability in one of the iPhone’s image libraries to break into the phone. What’s cool about this site is that it not only jailbreaks your phone, but it also fixes the vulnerability so that nobody else can maliciously take advantage of the phone. Versions 1.1.1 and later of AppSnapp also patch the iPhone software to allow third-party applications, and install AppTapp, the NullRiver installer, which can then be used to stage your iPhone for development.
- AppTapp, http://iphone.nullriver.com (v1.0.0–1.0.2)
Nullriver is a software manufacturer out of Ontario, Canada, and the designer of a package installer for the iPhone. The installer allows you to install any application on your iPhone that is included in their repository using a few easy taps. The installer software itself works with most versions of the iPhone software, but the installer’s installer (if that makes sense) is capable only of jailbreaking iPhone firmware v1.0.x. The previous tool in this list, AppSnapp, automatically installs AppTapp on v1.1.1 devices. AppTapp is also useful for the software downgrade procedure, explained next.
- ZiPhone, http://www.ziphone.org (v1.0.0–1.1.4)
ZiPhone is a jailbreak technique developed by the iPhone Dev Team. It was kept under a heavy shroud of secrecy in anticipation of the Apple SDK, but it was eventually leaked by one of the dev team’s former members. ZiPhone has since been developed beyond a simple jailbreak technique, and many other utilities have been added to it, including a full unlock for all iPhones up to OTB (Out-of-the-Box) v1.1.4.
- Pwnage, http://www.iphone-dev.org (v1.0.0–2.x)
Pwnage was the first tool on the scene to support firmware v2.0 and the iPhone 3G. Pwnage operates by allowing the user to build his own custom firmware bundle containing the community software installer, named Cydia, and other third-party software packages. Pwnage takes advantage of a vulnerability in the iPhone and iPhone 3G’s boot ROM to load this unsigned firmware onto the device. A Windows variant of Pwnage, named WinPwn, is available to Windows users.
Installing SSH
Once you have jailbroken your iPhone, installing a Secure Shell will allow you to access your iPhone’s Unix environment and easily copy files to and from the phone over a WiFi connection.
Using SSH requires that your iPhone be connected to the same WiFi network as your desktop machine. If you don’t have access to a WiFi network, you’ll need to use a tool such as iNdependence to install applications on your iPhone instead, so you can skip this section. You might, however, consider installing MobileTerminal, a free terminal program for the iPhone. This will at least allow you to work in the iPhone’s Unix environment, which is necessary to run a small number of examples. MobileTerminal can be downloaded directly on the iPhone using Cydia, or from http://code.google.com/p/mobileterminal/.
Depending on the tool you used to jailbreak your iPhone, the community software installer Cydia, should have been added to your iPhone’s desktop screen. To install SSH from Cydia, perform the following:
Tap the Cydia icon to run the application. Cydia may initially prompt you to update itself. If this is the case, continue through the update procedure and restart the installer.
Tap the sections button at the bottom, and scroll through the Networking packages to locate and install OpenSSH. Alternatively, you may use Cydia’s built-in search function to find it. Tap the Install button and then confirm to install OpenSSH.
SSH should now be running on the iPhone, but before you can connect to it, you’ll need to know your iPhone’s IP address on the local WiFi network. To find this, do the following:
Tap the Settings application on your iPhone.
Select the General tab, then Network, then WiFi.
Your WiFi network should appear in the list with a blue disclosure arrow to the right.
Press the blue arrow. You’ll be presented with a screen containing your IP address.
Set up your IP address in the hosts file on your desktop to simplify connectivity. If you’re using Mac OS X or Unix, you can edit your /etc/hosts file. If you’re using Windows XP, edit or create the file C:\WINDOWS\system32\drivers\etc\hosts. Add the following line to your file:
x.x.x.x iphone
where x.x.x.x represents the
IP address of the iPhone.
You’re now ready to connect to your iPhone using an SSH client. If you’re using Mac OS X or Linux with SSH preinstalled, you can do this from a terminal window:
$ ssh −l root iphone
If you’re using Windows XP, you’ll need to download an SSH client. One of the most popular free clients is PuTTY, available at http://www.chiark.greenend.org.uk/~sgtatham/putty/.
Depending on which version of the iPhone software you’re
running, the default root password is either dottie or alpine. Once logged in, you should be
dropped to a shell prompt.
Installing Additional Unix Components
Being able to access a shell on your iPhone is of little use without a Unix world to provide the basic commands. The Cydia application includes a basic Unix BSD Subsystem, but you may need a particular tool that hasn’t been installed. Scroll through the list of packages in Cydia to locate any additional Unix tools you may need. Choose and install the packages through Cydia by tapping them and then tapping the Install button.
Congratulations, you’re now ready to enter the world of iPhone applications development!
Additional Resources
iPhone software is updated periodically by Apple, and so we can’t document how every version of the software will act—especially newer versions that will be released after this book’s publication date. To get the latest information about jailbreaking your iPhone or installing the tools listed in this chapter, the following development teams’ websites are invaluable resources:
- iPhone Dev Team (http://www.iphone-dev.org)
The official site for the iPhone dev team, responsible for most v1.x and all known v2.x jailbreaks to date.
Get iPhone Open Application Development, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
