What was JailbreakMe and how can you use it?: Jailbreaking on iOS is not a hard thing – today – but that wasn’t always the case. In ancient times when iPhone OS could only handle a black wallpaper, there were creatures with knowledge of what jailbreaking was, and they knew secrets – secrets that must never be spoken. Ok that’s a bit of exaggeration but you get the point – jailbreaking was not always easy and people had to jump through a lot of hoops to be blessed by the presence of Cydia. However, that changed with JailbreakMe.
Jailbreaking has always been and will always be a complicated process; even if you don’t have to go through most of the intricacies of it today, there is a lot happening in the background that quite frankly you wouldn’t want to know about. JailbreakMe threw all that out of the gate.
I think we could safely say JailbreakMe is what brought jailbreaking to mainstream – removing the technical barriers to Cydia’s wonderland. If Cydia was the engine of the jailbreaking community, the people who made it easier to jailbreak were the fuel to power this engine. But as JailbreakMe grew more popular, its developer came closer to what is possibly the best opportunity of his life that he simply could not refuse, which also lead to JailbreakMe’s demise.
JailbreakMe’s Inception – The backstory
Nicholas Allegra at the age of 19 was living with his parents in the town of Chappaqua in New York when he uncovered what would lead to the creation of JailbreakMe. What this teenager accomplished sent shockwaves throughout the data security community – and then he proceeded to do it two more times.
At a time when most jailbreaks such as redsn0w and Blackra1n required you to connect your iOS device to the computer to even begin the process of jailbreaking, Nicholas, then known by his handle “comex” discovered a vulnerability in Safari, an exploit in the way Safari handled TIFF format allowed him to download and run malicious code – which here means an Installer that would jailbreak the device and install Cydia. All possible with a single tap of a button.
As with any known exploit or vulnerability, it didn’t take Apple long to patch this vulnerability and a crack was sealed forever – until another was discovered. It didn’t take long for comex to become popular in the jailbreak community – he had accomplished something that seemed unachievable, but Apple wasn’t going to give in this easy. JailbreakMe started with iOS 1.1.1 and it ended with iOS 1.1.2.
Except it didn’t, soon enough Apple came out with iPhone 4 – a complete redesign of the iPhone hardware, with revolutionary ideas that affected the whole industry; and so did comex, by reviving JailbreakMe and being the first jailbreak utility available for the iPhone 4. Now being the first has its pros and cons, but being the first and only jailbreak utility available? That’s just a monopoly, and what a sweet monopoly it was. Gone were the days of tapping a button, now it was time to swipe. Jailbreaking your iOS device was as easy as unlocking it, all you had to do was swipe to jailbreak – what could possibly be better? This is how it should have always been – and it was how people unleashed the full power of iOS for quite a long time. This worked from iOS 3.1.2 to iOS 4.0.1, and it was wonderful… until it wasn’t. Apple figured out how to patch the exploit and voila it was stolen of its purpose just like that by iOS 4.0.2.
But that wasn’t the end. In an interview with Andy Greenberg of Forbes, comex’s real name was revealed as Nicholas Allegra, but that wasn’t the point of it. It was an attempt to get how this teenager’s mind worked – how he had successfully accomplished something even the best of security experts thought was next to impossible, and did so three times despite of his not-a-security-guy background.
Nicholas taught himself how to program in Visual Basic at the age of 9; he says he’s an Apple fanboy, and refers to Android as “the enemy”, that’s quite the opposite you would expect from someone who keeps breaking into Apple’s stronghold, but if you think about it – only an enthusiast would try to make the platform a better place to be.
Which he did – after Apple shut down the exploit he used for the 2nd installment of the wonderful adventure that JailbreakMe had been, Nicholas managed a 3rd one. And with this one, he also released a tweak on Cydia to patch the exploit after jailbreaking – he was essentially fixing the exploit he used to jailbreak the device. He was doing Apple’s job at this point, giving security to the users at the cost of jailbreaking the device.
JailbreakMe 3 was the first jailbreak available on iPad 2, and it worked for iOS 4.3 to iOS 4.3.3, not as long of a life compared to JailbreakMe 2, but the glory of “slide to jailbreak” was missing. We were back to the tap of a button, except this time it didn’t even require a reboot of the device. Comex had managed to find a vulnerability in the way Safari handles the rendering of PDF documents – once again giving him the opportunity to insert malicious code and jailbreak the device. This even earned him the Pwnie Award for the “Best Client-Side Bug” at the Black Hat Conference in 2011.
What happened to JailbreakMe & Comex?
At this point Nicholas had proved himself 3 times, despite not being a security expert he had done what many others could not, and had made some decent reputation for himself. He was the star of the jailbreaking community, and then the Forbes article came out. Obviously now everybody knew who he was, and how to get in touch with him. Perhaps it was this point that lead him to an internship in the mothership itself. Apple had decided to give him a job. And that’s when JailbreakMe’s saga ended.
Apple had finally stopped comex, by hiring him. Now he could directly influence his favorite platform, and get paid for it. Despite it being a genuine loss for the community, most of the community took it as a good news. Maybe it all started with the Forbes article – where Andy included a suggestion for Apple in the postscript, “[p]erhaps your security team could use another intern.”
And that was it for JailbreakMe. The ownership was transferred to someone who couldn’t be trusted, and it’s use was not recommended. Meanwhile Apple received a new security expert as an intern, who could find and fix exploits rather than using the exploits. What remained of the jailbreak community stayed strong.
JailbreakMe showed how important it was to bring jailbreaking to the masses, not only did it add to the influence of Cydia over Apple, at one point it also helped secure iOS users from a nasty exploit that could have been used for worse things than a simple jailbreak.