Apple may have released the new iPad, a revamped Apple TV unit and brought iOS 5.1 to the mainstream but while the new releases find their way into the spotlight, the producers of our jailbreak tools are working as hard as ever in the background in an attempt to figure out a way to jailbreak the latest version of the OS. We brought you the news yesterday that French security researcher Pod2g was taking no time off from his work, and is actively beavering away in the background in an attempt to find vulnerabilities in iOS 5.1 which could ultimately be used to produced an untethered jailbreak for all devices. After spending the better part of three months developing the bug he secured in iOS 5.0.1, he could be forgiven for taking a little time off, but, with the cat and mouse game beginning all over again it seems that it is a case of all hands on deck.
Over the years, as jailbreaking has grown in popularity, we have seen a wide array of tools and utilities being released which allow users to jailbreak their devices. Tools such as Redsn0w and Sn0wbreeze are regularly updated and maintained, while others have fallen by the way side. The production and development of said tools has often happened covertly, with the dev teams involved finding the necessary bugs and vulnerabilities themselves and then exploiting them in order to produce the jailbreak. However, as time goes on and as Apple’s hardware and software progresses, it seems to be becoming increasingly difficult to find vulnerabilities which can be used. This was made evident when the Chronic Dev Team reached out to the community by releasing the Chronc Dev Crash Reporter Tool which allowed device users to anonymously forward all device crash logs to the team with hope that they may contain something relevant and usable.
That trend of involving the users and requesting help seems to be continuing, with Pod2g updating his official blog with information about how users can help the development teams. The blog post provides some helpful and educational information about just what is actually required in order to produce a fully functional and distributable untethered jailbreak. A functioning jailbreak requires a code injection vector, a privilege escalation vulnerability, a kernel vulnerability and an untethering vulnerability, which in all honesty is probably a lot more work than most would have imagined. Pod2g is appealing for the help of the community in the hope that someone may be able to submit a bug that they have found in iOS 5.1 which could be used by the jailbreak dream team.
In order for the bug to be relevant and useful, he has also set out the following facts which should help users:
- Users should always test on the latest firmware available before submitting a crash report. At the time of writing this is iOS 5.1.
- It may seem like common sense, but crash reports should never be sent to Apple. These can be turned off by going to SETTINGS >> GENERAL >> ABOUT >> DIAGNOSTICS & USAGE and then making sure it is toggled to off.
- The development teams don’t require any type of crash. Users should always verify that any crash is of type SIGILL, SIGBUS or SIGSEGV before sending.
- Probably most importantly, the crash should be reproducible, meaning that a specific set of steps should be followed in order to repeat the crash.
The blog post from Pod2g is certainly encouraging and shows that they are doing everything possible to get an iOS 5.1 jailbreak in as short a time as possible, hopefully with the help of a galvanized community.
However, if you plan to jailbreak iOS 5.1 right now, you can do so by using Redsn0w on Windows and Mac, or using Sn0wbreeze on Windows. Keep in mind that the iOS 5.1 jailbreak is currently tethered-boot, in other words; if your device loses power or restarts, you will have to connect it to your PC or Mac and boot it into the jailbroken state.