Comex Working On Faster Jailbreaking Process for JailbreakMe 3.0; iPad 2 Jailbreak Coming Soon!
Famed iPhone hacker Comex today announced on his Twitter account that he is working on speeding up the jailbreaking process for his upcoming iPad 2 jailbreak.
Just one week ago, we wrote a post on a teaser photo comex posted on JailbreakMe.com. JailbreakMe.com was used to jailbreak iOS 4.0/4.0.1 back in the day. It was based on a userland PDF exploit and worked straight from Mobile Safari. All users had to do was slide the “slide to jailbreak” bar and comex’s tool did the rest.
The teaser pointed to PDF-based exploit and we successfully predicted that the jailbreaking tool would be for the as-of-yet unjailbroken iPad 2.
We won’t go deep down into explaining the intricacies of how comex’s new jailbreaking technique is going to work. But the basic thing you need to know is that instead of using an older stashing technique, the iPad 2 jailbreak will use unionfs.
The faster speed comes from how uniofs doesn’t involve moving pre-installed Apple apps to and from different directories in the process of jailbreaking. The time it takes to jailbreak, then, will be drastically reduced and there will be no need to restart the device once the process is complete.
iPhone Dev Team hacker MuscleNerd on Twitter helped make things easier to understand:
#1: [comex] is (drastically!) reducing the time it takes to install the jailbreak, which normally involves moving lots of Apps around.
#2: the initial install (from the time you say "go" to when you can first install something via Cydia) will be much much shorter.
#3: [the new technique] also vastly simplifies the sandboxing problem (Apple apps don’t need to be moved, so they retain their entitlements)
MuscleNerd also hints that the new jailbreak will work on all iOS devices from iPhone 3GS to iPad 2. This means that comex’s tool will work on iPhone 3GS, iPhone 4, 3rd and 4th generation iPod touch, the original iPad and iPad 2! The tool will reportedly work from iOS 4.2.1 to iOS 4.3.3.
Lastly, here’s comex’s tweet in all its complex entirety:
If you don’t know, the stashing approach jailbreaks have been using for years– Cydia’s "Reorganizing Filesystem"– involves moving some large directories from the small / partition into the large /var partition, then creating symlinks from the original to the new location. This both ensures that any additional stuff put in those directories by packages will end up in the /var partition, and frees up space on the / partition for files created outside of those directories. However, the process has some issues, like taking forever to do when you jailbreak (I am a bit fanatical about speed), pretty much requiring the jailbreak to reboot the system to ensure there aren’t any running applications pointing to the old files (ditto about speed, I want a jailbreak to not even require a respring, as in star, but since star used stashing, some obscure things could cause issues before a reboot), and seriously confusing the sandbox code in the kernel (because each application has a sandbox with a list of allowed filenames, but after the symlink has moved files, the filenames no longer match), requiring that code to be patched (it needs to be patched anyway these days because tweaks have to run under the sandboxes of the applications they’re hooking, but depend on accessing various directories; but it still feels good to get rid of a kludge).
With unionfs (which was saurik’s idea originally), new files are created in the /var partition, and merged with files in the corresponding directories in the / partition, so no files need to be moved, no descriptors are invalidated, and I think the sandbox code won’t notice what happened. It also opens the door for upgrading the base operating system without destroying the jailbreak files (although maybe iOS 5 delta updates will already allow this? I haven’t looked at them yet).
I’ve wanted to do this since literally a year ago (that’s the date of the nullfs checkin, since I was dumb and thought I wanted that instead of unionfs), but I never got around to making it work properly.
So, I just hope that I can get rid of the crashes my meddling with unionfs’s code have introduced, and fix it for the iPad 2 (my dumped copies of iPad 2 kernels do not include symbols; I wrote a small BinDiff-like tool to copy over symbols from a kernel for another device, but it’s not perfect) and that there aren’t any performance issues.