Skip to main content

Apple battles 'jailbreakers' over iPhone control

By Brian X. Chen, Wired
With each new version of the iPhone, "jailbreakers" immediately set out to hack it.
With each new version of the iPhone, "jailbreakers" immediately set out to hack it.
STORY HIGHLIGHTS
  • 'Jailbreakers' work to crack new iPhones, program them to do more than intended
  • Allowing extra apps, creating workarounds for restrictions are often the goal
  • Apple regularly issues updates to disable hacked phones
  • Hacker says it would be no fun if future iPhones were open
RELATED TOPICS

(WIRED) -- When he was 17, George Hotz poured hundreds of hours of his summer vacation into a special project: learning the iPhone's secrets. His unpaid labor eventually paid off.

With the help of a soldering iron, he was the first to unlock the iPhone, delivering the handset to international networks before Apple had a chance to.

He got some perks, too. His unlock catapulted him to internet stardom, catching the eye of an entrepreneur who traded his Nissan 350Z car for Hotz's restriction-free iPhone.

Hotz, now 20, makes a living as a "hacker for hire" of sorts -- getting paid to break into different types of gadgets. He gets to spend his free time unofficially attending a college, where he pretends to be a student just to socialize.

What's best, Hotz didn't think unlocking the iPhone was even hard.

"It did take 500 hours, but thinking back to some of the stuff I've done now, the first iPhone was incredibly easy," Hotz said in a phone interview.

But what was an easy task for a curious teen has turned into a persistent headache for Apple, one that the company has been trying to cure for over two years, with little success.

With each new version of the iPhone operating system, a small army of independent programmers and hackers get to work prying it open, removing restrictions and making their iPhones do things that Apple CEO Steve Jobs never intended.

I'm convinced Steve Jobs is two people - one is a genius, the other is an idiot. If he had not locked the iPhone into AT&T, almost everyone would be using an iPhone today.
--JerseyBama, from Soundoff

To stay faithful to agreements with telecom partners, Jobs in September 2007 declared Apple was playing a "cat-and-mouse game" to disable unlocked iPhones. Apple regularly issues software updates to disable hacked, unlocked versions of the handset. But within a few weeks, new hacks emerge, freeing the iPhone from carrier restrictions again.

In fact, Hotz just last month released the easiest hacking solution for the iPhone to date.

Named "Blackra1n," his software can hack and unlock an iPhone in just two minutes. All the user needs to do is plug in an iPhone, launch the application and click a button.

It's safe to say this is a game where the mouse has outrun the cat, and it's unlikely Apple will catch up anytime soon. That's because Apple is up against a lot more than an individual hacker.

The iPhone and its App Store not only gave birth to a new digital frontier for mobile software, but created an entire underground ecosystem: the Jailbreak community.

In addition to multiple iPhone hacker groups pumping out different unlocking solutions on a regular basis, there are several stores hosting unauthorized iPhone apps and programmers developing software strictly for hacked iPhones.

Hackers adopted the word "jailbreak" to describe the act of overriding the iPhone's restrictions to install unauthorized software in the device. Jailbreaking is the first step an iPhone owner must take in order to later execute the hack to unlock the handset, enabling it to work with any carrier.

The original iPhone was extremely insecure and thus very easy to jailbreak, according to Hotz, and hackers almost immediately broke into the gadget after it debuted in June 2007.

Jailbreaking accelerated quickly. Soon, hackers reverse-engineered major parts of the iPhone API, and they opened doors to creating and installing third-party apps for the device.

Games, utilities and even custom themes and wallpapers enhanced the capabilities of the handset. To Apple enthusiasts, this was exciting: The iPhone at the time had no App Store, so jailbreaking was the only way to get more than the handful of basic apps provided by Apple.

In August 2007, Hotz announced he had unlocked the iPhone with the Dev Team, a group of hackers that posts jailbreak tools and instructions. Soon after, Hotz released software that anyone in the world could use to make their iPhone work with any carrier's SIM card.

When Apple in July 2008 opened its official App Store, the urge to jailbreak got less exciting. The App Store grew quickly -- with 100,000 apps to date -- making the act of jailbreaking seemingly irrelevant to the average iPhone owner, who could download Apple-sanctioned apps without risk.

Reformation

But the App Store didn't stop the Jailbreak community from proliferating. Now that the App Store exists, jailbreakers have shifted their focus to creating work-arounds for the iPhone's many restrictions. Most share an open-software philosophy, giving consumers full ownership rights over their product, or the ability to do whatever they wish with the gadget they paid for.

Jay Freeman owns Cydia, an unauthorized app store open to jailbroken iPhones, which distributes iPhone apps Apple would otherwise forbid. Before opening his store, Freeman played an instrumental role in setting up the early groundwork for the jailbreak platform.

Often referred to as "Saurik" in the Jailbreak community, Freeman admitted he was initially reluctant about the iPhone due to its stifling limitations.

"Apple seems to have spent very little time looking at previous phones, and left out many features that users, such as myself, have come to expect," said Freeman, reflecting on the original iPhone. "However, [a friend] insisted to me that jailbreaking was the future. The software it comes with doesn't matter; I can just rewrite it all to my liking."

The need for an underground app store became more clear after Apple rejected several iPhone apps. The company faced severe scrutiny when it rejected the official Google Voice app, which would enable consumers to use a single phone number to ring all their phones, send free text messages and make cheap international calls.

The move stirred so much controversy that even the Federal Communications Commission investigated the rejection.

Unauthorized app stores served as a way of circumventing Apple's censorship. And some programmers are even making money coding forbidden iPhone apps.

"People are so annoyed by Apple and their s**t, and if you give them opportunity to go around it, then they'll even pay for it," said Kim Streich, a developer whose app 3G Unrestrictor earned $19,000 in sales in just two weeks through Cydia.

With more than 10 million jailbroken iPhones registered, Freeman's Cydia store is the most popular underground app store. Icy and Installer, two previous unauthorized iPhone software distributors, have been discontinued.

Whenever Apple releases an iPhone update, the new software usually erases unauthorized apps and disables unlocked iPhones. In response, the iPhone hacker group Dev Team continues to post regular updates on its blog with instructions and new jailbreak patches for newer iPhone software. The Dev Team's main jailbreak weapon is called Pwnage Tool, which creates a custom (hacked) patch for Apple's iPhone firmware and then installs it on the device.

To further combat jailbreaks, Apple has attempted to claim to the U.S. Copyright Office that jailbreaking is illegal.

However, the Dev Team skirts around copyright issues by not copying and providing Apple's software, according to Eric McDonald, a member of the Dev Team. Instead, the Pwnage Tool requires iPhone users to download Apple's legitimate firmware, and the Pwnage Tool patches it with jailbreak code.

Hotz, who was kicked out of the Dev Team after prematurely publishing information on iPhone hacks, still hacks away the iPhone on his own. Hotz doesn't demand money for his work, though he does accept donations.

He isn't shy about showing his face to Apple or the world, either: When running Blackra1n, the iPhone temporarily displays a photo of Hotz styled as an angel from a Caravaggio painting (above).

"Blackra1n is only 600K, and 200k of it is my picture," Hotz said, laughing.

Though the Jailbreak community persistently issues new hacks for iPhone updates, Apple is continuing to fight. A recent Apple job listing reveals the company is seeking an iPhone OS security manager to help prevent exploits, which could block future jailbreak solutions.

Hotz doubted a security expert could block his efforts. In fact, he said he's already discovered a brand new exploit that will jailbreak and unlock Apple's fourth-generation iPhone -- presumably due in stores summer of 2010 -- even though he hasn't touched it.

"Personally I love that Apple keeps the iPhone closed," Hotz said. "This is a personal hobby; it'd be no fun if Apple didn't have it closed anymore. Get a Jailbreak cop and then I'll show them what I can really do."

Subscribe to WIRED magazine for less than $1 an issue and get a FREE GIFT! Click here!

Copyright 2011 Wired.com.