Over the weekend, drama broke out in the iPhone hacking community. On the eve of the release of the new jailbreak tool for the latest version of the iPhone operating system - a tool called "greenpois0n" put out by a group of hackers called the "Chronic Dev Team" - another hacker swooped in and stole their glory.
An independent hacker known as "geohot" (aka George Hotz) pre-empted "greenpois0n's" launch by releasing his own tool called "limera1n." (Don't you just love these names?) Here's what happened, how it impacts the jailbreak community, and yes, how to use limera1n to jailbreak your phone.
What Happened? Limera1n Trumps Greenpois0n
George Hotz is the hacker known best for his iPhone jailbreaking tools like purplera1n, blackra1n, blacksn0w, and perhaps more notably, for being the first to hack the Sony PS3.
His new jailbreak tool, continues the tradition of the "ra1n" naming scheme - it's called limera1n. But its release over the weekend was fraught with drama.
A group of iPhone hackers known as the Chronic Dev Team had prepared to launch their own jailbreak tool on 10/10/10, the one year anniversary of "blackra1n." The tool, a software application called "greenpois0n," was going to use a bootrom exploit they have dubbed "SHAtter." Bootrom exploits are harder for Apple to patch because they take advantage of a vulnerability on the hardware level. Because of this, jailbreak tools using bootrom exploits are often referred to as tools that let you "jailbreak for life."
The SHAtter exploit the Dev Team found was going to be used to jailbreak the iPhone, iPod Touch and iPad running the latest version of the iOS software.
However, just prior to greenpois0n's launch, geohot returned with his own "Limera1n" jailbreak, which takes advantage of different vulnerability. Because the Chronic Dev Team does not want there to be two exploits in the wild at the same time (as Apple could then patch both at once), they've decided to withhold their SHAtter-based tool for now. Greenpois0n is now being delayed as they re-write it to use the same vulnerability as Limera1n.
Jailbreaking with Limera1n: Jailbreak, But Unlockers Beware
Jailbreaking and unlocking the iPhone are two different hacks which allow you to take control of your mobile device in different ways. Jailbreaking is a type of hack that lets you install unapproved third-party applications on your iPhone or iPod Touch from searchable repositories provided by apps like Cydia. Unlocking, on the other hand, is a hack that lets you use your iPhone on another cellular network. Here in the U.S., that means you can use the iPhone on T-Mobile instead of AT&T. You have to first jailbreak your phone before you can unlock it, but you don't have to unlock a phone in order to jailbreak it.
There is a rumor that a "limesn0w" unlock from George Hotz is on its way, but that's unconfirmed at this time. A version of another tool called "sn0wbreeze" is also underway, which will offer support for unlockers. But for right now, the Dev Team is advising those using the current unlock called "ultrasn0w" to not not use Limera1n.
How to Jailbreak with Limera1n
The new Limera1n jailbreak works on the iPhone3GS, iPhone4, iPod touch 3G, iPod touch 4G, the iPad, and (technically) the AppleTV 2G, although on the Apple TV there are no apps yet. It's a Windows-only tool, so there are no Mac or Linux instructions. However, a Mac version is coming soon.
Below is how to use Limera1n to jailbreak your device, tested by yours truly on the iPhone 4.
- Download the Windows software from limera1n.com.
- Connect your phone to your PC via USB. Close iTunes if it launches.
- Install the software (the limera1n.exe file). You'll need to click "Run" on the Windows Security Warning dialog box (Vista/Windows 7).
- Click the "make it ra1n" button on the Window that appears.
- The window will first say "waiting for device" then "entering recovery." It then prompts you to "hold home + power" (meaning, press both buttons at the same time).
- You then release the "power" button when prompted by the software. If you mess up, it will tell you to retry.
- Windows finds and then installs the iPhone device driver - the message appears as a pop-up from the System Tray. The window now says "entering DFU mode," "exploiting" and "done." (iTunes launches in the background, but that's OK. )
- A new message appears on the screen saying your jailbreak is ready. Click "OK" on this window. Close the other window too.
- Reboot the device after seeing the limera1n raindrop icon on your phone's screen (press the power button to reboot).
- Once rebooted, you'll see the limera1n app on your device. Launch this app and on its main screen tap "Cydia" then the "Install" button at the top-right.
- Cydia will now download and install on your phone. This is the jailbreak app store.
Note: we found these instructions on Redmondpie.com and expanded upon them, incorporating things we encountered. Their site also offers video tutorials and device-specific guides, if needed.