Jailbreaking an iPhone in 2020

It’s been quite a while since I jailbroke my first iPhone, an iPhone 3GS, back in 2010.

Fortunately, from that iOS 4 to the current iOS 13, the iPhone Operating System has incorporated many improvements and features that were previously only possible through applications or tweaks on a jailbroken iPhone. These continuous changes made me abandon the need to jailbreak my personal iPhone.

However, Apple continues to excessively block access to our iPhones and one change that particularly annoyed me was when Apple removed in September 2017, with the launch of iTunes 12.7 and iOS 11, the management of Apps within iTunes that allowed us to back up our Apps, as well as installing them on our iPhone from our Mac using iTunes.

This change prevents us from downloading the applications that we have acquired for our iPhone from our Mac using iTunes so we can save locally in our computer the IPA of the applications so that, if necessary, we can re-install them in our iPhone Apps previously acquired without having to download them again from the App Store.

Saving the IPA of the Apps we’ve purchased is especially useful if the developer or Apple itself decides to remove it from the App Store at some point. Isn’t that right, TomTom? Isn’t that right?

As it turns out, I purchased the TomTom GPS navigation application for Europe. When I bought it, TomTom promised that the map updates would be free for life. But some time ago TomTom announced that it was no longer updating the application and maps. But not only that, they removed it completely from the App Store. So, despite having paid for it, I can’t install it on any of my devices because it has disappeared from the App Store and Apple removed the possibility of backing it up with iTunes time ago.

So I find myself in a situation where neither Apple nor TomTom provide me with any way to install an application that I paid for. My only alternative is to jailbreak an iPhone 6 where I still have the App installed to access the whole file system so I can extract it and manually “build” the IPA to install it on another device. Thank you, Apple. Thank you, TomTom.

This iPhone 6 has iOS 12.4.3 installed, so I dived into finding current options to allow jailbreak on this combination of device and iOS version.

In my search I found different options available to jailbreak an iPhone such as Chimera, Unc0ver or checkra1n.

Chimera Jailbreak, developed by Coolstar and the Electra Team, is compatible for all devices with iOS 12 — 12.2 and 12.4 and install Sileo after the Jailbreaking process instead of Cydia. Chimera is a semi-untethered Jailbreak, which means that on each boot, the device startup sequence is unmodified and it boots into its original, non-jailbroken configuration. So, after each reboot, you will need to run the Chimera app to re-jailbreak the device.

Unc0ver is also a semi-untethered Jailbreak tool, like Chimera, for all devices including A12 devices such as iPhone XS, XS Max, XR on iOS 11.0 – 13.5.

checkra1n can Jailbreak for iPhone 5s though iPhone X, iOS 12.3 and up. This is a semi-tethered jailbreak based on the checkm8’ bootrom exploit compatible with devices with an A5-A11 chip. As a semi-tethered Jailbreak, on each boot the device will start up with an un-patched kernel, that is, its original stock iOS, and therefore will not be able to run modified code. So, after each reboot, you will need to jailbreak the device again by plugging it into a computer using the checkra1n tool.

I ended up choosing the checkra1n jailbreak because it is the method compatible with my iPhone 6 with A8 chip running iOS 12.4.3. These are the steps needed to jailbreak your iPhone using the checkra1n tool.

  1. First we will download the checkra1n tool from the website checkra.in. In my case I downloaded checkra1n 0.10.1 beta for macOS.
  2. Open the ‘checkra1n beta 0.10.1.dmg’ and install the checkra1n App into your Applications folder.
  3. Plug your iPhone into your Mac, launch the checkra1n application and check the iPhone model, firmware, connection mode and ECID information on the welcome screen. If everything is correct, click on the ‘Start’ button.
  4. It is required to put the device into DFU to apply the jailbreak, but before that, checkra1n will put the device in recovery mode first to prevent filesystem corruption.

    Click on ‘Next’ button and you’ll see how your iPhone rebooting in recovery mode (the iPhone screen will show the iTunes icon and below it a drawing of a lightning cable).
  5. Now it’s time to put the iPhone in DFU mode (Device Firmware Update). checkra1n will guide us through this process with the steps that are needed for our device with text and pictures.
    In my case, for an iPhone 6, I should press and hold the Power and Home buttons simultaneously for 4 seconds (at this time the screen should have turned black), then release the Power button, but keep holding down the Home button, for 10 more seconds.
    When you have read and understood the steps required for your device, it is time to click on the ”Start” button and follow the process shown by checkra1n.
  6. As soon as the device enters DFU mode, checkra1n will start applying the jailbreak. Just wait for checkra1n to finish the process.

    You should see how your iOS device shows the checkra1n verbose boot screen. Do not disconnect the device from your Mac yet.
  7. checkra1n will tell us when the process has been completed. Now you can click on the ‘Done’ button, close the checkra1n application and disconnect the device.
  8. Now check your iPhone’s Home screen. You should see the checkra1n loader app. Congratulations, you’ve jailbroken your iPhone!
  9. The next thing you should probably do is open the checkra1n loader app, tap on the Cydia option, and then tap on the ‘Install Cydia’ button that appears.
  10. The checkra1n loader will start to download the base system and install Cydia.

    When finished, Cydia will appear on your iPhone’s Home screen.

  11. Remember that if you reboot the device, it will start up with an un-patched kernel and you will have to go back to step 3 if you want to re-jailbreak your iPhone.

 


Some handy links

checkra1n
‘checkra1n beta 0.10.1.dmg’ for macOS

Unc0ver
Unc0ver GitHub project

chimera.sh