Dear Jailbreak Community
evasi0n.com(This is what I said on Twitter in response.)
So, yes: someone approached me with a potential jailbreak; the goal being to get a non-piracy-laden jailbreak out; this does not seem bad...
...in particular, I do not see how it is "backstabbing" @evad3rs (as some claim): it was unlikely to work, and was mostly just "having fun".
Also, I am not part of @evad3rs: they made that very clear to me. They never told me anything about their exploit. Should I not help others?
I guess now the argument is that if people come to me with a potential jailbreak, in order to not "backstab", I am not allowed to help them?
Regardless, I gave the iOS 7 Substrate build to evad3rs on September 30th, and all I needed to test was a new copy of redsn0w (not evasi0n).
I guess I don't understand "we really wanted TaiG's deal, so when we heard a rumor of an open jailbreak we were rushed: shame on saurik". :/
Did they change the text? What I'm seeing is:
> SaurikIT had been in talks with Chinese companies regarding potential partnerships, made a counteroffer. We believe they share our views on how a relationship with companies in China currently utilizing jailbreaking might benefit everyone in the community. Unfortunately, the negotiations did not work out. A few days later, we received information that SaurikIT was working with another group to release a jailbreak ahead of us. We decided to release, knowing that Cydia, MobileSubstrate, and jailbreak tweaks would be updated after a few days, just as it always has in the course of jailbreaking.
Which seems honest and clear enough (financial incentives and potential loss of the contract motivated the release) without the whole "shame on saurik" thing.
My Twitter replies were filled with people angry at me for "backstabbing", I think largely caused by i0n1c's interpretation of the letter.
> LOL now the @evad3rs say that @saurik backstabbed them and tried to release JB with other people. http://evasi0n.com/l.html
Read the paragraph you accurately summarized again: you managed to make the inference, but what they actually wrote was akin to "we decided to release because we didn't want Saurik to be first," not "we decided to release because we could lose our contract and money."
Payment was conditional on being first and being exclusive. You do not pay 1 million dollars to be second out the gate, particularly because you can simply copy the first guy's work.
Unless the evad3rs released first, they would not get paid. Or, more accurately, they would have to return money. I don't think they were excited by that prospect.
This evad3rs letter is, to use clapper-ism, "the least untruthful statement"
I'm confused as to why some people in the community believe a party was "backstabbed". Each team/group operated with its own intentions and goals; there's no reason why there had to be cooperation amongst them.
I feel like the reaction to this is more due to a general mistrust of Chinese software and a worship of MobileSubstrate.
I don't think this really helps evad3rs build credibility.
They put a giant, user-facing blob payload into their jailbreak with no transparency about how it got there or what it is. Reading between the lines they were paid for it, but they don't even manage to come out and say that outright in this "letter."
There's always some level of faith involved in installing an early iOS jailbreak, because exploits often aren't documented or open-sourced until long after their release (for a variety of reasons - vanity, ripoffs, weaponization, etc.). But at least most of the jailbreaks released in the past have been transparent and configurable.
In the Dev Team jailbreaks, all userland packages were optional and if a user wanted, they could uncheck the "Install Cydia" box in the payload configuration, configure their own Cydia (because the source is open, imagine that!), or install a completely different set of user-land applications. Plus a variety of parties with various interests in the development community were given previous jailbreaks early, which provides at least a cursory level of auditing and sign-off. This evad3rs release offers none of these reassurances.
I certainly wouldn't call any iOS jailbreak "trustworthy" in the truest sense but this one is definitely the worst so far.
I think one point you are making is unfair. Many (most?) previous jailbreaks not named PwnageTool or redsn0w have had a single, non-configurable payload containing Cydia and various Unix tools, with the understanding that once it's installed, the user can use Cydia to do whatever they want. In the case of my jailbreaks (years ago), I don't remember anyone ever expressing a desire for an alternate payload, presumably for that reason.
Of course there's a difference between Cydia and a closed source, less generally useful application that the jailbreakers were paid a large amount of money to include, but I wouldn't call it an issue of transparency/configurability as such.
Good point. I am unfairly using a subset of jailbreaks (PwnageTool and redsn0w) as an example of the community norm when that's really not the case.
I think the important distinction in the evad3rs release is indeed the one you make in the second paragraph of your post.
I do still think there's an issue of transparency, though: this letter carefully dances around the actual exchange of money for an unaudited blob in exchange for a lot of "we wanted to beat Saurik to a release" fluff.
Just to point out that evad3rs are basically the core group within the iPhone Dev Team. I wouldn't really trust future Dev Team jailbreaks anymore either.
It doesn't seem like there has any response this:
From @Hackl0us: "Taig also uploads users' private data to iphonespirit.com(belongs to Qihoo360 company). @iH8sn0w @pod2g @MuscleNerd @winocm"[0]
Other sources: [1][2]
[0]: https://twitter.com/Hackl0us/status/414835565524422656
[1]: https://twitter.com/JonathanSeals/status/414835993015894020
Am I the only one who thinks this makes evad3rs look even more shady?
One example: they carefully avoid denying the presence of malware in their jailbreak. Instead,
"We are saddened by the accusations that we would ever do such a thing, or sell weaponized exploits. If anyone ever attempted to include malware in a jailbreak, we are confident that the many security experts combing through jailbreak software would find it."
The explanations about Saurik and piracy in their Chinese pals' app store comes off as similarly evasive.
I am not sure how to interpret this statement:
"Yes, we have benefitted financially from our work, just as many others in the jailbreak community have, including tweak developers, repo owners, etc. Any jailbreak from us will always be free to the users but we believe we have a right to be compensated in an ethical way, just as any other developer. "
In my world view people do work in exchange for money, there are two sets of people, people who make money through legal means, and people who make money through illegal means. On the border of those two realms are people who walk back and forth over the line between legal and illegal. If you're 'productizing' a jailbreak (nominally legal in some countries, illegal in others) the people you're going to get money from are the folks on the illegal side of the line.
Given that world view you want to be compensated in an 'ethical way' by people who threw ethics out the window? That is what I have trouble with.
It's almost certainly a copyright violation in the US, but is it illegal in China for a Chinese company to pay developers to modify another company's software for commercial gain?
Another relevant question, would developers in another country be breaking their country's laws by accepting such work?
Edit: note that I'm not intending to equate ethicality with legality.
How is this a copyright violation in the US? Or are you just talking about the fact that pirated apps seem to be on this Chinese app store?
Nitrogen is correct, the fuzzyness in the US is around whether or not jailbreaking your own phone is a violation of the DMCA or not (ruled "no", then ruled "yes", not sure where it is at the moment), and then the contractual (civil vs non-civil) issues with running software on your phone without Apple's permission) It is that "grey" area, where folks can give themselves a credible story about how it is "perfectly legal" and so take the money. My point was that they are dealing with people who don't care if its legal or not. (remember they don't "charge" the end users, they charge the app store bundle guy). That guy (or gal) doesn't care about what is or is not legal, they care about money any way they can get it so that the person they got it from can't get it back. Period.
AIUI, jailbreaking (or any modification of software) creates a derivative work, which is a right protected by copyright. In other areas of copyright law, it seems commercial uses are more stringently restricted than personal uses.
This is interesting. The jailbreak community is a weird place on the edge of free software- normally, "just open source it" is an easy answer to security concerns, but there are understandable reasons not to open-source exploits. However, the whole competition thing between evad3rs and saurik seems kind of strange. Honestly, I wish Apple would just get with the times and allow an appropriate degree of freedom on their devices; even if evad3rs are as innocent as they claim in this instance, forcing users to install potentially sketchy obfuscated third-party system-level code in order to do basic things like set default apps seems like a recipe for eventual disaster.
> Honestly, I wish Apple would just get with the times and allow an appropriate degree of freedom on their devices
An appropriate degree of freedom is different for you and eight year old children or grandparents. The majority of iOS users have no use for the freedom jailbreakers desire and Apple is creating software for the majority of its customers.
> The majority of iOS users have no use for the freedom jailbreakers desire and Apple is creating software for the majority of its customers.
That's not quite true.
There's a bunch of minor tweaks that many people would really like that they can only get if they jail break. Since most people are scared of jailbreaking they don't do it.
It's hard to understand how different keyboards[1] is inappropriate degree of software freedom.
[1] to pick one example of a simple, minor, tweak that many people want.
"It's hard to understand how different keyboards[1] is inappropriate..."
"[1] to pick one example of a simple, minor, tweak that many people want."
Agree with your point except calling it a "minor tweak". From personal experience, the difference between the stock iOS keyboard and something like Swype on Android is huge. This third party keyboard on Android was so popular and influential that Google finally added swype like functionality in the base OS (I think starting with JB). This is one of the biggest frustrations I have with the iOS experience (whenever I do use iOS, e.g. on my iPad).
Hell something even more minor than that is the ability to have 5 icons on the dock...
That's not an argument against a button in Settings that says, "I understand the risks, now unlock my device."
I like the developer options in android. Just go to about phone and click the build number a large number of times. You basically have to know this exists to seek out the how online and then do it. Almost no one is going to enable this by accident.
This is always, always a bad idea, and has been so for decades: http://blogs.msdn.com/b/oldnewthing/archive/2003/07/28/54583...
It raises support costs, and frustrates the vast majority of customers.
Yes, it is, because people will press it because it's there to press and proceed to hose their devices.
If you're not satisfied by those restrictions, use Android. (I do, because I'm not.)
The non-technical iOS users I know would never change a setting in Settings they do not understand (unless someone they trust, namely me, tells them to do it).
If that is not enough, the unlocking process can be as complicated as needed to discourage careless unlocking. Most people, when asked, e.g., to convert a decimal to a hexadecimal or to engage their frontal lobes in some other way, stop being careless.
Remember that the only point I'm trying to make is that it is not strictly necessary for Apple to do their best to keep motivated technical users from escaping their "jail" to prevent kids and grandmothers from harming themselves.
And does anyone actually believe that protecting naive users is the only reason Apple makes it as hard as possible to jailbreak iOS?
> The non-technical iOS users I know would never change a setting in Settings they do not understand
I wish I had your circle of non-technical folks. I've been called (from other people's phones, no less) numerous times asking why data doesn't work (they deleted all the APNs from an Android phone), why their picture messages don't go through (they changed the MMSC URL to their homepage), why voicemails stopped (they set the voicemail service number to their own number), and several more. Changeable settings are like mountains; they're messed with because they are there.
I understand this, but there should at least be a way to access that freedom. I'm a developer; I'm going to hack and tweak my phone. That's not going to change. What can change is whether Apple makes me install a 3rd-party exploit or lets me flip a switch somewhere deep in my settings.
> but there are understandable reasons not to open-source exploits
Legit question, What reasons could there be?
Two of them come to mind:
* They don't want the exploit "stolen" or reused by another party (for good or evil)
* They don't want to make it too easy for Apple to patch it.
This exploit was already patched by Apple in the next version, as far as I understand.
Yeah, what voltagex said. Same reason you shouldn't open-source a zero day exploit on any website without responsibly disclosing it to the company and giving them a reasonable amount of time to patch it.
They've basically made it open to the world, Apple has worked out closed sourced jailbreaks before with no help. Jailbreaks like Star (jailbreak.me) were just a PDF binary with absolutely no clue as to the contents or method of exploitation.
This is true, but making an exploit open source, as opposed to merely available, makes it significantly easier to weaponize for people who might not already be experts in exploiting iOS.
Right, but the easier they make it, the faster it gets patched. The entire point of a jailbreak is to survive in the wild long enough to help people.
The status page on http://jailbrea.kr/ is hilarious: such jailbreak so drama wow tweak omg many piracy
I'm still baffled as to why someone would want to buy a locked up device and be forced to use frequent / complicated measures to be somewhat freed... I understand if you didn't get a choice at first, but I people realizing they are really stuck in a jail anyway, without any jailbreaks, might do more good than having them. (Though I encourage breaking things! ;)
There are hundreds of millions of happy iPhone users out there. For the overwhelming majority of people, the restrictions on the device are not burdensome.
For many people the restrictions protect them from installing malware, and is a huge benefit. For the majority of us reading, I think we know enough to not install weird applications and the restrictions are incredibly burdensome.
And for some of us, they are. So, people have different priorities, who knew?
Because sometimes it's simpler to get what you want by subtraction rather than by addition.
More formally, my ideal device is x. The iPhone (4s) is at x + δ and all the other smartphones are at x - δn (where δ > 0 and n is a really big number)†.
I like the App Store but I don't like the restriction against installing non-approved apps (including my own).
I love Safari/Webkit but I don't like the restriction against using other rendering engines.
I like the the default apps (mail and maps are fine) but I don't like the restriction against changing those defaults.
I like tethering and don't even mind paying a little extra for the bandwidth, but I do not like the fact that my carrier can preempt that ability at the OS layer rather than the network layer.
On the other hand, I do acknowledge that buying and owning an iPhone basically supports eco-system that I despise, and for that reason, my next phone will probably be a Nexus or MotoX.
I just wanted to write that I like the iOS platform and devices when jailbroken, but I am also sick of their walled garden bullshit. So, cheers for standing up for your principles over your convenience, it takes a strong person to do so.
Some people just don't care to make things better. I can't tell you know many friends I have with Galaxy S3s running the stock firmware.
Even my sister is on cm10.2.
I sold my iPhone when the GS3 came out because I was sick of waiting for an exploit that let me have more than nine icons on my home screen.
Sometimes you buy it because you like the hardware and know the software is coming down the line. I've done this twice.
- I bought an Android phone that had terrible reviews on Amazon come, knowing that there was a cyanogenmod ROM that'd solve everything.
- I bought the new Kindle Fire HDX because I love the hardware design and knew a hack would show up for it eventually. Sure enough, the "put_user" kernel memory write exploit was found and now I have root on it. I'm sure cyanogenmod ROMs will be coming later on. Until then, I don't even use the HDX. Why didn't I just wait until the root showed up first before purchasing? Because updates to firmware might seal the exploit. So, just like I did with Sony PSP, it's best to get the hardware with early firmware and just never bring the device online for any updates. Just wait for the hack. My HDX still hasn't been exposed to the interwebz. That won't happen until Cyanogenmod is flashed on it. Until then, I'm still using my firstgen Kindle Fire.
I bet some people bought an iPhone fully expecting that one day a jailbreak would show up.
I wish we'd collectively only buy things where the root exploit was like ticking an "I want root" checkbox. If buyers collectivized their buying power we wouldn't need to worry about "down the line" companies would release it with root or the product would fail.
Sigh. While I'm at it, I'd also like a sack full of hundreds and a unicorn.
I look at it this way: if enough people wanted that checkbox to move the needle in the market, then my skillset that a lot of employers find extremely valuable would probably be a lot more common and hence less valuable.
It's pretty simple. My preference goes:
Jailbroken iPhone > regular iPhone > Android phone
Jailbreaking is not a critical factor for me, but it's nice to have.
I do not believe that helping a Chinese company that is related to Qihoo360, which has a very bad ethical record will in anyway benefit the Chinese users. I also don't see how is this benefiting the jailbreak community, except for the compensation they took in.
One thing I don't understand... why do you think it is wrong for them to make money out of their work? I am not saying that what they did was good for the community but what if the alternative was not getting anything? They are still offering it for free...
I don't think I said that it is wrong for them to take the money. It is more about who to take it from and what are they asked to do. They claimed including TaiG is good for the Chinese user and a positive thing for the jailbreak community. I personally don't think that's the case.
Their own app store have lots pirated apps and they have their own ad platform. e.g. One app publisher pay xM Chinese yuan for making their app to the top n in a app store.
Chrome seems to detect the encoding of this page wrong -- find the deeply-buried "Encoding" menu and set it to UTF-8 for more readability.
Chrome (and Firefox for that matter) are doing what they should be. The default encoding for HTTP is ISO-8859-1 and the Content-Type header doesn't specify a charset, so that is what the browsers are displaying it as.
Well, like most things on the Web, they're not doing what the HTTP standard says, they're doing something related to what the standards say they should do but with some concessions to reality.
Look at "We don’t believe it’s right". There's no Euro sign in ISO-8859-1. The Euro symbol was not even dreamed up when ISO-8859-1 was standardized.
But there's a Euro sign -- retroactively -- in Windows-1252, and it's been a long-standing tradition among Web browsers to pretend ISO-8859-1 and Windows-1252 are equivalent even though in Unicode they clearly aren't. It's why you can write … and usually get the same ellipsis as ….
So you can forgive me for expecting another long-standing tradition, which is to auto-detect encodings that aren't specified. Maybe browsers have stopped doing that. It's a bit of a loss when it comes to UTF-8, a clear choice for an encoding to try by default in 2013.
Of course the page should ideally be written better, but that's a push and pull between HTML writers and browser developers that will never be over.
Wow, why didn't they bother specifying? It's as simple as:
<meta charset=utf-8>
BTW, if anyone was going to post this to reddit, don't bother. I posted it to /r/technology and /r/apple but davidreiss666 removed both links with no explanation.
r/jailbreak is proper place on reddit for relevant discussion.
This site uses Cloudflare and I use Tor, so I can't view it. Could somebody mirror?
How about http://evasi0n.com.nyud.net/l.html
The justification of their actions, to renumerate developers for their work, is of course a sentiment of paramount importance. However, clearly, the way in which it was executed (bundling a questionable foreign App Store) wasn't the best, and in my opinion they should look to more interesting monetisation avenues than sponsorship.
Malware should be easy enough to detect by MiTMing the device, assuming the baseband is unmodified and cellular is shut down. (edit: no, it doesn't-- shouldn't post before I'm awake) I have just updated my phone and I have no traces of the chinese app store mentioned here, for what it's worth.
No, you can not detect malware working like that.
How do you know the data will be sent when you are looking, how do you know what the encoding will be? Maybe it exports your AppleID password by using the unused bit ("evil bit") in IPv4 packets, maybe it encodes your keychain into every screenshot you take, maybe it's using high frequency audio (haha) to send out copies of your photos when you're not looking.
Treating the iPhone like a black box it would be impossible to deny the existence of malware, you can only confirm it's existence. Given that the evad3rs didn't even know what the binary they included with their exploits contained, we can assume that there's possibly a backdoor or two in there as well.
Fair point, I didn't think it through very much. Jailbreak is inherently risky and the risk increases as the effort required to achieve becomes unsustainable without financial help.
A chinese safety company named 360(http://360.cn)pay $1000000 cash to evasi0n team buying cydia replace to taiji in china.
TaiG is a pirated app distribution platform...
This situation sort of reminds me about the xbox scene, which now seems to mostly be about piracy and profit now, which sort of sucks..