We are now going on two months (five, if you were using developer betas) since Apple released iOS 5, and we still don’t have a viable jailbreak. There have been tethered and semi-tethered solutions available, but not an untethered jailbreak tool.
The worst part is that we haven’t known how close hackers have been to releasing anything, until tonight. The Chronic Dev Team has finally broken its silence regarding the untethered iOS 5 jailbreak, and has revealed a new plan for finding future iOS exploits…
Joshua Hill, also known as the Chronic Dev Team’s p0sixninja, just published a lengthy blog post on the team’s Greenp0ison site. The post explains several things, including the current status of the iOS 5 jailbreak, and the team’s new exploit-sniffing app.
From Hill’s explanation:
During my JailbreakCon talk in September, I was excited to announce that the Chronic Dev Team had already discovered 5 different exploits for use in our upcoming jailbreak. Unfortunately, that announcement was a bit premature, because in the subsequent weeks, Apple found & patched a (critical) few of those exploits, between the beta versions we used for testing and final release of iOS 5 on October 12. Sadly (and trust us, we are much more sad about this than any of you could possibly be), this has prevented us from being able to release a new jailbreak as quickly as we wanted to.
He goes on to say that one of Chronic Dev’s major problems is fighting the automatic crash reports that iPhones send to Apple when an application has crashed. Even with the setting switched off on the handset, iTunes can and usually still does send the data.
Using this information, which contains app crash history and other bugs, Apple is able to find and patch exploits before hackers can use them in building jailbreaking tools. So, Chronic Dev Team decided to use Apple’s own crash report software against it:
Instead of allowing this vicious cycle to continue, we decided to write a new program to turn Apple’s own beast against its master, per se. All this program requires from you is to attach your iOS device to your computer and click a single button!
At this point, the program copies all the crash reports off your device (which, under normal circumstances, would be sent right back to Apple), and instead sends this data to a secure, private server hosted by your friendly Chronic Dev Team. Next, our program needs to neuter your copy of iTunes, simply by changing your settings to prevent your computer from sending any further information from your device to Apple.
The Chronic Dev Team encourages everyone in the jailbreak community to download the crash reporter application. The more crash information they collect, the quicker they’ll be able to hunt down bugs, exploits, and anything else they need to build future jailbreaks.
And since the app also prevents crash data from being automatically sent to Apple, it will slow down the company’s effort to find and fix these bugs. If you would like to help out, you can grab the app from our Downloads page in the “Other Tools” section.
Update: We’ve added the Windows version of the crash recovery software to our Downloads page. Just follow the link above.