How the checkra1n and unc0ver jailbreaks compare and contrast

The jailbreak community had quite the field day on Saturday when both the checkra1n and unc0ver jailbreak tools picked up official support for iOS 13.5, permitting jailbreak hopefuls to pwn the latest version of Apple’s mobile operating system for iPhones and iPads alike. It’s not often that jailbreak tools support a current signed firmware, and it may come as no surprise that these updates attracted many new users to the jailbreak scene.

One of the most frequent questions we’ve seen over the course of the past 24 hours is “what’s the difference between checkra1n and unc0ver?” Albeit obvious to more seasoned jailbreakers, we wanted to take a moment to discuss the differences and similarities between the two for those who are just entering the jailbreak community’s territory for the first time. Without further ado, let’s get started:

The differences between checkra1n and unc0ver

Type of jailbreak

First and foremost, checkra1n is what we call a semi-tethered jailbreak and unc0ver is what we call a semi-untethered jailbreak. In a more detailed piece, we discussed the differences between these types of jailbreaks and more, but in a nutshell, here’s what you need to know:

  • Semi-tethered: You need to connect to a computer every time you want to re-jailbreak, but you can still use your iPhone in a non-jailbroken state after powering it off and on again.
  • Semi-untethered: You won’t need to connect to a computer every time you want to re-jailbreak, but you can still use your iPhone in a non-jailbroken state after powering it off and on again.

Notice the difference? The semi-tethered jailbreak works by connecting your iOS device to a computer, entering DFU mode, and running a computer application, whereas the semi-untethered jailbreak works by side-loading a dedicated iOS app to your device and simply launching it. You don’t need a computer for semi-untethered jailbreaks because signing services such as Ignition and App Ninja can be used via a mobile web browser to install the iOS app to your Home Screen.

Exploit used

Another one of the most substantial differences between the two jailbreaks is that checkra1n uses a hardware-based bootrom exploit called checkm8, while unc0ver uses variety of different software-based tfp0 exploits.

The major difference here is that checkra1n’s hardware exploit can’t be patched with a software update, which means that Apple can’t patch this jailbreak with a software update. Apple would need to physically recall all impacted devices and solder new hardware into each device’s logic board to fix this, which would be too expensive and labor intensive to even bother with. Essentially, impacted devices can be jailbroken for life, regardless of what firmware they’re running.

Unc0ver’s tfp0 exploits, on the other hand, are software-based, which means that they can be patched by Apple’s software updates. This is why the unc0ver jailbreak only just added support for iOS 13.5 yesterday, because the most recently used exploit for iOS 13.3 was patched in iOS 13.3.1 and above. It’s also why why you can’t jailbreak iOS 12.4.7 with unc0ver (the latest firmware for an iPhone 6/6 Plus). For this reason, you want to avoid restoring your unc0ver device as much as possible since Apple can stop signing your firmware and prevent you from reverting to a jailbreakable firmware.

Supported devices

The number of supported devices is another significant distinguishing factor between the two jailbreaks.

By nature of the checkra1n jailbreak’s hardware exploit, only certain devices are affected. Supported devices include those using hardware as old as the A7 chip and as new as the A11 chip. For example, handsets as old as the iPhone 5s and as new as the iPhone X are supported, but checkra1n can’t jailbreak the iPhone XS or newer at all. As we noted earlier, however, it doesn’t matter what software/firmware these devices use.

Unc0ver, on the other hand, can jailbreak any device that runs a supported firmware version. For example, yesterday’s iOS 13.5 support can be used to jailbreak literally any iPhone or iPad that can run iOS or iPadOS 13.5 – the hardware doesn’t matter.

Deployment

And of course, we should mention how these jailbreaks are deployed and the ways they differ.

The checkra1n jailbreak is a computer program that, at the time of this writing, can only be deployed on a PC running macOS or Linux. Windows support is supposedly coming; however, developing a Windows-based version of the checkra1n program has proven to be incredibly difficult and is taking longer than initially expected. Using the program is easy, and the steps to do so have been outlined in our dedicated tutorial about how to jailbreak with checkra1n.

The need for a physical computer to use checkra1n has resulted in some particularly clever workarounds for people who can’t get to a physical PC. For example, you can deploy checkra1n from an Android handset since the operating system is Linux-based, or you could get yourself a fancy portable Ra1nbox device, which is a NanoPi Neo2-powered box that, once again, uses Linux as its core operating system.

The unc0ver jailbreak, on the other hand, is an .ipa file (an iOS app) that can be loaded to your iPhone or iPad one of several different ways, including AltStore, Cydia Impactor, and Xcode, which require using a computer to side-load the app to your device. After that, you can use the jailbreak app without a computer until it needs to be signed again. AltStore is the recommended method among those we mentioned.

Alternatively, you can install unc0ver with a signing service such as Ignition or App Ninja, each of which can be used on the iOS device itself without a computer whatsoever. Unfortunately, their signing certificates get revoked somewhat often, so it can be easier to just use the aforementioned computer-based methods.

We’ve made individual tutorials for each of the ways to install unc0ver below:

How they’re similar

Above we discussed the biggest differences between the checkra1n and unc0ver jailbreaks, but now it’s time to outline some of the similarities:

  • Both jailbreaks can be used to deploy the same jailbreak tweaks of your choosing
  • Both jailbreaks install the tried and true Cydia package manager by default
  • Both jailbreaks will need to be deployed all over again if you reboot your handset
  • Both jailbreaks can be used to pwn iOS 12 and/or iOS 13
  • Both jailbreaks can be reverted with either rootFS restore or Restore System
  • Both jailbreaks can be deployed on a single device (albeit not at the same time)
  • Both jailbreaks receive regular updates with new support and bug fixes or performance improvements
  • Both jailbreaks are made by folks who care about your freedom to do what you wish with your device

Conclusion

There are some rather substantial differences between the checkra1n and unc0ver jailbreaks, but you really can’t go wrong with either jailbreak. Obviously, there are benefits to using checkra1n since it can’t be patched by Apple, but it’s limited to older devices whereas unc0ver is one of the only ways to jailbreak the latest iOS devices running Apple’s latest firmware.

Selecting the one that’s right for you is completely subjective and depends on the type of device you have, whether you have access to a computer most of the time, and if you care about future-proofing your jailbreakability amid software updates.

Based on the differences, have you decided that you will use checkra1n or unc0ver to jailbreak your iPhone or iPad? Discuss your position in the comments section below.