Dev-Team Blog – JailBreak

Spirit freed

The Spirit jailbreak is now out! Congratulations to @comex for the first userland jailbreak since the 1.x days.

Spirit provides an untethered jaibreak on those newer devices which used to require a computer nearby to finish the boot process. Spirit is able to do this because it doesn’t actually kick in until after the kernel is running.

You can get the goodies at

3 weeks ago


Calm before the Spirit storm

At some point after (don’t ask when!) the iPad 3G is actually in customers’ hands, the first “userland” jailbreak since firmware 1.x will be released by @comex. It’s called “Spirit” and was first demonstrated working on an iPad by @MuscleNerd within 24 hours of the iPad’s release on April 3.

Userland jailbreaks are more troublesome for Apple since they expose security weaknesses that exist even for non-jailbroken owners. As such, Apple is likely to close them soon after they’re made public. One recent example of this is the SMS vulnerability exposed at Blackhat last summer. Apple released new firmware to close that hole within a day.

The Spirit jailbreak is most useful for newer devices: iPhone 3GS, iPod Touch 3G, and the iPads. Unfortunately those devices are the same ones that Apple can prevent you from downgrading unless you’ve got a backup of your personalized SHSH blobs. Unless you’ve backed up your SHSH blobs for vulnerable firmware versions, you’ll lose the ability to use the current Spirit jailbreak if you accidentally upgrade.

Please take the steps now to backup your SHSH blobs. Use either Firmware Umbrella to create a local copy, or go through saurik’s server. If you are getting an iPad 3G, it’s safest to backup your blobs using Firmware Umbrella, in case saurik’s server gets bogged down with requests.

Other things about Spirit that are useful to know:

* Spirit is an untethered jailbreak.

* Spirit works on all devices. (However, the redsn0w and PwnageTool flows will continue to work on those devices they’ve always worked on)

* Spirit does not include a carrier unlock. (Please don’t bug @comex about that)

* Spirit requires your device to be activated or hacktivated

Please make sure you have your SHSH blobs backed up! While @comex has indicated he’s not going to release the very minute the iPad 3G is out, there’s no telling what Apple might do anyway.

Update Friday, Apr 30:

As expected, the iPad 3G is equally vulnerable to @comex’s Spirit JB, as demonstrated below on MuscleNerd’s device soon after it arrived by FedEx on the iPad 3G release day.

Before even running Spirit, however, a backup of that iPad 3G’s blobs was made. Even though he already had blobs for his iPad Wifi, they can’t be used on the iPad 3G (or any other iPad Wifi or other device for that matter). Blobs are unique per-device, per-firmware

via Dev-Team Blog.

Tagged on: ,

Leave a Reply