How to jailbreak an iPhone: A warning
Some of the unofficial apps that you’ll gain access to after jailbreaking are pretty tempting, and may offer features you’d never otherwise be able to access, but be weary; jailbreaking your iPhone and installing tweaks and apps from disreputable sources may lead to hackers being able to access your iPhone. We recommend only using reputable sources, such as those pre-loaded in Cydia, and staying away from any pirated repositories – it may be tempting to download tweaks for free, but you might be handing over access to all your personal information at the same time!
Apple itself offers advice on the subject of jailbreaking (although you may feel that the company is biased in this respect since it wants to continue getting its cut of the revenue from official app sales). In this tech note, Apple suggests that jailbreaking your iOS device may lead to security vulnerabilities, instability, shortened battery life, unreliability, disruption of services and inability to apply future software updates. It may result in Apple denying service for your device.
Nonetheless, many Apple fans have been jailbreaking iOS devices for years without encountering these issues. But once they’ve jailbroken such a device, they understand that they should expect no help from Apple if it causes them trouble in the future. With choice comes responsibility.
How to jailbreak an iPhone: tethered and untethered jailbreaking
What’s the difference between a tethered and untethered jailbreak? Tethered jailbreaks require you to attach your iOS device to your computer and run an application to jailbreak it. If you later power off the device and then restart it, the jailbreak is wiped out, and you have to repeat the entire process. It also means your iOS device is completely useless until you do so, which isn’t convenient.
These kinds of jailbreak were the first to be developed. But what prospective jailbreakers wanted was an untethered method, where the hack would remain in effect even after the device was switched off and on again. This is called an untethered jailbreak, which is what is available for those looking to jailbreak iOS 9 and iOS 8.
Read next: iOS 9 Music guide: How to put music on iPhone or iPad, set up playlists & more
How to jailbreak an iPhone or iPad running iOS 9.2 – iOS 9.3.3
While long-time jailbreakers may be used to an all-encompassing tool that jailbreaks iOS devices and installs Cydia automatically, those that want to jailbreak their iOS device running iOS 9.2, 9.2.1, 9.3, 9.3.1, 9.3.2 and 9.3.3 will have to take a slightly different route. Why? Instead of running a standard jailbreak tool, users must rely on downloading the Pangu app for iOS, signing the app using a legitimate Apple ID and installing the app via an updated Cydia Impactor app developed by Saurik, creator of Cydia.
There’s also another difference between the current Pangu jailbreak and previous jailbreaks – it’s only semi-tethered, which means you’ll have to re-jailbreak your iPhone every time you restart it before you can continue using your favourite jailbreak tweaks. This may change to a fully tethered jailbreak in future, but there’s no word on when that’ll land at the time of writing.
Users will also need to re-install the Pangu app on their iOS devices once a week if they ‘sign’ it using a standard Apple ID – which isn’t ideal. Those using a developers account have a better deal, as they will only need to do this once a year. Oh, and you’ll have to disable Touch ID/Passcode/Find my iPhone on your iOS device before you follow the below how to, but you can re-enable it once it’s done.
So, without further ado, here’s how to jailbreak your iPhone or iPad running iOS 9.2 – iOS 9.3.3.
1) The first step is to download the tools required – you can download the Pangu app (to be installed on your iOS device) from pangu.io, and you can grab the appropriate version of Cydia Impactor (Mac, Windows, etc) from here.
2) Unzip the Cydia Impactor file you downloaded above, and run it.
3) Once Cydia Impactor is running, connect the iOS device you want to jailbreak to your Mac/PC using the supplied Lightning cable.
4) Once your iOS device is connected, drag NvwaStone_1.0.ipa (the Pangu app) into the Cydia Impactor app, click the ‘Start’ button and click ‘OK’ when an Apple Developer Warning appears.
5) The next step is to ‘sign’ the app using an Apple ID – the developers assure users that the information is used only for signing the app and nothing more, but those who want to be more secure can opt for a secondary Apple ID. Anyway, input your Apple ID email address, click ‘OK’, then input your Apple ID password and click ‘OK’.
6) Cydia Impactor should then automatically prepared everything based on your input, and sign the IPA file. If all goes well, the app should then automatically be installed on your iOS device.
7) On your device, open the Settings menu and head to General > Device Management (on iOS 9.3.3) or General > Profile (on iOS 9.3.2 and below). Tap the profile named as the Apple ID you signed in using the Cydia Impactor app and make sure you establish it as a trusted developer.
8) Open the newly installed Pangu app on your iOS device and allow the app to send notifications (you should see a pop-up shortly after opening the app for the first time). Simply tap the START button to begin the jailbreak, and immediately lock the device by pressing the power button.
9) Wait while the jailbreak payload is injected into the device – this may take some time. Once it has finished, you should receive a notification on your lock screen that the jailbreak has been successful, followed by a respring of the device.
10) Once you’ve done that, you should see Cydia appear on your Home screen – open the app and begin installing your favourite jailbreak apps and tweaks.
As mentioned above, users will need to follow steps 8-10 to re-jailbreak their device every time it is restarted. Users will also need to do the complete process again every 7 days if using a standard Apple ID.
If a fully untethered jailbreak is released in future, we’ll update this section so make sure you keep checking back soon.
How to jailbreak an iPhone or iPad running iOS 9.0 – 9.0.2
Only days after the release of iOS 9, the Pangu team announced that they’d jailbroken the software and were releasing it to the public. The Pangu team first appeared back in 2014, offering an untethered jailbreak for devices running iOS 7.1 – people were initially suspicious of the unknown group releasing a jailbreak, but the utility was tested and given the thumbs up by tech evangelists. They then released a jailbreak for iOS 8 just two days after it was released by Apple, making it the quickest ever release for a jailbreak – and it seems they’re following a similar pattern with iOS 9.
Pangu 9 will jailbreak iPhones, iPads and iPod Touchs running either iOS 9.0, iOS 9.0.1 or iOS 9.0.2 – users running iOS 9.1 have to download a different version of Pangu specific to iOS 9.1, but the below instructions still apply. Those running iOS 9.2 or later are out of luck for now though, as Apple’s latest software remains unjailbroken. The Pangu 9 jailbreak is compatible with the following iOS devices:
- The iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone 5s, iPhone 5c, iPhone 5, and iPhone 4s.
- The iPad 4, iPad 3, iPad 2, iPad mini 4, iPad mini 3, iPad mini 2, iPad mini 1, iPad Air 2, and the iPad Air 1.
- The iPod touch 6, and the iPod touch 5.
Mac support was notably missing from the initial release of Pangu 9, which explains our PC-based screenshots below. Since then, the Mac variation has been released and the jailbreak is achieved in the exact same way.
So, for Mac and PC users, here’s how to jailbreak your iPhone, iPad or iPod Touch running iOS 9:
1) Back up your device. The first step you should take is to back up your iPhone or iPad either via iTunes or iCloud to make sure your data is safe and secure. Although Pangu 9 has been given thumbs up by many users, there’s still a risk that something could go wrong during the install that requires you to completely reset your device. It’s better to be safe than sorry!
2) Download Pangu 9. The second step is to download the jailbreak software, Pangu 9 from here (Mac) or here (PC). Also, make sure you have iTunes installed (you won’t actually use it, but the installed files are needed).
3) Disable Find my iPhone, Touch ID, and Passcode. In order to successfully complete the jailbreak, users must first disable Find my iPhone, Touch ID, and Passcode.
4) Launch Pangu 9. Once you’ve backed up your iOS device, disabled Find my iPhone, Touch ID and Passcode, it’s time to jailbreak your iPhone. On your PC, right click the .exe file and click “Run as administrator” – opening the app by double clicking it may throw up some issues down the line with permissions, so running the app as an Administrator should prevent this. Mac users can open the app as they normally would.
5) Plug your iOS device into your Mac/PC. Plug your iOS device into your Mac/PC once you’ve opened Pangu 9, and it should be automatically detected by the software. Once your device has been detected, simply press “Start” to start the jailbreak process.
6) Toggle Airplane Mode. Follow the on-screen instructions to complete the jailbreak process. You shouldn’t have to do too much apart from occasionally unlocking your iOS device and putting it into Airplane mode, which is done via the Control Centre (swiping up from the bottom of the screen) or via the Settings app.
7) Your iOS device will reboot. Once you see “Jailbreak completed” on the Pangu 9 app, your device should reboot and display Cydia, the jailbroken ‘app store’, on your homescreen.
8) Open Cydia and download tweaks. Simply tap on the Cydia icon on your home screen to open and configure the app – this should only take a few seconds. Once complete, you’re free to download and install the various apps and tweaks that Cydia and the jailbreak community have to offer!
Word of warning: Beware of the tweaks and apps you’re installing from Cydia, as some may not yet be compatible with iOS 9 and could cause your phone to become sluggish or crash randomly. You can find a list of the compatible iOS 9 jailbreak apps & tweaks right here.
If, when you open Pangu 9 you’re welcomed with a runtime error, don’t worry – there’s a fix available. First of all, make sure you have iTunes installed as the error can pop up when the app can’t find the required files. If you’ve got iTunes installed and it’s still displaying the error, the workaround requires a bit more effort – but is still doable.
You need to uninstall iTunes and its related content in the following order:
- Apple Software Update
- Apple Mobile Device Support
- Apple Application Support
Once you’ve uninstalled iTunes and its related content and restarted your computer, it’s time to reinstall it (we know, it’s long winded!) from Apple’s website. Once installed, run Pangu 9 again and this time, you should be able to get through the process without running into the runtime error.
See also: How to install iOS 9 on iPhone, iPad and iPod Touch
Jailbreaking iOS 9: Secure your jailbroken device
So, you’ve jailbroken your iOS device – congratulations! Enjoy experimenting with the various tweaks and apps available via the Cydia repository. However, before you get too carried away, we advise you to take the following steps to secure your device. All iPhones have a ‘root’ superuser installed by default, which has access to everything on the phone – and, importantly, the password is the same across all iOS devices.
If a hacker manages to access your iPhone, all they need to do is input the default password (alpine for those wondering) to access pretty much anything on your device. Changing the default password for the root superuser should greatly increase the overall security of your iOS device, and here’s how to do it.
The first step is to open Cydia and download the MobileTerminal application – don’t worry, it’s free and will give you command-line access to your iPhone. Once you’ve installed the app, open it up and follow these steps:
- Type su root and tap return.
- You should then be prompted for root’s password which is alpine – enter that and tap return.
- You should now be logged in as root – now type passwd and tap return. This should launch the command-line password-changing program.
- Enter the new password – make sure it’s one that’s hard to guess and not something like password. It’s worth noting that for security reasons, the password utility won’t display the text you’re entering.
- You’ll then be asked to verify your new password.
- Once you’ve verified your password, you should be taken back to the command prompt. Simply type exit and tap return to log out of the root user.
There’s also a mobile user that also has access to your data and has the same default password of alpine. Follow steps 2-6 to change mobile’s password and you should be protected from any potential hacks.
How to restore your jailbroken iPhone without losing the jailbreak
A situation may arise where you’re forced to restore your jailbroken iPhone – this could be due to problematic or buggy tweaks causing reboot loop issues, or anything else. The issue is that although you can easily restore your iPhone using iTunes, doing so will cause you to lose your jailbreak. However, CoolStar, developer of SemiRestore recently released an update providing iOS 5 – iOS 9 users with the ability to ‘semi restore’ their iPhones and iPads without losing the jailbreak.
SemiRestore requires OpenSSH to be installed on the jailbroken device for the software to work – and it’s probably worth re-reading the section above about securing your jailbroken iPhone, as installing OpenSSH without changing your default iOS password leaves your iPhone open to being remotely accessed by hackers.
It’s also worth noting that people who have used the latest version of SemiRestore have had mixed results, so it’s best to proceed with caution. You can check out the FAQ if you have any questions, and SemiRestore is available to download from here. The software is only available for Windows and Linux, with the Mac OS X variant still yet to be updated. Simply download and run the software, then follow the on-screen instructions to semi-restore your jailbroken iDevice.
Jailbreaking iOS 8: How to jailbreak an iPhone or iPad in iOS 8
But what about those of you that haven’t made the jump to iOS 9? We have some good news and some bad news when it comes to jailbreaking an iOS 8 device. If you’re running iOS 8.0-8.1 or iOS 8.3-8.4, you’re in luck as an untethered jailbreak is available and ready to use. However, if you’re running iOS 8.4.1, the last variant of iOS 8 before Apple launched iOS 9, you aren’t quite as lucky. Though a jailbreak for iOS 8.4.1 has been confirmed as in the works by the Pangu team, it isn’t yet available to the masses. Those on iOS 8.4.1 have two options; you can either update your software to iOS 9 and follow the above tutorial, or wait for the iOS 8.4.1 jailbreak to be released.
See also: iOS 9 upgrade advice: The basics. What is iOS and more
Those looking to jailbreak their device running iOS 8-8.1 should use Pangu 8, and those looking to jailbreak their device running iOS 8.3-8.4 should use TaiG 2.
Both jailbreaks are compatible with the following iPhones, iPads, and iPod touch devices:
- iPhone 4s, iPhone 5, iPhone 5c, iPhone 5s, iPhone 6, iPhone 6 Plus
- iPad mini, iPad mini 2, iPad mini 3
- iPad, iPad Air, iPad Air 2
- iPod Touch
The process is fairly similar to the above tutorial, with the only real difference being the software that you run. You can download Pangu 8 from here, and you can download TaiG 2 from here. Once you’ve downloaded the appropriate software, simply follow our above tutorial and on-screen instructions to jailbreak your iOS 8 device on either a PC or Mac.