WEBVTT - TechStuff Tidbits: Jailbreaking 0:00:04.400 --> 0:00:07.800 Welcome to Tech Stuff, a production from I Heart Radio. 0:00:12.160 --> 0:00:16.000 Hey therein Welcome to Tech Stuff. I'm your host, Jonathan Strickland. 0:00:16.040 --> 0:00:19.479 I'm an executive producer with I Heart Radio. And how 0:00:19.560 --> 0:00:22.520 the tech are you? So it's time for a tech 0:00:22.560 --> 0:00:25.160 stuff tidbits. I think this is probably gonna be pretty 0:00:25.200 --> 0:00:27.720 long for tidbits, but let's just go with that. And 0:00:27.760 --> 0:00:30.840 I got a message from way to Cold Mike on 0:00:30.880 --> 0:00:34.600 Twitter asking for an episode about jail breaking, which is 0:00:34.640 --> 0:00:37.760 a term I've not heard in quite some time, but 0:00:38.080 --> 0:00:41.920 back in two thousand seven it really started to gain traction. 0:00:42.200 --> 0:00:45.880 And of course we're not talking about breaking someone out 0:00:45.880 --> 0:00:50.440 of a literal jail. Now, we're talking about using vulnerabilities 0:00:50.760 --> 0:00:54.400 to break down the walls of an otherwise walled garden. 0:00:54.720 --> 0:00:59.560 So first, let's set the stage. Let's say that you 0:00:59.640 --> 0:01:03.320 are in charge of a tech company that produces a smartphone, 0:01:03.920 --> 0:01:07.080 and part of your revenue comes from phone sales. Right, 0:01:07.200 --> 0:01:11.000 you produce phones, they go to retailers. The retailers seldom 0:01:11.040 --> 0:01:15.000 to customers. That's your revenue stream. However, you've also figured 0:01:15.040 --> 0:01:18.840 out a way to increase your revenue by keeping a 0:01:18.920 --> 0:01:22.800 tight control on what can and cannot be loaded onto 0:01:22.840 --> 0:01:27.840 your smartphone, so you're acting as a kind of gatekeeper. UH. 0:01:27.880 --> 0:01:30.959 You might also be acting as a payment processing service, 0:01:31.240 --> 0:01:35.520 so you are in charge of determining what users can 0:01:35.680 --> 0:01:40.360 download to your smartphone. UH. And anything that uses in 0:01:40.440 --> 0:01:44.039 app purchases has to go through your payment processing system, 0:01:44.080 --> 0:01:47.280 so you can take a cut of all those transactions. 0:01:47.800 --> 0:01:50.440 And yes, I am describing Apple here, but a lot 0:01:50.480 --> 0:01:53.640 of companies do similar things. So this is all about 0:01:54.200 --> 0:01:57.720 creating an ecosystem and then controlling as much of that 0:01:57.840 --> 0:02:01.560 ecosystem as you possibly can in Now, this does not 0:02:01.640 --> 0:02:04.800 always work, of course. For one thing, people have to 0:02:04.960 --> 0:02:08.040 want to be part of that ecosystem in the first place. 0:02:08.120 --> 0:02:11.480 Right if no one likes your product or thinks it's interesting, 0:02:11.800 --> 0:02:13.560 no one's going to buy into it. And then it 0:02:13.560 --> 0:02:17.639 doesn't matter if you control everything, because no one's entering 0:02:17.680 --> 0:02:20.600 into your ecosystem in the first place. But we have 0:02:20.760 --> 0:02:24.360 seen this time and again from tech companies, particularly those 0:02:24.400 --> 0:02:29.000 that sell hardware, because if all you do is sell hardware, well, 0:02:29.040 --> 0:02:31.800 then you only make money if folks are buying your stuff. 0:02:32.360 --> 0:02:34.519 And if your stuff lasts, you know, at least a 0:02:34.560 --> 0:02:36.960 couple of years, it might mean that you have some 0:02:37.200 --> 0:02:42.160 pretty rough cycles like sales cycles, like if everyone is 0:02:42.200 --> 0:02:45.480 convinced to buy your product right out of the gate, Yeah, 0:02:45.560 --> 0:02:47.480 that's gonna be great for you in the short term, 0:02:47.720 --> 0:02:51.560 but then a year later, maybe no one's buying a 0:02:51.600 --> 0:02:55.320 new stuff because you know, the old thing still works great. 0:02:55.760 --> 0:02:59.000 So this can really kind of lock you into a 0:02:59.000 --> 0:03:04.520 a huff revenue cycle where you have big ups and downs. 0:03:04.680 --> 0:03:07.000 That's not great for shareholders if you have to be 0:03:07.000 --> 0:03:11.960 a publicly traded companies. So if you pair your hardware 0:03:12.560 --> 0:03:16.760 with some kind of service, you can continue to charge 0:03:16.840 --> 0:03:20.840 customers over and over over, you know, however long they 0:03:20.960 --> 0:03:24.160 remain a customer. And we see this with printers and 0:03:24.240 --> 0:03:28.239 toner cartridges, with famous examples being printers that can detect 0:03:28.320 --> 0:03:31.480 whether or not the cartridge you've inserted is an official 0:03:31.560 --> 0:03:34.600 one from that company or a third party knockoff, and 0:03:34.639 --> 0:03:37.000 if it's a third party knockoff, it might just not 0:03:37.920 --> 0:03:40.880 allow that to happen, like it'll lock the printer down. 0:03:41.680 --> 0:03:45.480 We've seen this with coffee makers. Curig famously tried to 0:03:45.520 --> 0:03:49.600 fight off attempts from other companies to create pods that 0:03:49.800 --> 0:03:53.520 were compatible with curing coffee machines. Curi just wanted you 0:03:53.560 --> 0:03:57.600 to go through the curing system, and we've see it 0:03:57.640 --> 0:04:00.320 in the right to repair movement with company. He's like 0:04:00.400 --> 0:04:03.640 John Deere trying to force farmers to you know, lug 0:04:03.680 --> 0:04:07.200 their expensive farming equipment to a license John Dear repair 0:04:07.240 --> 0:04:11.240 shop rather than be able to do any maintenance themselves 0:04:11.400 --> 0:04:13.680 or with a mechanic that they like to work with. 0:04:14.280 --> 0:04:17.719 All of these concepts are related to this idea of 0:04:17.800 --> 0:04:21.080 locking customers into a model where they keep on paying 0:04:21.120 --> 0:04:24.039 to be part of this ecosystem. All right, So let's 0:04:24.040 --> 0:04:27.760 go back to two thousand and seven. That's the year 0:04:27.800 --> 0:04:31.600 that Apple introduced the iPhone, and you may owe Ma 0:04:31.760 --> 0:04:34.279 Drew Gees have forgotten what that was like. Things changing 0:04:34.320 --> 0:04:37.920 so scoring nowadays and people quick to forget. Just give 0:04:37.920 --> 0:04:40.360 me a shout out if you actually get that reference 0:04:41.120 --> 0:04:43.719 and text stuff hsw on Twitter is the way to 0:04:43.720 --> 0:04:48.200 do that. But when Apple first launched the iPhone, it 0:04:48.240 --> 0:04:51.720 was before there was an app store. In fact, the 0:04:51.839 --> 0:04:55.599 iPhone app store launched just a hair longer than a 0:04:55.680 --> 0:05:01.320 year after the original iPhone debut, So the original iPhone 0:05:01.320 --> 0:05:04.280 owners went more than a year if they bought it 0:05:04.320 --> 0:05:06.360 on day one, they went more than a year without 0:05:06.400 --> 0:05:08.679 any kind of App Store, no way to add stuff 0:05:08.680 --> 0:05:11.719 to your phone. And it's not that the phone couldn't 0:05:12.279 --> 0:05:15.560 support apps. It totally could, and in fact it came 0:05:15.600 --> 0:05:20.440 standard with several Apple provided apps pre installed. But Apple 0:05:20.520 --> 0:05:23.400 was building out the back end of that ecosystem, the 0:05:23.480 --> 0:05:27.640 process by which app developers would submit applications for Apple 0:05:27.760 --> 0:05:31.080 to consider to include into the app store, and sometimes 0:05:31.080 --> 0:05:34.560 Apple did, sometimes it didn't, and those early days in particular, 0:05:34.839 --> 0:05:37.520 it was a pretty opaque process. There were times where 0:05:37.760 --> 0:05:41.279 developers would get a rejection and not really understand why 0:05:41.320 --> 0:05:45.360 they were rejected, especially if a very similar app would 0:05:45.760 --> 0:05:49.720 then get accepted into the app Store. So they were 0:05:49.760 --> 0:05:53.120 confusing days back then, and again that was a year 0:05:53.160 --> 0:05:57.400 after the phone had actually launched. And you see, Apple 0:05:57.480 --> 0:06:01.640 wanted and actually still wants, to control what sort of 0:06:01.680 --> 0:06:04.560 stuff could appear on the iPhone, which, when you really 0:06:04.560 --> 0:06:07.680 break it down, is just a small portable computer that 0:06:07.800 --> 0:06:11.960 happens to be combined with a phone, and computers are 0:06:12.000 --> 0:06:15.640 designed to run software. But Steve Jobs, the co founder 0:06:15.640 --> 0:06:18.479 of Apple, had long maintained a desire to restrict what 0:06:18.600 --> 0:06:22.400 sort of stuff could run on his company's hardware, and 0:06:22.400 --> 0:06:25.280 there are a lot of different reasons for this. One 0:06:25.320 --> 0:06:28.600 of those reasons is just a desire for quality control. 0:06:29.279 --> 0:06:32.040 If you take care to make sure that only approved 0:06:32.080 --> 0:06:35.760 apps are allowed on your device, you can sidestep a 0:06:35.839 --> 0:06:38.719 lot of the problems that can come about when junk 0:06:38.839 --> 0:06:42.240 software hits a platform. If we think back to the 0:06:42.240 --> 0:06:46.000 early nineteen eighties, we can remember the issues with video 0:06:46.040 --> 0:06:50.400 game consoles and how a flood of really crappy games 0:06:50.440 --> 0:06:54.320 contributed to an overall decline in popularity of consoles like 0:06:54.320 --> 0:06:59.800 the Attar, and ultimately the video game industry as a 0:07:00.000 --> 0:07:04.360 hole in the United States at least, crashed in Now, 0:07:04.400 --> 0:07:07.560 I'm not saying that crappy games caused the crash, but 0:07:07.600 --> 0:07:11.200 they were a contributing factor to it. So that's one 0:07:11.280 --> 0:07:14.520 thing you don't want to have your platform flooded with junk. 0:07:15.160 --> 0:07:19.840 But another reason is security. Computers run on code, and 0:07:19.920 --> 0:07:23.000 if you are clever, you might figure out code that 0:07:23.080 --> 0:07:27.040 can exploit a computer in some way. Now, when you're 0:07:27.040 --> 0:07:29.880 talking about a computer that's also connected to a phone 0:07:30.480 --> 0:07:34.640 or a WiFi network, exploits can go beyond affecting just 0:07:34.800 --> 0:07:37.800 a single device, and we've seen exactly what can happen 0:07:38.120 --> 0:07:41.000 with big stories like the Israeli company N s O 0:07:41.080 --> 0:07:46.200 Group and the Pegasus product that that company produces. Pegasus 0:07:47.000 --> 0:07:50.120 leverage the flaw on Apple's Eye Message that would allow 0:07:50.240 --> 0:07:53.920 someone to gain remote access to another person's phone. All 0:07:53.920 --> 0:07:56.480 it would take is for the attacker to send a 0:07:56.520 --> 0:07:59.840 message to their target through I Message, So you just 0:08:00.000 --> 0:08:02.520 had to have the target's phone number, and you just 0:08:02.600 --> 0:08:06.960 sent the the attack through I message, and the target 0:08:06.960 --> 0:08:09.280 wouldn't even have to click on a link or anything. 0:08:09.480 --> 0:08:13.120 So this was a zero click attack, and it would 0:08:13.160 --> 0:08:16.920 turn the target's phone effectively into a surveillance device like 0:08:16.960 --> 0:08:20.320 the the attacker could activate the camera or the microphone, 0:08:20.400 --> 0:08:22.920 or just you know, scroll through all the stuff that 0:08:22.920 --> 0:08:25.720 that person had been doing on that phone. And this 0:08:25.800 --> 0:08:27.920 is the kind of stuff that Apple would rather not 0:08:28.040 --> 0:08:33.840 happen for obvious reasons. And then there's the potential for revenue. 0:08:34.080 --> 0:08:36.800 If you've got the final say on what can and 0:08:36.840 --> 0:08:40.040 cannot go onto your platform, and if your platform is 0:08:40.080 --> 0:08:44.240 really popular, then you can pretty much dictate terms to 0:08:44.400 --> 0:08:47.680 app developers. You have all the leverage the developers want 0:08:47.679 --> 0:08:49.760 their apps to get in front of as many people 0:08:49.800 --> 0:08:53.760 as possible. If the people happen to really love your product, 0:08:54.120 --> 0:08:56.560 well that means the app developers are going to want 0:08:56.559 --> 0:08:59.040 to develop for you, even if you happen to put 0:08:59.080 --> 0:09:00.800 a whole bunch of whops in front of them that 0:09:00.840 --> 0:09:03.720 they have to jump through in the process. And Steve 0:09:03.800 --> 0:09:08.040 Jobs was a brilliant salesman. When he first announced the 0:09:08.080 --> 0:09:11.400 iPhone back in early two thousand seven, six months before 0:09:11.400 --> 0:09:15.120 the product would actually release, he had that audience eating 0:09:15.120 --> 0:09:18.160 out of his hand. He highlighted some pretty cool features 0:09:18.200 --> 0:09:21.760 that are standard in smartphones today, but they're really innovative. 0:09:21.800 --> 0:09:26.080 Back in early two thousand seven and before two thousand seven, 0:09:26.120 --> 0:09:31.360 smartphones were mostly clunky and utilitarian, mostly the stuff that 0:09:31.559 --> 0:09:34.559 busy executives carried so that they could stay connected to 0:09:34.600 --> 0:09:38.240 their calendars and email or you know us as a 0:09:38.280 --> 0:09:41.440 status symbol so that other executives would know how executive 0:09:41.440 --> 0:09:46.280 they were. That's some commentary there. But the iPhone was different. 0:09:46.320 --> 0:09:51.319 It was sexy, It seemed futuristic and cool, and even 0:09:51.360 --> 0:09:54.440 as a brand new product, a lot of people wanted it. 0:09:54.960 --> 0:09:58.000 In the United States, initially you could only get an 0:09:58.000 --> 0:10:01.199 iPhone if you got it on a T and T. 0:10:01.559 --> 0:10:05.280 It was the only carrier that could carry the iPhone 0:10:05.400 --> 0:10:07.439 initially in the United States, Apple and a T and 0:10:07.480 --> 0:10:10.280 T had an exclusive deal that was to last a 0:10:10.280 --> 0:10:12.680 couple of years here in the US. But even with 0:10:12.760 --> 0:10:16.319 that restriction, a lot of people wanted in, but some 0:10:16.400 --> 0:10:20.400 people wanted a little bit more. I'll explain when we 0:10:20.480 --> 0:10:30.720 come back after this quick break. So, as I was saying, 0:10:30.720 --> 0:10:34.480 there were some iPhone enthusiasts who thought the platform was awesome, 0:10:34.679 --> 0:10:38.320 but they were not satisfied with the iPhone as it launched. 0:10:38.600 --> 0:10:40.960 They knew that as a computer, you should be able 0:10:41.000 --> 0:10:44.840 to load stuff onto it, programs, apps, in other words, 0:10:45.360 --> 0:10:49.600 and the iPhone lacked certain features that most cell phones 0:10:49.600 --> 0:10:52.600 already had, including a game. There was no game on 0:10:52.640 --> 0:10:55.600 the original iPhone at all. You could go out and 0:10:55.600 --> 0:10:58.520 buy a candy bar cell phone or a flip phone, 0:10:58.520 --> 0:11:00.520 not a smartphone, just a self own and you would 0:11:00.520 --> 0:11:04.120 get Snake on it at least, or Hangman or something. 0:11:04.559 --> 0:11:07.199 But the iPhone didn't even have that. But what if 0:11:07.200 --> 0:11:11.160 you could load programs onto the iPhone? While obviously Apple 0:11:11.400 --> 0:11:13.400 did not want people to be able to do that, 0:11:13.800 --> 0:11:16.080 the company was creating the framework so that it would 0:11:16.080 --> 0:11:19.760 have this full control of that ecosystem. But in the meantime, 0:11:20.160 --> 0:11:23.839 hackers were prodding the iPhones programming and finding ways around 0:11:23.840 --> 0:11:27.560 the operating system's walled garden, and the goal was to 0:11:27.600 --> 0:11:30.480 create a way in which the user could load unauthorized 0:11:30.480 --> 0:11:34.040 apps onto their iPhone. On a technical level, what the 0:11:34.040 --> 0:11:37.880 hackers wanted to do was get administrative level access to 0:11:37.960 --> 0:11:42.000 the file systems of the iPhones operating system or iOS. 0:11:42.720 --> 0:11:46.240 That is what jail breaking is. It is dismantling or 0:11:46.400 --> 0:11:49.760 overcoming the restrictions placed on a piece of tech so 0:11:49.840 --> 0:11:53.280 that you can load whatever you want onto it and 0:11:53.400 --> 0:11:56.080 change it in whichever way you want. And in the 0:11:56.080 --> 0:11:58.800 early days the iPhone, it also meant you could potentially 0:11:59.080 --> 0:12:02.320 use an iPhone with a different carrier than whatever Apple's 0:12:02.360 --> 0:12:06.520 official partner was in that region. This is more frequently 0:12:06.600 --> 0:12:09.959 referred to as unlocking, so it's related to, but slightly 0:12:10.000 --> 0:12:13.680 different from, jail breaking. Sometimes the jail breaking process would 0:12:13.720 --> 0:12:17.559 allow you to unlock your phone, but they weren't necessarily 0:12:17.600 --> 0:12:22.320 always together. And while the term jailbreaking can apply to 0:12:22.480 --> 0:12:26.960 any walled garden ecosystem, more often than not you would 0:12:27.040 --> 0:12:31.120 encounter it in terms of Apple and specifically the iPhone 0:12:31.320 --> 0:12:34.720 and to a lesser extent, the iPad and the and 0:12:34.800 --> 0:12:38.720 the iPod Touch. I almost totally forgot what the iPod 0:12:38.760 --> 0:12:40.840 Touch was called, because it's been so long since I've 0:12:41.200 --> 0:12:44.560 seen an iPod and I think a big part of 0:12:44.600 --> 0:12:47.440 the reason why we associate this mostly with Apple is 0:12:47.480 --> 0:12:51.640 that Google, unlike Apple, when when they launched their Android 0:12:51.640 --> 0:12:55.400 phone the following year, Google decided to give users the 0:12:55.400 --> 0:12:59.839 option to load apps outside of the official Google App Store. 0:13:00.679 --> 0:13:04.400 Now that's called sideloading. So you're heading off to the 0:13:04.559 --> 0:13:08.800 side to load an app onto a device. You're not 0:13:08.840 --> 0:13:13.559 going through the official you know, Android Store, and sometimes 0:13:13.880 --> 0:13:15.800 you need to do that just for the purposes of 0:13:15.880 --> 0:13:18.240 developing an app. Right, So let's say that you are 0:13:18.280 --> 0:13:21.440 a developer. You're creating an app. The app is not 0:13:21.520 --> 0:13:24.160 ready for full rollout, so you're not gonna submit it 0:13:24.200 --> 0:13:27.280 to the app Store yet, but it's beyond the initial 0:13:27.320 --> 0:13:29.560 development phase and you want to run a beta test 0:13:29.640 --> 0:13:31.439 to make sure that the app is doing what it's 0:13:31.440 --> 0:13:35.439 supposed to do. So maybe you contact a relatively small 0:13:35.520 --> 0:13:38.439 number of folks to participate in the beta and they 0:13:38.520 --> 0:13:41.240 sideload the app. You send them like a direct link 0:13:41.559 --> 0:13:44.439 to where they can download the app and they can 0:13:44.480 --> 0:13:47.120 do that. Then you test out the app, You work 0:13:47.120 --> 0:13:49.600 out what the bugs are if there are any you're 0:13:49.679 --> 0:13:51.760 find it, and then once it's ready, then you can 0:13:51.800 --> 0:13:54.360 submit it to the official store. That happens a lot, 0:13:54.640 --> 0:13:57.480 but it does require that your testers have to go 0:13:57.559 --> 0:14:01.040 into their settings and allow it does. By default, you 0:14:01.080 --> 0:14:04.040 are not allowed to sideload apps, but you can change 0:14:04.080 --> 0:14:07.560 that feature and Android. And then there are some developers 0:14:07.559 --> 0:14:11.360 who just create apps that either they never submit to 0:14:11.360 --> 0:14:14.240 the App Store or maybe the apps got rejected for 0:14:14.280 --> 0:14:17.480 some reason, and in these cases, sideloading is really the 0:14:17.480 --> 0:14:22.920 only way users can access those applications. Google's message was, hey, y'all, 0:14:23.760 --> 0:14:27.080 this is risky, but you're all adults, so we're not 0:14:27.120 --> 0:14:29.920 gonna stop you from doing this, but we do want 0:14:29.960 --> 0:14:34.440 you to understand that it comes with potential consequences. You 0:14:34.480 --> 0:14:37.720 need to know that. So Google was saying that sideloading 0:14:38.080 --> 0:14:40.040 could lead to trouble, such as you know, you could 0:14:40.080 --> 0:14:43.040 end up installing malware on your Android device, and that 0:14:43.280 --> 0:14:46.640 does happen. But if you wanted the freedom it was 0:14:46.680 --> 0:14:48.760 yours to have, you just had to change a couple 0:14:48.760 --> 0:14:52.600 of settings on your phone. Apple, by contrast, said, the 0:14:52.680 --> 0:14:56.640 world out there is a scary place. There are bad 0:14:56.680 --> 0:14:59.720 people who will do bad things to your phone. And 0:14:59.760 --> 0:15:03.560 so we shall protect you because you do not know better. 0:15:03.840 --> 0:15:07.840 Trust in us. We know what you want before you do. 0:15:07.840 --> 0:15:10.760 Do not worry what lies outside the official app store, 0:15:11.200 --> 0:15:15.320 for nothing out there is worth your time, or something 0:15:15.880 --> 0:15:19.120 like that. I might be paraphrasing anyway, a lot of 0:15:19.200 --> 0:15:23.120 the hacker crowd felt that Apple's approach was very patronizing 0:15:23.600 --> 0:15:27.000 and very Ivory tower ish. And you know, hackers aren't 0:15:27.040 --> 0:15:29.880 super crazy about companies telling them what they can't do 0:15:30.000 --> 0:15:33.480 with their stuff. That pretty much goes directly against the 0:15:33.520 --> 0:15:37.200 hacker ethos. So you might wonder how long did it 0:15:37.240 --> 0:15:42.000 take before someone found a way around Apple's iOS protections 0:15:42.440 --> 0:15:45.440 that would allow you to install a new app on 0:15:45.560 --> 0:15:50.720 the iPhone? And the answer is eleven days approximately, So 0:15:50.760 --> 0:15:53.560 about a week and a half after the first iPhone launched, 0:15:53.880 --> 0:15:57.640 hackers created a way to bypass the walled garden. Uh 0:15:57.960 --> 0:15:59.960 one group of hackers that did this in that I'm 0:16:00.000 --> 0:16:03.560 of time, we're cheekily referring to themselves as the iPhone 0:16:03.760 --> 0:16:07.960 dev team, And initially they showed that through their process 0:16:08.120 --> 0:16:12.520 they could install custom ringtones and custom wallpapers on the iPhone, 0:16:12.600 --> 0:16:15.120 which is, you know, pretty small stuff, but a step 0:16:15.240 --> 0:16:18.320 something that you could not do if you just had 0:16:18.360 --> 0:16:23.080 an out of the box standard iPhone. Now there's no 0:16:23.120 --> 0:16:26.120 real point in going into how they did this because 0:16:26.240 --> 0:16:30.040 it gets extremely technical. Like some of the jail breaking 0:16:30.120 --> 0:16:35.440 processes for various iOS versions would be more than a 0:16:35.520 --> 0:16:38.800 hundred steps for you to complete in order to achieve 0:16:39.080 --> 0:16:42.400 the goal of jail breaking the phone. So it would 0:16:42.440 --> 0:16:45.600 be pointless for me to go through all of those. 0:16:45.600 --> 0:16:47.760 It would be meaningless for most of us, including me. 0:16:47.880 --> 0:16:50.040 I'm not I don't need to talk down to anyone. 0:16:50.400 --> 0:16:52.200 I would not understand what I was saying. I would 0:16:52.240 --> 0:16:54.800 just be reciting something. It would be as if I 0:16:54.840 --> 0:16:57.880 were saying something in a totally different language. And also, 0:16:58.840 --> 0:17:00.600 most of all that is a ale of it now, 0:17:00.680 --> 0:17:04.560 because you know, we're we're talking about a process that 0:17:04.600 --> 0:17:07.840 we see in all forms across data security, which is 0:17:08.680 --> 0:17:12.080 you get this see saw effect. So one moment, the 0:17:12.119 --> 0:17:14.840 hackers have figured out how to exploit a system, so 0:17:14.880 --> 0:17:18.320 the seesaw goes in their direction. The next moment, whatever 0:17:18.400 --> 0:17:21.159 company is behind the system ends up pushing out an 0:17:21.240 --> 0:17:25.920 update that addresses that vulnerability see sauce switches. Then the 0:17:25.960 --> 0:17:28.800 hackers get to work trying to crack that system. Switches again, 0:17:28.920 --> 0:17:31.200 and so on, and this back and forth just keeps 0:17:31.240 --> 0:17:34.320 on going. Pretty much, it will keep on going until 0:17:34.560 --> 0:17:37.719 whatever the company is it's making the thing stops making 0:17:37.760 --> 0:17:41.760 the thing. Um And of course some iOS updates would 0:17:41.800 --> 0:17:45.000 end up taking longer to crack than others. I believe 0:17:45.280 --> 0:17:47.800 that IO S fourteen, which is the most recent version, 0:17:47.960 --> 0:17:51.879 took the longest amount of time to crack if we 0:17:51.960 --> 0:17:55.040 ignore stuff like Apple TV, which took even longer. But 0:17:55.440 --> 0:18:00.159 I'm mostly focusing on iPhones here, and Apple tried to 0:18:00.160 --> 0:18:04.520 go a little bit scorched earth with their early response 0:18:04.600 --> 0:18:09.080 to to jail breaking. So the company aimed to brick 0:18:09.320 --> 0:18:11.800 phones that had been altered. First, it sent on a 0:18:11.840 --> 0:18:14.800 message that said, hey, you don't want to jail break 0:18:14.840 --> 0:18:18.960 your phone because it could affect its functionality and it 0:18:19.000 --> 0:18:22.840 could make it not function in the future. And then 0:18:23.080 --> 0:18:26.200 the company, our outright went out to try and make 0:18:26.240 --> 0:18:30.920 that happen by detecting and then breaking a phone that 0:18:31.040 --> 0:18:34.680 had been altered. And breaking means that the company essentially 0:18:34.680 --> 0:18:38.479 cuts off all functionality to the device and they render 0:18:38.520 --> 0:18:41.600 it no more useful than a brick. And actually you 0:18:41.600 --> 0:18:44.000 could argue it's less useful than a brick, because I 0:18:44.000 --> 0:18:46.960 don't know if you've tried to build afford with iPhones, 0:18:47.640 --> 0:18:51.359 but they are not stable. Hackers would release tools that 0:18:51.400 --> 0:18:54.120 would allow users to jail break their phones and then 0:18:54.280 --> 0:18:58.160 continue to update two newer versions of the iOS without 0:18:58.200 --> 0:19:00.560 having their phones get bricked in the process. US for 0:19:00.640 --> 0:19:03.480 some of those early ones, but again, this was constantly 0:19:03.480 --> 0:19:06.720 a seesaw. Apple would see how the hackers would respond 0:19:06.760 --> 0:19:08.760 and change their approach, and then the hackers would do 0:19:08.800 --> 0:19:13.280 the same. Now, the point that the hackers were aiming 0:19:13.320 --> 0:19:16.120 for was always the same. Their goal was always the same, 0:19:16.160 --> 0:19:20.200 which was to get that administrative access over the file system. Now, 0:19:20.200 --> 0:19:23.120 the method to do that would change depending upon what 0:19:23.200 --> 0:19:26.120 protections were in place, So again there's not much point 0:19:26.119 --> 0:19:28.960 in going through any of them in great detail because 0:19:29.200 --> 0:19:35.360 they would only be relevant to a specific iteration of iOS. Now, 0:19:35.400 --> 0:19:39.480 the very early jail break methodologies we're pretty obtuse if 0:19:39.520 --> 0:19:42.800 you were not technically savvy, chances are it would be 0:19:43.720 --> 0:19:46.280 two in the weeds for you to manage. And when 0:19:46.320 --> 0:19:49.119 I say you, I also mean me. I am I 0:19:49.160 --> 0:19:52.359 am certain After I've looked at just a few of 0:19:52.400 --> 0:19:55.639 the early methods, where I was reading the list of 0:19:55.680 --> 0:19:58.520 steps and everything, I would have looked at those instructions 0:19:58.560 --> 0:20:00.960 and said, yeah, no, this is too complicated. I'll just 0:20:01.000 --> 0:20:04.719 wait till Apple finally releases a snake game. But if 0:20:04.760 --> 0:20:07.760 you were more comfortable with code, and there are plenty 0:20:07.800 --> 0:20:10.879 of people who are, then it was totally doable. Some 0:20:10.920 --> 0:20:13.760 of the hackers would release instructions on how they managed 0:20:13.920 --> 0:20:17.480 to crack Apple's code. Others would just show proof that 0:20:17.560 --> 0:20:20.160 they had done it, like they would show the results, 0:20:20.440 --> 0:20:22.480 but they wouldn't explain how they did it. They would 0:20:22.560 --> 0:20:25.800 keep the method secret and that would, in their minds, 0:20:25.800 --> 0:20:30.440 hopefully prevent Apple from patching that vulnerability so quickly. Now, 0:20:30.480 --> 0:20:33.639 some hackers would go so far as to release tools 0:20:33.680 --> 0:20:36.440 that would do the jailbreaking for the user, and that 0:20:36.480 --> 0:20:41.600 would significantly simplify things. When the group Poneage Tool released 0:20:41.680 --> 0:20:45.080 the second version of their jailbreaking tool, this time it 0:20:45.240 --> 0:20:48.159 was targeting the iPhone three G, which I guess I 0:20:48.160 --> 0:20:52.560 should remind you was the second iPhone. They also introduced 0:20:52.760 --> 0:20:56.439 a tool called City that have been developed by someone else, 0:20:57.280 --> 0:21:00.200 and I'll talk more about that after we come act 0:21:00.200 --> 0:21:10.640 from this quick break. Okay, I left off with Sidia. 0:21:10.840 --> 0:21:15.560 Sidia is spelled c Y d I A and it 0:21:15.680 --> 0:21:19.080 served a few different purposes. For one thing, it was 0:21:19.119 --> 0:21:22.240 a facilitator for jail breaking, so it made it easier 0:21:22.280 --> 0:21:25.960 for users to jail break devices. But for another, it 0:21:26.080 --> 0:21:30.520 was a kind of forbidden app store. Uh. It was 0:21:30.560 --> 0:21:34.600 a way to find apps that were not covered in 0:21:34.720 --> 0:21:37.960 Apple's official app store, and it would allow you to 0:21:38.000 --> 0:21:42.120 download them. Actually, technically, Sidia came out before Apple had 0:21:42.240 --> 0:21:45.679 launched its App store, so for a while, if you 0:21:45.720 --> 0:21:48.840 wanted to download apps to your iPhone, the only way 0:21:48.880 --> 0:21:52.480 to do it was through Cidia or to hunt around 0:21:52.480 --> 0:21:55.919 in different hacker forms and find them yourself. But Sidia 0:21:56.160 --> 0:22:01.200 made that process much easier. So yeah, Sidia predated the 0:22:01.440 --> 0:22:05.840 iPhone app store by a short while, not like, not 0:22:05.960 --> 0:22:08.560 like by a significant amount, but by a month or so. 0:22:09.320 --> 0:22:11.960 And then Apple opened up its app store and had 0:22:12.000 --> 0:22:15.520 its quote unquote official approach where developers had to submit 0:22:15.600 --> 0:22:18.639 through Apple's process in order to get approved and have 0:22:18.760 --> 0:22:22.159 their app carried in the store. Now City was the 0:22:22.160 --> 0:22:25.240 brainchild of a hacker named Jay Freeman who used the 0:22:25.280 --> 0:22:29.080 handle Saric s A U r I K. He introduced 0:22:29.160 --> 0:22:33.080 Citia around two thousand eighth But, like I said, before 0:22:33.119 --> 0:22:37.080 the app store launched and Another hacker named George Hots 0:22:37.160 --> 0:22:42.040 a k A. Geo Hots or Geo Hot was unlocking 0:22:42.040 --> 0:22:45.359 in jail breaking phones too. He had first become known 0:22:45.720 --> 0:22:48.800 for not just software hacks, but actually opening up the 0:22:48.840 --> 0:22:53.280 original iPhone and changing the circuitry slightly. Uh. He did 0:22:53.320 --> 0:22:57.639 that using an eyeglasses screwdriver, a guitar pick, and a 0:22:57.680 --> 0:23:01.480 soldering iron, which meant that he could switch over the 0:23:01.520 --> 0:23:03.480 iPhone so that he would not have to use a 0:23:03.560 --> 0:23:05.600 T and T. He he switched it so you could 0:23:05.680 --> 0:23:09.919 use any simcard, and he was using a T Mobile simcards, 0:23:09.960 --> 0:23:12.200 so he could use the original iPhone on the T 0:23:12.320 --> 0:23:15.480 Mobile network, which was kind of a neat hack and 0:23:15.840 --> 0:23:18.760 it was something that a lot of people also ended 0:23:18.800 --> 0:23:22.600 up being interested in learning how to do. Another important 0:23:22.600 --> 0:23:26.480 tool in the early days of jailbreaking was jailbreak Meat 0:23:26.600 --> 0:23:29.440 two point oh. So there was the second version, obviously 0:23:29.560 --> 0:23:32.800 second full version of this tool, and it debuted a 0:23:32.840 --> 0:23:35.440 few years after the iPhone had come out. But this 0:23:35.520 --> 0:23:39.040 was a web based tool and that really simplified thinks. 0:23:39.160 --> 0:23:41.359 So to use it, all you would have to do 0:23:41.480 --> 0:23:44.639 is take your iPhone, use Safari. You would visit a 0:23:44.680 --> 0:23:48.840 specific website that hosted the jailbreak meat tool. There'd be 0:23:48.840 --> 0:23:52.320 a little button on your screen you click on that. Actually, 0:23:52.320 --> 0:23:57.200 you would technically swipe to unlock, and the site would 0:23:57.240 --> 0:24:01.040