Experiences from jailbreaking my iPhone – Part 1

I used the Evasi0n program for jailbreaking the phone. In brief, it involves backing up the phone to iTunes, letting Evasi0n do its thin

Reasons for jailbreaking:

  • Curiosity. The seductress of “let’s break something” whispered sweet-nothings in my ear.
  • Use a different browser. More specifically, I want to install ad-blocking because some of the sites are too painfully slow to load or have sucky, misleading ads.
  • Permanently disable GameCenter . To pass time on the bus ride, I play games on my phone. When I emerge from a tunnel (and there are three), the game is interrupted by the intrusive “login” that may time out if the bus hits the next tunnel. (I realize you can temporarily disable it by canceling three times; but for Job’s sake, it should just stay disabled, not restart the next day.)

    Dr. Freeman, the HEV suit cannot protect until you login to GameCenter.

The installation process was easy and hands-off. While it did its thing, I caught up on some Person of Interest episodes.

When it was done, there was an innocuous icon labeled Cydia. This is the portal to find and install apps and tweaks on the “BigBoss” repository. My first impression on running it: Holy Banner Ads! Browsing packages is horrific because each page is littered with a video and at least two banner ads. Along the I-90 corridor, page loads took upwards of a minute while stuff jumped around when ads were finally downloaded. Several times, I clicked too fast and ended stuck on whatever the ad was trying to load next. It was nearly completely unusable and decidedly not funny.

My first purchase was a paid ad blocker. Much like AdBlock for Firefox, it relies on a community-contributed source file of common ad servers.

I should note that my app purchase experience felt like I was buying from a dude in the back room of a restaurant: sketchy and leaving me wanting a shower. The process is a usability catastrophe:

  1. Click on purchase
  2. I have to login to Amazon.com (for payments). Since I don’t know what that password is, I flip over to the password manager and copy it to the buffer.
  3. When I flip back, Cydia resets and serves another suite of ads. (Shakes fist disapprovingly.)
  4. Sign into Amazon and authorize up to $10 bucks for payments, since there are other apps that look interesting. (Thank you, Amazon, for having this option to limit exposure and make purchasing quicker.)
  5. If I want to be able to reinstall the app later, it recommends I get some authenticate. Sure, because nothing motivates Apple to release a “patch” than to prevent jail breaking. Unfortunately, this is going to involve two-factor authentication and switching to that app, remembering the number and…
  6. Oh, come on, Cydia, I have to start over again? The token had expired. Searing ensued. But I timed my multi-password window before the 2FA timed
  7. Change my password on Amazon. (It was time.)
This is *nix, I know this!

The app installs in what’s basically a Linux command-line apt-get function. Though I look at a command shell all day, it’s jarring when it’s on the phone. Anyway, the blocker worked for simple apps like the browser, but was specifically set up to not work on BigBoss. I couldn’t successfully navigate through the additional hoop mentioned in its FAQ, so I resorted to plan B.

Okay, small impediment.

… install OpenSSH, shell into the phone and mess with the hosts file. The idea is simple: if I can’t filter out the request, I can alter the deal…

… I mean, change where the ad is fetched to 127.0.0.1. By pre-populating the host file with a list of ad-servers, it’ll cut down on the carp. This one was a good start.

The small promo ads don’t bother me at all.

And… aaaaaahhhhh, now usable… but wait, why did I go through this exercise in the first place?

Coming up in part 2: I hook up a firewall and learn a lot about Information Leakage.