惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
T
The Blog of Author Tim Ferriss
S
SegmentFault 最新的问题
D
DataBreaches.Net
博客园_首页
罗磊的独立博客
B
Blog
T
Threat Research - Cisco Blogs
C
Cisco Blogs
GbyAI
GbyAI
Engineering at Meta
Engineering at Meta
WordPress大学
WordPress大学
G
GRAHAM CLULEY
H
Help Net Security
酷 壳 – CoolShell
酷 壳 – CoolShell
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
爱范儿
爱范儿
SecWiki News
SecWiki News
T
Threatpost
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Schneier on Security
Schneier on Security
T
The Exploit Database - CXSecurity.com
Google Online Security Blog
Google Online Security Blog
T
Tor Project blog
小众软件
小众软件
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Y
Y Combinator Blog
H
Hacker News: Front Page
V
V2EX
Security Latest
Security Latest
Cloudbric
Cloudbric
Simon Willison's Weblog
Simon Willison's Weblog
Attack and Defense Labs
Attack and Defense Labs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
P
Proofpoint News Feed
博客园 - 三生石上(FineUI控件)
NISL@THU
NISL@THU
S
Secure Thoughts
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
V2EX - 技术
V2EX - 技术
Vercel News
Vercel News
P
Palo Alto Networks Blog
IT之家
IT之家
MyScale Blog
MyScale Blog
有赞技术团队
有赞技术团队
Application and Cybersecurity Blog
Application and Cybersecurity Blog
D
Docker
Google DeepMind News
Google DeepMind News
Webroot Blog
Webroot Blog

Peter Steinberger

OpenClaw, OpenAI and the future | Peter Steinberger Shipping at Inference-Speed | Peter Steinberger The Signature Flicker | Peter Steinberger Just Talk To It - the no-bs Way of Agentic Engineering | Peter Steinberger Claude Code Anonymous | Peter Steinberger Live Coding Session: Building Arena | Peter Steinberger My Current AI Dev Workflow | Peter Steinberger Essential Reading for Agentic Engineers - August 2025 | Peter Steinberger Just One More Prompt | Peter Steinberger Poltergeist: The Ghost That Keeps Your Builds Fresh | Peter Steinberger Don't read this Startup Slop | Peter Steinberger Essential Reading for Agentic Engineers - July 2025 | Peter Steinberger Self-Hosting AI Models After Claude's Usage Limits | Peter Steinberger Logging Privacy Shenanigans | Peter Steinberger VibeTunnel's first AI-anniversary | Peter Steinberger Making AppleScript Work in macOS CLI Tools: The Undocumented Parts | Peter Steinberger Peekaboo 2.0 – Free the CLI from its MCP shackles | Peter Steinberger Command your Claude Code Army, Reloaded | Peter Steinberger Essential Reading for Agentic Engineers | Peter Steinberger Slot Machines for Programmers: How Peter Builds Apps 20x Faster with AI | Peter Steinberger My AI Workflow for Understanding Any Codebase | Peter Steinberger stats.store: Privacy-First Sparkle Analytics | Peter Steinberger Showing Settings from macOS Menu Bar Items: A 5-Hour Journey | Peter Steinberger VibeTunnel: Turn Any Browser into Your Mac's Terminal | Peter Steinberger Vibe Meter 2.0: Calculating Claude Code Usage with Token Counting | Peter Steinberger llm.codes: Make Apple Docs AI-Readable | Peter Steinberger Automatic Observation Tracking in UIKit and AppKit: The Feature Apple Forgot to Mention | Peter Steinberger Peekaboo MCP – lightning-fast macOS screenshots for AI agents | Peter Steinberger Migrating 700+ Tests to Swift Testing: A Real-World Experience | Peter Steinberger Commanding Your Claude Code Army | Peter Steinberger Code Signing and Notarization: Sparkle and Tears | Peter Steinberger Vibe Meter: Monitor Your AI Costs | Peter Steinberger Claude Code is My Computer | Peter Steinberger Stop Over-thinking AI Subscriptions | Peter Steinberger Introducing Demark: HTML in. MD out. Blink-fast. | Peter Steinberger The Future of Vibe Coding: Building with AI, Live and Unfiltered | Peter Steinberger MCP Best Practices | Peter Steinberger Finding My Spark Again | Peter Steinberger Top-Level Menu Visibility in SwiftUI for macOS | Peter Steinberger Fixing keyboardShortcut in SwiftUI | Peter Steinberger Supporting Both Tap and Long Press on a Button in SwiftUI | Peter Steinberger On Using Apple Silicon Mac Mini for Continuous Integration | Peter Steinberger Apple Silicon M1: A Developer's Perspective | Peter Steinberger Gardening Your Twitter: Curating Your Timeline | Peter Steinberger Gardening Your Twitter: Growing Your Followers | Peter Steinberger Forbidden Controls in Catalyst: Optimize Interface for Mac | Peter Steinberger Disabling Keyboard Avoidance in SwiftUI's UIHostingController | Peter Steinberger The State of SwiftUI | Peter Steinberger Logging in Swift | Peter Steinberger Building with Swift Trunk Development Snapshots | Peter Steinberger Calling Super at Runtime in Swift | Peter Steinberger zld — A Faster Version of Apple's Linker | Peter Steinberger How to Fix LLDB: Couldn't IRGen Expression | Peter Steinberger Updating macOS on a Hackintosh | Peter Steinberger InterposeKit — Elegant Swizzling in Swift | Peter Steinberger The Great Mac Catalyst Text Input Crash Hunt | Peter Steinberger Network Kernel Core Dump | Peter Steinberger How to macOS Core Dump | Peter Steinberger Kernel Panics and Surprise boot-args | Peter Steinberger The LG UltraFine 5K, kernel_task, and Me | Peter Steinberger Let's Try This Again | Peter Steinberger How We Work at PSPDFKit | Peter Steinberger Swizzling in Swift | Peter Steinberger WWDC for First-Timers, 2019 Edition | Peter Steinberger Challenges of Adopting Drag and Drop | Peter Steinberger Marzipan: Porting iOS Apps to the Mac | Peter Steinberger How to Use Slack and Not Go Crazy | Peter Steinberger Hardcore Debugging - Heavy Weapons for Hard Bugs | Peter Steinberger Binary Frameworks in Swift | Peter Steinberger Even Swiftier Objective-C | Peter Steinberger The Case for Deprecating UITableView | Peter Steinberger Running tests with Clang Address Sanitizer | Peter Steinberger UI testing on iOS, without busy waiting | Peter Steinberger Hiring a distributed team | Peter Steinberger Writing Good Bug Reports | Peter Steinberger Real-time collaboration, Apple, and you | Peter Steinberger Converting Xcode Test Runs to JUnit, the Fast Way | Peter Steinberger Efficient iOS Version Checking | Peter Steinberger Investigating Thread Safety of UIImage | Peter Steinberger Swifty Objective-C | Peter Steinberger Running UI Tests on iOS With Ludicrous Speed | Peter Steinberger A Pragmatic Approach to Cross-Platform | Peter Steinberger Surprises with Swift Extensions | Peter Steinberger Using ccache for Fun and Profit | Peter Steinberger UITableViewController designated initializer woes | Peter Steinberger Researching ResearchKit | Peter Steinberger The curious case of rotation with multiple windows on iOS 8 | Peter Steinberger UIKit Debug Mode | Peter Steinberger Retrofitting containsString: on iOS 7 | Peter Steinberger A Story About Swizzling "the Right Way™" and Touch Forwarding | Peter Steinberger Hacking with Aspects | Peter Steinberger Fixing UITextView On iOS 7 | Peter Steinberger Fixing What Apple Doesn't | Peter Steinberger How To Inspect The View Hierarchy Of Third-Party Apps | Peter Steinberger Fixing UISearchDisplayController On iOS 7 | Peter Steinberger Smart Proxy Delegation | Peter Steinberger Adding Keyboard Shortcuts To UIAlertView | Peter Steinberger How To Center Content Within UIScrollView | Peter Steinberger UIAppearance for Custom Views | Peter Steinberger Hacking Block Support Into UIMenuItem | Peter Steinberger
Jailbreaking for iOS Developers | Peter Steinberger
Peter Steinberger · 2020-05-26 · via Peter Steinberger

Jailbreaking is something that’s rarely discussed in the iOS developer community — which is unfortunate, because it’s amazing. Let’s walk through a few useful things you can do with it. (Picture by @mnzthegreat.)

Update May 30: The details of the 13.5 unc0ver exploit are now online. Expect Apple to patch this quickly.

Definition & Legality

iOS jailbreaking is a privilege escalation to remove software restrictions imposed by Apple on iOS, tvOS, and watchOS. This is done through a series of kernel patches. This jailbreaking allows root access to iOS, allowing the downloading and installing of additional applications and extensions which are unavailable through the official Apple App Store (source).

You might be wondering: Is this legal? This depends on your country, but jailbreaking is legal in Austria, Germany, Canada, India, New Zealand, the United Kingdom, and the United States. With the exception of the latest iOS 13.5 jailbreak, all major jailbreaks since 10 have been based on publicly available exploits, which were reported to Apple before.

If you don’t want to risk jailbreaking, you can still install some apps with AltStore, which signs apps on your Mac.

Motivation

Jailbreaking is looked down on by some because it can be used to pirate apps. But there are many other much more noble or interesting reasons as to why it’s worth exploring — like enhancing accessibility:

I have a special needs son for whom I jailbreak iDevices to support his disability. It is life changing for us.

— GadgetGal (@GadgetGal_) May 25, 2020

Here is a list of reasons why you might want to jailbreak:

Many tweaks either modify apps themselves or integrate into Settings:

Beware: Some apps (like banking apps) might include a jailbreak detection and won’t work if they detect Cydia. However, this also can be circumvented with the right tweak.

State of Jailbreaking

There has never been a better time for jailbreaking. From iOS 10–13, including the just-released iOS 13.5, almost every version can be hacked. This is also somewhat worrying, as exploits require security flaws, and we’re now at a stage where exploit platforms aren’t paying for any additional exploits because they already have too many.

Reddit maintains a great overview of the current jailbreak availability situation (this GSheet is even more detailed). The two most interesting ones (as of May 2020) are:

  • checkra1n, which uses the Checkm8 exploit, which is an unpatchable vulnerability in the iOS bootrom for all devices from A5–A11 (everything up to iPhone X)

  • unc0ver, a semi-untethered jailbreak using various hacks, just updated for iOS 13.5.

checkra1n is semi-tethered, while unc0ver is semi-untethered (see types of jailbreaks). You need to retrigger the jailbreak after a reboot to patch the kernel so that it can run unsigned code. I recommend using AltStore to install the Jailbreak (see this guide).

Both variants are stable and don’t drain battery life or prevent use of Apple services like iCloud, Apple Pay, or iMessage, as was the case with some earlier variants. Apple’s user data protections and sandbox security is preserved.

Adding Repositories to Cydia

Cydia is the oldest and most common alternative App Store for iOS. It’s automatically installed for most jailbreaks, and it has a convenient UI for the apt-get packager it comes with. In the past, you could also buy apps through Cydia, but nowadays, most apps are sold via third-party repositories. These offer free and paid apps (via PayPal or credit card) and can be easily added to Cydia. Below I’ve listed the ones I’d recommend:

Heads up: Cydia hosts many tweaks that are outdated and will not work on iOS 13. It’s best to check /r/jailbreak or iDownloadBlog to find tweaks that work.

If you’re looking for a modern replacement for Cydia, there are quite a few alternative package managers out there. I really liked Zebra, and it’s also open source.

Preserve SHSH2 Blobs

A SHSH blob is a small piece of data that is part of Apple’s digital signature protocol for iOS restores and updates.

As of the time of writing this post, Apple signs iOS 13.4.1 and iOS 13.5, and you can expect 13.4.1 will be removed in a few days. With saving this blob, you can downgrade at any time without being dependent on Apple.

There are many ways to save these. I recommend blobsaver, as it saves the blobs on disk instead of relying on cloud services. Tools like futurerestore can then be used to downgrade (read more here). Store them; you never know when they might come in handy.

With that out of the way, let’s explore all we can do with our new superpowers!

SSL Kill Switch

SSL Kill Switch 2 is a tweak to disable SSL certificate validation on a device. This is useful for seeing which data apps send via an MITM proxy such as Charles. To use this, do the following:

  • Install PreferenceLoader (dependency) and Filza (file browser) on Cydia.
  • Download the latest version from GitHub (deb file).
  • Open Filza and navigate to /private/var/mobile/Library/Mobile Documents/com~apple~CloudDocs/Downloads.
  • Open the downloaded com.nablac0d3.sslkillswitch2_0.14.deb (or similar) and press Install.
  • Respring (Restart SpringBoard).
  • Find SSL Kill Switch 2 in iOS Settings.

If you’re curious how this works on a technical level, here’s a writeup for iOS 12. You can also just explore the source on GitHub.

FLEX In-App Debugging

FLEX is an open source in-app debugging and exploration tool for iOS by @NSExceptional. It’s amazing what you can do with it. Want the weather background as your homescreen background? No problem.

{% twitter https://twitter.com/nsexceptional/status/1250353513923674114 %}

To install, download FLEXing, reboot your device, and then tap on the status bar to load FLEX. You can browse the classes and inspect the view hierarchy with a 3D debugger, similar to how you can with Reveal. Here’s Spotify:

Of course, you can also inspect apps written in SwiftUI, like the popular ACHNBrowserUI. Back in 2013, I used Reveal for inspecting the view hierarchy of apps, but it’s way more fun to play around on device.

More Useful Cydia Apps & Tweaks

  • iPadify — install iPad-only apps such as Playgrounds, native picture-in-picture
  • Prysm — a feature-rich control center for iOS
  • Reveal Loader — load Reveal to any app
  • TapTapFlip — double tap to flip the camera in the Camera app
  • Supercharge — create simple tweaks on the device
  • Snapper 2 — crop screenshots before taking them
  • Frida — a dynamic instrumentation / code injection toolkit
  • FrontCamUnmirror — self explanatory
  • CopyLog — a powerful clipboard history manager
  • HomePlus — a homescreen layout manager
  • FiveIconDock13 — self explanatory
  • Springtomize 5 — tweak the homescreen
  • TweakRestrictor — disable tweaks for some apps, so as to not get banned (e.g. Snapchat)
  • Barmoji and DockX — add quick actions below the keyboard
  • Evil Scheme — change your default web browser, maps navigator, package manager, and more!

Many tweaks are also open source, which is a great opportunity to learn. Check out FLEX, Sleeper (tweaks the stock iOS alarms app), Open Source Tweaks, or the collection at iPhoneDevWiki.

This is by no means a complete list. You can see some inspiration here. Thanks to everyone who responded to my tweet to help me collect these gems. Know a tweak I absolutely need to mention? Hit me up on Twitter!