evasi0n-works-everything-awesome

We at TechNorms were as shocked as anybody else when the hacking group calling themselves the evad3rs released a working jailbreak for iOS 7.x on Sunday. Usually, these kinds of hacks take longer. Plus, everyone expected them to wait until Apple released 7.1 and jailbreak that instead.

However, this news was too good to be true. We’re still sorting out exactly what happened, but it’s not good. At the very least, the evad3rs are guilty of some suspicious behavior with the latest jailbreak. Even though you can jailbreak your iOS 7 device now, you should wait a couple days to wait for the community to sort out the whole mess. It’s bad.

The TaiG Problem

Let’s start with how jailbreaking works. You put a group of very smart people (in this case, the evad3rs) in a virtual room together and give them a copy of the latest version of iOS.

They dig into it, take it apart, and figure out a flaw in the code. These flaws are called exploits. You can use an exploit to load unauthorized code that lets you run jailbroken software.

No, exploit, no jailbreak. They’re valuable and in short supply. Apple patches each one after it’s released as part of a jailbreak. Once you use an exploit, it’s gone.

taig-website-working-condition

The evad3rs were approached by a Chinese company named TaiG. It wanted to “sponsor” the next iOS 7 jailbreak.

The evad3rs took it to Jay “saurik” Freeman, the guy who runs Cydia and commands a lot of respect from the community. He didn’t like the deal and told them he’d try to find anther sponsorship deal for the iOS 7 jailbreak.

The evad3rs disliked saurik’s alternate suggestions and decided to cut him out of the deal. They told him to contact them through a middleman from that point on.

The evad3rs continued their deal with TaiG. If the user’s Mac or PC and their iDevice both had the language set to Chinese, the iOS 7 jailbreak would install the TaiG app store without telling the user.

For including TaiG, the hackers got two important assurances. One, they would be paid $1 million. Two, the TaiG store would have no pirated materials.

On the first matter, TaiG came through and paid the money. On the second, though, it failed. Despite assurances to the contrary, the store contained piracy at launch.

Saurik Spurned

While all this was going on, saurik was approached by another party. We’ll call them the Other Guys.

The Other Guys were working on an alternate iOS 7 jailbreak and wanted saurik’s help. Remember, saurik’s a certifiable genius at programming and this stuff. He knows jailbreaking.

saurik-flesh-good-programming

Additionally, saurik still disliked the TaiG deal. He thought they were suspicious, and including them in the iOS 7 jailbreak would be a negative.

“So, yes: someone approached me with a potential jailbreak; the goal being to get a non-piracy-laden jailbreak out; this does not seem bad…” he tweeted.

“…in particular, I do not see how it is “backstabbing” @evad3rs (as some claim: it was unlikely to work, and was mostly just ‘having fun’.”

The Release

It’s at this point that the evad3rs learn that saurik is working with someone else on a new jailbreak. That’s not good. If saurik comes up with something before they do, the whole TaiG deal is dead.

Planetbeing, a member of the evad3rs, responded to saurik on Reddit that they couldn’t trust him.

“You pulled out of the negotiations at a really suspicious time (which we later found out) while not telling us ANYTHING about working with other people. It really made us feel like we were being lied to, while we were completely forthright about everything to you.

“I’m sorry if there were any misunderstandings but we felt that we couldn’t trust you completely after we learned of it.”

iDownloadBlog claims to have a source which revealed the team’s thinking to them. “As our source claims, the evad3rs had spent so many hours on this jailbreak, that they couldn’t afford to have their work undermined by another team.”

george-geohot-hotz-rooted-android-phone

An additional motivator was the resurgence of George “geohot” Hotz, the talented hacker who broke into the PS3 and was “racing them to release a jailbreak first.”

The last fact offers the most critical reason why the evad3rs decided to rush their jailbreak out the door.

“These other teams, including geohot’s were suspected to release a jailbreak with key vulnerabilities that the evad3rs wanted to keep for future jailbreaks.

“Vulnerabilities exploited by the evad3rs in evasi0n7 had been carefully handpicked as a strategy to keep a lead on Apple’s patches.”

Thus, they decided to push evasi0n7 out the door as fast as possible and surprise everyone.

The Fallout

The evad3rs actions sent shockwaves through the jailbreak community. No one was ready for anything like this – it shocked even the players involved.

Saurik was irritated because of Cydia and Mobile Substrate, the gooey center for most jailbreak tweaks, was unprepared.

The jailbreak users were unhappy at the prospect of a Chinese company’s software bundled in with evasi0n7 without the users’ consent or any kind of forewarning.

TaiG’s website was hacked and defaced in retribution. The attackers left a message in Chinese on the page. The site is replaced, but you can read the cached copy:

website-current-shape-nearly-interesting

Translated, it reads:

To a certain corporation,

Thanks for bricking our devices on Christmas

Thanks for bundling TaiG

Seeing as you guys have got the money to “partner” with the Evad3rs

Why not do the community a service?

You guys should replace the bricked* devices for free

This is a huge letdown, you guys have defeated the whole ideology behind jailbreaking

Can’t you guys just stop challenging how low users are willing to go?

Other jailbreak developers spoke up on Twitter about the problems with TaiG’s app store.

Grant “chpwn” Paul tweeted: “Fun fact: evasi0n (china edition) comes pre-installed with a repository listing pirated versions of all my tweaks.”

chpwn-tweeted-image-taig-store

Chpwn expressed discontent with the whole affair on Twitter, saying “Jailbreak just isn’t fun anymore.”

Fellow developer winocm echoed his thoughts, tweeting “There’s no point in a community that prides itself over donations and sellouts versus open-source utilities.”

Finally, the evad3rs gave up. Developer pod2g tweeted, “We have decided to remotely disable the default installation of TaiG in China for further investigations on the piracy issue.”

Final Thoughts

The entire thing is a disaster. At every step, the evad3rs behaved irresponsibly and made poor choices.

First, they should have communicated more with saurik. Petty personal disputes shouldn’t make you stop talking to each other. In the end, everybody loses when you don’t work together to make a superior product.

Second, the evad3rs should have absolutely revealed their deal with TaiG before release. It looks a hundred times shadier when you don’t tell users before release.

Finding sponsors is fine. Nobody would deny that the evad3rs work hard and make jailbreaking possible for the benefit of the whole community. However, you need to be open and transparent about it. You need to tell the users.

Hopefully, everyone can learn something from this trainwreck and avoid repeating these mistakes again.

Jailbreaking shouldn’t be this serious. Tinkering with phones should remain drama-free. When it’s not, you get… well, this.