Jay Freeman (saurik)
@saurik
Followers
423K
Following
140
Media
52
Statuses
1K
I developed Cydia for jailbroken iOS devices and am now (theoretically) in charge of technology for @OrchidProtocol; I am also a local politician in California.
Isla Vista, CA
Joined May 2007
Last week, I discovered (and reported) a critical bug (which has been fully patched) in @optimismPBC (a "layer 2 scaling solution" for Ethereum) that would have allowed an attacker to print arbitrary quantity of tokens, for which I won a $2,000,042 bounty.
208
861
6K
Substrate 0.9.7000 is my most well-tested update ever, verified to work on iOS 3.0, 4.3.1, 5.1.1, 6.1.3, 7.1.2, 8.0, 9.0.2, 10.1.1 (mach_portal), 11.1.2 (Extender), and 11.3.1 (unc0ver). I expect it will fail anyway :(. If you want to try it, add to Cydia.
514
941
4K
Hi @tim_cook. iOS is the *only* major platform which not only pulls VPN apps from its market but also requires users to "enroll" and pay $100 a year to use the VPN APIs locally. As far as I'm concerned, you are directly supporting authoritative regimes :/.
253
993
3K
(I have now spent over a decade working on Cydia and fighting against Apple's harmful platform control. In these years, I have never once reached out to either Steve Jobs or Tim Cook. until today. and I seriously managed to type "authoritaTIVE" instead of "authoritaRIAN" ;P.).
347
419
3K
Cydia just joined the legal battle against Apple: "A new lawsuit brought by one of Apple's oldest foes seeks to force the iPhone maker to allow alternatives to the App Store, the latest in a growing number of cases that aim to curb the tech giant's power."
101
568
3K
About two weeks ago, Apple made a change to their provisioning service to require a different authentication scheme for "free" Apple accounts (they return an error that mentions upgrading to "Xcode 7.3"); this broke Cydia Impactor for users without a paid Apple Developer account.
150
314
2K
For those who dare to experience @qwertyoruiopz's "unstable/glitchy" beta jailbreak IPA for iOS 10.0-10.1.1, Cydia Impactor 0.9.35 is ready!.
208
809
2K
Truly, jailbreaking should have stopped during the iOS 9 era, if not before; there is a reason essentially all of the reasonable developers left long ago and the community is largely now run by bullies. Everything that we do now just digs jailbreaking a deeper hole, full of fail.
194
278
2K
A few days ago, Epic Games filed a lawsuit against Apple, challenging the idea that the Apple App Store--with its high fees and limitation on promotion of anything that isn't an Apple product or payment mechanism--is the only way to distribute apps on iOS.
58
412
2K
Cydia Impactor 0.9.43—an update *for Windows only*—fixes the "Peer certificate cannot be authenticated with given CA certificates" error :(.
270
324
1K
I am the only commissioner at the #CALAFCo (California Association of Local Agency Formation Commissions) 2019 Annual Conference here representing the United Federation of Planets! I was a bit saddened to not see a regional round table for the Alpha Quadrant :(. #Halloween2019 🎃
169
116
1K
In the mean time, I owe nobody anything and nothing I have would help anyone anyway (and particularly won't help anyone trying to support A12). I really wish everyone would just forget Cydia exists and move on with their lives; anything would be better than dealing with all this.
142
162
1K
So far, I've only had a few days to work on A12 Substrate (something I couldn't even start doing until a few weeks ago, when I was given the first jailbreak build useful for testing with). I do not understand why anyone thinks I am able to spend all of my time on this anymore :(.
78
131
1K
Today, Cloudflare made WARP, their VPN service with an unlimited free tier, available to everyone; it only has clients for iOS and Android, but the protocol they are using seems to be off-the-shelf Wireguard, so you can connect from macOS! Run this script:
37
229
1K
Apple insists they had no choice but to pull VPN apps in China, as they "follow the law wherever they do business". However, restricting the Network Extensions API (needed for custom VPN protocols that can bypass a firewall) is above and beyond reasonable.
50
194
1K
I just spent an hour using an iPhone to take videos of iPhones taking video of an iPhone (with a fifth iPhone to take a video of the rest) to verify this: the iPhone 11 Pro Max on iOS 13 has an additional 50-66ms of latency in its camera preview vs. the iPhone XS Max on iOS 12.4.
54
133
1K
FWIW, it is entirely possible that someone, using techniques I find "sloppy"--the kind of stuff that led to the iOS 11 stability issues (lots of kernel data patches to do stuff like mark processes as being actively debugged) can make A12 work easily--_I_ have no interest in that.
148
151
1K
I believe in Free Software and have published most of my work open source under LGPL/GPL/AGPL (notably including Cydia, Cycript, WinterBoard, ldid, and now my work on Orchid). I'm glad to see Richard Stallman leave, and hope this starts a new era for the Free Software Foundation.
Richard M. Stallman has resigned as FSF president and from the board of directors:
45
162
1K
Cydia Impactor 0.9.39 fixes the SSL certificate verification error seen while signing IPA files on Windows. It also includes Cydia Extender.
100
331
1K
Substrate 0.9.5000 has been released, with support for iOS 7 and ARM64. (For extensions to work on ARM64, they must be recompiled to ARM64.).
778
2K
1K
In June of 2019, Facebook suspended my Cydia app, removing its access to Facebook login and locking users out of their Cydia accounts, which required a slow (on both sides: Facebook and I each were taking months to respond to the other ;P) back and forth of interrogations to fix.
53
85
980
Does anyone else find it strange that both Apple and Google not only allow but in fact require privacy policies for apps to be hosted on external websites, meaning that to view an app's privacy policy you must connect to their server and already subject yourself to their logging?.
46
146
887
Regardless, in early September of 2020, I was able to get Facebook to reinstate the Cydia app. though they made it sound tenuous enough that I waited until now--when I'm finally feeling confident-ish--to reactivate the button, in case anyone still has reason to log in to Cydia.
55
60
886
I am once again at #DragonCon2016 in Atlanta! I'm on two panels and also giving a talk. See:
53
124
801
Due to a largely-unrelated conversation I had last week, I actually looked at my Twitter notifications. What I saw: a large number of spectators arguing, in language foul enough that the Twitter app has to give me "may contain offensive content" warnings, about what I'm doing :/.
55
87
800
In particular, harassing me and everyone around me via every communication channel you can figure out to contact me is _not_ going to make me somehow care _more_ about doing this: all you are doing is making me deeply regret having returned. I gain nothing from doing any of this.
22
66
771
Back in 2016, I was elected to the board of a small special district in California--a new government I helped create for Isla Vista, the college town next to UC Santa Barbara (where I studied Computer Science twenty years ago and never left)--we meet twice a month for ~2-3 hours.
62
65
774
I think @PanguTeam's iOS 9.3 jailbreak is indirectly DoS'ing Apple's servers from so many users sideloading the IPA.
50
340
770
The Copyright Office granted DMCA exemptions for jailbreaking: smartphones, tablets & other all-purpose mobile computing devices, smart TVs!.
44
700
753
For more detail, I'll highly recommend reading our complaint: "This lawsuit seeks to open the markets for iOS app distribution and iOS app payment processing to those who wish to compete fairly with Apple, and to recover the enormous damages Apple caused."
35
128
770
_If_ (yes: "if") I ever release A12 Substrate, it will not only be because I found a good way to achieve the goal that I consider "stable", but it will also be because I have, at least momentarily, come to enjoy the process of working on it again; that might _never_ come to pass.
41
65
731
@Pwn20wnd @i0sd3v @r4m3n_n00d13s Given that I had complete control over what package manager I used at the time, as well as complete control over the architecture of the software stack, I could have *easily* designed Cydia to let it not be open source; I did not do that, because I wanted Cydia to be open source.
30
75
706
PSA: @PanguTeam's iOS 9.2-9.3.3 jailbreak is 100% free, as is Cydia Impactor; do NOT pay any website $20 for either.
36
303
693
If you are waiting to jailbreak your iOS 8.0-8.1 device until things are "stable enough": we now seem to be ready! ;P http://t.co/XRUU74p7i8.
101
797
693
I rebooted an iPhone 6S running iOS 9.0.2 jailbroken with Pangu9 almost 1100 times today: 85% of boots worked, 0.4% took 10 minutes to fail.
101
377
674
(Cydia Extender isn't what many are assuming; and it seems to require a paid developer account to install, which I failed to notice? *sigh*).
90
155
669
At #BlackHat2016, Apple just announced a new Security Bounty program and has promised to prioritize pushing updates.
30
293
628
It maybe should be made more clear that, while I was actively killing myself--stealing time and racking up stress--to build a stable iOS 11 jailbreak for two or three months at the end of 2017 and beginning of 2018, I finally quit entirely in early 2018 due to developer toxicity.
16
72
648
I did not promise to anyone--including Sam Bingner, the only person I've been talking to at all--that I would be able to finish A12 Substrate ASAP; in fact, what I told Sam Bingner was that I was really busy due to a product launch for my day job, and he said he wouldn't rush me.
33
59
630
Reminder: I have had a "day job" since mid-2017. People seem to still be operating under some expectation that my life revolves around jailbreaking: it doesn't, and I frankly regret that it ever did; if I could give "past Jay" advice, it would be "don't waste your life on Cydia".
16
55
623
In 2016, I ran for 3rd District County Supervisor in Santa Barbara (and lost). I've been told (after) that, had I run for California State Assembly District 37, I might've had institutional support! Some days, I dream about the bills I could've floated ;P.
42
67
623
I will be giving a talk about the bug at @EthereumDenver, Friday, February 18th: 9:40am MST on the Infinity Stage. My talk will be live-streamed, presumably to the #ETHDenver YouTube channel: Look out for "Attacking an Ethereum L2 with Unbridled Optimism"!.
10
65
641
It is absolutely ludicrous to me that people are assuming that I would do this work _at all_ much less that I should _already have finished it_. "best case" I would never have expected to have had this done by now, as I honestly think this will be more than three weeks of work!.
23
50
594
When Apple did this, I'd just arrived in Florida for a wedding (one of a dear friend and where I was a groomsman); even so, I stayed up ludicrously late the night before the ceremony rehearsal to understand the issue and try to triage how much it would hurt to fix Cydia Impactor.
3
25
599
As @i0n1c noted, a kernel patch (on CS_RESTRICT) is the simple fix for Substrate on iOS 8.3; @taig_jailbreak should have an update out soon.
65
505
581
Cydia now allows self-service refunds within one day of purchase if the package has been uninstalled; also: the Store is now up for 9.2/9.3.
46
287
569
The TaiG 8.1.3-8.x Untether, version 2.1.2, supports Substrate! This package is available as an update in Cydia (from our Cydia repository).
97
451
570
Anyone claiming "substrated handles kernel patches" has no clue what they are talking about: the reason I disagreed with jailbreakd was because it entrenched specific and _pervasive_ kernel data patches to do something as basic as code injection; Substrate doesn't do any of that.
6
60
568
Which should remind all of us of another lawsuit currently ongoing with Apple: their attempt to crush @CorelliumHQ, the company which launched an iPhone virtualization service to enable security research without jailbreaks and automate testing of iOS apps.
10
102
565
Cydia 1.1.17 fixes the "cannot identify your device" error on iOS 8.3. (No: this is not a Substrate update; TaiG says they are fixing that.).
106
388
529
I actually am very interested in doing this work; but, as I have stated before, I also now have a day job where I'm in charge of technology for a company that absolutely must release its product within the next few weeks. I just can't take weeks off right now to work on Cydia :(.
3
31
549
(If myacinfo were to be deactivated entirely, that would also affect the deployment tools used by larger companies such as Facebook and Google, something Apple might enjoy rather than shy away from; if I were @FastlaneTools, I would be paying close attention to what is going on.).
32
32
537
Cydia 1.1.19, now released, no longer runs as root (even momentarily!), which means that Cydia Substrate is now able to modify Cydia itself.
76
426
543
Cydia Impactor (unlike, say, ReProvision) is intended to run on stock desktop platforms (macOS, Windows, and Linux); to support this new authentication scheme will require spending some time—I'd guess well over a week?—reverse engineering Apple's code to achieve interoperability.
4
22
531
Honestly, I am not sure Substrate for iOS 11 was a "healthy" achievement; I still enjoy working on Impactor (and have some major updates that I want to release), but it just doesn't seem possible anymore to have fun on Substrate :(. That said, I _am_ quite proud of its stability.
14
38
513
I want to make certain a big thank you goes out to @rpetrich, @Surenix, and @kylematthews, without whose help Cydia 1.1.9 would have sucked.
368
579
506
(Note: right now, Apple chose to only target people without paid Developer accounts; but they know as well as we that this is merely a speed bump; so, I wonder if they might intend to fully deprecate myacinfo due to security issues and are using free developers to derisk impact.).
9
27
503
#ifihadglass I would jailbreak it and modify the software (obviously). As Google actually sold me one; I did my part. http://t.co/GGYtCjV42Z.
84
1K
520
iOS 9 changed the 32-bit pagesize on 64-bit CPUs from 4096 bytes to 16384: all 32-bit binaries must now be compiled with -Wl,-segalign,4000.
46
371
509
(I then told myself I shouldn't be working on this at the wedding unless I had a fast fix (which I didn't), was being swamped with an audit deadline at work I needed to hit, frankly hate having to wade into the "eta wen" posts, and honestly wanted to see what other people found.).
2
18
510
This community operates under a broken concept of software that "anyone can update anything": no, if you are able to update something like Substrate, you can also rewrite it from scratch: jailbreaks and code injection tools are the result of hard research, not engineering effort.
11
41
487
Cydia 1.1.18 fixes a bug introduced in 1.1.17 that would cause SpringBoard to lock up if it was killed by a user with the iOS task switcher.
118
262
486
Now with @planetbeing, @pimskeks, and @PanguTeam watching Behind the Scenes of iOS Security by @radian (from Apple).
7
122
477
(FWIW, I am actually impressed with the "creative workaround" (a plugin for Apple Mail) that @rileytestut came up with for @altstoreio's AltServer (which is largely based on the open source code for Cydia Impactor's core, ldid!) and am interested to see what he does for Windows.).
3
23
472
After the Cydia 1.1.17 update, some users saw blank pages under Manage Account; this was due to load, and is fixed: I've made it 20x faster.
111
215
453
WinterBoard 0.9.3912 (just released) runs on iOS 7 and seems compatible with ARM64; theme artists are encouraged to report any crashes/bugs.
294
928
457
In case anyone is using libplist to parse plist files for security scanning, here are some fun parser differentials.
26
121
455
(Alternatively, I could drop support for Linux—which honestly feels like "defeat" :(—to only support macOS and Windows, in which case I spend my time ripping apart iTunes to figure out where it is storing its keys on Windows; but this would be easy for Apple to repeatedly break.).
5
23
448
In its most recent complaint, Apple continues to insist that @Pwn20wnd's usage of Corellium's product to help test and more rapidly develop the Unc0ver jailbreak for iOS 12 was an "unlawful end", entirely ignoring the USC Section 1201(f) interop exemption.
Shoutout to @CorelliumHQ for giving me access to their amazing platform. This means that I will now be able to test unc0ver on any device running any firmware with extended debugging capabilities!.
3
52
445
Regardless, I'm simply not in a position to dedicate time to this until mid-December; and I also do not have much good advice for users, other than to annoyingly note that if you buy an Apple developer account, Cydia Impactor works and you can install apps on hundreds of devices.
9
25
441
Yet, in October of 2018, when I was contacted by Sam Bingner--someone I find reasonable--saying Substitute was never stable and suggesting he could offload a lot of the pain I didn't want to deal with (including "dealing with other people") so I could release Substrate, I agreed.
3
34
423
The usual strategies for influencing politics involve convincing individual politicians to agree with you while campaigning the voters to elect politicians sympathetic to your cause; however, there is another option: getting a political party to add your goal to their "platform".
40
52
433
As people still seem confused: to fix Substrate on iOS 8.3, @taig_jailbreak (not me) will update the jailbreak kernel patch (not Substrate).
67
418
424
With the jailbreak now seemingly "stable enough", vendors selling products via Cydia are now allowed to mark products as iOS 8.3 compatible.
58
305
402
If anyone else wants to do this work, I am *not* a gatekeeper: if there were a "walk-through" of GrandSlam, people like me can easily support it; the only existing references I've found are presentations by Vladimir Katalov (the CEO of @ElcomSoft. ) and work by InflatableDonkey.
7
18
400
(On jailbroken iOS—or apparently on "a jailbroken Mac", where you disable SIP and patch amfid, similar to how we jailbreak iOS. I wonder how much longer it will be before we need exploits for that :/—one can directly use Apple's AuthKit to get the right authentication headers.).
2
18
400
Cydia vendors can now mark their products as iOS 8 compatible. (The jailbreak platform itself is now stable enough to make this reasonable.).
72
447
397
The reason jailbreaks end up getting built surrounding it is not because "it has taken over functionality the jailbreak somehow should do"; it is because "it turns out that most of the stuff that the jailbreak was doing was not only unnecessary, but actually somewhat harmful" :/.
12
34
384
I do provide a way for jailbreaks to "slip in" kernel patches (what some people call "unrestrict"); nothing critical relies on this: these are only for sandbox backwards compatibility and to make setuid work. I do not like _any_ of these patches and never used them on my devices.
2
32
381
Apple Developer was under maintenance for 2 hours this morning. I think they sped up their API (feels a lot faster)!
31
97
375
Just finished watching the epic Pangu 9 Internals talk by @windknown and @WangTielei of @PanguTeam at #BlackHat2016.
12
96
374
For those still upset: TaiG's last post on Twitter is very obsolete; on Weibo they say they are working on an update. http://t.co/ujj354ZHm6.
59
204
349
With Cydia 1.1.19 now out, TaiG has released version 2.3 of their iOS 8.1.2-8.4 untether, fully removing that awkward setreuid kernel patch!.
56
250
359
My talk at #SpartaHack started at 12:30am (yes: at night) and at 6:00am there were still people asking questions ;P.
25
68
370
To anyone who responds "Apple isn't a monopoly": the actual test of "monopolization" is merely having a "significant and durable market power", not a 100% share; anti-competitive behaviors--such as "tying" and "refusal to deal"--can clearly apply to Apple.
12
51
352
I've spent 7 weeks working on Cycript: structs, variadics, multi-line editing, all of UIKit, Java, Android, ES6-ish!
34
127
349
(To be clear: Cydia now allows developers to mark products as compatible with 9.2/9.3; until each developer does, you can't just buy stuff.).
22
143
328
Watching Ken Arnold, the developer of curses (!), on a panel at #RoguelikeCel (an event co-organized by @brittagus).
18
50
330
A long time ago, I built a way to link Cydia directly to packages in third-party sources, but it was not documented.
53
141
312
San Bingner, using the awesome emulator environment from @CorelliumHQ, helped me verify my guesses here were correct (debugging into a call to pmap_cs_associate), but I just don't have the time right now to spend reverse engineering and attempting to understand this new logic :(.
2
32
292
Even if I did, to be very frank about it: I find working on stuff for jailbreaking neither important (as I used to for the large, stable, untethered jailbreaks, with the goal of fighting copyright law: an era that is long over) nor fun (due to the horrible developer toxicity) :/.
2
35
291
I did this as I was having a subtle-yet-annoying feeling of motion sickness using the iPhone 13 Pro Max camera that I have never experienced with an iPhone before and wanted to be 100% sure I wasn't making it up; a 100ms input latency was already "pushing it": 166ms is "too far".
11
21
298
It really sucks that I can't give a talk at a hackathon without the organizers getting harassed, or be on a panel for an unrelated topic (as I was today) without the moderator getting dogpiled with "jailbreak ETA?", or even comment on a forum without the thread being hijacked :(.
8
23
292
When @i0n1c built a tool to detect malware installed on iOS devices, his application was pulled from the App Store; in a post, he noted Apple's notice "basically says: we do not want our users to have the impression iOS could have security holes. go away".
2
44
288
What Apple does is cultivate a "chilling effect" on certain kinds of research: when @0xcharlie showed how easy it was to slip exploit code through iOS App Store review, he was banned from the Apple Developer program, so others would be too scared to probe.
7
67
288
For A12, it (surprisingly to me) turned out Pointer Authentication Codes were not a problem; however, Apple built a new layer of codesign--"physical map codesign" (pmap_cs_*, largely missing from the XNU codebase)--as part of their "Page Protection Layer".
1
33
270
I give talks at college hackathons on data sovereignty and software freedoms; it's too common to learn Stallman had given a prior talk, but turned the audience off of Free Software with his sexist/problematic mindset. We have a lot of work to do now to get back people we've lost.
3
26
281
If what you need is context on what the DMCA is, why I care, why you should care, and what we did, watch this video.
19
141
272
So yeah: I don't know if anyone else will agree with me that security events should not allow companies using USC Section 1201--or similar laws around the world: the US got this included in a WIPO treaty--to speak at their events, but if so: poke a conference organizer for me? ;P.
15
17
279