Apple's security has become very sophisticated. Here we'll show you how to escape their complex labyrinth and jailbreak your iDevice.

The iPhone just turned ten years old this year, with jailbreaking right behind it. Over the years, the process of jailbreaking your iDevice has evolved with Apple's security mechanisms. As the hackers and Apple played a game of cat and mouse, 72-step jailbreaks gave way to one-click tools. At its height, people were even jailbreaking Apple's in-store display models by visiting a website and 'Sliding to Jailbreak'.

For those of us who would still like to jailbreak, we now need to sideload a tool in the form of an app to temporarily escape for a week without having to rerun the tool. It became what the community dubbed a 'semi-untethered' jailbreak. While it is not ideal, it is all we have these days.

With Apple working hard to increase their kernel security mechanisms, the future is not looking good for untethers. Currently, the jailbreak community has technically been in beta for over a year. Pangu is the last team that has released a jailbreak for a current version of iOS without it being in an alpha or beta state.

While Luca Todesco's work is impressive with yalu+mach_portal and yalu102, he has all but left the community, with good reason some would say.

What does it mean to jailbreak, exactly?

In the most simple terms, a jailbreak is a process of escalating the privileges of the user to root; this allows the installation of software that can access anything on the filesystem. To be clear, when you jailbreak your iPhone or iPad, you are assuming full control and therefore are responsible for the security and stability of your device.

Jailbreak releases come in the form of one-click tools that a user runs to perform the task. After that, it will install Cydia, which is essentially the jailbroken App Store (it's not), but it's much much more. If you're the type of person who likes to tinker with things and don't mind them failing you on occasion, then jailbreaking might be right for you.

Cydia is more than just an App Store because it allows users to add other sources to their 'repository list' as opposed to only being allowed the one from Apple, this is where both the utility and risks are. One of Apple's security recommendations is to install apps from the official App Store only.

Our recommendation is to only install tweaks from reputable sources. These include our repository, Saurik's, ZodTTD & MacCiti and of course BigBoss. Exceptions can be made for developers that you are beta testing for or other well-known developers.

Following these tips and using common sense should at least cover you from any malicious code sneaking its way onto your device. The risks involved with installing software from untrusted sources are never worth the benefits. It is worth mentioning that there hasn't been any evidence that the code executed during the process of a publicly released jailbreak causes any adverse side effects.

There is no public jailbreak for iOS 11, yet.

The last public jailbreak release only works for iOS 10.2.1. Every firmware released after Saïgon isn't able to be jailbroken.

As soon as we get any news, our readers will be the first to know.

How to jailbreak your iPhone or iPad on iOS 10.2 with yalu102

Now that we got that out of the way we can get into the nitty-gritty. Since Apple's getting better at locking down iOS and even the hardware of the devices, jailbreak releases have become fragmented. Yalu102 works on all 64-bit devices that are on 10.2 except the iPhone 7, 7 Plus and the 10.5 inch and 12.9 inch iPad Pros.

Make sure you have a complete backup of your device either on your Mac, PC or iCloud, preferably both, an essential step for covering your backend if anything goes wrong. You should always be able to restore to a newer version of iOS if anything gets broken in the jailbreak process.

Step One: Download Impactor.

Head over to the website for Cydia Impactor and download the version for your machine.

Step Two: Download yalu102 from the official source only.

Grab the latest ipa of yalu102 from Todesco's website, which at the time of this writing is beta7. We don't anticipate it getting updated so it should stay on that version. Please only use this version as Luca is quoted saying that it is very easy to backdoor this with malicious code:

DO NOT DOWNLOAD THIS SOFTWARE FROM OTHER SOURCES OTHER THAN THESE LINKS UNDER ANY CIRCUMSTANCE. IT IS VERY EASY TO BACKDOOR THIS SORT OF SOFTWARE TO CONTAIN MALWARE. PLEASE BE EXTREMELY CAREFUL. THESE MIRRORS ARE TRUSTED BUT MAKE SURE TO CHECK "HASHES"

Step Three: Install Impactor.

Locate where your browser put the Impactor download, then open and install it where you'd like.

Step Four: Drag the yalu102 .ipa file into Impactor.

Plug your iDevice into your computer with a Lightning cable and locate the yalu102 beta7 file. At this point, Impactor should have detected your iPhone; you should see your iPhone with its UDID (long series of numbers and letters) in the first field. Now select yalu102 and drag it into Impactor.

Step Five: Authenticate your iTunes account to 'sign' the .ipa.

After dragging the file into Impactor, you will be prompted to enter your iTunes email then password. Here is where you should be careful, while Saurik and Todesco are both trusted developers, you never want to hand your iTunes credentials over to a custom interface like that.

Here is where two-factor authentication comes in, you should have this enabled anyway. If you don't, stop what you're doing and do that, right now. To do this, you need to visit appleid.apple.com, if you require help figuring out for to set up two-factor authentication or creating app-specific passwords for your iCloud account, check out this article.

Now that you have two-factor authentication active, you're able to generate app-specific passwords. After making one, enter your app-specific password after entering your email. From here, Impactor should finish up the process by itself unless your email is associated with multiple teams. Then you'll have to select one to use for the signing process. If you're a developer or lucky enough to be on a developer's account, you'll be able to sign it for a whole year instead of the 7-day window for regular accounts.

Step Six: Open the yalu102 app and run the tool by pressing 'go'.

If you did everything correctly, the app should have been successfully installed on your iDevice. It will be found on one of the last home screen pages on the Springboard. After opening it you will see a minimal interface with just one button, 'go'. Tapping this will run the exploit tool, and if successful, your device will restart in a jailbroken state with Cydia installed.

How to jailbreak your iPhone 7 or 7 Plus on iOS 10 - 10.1.1 with extra_recipe+yaluX

The process here will be the same except for the .ipa file used. Different exploits are being used since the iPhone 7 and 7 Plus both sport a different, more powerful processor.

One should note that Todesco's mach_portal exploit has been replaced by extra_recipe from xerub since it is more stable once it is successful. Another thing is that some users reported having to attempt several times for it to work, with some claiming as many as a dozen times for it to work.

Step One: Download Impactor.

Head over to the website for Cydia Impactor and download the version for your machine.

Step Two: Download extra_recipe from the official source only.

Head over to qwerty's website and click on the 'download' button right below where it says 'extra_recipe+yaluX by xerub & 'ianbeer'.

Step Three: Install Impactor.

Locate where your browser put the Impactor download, then open and install it where you'd like.

Step Four: Drag the extra_recipe .ipa file into Impactor.

Plug your iPhone 7 or 7 Plus into your computer with a Lightning cable and locate the extra_recipe file. At this point, Impactor should have detected your iPhone; you should see your iPhone with its UDID (long series of numbers and letters) in the first field. Now select extra_recipe and drag it into Impactor.

Step Five: Authenticate your iTunes account to 'sign' the ipa.

Same as above, you are going to want to have two-factor authentication activated on your Apple ID/ iTunes account. That way you're able to create app-specific passwords for things like this, and it's also generally a good idea.

Step Six: Open the extra_recipe app and run the tool by pressing 'go'.

Locate the extra_recipe app on your Springboard and open it. You'll see the familiar minimal interface with credits at the top, the 'go' button in the middle, and device compatibility at the bottom. Tapping on 'go' will run the exploit tool.

There are some things that you can do to increase the chances of success. Make sure your battery is charged and put your phone in Airplane Mode before pressing 'go'.

Some people have reported better success if they have 'hard reset' their phone beforehand by pressing volume down and power at the same time until the Apple logo appears and then open several apps before running the tool. We don't recommend this unless you've tried everything else as a hard reset doesn't properly unmount the filesystem when shutting down and can lead to problems.

However unlikely that is, it's best to power down the device regularly by holding the lock button and then 'sliding to power off' Once successful, your device will restart in a jailbroken state.

Jailbreaking your iPhone, iPad, or iPod Touch iOS 9

Here is where it starts to get interesting. Apple introduced Kernel Patch Protection in iOS 9, this is a significant step forward for iOS security, yet a step backwards for jailbreaking. Without going into detail here, we'll suffice it to say that it is a significant hurdle in the way of attaining an untethered jailbreak. Because of this, jailbreak tools now have to be sideloaded after the kernel's chain of trust is over.

Apple recently changed their way of releasing software, and they started releasing more 'dot' updates. Instead of only a few major updates a year, users can now expect three to five updates after each version of iOS. With so many updates in such a short time, the people who release jailbreak tools began to hold back their exploits.

As time went on, eventually these holes were filled in by other developers.

How to jailbreak 32-bit devices on iOS 9.3.5 with Phoenix

In August of this year, two developers teamed up and released the Phoenix jailbreak. It is only available for 32-bit devices that are on iOS 9.3.5, which are:

  • iPhone 4s
  • iPad 2
  • iPad 3
  • iPad mini 1
  • iPod 5

If you haven't noticed yet, the process here is almost the same every time. Download the app, sideload with Impactor, run the app repeat upon reboot.

Step One: Download and install Impactor.

Head over to the website for Cydia Impactor and download the version for your machine and then go ahead and install it.

Step Two: Download the IPA from here only.

Download the IPA from the phoenixpwn website and place it on your desktop.

Step Three: Connect your device to your computer.

We recommend only using official Apple Lightning cables. Make sure Impactor recognises your device.

Step Four: Drag the IPA onto the top field of Cydia Impactor.

Drag the file from your desktop, into Cydia Impactor.

Step Five: Enter your Apple ID credentials.

Again, please use two-factor authentication on your Apple ID. Go ahead and enter your credentials and hit 'Ok'.

Step Six: Trust the certificate.

On your device, you will need to go to the Settings.app and navigate to General > Device Management and then trust the certificate.

Step Seven: Run the app and tap on "Prepare For Jailbreak".

Wait for your device to respring. After respringing, launch Cydia. One should note that whenever you reboot, you will need to open the app again and tap on Kickstart Jailbreak.

Also, when the app expires, which will be after seven days unless you have a developer account, install it again with Cydia Impactor. The exploit may fail a few times if this happens, try again.

How to jailbreak 32-bit devices on iOS 9.1-9.3.4 with Home Depot

Again, the process is the same:

Step One: Download and install Impactor.

Head over to the website for Cydia Impactor and download the version for your machine and then go ahead and install it.

Step Two: Download the IPA from here.

Download the IPA from the Home Depot website and place it on your desktop.

Step Three: Connect your device to your computer.

We recommend only using official Apple Lightning cables. Make sure Impactor recognises your device.

Step Four: Drag the IPA onto the top field of Cydia Impactor.

Drag the file from your desktop, into Cydia Impactor.

Step Five: Enter your Apple ID credentials.

Go ahead and enter your credentials and hit 'Ok'.

Step Six: Trust the certificate.

On your device, you will need to go to the Settings.app and navigate to General > Device Management and then trust the certificate.

Step Seven: Run the app and tap on "Go".

Wait for your device to respring. After respringing, launch Cydia. Whenever you reboot, you will need to open the app again and repeat the process.

How to jailbreak 64-bit devices on iOS 9.2-9.3.3 with Pangu

Pangu was the first to release a jailbreak in the form of a sideloaded app. This tool is the last public release of a jailbreak from them, although they are still researching iOS security.

It only works on 64-bit devices on iOS 9.2-9.3.3, which (likely) are:

  • iPhone 5s
  • iPhone 6
  • iPhone 6s
  • iPhone 6s Plus
  • iPhone SE
  • iPod Touch 6G
  • iPad Mini 2, 3 & 4
  • iPad Air 1 & 2
  • iPad Pro

Step One: Download and install Impactor.

Head over to the website for Cydia Impactor and download the version for your machine and then go ahead and install it.

Step Two: Download the IPA from the Pangu Website.

Download the IPA from the Pangu website and place it on your desktop.

Step Three: Connect your device to your computer.

We recommend only using official Apple Lightning cables. Make sure Impactor recognises your device.

Step Four: Drag the IPA onto the top field of Cydia Impactor.

Drag the file from your desktop, into Cydia Impactor.

Step Five: Enter your Apple ID credentials.

Go ahead and enter your credentials and hit 'Ok'.

Step Six: Trust the certificate.

On your device, you will need to go to the Settings.app and navigate to General > Device Management and then trust the certificate.

Step Seven: Run the app and tap on "Start".

Wait for your device to respring. After respringing, launch Cydia. Whenever you reboot, you will need to open the app again and repeat the process.

Wrapping it all up

There you have it. If you played your cards right, you should have a jailbroken device on at least one of these firmwares. If it's not the latest jailbreakable device like the iPhone 7 or 7 Plus, hopefully, you were able to get your hands on an iPhone 4s or 5 and use Phoenix at least.

We will be updating this guide with more jailbreak tools in the future. Thanks for reading our guide on how to jailbreak. Stay tuned as we update this guide with more jailbreaks.