to.panga, the secret jailbreak tool developed by Abraham Masri had its curtains unveiled today.

If you're unaware, there was progress being made lately on running Cydia on iOS 11 firmware lately. Multiple developers and experienced people (including myself) got Cydia to run thanks to (at least partially) Abraham Masri's work. The tool was secret and not meant for the public, up until now. Well, it's still not really for the public, so let me explain:

While to.panga shows great promise and does indeed install a partially working Cydia.app on your iOS 11 device, it is not meant for regular users. The tool has been released for developers only, so they can contribute to the project and possibly get something out of it.

to.panga does not come in a compiled .IPA version available for official download and can only be compiled with Xcode on macOS, which means that if you don't know how to use Xcode to compile the app yourself, you probably shouldn't be playing around with it in the first place. The developer disclosed a warning on the GitHub page, as follows:

"to.panga will partially jailbreak your phone and I am not responsible for any mess up. This project is for research only."

Note the word "partially". While to.panga is a capable tool, it will not fully "jailbreak" your device like you, as a user, know it. MobileSubstrate, the code-injection framework developed by Jay "Saurik" Freeman will not work and will not be installed on iOS 11, which renders the "jailbreak" useless for the vast majority of people. Freeman has confirmed that work is being done on updating MobileSubstrate.

One thing which stands out in the readme of to.panga is the developers attack on "Cydia Installer", the actual Cydia.app as you know it. Masri claims that Cydia is " just too big, complex, and old for what it does". Freeman has answered this criticism on Reddit:

"So, a few people have asked "wouldn't it be cool if Cydia were open source, so people could just fix things?". Cydia Installer (which is what this pissy readme file is about, not Substrate) is open source, so any time you see someone complaining about Cydia who isn't also providing patches to fix the the things they don't like, they are probably just enjoying trolling.

I mean, these aren't even real complaints... "too big, complex, and old for what it does" due to cydo? This doesn't even make sense. Cydia clearly should run as mobile (for numerous security reasons; it having used to be running as root was a problem) and it also clearly needs to install things as root; that's why you have to have an indirection like cydo to escalate from mobile to root.

The alternative would be a daemon, and that's likely going to work even more poorly with this not-really pseudo-jailbreak due to random sandbox issues in getting everything communicating and bootstrapped correctly, and in any case having two communicating systems like that is more moving parts than what Cydia currently has and so would be bigger and more complex.

What is going on right now is simply that the entire concept of an iOS 11 "jailbreak" is an incredibly sketchy house of cards, and the people who are assembling it (using an off-the-shelf exploit from Ian Beer, so like... I have no reliance on them: I can release my own jailbreak) all hate me and hate Cydia and are just taking every single opportunity to poke at me and make my life more annoying.

FWIW, I've been working with some of the people from past jailbreaks (the people who actually exploit things and like me) on the more interesting parts of making stuff work on iOS 11 (though need to verify with them whether they want to be called out by name), and am trying to make sure that everything is 100% solid: I want it to work every single time in every single situation.

To make this all work the way I need, I've built up some pretty cool stuff, such as MSHookRemote: a reasonably generalized version of "I am in one process and I need to modify the behavior of another process". The new version of Substrate even has some "super powers", such as being able to easily inject extensions into binaries marked as setuid or setgid (a classic limitation).

However, maintaining this stuff also isn't my full-time gig anymore. To pay for everything, I had to take a job working on something that I've found really draining (due to the crazy internal people dynamics that are involved), and so I no longer can just randomly pull magic rabbits out of my ass on a moments notice; I also haven't had time to "prepare" much for dropping 32-bit.

That said, essentially no one ever used the iOS 10 jailbreak until we had had multiple windows for people to install it, and way way way fewer people are going to be using whatever this weird solution we have is for iOS 11 due to numerous reasons. I thereby do not feel like I'm in some incredible rush here that requires me to compromise on anything, even "work with these people at all"."

Mesri advises people to wait for a jailbreak from Jonathan Levin, which supposedly should do the job better:

Nontheless, progress is being made. The community is alive again, going forward and we shall see a full, working, jailbreak for iOS 11 in just a matter of days, if all goes well.

What are your thoughs? Are you excited for a jailbreak for iOS 11 and your iPhone X? Meet me in the comments below and let's have a chat.