This excerpt is from iPhone Hacks. With iPhone Hacks, you can make your iPhone do all you'd expect of a smartphone -- and more. Learn tips and techniques to unleash little-known features, find and create innovative applications for both the iPhone and iPod touch
If you've ever owned a luxury car, you've experienced "platinum service"—and the price that goes with it. But if you've extensively modified your car with aftermarket parts and you take it to the dealer for engine work, you will find it hard to get warranty service on your customizations.
The same goes for the iPhone. Walk into an Apple Retail Store Genius Bar and ask them if you can upgrade the firmware on your stock iPhone, and you'll have no problem. Ask them how to rejailbreak your phone so you can continue to use it on T-Mobile after you upgraded to the Beta 3.1b firmware with cut-and-paste that you got off Pirate Bay, and you'll get the iColdShoulder.
This chapter presents the self-help and community support that you can get for your hacked iPhone. Some of these tools are basic—and similar to what you'll get if you step through the troubleshooting steps on Apple.com. But Apple's advice doesn't take into account the system-wide skinning you've done—not to mention other wild things you might have done, such as downgrading your firmware and patching the bootloader so that you could dual-boot iPhone Linux.
To continue the car metaphor, the first couple of hacks are like checking fluid levels and changing a tire. These quickly move into changing spark plugs and maybe even the brakes. Later in the book, you'll be swapping out the engine—so this chapter also shows you how to call AAA for your hacked iPhone.
The main things to know about iPhone debugging are:
Millions of iPhones have been successfully hacked.
iPhone hacking applications are constantly improved.
The earliest hacks are the flakiest, and waiting often pays off. However, guinea pigs are necessary.
You can usually unhack your phone, and it's a good idea to do this if you need to get hardware-related warranty support.
The iPhone (or iPod touch) is a well-designed, complicated computer. Despite looking like a single unit, it actually has a number of peripherals—just like a PC. An iPhone's performance can be reasonably compared to a top-of-the-line consumer PC from around 1998–1999, except with a more modern OS and applications. Therefore, we can approach repair of the iPhone (or iPod touch) like we would a conventional PC. Here's an example of the specs for this "PC":
Operating System: Mac OS X
Peripherals: touch screen, Wi-Fi, Bluetooth, wireless broadband modem, sound card, built-in microphone, GPS receiver, 4–32GB hard drive, accelerometer, 3D video card, 2 megapixel camera, 480x320 LCD screen.
If you have experience debugging PCs, debugging the iPhone is actually not that hard. The usual checklist (Figure 2.1, “Four areas to debug”) for debugging a PC involves finding out which of the areas the problem is in.
Applications: is a specific application having or causing trouble?
Operating system: does it lock up on boot and never get to the application launching screen? If not, can you launch applications?
BIOS: is the computer getting through its power-on self-test and finding something to boot from?
Hardware: is the hardware plugged in and working?
A lot of the same techniques can be applied to the iPhone. Here are some of the common-sense approaches that still apply, translated into iPhone-speak.
If you have a working iPhone that can make calls, but the phone is laggy or just acting weird, it could just be application trouble. The following are some ways to diagnose application trouble.
Force-quitting the running program may fix problems with a single application the section called “Force Quit an iPhone Application”.
Rebooting the iPhone gets you to a known state the section called “Reboot Your iPhone” and may fix whatever temporary problem was occurring.
Uninstalling or disabling bad, broken, or conflicting programs—especially background processes the section called “Restore and Recover Your iPhone”—can help.
Get an updated version of the application that's compatible with your firmware.
It could be bad application settings. Go to Settings→General→Reset→Reset All Settings, which will reset most applications as well as system configuration settings.
On a conventional PC, problems with the OS are more severe. DLL conflicts, missing drivers, or overall system instability leads us to believe that not just one program is giving us trouble but the whole operating system is having a problem.
You have similar problems with any application you run.
Major system services aren't working at all—sound, Bluetooth, and so on.
The whole system is lagging.
You can't even get past the Apple logo, or to the application launching screen.
It could be bad application settings. Go to Settings→General→Reset→Reset All Settings, which will reset most applications, as well as system configuration settings.
If the iPhone crashes or hangs on boot up, the OS may need to be repaired the section called “Restore and Recover Your iPhone” or reinstalled from scratch the section called “Enter DFU Mode”.
Make sure to back your iPhone up before the Open Your iPhone or iPod touch to Customization trouble the section called “Back Up Your iPhone's Files”, in case it crashes and must be reformatted.
If you can't even get the OS to boot, your boot loader may be broken, or the BIOS may be misconfigured. In the iPhone's case, this is usually the result of repeated firmware upgrades with various back-alley unlocking programs. Upgrading the firmware with the Pwnage application, which should in turn repair the firmware bootloader with Bootneuter, may fix these problems the section called “Open Your iPhone or iPod touch to Customization by Jailbreaking”.
Don't rule out that your iPhone might be wigging out due to hardware troubles such as bad memory, corrupted firmware, or device malfunction.
Your iPhone won't boot at all—it seems dead.
Your iPhone tries to boot and then crashes.
Your iPhone says "Repair Needed."
If your PC is unplugged, it won't turn on. Similarly, if your iPhone has a dead battery, it won't turn on. Plug it into a wall or your computer and let it charge for a while (longer than 10 minutes) and see if it "wakes up." Figure 2.2, “iPhone needs food, badly” shows an iPhone that's hungry for power.
Reinstall everything from DFU mode the section called “Enter DFU Mode”, cross your fingers, and hope it's not hardware. This approach works more often than not. The iPhone is a robust device.
If your phone says "Repair Needed" (Figure 2.3, “Repair Needed”), it could mean hardware, firmware, or software. Apple may recommend that you take the phone to the Genius Bar for diagnosis. However, one glance at your hacked boot logo may eliminate their sympathy (and your warranty). Thus, you may want to virginize the section called “Enter DFU Mode” your phone, if you can, before you bring it in for service.
The fastest way out of a hung situation.
If you're a PC user, you might not be used to Apple's habit of making one button do many things. And even though technically the iPhone has four buttons, if you include the volume controls, pretty much all the resetting, rebooting, and reprogramming of the iPhone uses just two buttons—Home and Power.
The first hack of note is Force Quit. This is the equivalent of Command-Option-Esc/Force Quit on a Mac, or Ctrl-Alt-Del/End Process on a Windows PC. If you're in an application on the iPhone that is hung or isn't responding quickly enough because of network access or some other problem, you can get out to the Home screen.
To force quit an application that's frozen, press and hold the Home button for at least 6 seconds to close the frozen application (Figure 2.4, “Hold down Home for 6 seconds to Force Quit”).
There are other applications that capture this button push and may make it do something different. For instance, if you're using Lance Fetter's backgrounder application the section called “Run Applications in the Background”, you might see a "Backgrounding Enabled" message (Figure 2.5, “Backgrounding Enabled”). In this case, just continue to hold the button and the app will quit.
If your iPhone is still sluggish or unresponsive after you force quit the application, the next thing to try is rebooting the section called “Reboot Your iPhone”.
What to do when it just isn't working right.
If you're stuck in a program and force quitting the section called “Force Quit an iPhone Application” didn't do the trick, your phone may be totally frozen. Sometimes you can't get anything to work—or work right. Flaky apps may have put your operating system into an indeterminate state—or those Apple-forbidden background apps that you bravely ran may have slowed your phone to a plodding crawl.
The first step to rebooting your phone is to simply try to turn it off. Hold down the Power button on the top (Figure 2.6, “Hold down the Power button”) until you see the "slide to power off" graphic. If your touchscreen is responding, and you can slide it, whew. Let it turn off, then press the Power button. You're back in business.
If that doesn't work, your next option is a "hard" reset. To perform this, press both buttons (Home and Power, as shown in Figure 2.7, “Hard reset: press and hold both Power and Home buttons”) at the same time for about 10 seconds—the phone will reboot.
Then, when you see the boot logo, let go (Figure 2.8, “Time to let go”).
If this doesn't fix things, a good idea is to ensure that your phone is charged. Your next step might be to restore the section called “Restore and Recover Your iPhone” your phone. (Screenshots shown are from the iPhone Dev Team's Pwnage Tool.)
Ordinarily, if you want to reinstall OS X on your iPhone, you just plug it into your computer and click "Restore" in iTunes (Figure 2.9, “ Restoring an iPhone”).
Restoring your iPhone puts it into an almost completely factory-fresh state that includes the erasure of all data, including songs, videos, contacts, photos, calendar information, and any other data that was added to your iPhone after its purchase. Because the loss of all your data can be inconvenient at best, restoring should be your last resort after trying any applicable troubleshooting techniques.
The only more drastic restoration beyond restoration is DFU (Device Firmware Upgrade) mode the section called “Enter DFU Mode”.
At times, you might want to use restore mode even when you're not restoring. For example, you may also be asked to enter restore mode by some hacking applications, because it puts the iPhone in a state where it waits for an application to talk to it, whether that's iTunes or a less official app. And you can back out of restore mode easily.
There are a couple of ways to get into recovery mode:
Make sure that your phone is off. If your phone is working normally, just hold down Power for five seconds and then slide to turn off. If your device can't boot or is hung, you'll turn it off by holding Power and Home until it powers off.
Hold down the Home button (Figure 2.10, “Hold down Home until you are told to let go”).
Connect it to your computer via USB.
Keep holding the Home button until your phone displays a screen similar to Figure 2.11, “A device in recovery mode”, then let go.
If iTunes is running, it'll restore your device, as shown in Figure 2.12, “iTunes notifying you that it's found a device in recovery mode”.
The next step, if you're going through with it, is to click Restore ( Figure 2.13, “iTunes has made the Restore option available”).
In many cases, you will be option-clicking (Mac) or shift-clicking (Windows) the Restore button. This will allow you to restore to the firmware of your choice. A link to all of Apple's firmware files can be found in the section called “Discover Your iPhone's Hackability”, and you can either download a custom firmware online or create your own with jailbreaking tools like Pwnage the section called “Open Your iPhone or iPod touch to Customization by Jailbreaking”. Figure 2.14, “Loading a firmware image” shows the firmware selection dialog.
If you change your mind about recovery mode, it's easy to get out of with a hard reset. If you just leave the device for a while, it will power down, at which point you can simply turn it back on. To speed things up:
Disconnect the iPhone or iPod from the computer.
Hold down the Power and Home buttons until you see the boot logo (Figure 2.15, “Hard reset: press and hold both Power and Home buttons”).
When you see the boot logo, let go (Figure 2.16, “Let go of both buttons”).
It's almost guaranteed that within your first week of iPhone hacking you will think you've "bricked" your phone. Luckily, it is very easy to fix. When all else fails to bring back your iPhone's functionality, look to the Restore function, either in recovery mode or DFU mode the section called “Enter DFU Mode” to solve your problem. This trusty technique should fix almost any imaginable hacking- or non-hacking-related iPhone issue.
In the process of hacking your phone, you may get into a state where you just can't get the OS to boot. Or you may get errors when attempting to restore your device. Or you may be trying to unlock your phone (Chapter 7, UNLOCKING AND ACTIVATION) and you need to replace not just the OS (as in jailbreaking) but the bootloader firmware as well. DFU mode performs a similar function to restore mode, except that in DFU mode, the iPhone never even tries to boot OS X. It's kind of like booting a PC off a restore disc, which then replaces your OS with a pristine installation.
More likely, though, you'll be trying to do something clever with your phone, and the instructions for that clever feat will ask you to enter DFU mode.
For all of these situations, DFU mode is the troubleshooting mode you seek. In DFU mode, your iPhone never gets to boot to Mac OS X. Instead, it sits there waiting to have its memory—and BIOS—completely erased and rewritten.
Here are the basic steps to get into DFU mode. You have to get the timing right.
If you have any trouble following the instructions here, you can use the Pwnage application (available at http://blog.iphone-dev.org), which will guide you through the process. The screen shots given here and throughout this chapter came from this excellent application.
Turn off your phone (Figure 2.17, “Power down the phone”).
Hold down both the Home and Power buttons for exactly 10 seconds, then release the Power button and keep holding the Home button (Figure 2.18, “Hold both for 10 seconds, then release the Power button”).
After another 10 seconds, let go of the Home button as well (Figure 2.19, “Hold Home button for another 10 seconds, then release”).
In DFU mode, there should be nothing on the iPhone screen except backlit blackness, as shown in Figure 2.20, “DFU Mode: screen is lit, but black”.
On Windows, you should hear two USB beeps—one "device disconnected" beep after the first 10 seconds, then one "device connected beep" once you enter DFU mode. On Windows XP, you should also see a device identification bubble in the taskbar (Figure 2.21, “Taskbar notification in Windows XP”).
Once you're in DFU mode, iTunes should give you the same recovery mode message it gives with the normal recovery mode the section called “Restore and Recover Your iPhone” (Figure 2.22, “iTunes detecting the iPhone in DFU mode”).
Next, option-click (Mac) or shift-click (Windows) the Restore button. This will allow you to restore to the firmware of your choice. A link to all of Apple's firmware files can be found in the section called “Discover Your iPhone's Hackability”, and you can either download a custom firmware online or create your own with jailbreaking tools like Pwnage the section called “Open Your iPhone or iPod touch to Customization by Jailbreaking” (Figure 2.23, “Loading a firmware image”). If you simply click "Restore" and allow iTunes to choose the firmware, you will virginize your phone.
The steps are:
With the phone plugged into your computer, hold down both the Power and Home buttons for 10 seconds or longer—until the screen changes.
On Windows, you may hear a beep or get a USB device notification as your iPhone comes out of DFU mode.
Your phone should boot as normal. If it's still off after 10 seconds, you should be able to turn it on by pressing the Power button briefly.
Courteous, experienced hacking support is available 24/7.
Although this book attempts to address as many issues as possible, it is still likely that you may encounter a completely new and unique situation with your iPhone. Luckily, the Internet is full of great resources that can help you determine a solution to the problem.
The big problem is that iPhone hacking is, by definition, unofficial and mostly unauthorized. And even when hacking is tolerated, or even privately encouraged, it is unreasonable to expect a large corporation to support not only its own software, but the broad scope of possible hacked variants of that software. Thus, it's necessary to go elsewhere for support. Fortunately, support is available—in fact, the organized support available for iPhone hacking surpasses that of most software companies, and is free.
For those unfamiliar with the open source software movement, it is quite a cultural shock to find that they can often contact the real author of a piece of free software—and get courteous and helpful email support. In an age of self-help forums and pay-per-incident support calls, the accessibility and, for lack of a better word, the humanity shown by open source software developers is legendary.
Although there are hundreds—if not thousands—of websites, forums, portals, and blogs dedicated to the iPhone, the actual core of hackers who do the real work are few in number. Perhaps several dozen key contributors do the intellectually stimulating but long and painstaking work of discovering the exploits, creating stable, well-tested software to open up the iPhone and iPod touch, and packaging it so that anyone can use it.
In the flurry to monetize the iPhone phenomena in every way possible, some application vendors have taken open, free work and software from a core iPhone hacking team, wrapped it in a proprietary application, passed it off as their own work (or given perfunctory acknowledgement) in order to make money through licensing, advertising, and "Please Donate" online tip jars.
Arguably, these carpetbagging "script kiddies" have added some value—perhaps in packaging up hard-to-use command-line tools into a friendly "click here to jailbreak" application. But as they did not develop the original hacks themselves, they are not necessarily capable of fixing the bugs, or reversing any damage that their one-trick applications may cause.
The best people to support a hack—and to accurately represent what it's capable of doing—are the authors themselves.
We keep speaking about the iPhone hacking community. Specifically, the iPhone hacker community consists of several dozen core individuals who have enabled or created most of the innovations you will see in this book. The largest group has associated under the banner of the iPhone Dev Team. Their website and blogs have moved around a bit, but at the moment their main portal can be found at http://wikee.iphwn.org (Figure 2.24, “iPhone Dev Team Portal”) and their blog at http://blog.iphone-dev.org (Figure 2.25, “iPhone Dev Team Blog”).
The Hackint0sh forum (www.hackint0sh.org) is a huge community of more than 80,000 members and covers a wide range of Apple hacks including iPods, iPhones, Apple TVs, and Mac OS X in general. This is the primary forum for support on iPhone Dev Team hacks and an excellent resource for new and experienced hackers (Figures Figure 2.26, “Hackint0sh welcome” and Figure 2.27, “Hackint0sh forum”).
Another fantastic, ad-free, real-deal site is www.theiphonewiki.com (Figure 2.28, “The iPhone wiki”), started and maintained by GeoHot (George Hotz), who was first to unlock an iPhone and who continues to make major breakthroughs on iPhone hacking. The wiki has the clearest, most concise, just-the-facts analysis of all the known exploits on the iPhone and iPod touches. Although sometimes hard to read for nonengineers, this is a warm respite from the biased shilling and link posting that pervades the gadget blogosphere. Hotz's own very technical blog can be found at http://iphonejtag.blogspot.com.
Another great resource that is well edited, well maintained, and easy to use is http://iclarified.com (Figure 2.29, “iClarified's website”). This site is clean and concise; they also operate their own iPhone application repositories for both Installer.app and Cydia the section called “Install Third-Party Apps”.
Another well-established site supporting iPhone hacking is www.modmyi.com (Figure 2.30, “The modmyi site”). Although their site is cluttered, their content is good. Like iClarified, they provide iPhone application repositories and hosting for user-created applications and skins.
Sometimes the wikis, forums, and step-by-step tutorials just don't have the answer. And no matter how much searching you do, sometimes it helps to have a human being point you in the right direction.
If you still can't find what you're looking for on any iPhone hacking websites, then this is your solution: IRC (Internet Relay Chat) connects users from all over the world. IRC servers provide chat rooms called channels where you can get help day or night.
To start chatting, you must first install an IRC client on your computer or iPhone. Mac users can download Colloquy from http://colloquy.info. PC users can download mIRC from www.mirc.com. To get an IRC client on your iPhone, you can search for IRC in Cydia or Installer; Mobile Colloquy and iRCm are two applications available as of this writing.
Once you have your IRC client running, add this server: irc.osx86.hu with the port set to 6667. If you already have IRC properly configured, you can just type this URL into your browser: irc://irc.osx86.hu/iphone. See Figure 2.31, “IRC client in the #iphone channel”.
Although this is by no means a minitutorial on IRC, you can get a list of channels to join by typing:
And you can join a channel by typing
/join , such as:
<name of channel>
Several useful channels are #iphone, #iphone-dev, and #itouch.
If you're not familiar with IRC, the basic rules are: don't post too much; don't harass; be polite; follow the directions you see when you join the room. Once you've joined one of the channels, you can ask your questions. You're likely to get your answers, as many of the iPhone Dev Team developers inhabit these rooms whenever they're online, which is most of the time.
One of the best ways to find reputable, primary sources of information on iPhone is to seek out the websites of your favorite application authors.
For instance, a prolific contributor to the community, Erica Sadun, has created a number of indispensable command-line utilities and provided source code as a starting point for iPhone development, and she's even written a very popular book on the subject: see http://ericasadun.com (Figure 2.32, “Erica Sadun's website”).
Jay Freeman (saurik) is a Dev Team member and software master who single-handedly developed Winterboard (for iPhone skinning), ported Java to the iPhone, and created the open iPhone distribution application Cydia. He also completely simplified development of jailbroken applications so that you can do iPhone development right on the iPhone itself! See www.saurik.com (Figure 2.33, “Jay Freeman's website”).
BigBoss, a Dev Team member and early repository hoster, created the popular and tremendously useful BossPrefs application used to configure many of the system-wide settings on jailbroken phones. BigBoss's site at http://thebigboss.org has great resources and is one of the biggest application repositories (Figure 2.34, “BigBoss's website”).
Some forums have pleas for donations, with comments like "Help keep applications like this in development," despite the fact that they have no relationship to the developers. If you feel compelled to donate in order to support the iPhone hacking community, consider donating directly to the individual hackers and developers who create the applications you use. You can usually find their personal blog or website with a little searching.
Copyright © 2009 O'Reilly Media, Inc.