Welcome to Tech Stuff, a production from I Heart Radio. Hey therein Welcome to Tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio. And how the tech are you? So it's time for a tech stuff tidbits. I think this is probably gonna be pretty long for tidbits, but let's just go with that. And I got a message from way to Cold Mike on Twitter asking for an episode about jail breaking, which is a term I've not heard in quite some time, but back in two thousand seven it really started to gain traction. And of course we're not talking about breaking someone out of a literal jail. Now, we're talking about using vulnerabilities to break down the walls of an otherwise walled garden. So first, let's set the stage. Let's say that you are in charge of a tech company that produces a smartphone, and part of your revenue comes from phone sales. Right, you produce phones, they go to retailers. The retailers seldom to customers. That's your revenue stream. However, you've also figured out a way to increase your revenue by keeping a tight control on what can and cannot be loaded onto your smartphone, so you're acting as a kind of gatekeeper. UH. You might also be acting as a payment processing service, so you are in charge of determining what users can download to your smartphone. UH. And anything that uses in app purchases has to go through your payment processing system, so you can take a cut of all those transactions. And yes, I am describing Apple here, but a lot of companies do similar things. So this is all about creating an ecosystem and then controlling as much of that ecosystem as you possibly can in Now, this does not always work, of course. For one thing, people have to want to be part of that ecosystem in the first place. Right if no one likes your product or thinks it's interesting, no one's going to buy into it. And then it doesn't matter if you control everything, because no one's entering into your ecosystem in the first place. But we have seen this time and again from tech companies, particularly those that sell hardware, because if all you do is sell hardware, well, then you only make money if folks are buying your stuff. And if your stuff lasts, you know, at least a couple of years, it might mean that you have some pretty rough cycles like sales cycles, like if everyone is convinced to buy your product right out of the gate, Yeah, that's gonna be great for you in the short term, but then a year later, maybe no one's buying a new stuff because you know, the old thing still works great. So this can really kind of lock you into a a huff revenue cycle where you have big ups and downs. That's not great for shareholders if you have to be a publicly traded companies. So if you pair your hardware with some kind of service, you can continue to charge customers over and over over, you know, however long they remain a customer. And we see this with printers and toner cartridges, with famous examples being printers that can detect whether or not the cartridge you've inserted is an official one from that company or a third party knockoff, and if it's a third party knockoff, it might just not allow that to happen, like it'll lock the printer down. We've seen this with coffee makers. Curig famously tried to fight off attempts from other companies to create pods that were compatible with curing coffee machines. Curi just wanted you to go through the curing system, and we've see it in the right to repair movement with company. He's like John Deere trying to force farmers to you know, lug their expensive farming equipment to a license John Dear repair shop rather than be able to do any maintenance themselves or with a mechanic that they like to work with. All of these concepts are related to this idea of locking customers into a model where they keep on paying to be part of this ecosystem. All right, So let's go back to two thousand and seven. That's the year that Apple introduced the iPhone, and you may owe Ma Drew Gees have forgotten what that was like. Things changing so scoring nowadays and people quick to forget. Just give me a shout out if you actually get that reference and text stuff hsw on Twitter is the way to do that. But when Apple first launched the iPhone, it was before there was an app store. In fact, the iPhone app store launched just a hair longer than a year after the original iPhone debut, So the original iPhone owners went more than a year if they bought it on day one, they went more than a year without any kind of App Store, no way to add stuff to your phone. And it's not that the phone couldn't support apps. It totally could, and in fact it came standard with several Apple provided apps pre installed. But Apple was building out the back end of that ecosystem, the process by which app developers would submit applications for Apple to consider to include into the app store, and sometimes Apple did, sometimes it didn't, and those early days in particular, it was a pretty opaque process. There were times where developers would get a rejection and not really understand why they were rejected, especially if a very similar app would then get accepted into the app Store. So they were confusing days back then, and again that was a year after the phone had actually launched. And you see, Apple wanted and actually still wants, to control what sort of stuff could appear on the iPhone, which, when you really break it down, is just a small portable computer that happens to be combined with a phone, and computers are designed to run software. But Steve Jobs, the co founder of Apple, had long maintained a desire to restrict what sort of stuff could run on his company's hardware, and there are a lot of different reasons for this. One of those reasons is just a desire for quality control. If you take care to make sure that only approved apps are allowed on your device, you can sidestep a lot of the problems that can come about when junk software hits a platform. If we think back to the early nineteen eighties, we can remember the issues with video game consoles and how a flood of really crappy games contributed to an overall decline in popularity of consoles like the Attar, and ultimately the video game industry as a hole in the United States at least, crashed in Now, I'm not saying that crappy games caused the crash, but they were a contributing factor to it. So that's one thing you don't want to have your platform flooded with junk. But another reason is security. Computers run on code, and if you are clever, you might figure out code that can exploit a computer in some way. Now, when you're talking about a computer that's also connected to a phone or a WiFi network, exploits can go beyond affecting just a single device, and we've seen exactly what can happen with big stories like the Israeli company N s O Group and the Pegasus product that that company produces. Pegasus leverage the flaw on Apple's Eye Message that would allow someone to gain remote access to another person's phone. All it would take is for the attacker to send a message to their target through I Message, So you just had to have the target's phone number, and you just sent the the attack through I message, and the target wouldn't even have to click on a link or anything. So this was a zero click attack, and it would turn the target's phone effectively into a surveillance device like the the attacker could activate the camera or the microphone, or just you know, scroll through all the stuff that that person had been doing on that phone. And this is the kind of stuff that Apple would rather not happen for obvious reasons. And then there's the potential for revenue. If you've got the final say on what can and cannot go onto your platform, and if your platform is really popular, then you can pretty much dictate terms to app developers. You have all the leverage the developers want their apps to get in front of as many people as possible. If the people happen to really love your product, well that means the app developers are going to want to develop for you, even if you happen to put a whole bunch of whops in front of them that they have to jump through in the process. And Steve Jobs was a brilliant salesman. When he first announced the iPhone back in early two thousand seven, six months before the product would actually release, he had that audience eating out of his hand. He highlighted some pretty cool features that are standard in smartphones today, but they're really innovative. Back in early two thousand seven and before two thousand seven, smartphones were mostly clunky and utilitarian, mostly the stuff that busy executives carried so that they could stay connected to their calendars and email or you know us as a status symbol so that other executives would know how executive they were. That's some commentary there. But the iPhone was different. It was sexy, It seemed futuristic and cool, and even as a brand new product, a lot of people wanted it. In the United States, initially you could only get an iPhone if you got it on a T and T. It was the only carrier that could carry the iPhone initially in the United States, Apple and a T and T had an exclusive deal that was to last a couple of years here in the US. But even with that restriction, a lot of people wanted in, but some people wanted a little bit more. I'll explain when we come back after this quick break. So, as I was saying, there were some iPhone enthusiasts who thought the platform was awesome, but they were not satisfied with the iPhone as it launched. They knew that as a computer, you should be able to load stuff onto it, programs, apps, in other words, and the iPhone lacked certain features that most cell phones already had, including a game. There was no game on the original iPhone at all. You could go out and buy a candy bar cell phone or a flip phone, not a smartphone, just a self own and you would get Snake on it at least, or Hangman or something. But the iPhone didn't even have that. But what if you could load programs onto the iPhone? While obviously Apple did not want people to be able to do that, the company was creating the framework so that it would have this full control of that ecosystem. But in the meantime, hackers were prodding the iPhones programming and finding ways around the operating system's walled garden, and the goal was to create a way in which the user could load unauthorized apps onto their iPhone. On a technical level, what the hackers wanted to do was get administrative level access to the file systems of the iPhones operating system or iOS. That is what jail breaking is. It is dismantling or overcoming the restrictions placed on a piece of tech so that you can load whatever you want onto it and change it in whichever way you want. And in the early days the iPhone, it also meant you could potentially use an iPhone with a different carrier than whatever Apple's official partner was in that region. This is more frequently referred to as unlocking, so it's related to, but slightly different from, jail breaking. Sometimes the jail breaking process would allow you to unlock your phone, but they weren't necessarily always together. And while the term jailbreaking can apply to any walled garden ecosystem, more often than not you would encounter it in terms of Apple and specifically the iPhone and to a lesser extent, the iPad and the and the iPod Touch. I almost totally forgot what the iPod Touch was called, because it's been so long since I've seen an iPod and I think a big part of the reason why we associate this mostly with Apple is that Google, unlike Apple, when when they launched their Android phone the following year, Google decided to give users the option to load apps outside of the official Google App Store. Now that's called sideloading. So you're heading off to the side to load an app onto a device. You're not going through the official you know, Android Store, and sometimes you need to do that just for the purposes of developing an app. Right, So let's say that you are a developer. You're creating an app. The app is not ready for full rollout, so you're not gonna submit it to the app Store yet, but it's beyond the initial development phase and you want to run a beta test to make sure that the app is doing what it's supposed to do. So maybe you contact a relatively small number of folks to participate in the beta and they sideload the app. You send them like a direct link to where they can download the app and they can do that. Then you test out the app, You work out what the bugs are if there are any you're find it, and then once it's ready, then you can submit it to the official store. That happens a lot, but it does require that your testers have to go into their settings and allow it does. By default, you are not allowed to sideload apps, but you can change that feature and Android. And then there are some developers who just create apps that either they never submit to the App Store or maybe the apps got rejected for some reason, and in these cases, sideloading is really the only way users can access those applications. Google's message was, hey, y'all, this is risky, but you're all adults, so we're not gonna stop you from doing this, but we do want you to understand that it comes with potential consequences. You need to know that. So Google was saying that sideloading could lead to trouble, such as you know, you could end up installing malware on your Android device, and that does happen. But if you wanted the freedom it was yours to have, you just had to change a couple of settings on your phone. Apple, by contrast, said, the world out there is a scary place. There are bad people who will do bad things to your phone. And so we shall protect you because you do not know better. Trust in us. We know what you want before you do. Do not worry what lies outside the official app store, for nothing out there is worth your time, or something like that. I might be paraphrasing anyway, a lot of the hacker crowd felt that Apple's approach was very patronizing and very Ivory tower ish. And you know, hackers aren't super crazy about companies telling them what they can't do with their stuff. That pretty much goes directly against the hacker ethos. So you might wonder how long did it take before someone found a way around Apple's iOS protections that would allow you to install a new app on the iPhone? And the answer is eleven days approximately, So about a week and a half after the first iPhone launched, hackers created a way to bypass the walled garden. Uh one group of hackers that did this in that I'm of time, we're cheekily referring to themselves as the iPhone dev team, And initially they showed that through their process they could install custom ringtones and custom wallpapers on the iPhone, which is, you know, pretty small stuff, but a step something that you could not do if you just had an out of the box standard iPhone. Now there's no real point in going into how they did this because it gets extremely technical. Like some of the jail breaking processes for various iOS versions would be more than a hundred steps for you to complete in order to achieve the goal of jail breaking the phone. So it would be pointless for me to go through all of those. It would be meaningless for most of us, including me. I'm not I don't need to talk down to anyone. I would not understand what I was saying. I would just be reciting something. It would be as if I were saying something in a totally different language. And also, most of all that is a ale of it now, because you know, we're we're talking about a process that we see in all forms across data security, which is you get this see saw effect. So one moment, the hackers have figured out how to exploit a system, so the seesaw goes in their direction. The next moment, whatever company is behind the system ends up pushing out an update that addresses that vulnerability see sauce switches. Then the hackers get to work trying to crack that system. Switches again, and so on, and this back and forth just keeps on going. Pretty much, it will keep on going until whatever the company is it's making the thing stops making the thing. Um And of course some iOS updates would end up taking longer to crack than others. I believe that IO S fourteen, which is the most recent version, took the longest amount of time to crack if we ignore stuff like Apple TV, which took even longer. But I'm mostly focusing on iPhones here, and Apple tried to go a little bit scorched earth with their early response to to jail breaking. So the company aimed to brick phones that had been altered. First, it sent on a message that said, hey, you don't want to jail break your phone because it could affect its functionality and it could make it not function in the future. And then the company, our outright went out to try and make that happen by detecting and then breaking a phone that had been altered. And breaking means that the company essentially cuts off all functionality to the device and they render it no more useful than a brick. And actually you could argue it's less useful than a brick, because I don't know if you've tried to build afford with iPhones, but they are not stable. Hackers would release tools that would allow users to jail break their phones and then continue to update two newer versions of the iOS without having their phones get bricked in the process. US for some of those early ones, but again, this was constantly a seesaw. Apple would see how the hackers would respond and change their approach, and then the hackers would do the same. Now, the point that the hackers were aiming for was always the same. Their goal was always the same, which was to get that administrative access over the file system. Now, the method to do that would change depending upon what protections were in place, So again there's not much point in going through any of them in great detail because they would only be relevant to a specific iteration of iOS. Now, the very early jail break methodologies we're pretty obtuse if you were not technically savvy, chances are it would be two in the weeds for you to manage. And when I say you, I also mean me. I am I am certain After I've looked at just a few of the early methods, where I was reading the list of steps and everything, I would have looked at those instructions and said, yeah, no, this is too complicated. I'll just wait till Apple finally releases a snake game. But if you were more comfortable with code, and there are plenty of people who are, then it was totally doable. Some of the hackers would release instructions on how they managed to crack Apple's code. Others would just show proof that they had done it, like they would show the results, but they wouldn't explain how they did it. They would keep the method secret and that would, in their minds, hopefully prevent Apple from patching that vulnerability so quickly. Now, some hackers would go so far as to release tools that would do the jailbreaking for the user, and that would significantly simplify things. When the group Poneage Tool released the second version of their jailbreaking tool, this time it was targeting the iPhone three G, which I guess I should remind you was the second iPhone. They also introduced a tool called City that have been developed by someone else, and I'll talk more about that after we come act from this quick break. Okay, I left off with Sidia. Sidia is spelled c Y d I A and it served a few different purposes. For one thing, it was a facilitator for jail breaking, so it made it easier for users to jail break devices. But for another, it was a kind of forbidden app store. Uh. It was a way to find apps that were not covered in Apple's official app store, and it would allow you to download them. Actually, technically, Sidia came out before Apple had launched its App store, so for a while, if you wanted to download apps to your iPhone, the only way to do it was through Cidia or to hunt around in different hacker forms and find them yourself. But Sidia made that process much easier. So yeah, Sidia predated the iPhone app store by a short while, not like, not like by a significant amount, but by a month or so. And then Apple opened up its app store and had its quote unquote official approach where developers had to submit through Apple's process in order to get approved and have their app carried in the store. Now City was the brainchild of a hacker named Jay Freeman who used the handle Saric s A U r I K. He introduced Citia around two thousand eighth But, like I said, before the app store launched and Another hacker named George Hots a k A. Geo Hots or Geo Hot was unlocking in jail breaking phones too. He had first become known for not just software hacks, but actually opening up the original iPhone and changing the circuitry slightly. Uh. He did that using an eyeglasses screwdriver, a guitar pick, and a soldering iron, which meant that he could switch over the iPhone so that he would not have to use a T and T. He he switched it so you could use any simcard, and he was using a T Mobile simcards, so he could use the original iPhone on the T Mobile network, which was kind of a neat hack and it was something that a lot of people also ended up being interested in learning how to do. Another important tool in the early days of jailbreaking was jailbreak Meat two point oh. So there was the second version, obviously second full version of this tool, and it debuted a few years after the iPhone had come out. But this was a web based tool and that really simplified thinks. So to use it, all you would have to do is take your iPhone, use Safari. You would visit a specific website that hosted the jailbreak meat tool. There'd be a little button on your screen you click on that. Actually, you would technically swipe to unlock, and the site would handle the rest. It would initiate the process that would jail break your phone within a few minutes, and you would have administrator level access to your file system. And Apple took all jailbreaking attempts seriously, but jailbreak me two point oh was particularly vital for Apple to tackle because for the first time, users who had no real tech savvy in them could take advantage of a jailbreaking tool, which meant Apple could technically lose its tight grip on its carefully designed ecosystem. Now anyone could jail break their phone if they wanted to. So the company pushed out a security update pretty quickly that made the jail break me two point oh attack ineffective. But then we just go back to that seesaw approach. Apple would also try to use the law as a way to discourage jail breaking. Uh. The company argued that jail breaking violated copyright law, but the courts ruled the jailbreaking wasn't illegal and it might violate the end user license agree amant or you LA but you LA's aren't quite the same thing as legal documents, despite how companies often treat them as such. So jailbreaking is not illegal necessarily. I guess it depends on where you are. In the United States, it's not illegal, But jailbreaking has sort of had a decline now. This is mostly because Apple really pushes out updates pretty quickly these days, so the exploits don't remain viable for very long. So if you publish that you've found a way to jail break a phone, then the timer is on right because Apple researchers are going to be struggling to find a way to patch those vulnerabilities. But there are still people out there who are working on effectively jailbreaking iPhones, and some of them are white hat hackers. So these are people who are looking for vulnerabilities so that they can tell Apple and Apple can then patch those holes and keep the system protected. Some of them are, you know, either working for Apple directly or contracted with Apple. Some people are just claiming bug bounties. This is when a company offers up a reward if someone finds a vulnerability in their products. So you might come forward and say, hey, I found this vulnerability. Here's what I did. Here's the vulnerability. And then in return, the company says, thank you, here is a bucket full of cash because you just saved us untold amounts of money by pointing out this vulnerability. And then you have some black hat hackers out there who might be trying to jail break iPhones on behalf of an organization or a company or a government that would really like to be able to exploit the Apple user base. Of the NSO group out of Israel comes to mind here. That is a company that was looking to exploit a vulnerability within the iPhone ecosystem that it could then sell as a product to customers. Those customers typically were authoritarian governments. So not great. But one of the big reasons to jail break might end up not being, you know, important, It might be moot before much longer. Because we've recently seen court systems around the world push back against companies like Apple and arguing that the walled garden approach is inherently anti competitive and that companies should allow customers to use alternatives to the company store as it were now. If those policies become law, then companies like Apple will be legally bound, at least in some regions, to allow users to access other app stores besides the official one. Now, that's one of the big reasons Apple has been putting up such a tough legal battle recently to resist this trend, because alternatives would mean Apple would be potentially left out of that lucrative revenue loop that it currently occupies. Developers could potentially use alternatives to Apple's payments service, and Apple would no longer get automatic cut out of an app purchases. Okay, quick recap. When we're talking about jail breaking, we're really getting into the ethos of what it is to be a classic hacker. And the classical hacker is not necessarily interested in profiting off the system or stealing information or stealing money or anything like that. They're more interested in learning how stuff works and how they might be able to get stuff to do something other than what it was designed to do. They love the learning process and the sense of achievement they get when they figure out the system or how to make it do something unexpected. They are not necessarily malicious, though they often can be mischievous, and hackers frequently feel that any computer platform should be open to run any software that it's capable of running. So, in other words, systems should not be well hold off and locked away. So if a hacker buys a smartphone, the hacker probably wants to be able to load anything they want onto that phone without any restrictions. And it really comes down to control. Does the company that made the product control what you can do on it or does the owner who purchased the device have that control? And hackers typically think it should be the second camp. Apple feels the opposite. Now, finally, should you jail break your device? Well, I would actually advise against it unless you really know what you're doing. While jailbroken devices can frequently do lots of stuff that the bog standard version cannot do. Like there are people who jail broke their iPhones and were able to access things that the iPhone wouldn't be able to do for ages, like copy and paste, which is such a basic thing. And you think, well, you mean iPhones at one point didn't have copy paste. Yeah, once upon a time they didn't, and people complained about it, and the only people who were using copy and paste on iPhones were the hackers who had jailbroken their devices. However, even though you might be able to do stuff like that. It comes with a lot of risks. You might find your device has been bricked, or it might have been compromised by malware if you downloaded an app and it turns out it was hosting malicious code. So Apple was not lying when the company said that jailbreaking isn't safe. It is not safe. Now, if you know what you're doing, you can navigate jail breaking without it running, you know, into too much trouble. That is possible, but your return on investment might be pretty low these days. Still, the hackers out there who feel the circuitry they own should be able to do whatever it technically is capable of doing, that might be enough. Okay, that's it for this tech stuff tidbits on jail breaking. Thank you so much for that suggestion. I really appreciate it. That again was from Way Too Cold Mike on Twitter. Thanks again. If you have suggestions for topics I should cover on future episodes of Text Stuff, please reach out to me. The handle is text stuff HSW on Twitter, and I'll talk to you again really soon. Text Stuff is an I Heart Radio production. For more podcasts from My Heart Radio, visit the I heart radio, app, Apple podcasts, or wherever you listen to your favorite shows.

Welcome to Tech Stuff, a production from I Heart Radio. Hey therein Welcome to Tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio. And how the tech are you? So it's time for a tech stuff tidbits. I think this is probably gonna be pretty long for tidbits, but let's just go with that. And I got a message from way to Cold Mike on Twitter asking for an episode about jail breaking, which is a term I've not heard in quite some time, but back in two thousand seven it really started to gain traction. And of course we're not talking about breaking someone out of a literal jail. Now, we're talking about using vulnerabilities to break down the walls of an otherwise walled garden. So first, let's set the stage. Let's say that you are in charge of a tech company that produces a smartphone, and part of your revenue comes from phone sales. Right, you produce phones, they go to retailers. The retailers seldom to customers. That's your revenue stream. However, you've also figured out a way to increase your revenue by keeping a tight control on what can and cannot be loaded onto your smartphone, so you're acting as a kind of gatekeeper. UH. You might also be acting as a payment processing service, so you are in charge of determining what users can download to your smartphone. UH. And anything that uses in app purchases has to go through your payment processing system, so you can take a cut of all those transactions. And yes, I am describing Apple here, but a lot of companies do similar things. So this is all about creating an ecosystem and then controlling as much of that ecosystem as you possibly can in Now, this does not always work, of course. For one thing, people have to want to be part of that ecosystem in the first place. Right if no one likes your product or thinks it's interesting, no one's going to buy into it. And then it doesn't matter if you control everything, because no one's entering into your ecosystem in the first place. But we have seen this time and again from tech companies, particularly those that sell hardware, because if all you do is sell hardware, well, then you only make money if folks are buying your stuff. And if your stuff lasts, you know, at least a couple of years, it might mean that you have some pretty rough cycles like sales cycles, like if everyone is convinced to buy your product right out of the gate, Yeah, that's gonna be great for you in the short term, but then a year later, maybe no one's buying a new stuff because you know, the old thing still works great. So this can really kind of lock you into a a huff revenue cycle where you have big ups and downs. That's not great for shareholders if you have to be a publicly traded companies. So if you pair your hardware with some kind of service, you can continue to charge customers over and over over, you know, however long they remain a customer. And we see this with printers and toner cartridges, with famous examples being printers that can detect whether or not the cartridge you've inserted is an official one from that company or a third party knockoff, and if it's a third party knockoff, it might just not allow that to happen, like it'll lock the printer down. We've seen this with coffee makers. Curig famously tried to fight off attempts from other companies to create pods that were compatible with curing coffee machines. Curi just wanted you to go through the curing system, and we've see it in the right to repair movement with company. He's like John Deere trying to force farmers to you know, lug their expensive farming equipment to a license John Dear repair shop rather than be able to do any maintenance themselves or with a mechanic that they like to work with. All of these concepts are related to this idea of locking customers into a model where they keep on paying to be part of this ecosystem. All right, So let's go back to two thousand and seven. That's the year that Apple introduced the iPhone, and you may owe Ma Drew Gees have forgotten what that was like. Things changing so scoring nowadays and people quick to forget. Just give me a shout out if you actually get that reference and text stuff hsw on Twitter is the way to do that. But when Apple first launched the iPhone, it was before there was an app store. In fact, the iPhone app store launched just a hair longer than a year after the original iPhone debut, So the original iPhone owners went more than a year if they bought it on day one, they went more than a year without any kind of App Store, no way to add stuff to your phone. And it's not that the phone couldn't support apps. It totally could, and in fact it came standard with several Apple provided apps pre installed. But Apple was building out the back end of that ecosystem, the process by which app developers would submit applications for Apple to consider to include into the app store, and sometimes Apple did, sometimes it didn't, and those early days in particular, it was a pretty opaque process. There were times where developers would get a rejection and not really understand why they were rejected, especially if a very similar app would then get accepted into the app Store. So they were confusing days back then, and again that was a year after the phone had actually launched. And you see, Apple wanted and actually still wants, to control what sort of stuff could appear on the iPhone, which, when you really break it down, is just a small portable computer that happens to be combined with a phone, and computers are designed to run software. But Steve Jobs, the co founder of Apple, had long maintained a desire to restrict what sort of stuff could run on his company's hardware, and there are a lot of different reasons for this. One of those reasons is just a desire for quality control. If you take care to make sure that only approved apps are allowed on your device, you can sidestep a lot of the problems that can come about when junk software hits a platform. If we think back to the early nineteen eighties, we can remember the issues with video game consoles and how a flood of really crappy games contributed to an overall decline in popularity of consoles like the Attar, and ultimately the video game industry as a hole in the United States at least, crashed in Now, I'm not saying that crappy games caused the crash, but they were a contributing factor to it. So that's one thing you don't want to have your platform flooded with junk. But another reason is security. Computers run on code, and if you are clever, you might figure out code that can exploit a computer in some way. Now, when you're talking about a computer that's also connected to a phone or a WiFi network, exploits can go beyond affecting just a single device, and we've seen exactly what can happen with big stories like the Israeli company N s O Group and the Pegasus product that that company produces. Pegasus leverage the flaw on Apple's Eye Message that would allow someone to gain remote access to another person's phone. All it would take is for the attacker to send a message to their target through I Message, So you just had to have the target's phone number, and you just sent the the attack through I message, and the target wouldn't even have to click on a link or anything. So this was a zero click attack, and it would turn the target's phone effectively into a surveillance device like the the attacker could activate the camera or the microphone, or just you know, scroll through all the stuff that that person had been doing on that phone. And this is the kind of stuff that Apple would rather not happen for obvious reasons. And then there's the potential for revenue. If you've got the final say on what can and cannot go onto your platform, and if your platform is really popular, then you can pretty much dictate terms to app developers. You have all the leverage the developers want their apps to get in front of as many people as possible. If the people happen to really love your product, well that means the app developers are going to want to develop for you, even if you happen to put a whole bunch of whops in front of them that they have to jump through in the process. And Steve Jobs was a brilliant salesman. When he first announced the iPhone back in early two thousand seven, six months before the product would actually release, he had that audience eating out of his hand. He highlighted some pretty cool features that are standard in smartphones today, but they're really innovative. Back in early two thousand seven and before two thousand seven, smartphones were mostly clunky and utilitarian, mostly the stuff that busy executives carried so that they could stay connected to their calendars and email or you know us as a status symbol so that other executives would know how executive they were. That's some commentary there. But the iPhone was different. It was sexy, It seemed futuristic and cool, and even as a brand new product, a lot of people wanted it. In the United States, initially you could only get an iPhone if you got it on a T and T. It was the only carrier that could carry the iPhone initially in the United States, Apple and a T and T had an exclusive deal that was to last a couple of years here in the US. But even with that restriction, a lot of people wanted in, but some people wanted a little bit more. I'll explain when we come back after this quick break. So, as I was saying, there were some iPhone enthusiasts who thought the platform was awesome, but they were not satisfied with the iPhone as it launched. They knew that as a computer, you should be able to load stuff onto it, programs, apps, in other words, and the iPhone lacked certain features that most cell phones already had, including a game. There was no game on the original iPhone at all. You could go out and buy a candy bar cell phone or a flip phone, not a smartphone, just a self own and you would get Snake on it at least, or Hangman or something. But the iPhone didn't even have that. But what if you could load programs onto the iPhone? While obviously Apple did not want people to be able to do that, the company was creating the framework so that it would have this full control of that ecosystem. But in the meantime, hackers were prodding the iPhones programming and finding ways around the operating system's walled garden, and the goal was to create a way in which the user could load unauthorized apps onto their iPhone. On a technical level, what the hackers wanted to do was get administrative level access to the file systems of the iPhones operating system or iOS. That is what jail breaking is. It is dismantling or overcoming the restrictions placed on a piece of tech so that you can load whatever you want onto it and change it in whichever way you want. And in the early days the iPhone, it also meant you could potentially use an iPhone with a different carrier than whatever Apple's official partner was in that region. This is more frequently referred to as unlocking, so it's related to, but slightly different from, jail breaking. Sometimes the jail breaking process would allow you to unlock your phone, but they weren't necessarily always together. And while the term jailbreaking can apply to any walled garden ecosystem, more often than not you would encounter it in terms of Apple and specifically the iPhone and to a lesser extent, the iPad and the and the iPod Touch. I almost totally forgot what the iPod Touch was called, because it's been so long since I've seen an iPod and I think a big part of the reason why we associate this mostly with Apple is that Google, unlike Apple, when when they launched their Android phone the following year, Google decided to give users the option to load apps outside of the official Google App Store. Now that's called sideloading. So you're heading off to the side to load an app onto a device. You're not going through the official you know, Android Store, and sometimes you need to do that just for the purposes of developing an app. Right, So let's say that you are a developer. You're creating an app. The app is not ready for full rollout, so you're not gonna submit it to the app Store yet, but it's beyond the initial development phase and you want to run a beta test to make sure that the app is doing what it's supposed to do. So maybe you contact a relatively small number of folks to participate in the beta and they sideload the app. You send them like a direct link to where they can download the app and they can do that. Then you test out the app, You work out what the bugs are if there are any you're find it, and then once it's ready, then you can submit it to the official store. That happens a lot, but it does require that your testers have to go into their settings and allow it does. By default, you are not allowed to sideload apps, but you can change that feature and Android. And then there are some developers who just create apps that either they never submit to the App Store or maybe the apps got rejected for some reason, and in these cases, sideloading is really the only way users can access those applications. Google's message was, hey, y'all, this is risky, but you're all adults, so we're not gonna stop you from doing this, but we do want you to understand that it comes with potential consequences. You need to know that. So Google was saying that sideloading could lead to trouble, such as you know, you could end up installing malware on your Android device, and that does happen. But if you wanted the freedom it was yours to have, you just had to change a couple of settings on your phone. Apple, by contrast, said, the world out there is a scary place. There are bad people who will do bad things to your phone. And so we shall protect you because you do not know better. Trust in us. We know what you want before you do. Do not worry what lies outside the official app store, for nothing out there is worth your time, or something like that. I might be paraphrasing anyway, a lot of the hacker crowd felt that Apple's approach was very patronizing and very Ivory tower ish. And you know, hackers aren't super crazy about companies telling them what they can't do with their stuff. That pretty much goes directly against the hacker ethos. So you might wonder how long did it take before someone found a way around Apple's iOS protections that would allow you to install a new app on the iPhone? And the answer is eleven days approximately, So about a week and a half after the first iPhone launched, hackers created a way to bypass the walled garden. Uh one group of hackers that did this in that I'm of time, we're cheekily referring to themselves as the iPhone dev team, And initially they showed that through their process they could install custom ringtones and custom wallpapers on the iPhone, which is, you know, pretty small stuff, but a step something that you could not do if you just had an out of the box standard iPhone. Now there's no real point in going into how they did this because it gets extremely technical. Like some of the jail breaking processes for various iOS versions would be more than a hundred steps for you to complete in order to achieve the goal of jail breaking the phone. So it would be pointless for me to go through all of those. It would be meaningless for most of us, including me. I'm not I don't need to talk down to anyone. I would not understand what I was saying. I would just be reciting something. It would be as if I were saying something in a totally different language. And also, most of all that is a ale of it now, because you know, we're we're talking about a process that we see in all forms across data security, which is you get this see saw effect. So one moment, the hackers have figured out how to exploit a system, so the seesaw goes in their direction. The next moment, whatever company is behind the system ends up pushing out an update that addresses that vulnerability see sauce switches. Then the hackers get to work trying to crack that system. Switches again, and so on, and this back and forth just keeps on going. Pretty much, it will keep on going until whatever the company is it's making the thing stops making the thing. Um And of course some iOS updates would end up taking longer to crack than others. I believe that IO S fourteen, which is the most recent version, took the longest amount of time to crack if we ignore stuff like Apple TV, which took even longer. But I'm mostly focusing on iPhones here, and Apple tried to go a little bit scorched earth with their early response to to jail breaking. So the company aimed to brick phones that had been altered. First, it sent on a message that said, hey, you don't want to jail break your phone because it could affect its functionality and it could make it not function in the future. And then the company, our outright went out to try and make that happen by detecting and then breaking a phone that had been altered. And breaking means that the company essentially cuts off all functionality to the device and they render it no more useful than a brick. And actually you could argue it's less useful than a brick, because I don't know if you've tried to build afford with iPhones, but they are not stable. Hackers would release tools that would allow users to jail break their phones and then continue to update two newer versions of the iOS without having their phones get bricked in the process. US for some of those early ones, but again, this was constantly a seesaw. Apple would see how the hackers would respond and change their approach, and then the hackers would do the same. Now, the point that the hackers were aiming for was always the same. Their goal was always the same, which was to get that administrative access over the file system. Now, the method to do that would change depending upon what protections were in place, So again there's not much point in going through any of them in great detail because they would only be relevant to a specific iteration of iOS. Now, the very early jail break methodologies we're pretty obtuse if you were not technically savvy, chances are it would be two in the weeds for you to manage. And when I say you, I also mean me. I am I am certain After I've looked at just a few of the early methods, where I was reading the list of steps and everything, I would have looked at those instructions and said, yeah, no, this is too complicated. I'll just wait till Apple finally releases a snake game. But if you were more comfortable with code, and there are plenty of people who are, then it was totally doable. Some of the hackers would release instructions on how they managed to crack Apple's code. Others would just show proof that they had done it, like they would show the results, but they wouldn't explain how they did it. They would keep the method secret and that would, in their minds, hopefully prevent Apple from patching that vulnerability so quickly. Now, some hackers would go so far as to release tools that would do the jailbreaking for the user, and that would significantly simplify things. When the group Poneage Tool released the second version of their jailbreaking tool, this time it was targeting the iPhone three G, which I guess I should remind you was the second iPhone. They also introduced a tool called City that have been developed by someone else, and I'll talk more about that after we come act from this quick break. Okay, I left off with Sidia. Sidia is spelled c Y d I A and it served a few different purposes. For one thing, it was a facilitator for jail breaking, so it made it easier for users to jail break devices. But for another, it was a kind of forbidden app store. Uh. It was a way to find apps that were not covered in Apple's official app store, and it would allow you to download them. Actually, technically, Sidia came out before Apple had launched its App store, so for a while, if you wanted to download apps to your iPhone, the only way to do it was through Cidia or to hunt around in different hacker forms and find them yourself. But Sidia made that process much easier. So yeah, Sidia predated the iPhone app store by a short while, not like, not like by a significant amount, but by a month or so. And then Apple opened up its app store and had its quote unquote official approach where developers had to submit through Apple's process in order to get approved and have their app carried in the store. Now City was the brainchild of a hacker named Jay Freeman who used the handle Saric s A U r I K. He introduced Citia around two thousand eighth But, like I said, before the app store launched and Another hacker named George Hots a k A. Geo Hots or Geo Hot was unlocking in jail breaking phones too. He had first become known for not just software hacks, but actually opening up the original iPhone and changing the circuitry slightly. Uh. He did that using an eyeglasses screwdriver, a guitar pick, and a soldering iron, which meant that he could switch over the iPhone so that he would not have to use a T and T. He he switched it so you could use any simcard, and he was using a T Mobile simcards, so he could use the original iPhone on the T Mobile network, which was kind of a neat hack and it was something that a lot of people also ended up being interested in learning how to do. Another important tool in the early days of jailbreaking was jailbreak Meat two point oh. So there was the second version, obviously second full version of this tool, and it debuted a few years after the iPhone had come out. But this was a web based tool and that really simplified thinks. So to use it, all you would have to do is take your iPhone, use Safari. You would visit a specific website that hosted the jailbreak meat tool. There'd be a little button on your screen you click on that. Actually, you would technically swipe to unlock, and the site would handle the rest. It would initiate the process that would jail break your phone within a few minutes, and you would have administrator level access to your file system. And Apple took all jailbreaking attempts seriously, but jailbreak me two point oh was particularly vital for Apple to tackle because for the first time, users who had no real tech savvy in them could take advantage of a jailbreaking tool, which meant Apple could technically lose its tight grip on its carefully designed ecosystem. Now anyone could jail break their phone if they wanted to. So the company pushed out a security update pretty quickly that made the jail break me two point oh attack ineffective. But then we just go back to that seesaw approach. Apple would also try to use the law as a way to discourage jail breaking. Uh. The company argued that jail breaking violated copyright law, but the courts ruled the jailbreaking wasn't illegal and it might violate the end user license agree amant or you LA but you LA's aren't quite the same thing as legal documents, despite how companies often treat them as such. So jailbreaking is not illegal necessarily. I guess it depends on where you are. In the United States, it's not illegal, But jailbreaking has sort of had a decline now. This is mostly because Apple really pushes out updates pretty quickly these days, so the exploits don't remain viable for very long. So if you publish that you've found a way to jail break a phone, then the timer is on right because Apple researchers are going to be struggling to find a way to patch those vulnerabilities. But there are still people out there who are working on effectively jailbreaking iPhones, and some of them are white hat hackers. So these are people who are looking for vulnerabilities so that they can tell Apple and Apple can then patch those holes and keep the system protected. Some of them are, you know, either working for Apple directly or contracted with Apple. Some people are just claiming bug bounties. This is when a company offers up a reward if someone finds a vulnerability in their products. So you might come forward and say, hey, I found this vulnerability. Here's what I did. Here's the vulnerability. And then in return, the company says, thank you, here is a bucket full of cash because you just saved us untold amounts of money by pointing out this vulnerability. And then you have some black hat hackers out there who might be trying to jail break iPhones on behalf of an organization or a company or a government that would really like to be able to exploit the Apple user base. Of the NSO group out of Israel comes to mind here. That is a company that was looking to exploit a vulnerability within the iPhone ecosystem that it could then sell as a product to customers. Those customers typically were authoritarian governments. So not great. But one of the big reasons to jail break might end up not being, you know, important, It might be moot before much longer. Because we've recently seen court systems around the world push back against companies like Apple and arguing that the walled garden approach is inherently anti competitive and that companies should allow customers to use alternatives to the company store as it were now. If those policies become law, then companies like Apple will be legally bound, at least in some regions, to allow users to access other app stores besides the official one. Now, that's one of the big reasons Apple has been putting up such a tough legal battle recently to resist this trend, because alternatives would mean Apple would be potentially left out of that lucrative revenue loop that it currently occupies. Developers could potentially use alternatives to Apple's payments service, and Apple would no longer get automatic cut out of an app purchases. Okay, quick recap. When we're talking about jail breaking, we're really getting into the ethos of what it is to be a classic hacker. And the classical hacker is not necessarily interested in profiting off the system or stealing information or stealing money or anything like that. They're more interested in learning how stuff works and how they might be able to get stuff to do something other than what it was designed to do. They love the learning process and the sense of achievement they get when they figure out the system or how to make it do something unexpected. They are not necessarily malicious, though they often can be mischievous, and hackers frequently feel that any computer platform should be open to run any software that it's capable of running. So, in other words, systems should not be well hold off and locked away. So if a hacker buys a smartphone, the hacker probably wants to be able to load anything they want onto that phone without any restrictions. And it really comes down to control. Does the company that made the product control what you can do on it or does the owner who purchased the device have that control? And hackers typically think it should be the second camp. Apple feels the opposite. Now, finally, should you jail break your device? Well, I would actually advise against it unless you really know what you're doing. While jailbroken devices can frequently do lots of stuff that the bog standard version cannot do. Like there are people who jail broke their iPhones and were able to access things that the iPhone wouldn't be able to do for ages, like copy and paste, which is such a basic thing. And you think, well, you mean iPhones at one point didn't have copy paste. Yeah, once upon a time they didn't, and people complained about it, and the only people who were using copy and paste on iPhones were the hackers who had jailbroken their devices. However, even though you might be able to do stuff like that. It comes with a lot of risks. You might find your device has been bricked, or it might have been compromised by malware if you downloaded an app and it turns out it was hosting malicious code. So Apple was not lying when the company said that jailbreaking isn't safe. It is not safe. Now, if you know what you're doing, you can navigate jail breaking without it running, you know, into too much trouble. That is possible, but your return on investment might be pretty low these days. Still, the hackers out there who feel the circuitry they own should be able to do whatever it technically is capable of doing, that might be enough. Okay, that's it for this tech stuff tidbits on jail breaking. Thank you so much for that suggestion. I really appreciate it. That again was from Way Too Cold Mike on Twitter. Thanks again. If you have suggestions for topics I should cover on future episodes of Text Stuff, please reach out to me. The handle is text stuff HSW on Twitter, and I'll talk to you again really soon. Text Stuff is an I Heart Radio production. For more podcasts from My Heart Radio, visit the I heart radio, app, Apple podcasts, or wherever you listen to your favorite shows.