How to jailbreak iOS 8.1.1

There's a new jailbreak in town. Screenshot: Cult of Mac

Here’s how the game of iOS cat-and-mouse jailbreak works. A team releases a working jailbreak for the most recent version of iOS to the public. Apple moves to eliminate the exploit that made the last jailbreak possible, releases a new version of iOS, and stops ‘signing’ previous jailbreakable versions of iOS, meaning they can no longer be installed on devices. Rinse and repeat.

The last version of iOS, iOS 8.1.1, closed the hole that made the Pangu jailbreak possible. But now a new jailbreak has been released, that will jailbreak iOS 8.1.1 on any device. Here’s how to install it.

The jailbreak is called TaiG. It’s in Chinese, and it only works on Windows (although running it in a Windows virtual machine also works fine), but it jailbreaks every version of iOS from iOS 8.0 to iOS 8.1.1, and it works like a charm.

To install the jailbreak, download the TaiG tool, extract its contents, and run the tool as an administrator. For the device you intend to jailbreak, turn off ‘Find My iPhone’ and disable your passcode under ‘Settings’, then enable AirPlane mode. Plug your device into your computer, and when TaiG recognizes your device, uncheck the second box (the one that doesn’t say Cydia) and hit the green button. When you see the smiley face, your jailbreak is done!

I tried it, and it worked quite well. Of course, with Apple still signing iOS 8.1, it seems a little odd that a perfectly good jailbreak technique would be squandered on iOS 8.1.1 when it could have been held back for iOS 8.2. But I suppose we shouldn’t look a gift horse in the mouth.

Apple credits Pangu jailbreakers for helping make iOS 8.1.1 even more secure.

Photo: Ste Smith/Cult of Mac

The only time Apple publicly acknowledges the jailbreak community is when, semi-tauntingly, it lists the people responsible for finding and exploiting vulnerabilities in iOS that have now been patched.

In the aftermath of its just-released iOS 8.1.1 update, Apple adds a mention to its security logs of the China-based PanguTeam, who discovered three vulnerabilities fixed in the latest update of Apple’s mobile OS.

One vulnerability relates to a state management issue in the handling of Mach-O executable files with overlapping segments. Another concerns a validation issue in the handling of certain metadata fields, and a third concerns a permissions issue with the iOS debugging functionality, which allowed the spawning of applications.

All three vulnerabilities have now been patched.

Pangu’s iOS 8 jailbreak arrived shortly following the debut of iOS 8.1. Not long after, the jailbreak was given the stamp of approval from Cydia, the jailbreak version of the App Store. It has also been made available on Mac, having been Windows-only before then. The whole process takes around five minutes to complete, although it is no longer available to anyone who has upgraded to iOS 8.1.1.

Apple has previously credited the evad3rs jailbreak team with helping it to discover weaknesses in iOS that have been fixed in updates.

And so Cupertino’s cat-and-mouse game with the jailbreak community continues…