How To: Install and Jailbreak iOS 5 Beta 6 On Your iDevice Without a Developer Account

The latest rendition of the popular mobile operating system for Apple devices, iOS 5, has received its sixth beta update since it was originally released to developers back in June. Apple has kept a stronghold on iOS 5 by only offering it to registered iOS developers, and therefore the general public will have to wait until the final version of iOS 5 is released. But, as with almost every iOS release, iOS 5 Beta 6 was jailbroken just one day later by jailbreak developer iH8sn0w and it sneaks past Apple’s stronghold thus allowing anyone to install iOS 5 on their iDevice.

Read Before You Begin

• The way Apple can detect if users are registered iOS developers is by verifying device UDIDs (Unique Device Identifier) against registered developers’ UDIDs. If you’re not in their registered UDID database, you’re not going to be able to install iOS 5. Fortunately, iH8sn0w added the ability to remove UDID verification within sn0wbreeze allowing anyone to install iOS 5 on any supported iDevice.

• For the iPhone/iPad unlockers out there, sn0wbreeze gives you the option to hacktivate while automatically preserving your current baseband. Hacktivating is the process of activating your iDevice with an unofficial (not AT&T or Verizon) SIM card. Your baseband is the modem firmware that allows your iDevice to communicate with carrier cell towers. All unlocked phones have a modified baseband to allow data exchange on unofficial cellular networks.

• Another important thing to note is this jailbreak is tethered unless you’re using an iPhone 3GS with the old bootrom (more about that later). This means you will not be able to restart your iDevice without connecting it to a computer and running a program. In this case, that program you have to run is called iBooty (more on that later, too!).

• This should go without saying, but I’ll say it anyways: iOS 5 Beta 6 is not 100% stable. I highly recommend not installing it on a device you solely rely on or you may find yourself frustrated and angry at me. That’s not something you or I want, right?

• Lastly, before wasting anyone’s time, this jailbreak is not compatible with the iPad 2 due to bootrom restrictions.

Requirements

sn0wbreeze only runs on Windows machines. For that reason, you will only see Windows-compatible files to download below. If you’re running OS X, I suggest reading on how to jailbreak iOS 5 beta 6 with redsn0w 0.9.8b6. However, redsn0w does not remove the UDID verification process, so you must be a registered developer to use it.

Downloads

I suggest placing all these files into one folder for easier navigation later on. Then unzip both sn0wbreeze-v2.8b6.zip and tinyumbrella-5.00.09.zip files.

How To Jailbreak iOS 5 Beta 6

Before you begin, it’s important that you sync your iDevice with iTunes to create a recent backup to restore to later.

One

Install iTunes 10.5 Beta 6. You can install this over your current iTunes installation and it will preserve all your media and preferences. You may need to restart your computer after installing iTunes.

Two

It’s always a good idea to set sn0wbreeze to Windows XP Service Pack 3 compatibility mode and to run as administrator before opening it. Right click on your copy of sn0wbreeze-v2.8b6.exe and choose Properties. Check off the two boxes next to “Run this program in compatibility mode for:” and “Run this program as an administrator”.

Three

Make sure your iDevice is on and is plugged into your computer via its USB cable, and then open sn0wbreeze. The first dialog box you’ll see states that you should not have paid to download sn0wbreeze. Since you downloaded it from here (and I didn’t charge you anything) just click OK. The next dialog box will display credits to all the developers and designers that contributed to creating sn0wbreeze. Click past this by hitting Close Credits.

Finally you will be brought to a window displaying the version of sn0wbreeze and its intended target, iOS 5 beta 6. Click the blue box with the white arrow to begin.

Four

sn0wbreeze needs to create a custom IPSW from the original iOS 5 beta 6 IPSW you downloaded earlier. You can drag and drop the IPSW directly into sn0wbreeze or you can browse for it manually.

Five

After you choose the IPSW, sn0wbreeze will scan it to determine which iDevice model the file is intended for. As you can see below, sn0wbreeze identified my IPSW as the iPhone 3GS version. If you’re using a 3GS like myself, be sure to determine whether you’re running the old or new bootrom by selecting the Detect it for me option. Be sure that sn0wbreeze detects your appropriate iDevice, and click the blue box with the white arrow.

Six

You will be given the choice of Simple Mode and Expert Mode. Simple Mode is one-click and you’re done and adds Cydia plus other recommended files automatically. Expert Mode allows you to choose what you want installed such as a custom boot logo and the root partition size.

You can choose either one, but we’re going to choose Expert Mode for this tutorial. Select Expert Mode and click the blue box with the white arrow.

Seven

We’re going to start with the General option to enable SSH on our iDevice automatically. This will save you time from installing SSH via Cydia after jailbreaking. Select General then click the blue box with the white arrow. By default, Remove UDID Check/Beta Timer is selected. It’s important that you do not uncheck that.

Now select Install SSH and press OK to the dialog box warning you to change your root password after jailbreaking (side note: follow my instructions to changing your root and mobile password when done with this tutorial). You can also change the root partition size here, but the default of 1500 MB should be more than enough. Click the blue box with the white arrow when you’re done.

Eight

Now you’ll be able to download any packages that you would normally obtain from Cydia. You can search for packages and manage sources just like you can inside Cydia on your iDevice. I’ll be selecting Installous from the Hacklous repo. Browse or search for the packages you’d like to install under Download Packages, highlight and download them, and they’ll be under Select Packages when you’re done. As always, click the blue box with the white arrow when you’re done selecting your packages.

Note: if you want to install any third-party packages (such as Installous) you’ll have to add the repo (such as http://cydia.hackulo.us) under the Manage Sources tab.

Nine

You’ll be brought back to the preferences panel we saw before. Now that we’ve customized our IPSW, we can go ahead and build it. Select Build IPSW and then click the blue box with the white arrow.

Ten

Now it’s time to sit back and play games… literally. This is my favorite feature of sn0wbreeze (besides, you know, jailbreaking my iPhone): while waiting for sn0wbreeze to build your custom IPSW, you’re given the option to play Pac-Man or watch a boring progress spinner. I’m not going to lie… I found myself playing Pac-Man for a few minutes while waiting. What else was I going to do? Finish writing this tutorial? Hah!

Warning: if you’re working on anything important, you might find yourself procrastinating with Pac-Man.

Eleven

You will be booted from playing Pac-Man (sorry) when you’re custom IPSW is done being built. Click OK to start restoring your iDevice with the custom IPSW.

Twelve

Make sure your iDevice is plugged into your computer. As sn0wbreeze says, turn it off your iDevice and click Start below to start the process of putting your iDevice into DFU mode. Follow the directions that sn0wbreeze displays to be put into DFU mode.

Thirteen

Your iDevice will appear to be off now (read: black screen), but it’s in an idle DFU mode.

Fourteen (optional)

Before we start we need to patch your computer from communicating with Apple’s verification servers using TinyUmbrella. Do not open iTunes at this point. Instead, open TinyUmbrella and click the Advanced tab. Uncheck Set Hosts to Cydia on Exit and restart TinyUmbrella. Then click the Start TSS Server button. Leave this running during the next few steps.

The reason this step is optional is because it’s a safety precaution. I haven’t read anywhere that you must block your computer from communicating with Apple’s verification servers, but I figure better safe than sorry.

Fifteen

We’re going to use iTunes to upload our custom IPSW. sn0wbreeze automatically places the IPSW on your desktop under the name “sn0wbreeze_iPad-5.0b6.ipsw”.

Open iTunes. It will complain that it detected an iDevice in recovery mode and that you must restore it. Just click OK. Then hold Shift on your keyboard and click Restore in iTunes. Browse for the custom IPSW that sn0wbreeze created on your desktop and click Open. iTunes will prompt you that it will erase your iDevice and verify the restore with Apple (but it won’t thanks to TinyUmbrella). Just click OK. Now we wait for iTunes to extract and install the custom IPSW onto our iDevice. Too bad we can’t play Pac-Man while we wait!

Sixteen

Your iDevice will load the custom IPSW, and you will begin to see these screens. iTunes will pop back up asking if you want to restore your backup from earlier. Select the backup you’d like to restore and click Restore.

That’s All, Folks!

Finally. You’re done. You now have the latest version (as of this writing) of iOS running on your iDevice. Now that’s an accomplishment. Remember, if you are running any iDevice except the iPhone 3GS old bootrom, your device is now tethered.

How To Boot Your iDevice With iBooty

Having your iDevice jailbroken sometimes comes at a small price especially if you’re jailbreaking a version of iOS you’re not supposed to have (unless you’re a developer). This means you will not be able to restart your iDevice without connecting it to a computer and running a program. In this case, that program you have to run is called iBooty and you’re in luck because it comes packed inside sn0wbreeze and it’s very easy to use.

You will not be able to restart your device without iBooty, so I suggest carrying it around on a flash drive with you just in case your phone requires a reboot (i.e. install/updating Cydia apps).

One

After you built your custom IPSW, sn0wbreeze automatically placed a copy of iBooty on your desktop. You can find it inside the folder called iBooty-for-5.0b6. Go ahead and double click iBooty.exe inside the folder to start the program.

Two

Select your iDevice from the dropdown menu.

Three

Follow the instructions to put your iDevice into DFU mode.

Four

iBooty should discover your iDevice in DFU mode, exploit it with limera1n, and boot your iDevice. You’re set to go!

The final release of iOS 5 should be coming soon, but with all the new features it’s hard to resist getting your hands on a copy now. Hopefully iOS 5 Beta 6 will hold you over until then. Have fun playing with the new features and don’t forget to post what you discover in the comments below!

Tweet