WARNING WARNING — ultrasn0w users don’t update yet! See a few paragraphs down!
The 4.3.1 untether exploit comes courtesy of Stefan Esser (@i0n1c on twitter), a security researcher based in Germany. Stefan has a long history of vulnerability research, and ironically his first contribution to the iPhone jailbreak community was improved security — last year he beat Apple to the punch and implemented ASLR for jailbroken iPhones with his “antid0te” framework. We’re happy to see that Stefan then turned his iPhone attention over to an untethered jailbreak exploit!
The 4.3.1 untether works on all devices that actually support 4.3.1 except for the iPad2:
iPhone3GS
iPhone4 (GSM)
iPod touch 3G
iPod touch 4G
iPad1
AppleTV 2G (PwnageTool only for now)
The reason the untether won’t work as-is on the iPad2 is that it requires a bootrom or iBoot-level exploit to install, and the iPad2 is not susceptible to either the limera1n or SHAtter bootrom exploits.
WARNING WARNING — ultrasn0w users don’t update yet! We need to first release an update to ultrasn0w that fixes some incompatibilities when FW 4.3.1 is used on the older basebands supported by ultrasn0w. And remember once we do fix ultrasn0w for 4.3.1 (we’ll announce it here and on twitter), you must only get there via a custom IPSW from PwnageTool, Sn0wbreeze or xpwn! Don’t ever try to restore or update to a stock IPSW, or you’ll lose the unlock!
For everyone else, redsn0w is the easier program to use (and redsn0w runs on both Mac and Windows).
DOWNLOAD section:
For MAC users:
http://www.mediafire.com/?vv5jvmcpiyrr2p6
For Win users:
http://www.mediafire.com/?a891j0muajd4550
HOW TO:
NOTE: the process is identical on both Mac OSX and Windows, and also identical with previous redsn0w releases. The images used in this tutorial are from previous redsn0w tutorial, so do not be alarmed.
1. Restore your device with a stock iOS 4.2.1 firmware. ( again, by doing this you will loose the ability to unlock!!!)
2. Run redsn0w, and click on browse. Browse for the stock iOS 4.2.1 and open it
3. Wait for redsn0w to recognize it and click ‘Next’
4. On the next screen select what you want to be installed on your iOS device(s). By default, Cydia and ‘enable battery percentage’ is selected. I suggest you deselect battery percentage and everything else, and just install Cydia. This will improve ( a bit ) the overall speed of your device – if you are on a iPhone 3G. If you choose to “Enable battery percentage”, you actually toggle that off and on via Settings->General->Usage.
IF you only need to restore with a custom firmware, deselect everything, and select only “Just enter pwned DFU mode right now”
5. redsn0w will ask you to turn your device off. If it’s not already off, plug it in FIRST and then turn it off. Click next to continue
6. Now, you will need to put your device in DFU mode. Follow the instructions on the screen.
7. Wait a few seconds for redsn0w to do its thing, and you are done. You can close redsn0w because everything else it’s happening directly on the device.
NOTE: Any Windows users seeing “Waiting for reboot” for too long (more than 20 seconds or so), please try “shaking” the JB process by unplugging then replugging your USB cable (while letting redsn0w continue to run). Also, try using a USB port “closer” to your computer (as opposed to on your monitor or behind another hub).