Exclusive Interview With Cydia Creator Jay Freeman: 'Saurik' Talks iOS 6 Evasi0n Jailbreak And An Open OS

The jailbreaking community rejoiced on Monday when a group of hackers known as Evad3rs released Evasi0n, a tool that allows users to jailbreak the newest iOS devices, including the iPhone 5, the iPad Mini and the iPad 4. There have been a few issues, but, after five months of diligent work, the Evad3rs managed to finally crack Apple’s security.

Cydia is a cornerstone for jailbreak users. An app that can only be downloaded on jailbroken devices, Cydia’s main purpose is to help users find and install software tweaks and fixes to customize iPhones to the user’s specifics. First released in Febuary 2008 by 31-year-old Jay Freeman, the Chicago native better known as Saurik throughout the jailbreaking community, Cydia first served as a way for the first iPhone users to add third-party apps to their devices (Apple prohibited any third-party apps initially). Now, the multimillion-dollar business has developed into a guiding light for jailbreak users both novice and experienced.

We spoke to Freeman about the Evasi0n jailbreak, the idea of an open operating system and the reason people jailbreak their phones at all.

What kind of Apple users jailbreak? Are they more advanced? Similarly, why do you believe in jailbreaking?

I actually don’t think it’s fair to call them “more advanced.” I think that it’s a group of people who didn’t hold on to the same dream Apple had but like some the things Apple built. I say this, because I receive a lot of emails and a lot of support requests, and I was talking to this person, and this person barely knew how to operate her computer, and they had a jailbroken phone. And they knew it was jailbroken, because they knew about all the cool things it could do. But this person actually bought a jailbroken phone off of eBay, they actually bought a phone that was already jailbroken and arrived jailbroken, and this person was so sufficiently uneducated that they thought they bought the phone from me, since my name was on one of the apps (Cydia). And I was happy to explain to her that I wasn’t that person [that sold her the phone], and I helped her out with her problems anyway.

Similarly, a lot of our users are high school students. I had a graphing calculator when I was young, and you could do cool things with that. People could trade programs, some of the people could write programs, and some of them could only run programs. But, you can’t write apps for the iPod unless you pay $99, and a lot of these kids don’t have the ability to pay that.

I’m a big advocate of the idea that you should be able to be in control of the things that you own. If you own the phone, it shouldn’t be Apple’s phone anymore -- it should be your phone. And if you would like to be able to do something to it, like change the software it’s running on entirely, you should be able to do that. And you shouldn’t have to destroy the phone [jailbreaking voids your device’s warranty] to do that, and it doesn’t destroy the phone to do that.

Even if you install Android on the phone, it doesn’t destroy the phone -- you can restore it back to iOS easily. You can do that using iTunes, in fact; it’s so easy that any users can do it. Your warranty can be voided, because you temporarily use a different piece of software, and people, for some reason, think “Oh, it makes sense! The software’s so important.” But if you try and make the same argument about a desktop computer, it sounds absurd. But a desktop computer is just like a phone. They’re both devices. And yet, there are virtually no devices, even the Google Nexus devices -- if you want to jailbreak them, you’ll have to void their warranty.

Why did this jailbreak take so long?

Apple has been getting much better at making a secure system, so they’ve been adding various defenses. One of them in particular is Address Space Layout Randomization. And in particular, they’ve added it to the kernel. The kernel is the core part of the operating system that maintains all of the devices and it has to be secure, fundamentally, or else nothing else can be secure. And they added this particular submission to the kernel so they have KASLR [Kernel Address Space Layout Randomization]. And this new update to iOS 6 has made it much more difficult to get that last step of the jailbreak, and it took a very long time to figure that out.

But, you have to have a full sequence of exploits, and you can compare this to the situation on Android. On Android, oftentimes you will be able to [take advantage] of something we call “one stupid mistake,” where somebody made one error or some other kind of security-related mistake in code, and you’re able to take that and parlay it into complete control over the operating system. In iOS, you now need to have at least four mistakes in order to get a clean jailbreak experience, and the number has gotten bigger and bigger over time, because not only has Apple solved the problem but added a system mitigated against similar exploits, such as KASLR.

What do you think about the high number of jailbreak downloads for Evasi0n?

I think it’s great.

Do you think it’s a sign that Apple users want iOS to be more open and customizable for more control over their device?

I think that’s true; I wouldn’t necessarily say that the large number of people over the last few days is an indicator of that though. I definitely believe that it’s the case. We’ve definitely had a large number of users downloading the jailbreak, but normally they’re not so anticipated or so scheduled. The week before, you knew it was coming at the end of the week, then also, a few days before, people knew what time it would coming out, so everyone was able to be there [on the site] at the exact same time. What this means then is that when a day and a half later, when these articles come out, they’re able to quote a bigger number than the previous time, but [when the last major jailbreak came out] if you totaled the week, you might get a similarly large amount of people, proportionally at least, depending on how many people owned the devices at the time. But, yeah, this was a very, very, large hit.

Do you have any statistics about how many users have downloaded Cydia since the Evasi0n jailbreak?

I do not know right now, but I can say that as of 11 p.m. [Tuesday] night, there were 4 million unique devices that had used Cydia. However, there’s one caveat: My system that I use was unable to handle the load of traffic for the first five or six hours, into the middle of the night. I feel like there were some users that downloaded the jailbreak and couldn’t download the app [Cydia] and came back later. But I’m back online now, so, in the next couple of days, I’ll do another tally.

Why is Cydia so important for the jailbreaking community?

The thing that’s different with Cydia from all the other things that are a little similar is that it’s so decentralized. The closest thing I’ve seen to Cydia .... do you know WebOS?

Yeah.

Yeah, WebOS had a thing called preware. Cydia has taken it to the utter extreme, because it doesn’t even have a first-party distributor. I’ve got a small repository of the core software part that operate Cydia itself. But, instead, it’s the third-party repository that, in essence, run the community. And they are able to plug in Cydia, even if they’ve never dealt with me before; they’re still able to plug in Cydia and buy access to the community. An example of this is in China; there are some very large repositories there. A company called Baidu has a Cydia repository on their system. So, in China, you search something on Baidu, and a message comes up that says “You don’t have a very good keyboard on your phone, go to Cydia.”

Has Apple ever given you difficulties over the Cydia app?

I’ve never run into any issues and never been contacted by them.

How do you think users would react if Apple made iOS into an open-source platform?

Shock [laughs]. I’m just trying to imagine the reaction, the legitimate reaction, that would actually occur. The actual reaction would be shock. If it happened tomorrow and someone asked me, “Could you comment on Apple doing it [opening up their iOS],” I can imagine what I’d possibly say other than stammering into a microphone.

It’s so unlikely.

Yeah. But, that said, let's say what would the effects on users be?

If iOS was open-source?

Yeah. It would be nothing. Because it doesn’t matter if the software is open-source -- the hardware is still closed. So we really have to ask the question: What if Apple allowed you to jailbreak your hardware without voiding your warranty or without even an exploit.

It doesn’t even matter if the operating system is open-source, as our community has demonstrated; we are more than capable of making modifications to things without the source code. And the big thing with me is that open-source does not actually mean as much power as open-hardware, and this is something that the Free Software Foundation had the plain realization that they spent so many years working on the GPL license and the GPL 2. They had so many things that were licensed under the GPL -- an entire UNIX subsystem; they had Linux, which was licensed under GPL. And yet, [Linux] didn’t offer you any of the freedom of GPL, because it started arriving with the hardware, and the hardware couldn’t change.

The TiVo was a big one that people started getting angry over, and people started talking about the “TiVo-ization” of all of their software. And the Free Software Foundation then built a new version of the GPL, which was designed to not only provide freedom in software, but handle the hardware. It’s really critical for people who want an open system to also work on opening up hardware.

Do you think Apple users want iOS to be more open and customizable like Android?

Yeah, at least 5 pecent, and something seemingly more like 10 percent of them are willing to go follow weird people on Twitter who don’t have skills to construct webpages that are at all useful in order to find really complex and weird instruction to use horrible, broken tools in order to make changes to their phone that will void the warranty on their phone and cause issues like being unable to upgrade and all sorts of other complexities. They’re willing to go through all these hurdles, 10 percent of them, and many of them aren’t even technical people. If you can just imagine what that would mean if [jailbreaking] were not that difficult -- just the sheer number of people.

And that’s the thing: Sometimes, I end up talking to people that say, “Oh, I don’t think ... no one would want that. You’re a minority.” And I say, “Well, 10 percent of people want it.” And they reply, “Well, 10 percent is nothing.” Well, first of all, 10 percent is a lot. Ten percent is a minority, but 10 percent [of iOS users] is large enough that they matter. And the 10 percent of people are the hard-core, dedicated users that wanted this [jailbreak] so badly that they were willing to go through all this trouble. And I can imagine it will be many, many, many more people [who would be interested in jailbreaking if the process was easier]. For example, on iOS 1, on the original version of the iPhone, there were actually 60 percent of people who actually jailbroke their iPhones. The difference there was that the things you needed to get wasn’t just the ability to improve software -- it was the ability to install anything at all.

How beneficial would it be for Apple to become an open-source App Store or even just allow Cydia into the App Store?

An open-source App Store would be a huge game changer for iOS, but it wouldn’t have an effect on jailbreaking. We don’t have apps. When people come to me with their apps that were rejected from the App Store, I try and get them to go away. Only in a few situations was it appropriate for me to sell such a product. Even in the free cases, it just doesn’t make that much sense. It’s only when, for example, a kid in high school wants to develop apps and sometimes we publish them through Cydia. What we specialize in is software modification.

Apple doesn’t make money on their App Store, so [revenue] is not a concern. Apple charges 30 percent, but Apple doesn’t get 30 percent. Apple pays for the processing and the downloads of the apps, the developers services that allow the developers to finish all this stuff, etc. So Apple barely makes money from the App Store. The Android market actually loses money. Like, what are they even doing there? I don’t know, but apparently they lose money.

In comparison to this, if you see how much Apple makes on hardware. ... Apple makes an insane amount of money on hardware. I mean it's just a ludicrously large amount of money they make on hardware. And, if you take the maximum amount of money Apple could make on the App Store and the minimum of money they make on their mobile hardware, it’s, like, less the 1 percent of Apple’s income. The iPhone, iPod and iPad make up 99 percent of Apple’s income. The question then becomes the intent of the structure of the App Store.

The intent of the structure is to sell more hardware. They don’t care about selling software. If you have a business that relies on software, they don’t care about you. They’ll be interested in you, because apparently some of their users would like to have you, but they are going to do whatever it takes to make certain that you don’t affect their hardware sales. One example is that they don’t allow you do paid application upgrades. Why? Well, let's say, for example, that you had an old version of the application, and the new version of the application only works on the new version of iOS. Maybe you won’t upgrade the app. You’re not going to buy a new phone, because it’s the difference between a $4 app and a $500 phone. So they make it difficult.

What this means is that even if Cydia wasn’t an app store, if Cydia was a bookstore, Apple wouldn’t like it, and that's where you see all these conflicts come up. Like with the Kindle currently. You can have years of litigation, but if you wanna buy it on the phone, it won't happen. They wanna make it an app store. and people ask, "Wait, what kind software are you selling at the app store? You're selling Facebook assistance apps?" This is fundamentally locked. Every time a new version of the operating system comes out, every time a new version of the phone comes out, it'll break, and we have to start over again. We are a massive community of users who don't upgrade our phones very often, so Apple must hate us.

The second thing is that Cydia in the App Store is technologically inefficient. Why put Cydia in the App Store when you can put in all of the apps and tweaks of the Cydia store instead?

What's the future for Cydia? What's next?

I'm not gonna answer that question. Apple users apparently like surprises.