Signed App Installation

[PythEch]

So apparently there was a python implementation of libimobiledevice here: pymobiledevice

It is written in Python meaning that you won't even need to compile it as that is an interpreted langauge. Downside is, we need to use PyInstaller for Windows distribution because Python is not included in Windows, unlike Mac and Linux.

Anyways, if you don't want cross-language development (in other words, if you want just pure Java), we can look at that code and use it as reference to figure out how mobile installation_proxy is used. Since Python is a high-level language, it'll be easier to understand how things can be ported to Java.

I did those on a Windows machine, though it is relatively easier to get this done on Unix.

Requirements: Python 2.7 M2Crypto Construct

After the installation, head over to pymobiledevice and download the zip package. Extract pymobiledevice-master to C:\Python27 rename it to something like pymobiledevice otherwise Python will give syntax error. After that, fire up IDLE (Python GUI) from Start.

Now welcome to the Python Shell. You'd be surprised because all we need is 3 lines of code:

>>> from pymobiledevice import apps
>>> lockdown = apps.LockdownClient()
Connecting to device: 0aa4cc**********************************
Found pairing record for device 0aa4cc**********************************
>>> apps.mobile_install(lockdown, "C:\\Python27\\app.ipa")
Connecting to device: 0aa4cc**********************************
Connecting to device: 0aa4cc**********************************
Installing, C:\Python27\app.ipa: 5 % Complete
Installing, C:\Python27\app.ipa: 15 % Complete
Installing, C:\Python27\app.ipa: 20 % Complete
Installing, C:\Python27\app.ipa: 20 % Complete
Installing, C:\Python27\app.ipa: 30 % Complete
Installing, C:\Python27\app.ipa: 40 % Complete
Installing, C:\Python27\app.ipa: 50 % Complete
Installing, C:\Python27\app.ipa: 60 % Complete
Installing, C:\Python27\app.ipa: 70 % Complete
Installing, C:\Python27\app.ipa: 80 % Complete
Installing, C:\Python27\app.ipa: 90 % Complete
Installation Complete

Or you can just:

C:\Python27\pymobiledevice>apps.py --install=C:\Python27\app.ipa
Connecting to device: 0aa4cc**********************************
Found pairing record for device 0aa4cc**********************************
Connecting to device: 0aa4cc**********************************
Connecting to device: 0aa4cc**********************************
Installing, C:\Python27\app.ipa: 5 % Complete
Installing, C:\Python27\app.ipa: 15 % Complete
Installing, C:\Python27\app.ipa: 20 % Complete
Installing, C:\Python27\app.ipa: 20 % Complete
Installing, C:\Python27\app.ipa: 30 % Complete
Installing, C:\Python27\app.ipa: 40 % Complete
Installing, C:\Python27\app.ipa: 50 % Complete
Installing, C:\Python27\app.ipa: 60 % Complete
Installing, C:\Python27\app.ipa: 70 % Complete
Installing, C:\Python27\app.ipa: 80 % Complete
Installing, C:\Python27\app.ipa: 90 % Complete
Installation Complete

[PythEch]

I think I found the problem, half of these are assumptions though.

It seems openssl doesn't care about verification, and we forgot to include the 2nd certificate, the root certificate. ca.py doesn't generate this, unlike common/userpref.c, which is included in libimobiledevice.

idevice.c:

idevice_error_t idevice_connection_enable_ssl(idevice_connection_t connection)
{
if (!connection || connection->ssl_data)
return IDEVICE_E_INVALID_ARG;

idevice_error_t ret = IDEVICE_E_SSL_ERROR;
uint32_t return_me = 0;

#ifdef HAVE_OPENSSL
key_data_t root_cert = { NULL, 0 };
key_data_t root_privkey = { NULL, 0 };

userpref_error_t uerr = userpref_device_record_get_keys_and_certs(connection->udid, &root_privkey, &root_cert, NULL, NULL);
// it seems root private key and certificate are enough for openssl
[...]
#else
ssl_data_t ssl_data_loc = (ssl_data_t)malloc(sizeof(struct ssl_data_private));

/* Set up GnuTLS... */
debug_info("enabling SSL mode");
errno = 0;
gnutls_global_init();
gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate);
gnutls_certificate_client_set_retrieve_function (ssl_data_loc->certificate, internal_cert_callback);
gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);
gnutls_session_set_ptr(ssl_data_loc->session, ssl_data_loc);

gnutls_x509_crt_init(&ssl_data_loc->root_cert);
gnutls_x509_crt_init(&ssl_data_loc->host_cert);
gnutls_x509_privkey_init(&ssl_data_loc->root_privkey);
gnutls_x509_privkey_init(&ssl_data_loc->host_privkey);

userpref_error_t uerr = userpref_device_record_get_keys_and_certs(connection->udid, ssl_data_loc->root_privkey, ssl_data_loc->root_cert, ssl_data_loc->host_privkey, ssl_data_loc->host_cert);
// but it needs everything with gnutls
[..]

userpref.c:

static userpref_error_t userpref_device_record_gen_keys_and_cert(const char* udid)
{
userpref_error_t ret = USERPREF_E_SSL_ERROR;

key_data_t root_key_pem = { NULL, 0 };
key_data_t root_cert_pem = { NULL, 0 };
key_data_t host_key_pem = { NULL, 0 };
key_data_t host_cert_pem = { NULL, 0 };

debug_info("generating keys and certificates");
[...]
    if (NULL != root_cert_pem.data && 0 != root_cert_pem.size &&
NULL != host_cert_pem.data && 0 != host_cert_pem.size)
ret = USERPREF_E_SUCCESS;

/* store values in config file */
userpref_device_record_set_keys_and_certs(udid, &root_key_pem, &root_cert_pem, &host_key_pem, &host_cert_pem);
// it generates everything, doesn't matter if system has openssl or gnutls
[...]

I cannot use libimobiledevice.dll on my computer, for some reason it crashes with stack overflow. And there are UNIX socket problems on linux, so I need to find another script to generate these certificates.

Since ca.py doesn't generate the root certificate, I tried to use iTunes generated certificates, and it worked. Normally, when I want Python to verify the certificates generated by ca.py it gives this error:

Connecting to device: 0aa4cc366c959a9057b91b91b5e8e70c46d04057
Found pairing record for device 0aa4cc366c959a9057b91b91b5e8e70c46d04057
Error: Pairing failed!
_ssl.c:334: No root certificates specified for verification of other-side certif
icates.
Error: Unexpected error with mobile installation_proxy!
libapp instance has no attribute 'lockdown'

#plist_service.py
def ssl_start(self, keyfile, certfile, ca_cert):
        self.s = ssl.wrap_socket(self.s, keyfile, certfile, ca_certs=None, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1)

In original pymobiledevice, root certificate = host certificate:

pair_record = {"DevicePublicKey": plistlib.Data(self.DevicePublicKey),
                       "DeviceCertificate": plistlib.Data(DeviceCertificate),
                       "HostCertificate": plistlib.Data(certPem), #<--
                       "HostID": self.hostID,
                       "RootCertificate": plistlib.Data(certPem), #<--
                       "SystemBUID": "30142955-444094379208051516"
        }

So with this way, I get this error:

Connecting to device: 0aa4cc366c959a9057b91b91b5e8e70c46d04057
Found pairing record for device 0aa4cc366c959a9057b91b91b5e8e70c46d04057
Error: Pairing failed!
[Errno 1] _ssl.c:507: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:ce
rtificate verify failed
Error: Unexpected error with mobile installation_proxy!
libapp instance has no attribute 'lockdown'

def ssl_start(self, keyfile, certfile, ca_cert):
        self.s = ssl.wrap_socket(self.s, keyfile, certfile, ca_certs=certfile, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1)

---

Setting caPem = pair_record["RootCertificate"].data and using that as:

cafile = writeHomeFile(HOMEFOLDER, self.identifier + "_ca.txt", caPem)
self.c.ssl_start(sslfile, sslfile, cafile)

def ssl_start(self, keyfile, certfile, ca_cert):
        self.s = ssl.wrap_socket(self.s, keyfile, certfile, ca_certs=ca_cert, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1)

works.

[PythEch]

About saurik's comment on reddit, it seems he was correct. I can see my images through GNOME Shotwell without having to press Trust This Device. Found that from here while I was searching for a .deb of the newest libimobiledevice (though ended up compiling it manually)

EDIT: Later, I used libimobiledevice generated certificates on my ubuntu, but it didn't include issuer and subject, so I got empty issuer DN error. After that, I modified userpref.c a bit to set the issuer name (copied from here, off-topic, it was named "UNICORNS", haha). Anyway, for some reason, I still get empty issuer DN error, but at handshake stage, instead of at _sslcerts.py. At least I should be able to write once.

[alexhulbert]

I think the key here is to find out what ca.py has that everything else doesn't. If you try setting the issuer name to "UNICORNS" in ca.py, does it work? Another thing that might be worth doing is comparing all the certificates. I think openSSL can do that. If you send me the modified userpref.c, we can compare the Issuer DNs of certificates made by ca.py, userpref.c, libimobiledevice, and iTunes. That might shed some light.

Also off-topic:

• "open source" and "apple" are in the same url! Don't see those words together very often :)
• Why are all the fake issuers named after animals?

[PythEch]

I thought these two, ca.py and lockdown.py would work but they still have issues. All is wasted effort because it only works on Python so there is no accomplishment.

I tried to set various issuer names in userpref.c, openssl.exe prints out the issuers correctly. But for some reason, java complains at handshake stage (that's very weird). I don't see that with ca.py certs.

Ah, unfortunately I forgot to backup it while using command 'git clone'. The changes were so simple I even didn't try to compile this to see if it works (literally it's just copy and paste!). Note that, it's not complete, just part of that function.

As for the differences of the certificate mess, I'll try to write a summary, hope this clears up confusion...

BEWARE: WALL OF TEXT (if it was much simpler, I would've written this before)

iTunes:

• Probably, iTunes generates certificates using one of the its libraries
• Generated certificates are stored in %ProgramData%\Apple\Lockdown (Win), or /var/db/lockdown (OS X)
• HostCertificate (notice CA:FALSE), RootCertificate (CA is TRUE)
• These certificates don't have issuer or subject, when ssl is used for communicating iPhone this shouldn't be a problem. What I understand is, in the internet issuer is like ID of the certificates. That's how web applications, browsers handle thousands of certs if not millions. And it seems that Java's SSL was designed primarily for web usage, that's why it complains with empty issuer DN. [Not sure about this one, pure conspiracy]

pymobiledevice:

• Certificates are stored in %HOMEPATH%.pymobiledevice or ~/.pymobiledevice
• lockdown.py requests the DevicePublicKey when pairing is unsuccessful. It then passes this as parameter to ca_do_everything.
• It first creates a random root private key. Uses this private key to make a request (makeRequest, sets public key for the certificate).
• Later, it signs that request with the same private key (makeCert uses sign function), the root certificate becomes created. So we have a root (CA) private key and certificate.
• After that, it generates the DeviceCertificate (I found that it is essential during tests, couldn't establish connection with incorrect DeviceCertificate)
• To do that, ca.py converts the type of public key because iPhone sends PCKS1 type. Anyway, this time DevicePublicKey is used to make request, no random key is used, in fact the root private key is the only random one. makeRequest sets the public key so it makes sense to use DevicePublicKey there :D
• Lastly, the DeviceCert request is signed with root private key, in other words it's just signed by the root certificate.
• I figured out that even though userpref.c generates root cert, root key, host cert and host key, if HAVE_OPENSSL specified, idevice.c will only use root certificate and root private key for the authentication. I guess that's why Python is working without complaining unlike Java.
• RootCertificate (RootCertificate == HostCertificate with ca.py, though this is actually handled by lockdown.py)

def ca_do_everything(DevicePublicKey):
    rsa = generateRSAKey()
    privateKey = makePKey(rsa) # root private key
    req = makeRequest(privateKey, "The Issuer Monkey") #sets the public key and CN
    cert = makeCert(req, privateKey) #finally adds extensions and signs the request

    rsa2 = load_pub_key_bio(BIO.MemoryBuffer(convertPKCS1toPKCS8pubKey(DevicePublicKey)))
    pkey2 = EVP.PKey()
    pkey2.assign_rsa(rsa2)
    req = makeRequest(pkey2, "Device") # use DevicePublicKey as public key
    cert2 = makeCert(req, privateKey) # sign the request with root private key
    return cert.as_pem(), privateKey.as_pem(None), cert2.as_pem()

libimobiledevice:

• In Linux it stores userpref files in /var/lib/lockdown (also uses iTunes locations for other OSes)
• Like usual pymobiledevice, limd switches to ssl socket when iPhone wants to talk SSL. At that stage idevice_connection_enable_ssl is fired in idevice.c
• It tries to get certificates with function userpref_device_record_get_keys_and_certs from common/userpref.c
• If it encounters an error like no certs were created before, it tries to generate those ones with given udid using userpref_device_record_gen_keys_and_cert
• Ok, so this function is relatively long, I'll try to tell what openssl version does.
• First let's define variable types, this is C, you know:

    key_data_t root_key_pem = { NULL, 0 };
    key_data_t root_cert_pem = { NULL, 0 };
    key_data_t host_key_pem = { NULL, 0 };
    key_data_t host_cert_pem = { NULL, 0 };

• We need private keys:

    RSA* root_keypair = RSA_new();
    RSA* host_keypair = RSA_new();

    RSA_generate_key_ex(root_keypair, 2048, e, NULL);
    RSA_generate_key_ex(host_keypair, 2048, e, NULL);

    BN_free(e);

    EVP_PKEY* root_pkey = EVP_PKEY_new();
    EVP_PKEY_assign_RSA(root_pkey, root_keypair);

    EVP_PKEY* host_pkey = EVP_PKEY_new();
    EVP_PKEY_assign_RSA(host_pkey, host_keypair);

• Root cert:

    /* generate root certificate */
    X509* root_cert = X509_new();
    {
        // ... //

        /* set x509v3 basic constraints */
        X509_EXTENSION* ext;
        if (!(ext = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, (char*)"critical,CA:TRUE"))) {
            debug_info("ERROR: X509V3_EXT_conf_nid failed");
        }
        X509_add_ext(root_cert, ext, -1); // CA:TRUE

        // ... //

        /* use root public key for root cert */
        X509_set_pubkey(root_cert, root_pkey); // public key is root pkey
        /* sign root cert with root private key */
        X509_sign(root_cert, root_pkey, EVP_sha1()); // signed with root private key again
    }

• Host cert:

    /* create host certificate */
    X509* host_cert = X509_new();
    {
        // ... //

        /* set x509v3 basic constraints */
        X509_EXTENSION* ext;
        if (!(ext = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, (char*)"critical,CA:FALSE"))) {
            debug_info("ERROR: X509V3_EXT_conf_nid failed");
        }
        X509_add_ext(host_cert, ext, -1); // CA:FALSE

        /* set x509v3 key usage */
        if (!(ext = X509V3_EXT_conf_nid(NULL, NULL, NID_key_usage, (char*)"digitalSignature,keyEncipherment"))) {
            debug_info("ERROR: X509V3_EXT_conf_nid failed");
        }
        X509_add_ext(host_cert, ext, -1); // Unnecessary, I think it's here to copy iTunes certificates

        // ... //

        /* use host public key for host cert */ 
        X509_set_pubkey(host_cert, host_pkey); // public key is host pkey

        /* sign host cert with root private key */
        X509_sign(host_cert, root_pkey, EVP_sha1()); // now it is signed with root private key, instead of the host pkey
    }

• Later the keys are stored in a plist and reloaded for the ssl connection etc.
• I really don't know why lockdown.c has the code for generating certificates. Shouldn't userpref.c handle that part?
• HostCertificate, RootCertificate. These certs are iTunes clones for sure, except "X509v3 Subject Key Identifier"

Off-topic:

• Well it seems opensource makes miracles :). I hope this will make people audit the open source codes.
• I liked the "Issuer Monkey" joke, that's why
• Some of those are based on pure speculation, feel free to correct my possible awful and humourous mistakes.

[PythEch]

YES I HAVE FOUND THE SOLUTION!

All we had to do was this: http://stackoverflow.com/questions/13405397/java-socket-client-sending-extra-bytes-to-device

So add -Djsse.enableCBCProtection=false in command line

Reproduce:

• Delete everything in your C:\jython2.7b1 for a fresh start, and re-install it.
• Now, download the nycs branch
• Don't forget to replace socket.py in nycs directory.
• Use Python 2.7 to generate ca.py certificates.
• Open lockdown.py in jython2.7b1\lib\pymobiledevice\
• Change the homepath to this:

HOMEFOLDER = os.path.join(os.environ["HOMEPATH"],".pymobiledevice")

It finally works! Now we can blame java or commercial(?) limd-sdk.That's really a stupid fix

EDIT: I've updated the master branch so you don't have to do code changes.

To see if it works use a command like jython.bat libapp.py -b 0 com.facebook.Facebook apps/facebook.ipa

Next task is to eliminate ca.py dependency, we need to port it. I think we can use nycs for this without extra dependencies, but I'm not sure.

After that we'll need to solve UNIX sockets problem.

Also, can you please update the README.md? It's clear that you are far better than me at writing.

[alexhulbert]

This is awesome, great job! I can't wait to try this! I'll update the README and test this with actual Java as soon as I can get to my computer. Hopefully everything will run smoothly with that. Once I've tested everything, I'll look into that unixsocket repo. It seems that the UNIX socket part is a little less in-depth, so it should (hopefully) be easier. I can import this into Icew1nd as a submodule so that when we change the main repo, it gets updated on Icew1nd.

[alexhulbert]

Sorry, I accidentally clicked "close" instead of "comment"

[alexhulbert]

I finally have access to my laptop. I'm doing everything now!

[alexhulbert]

Currently, what certificates work? Just python ones? If libimobiledevice certificates work, we can compile the C code for Linux/Mac, and Windows and run that from pymobiledevice rather than actually porting ca.py. I would say that we could compile ca.py directly to an exe, but it requires M2Crypto. Hmmmm....

[PythEch]

Both libimobiledevice and iTunes certificates don't have issuer names, that's the reason why they don't work. It seems, Java is hardcoded to not allow empty issuer. Probably it can be monkey-patched using reflection, but I don't think it worths the trouble, that's shady and some unnecessary work. Perhaps I may try to do it when every problem is fixed, just for the sake of using iTunes certificates.

Anyway, yes, just python ones. But don't worry, it's possible to create certificates using Java. I think nycs can do it, right now I'm trying undocumented classes. In worst case scenario, we'll need to use BouncyCastle, don't think it'll be a problem.

Converting (not compiling) ca.py to an exe is possible with PyInstaller (better than py2exe and its competitors) with M2Crypto (actually it handles that part automatically), remember, I recommended using that tool to make a command line utility. But practically a lot of things can go wrong. Like catching exceptions becomes a lot harder.

If we really need a binary, we can use openssl.exe. It's a real native binary, stable, cross-platform and we don't need to compile anything.

---

I guess we can seperate the tasks. I think I can handle the ca.py part. But junix-sockets seems like suits better to you.

[alexhulbert]

Great! I UNIX sockets seems fun. The repo I'll be using is here. It seems pretty easy. I'm going to skim through the code and see if I can figure out how everything works.

[alexhulbert]

EDIT: I googled jnr-unixsocket to find some documentation when I stumbled upon junix-sockets. I remembered you talking about that in your previous comment, so I investigated it. You're right, junix-socket seems like a much better library.

[PythEch]

Lol, I googled to remember the library's name, junixsocket was 5th result so I assumed it was the same library that you were talking about. If you need any help, I'd be glad to do it

EDIT: ca.py is almost complete, I'll probably push a commit a few hours later when I get back to home.

[alexhulbert]

UNIX sockets are going pretty well too! There's just one problem. We need to reimplement the select function. I googled select, IBM has a pretty good description:

The select() function allows the process to wait for an event to occur and to wake up the process when the event occurs. In this example, the select() function returns a number that represents the socket descriptors that are ready to be processed

The last part is probably different, since python's select returns three values.

---

I know everything's probably coded wrong. As soon as I have access to my laptop, I'll check everything out.

[PythEch]

I know I said I'll push in a few hours but I was stuck at loading public key. I finally found out that we need to pass it as DER format.

Generating CA certificate was pretty straightforward. That's why I said it's almost done. I'll try to help you about select when I finish the last step in certificate generation.

Oh and, other than that, it works

EDIT: Everything is fixed

[PythEch]

Is there anything missing other than UNIX sockets? I haven't found a solution for that yet except a stackoverflow question that recommends using jnr-unixsocket instead of junixsocket. I'll try that later. Both pymobiledevice and jmobiledevice are looking good.

I can also help developing jmobiledevice if you need it.

[alexhulbert]

I can also help developing jmobiledevice if you need it.

I'm good for now. You've already done certificate.py, so I'll handle this part of the port. Could you work on the UNIX socket part? I just can't visualize how the code is going to work. Plus, I'm much better at Java then Python.

---

You have probably seen the flurry of activity with JMobileDevice. I was on a very long plane ride, so I wanted to take advantage of their amazingly fast internet. Its so ironic that some of the fasted internet I've ever used was on a plane :/. I got a little carried away with the programming, so I'll explain what's going on.

After seeing libimobiledevice-wrapper and ios-driver, I decided that our port would be better off in another repo. Those repositories are a complete mess, with some changes in one repo and some changes in another. I don't want to make that mistake.

I decided to split the /src/com/alexhulbert/jmobiledevice folder into its own repo using the method described in this article. After that, I modified the .git folder so that the new repo pointed to Triforce1/JMobileDevice.

Then I realized I was stuck with a problem: The .java files were in the root of the repo; you would have to add the dependancies, python code, etc. yourself in order to compile it. That's when I got the idea to make two branches: a code branch and a master branch.

The code branch is just the jmobiledevice java files. No folders or anything. The master branch is just an empty netbeans project with all of the dependencies.

I made a submodule (link) to the code branch inside of the src directory so that the master branch contains the code branch within it. Then I linked to the code branch inside of Triforce1/Icew1nd so that when you update the code branch, both JMobileDevice and Icew1nd automatically get updated.

Think of it like javascript callbacks, but for git. As you can imagine, that's not the easiest thing in the world. I haven't felt this confused since I last opened xorg.conf :).

---

Anyway, the migration is done now and all of the code should automatically synchronize throughout all 3 repos (JMobileDevice, pymobiledevice, and Icew1nd). Currently, you can execute a plethora of Shell commands like cd, mkdir, and mv. I plan to add some more (like touch).

I had to do a couple of small fixes in the Python, but everything should work in both regular Jython and in embedded Jython.

Once JMobileDevice is done, I'd like to add some functionality from the actual libimobiledevice. This may sound hard, but its actually pretty strait-forward. You just make (or attach to) a lockdown instance and use simple send and receive commands. There's not that much logic involved. Finishing Icew1nd should be pretty easy too. I just need to finish reverse engineering iCloud.

[PythEch]

Plus, I'm much better at Java then Python.

Yeah, what you say makes sense. I have to admit, that's vice versa for me.

I got a little carried away with the programming, so I'll explain what's going on.

It was hard to understand what happened, thanks for explaining that before I ask.

Maybe not jmobiledevice but, I can help about Icew1nd like beta testing etc. I remember that you needed an A4 device

[alexhulbert]

Here in America, we're having some internet security problems too :|. Evidently the NSA's been spying on us...

---

For the A4 device, the process is going to be much more complicated than I though. I think a friend of mine has one he's not using. I'll try to persuade him to let me borrow it. The process I'm going to do is at issue #3.

---

I'll post some more info on the current status of the project later today.

[alexhulbert]

Expect a huge push within a couple days! I'm working on diagnostics_relay and I've got a great system down. It involves BigIntegers and a lot of bitwise/binary operators :).

[PythEch]

Great job! Sorry for not being active, I'm going to be very busy due to school for weeks :/

I've looked into UNIX Sockets part, I think I've found what should I do, but I didn't have much time later. Wish Jython had this feature just like JRuby

At least we made it working on Windows, so the development can continue.

[PythEch]

Aha, this might seem small but I finally got it working to a point where usbmux.py successfully recognizes my device's UDID. Right now the code is a little buggy, I'll push a commit some time.

EDIT: And now, it gives PasswordProtected error and successfully asks for Trust This Device.

Other than that, when ~/.pymobiledevice records persist, it stops reading at a time.

[alexhulbert]

Awesome! I've been doing a huge chunk of Icew1nd in my study halls :P. (Like right now!) I'm working on the iCloud portion and the GUI right now. I wonder how they'll turn out!

[alexhulbert]

Lol. I saw you starred mountainstorm/MobileDevice. I was looking at it thinking it looked hard to port, but its actually really easy! I bet I could port some of the files. They're just sending out and receiving plists! If I have any free time, I'll port some stuff from MobileDevice over.

Currently, I'm working on building that chat program I was talking about. IRC is really stupid if you ask me...

Also, I'm going to upload the GUI (finally). I just need to tidy up some code and include a font.

[PythEch]

Sorry to say this but, actually, it's just a wrapper for MobileDevice.dll / MobileDevice.dylib, so no love for Linux.

And what's the point of porting it, pymobiledevice is already finished? :D

I starred that because I liked it as an API, I'm "beautifying" some ugly mess of pymobiledevice right now. Adding docstrings, removing some of its magic, fixing inconsistent naming convention etc.

Also seems like you didn't get notifications of my replies, probably because I deleted that branch. I don't want to repost so, I'll just leave the link here: https://github.com/PythEch/pymobiledevice/commit/74bd2510bec57378a40e17ea8147335b67850831

I'm looking forward to the GUI release :) :shipit:

[alexhulbert]

Sorry to say this but, actually, it's just a wrapper for MobileDevice.dll / MobileDevice.dylib, so no love for Linux.

Actually, just files like plistService.py are a wrapper. In files like afc.py and springboard.py, functions made up mostly of sendPlist and recvPlist commands. Those files can be ported easily. I can do them sometime in the future if need be.

And what's the point of porting it, pymobiledevice is already finished? :D

Interfacing more of iOS's protocols to Java could help make bigger programs, such as iTunes for linux possible. It opens up a huge variety of things you can build and create.

I starred that because I liked it as an API, I'm "beautifying" some ugly mess of pymobiledevice right now. Adding docstrings, removing some of its magic, fixing inconsistent naming convention etc.

Sweet! Tidy code is always so much better in the long run. Feel free to change around any methods and I'll modify the Java wrapper accordingly. .

Also seems like you didn't get notifications of my replies, probably because I deleted that branch. I don't want to repost so, I'll just leave the link here: PythEch/pymobiledevice@74bd251

I literally have no idea what to call it. It would take a lot of major refactoring to name it something else, so we should only change the name when one of us thinks of something cool. Your right, Jymobiledevice sounds weird.

I'm looking forward to the GUI release :) :shipit:

Awesome use of the shipit squirrel :). Anyway, I've finished it, but there's another problem with my laptop. The hard drive is still perfectly fine (thank god), so I'm going to back that up to my local NAS box (its 500+ GB of data to backup). Once that's done backing up, I can recover the files from it and push them to the main repo. Square trade said that something's most likely defective in my laptop and they're just give me the money back for it. I've still got my old fallback computer, though. So I will continue to develop when I can.

[PythEch]

Haha, even though we had the same idea, I failed to understand what you meant, oops.

Look at this: https://ghostbin.com/paste/6b599

Not only that it's now easier to read/write files, we can also seek, tell and read line by line (__iter__) without reading the whole file. And it also supports with statement (though this shouldn't really matter in Java).

I especially endeavored to make it look like open() in Python.

e.g

with afc.AFCFile('test.log', 'r') as f:
    for line in f:
        print line

Actually, Cython bindings (yet another Python implementation, duh!) of libimobiledevice can help a lot too.

I didn't had a good idea for name, but I was preparing the license, so I thought it was the right time to ask it. Anyway, I don't think anyone's gonna use pymobiledevice (jython) directly, instead of JMobileDevice.

As for your computer problems... I have a laptop from 2008 with 2 GiB RAM running on Windows 7 in my home, and it's still functioning properly with frequent use. We haven't had any HDD problems yet, something's strange with yours :/

Fortunately it's good to hear you have backups, something I occasionally do.

Also, if you have an SDD in your new computer, that may be the problem. A friend of mine had a lot of problems with OCZ, and there was a bug in firmware of my Corsair (firmware upgrade solved the problem).

[alexhulbert]

Awesome! That code looks so much better than the original. Anyway... I've got a surprise for you ;). Its an atom invite! I finally got mine (via personal request) and I'd like to send you one of my personal invites to you as a thank you for all your hard work on this project. Is there any email in particular you'd like me to send it to? Also, you said you had a Cyder clone. Is that finished? I've been looking for one for ages.

EDIT: I've sent in my laptop and I'm going to get one that's hackintosh-compatible. I'm finally going to learn Objective-C :P

[PythEch]

That's very kind of you :) Well, I think, I should accept then: pythech.tr@gmail.com

Thank you very much!

---

That Cyder clone is written in C# which was internally named "WinPie" (lol). I was working on it before I met you. It was functioning properly enough for a beta; you could add repos, search for packages, view depictions (the webpage you see before installing a package) even though IE failed so hard, and finally, download debs. I don't plan making it able to install debs, there are lots of tools for that job. We need a tool to download packages, not installing them. No more weird errors for missing iTunes libraries.

I'll upload pics and the source code/binary in a few hours later when I get back to home. It is still very buggy though, and somewhat slow. Probably I'll need to switch to SQLite from LINQ.

The way it works surprised me, it was possible to emulate everything using simple HTTP requests. Oh and 7zip to decompress bz2 files :D (dot net is too slow)

And the best thing is, you can download paid packages using your Cydia ID!

---

I have never been successful with hackintosh, is there anything you can recommend so I can buy that next year? I asked this so many times but never got a good answer.

[PythEch]

I'm back! The internet was broken for 2 days...

I don't think you'd want to use this half-baked thing but nevertheless I released that.

Some pics: http://imgur.com/MzyA1OD,iRuo3X5

I'll try to finish it in summer

[alexhulbert]

Well, I "finished" the chat server! It's sloppier than your Cyder Clone, though. It preforms XHR request twice per second, so its slow as hell. You'll have to let me know to come on in advance, too. I haven't set up logging and it doesn't email me messages I don't hear yet. But I'll continue to work on it. You can see it at chat.alexhulbert.com. The GUI for Icew1nd looks nice, too! Here's a screenshot:

---

The problem with Hackintoshes is that each computer is different. You can see some guidelines and a compatibility list at tonymacx86.com.

[PythEch]

Wow that looks awesome! More awesome than I have ever imagined! The webchat site looks nice too!

10/10 would use it

I'm not proud of my work but I've remembered that I forgot to show the actual things I talked about. http://imgur.com/vN1hvfe,iggzjdZ

Off topic: I'm planning using http://code.google.com/p/dot-net-transitions/ . It's too good for Windows Forms. Lack of animations was driving me insane, especially after I met mobile applications.

[alexhulbert]

I'm going to look over the code for Icew1nd and push the first screen or two of the GUI. Expect a push to today (or tomorrow at most).

---

Off topic: Before I did Java, I used to be a C# programmer. I could probably help you with WinPie. When I was 12/13 (not too long ago ;)), I used C# when making an old Virtual Reality Engine (\/3RE). I made it out of a broken Wii Remote, my Kinect, some cheap video glasses, an arduino, and some spare infrared lights. It was a really temperamental and buggy, but it was awesome when I mapped my movement to the WSAD keys/mouse and used that with Minecraft.

I want to get an Oculus Rift, but now that Facebook's bought it... I don't know if I want to spend that kind of money.

[alexhulbert]

I'm going to start working on JMobileDevice again. I'll update it to match your changes to afc.py and then I'll work on adding a new python file: springboard.py. This was one of the few files that weren't in pymobiledevice, but I need it. I'm going to duplicate SpringBoard by grabbing all the applications and their icons. I'll find out what page they're on and overlay that on top of the user's background. I'll have the user either drag the icons into an "backup" box or just have them select them normally (like with MultiIconMover-styled check badges). I can't wait to start working on this!