This method uses the 0wnboot payload by Chronic Dev to allow for running unsigned code. All credits go to him. This is for windows. You'll need the 0wnboot.bin payload for this, found here: You'll need the 0wnboot.bin payload for this, found here: http://chronicdev.googlecode.com/files/0wnboot.bin You'll also need a copy of the 2.1.1 firmware for this, to extract the ibss.dfu and iboot.img3 Open the entire firmware file in winrar, and extract the firmware folder and you'll find those files. Download the compiled version of irecovery for windows here: http://aux.dottru.net/~joseph/iRecoveryWin32.zip (I couldn't get this irecovery to work in vista, maybe someone else can?) Code: [LIST=1] [*] Put device into DFU [*] Upload ibss.dfu (2.1.1 ibss.dfu - command: irecovery -f ibss.dfu) [*] Unplug device/replug (screen goes white) [*] Spawn a shell (irecovery -s) [*] Upload iboot.img3 (2.1.1 iboot - command: /sendfile iboot.img3) [*] Type 'go' [*] Type '/exit' then spawn another shell (command: irecovery -s) [*] Upload payload (command: /sendfile 0wnboot.bin) [*] Type 'arm7_go' [*] Type 'image list' [*]If you do not get a 'permission denied', and get an image list, payload succeeded. [/LIST] If your screen doesn't go white after step 3 then you did something wrong. I take NO liability if you mess up your ipod. If something does go wrong just restore it. Hopefully a jailbreak can come from this... EDIT: If you don't know what you're doing, just wait until a real jailbreak comes out.