Also curious about this. The only thing I can think of emulators and other forbidden apps - you sign them with Xcode, but it only lasts a limited time (a week?)
There’s now a clever tool for getting around Apples signing, AltStore, which uses a server application on your computer to periodically sign the app (and has some trick to bypass not requiring a developer account that involves an Apple Mail extension)
As it turns out, this is used as one of the listed bootstrap methods for getting the jailbreak going.
It's a very different era for jailbreaking, these days. We don't actually need an ACE exploit as a bootstrap any more; we can just rely on various pseudo-officially-sanctioned methods of running arbitrary code (e.g. an XCode development provisioning profile.) A jailbreak is now just a privilege-escalation exploit. Interesting times.
