Results 1 to 10 of 10
Discuss iPhone SIM-locked again after update of the baseband firmware at the General - Hackint0sh.org; Hi all, yesterday i was upgrading my unlocked iPhone from version 1.0 to version 1.0.2. ...
  1. #1
    Professional Array

    Join Date
    Jul 2007
    Posts
    60
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default iPhone SIM-locked again after update of the baseband firmware

    Hi all,

    yesterday i was upgrading my unlocked iPhone from version 1.0 to version 1.0.2. During the upgrade something went wrong, so iTunes let me restore the phone, after which the phone was SIM-locked again.

    Today, i openend and unlocked the bugger a second time, using Cracker's needle tutorial (I didn't want to solder again, because soldering these tiny little PCB tracks and components is a real pain in the ass).

    At the end of the unlock process, before the AT+CLCK="PN",0,"00000000" is issued, i entered a AT+CLCK="PN",2 just to see if the modem is responding to minicom.

    Surprise surprise: The modem was already unlocked, because it returned +CLCK: 0.

    So my understanding, that the locks are saved in the permanent memory of the phone has been proofed. I'm now able to draw some important conclusions:

    1. AT+CLCK removes the locks - but not all of them. The status of the locks is saved in the permanent memory of the modem, and is most likely surviving a restore or upgrade operation.
    2. Because not all locks are removed, GeoHots firmware patch is still needed during operation of the modem.
    3. Any further firmware update to a newer version than 03.14.08_G is most likely to lock the phone again, because the patch is removed.

    This might also be true for Turbo-SIM-unlocked phones, as Apple might issue an upgrade of the modem firmware which is periodically re-evaluating the IMSI to check for a valid AT&T SIM card. The TurboSIM-trick to fake the IMSI for the first couple of validity checks - and to switch to the non-AT&T-SIM for normal operation - wouldn't work anymore.


    BOTTOMLINE:

    NEVER EVER UPGRADE YOUR GEOHOT-UNLOCKED PHONE TO A NEWER SOFTWARE VERSION, IF THE UPGRADE CONTAINS AN UPGRADE OF THE MODEM FIRMWARE, OR YOUR PHONE WILL BE SIM-LOCKED AGAIN. BE ALSO CAREFUL IF YOU ARE USING A TURBOSIM.



    Sorry for the bad news!

    cu/

    Sergeij
    Last edited by Sergeij2000; 08-30-2007 at 02:17 PM.



  2. #2
    Professional Array

    Join Date
    Aug 2007
    Posts
    85
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    11

    Default

    thanks for the detailed description of the "problem" but I think this was already clear: if there is a newer modem firmware the baseband firmware will be overwritten.
    the interesting point will be to find out if a update contains a new modem firmware or if not ...
    to avoid another opening of the iPhone I'll install a reed contact that can be operated by a small magnet from outside as already discussed in the hardware subforum.

  3. #3
    Professional Array

    Join Date
    Jul 2007
    Posts
    60
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by Diet View Post
    thanks for the detailed description of the "problem" but I think this was already clear: if there is a newer modem firmware the baseband firmware will be overwritten.
    the interesting point will be to find out if a update contains a new modem firmware or if not ...
    to avoid another opening of the iPhone I'll install a reed contact that can be operated by a small magnet from outside as already discussed in the hardware subforum.
    That the FW will be overwritten by a newer version was indeed clear. But the usage of the official unlock command AT+CLCK="PN",0,"00000000" with a bogus unlock code was giving me the impression that all locks are removed, that the FW patch is only used to bypass the validation of the unlock code - and that the firmware can be upgraded once the unlock has been done.

    There is a way to find out if an upgrade contains a new modem software:

    When iTunes announces a new update, download the restore-image (start the restore and disconnect the iPhone as soon as the download begins) and grab the image from your 'Library/iTunes/iPhone Software Updates' folder.

    Change the extension from ipsw to zip, and unzip the image. You will find two .dmg-files, one containing the RAM-disk, the other one containing the OS (which is much larger than the RAM-disk).

    Convert the smaller dmg:

    dd if=<name_of_smaller_dmg> of=ramdisk.dmg bs=512 skip=4 conv=sync

    and mount the converted disk image ramdisk.dmg.

    Locate the directory /usr/local/standalone/firmware. The file with the extension .fls contains the modem firmware, the name of the file contains the version number. If you see something different from ICE03.14.08_G.fls, the update most likely contains a new version of the modem firmware.

    cu/

    Sergeij

    cu/

    Sergeij

  4. #4
    Rookie Array

    Join Date
    Apr 2007
    Posts
    16
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Surely this is the key to software unlocking?

    If a new BB firmware can reverse unlocking, surely a modified BB firmware will unlock it? We would just need to trick the updater into re-flashing?

  5. #5
    Rookie Array

    Join Date
    Aug 2007
    Posts
    17
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    This must be it. Anyone able to include the patched firmware file in the existing itunes restore image? Then force full-restore of your phone using the adjusted firmware package. anyone?


  6. #6
    Professional Array

    Join Date
    Jul 2007
    Posts
    60
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by Dutchz View Post
    This must be it. Anyone able to include the patched firmware file in the existing itunes restore image? Then force full-restore of your phone using the adjusted firmware package. anyone?
    The dmgs in the software package are digitally signed. Nobody was able to crack the signature yet. It's quite easy to apply the patches to the content of the RAM-disk dmg file - and zip the whole thing back into an ipsw. But the iPhone is not accepting the patched files, because the signature is wrong.

    cu/

    Sergeij

  7. #7
    Senior Professional Array dragon-tmd's Avatar

    Join Date
    Jul 2007
    Posts
    147
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    Quote Originally Posted by Sergeij2000 View Post
    The dmgs in the software package are digitally signed. Nobody was able to crack the signature yet. It's quite easy to apply the patches to the content of the RAM-disk dmg file - and zip the whole thing back into an ipsw. But the iPhone is not accepting the patched files, because the signature is wrong.

    cu/

    Sergeij
    How about faking newer baseband updates with the old ICE03.14.08_G.fls? Open the restore image, open ramdisk, delete newer baseband, copy & rename old baseband to new name, store in restore image and restore the iphone.

    You'll get a new firmware and the old baseband, do you?

  8. #8
    Zf_
    Zf_ is offline
    iPhone Dev Team Array

    Join Date
    Jul 2007
    Posts
    717
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    47

    Default

    Quote Originally Posted by dragon-tmd View Post
    How about faking newer baseband updates with the old ICE03.14.08_G.fls? Open the restore image, open ramdisk, delete newer baseband, copy & rename old baseband to new name, store in restore image and restore the iphone.

    You'll get a new firmware and the old baseband, do you?
    It won't work because bbupdater is comparing versions before flashing.

    And perhaps even the bootloader is doing that - so I don't want to patch it in bbupdater and end up with a dead baseband before I'm sure

    Otherwise my daily spam for all your update needs http://iphone.fiveforty.net/wiki/ind...Update_Service

  9. #9
    Professional Array

    Join Date
    Aug 2007
    Posts
    72
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    If you already have 1.02, restoring through iTunes should be fine though, yeah? I'm too scared to even try after all that work unlocking it.

  10. #10
    Professional Array

    Join Date
    Jul 2007
    Posts
    60
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by Eluzion View Post
    If you already have 1.02, restoring through iTunes should be fine though, yeah? I'm too scared to even try after all that work unlocking it.
    As far as i know it's possible to upgrade from 1.0.1 to 1.0.2. Some people told me that the actual version of the modem is checked - and that the modem firmware is not upgraded if it has the same versioin like the upgrade-image.

    But if something fails during the update - and you need a full restore - i really don't know what is happening. I personally will wait until somebody else walked through the mine field of doing the restore

    cu/

    Sergeij


 

 

Similar Threads

  1. Replies: 9
    Last Post: 05-16-2011, 11:27 AM
  2. Replies: 4
    Last Post: 08-12-2008, 12:32 AM
  3. Replies: 2
    Last Post: 12-20-2007, 04:39 AM
  4. Update Baseband only on 04.01.13_G firmware possible?
    By virtue in forum iPhone "2G" (Rev. 1)
    Replies: 11
    Last Post: 11-10-2007, 02:08 PM
  5. Downgrade modem baseband or update firmware?
    By TheCameraGirl in forum iPhone "2G" (Rev. 1)
    Replies: 1
    Last Post: 10-25-2007, 04:14 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 08:02 AM.
twitter, follow us!