Anyone remember my Cat and mouse game story I wrote a while ago?

bump!

this thread should be in first page

As for a possible 1.1.3 due to the T-Mobile unlocked phones in Germany:

Well, the way 1.1.2 was designed to support "multiple" SIM cards is really poor and has a major bug that causes MobilePhone.app and MobileSMS.app to crash.

This is can be solved with either iWorld, that will provide you with a quick and dirty fix, or you can create a "customized do-it-yourself configuration" for your network and country (you need a network specific plist and to patch AppSupport for proper callerid matching that will in turn stop the crashes).

But Apple cannot rely on this solutions, not can they fix it for all countries. So they will have to make a MAJOR fix in the code and release a new firmware. They may even face new legal problems with that: selling something for 1K Euros and it does not work....

When, I have no idea. 1.0.2 will work for these phones, but then there is no international support there or in 1.1.1 (OTB).

BUT, BUT: the new firmware does not need a new baseband. So no new baseband, no new secpack.

1.1.2 is ready for France and Italy, so these two launches will not force a new firmware, but the French deal will have the same problem as the German unlocked ones.

So we have two events that will trigger new firmware:

- The legitimate unlocked phones
- The SDK that is due in February

Can Apple wait till February for solving the unlocked phones problem? I'm not an expert in German, French and EU legal issues, but their image will suffer.

We can wait and pray for a secpack. We can wait and pray for an exploit that will do it without the secpack. We can pray for a bootloader downgrade (I doubt it's feasible)...

Basically, when an iPhone baseband unlock is attempted (via AT command or whatever), the baseband takes the unlock code (NCK) that is passed in to the AT command and does <something> to it. Then it takes the value stored in the seczone and does <something else> to it. Then, it takes the results of <something> and <something else> and compares them. If they match, the baseband writes the flags for "the phone is now unlocked".

My idea is to reverse engineer the iPhone baseband and figure out what <something> and <something else> actually are. Then, we take every valid NCK and do <something> to said NCK and store it in a giant database. To unlock an iPhone via this, we do the <something else> to the seczone value for that iPhone (how you read the seczone value in question is another matter altogether) and search the giant database for a "processed" NCK that matches.

Of course, this depends on exactly what <something> actually is and how complex it is (i.e. how long it takes to take one NCK and apply the "transform" to it).

they have found an 4.6 exploit and will be able to unlock within the next 4 weeks. Perhaps they can help the devteam or can pass some money to them...
http://www.iphoneunlockuk.com

...27th November, 2007
We've at last managed to find an exploit in the 4.6 bootloader which means that new iPhones will be fully sim unlockable, but the bad is that we can only do this when iPhone software 1.1.3 is released (for technical reasons)....

Originally Posted by stonefred

they have found an 4.6 exploit and will be able to unlock within the next 4 weeks. Perhaps they can help the devteam or can pass some money to them...
http://www.iphoneunlockuk.com

ROFL

"They have found an 4.6 exploit"

ahhaahah that's the best joke i've heard since i joined these boards.

Sooo many cumming with other's d*cks.

yes - perhaps would be good to create some kind of nag stating that the unlock is free available everytime the phone is switched on... I could live with that if it only appears when I switch the phone on (not from standby).

Hmmm, there is one problem with my idea, it may be that the processing done to the NCK before the "is this NCK correct" check involves data that is specific to the iPhone in some way which means a general database for every iphone is not possible.

I am sure the dev team are plenty busy with stuff already - but I just have an idea I'd like to throw around:

Would it be possible to "add" a small bit of additional functionality into the 4.6 firmware that has now been fully dumped? - I'm not thinking of anything too fancy, but if it were possible to add in an option somewhere for the phone to be able to refuse updates off iTunes that would be great. Considering that if anyone accidentally upgrades to a new firmware they may very well need to wait for a new secpack again! Just an idea as I guess it would be ideal for everyone if they could control any updates made by iTunes. I know currently iTunes will ask if you want to update - but if someone else is playing with your phone or anything, it would nice to not have to worry about them clicking "yes" on itunes

what do you guys think?

Originally Posted by matlock

I am sure the dev team are plenty busy with stuff already - but I just have an idea I'd like to throw around:

Would it be possible to "add" a small bit of additional functionality into the 4.6 firmware that has now been fully dumped? - I'm not thinking of anything too fancy, but if it were possible to add in an option somewhere for the phone to be able to refuse updates off iTunes that would be great. Considering that if anyone accidentally upgrades to a new firmware they may very well need to wait for a new secpack again! Just an idea as I guess it would be ideal for everyone if they could control any updates made by iTunes. I know currently iTunes will ask if you want to update - but if someone else is playing with your phone or anything, it would nice to not have to worry about them clicking "yes" on itunes

what do you guys think?

and how do you WRITE this new feature to teh phone?