I posted a IPSF style unlocker on my blog, http://iphonejtag.blogspot.com/ Just unpack, copy all the files, and run the shell script. Get bbupdater and the latest fls and eep and put in folder if you want the baseband to be restored automatically.
SAVE the file called "seczone" This is your backup file. With that, you can fully restore from this unlock. If this script doesn't work for you, post the output here and I'll look.
Use at your own risk. Post any problems here and I'll try to fix them. I have successfully tested this on my two phones, but no guarantees. This unlock is restore and *hopefully* upgrade resistant.
Thanks to elite for the virginizor, dev for iUnlock, PmgR for getting lip to compile on the iPhone, and gray for his initial crypto work. We are coming to a point in the community when a tool has been written to do everything, its just a matter of stringing everything together.
Doesn't matter whether you virginize or not, this writes the locks table directly.
And you can get the new fls and eep by decrypting the new ramdisk. Instructions are on the blog.
I advise doing this on fw 1.0.2 I ran the script over wifi no problem. I do not advise doing this on 1.1.3 Just do it on an old firmware then update later. IPSF stays :-)
wildbomb brought something to my attention. On the 1.1.3 baseband, it relocks on every reset. This is true with real IPSF too. A script to send 'AT+CLCK="PN",0,"00000000" will fix this, but there should be a better way. Maybe this a feature on the new baseband and the new lockdownd does this.
This is a perfect IPSF clone, this problem with 1.1.3 happens with real IPSF too. I bet lockdownd sends the unlock string every startup. Clever Clever Apple.