And.. however that patch works only with 3.12 baseband.
Another patch is needed for 3.14.

Don't use that patch on a 3.14 or the baseband will DIE (i needed a full restore)

Originally Posted by Zibri

And.. however that patch works only with 3.12 baseband.
Another patch is needed for 3.14.

Don't use that patch on a 3.14 or the baseband will DIE (i needed a full restore)

were you using the latest version of ipsf for patching?

From what i understand of listening to George Hotz speak in IRC about the IPSF the simfree method actually uses a token system to generate the proper unlock token. It does NOT patch the firmware, their servers generate the needed token to fully unlock the phone (the way apple designed it to). Since you cant activate the phone with 1.1.1 the unlock cant be used. Just my .02$ USD

Originally Posted by jmcallister

From what i understand of listening to George Hotz speak in IRC about the IPSF the simfree method actually uses a token system to generate the proper unlock token. It does NOT patch the firmware, their servers generate the needed token to fully unlock the phone (the way apple designed it to). Since you cant activate the phone with 1.1.1 the unlock cant be used. Just my .02$ USD

And how could they possibly do this? The algorithm generating unlock tokens from an IMEI and/or serial number must be one of the closest guarded secrets at Apple... I have even heard that for high value phones these algorithms sometimes have individual seeds specific to each phone, so even if you know the algorithm, to generate the unlock token you also need access to the serial number <--> seed database.

The more i read about IPSF, the more i am thinking they have someone on the inside at Apple. What they have done cannot possibly be acheived in the amount of time they did it without some help from someone in the know.............

My thoughts exactly.... Whatever it is that they're doing, the bottom line is that they're doing it in such a way that the stock firmware can be reflashed with no further consequences.

Most significantly, the "PN" reported from an AT+XSIMSTATE=1 issued on the baseband after an IPSF unlock shows 5, whereas the Dev Team methods set PN to 4 (and in that case only when running the patched baseband firmware). According to George Hotz's blog, 4 means "Unlocked and Lockable" whereas 5 means simply "Unlocked." I'm not sure of the technical differences, but the latter gives me the impression that the IPSF puts the iPhone into a state where it's not relockable through normal means.

The IPSF patch further rewrites the firmware properly even from an iUnlocked phone, removing the invalid activation token that the Dev Team patch leaves behind (for their custom patched firmware), and creating a situation where v1.1.1 does in fact leave an unlocked iPhone in place.

At this point, the only thing preventing a usable phone for those IPSF users upgrading to v1.1.1 is the actual activation issue. Since the phone has not yet been jailbroken, the higher-level OS will not accept any SIM other than the original SIM (or more to the point, iTunes will not activate any other SIM into the phone). The baseband remains unlocked in v1.1.1, but the higher-level firmware itself is now the issue that needs to be solved....

for what it's worth, I have paid for a copy of IPSF and am willing to donate my IMEI for the cause.

Originally Posted by Zibri

I tried that. It's not a crack.. it just adds the geohot method inside the ipsf gui.
So it wont do what IPSF usually does.. but the same that geohot did.

i don't think that's right. that offset patch skips the ipsf activation server check. it returns "unlock error" because the binary knows it didn't connect to the server. however, it gives that error after it actually runs the unlock patch. it SHOULD return the at code of 5 after the unlock (unlocked) vs. 4 (unlocked and lockable) which geo's hardware method returns

so does it unlock?

Having now seen IPSF for myself, I also think they have inside info from Apple. In fact I would not be surprised if IPSF was tacitly sponsored by Apple, through several layers, to provide them deniability.