Results 1 to 2 of 2
Discuss My thoughts about unlocking and why IPFS is a real permanent unlock at the iPhone "2G" (Rev. 1) - Hackint0sh.org; I've been unlocking cell phones for more than 5 years, and even though i don't ...
  1. #1
    Senior Professional Array

    Join Date
    Jul 2007
    Location
    Bergen, Norway
    Posts
    174
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    16

    Exclamation My thoughts about unlocking and why IPFS is a real permanent unlock

    I've been unlocking cell phones for more than 5 years, and even though i don't develope the solutions myself, i know pretty much how it works - and iphone does not appear to be different from others, except for the fact that it needs activation.

    There's two types of unlocking: "Firmware-patch" and "Direct unlock"
    • Firmware patch is simply patching the firmware in order to bypass the unlock. Phone is still "locked", firmware is just tricked into believing it's not. An example would be when phone startsup and runs code "if(phoneIsLocked == false) doStartphone();" - a patch would simply change "false" to "true", causing it to run doStatphone() even when it's locked. If firmware is upgraded/restored, this patch will of course be removed and were back to start again. This type is in the industry considered as a semi-unlock, and only accepted as a last resort if no other way is found (usually, it's just a temporary solution)
    • Direct-unlock is the real way of unlocking phones. Usually it involves just rebuilding the entire lockdata in EEPROM with "blank" unlocked data. Or the safest way is to get the phone itself to clear the data by making it unlock itself - which could be achieved by for example finding the unlock codes and feed it with them. This would leave absolutely no trace of "hacking" - it will be 100% correctly done, as intended by the manufacturer.
    • (SIM-cloning/Turbosim is not mentioned, because that's not considered unlocking.)


    When a phone is unlocked (in a proper way), it will always be unlocked. Firmware upgrades never touches EEPROM, including lock data.

    Here are my thought's on how iphone unlocking works - of course, it's just my thoughts based on my experience with other phones, and i may very well be wrong.

    IPFS unlock solution is permanent, and will handle all future updates
    Yes, i'm fairly sure that a phone unlocked with IPFS is a proper unlock (not firmware patch), making it permanent. But of course, unlike other's, iphone needs activation and IPFS therefore completely dependent on activation, which is depending on jailbreak. But when it comes to the operator lock itself, IPFS's permanently unlocks it.

    I'm not sure exactly how IPFS does unlock it, but i'm feeling very sure it's one of these:
    1. IPFS reads data from the baseband/EEPROM, and rebuilds the lock area in EEPROM with proper data - without any lock. This is exactly the same done on almost all other phones.

    2. IPFS patches the baseband, but only as a temporary step in order to achive the above. When it's finished, it doesn't matter if the patch is removed (bb upgraded), because phone is already unlocked.

    AnySIM and the other solutions are fimware patch solutions and will never survive baseband flashing/upgrade. Unlike IPFS (if IPFS also patches firmware), AnySIM patches firmware in order to bypass the lock, not in order to unlock it - or at least it's not unlocking it properly. The fact that anysim unlocked phones are bricked after upgrading, must be caused by changes the anySIM solution does to EEPROM, which is not properly done, and makes it "corrupted" as seen from the new firmware.

    In my opinion there's no reason to be so negative about IPFS. They did the real unlock and so far noone have been able to recreate their solution. So don't expect a free real solution for 1.1.1 appearing very soon either. A free patch-unlock though is probably already possible now that they have decrypted the ramdisk, i will try that tomorrow. Of course iphone dev team are doing the most important work, and let's hope they soon will be able to work out a direct unlock solution as well.

    Feel free to correct me, i already mentioned this is just how i think it works.
    Last edited by GeeZuZz; 10-11-2007 at 07:52 PM.



  2. #2
    Professional Array

    Join Date
    Sep 2007
    Posts
    74
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by GeeZuZz View Post
    must be caused by changes the anySIM solution does to EEPROM, which is not properly done, and makes it "corrupted" as seen from the new firmware.
    This is the bit we WANT/NEED to know more about. In what way is the EEPROM being corrupted? Is it writing garbage?

    Anybody know the specifics of the anySIM sec zones errors?

 

 

Similar Threads

  1. Iphone 1 permanent unlock?
    By SuperMesna in forum General
    Replies: 3
    Last Post: 04-28-2011, 09:32 AM
  2. MacNN: Real given permanent RealDVD ban, to pay $4.5m
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 03-04-2010, 01:30 AM
  3. Some thoughts/questions about unlocking 1.1.2 iphones
    By stavros in forum iPhone "2G" (Rev. 1)
    Replies: 16
    Last Post: 11-14-2007, 12:35 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 02:57 PM.
twitter, follow us!