In the process of looking at the NORdumps of two iPhones, I found that the dumps were not exactly the same (both phones were still locked, but one was 1.0 out of the box, upgraded to 1.02, the other one was 1.0.2 out of the box; this might actually not matter at all).
The questions is where are the differences and why are they there. Could the IMEI number or a key be embedded in the NORdump (AES encrypted maybe).
Either way, I am in search of NORdumps from people who know exactly what condition their phone is in:
1. virgin, 1.0.2 out of the box, never unlocked nor upgraded.
2. 1.0.2 out of the box, then unlocked with anySim (indicate what version of anysim)
3. 1.0.2 out of the box, then unlocked with IPSF (also indicate what version of IPSF)
I would like to compare were the differences are, especially between a virgin phone and an ISPF unlocked phone. This might lead us to coming up with a way to safely unlock our phone similar to IPSF.
If you have a phone and know what condition it is in, please dump your NOR with the NORdumper tool.
NORdumper tool can be downloaded from: http://www.deadbeef.cn/NORDumper.tar.bz2
You need to disable the CommCenter before dumping and afterwards reload it. Upload NORdumper in /usr/bin. You will need SSH access to the phone as well as be able to get the dump off the phone.
The nordump will take about 20min (4MB file). You might get tossed out of your SSH while the dumper is running. Just re-login and check if the file size of nordump (see below) is 4MB:
# chmod +x NORdumper
# launchctl unload -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
# NORdumper nordump
# launchctl load -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
You can get the file off your phone with iBrickr or any ftp program (use root/dottie as login) or use scp.
You can email your dump to me at PmgRiPhone@gmail.com
. If you are comfortable with it, please include your IMEI number in the email; this might help in diff'ing the dumps and trying to find a key if the IMEI is encoded into the NOR.