Originally Posted by Slurms Mckenzie

Well, looking at this it seems that you can flash the current firmware:
Manually flash iphone to 05.11.07 baseband

Of course they mention that you shouldn't try if you're on 5.12...

This guide seems to only work in a weird case where the baseband becomes corrupt/empty. That post suggests it is related to blacksn0w and a reset network settings - I have my doubts that blacksn0w is involved.

Originally Posted by Slurms Mckenzie

I think then the only way to get around this is to modify bbupdater to convince the bootloader that it's a later version. I think a good way to go about this is to pull the 4.0 beta baseband, 5.13, and have the bootloader "check" that, but have bbupdater flash the older firmware. Sort of like a card trick.

This is not going to work - without a new exploit in the way the bootloader verifies the payload.

modifying BBUpdaterExtreme won't help when the bootloader checks everything that is loaded into baseband.

Originally Posted by Olethros

modifying BBUpdaterExtreme won't help when the bootloader checks everything that is loaded into baseband.

I guess I really should research how the bootloader checks the payload there's only so much I've found online.

I'm assuming the bootloader checks the integrity of the baseband file before BBUpdaterExtreme is allowed to flash it. This is where a modified updater would tell the bootloader it is attempting to flash a newer genuine baseband, say 5.13 taken from the 4.0 beta. Of course, both the higher version and the lower version would have to be transfered over to the iPhone. The bootloader would check the 5.13 baseband and grant permission since it is genuine and a higher version then what's already on the chip. Then modified updater would begin to flash the older baseband. I suppose the bootloader could be checking to make sure that the updater isn't modifying anything on the fly, which I doubt, or it could be verifying at the end against the firmware file.

I wonder what the bootloader would do if it did verify at the end. If it verifies against the signature written in the baseband, then it would complete successfully since it's unmodified. If it tries to compare it to the newer baseband file, it will probably fail. I'm not sure if it would mark the baseband as "unbootable" in that case. If it asks BBupdater, then we could point it to the old file to verify the flash. It could also just crash.

The thing I'd like to point out is, once the new 'old' firmware is written, why would the bootloader not accept it? The only way that it wouldn't is if there is something in the bootloader itself that says there once was a higher version on the chip, or if after writing the bootloader determines the flash went bad and marks it as unbootable.

I think this is something that should be looked into since there's no real exploits being used other then a modified BBupdaterextreme. It would pass integrity checks when beginning the flash, and when booting.

The info you need is on theiphonewiki trust me patching bbupdater is not enough.