Yeah I thought I could wait for a unlock too. Guess not. :iphone:

Originally Posted by brasuco

Hi Everybody,

I've been away from the scene for quite a while, but I'd like to give my 2 cents to this discussion.

From what I've learned from the iPhone 2G, when the iPhone is unlocked it should come in a state known as "Factory Activated".

That's verified by the lockdownd daemon by reading the tokens inside the lockdownd directory. These tokens are likely put inside the phone by iTunes during the activation process by checking the phone's serial number (or something equivalent). If lockdownd doesn't find the tokens, it will put the baseband in a locked state (semi locked, actually, because lockdownd itself can bring it back again without the need for the NCK, it must be some silly AT command).


The way I think the pwnageTool work for activation purposes is by Patching the lockdownd daemon so it always returns some activated state. Some techniques used to do the same also change some of the inner keys so tokens could be spoofed.

In order to simplify the patching of the lockdownd binary and get activation right away, some tokens used to be erased so they wouldn't get in conflict with the ones used for youtube, etc.

What I thing is going wrong is that officially unlocked iPhone might read the factory activated tokens via another program, and since they are not there, the whole thing will result in a locked state. Or maybe even the lockdownd binary is no patched properly (maybe in some cases the execution flow follows other paths that are not covered by the patch and will inevitably make the binary seek for the tokens anyway).

So, in my opinion, it has nothing to do with the NCK. The baseband remains unlocked, but the iPhone OS is putting it in the semi-locked stage (via lockdownd or another new binary) because of the activation issues I described.


So, I guess, in order to avoid any trouble with officially unlocked phones, your should choose "No Activation" in the pwnage tool.


Well, that's only my 2 cents...

hmm, seem you almost agree with my theory. Thank you for sharing your experiences.

Originally Posted by ta_mobile

hmm, seem you almost agree with my theory. Thank you for sharing your experiences.

So that theory sounds for me like true. Because if have 2 phones right now, one locked 3G from swiss and one unlocked from italy. If you restore both of them and connect it to itunes, the italy one calls 3 times to the "apple store" before any other screen appears in itunes, after that, its activated (and the phone self resprings with black screen and a spinning weel on the bottom) without any notice (Ok Ok, mobile me ad and registration if not already done), the swiss one only connect one time to the "apple store" and remains locked. So, your theory is not far from the truth i think. The last times i was too lazy to grab out the traffic between iphone, itunes and the internet, but i think i manage this on weekend. The traffic is encrypted i think, but we can find out differences between the two models traffic.

Only my 2 cents from 2 phones

Hi,
I've download your one of your BB's yesterday and I discovered that there is possibly function like that "SI_MODIFY_LOCK_IND", i'll try to investigate it today, but im courious what is that.

..and I'm tracking your new uploads

Best regards
Marek

thank you guys for your comments, it's great to know my 2 cents theory still has someone cares. Pls try your best with what you're pretending to do then give out here the result. That's will be very excited while the unlocking scene is getting hotter each day.

Br

You all are our only hope now... Geohot is posting some stuff on his blog then saying "Oh I am not working on the unlock..." Confusing for us normal people.

But you, ta_mobile, all the best, I know you are trying your best. The LOCK system can't be that great, can it? Is Apple and Infineon engineering that fantastic? I can't imagine so...

PS. No news or even minor updates from Dev Team so I am worried...

I know... I am freaking out here a bit...

Originally Posted by ta_mobile

thank you guys for your comments, it's great to know my 2 cents theory still has someone cares. Pls try your best with what you're pretending to do then give out here the result. That's will be very excited while the unlocking scene is getting hotter each day.
Br

Hey nvidia2008,

I know what you mean... I'm freaking out, thinking perhaps an unlock is not possible... Imagine a Hack situation like xbox<-->xbox360. Not for playing copied games... No, for the real deal, unsigned code, homebrew SW, or in case of the iPhone, not just jailbreak, the unlock! The first one was hacked very fast, and a huge community was born, the second product is much more secure, simply not hackable... at least that fast! That's what i'm bothering about... I hope Dev Team will show me, that I'm totally wrong... PLEASE!

Originally Posted by -FX-RIDER-

Hey nvidia2008,

I know what you mean... I'm freaking out, thinking perhaps an unlock is not possible... Imagine a Hack situation like xbox<-->xbox360. Not for playing copied games... No, for the real deal, unsigned code, homebrew SW, or in case of the iPhone, not just jailbreak, the unlock! The first one was hacked very fast, and a huge community was born, the second product is much more secure, simply not hackable... at least that fast! That's what i'm bothering about... I hope Dev Team will show me, that I'm totally wrong... PLEASE!

I haven't heard of anything that's not hackable.
If you can hack into the Pentagon you can probably hack into a cellphone
Think it's just a matter of time, and I hope that time is coming very soon.

Originally Posted by JohnFa

I haven't heard of anything that's not hackable.
If you can hack into the Pentagon you can probably hack into a cellphone
Think it's just a matter of time, and I hope that time is coming very soon.

maybe nothing is not hackable, but some hack requier genius people and time.
BB5 was not unlocked until dejan come back, 2 years of long long wait......
But i hope infineon chip have wekness....
WBR

Originally Posted by SLIPLOCK

maybe nothing is not hackable, but some hack requier genius people and time.
BB5 was not unlocked until dejan come back, 2 years of long long wait......
But i hope infineon chip have wekness....
WBR

You're saying the Dev Team aren't geniuses?