Some semi-good news for poor sods with 1.1.2 out of the box iPhones reached my eyes & ears this morning - 1.1.2 iPhones with the v4.6 bootloader can now have their bootloader downgraded to 3.9 and then unlocked. Unfortunately this remains a hardware testpoint method for the time being. If you’re brave and fearless you can follow geohot’s guide to doing this here
A 1.1.3 jailbreak still seems to be a ways off, with the good old symbolic link method seemingly neutered.
For anyone thinking of purchasing an iPhone in the near future, be aware that Apple is now shipping iPhones with an updated bootloader (4.6_M3S2) which has seen the a number of unlocking avenues closed.
All iPhone’s shipped after week 45 are very likely to have 1.1.2 pre-installed with this new bootloader - you can check to see the week of manufacture by looking at the devices serial number (e.g.xxx45xxxxxx means it was manufactured during week 45) or by issuing the following command within a shell:
Thankfully (obviously) Apple has not seen fit to include a bootloader update with their firmware releases, so iphonesimfree users with their zero’d seczones should be okay for the foreseeable future. Updating the bootloader would create all kinds of headaches for all end users - upgrading a bootloader is always a risky proposition.
I was pretty sure this would be possible, but reports about this working out there are sketchy at best so I wanted to put it to the test. Since I now have a test iPhone to break before selling it on, I upgraded it to 1.1.1 to dump the filesystem over the past few days. I also got to test to see if the upgraded modem baseband firmware would still work with a TurboSIM. To test, I downgraded from 1.1.1 to 1.02 - the modem firmware obviously remains intact from 1.1.1. Everything works as before with baseband version 03.14.08_G. I was half expecting to maybe run into some issues with Applesaft, as 04.01.13_G reads the AT&T IMSI three times as opposed to one, but all seems fine.
And that should be it. I haven’t actually tested this yet, so if some kind soul would be good enough to that would be great. Any HTTP traffic should now get routed over Meteor’s proxy. Mail probably won’t work, I’ll try to fix this when I get my hands on a Meteor SIM.
As I sort of suspected, the IMSI read flaw in the iPhone’s baseband has yet to be patched, so Turbo SIM’s should still work with 1.1.1. In addition it should be noted that unlocking via hardware using geohot’s method should always work, regardless of updates.
The problem, of course, is that in order to actually use your unlocked phone you need to activate it. And this can’t be done without having write access to the iPhone’s filesystem. iPhoneSimFree.com reported that their software unlock remains working, but without a way of activating 1.1.1 iPhone’s this can’t really be confirmed.
We knew this would happen weeks ago. Most of us knew that the iPhone was going to be locked down for third party applications as well as SIM unlocks. It isn’t possible (currently) to jailbreak an iPod touch and the same can now be said of any iPhone running 1.1.1. iTunes no longer communicates with the iPhone, instead iTunes listens for commands sent from the iPhone. This means listening for keys is no longer possible, which means decrypting ramdisks is also no longer possible. The whole thing is a tremendous pain in the ass but absolutely nobody can say this wasn’t expected. Just deal with it and accept it; we all knew what we were getting ourselves in for.
Incidentally, if you do need to restore your iPhone, download this:
I’ve noticed some weird issues regarding certain kinds of SMS messages not being delivered properly to my iPhone. Specifically, voicemail alert alerts sent by SMS never land in my inbox at all. After doing a little digging, it seems that the iPhone’s baseband has trouble interpreting incoming SMS messages coming from short codes.
Since short codes are used quite a bit in Europe for promotions, banking and the like I should think that the firmware shipping on European iPhone’s will have fixed this. In the meantime we’ll have to keep digging to try to find a workaround.