Posted by George Hotz on under bruteforcer, phes, 111111111111111, nck, imei, brute force, emulator, digits, magic | 
So thanks to the magic of an activation emulator and the original work of Dvd Jon, I got the activation/unlock record of a French unlocked iPhone. The field looks like
"UnlockCode" = "NO=111111111111111&";
with the 1's replaced by the code. "NO" is the lock type. There are fifteen digits, so I'm pretty sure the NCK length is 15. This is out of range of a bruteforcer, and I doubt, although its possible, that the NCK's are based off the IMEI/DevID. I would think Apple just has a big lookup table. Although any visible pattern would shorten the brute force time. So I still really need a.plists off legal unlocked phones.
Tagi: bruteforcer, phes, 111111111111111, nck, imei, brute force, emulator, digits, magic
Posted by George Hotz on under th pack, iphe, phes, testpoint, bootloader, ps thanks, old hardware, phe, baseband, fls, firmware, sully, step 3, obstacle, brick, psp, bb, fi |
First of all, HUGE thanks to
TA_Mobile and IMTH for getting us the secpack from 1.1.3 Also, thanks to psp_sully for giving me a 1.1.2 OTB phone to play with. Without them there would be no unlock, and no blog post.
YOU VERY WELL MAY BRICK YOUR PHONE WITH THIS. Be careful. I have done it sucessfully on two phones, and have never bricked an iPhone in my life.
So lets get down to business. It is a hardware method to downgrade the bootloader, and I am assuming you are familiar with the old hardware method, so I won't repeat steps. You need to have a 1.1.2 4.6 phone for this to work. If you upgraded to 1.1.3, have fun waiting for 1.1.4!
First download
this pack, you will need these files. This includes the NEW secpack, a new ieraser, a new testcode.bb, and a new iunlocker.
1. Copy all the files to a directory on your phone. It is imperative you do not shut off the phone after ieraser, or you cannot restore wifi, since the only fls which works on 4.6 is 1.1.3 Install mobileterminal before you begin, in case you lose wi-fi. Also I advise doing this on 1.0.2, since resetting the baseband doesn't cause problems.
2. Run ienew. This is ieraser, and it erases your 1.1.2 firmware to allow the testpoint to work.
3. Find an old 3.9 nor dump and create a file called "nor" with the first 0x20000 bytes of the old nor dump. This is the 3.9 bootloader.
4. Copy "nor" into the folder and run iunew. This is iunlocker and runs just like the old one. You will need the A17 testpoint on before running this. See
Step 3 for info on this testpoint. If you restarted and lost wi-fi, it is fine. Just run it from mobileterminal.
Note: "bbupdater -v" shouldn't work at this point, since your phone has no firmware, just a bootloader.
5. The bootloader is now 3.9!!! Run bbupdater -f or restore phone with the AnySimmable firmware of your choice. It seems people are having the most luck with the firmware from 1.1.2
6. Run AnySim and, as usual, enjoy your unlocked iPhone.
PS. Thanks again to TA_Mobile and IMTH. The secpack was the only obstacle to the unlock. And thanks to the girl who pressed the return button while I held the testpoint :)
Tagi: th pack, iphe, phes, testpoint, bootloader, ps thanks, old hardware, phe, baseband, fls, firmware, sully, step 3, obstacle, brick, psp, bb, fi
Posted by on under phes, creatis, mixed blessing, new bug, phe, bug fixes, sdk, firmware, new features, peoe, developers |
Okay, so I've finished my preliminary examination of the iPhone 1.1.4 firmware. And what's new?
Bug fixes. Like three of them. No new features, no new apps, nothing.
Not even any significant changes that would render the current jailbreak methods unusable.
So it looks like the official iPhone SDK and the hacked SDK will live in harmony, at least to begin with. That seems like a mixed blessing - on the one hand we will have developers and iPhone users remaining free to do with their phones as they wish - something I am very passionate about.
However, it will likely also mark the rise of the market for pirated iPhone applications - bought through iTunes, then copied off using one of the many ways to get files off the phone. Then shared through various channels, as usual.
I for one am hoping that the developers of paid applications will get their dues - for people like myself who make a living off of their creations it's...
Read the rest of this post
Tagi: phes, creatis, mixed blessing, new bug, phe, bug fixes, sdk, firmware, new features, peoe, developers
Posted by Chris on under scott moritz, iphe, dad check, hey dad, worldwide developers, video messaging, phes, fitting room, video message, iphone, camera lens, copy paste, video messages, video camera, intimacy, video clips, ace, shame, capability, neighborhood |
With everyone wondering what Apple will reveal about the next-generation iPhone at the Worldwide Developers Conference on Monday, there is debate over whether the new iPhone will feature some sort of video messaging, with perhaps a video camera lens on the face of the iPhone.
Apple may be working on video messaging, giving users the ability to send short clips to each other. Think YouTube, delivered.
— Scott Moritz
An iPhone with video messaging capability might have a lens on the face, and use the 3G chipset to send the video.
Some blogs question the usefulness of such a feature, but I can think of situations where people would like to send video clips. Here are three:
-
While traveling.
From 3,000 miles away, I could send a video message like “Hey Dad, check out this view. You would love this place.”
-
While shopping.
Imagine your partner sends you a video message from a fitting room. “Which of these looks better on me?”
-
On the road.
e.g. a video message from you to a friend: “I can’t find the place. Is this the neighborhood?”
If Apple introduced video messaging on iPhone, they would set a new precedent for the future of mobile phones.
Would you video message?
Is video messaging pointless? Or does it add an appreciable intimacy to our digital interactions?
When would you use video messaging if it were on your iPhone?
I would love to hear your opinion in the comments.
P.S. I will add needed links later. This post was written on my iPhone. Shame on Apple for leaving out a copy/paste function. Blogging on the iPhone is hard work!
Tagi: scott moritz, iphe, dad check, hey dad, worldwide developers, video messaging, phes, fitting room, video message, iphone, camera lens, copy paste, video messages, video camera, intimacy, video clips, ace, shame, capability, neighborhood
Posted by George Hotz on under gizmodo, phes, recovery mode, iphone, possiblity, iboot, endpoint, dev team, 3g, bricks, date time, hack, protocol, fear, beta, truth |
So I read
this on gizmodo. Here's the truth...
Post beta 4, the ramdisk hack stopped working. Sorry Zibri, guess you'll have to steal another exploit. They also changed the recovery mode USB protocol to use the control endpoint to send commands.
The possiblity of unlocking, which is very distinct from jailbreaking, is based entirely on the baseband bootloader. Apple doesn't appear to upgrade the bootloader on phones in the field, probably for fear of bricks. So any old iPhones out there today, regardless of version, can be unlocked.
The iPhone 3G uses a different bootloader, which I believe there aren't any known exploits in yet. So no unlock.
There is a known exploit in iBoot, on both the old and 3G iPhones. The "the specific date/time is not firm yet" pwnage tool will leverage it to jailbreak all 2.0 software iPhones, 3G and otherwise. Dev team, that date better be soon or I might just have to release
yiPhone. The iBoot exploit is yours, use it. You wouldn't want a repeat of ZiPhone now...
Tagi: gizmodo, phes, recovery mode, iphone, possiblity, iboot, endpoint, dev team, 3g, bricks, date time, hack, protocol, fear, beta, truth
