GeoHot speaks about the challenges of unlocking iPhone 3G
By Aaron Besson at 24 July, 2008, 8:04 am
GeoHot seems to have caught the bug again so to speak. He has recently taken on the challenge to unlock the iPhone 3G, and he is finding out that the new Infineon Chip is not going to make is easy. The first gen iPhone was a challenge, but this new 3G iPhone hardware is going to be allot tougher than anyone thought.
“The 3G bootloader is sig checked by the bootrom. So even removing the NOR and patching the bootloader (to remove main fw sig checks) and main firmware doesn’t work for an unlock. Big thanks to TA_Mobile for dumping the NOR and confirming this. You have some real skills.
The X-Gold 608 is the chip used. The lame “datasheet” infineon gives us shows the hardware RSA and the secure bootrom. So we have a real problem. Even if we find an unsigned code exploit, which wasn’t done for the previous two bootloaders in software (we found tricks to play with the nor), we still can’t unlock.”
It is clear that the old tricks that hackers like GeoHot and the Dev Team used are not goingot work on the new iPhoen 3G. Apple has added allot of hardware imporvements to try and stop hackers form even be able to access the hardware to get the info needed to successfully load an unlock to the device.
The first step to tackling this is dumping the bootrom. We need some exploit, I don’t care where, to dump arbitrary memory. Then we can dump 0×400000, which is the new “secure” bootrom.
There is no doubt that the iPhone 3G will eventually be unlocked via software, either by GeoHot, the Dev Team, Ta_Mobile or some other hot shot hacker. There are already spoof solutions using X-Sims and Yes Sims, but who wnats that? A real software solution is what is needed here.
 Print This Post
|
 |
|