I have been really busy recently with life, work and everything NOT iPhone. It seems to have pissed a few people off, others sent me SMS/emails messages saying that I had obviously given up on iPhones and unlocking my 3G and I had no time for the blog etc. Well to be honest, I kind of have (had). Thankfully the Dev Team are still working on the iPhone 3G baseband Unlock and here is the latest that they have posted on their blog.

“We’ve been exploring different ideas with the 3G unlock, but this past weekend one of us hit a big snag. For whatever reason, all of our poking and prodding of the 3G baseband caused it to finally have a breakdown.   After one specific exploit run, all of a sudden our baseband stopped responding to the OS.   Even after multiple restore attempts, we were plagued with errors like this:

Somehow our software hacking had caused the baseband chip’s SPI bus to stop responding (so it looked like a hardware problem).   Even though BBUpdaterExtreme reported the correct baseband version, it failed basic tests like memtest:

If you’re familiar with the baseband revision history for the 3G iPhone, you may have noticed that the above captures were done at the original 01.45 baseband.  As dire (and hardware-related) as these messages sounded, though, there was a simple solution.  We just updated to 01.46 and then downgraded again (because we can run unsigned code on the baseband CPU) to 01.45.

We tried to recreate the problem by using the same exploit over again, but it doesn’t appear to be reproducible (which is actually disappointing, as it might have been exploitable).

Anyway, there you go…a random, technical snapshot of dev team work.”

One readers comments suggests that this may be the method that leads to a 3G baseband unlock if the Dev Team can re-create the error again and are able to upload unassigned code that can execute the unlock.

Saggy Old Man Nuts says: 1 point

Please login to rate.

Do you already have an account? Log in and claim this comment.

You guys are geniuses!!! All you have to do at this point to recreate the exploit is to migrate in the reference file ICE2 to the CFI loader. Once you do that, the bootsector is going to change its boot mode from 0xCC to 0xFF. Which of course is going to allow you to send a flash ID to the Protocol configuration sect which ultimately will allow the core kernel to redirect and redistribute the command queue, preventing it from stalling on command 2215. Once all this is accomplished you can then run any unsigned code on the baseband. So there you go guys.

 Retweet This Post

Join the forum discussion on this post - (1) Posts

3G iPhone, Software Unlock - YES!, What's New 3G, baseband, bootloader, dev team, iPhone, unlock

TA_Mobile is a Vietnamese iPhone hacker and has been hard at work taking apart his new 16Gb white iPhone 3G and has managed extract bootloader 5.8 from the hardware. Although this itself is not a unlock, it does give dev’s like ta_mobile, the Dev Team, GeoHot and others one step closer to unlocking the iPhone 3G baseband.

The bootloader and baseband are critical to both software and hardware unlocks. Ta_Mobile hopes that the new Bootloader 5.8 can be used to create a soft unlock like that mentioned by the Dev Team on their Wiki:

Simple Unlock

“From the S-Gold’s perspective, here are the fundamentals of unlocking basebands. A simple byte sequence search combined with a neutered baseband are all you need. (The s5l8900 CPU imposes other restrictions beyond this discussion.)

• The secpack is at ICE*.fls offset 0×1a4 (0×800 bytes long)
• The baseband is at ICE*.fls offset 0×209a4
• The baseband length is at ICE*.fls offset 0×20 (subtract 0×20000)

Due to gray’s initial RCE of the baseband, and combined with a neutered bootloader, unlocking recent and future basebands has been reduced to a simple byte search. “

For now ta_mobile is only distributing the 5.8 bootloader files to developers looking to create a software unlock. With

Click here for the original Article and more photos

 Retweet This Post

3G iPhone, Hardware Unlock (Sim Hacks), Software Unlock - YES!, What's New, iPhone Unlock Updates 3G, baseband, bootloader, General iPhone, hardware, ta_mobile, unlock