PDA

View Full Version : Can we try to think about it this way?

iphone6
12-11-2007, 02:21 PM
Hi

I would like to start out by saying i am a complete newbie at this. I do not know how to program but i have a couple of thoughts i would like to throw around. I was thinking about turbosim and how it fakes an AT and T card and was wondering if a piece of software could be written to spoof the IMSI and ICCID at the OS level that does not need to modify the BB or BL?

I am assuming that the iphone sim auth works in the following way

1. The sim card is inserted, the Baseband will send a request for the IMSI and ICCID

2. The sim card reports it's IMSI and ICCID to the baseband

3. The baseband checks the reported IMSI and ICCID against the correct stored inside the baseband

4. Once the baseband confirm that the two match, the baseband will allow the iphone to access the sim functions and operate normally.

Is the above correct?

If so then maybe that idea could be a possibility?

I hope i have made some sense to someone :-)

Thank you for reading.
opensky
12-11-2007, 02:23 PM
That's what *sim did
Nikolas.A
12-11-2007, 02:25 PM
how will you get a software to alter values exchanged between hardware?
iphone6
12-11-2007, 02:58 PM
That's what *sim did

Okay. As far as i understood anysim to work was that it actually modified the baseband. See http://iphone.fiveforty.net/wiki/index.php/Software_Unlock

Am i correct in my thinking?

In response to Nikolas.A

I do not know how the Sim card and the baseband exchange data Thanks for clearing that up for me. I was thinking along the lines of somehow getting a piece of software to intercept that process. Ah well. :-)

Thanks for replying.
Nikolas.A
12-11-2007, 03:11 PM
don't worry! I m not flaming you or anything! Brainstorming is what we need here!
Though I m convinced that a signature spoof or the itunes unlock is what we must look for.

People just wonder why no more updates from dev team and all that:
1) To reverse the unlock on iphone we need someone to sniff what packets are exchanged between iphone, itunes and apple servers. havent heard of anyone actually doing this.

2) To update the baseband with the 4.06 bootloader, we must have 2 things:
a) A newer version of baseband
b) Above version must be digitally signed

Its no proble to create a newer version, but the problem is digitally signing it.
We DONT know what a digital signature of a future version looks like, so there's no reason trying to spoof it!
Dev Team is waiting for a new baseband seczone update to find out what a digital signature of a newer bb would look like. Then they can "TRY"(key work) to spoof it on their edited baseband.