craigp
01-22-2008, 12:29 PM
Latest Guide News
5:25pm GMT - 10th Feb 08
Amazingly significant news. All iPhones can now be software unlocked, for free. The amazing George Hotz did it overnight. Check his blog for the interesting story of how and why he did it. Dead simple instructions here: http://iphone.unlock.no/OTB112unlock.htm
9:40am GMT - 25th Jan 08
An 'unofficial' 1.1.3 Jailbreak/Activation has been released. Apparently, this jailbreaking solution is illegal (http://hackint0sh.org/forum/showthread.php?t=25147), as it reportedly contains material copyrighted by Apple. A second, 'official' iPhone Dev Team release is now also available (http://hackint0sh.org/forum/showthread.php?t=25677). The word is that the unofficial 1.1.3 jailbreak is easier to perform, but may contain a few rough edges or bugs.
Introduction
I've found understanding how the iPhone and iPhone jailbreak / hacking / unlocking processes work a little confusing. There are a few good guides on doing some of these processes, but few actually go so far as to explain what's actually going on - and I find sometimes I can fix problems that may occur better if I actually understand the process myself.
So, this is my effort to collect together as much information as I can into a complete beginner's guide to hacking the iPhone. The hope is that it'll provide people coming after me with a single place to learn all the stuff that seems to have taken me weeks to get to grips with.
This summary assumes you're not doing things the 'official' way (i.e. a proper iPhone-contract AT&T or UK O2 SIM, or with the official iPhone unlock).
iPhone Firmware
The software on the iPhone is called the 'firmware' and can be upgraded in the same way the operating system on a computer can be upgraded. Apple recently released firmware version 1.1.3 that introduced the ability to reorder icons on the home screens, and a few other cool features. Upgrading the firmware is something Apple want you to do, and is made really easy through iTunes.
You can find out what version of the firmware you're running by going to Settings > About > Modem firmware.
1.0.2 - out-the-box comes with bootloader 3.9 - Activate / Jailbreak with iNdependence
1.1.1 - out-the-box comes with bootloader 3.9 - Activate / Jailbreak with AppSnapp
1.1.2 - out-the-box comes with bootloader 4.6 - Activate / Jailbreak with TouchFree after 'updating' (not restoring) from 1.1.1 and installing Oktoprep from installer
1.1.3 - out-the-box comes with bootloader 4.6 - Activate / Jailbreak with 1.1.3 soft upgrade in installer
You upgrade to any version other than 1.1.3 through iTunes. Upgrading to 1.1.3 should be done using the soft upgrade solution, not iTunes.
GSM Components
The iPhone's software that controls the GSM radio (the mobile phone bit of the iPhone) seems to have a few distinct components. These are:
Bootloader
Not sure what this does, but iPhones bought at different times have different versions of the bootloader. iPhones that had 1.1.2 or 1.1.3 when they were purchased (referred to as out-the-box or 'OTB') have bootloader version 4.6. Firmware 1.1.1 and prior have bootloader version 3.9.
Baseband
The baseband seems to be the bit of software that interacts with the GSM radio (the phone bit) directly. Baseband 04.02_13G and 04.03_13G can be unlocked using the GeoHotz method.
[INDENT]03.14_08G - comes with 1.0.2
04.01_13G - comes with 1.1.1
04.02_13G - comes with 1.1.2
04.03_13G - comes with 1.1.3
Upgrading to a newer iPhone firmware through iTunes version will cause the baseband firmware to be upgraded too, potentially breaking your SIM unlock if you used an AnySIM method. Allegedly, the GeoHotz method is upgrade resistant.
Secpack
I'm not sure what this is, but getting the secpack from the 1.1.3 firmware was apparently crucial to being able to downgrade the 04.02_13G baseband firmware that you get if you update to 1.1.3.
Seczone
Seczone is stored inside of baseband eeprom where IMEI, NCK etc are saved.
Lockdownd
This is an important file, but I'm not sure why. If anyone knows what this is, please post a reply to this thread.
Hacking Components
Along with the software components that play a part in the hacking of the iPhone, there are a series of states of 'hacked-ness' the iPhone can be in:
Activation
Activation is supposed to ensure that you can only use your iPhone when you get it out the box once you've plugged it in to iTunes. By doing this, Apple can make you register, set up a contract, etc... Once you turn the iPhone on, you can't get past the activation screen to use the phone or any of the other apps unless you activate.
Obviously, if you're not using the official SIM, you're not going to want to be activating your iPhone in the official way.
On the Mac, you can use iNdependance (FW 1.0.2), the ever-elegant AppSnapp (1.1.1), Oktoprep and TouchFree (1.1.2), or the software upgrade 1.1.3 method.
Jailbreaking
Jailbreaking is the process of enabling third-party applications to be installed. What makes jailbreaking so special is that it decrypts the iPhone's file system, allowing it to be read and written to by your computer. Once this level of access is available, the Installer application can be installed, and then you can download and install applications from the iPhone itself.
Since jailbreaking requires the iPhone to be activated first, jailbreaking and activating are usually performed as one step (certainly they are in 1.1.1, 1.1.2 and 1.1.3).
Unlocking
Commonly confused with activation or jailbreaking, unlocking refers to the process of making the iPhone be able to use any SIM card put in it, not just the 'official' ones (AT&T, O2, etc...). Unlocking using AnySIM (the free community-driven unlocking app) works by making changes to the baseband (see above), and must be installed and run on your phone - which requires it to be activated/jailbroken. Upgrading your iPhone to a new firmware usually upgrades the baseband, and your AnySIM unlock will be overwritten. The new GeoHotz method is apparently upgrade resistant, so use this over AnySIM.
All current firmware versions can be unlocked properly via the GeoHotz method. You may need to upgrade your firmware first though. See links above.
Useful Links
Now that you (hopefully) understand a little more about the processes involved in hacking the iPhone, you're going to want to know how you do it. Some of the best guides are:
http://iphone.unlock.no/ - general guides for downgrading/upgrading and unlocking. Once you understand the basics in this guide, you can use the great tutorials on the linked site to perform the hacking.
Please note
This guide is an evolving entity. If you know that any of the information in it is incorrect, or think you can add or clarify a point above, please post a reply or send me a PM, and I'll keep the guide updated.
Thanks
Thanks for their contributions go to:
- SoLoR (clarification on OTB 1.1.2 coming with BL 4.6, and for 'Seczone' / 'Secpack' distinction)
- Douglas Adams (who is an inspiration, and would probably have loved to have seen the iPhone)
5:25pm GMT - 10th Feb 08
Amazingly significant news. All iPhones can now be software unlocked, for free. The amazing George Hotz did it overnight. Check his blog for the interesting story of how and why he did it. Dead simple instructions here: http://iphone.unlock.no/OTB112unlock.htm
9:40am GMT - 25th Jan 08
An 'unofficial' 1.1.3 Jailbreak/Activation has been released. Apparently, this jailbreaking solution is illegal (http://hackint0sh.org/forum/showthread.php?t=25147), as it reportedly contains material copyrighted by Apple. A second, 'official' iPhone Dev Team release is now also available (http://hackint0sh.org/forum/showthread.php?t=25677). The word is that the unofficial 1.1.3 jailbreak is easier to perform, but may contain a few rough edges or bugs.
Introduction
I've found understanding how the iPhone and iPhone jailbreak / hacking / unlocking processes work a little confusing. There are a few good guides on doing some of these processes, but few actually go so far as to explain what's actually going on - and I find sometimes I can fix problems that may occur better if I actually understand the process myself.
So, this is my effort to collect together as much information as I can into a complete beginner's guide to hacking the iPhone. The hope is that it'll provide people coming after me with a single place to learn all the stuff that seems to have taken me weeks to get to grips with.
This summary assumes you're not doing things the 'official' way (i.e. a proper iPhone-contract AT&T or UK O2 SIM, or with the official iPhone unlock).
iPhone Firmware
The software on the iPhone is called the 'firmware' and can be upgraded in the same way the operating system on a computer can be upgraded. Apple recently released firmware version 1.1.3 that introduced the ability to reorder icons on the home screens, and a few other cool features. Upgrading the firmware is something Apple want you to do, and is made really easy through iTunes.
You can find out what version of the firmware you're running by going to Settings > About > Modem firmware.
1.0.2 - out-the-box comes with bootloader 3.9 - Activate / Jailbreak with iNdependence
1.1.1 - out-the-box comes with bootloader 3.9 - Activate / Jailbreak with AppSnapp
1.1.2 - out-the-box comes with bootloader 4.6 - Activate / Jailbreak with TouchFree after 'updating' (not restoring) from 1.1.1 and installing Oktoprep from installer
1.1.3 - out-the-box comes with bootloader 4.6 - Activate / Jailbreak with 1.1.3 soft upgrade in installer
You upgrade to any version other than 1.1.3 through iTunes. Upgrading to 1.1.3 should be done using the soft upgrade solution, not iTunes.
GSM Components
The iPhone's software that controls the GSM radio (the mobile phone bit of the iPhone) seems to have a few distinct components. These are:
Bootloader
Not sure what this does, but iPhones bought at different times have different versions of the bootloader. iPhones that had 1.1.2 or 1.1.3 when they were purchased (referred to as out-the-box or 'OTB') have bootloader version 4.6. Firmware 1.1.1 and prior have bootloader version 3.9.
Baseband
The baseband seems to be the bit of software that interacts with the GSM radio (the phone bit) directly. Baseband 04.02_13G and 04.03_13G can be unlocked using the GeoHotz method.
[INDENT]03.14_08G - comes with 1.0.2
04.01_13G - comes with 1.1.1
04.02_13G - comes with 1.1.2
04.03_13G - comes with 1.1.3
Upgrading to a newer iPhone firmware through iTunes version will cause the baseband firmware to be upgraded too, potentially breaking your SIM unlock if you used an AnySIM method. Allegedly, the GeoHotz method is upgrade resistant.
Secpack
I'm not sure what this is, but getting the secpack from the 1.1.3 firmware was apparently crucial to being able to downgrade the 04.02_13G baseband firmware that you get if you update to 1.1.3.
Seczone
Seczone is stored inside of baseband eeprom where IMEI, NCK etc are saved.
Lockdownd
This is an important file, but I'm not sure why. If anyone knows what this is, please post a reply to this thread.
Hacking Components
Along with the software components that play a part in the hacking of the iPhone, there are a series of states of 'hacked-ness' the iPhone can be in:
Activation
Activation is supposed to ensure that you can only use your iPhone when you get it out the box once you've plugged it in to iTunes. By doing this, Apple can make you register, set up a contract, etc... Once you turn the iPhone on, you can't get past the activation screen to use the phone or any of the other apps unless you activate.
Obviously, if you're not using the official SIM, you're not going to want to be activating your iPhone in the official way.
On the Mac, you can use iNdependance (FW 1.0.2), the ever-elegant AppSnapp (1.1.1), Oktoprep and TouchFree (1.1.2), or the software upgrade 1.1.3 method.
Jailbreaking
Jailbreaking is the process of enabling third-party applications to be installed. What makes jailbreaking so special is that it decrypts the iPhone's file system, allowing it to be read and written to by your computer. Once this level of access is available, the Installer application can be installed, and then you can download and install applications from the iPhone itself.
Since jailbreaking requires the iPhone to be activated first, jailbreaking and activating are usually performed as one step (certainly they are in 1.1.1, 1.1.2 and 1.1.3).
Unlocking
Commonly confused with activation or jailbreaking, unlocking refers to the process of making the iPhone be able to use any SIM card put in it, not just the 'official' ones (AT&T, O2, etc...). Unlocking using AnySIM (the free community-driven unlocking app) works by making changes to the baseband (see above), and must be installed and run on your phone - which requires it to be activated/jailbroken. Upgrading your iPhone to a new firmware usually upgrades the baseband, and your AnySIM unlock will be overwritten. The new GeoHotz method is apparently upgrade resistant, so use this over AnySIM.
All current firmware versions can be unlocked properly via the GeoHotz method. You may need to upgrade your firmware first though. See links above.
Useful Links
Now that you (hopefully) understand a little more about the processes involved in hacking the iPhone, you're going to want to know how you do it. Some of the best guides are:
http://iphone.unlock.no/ - general guides for downgrading/upgrading and unlocking. Once you understand the basics in this guide, you can use the great tutorials on the linked site to perform the hacking.
Please note
This guide is an evolving entity. If you know that any of the information in it is incorrect, or think you can add or clarify a point above, please post a reply or send me a PM, and I'll keep the guide updated.
Thanks
Thanks for their contributions go to:
- SoLoR (clarification on OTB 1.1.2 coming with BL 4.6, and for 'Seczone' / 'Secpack' distinction)
- Douglas Adams (who is an inspiration, and would probably have loved to have seen the iPhone)