Tag Archive for '1.1.4'

Apr 05

Iphone 1.1.3 1.1.4 jailbreaking/sim-unlocking how-to and FAQ

in Analysis and production and Hardware. Comments Printable version Printable version

As promise I get back to you about the Iphone jailbreaking and sim unlocking for firmeware 1.1.3 and 1.1.4. It is a good time do so because until the new firmware 2.0, it should stay that way.

First the big answer: Yes any iphone / ipod in firmware 1.1.4 can be jailbreaked and sim unlocked. Itn other words it means that any OTB iphone (out of the box) can be use on any network. You dont have to worry about the baseband as before because a hole has been found in the version 4.6.

The Walkthrough

The method involve using a soft called ziphone made by zibree. It is based on a vulnerability found by geohot and the old hole that exist in the baseband 3.9. I have use this soft on two iphones and it work perfectly.

Since a picture is said to worth thousands of word what about a video ? The above one, is a walktrought video for ziphone. I couldn’t have done better. It is very pro so thanks to richardlai for it.

The step by step guide

For those who need a step by steps guides here how to do so:

  1. Download ziphone.
  2. Download the last version of itune
  3. Download the firmware : iPhone1,1_1.1.4_4A102_Restore.ipsw (162 mo).
  4. Install Itune.
  5. Backup you data if you need to using itune.
  6. Use the restore button to install the firmware you have downloaded. To do so hold the shift key, when clicking on the restore button to have the opportunity to select a custom file.
  7. Wait until it is completed
  8. At this point your iphone ask for activation that is normal.
  9. Unzip ziphone.
  10. Launch ziphone.
  11. Ensure that the iphone is connected and visible in itune.
  12. Click on do it all
  13. Wait around 10 mn
  14. It is done. As you can see, you also have some additionnal software intalled
  15. If you want to add some additional software click on the blue icons on the bottom
  16. Restore your data if you have backuped them
  17. Congratulation

Frequently Asked Questions

Here is the answers to the most frequently asked question I get about the downgrade about the Iphone unlocking / jaibreaking. If you have more, shoot them in the comment section.

  1. First if you are not sure about the difference please read my previous post about iphone protection.
  2. Is the sim-unlock definitive? It depends of what you called definitive, geohot have reversed the technique used for simfree which is better than the previous one. Therefore now, the unlock will survive resets. However, if you change firmware the answer is no. Currently, the real activation method used by Apple can’t be used. We don’t know how to compute the unlock key.
  3. Why do have I to download the firmware from an alternative site ? Is it a modified version ? Well no its not however It prevent from bad surprise such as Apple doing a minor revision to patch the hole.
  4. Do itune need to be running : Yes it does, it use to transmit information to the iphone.
  5. Why do I need to do a restore ? Because if your iphone have been jailbreaked before the two methods might be in conflict. When you simply upgrade the firmware some data remains.
  6. How the sim unlock works for baseband 4.6. Well it does not work :) Your baseband is downgraded to the version 3.9
  7. Does a baseband 4.6 better than an 3.9 ? Well it does not appears to improve anything currently. Situation is likely to change for the 3G version which will certainly use a new baseband.
  8. Is the downgrade safe ? Well as any firmware manipulation is is reasonnably safe. No problem have been reported so far.
  9. Is it working for ipod touch ? Yes it is and you could install every applications that as the iphone.
  10. Why are you using an iphone as an ipod ? Well, I decided to buy an iphone as an ipod (I don’t use it as cellphone) for the following reasons : The hardware volume controle which is the key point for me, a better battery life, more options such as camera and bluetooth. Finally from an esthetic point of view, I prefere the iphone specially it back.

The technique behind the method

So how the new unlock is done ? What it does is boot an unsigned ramdisk with a script to jailbreak, activate, and unlock. This is possible because ramdisk are not signed by Apple.
Actually the bootloader installed by the upgrade is a modified version by geohot. It is called the gbootloader. It come with all the hard coded IPSF, full anywhere write access, no startup sig checks, and the bootrom locations blank. It work with the bootloader 3.9.

Conclusion

For firmware 2.0 it is likely that as the PSP, the iphone will use custom firmware. The technique is pretty much ready. It involve using a modified version of the Apple version firmware. An upcoming possible problem is the upcoming 3G version because it is likely that the 3G functionnality is not implemented in the baseband 3.9. So the current technique will not work. Time will tell, mean while have fun with you Iphone /Touch :)