Last week a british customer of an iPhone 3G found photos on his just activated iPhone 3G. Those photos were showing a girl from the factory plant of Foxconn nearby Shenzhen. A factory representative said to not intend to fire that girl. We all really hope that’s true.
Pictures are courtesy of http://www.iphonegirl.net. Visit their page here for more photos.
Abstract
There have been rumors about circumventing that annoying SIM lock. As Geohot stated (read here), modifying the 3G baseband will not be an easy task. Because this task still needs to be solved, some guys thought bypassing simlock by using Proxy SIMs might be a good idea for 3G iPhones as well.
Differences between 2G and 3G iPhones
For 2G iPhones Proxy SIMs worked very good, because only the iPhone checked once at startup, if the SIM is from a supported country and carrier. SIM Proxys faked this first answer only and gave control back to the real SIM card, which has been asked for all details (IMSI, Country Code etc.) again. The then gotten details have been used to transfer to the network and to try to log in.
After investigating in the Proxy SIM possibilities for the 3G iPhone the iPhone Dev Team (namely: _ZF) stated that in contrast to the behaviour with 2G Proxy SIM solutions, the behaviour of 3G basebands is like transferring the first gotten IMSI code to the network. This means: for 3G iPhones the Proxy SIM will fake a test IMSI card and the iPhone will send this test IMSI code to the carrier to log in.
Legal and technical issues with 3G Proxy SIMs
Although applying methods like this in order to unlock the iPhone 3G is most likely illegal in many countries (because it violates contract), members of the Hackint0sh forum have played with Proxy SIMs on different networks in the world.
As expected the results are disappointing. Besides the questionable legal status of those operations there have been heavy technical problems.
Types and Brands of Proxy SIMs
Tested cards include:
Currently none of these Proxy SIMs work reliable (cf. iPhone Wiki). Our recommendation is simple: keep on waiting, the iPhone Dev Team will make it sooner or later. In case you cannot wait, get yourself a factory unlocked iPhone 3G from one of the countries supplying them (see country list here) and save precious life time.
We’re back. All articles should still be available. Nothing more to tell.
As we expected the 2.0.1 firmware was still buggy like 2.0 and since yesterday night, Apple offers firmware 2.0.2 for iPhone 2G and iPhone 3G. They claim this firmware version solves UMTS/3G issues for iPhone 3G users. Besides that information Apple don’t tell anything.
As we investigated a little: customers who already installed this new firmware still encounter 3G connection problems (see Apple’s forum here).
As we’re not aware if there are any advantages for 2.0 and 2.0.1 users: we recommend not to update now. We will get back to you with more details, once we tested 2.0.2 carefully.
Update July 27th, 2008: In their testing program Juma found issues with some european carriers using 3G technique. In contrast to other SIM proxy manufacturers, Juma does not want to sell solutions that don’t work 100% on either GSM or 3G/UMTS networks. Customers who had already ordered got full refund on saturday and sunday. Anyway: we heard Juma is researching these issues to come up with a solution as soon as possible
It finally seems to be true. We already reported that unlock specialists from Brazil and from Vietnam independently from each other announced they can unlock the new 3G iPhones using a proxy SIM solution. But nobody (at least in Europe) got such proxy SIM into their hands.
Anyway here seems to come the real deal: a working proxy solution hit the streets of germany as of today. It is called iPhonix and is manufactured by Juma FZE – a trading company located in Dubai. As initial offer iPhonix will cost 50€ (about 80US$), instead of 59€. Sadly the product page seems to be available in german only by the moment. We already ordered a product sample, but as we don’t have it yet: we can’t confirm, but the german Magazine MacBug does (see german article here). Update: This currently does not work with any german carrier!
On the following video you can see a white iPhone 3G running with german interface. The iPhone 3G is obviously carrier locked (most likely to the german T-Mobile D1 net). After inserting the iPhonix proxy it connects to the carrier of Dubai (Etisalat) – obviously roaming. Anyway this is not the best video to convince german customers. We’d better seen checking out a T-Mobile SIM and putting in an O2 or Vodafone card that does not work and then after using the proxy… You know what I mean… And where is the making calls… Anyway see their promotion video here:
Apple has just released the new firmware 2.1 beta to developers. Firmware 2.1 brings a better GPS integration for 3G devices to allow using it as a real navigation receiver. The GPS feature “Core Location” can now also detect the speed and the direction of your moves. For 2G and 3G users there will be an update included for better integration of push notifications.
Along with this beta Apple shipped the new SDK. But currently this new SDK cannot be used to provide Apps to the AppStore.
We are not aware yet, if this update solves the slowing-down issues of Apps (we reported here).
The restless working iPhone Dev Team has just released the source-code of their commandline tool collection xPwn. Although the tool collection allows to jailbreak (iPhone 2G and 3G) and unlock (iPhone 2G only), it targets mainly at developers.
Get the source-code for Linux, MacOS X and Windows and here. Planetbeing of the iPhone Dev Team highly recommends to read the README before playing around with the tool collection.
Ta_Mobile of the Vietnamese hardware division GSMVN succeeded in dumping the baseband bootloader 5.8 of an iPhone 3G. Ta_Mobile has also dumped bootloader 4.6. Reverse engineering of the 3G bootloader will now begin to find possible exploits. Don’t expect anything soon, but this is great news anyway.
Congrats to Vietnam. Standing work, guys…
Article is outdated. Find newest Jailbreak and Unlock HowTo for iPhone Firmware 3.0 here.
Note
We need to stress: respect the laws of the country you live in. For instance as german citizen with a T-Mobile Germany plan and iPhone you are not allowed to jailbreak or unlock your iPhone. T-Mobile is not kidding in this topic, as we’ve all seen with the sipgate sue (we reported here). This tutorial is in no way meant as an invitation to do things that are in violation of your contracts. We cannot be held responsible for bricking your devices. You do everything at your own risk and responsibility. Thanks.
I. Abstract
Pwnage Tool 2.0 is the newest tool to unlock and jailbreak “old” iPhones (iPhone 2G) and jailbreak “new” iPhones (iPhone 3G). It is developed, maintained and provided for free by the iPhone Dev Team. The Dev Team already provided Pwnage Tool 1.0 (see recent tutorial here).
This tutorial is for Mac users only who previously activated and unlocked their iPhones using Pwnage Tool 1.0. The release of Pwnage Tool 2.0 has been delayed in the last few days because of several bugfixes and issues that occurred during latest test. As we’ve used Pwnage Tool 2.0 in the last hours on some old iPhones, we can say: in contrast to Pwnage Tool 1.0, we encountered some problems with Pwnage Tool 2.0. Keeping that in mind it is your own risk to prolly brick your iPhone. We cannot be held responsible for your actions.
II. Preparations
A Microsoft Windows version of Pwnage 2.0 has not yet been released. Get yourself a Mac, it really is time to switch :-)
You need to download and install a couple of programs
III. Fasten your seatbelts
Before taking off, we highly recommend to do the following preparations on your iPhone:
In case you didnot, we highly recommend you read our tutorial about activating and unlocking iPhones with firmware 1.1.4 (see here).
IV. Take off
…into the wide open world of unlocked and jailbroken iPhones.
click OK.
Expert Mode
click the blue arrow
Note: we encountered errors when browsing for the IPSW firmware that we manually downloaded several times:
We circumvented this error by letting iTunes download the firmware. But be careful let iTunes only download the firmware. Don’t choose download and install!!!
Cydia packages. We even leave the pictures the same.
OpenSSH, Cydia Installer, and Cydia's Source Set. These files will automatically become downloaded in the background.
Select packages you can check them, in case the packages are not pre-chosen for including into your custom IPSW. Then click the blue arrow again.
choose new logos. We recommend to leave these as they are and click the blue arrow again.
blue arrow again and can already smell the pwrn.
clicking No to search the web for them (we only show the 4.6 bootloader question, in fact there will be same question for the 3.9 bootloader).
save the custom IPSW file. It will show a picture similar to this:
After having chosen the target filename and folder, Pwnage will submissively begin its work.
At a specific point of work, Pwnage will require your admin password. This is due to a limitation of access to the filesystem.
wants to be quitted:
V. Approach for Landing
start iTunes (we have our iPhones connected!). And we choose the iPhone menu in iTunes (looks like this picture:)
hold the ALT key and press Restore Button. We will get a dialog, where we can choose our custom firmware:
VI. Baggage Claim Area
choose to restore your old settings (like eMail-accounts, calendar, photos, muzaq, and videos):
Continue you will see this picture. It depends on how many things you had saved on your iPhone and how much space it’s got. Our 4GB testmodel only took about 5 minutes to get all settings restored:
VII. Final words
Congratulations. You’re finished now. In case any of you got questions, don’t hesitate to ask below in our comments section. We hope you enjoyed this tutorial. Thanks for your attention. Big shouts fly out to the iPhone Dev Team. You guys simply rock our hearts…
Eventually the iPhone Dev Team released their long awaited Pwnage Tool 2.0 for Mac. You can download here and here. As expected it supports jailbreaking and unlocking of “old” iPhones and jailbreaking of 3G iPhones and iPod Touch. It’s been reported there are issues with installing the installer.app. Note that this is only the Apple Mac version of Pwnage, there is currently no information when Pwnage for Windows (WinPwn) will be released.
Please allow some hours for testing the new Pwnage. We’ll publish a tutorial during the next hours. We need to check Pwnage carefully. Update: Tutorial has been released. See here.
Congrats to the iPhone Dev Team.
[Update] Aug/25th/2008: read here, everything you gotta know about Proxy SIM solutions.
The Bladox Team has released an application for their Turbo SIM (see here how proxy SIMs work) that is obviously able to bypass the SIM lock of 3G iPhones – means unlocking it. The application is still beta and might not work on the entire planet, but it obviously does in the U.K. The name of the app is zerog-0.95.tar.gz, but for legal reasons we will not directly link it.
See this video:
It takes ages until it is logged it, but anyway it documents the current status quite well…