Switzerland a beautiful country and a wonderful place to buy 3G iPhones. The Swiss carrier Swisscom offers the iPhone 3G with a prepaid SIM card. Forum reports confirm that foreigners can buy these aswell. Only two problems remain: first the Swisscom iPhone is completely sold out on Switzerland and second it is SIM locked to Swisscom (offical unlocked carrier list here). But as reported by us yesterday, a SIM proxy adapter unlock occurred in Vietnam. We expect this adapter to very soon hit the markets worldwide.
There were some rumors two days ago (we reported here), that the Brasil based company DesbloqueioBr.com.br unlocked the iPhone 3G by using a SIM proxy adapter. Today a confirmation comes from Vietnam. Two well known guys from the vietnamese forum GSM.com.vn going by the nicks TA_Mobile and Immb published some photographs showing a SIM proxy solution named X-SIM. However it requires an activated iPhone to unlock.
For those of you being capable of reading (and understanding) the original Vietnamese forum messages: this link is for you. All the others: enjoy the pictures here.
While the iPhone 3G has just been launched in France (we reported here), in Germany T-Mobile must be quite content, because iPhones over here are completely sold out. Currently it is not clear, when new iPhones can be delivered by Apple. T-Mobile needed to set some thousand customer orders pending.
T-Mobile said they already sold 15,000 devices on german launch day last week. It is reported AT&T in the U.S. seems also be running out of 3G iPhones soon.
Since today also the french customers can obtain the new iPhone 3G. Prices vary between 509€/8GB model and 609€/16GB model. As expected it is SIM locked, but the french carrier Orange is legally obliged to SIM unlock . The fee is said will be at about 100€.
[Update] Aug/25th/2008: read here, everything you gotta know about Proxy SIM solutions.
The Brazilian based company DesbloqueioBr.com.br claims to have unlocked the 3G iPhone. The whole procedure is like a deja-vu. It is said it works almost the same like with TurboSIM for the “old” iPhone. The difference is they say they make use of a faked IMSI test card, while Bladox’ TurboSIM solution emulated an AT&T card.
The Theory behind
The guys at DesbloqueioBr claim that the iPhone 3G only checks on first card detection (means after hot-swapping or after reboot) for the type of SIM. It is said it checks the IMSI code. During card-detection, the IMSI test card emulation now returns that it is a test card. The next requests to the card will then be answered by the normal SIM card. Same working like with the TurboSIM, except that the TurboSIM was coded to emulate an AT&T card during card detection stage.
Empiricism
Since this has not been confirmed on forums and the video provided (see below) doesn’t show the unlock procedure, this is likely to be a rip-off. Anyway for proving the theory the iPhone Dev Team already provided a sample application for the TurboSIM, that does exactly what the theory requires: emulating a test IMSI at card detection stage. As of now there is no feedback. For legal reasons we cannot link the application, as we are located in Germany. During the next 24 hours google will index the page that contains the link, search for lamesaft-0.1.zip then.
Limitations
The video provided does not clarify how the unlock is performed. It simply shows a call being made from one iPhone to the other. It does not show the SIM adapter to be taken out. Moreover you still need to have the iPhone 3G activated. Currently there is no application available to do this. People on forums report that the DesbloqueioBr guys seem not to be willing to answer concrete questions.
Since there is no prove: we currently classify the DesbloqueioBr SIM adapter as SCAM. Update: at 00:29 the video shows the model as MB046LL, which could be identified as a U.S. american AT&T locked iPhone 3G (see model list here). This model obviously works with a different carrier (not AT&T, but TIM) in a different country (not the US, but Brazil).
Here’s the video that shows calls being made from one iPhone to another. The guy is talking portuguese, a translation is not available.
As member of the iPhone Dev Team, planetbeing today released “XPwn”. He describes “XPwn” as an experimental pwnage tool for Linux. Although XPwn was proposedly developed for Linux users, it actually is a cross-platform tool for command line users. Update: It does not support firmware 2.0 yet.
Warning
The XPwn tool is not intended to be used by newbies. That’s why it’s called experimental pwnage tool. It provides a command line interface only, what means you can dreadfully screw up your iPhones using it. The first version of XPwn seemed to have issues when writing the NOR firmware. Although planetbeing has obviously fixed this problem, we really recommend to wait for Pwnage 2.0.
XPwn’s versions
Experimental Pwnage comes in different flavours:
binaries are provided for Linux, Microsoft Windows and MacOS X – get them here
Only three days ago on friday, 11th 2008 the iPhone 3G has been launched in 21 countries. Until saturday, 12th (means on first weekend) one million 3G iPhones have been sold. Last year it took 74 days to sell that amount of iPhones. Steve Jobs will be very glad about this. Since this makes about 7 million possible customers for Apple’s App-Store…
Although we didn’t get our hands on a new iPhone 3G yet, things are as expected: the iPhone 3G uses a new bootloader for its baseband modem as confirmed by Geohot.
Bootloader versions from the “old” iPhones
As far as we are aware the there are those 3 different bootloader versions known on old iPhones:
3.8 (very rare)
3.9 (iPhones before november 2007) and
4.6 (iPhones after november 2007).
It is widely known, that exploits for these old bootloaders have been found, that allow to SIM unlock any of these old iPhones. No matter which software revision is running.
No Unlock for iPhone 3G, but for old iPhones
For the new iPhone 3G bootloader, there is no (public) exploit known yet. Although the iPhone Dev Team states they can unlock firmware 2.0 – the unlock is most likely meant to work on “old” iPhones only. The only exploit yet known (in both old and new iPhones) is an iBoot bug. The iPhone Dev Team provided a video showing Pwnage Tool neutering the baseband for firmware 2.0:
Video: Pwnage Tool Bootneuter on firmware 2.0 (on an old iPhone)
The Pwnage Tool 2.0 (and Geohot’s yiPhone) will most likely feature an iBoot bug to jailbreak old and new iPhones. iBoot is needed by iTunes to talk to when restoring firmware. About a year ago, Geohot found out that iBoot provides a full interactive shell. The only problem was, iBoot only allowed signed code to run. The iPhone Dev Team now managed to break the chain of trust from the earliest boot stage. Thus allowing to run unsigned code and in the end jailbreaking old and new iPhones (see video):
The iPocalypse has begun. Many iPhone 3G customers all over the world report activation issues after having bought their new gadget. The same also applies to customers of the “old” iPhone who tried to update to firmware 2.0 and needed to re-activate.
We recommend weather to upgrade nor to buy a new iPhone 3G now. Stay tuned.
First auctions here in Germany are already running out. As expected (read here): prices are strongly tending to 1,000€. We’re tracking this auction to see the final price – please don’t place bids. This is for entertainment and for fun only. Currently the price is at 760€ with 8hrs remaining. You could buy two 3G iPhones in Italy for that price.
Anyhow: we recommend to not buy any iPhone 3G, right now. As of yesterday (read here) the iPhone Dev Team performed to unlock the new firmware, but it is not known if this applies to the 3G version of the iPhone aswell, because it is very likely to have a new bootloader, rather than bootloader 4.6. Moreover the firmware 2.0 hack is still under heavy testing and not yet released to the public. Therefore expect scam whereever you find activated and unlocked 3G iPhones…
