Can a "legit" unlock be performed or how to emulate the factory unlock on 2G?

[kamiboy]

Ok, so I have a high aversion for hacks, I hate them by nature. So much in fact that I abandoned my 2G and shelled a ton of cash to get my hand on a factory unlocked 3G as soon as they were available, which was a dream come true, no more ugly hacks, just update via iTunes, as it should be.

Problem is I now have that old 2G lying around with a very old pre 2.0 FW, because that was the last I felt I could update to and void any ugly hacks or mods.

Anyway, back near the beginning I remember a company that took money to perform what was likely close to a permanent unlock. They had found some exploit apparently, and even after updating your firmware the unlock stuck, all you needed to do was activate.

So I got to thinking, all these hackers have pretty much dug out all the internals of the iPhone by now. Has anyone of them discovered a method to emulate what Apple does when they perform a legit permanent unlock on iPhones?

I know apple can do this, for in some countries locked iPhones can be unlocked after paying a fee, so the method must exist to once and for all be rid of the hassle and make any iPhone like my legit factory unlocked 3G.

I have given my 2G to someone, and I am thinking of upgrading its firmware for them, but only if there exists a method to fully permanently unlock it so it can receive all future updates via iTunes.

I have absolutely no interest in JailBreaking the thing so I can cram it full of crap. The iPhone is great as it is, me thinks, I just want the benefit of future firmwares for better reception, battery life and bug fixes.

If anyone knows such a method please tell, I would even be interested in paid methods.

 

[kamiboy]

I did a little digging and found out that the method I am referring to is called direct unlock of iPhone.

It is mainly mentioned in here http://iphone.unlock.no/anysim.htm, an deprecate site dedicated to iPhone hacks. The IPFS it is referring it is "iPhone SimFree" which was the product I was referring to. It could, after a payment, apply a direct unlock on an iPhone. I guess they aren't around anymore now that all people want to do is jailbreak the hell out of their iPhones for free. There is also mention of direct unlock here.

Not much else though, after days of searching. Maybe I should just fire off an email to the iPhone dev team...

 

[Consultant]

Only way for that is hardware soldering. High risk.

You can buy never-locked iPhone on buy.com but it's expensive.

 

[kamiboy]

Only way for that is hardware soldering. High risk.

You can buy never-locked iPhone on buy.com but it's expensive.

Apple does not solder when they unlock an iPhones permanently. I have already bought a never locked iPhone, and it was mad expensive. I just want to know if I can do something about my old 2G iPhone.

 

[r6girl]

I don't think there's anything you can do aside from hacking it. I don't recall where I read this at the moment, but the factory-unlocked iPhones are somehow registered with Apple via IMEI or serial number or both. I also have a factory-unlocked iPhone and after the last 2 firmware updates, including 3.0 beta 3, iTunes flashed me a "Congratulations - your iPhone has been unlocked" message, seeming to indicate that my unlocked iPhone was recognized on their end and permitted to continue to be unlocked or something along those lines.

 

[kamiboy]

Hmmmm.... interesting about that message thing. But whenever I update my lockless iPhone there are no such messages, it just updates and that is it.

Anywaste, I fired off a e-mail to iphone dev blog and zibri, hoping maybe they can shine some light on the matter. After all, all I know is that there is a lock key eeprom that needs to be zeroed out for an permanent unlock, and supposedly FW upgrades don't touch that area, so once it is done it is permanent. But that information is very old and from one of those websites I linked to.

 

[Consultant]

Apple does not solder when they unlock an iPhones permanently. I have already bought a never locked iPhone, and it was mad expensive. I just want to know if I can do something about my old 2G iPhone.

Apple has a strong password for that unlock that is unlikely to be broken using brute force.

That's why people have do some soldering or other methods.

 

[kamiboy]

Apple has a strong password for that unlock that is unlikely to be broken using brute force.

That's why people have do some soldering or other methods.

Egad, that is what I feared. But a company sold a solution called iPhone sim free back in the early days of iPhone hacks. They either found a exploit that circumvented the password, or they had figure it out. Maybe by reverse engineering their solution, which, I believe, is still around in software form, the exploit could be brought to light.

 

[ppc750fx]

Egad, that is what I feared. But a company sold a solution called iPhone sim free back in the early days of iPhone hacks. They either found a exploit that circumvented the password, or they had figure it out. Maybe by reverse engineering their solution, which, I believe, is still around in software form, the exploit could be brought to light.

iPSF is a software unlock, not unlike that which is performed by the Dev Team's PwnageTool and QuickPwn utilities.

The only cross-firmware unlocks are hardware in nature. (Apple's unlock isn't really persistent, it's just that iTunes unlocks the phone again after the upgrade is completed.)

 

[kamiboy]

iPSF is a software unlock, not unlike that which is performed by the Dev Team's PwnageTool and QuickPwn utilities.

The only cross-firmware unlocks are hardware in nature. (Apple's unlock isn't really persistent, it's just that iTunes unlocks the phone again after the upgrade is completed.)

Could you tell me where you got this information? I was convinced that IPSF's solution unlike the other solutions could survuive a normal firmware upgrade.

If iTunes unlocks the phone everytime then how does it know it is supposed to do that? Does it look it up on the internet, or does it look at something in the phone, which would function even without a internet connection?

Also, if iTunes can unlock an iPhone then the cleanest way to unlock an iPhone would be to imitate that procedure, as it would not necessitate any modification of iPhone's software. Maybe the unlock procedure is so secure that it hasn't been broken yet, but I find that hard to believe.

 

[Applejuiced]

I think you're confused.
There was never a permanent software unlock that would work no matter what future firmware comes out.
On the next update you either gotta wait till a new hack is released or your phone is back to beeing locked.
Once an iphone is unlocked by the carrier its serial number enters into an apple database and from then on every time you do a restore or software update the phone remains unlocked and will work with any sim without any hacking.
Unfortunatelly there hasnt been a way to do it yet permanently. The only way to software unlock is with the iphone's dev team software and that only lasts till the next firmware is released and so on.
If there was an easier solution other than that or a turbosim hardware unlock we'd be doing that instead of all these cat and mouse games.

Could you tell me where you got this information? I was convinced that IPSF's solution unlike the other solutions could survuive a normal firmware upgrade.

If iTunes unlocks the phone everytime then how does it know it is supposed to do that? Does it look it up on the internet, or does it look at something in the phone, which would function even without a internet connection?

Also, if iTunes can unlock an iPhone then the cleanest way to unlock an iPhone would be to imitate that procedure, as it would not necessitate any modification of iPhone's software. Maybe the unlock procedure is so secure that it hasn't been broken yet, but I find that hard to believe.

 

[skoops]

Apple has a strong password for that unlock that is unlikely to be broken using brute force.

There are no passwords involved in the unlock process... It's all happening via the PKI (Public/Private Key Infrastructure) involving activation and unlock tokens transferred from iTunes to the iPhone. (and obviously from apple to your itunes via the internet) - every single unlock is unique and cannot be "copied" or "cloned" to be used on a different iphone.

 

[ppc750fx]

Also, if iTunes can unlock an iPhone then the cleanest way to unlock an iPhone would be to imitate that procedure, as it would not necessitate any modification of iPhone's software. Maybe the unlock procedure is so secure that it hasn't been broken yet, but I find that hard to believe.

Unless you know of a neat flaw in RSA, there's no holes to be found. (And if you did, it'd be a hell of a lot more valuable than the price of an unlocked iPhone...)

If iTunes unlocks the phone everytime then how does it know it is supposed to do that? Does it look it up on the internet, or does it look at something in the phone, which would function even without a internet connection?

It asks Apple. If you take a look at your network activity during the restore process, you'll notice that it makes an outbound connection or two to Apple (to iphone-services.apple.com IIRC).

 

[kamiboy]

I see, so it seems there is agreement about there not existing any permanent unlocks for iPhone, not even one offered by Apple. It needs to unlock itself every time via iTunes.

I thought maybe hackers had not bothered with cracking the permanent unlock due to the fact that the thing they are most interested in is jailbreaking iPhones so they can freely modify its software and begin installing things and generally mess about again with each newly released firmware.

That is it then, I'll keep my 2G at its old 1.1.4 (I think) firmware going forward, may it serve its new owner well. I've noticed via comparison tests that is is much snappier than my newest firmware unlocked 3G anyway.

Thanks all for clarifying things, that old IPSF thing had me sent on a wild goose chase for years, now I can finally give up.

 

[Applejuiced]

Unless you buy a factory unlocked iphone that are beeing sold all over the net.
I believe Italy, Hong kong, Australia and a bunch of other countrys sell completelly unlocked iphones but obviously for a pretty hefty price.
The good thing is you'd never have to worry about updates, hacking, jailbreaking, QuickPwn etc...

 

[ppc750fx]

Unless you buy a factory unlocked iphone that are beeing sold all over the net.
I believe Italy, Hong kong, Australia and a bunch of other countrys sell completelly unlocked iphones but obviously for a pretty hefty price.
The good thing is you'd never have to worry about updates, hacking, jailbreaking, QuickPwn etc...

See above. These aren't permanently unlocked per se -- they're just registered with Apple such that they're unlocked upon restore/update.

 

[kamiboy]

See above. These aren't permanently unlocked per se -- they're just registered with Apple such that they're unlocked upon restore/update.

Out of curiosity, what about them is registered with Apple? Surely it cant be the IMEI, because that can be modified on iPhones via hacks (at least I've seen the options present). I cant imagine it is anything written in software, because software can be cloned, so it must be some form of hardware serial?

 

[Applejuiced]

Yes, so you can use with any sim.

See above. These aren't permanently unlocked per se -- they're just registered with Apple such that they're unlocked upon restore/update.

 

[ppc750fx]

Out of curiosity, what about them is registered with Apple? Surely it cant be the IMEI, because that can be modified on iPhones via hacks (at least I've seen the options present). I cant imagine it is anything written in software, because software can be cloned, so it must be some form of hardware serial?

AFAIK it's both the IMEI and the hardware UID.

Yes, so you can use with any sim.

Uh... yes, that *is* what "unlocking" means...