Tuesday, October 12, 2010

Permanent unlock, anyone?

So... are you tired of having to wait months and months and months for an unlock because you pressed that stupid update button in iTunes by accident on your iPhone 3G or iPhone 3GS? And you have an iPad 3G running on AT&T's network? Well wait no more!

iPhone 3G and iPhone 3GS are sold LOCKED to AT&T's network in the United States.
iPad 3G is sold UNLOCKED.

iPhone 3G, iPhone 3GS, and iPad 3G all have the same baseband chip, X-Gold 608.
The iPad's baseband chip is unlocked permanently, the iPhones' baseband chips are locked.
So... Now it's starting to make sense, right? Yeah, just swap them out. It's that simple! Although doing this will void your warranty for good.

Let's go over this. That baseband chip in the iPhones are locked to AT&T. You're carrier is T-Mobile for example. The iPad 3G baseband chip is unlocked, but you use AT&T's no contract plan on that. So if you swap them out, everything will work since you're using your iPad on AT&T with an AT&T carrier-locked baseband. And you're using your phone with an unofficial carrier, but is supported because of the unlocked baseband.

You can refer to this article below for reference.

http://theiphonewiki.com/wiki/index.php?title=X-Gold_608

Wednesday, September 22, 2010

smscl on iPhone 4 and iOS 4

Thanks to @ven000m on Twitter, we have been able to successfully run smscl by @MuscleNerd (command line SMS) on the iPhone 4. smscl was designed for iOS 3.1.2-3.2.2, and is not compatible with iOS 4.0+ without the help of Signal by @planetbeing. Signal is $4.99 on the Cydia store. Signal was designed for iOS 4, and contacts /dev/tty.debug in a iOS 4 compatible way, it does this to receive baseband information, one of them being, the exact measurement in dBm. This opens the port to /dev/tty.debug, @MuscleNerd's 3.2 connection method no longer works without the help from another process opening a working connection to /dev/tty.debug. So smscl is pretty much leaching off of Signal. :) You will need to SSH into your iPhone 4 from a Terminal emulator or SSH client on a remote host. Signal must be open to successfully execute the backgrounded AT+CMGS commands.


- Posted using BlogPress from my iPhone

Saturday, September 4, 2010

Downgrading the iPhone 4 baseband.

The iPhone 4's baseband has the ability to be downgraded, but also using a stricter signing process than the ECID SHSH method.

http://twitter.com/MuscleNerd/status/18667056119

Some discussion here shows that on every boot up it needs to run that random signature string. We need to cache it, possibly. This would require an iBoot exploit, most likely untethered. The good thing about this is that if you have your SHSH saved for the FW version that has the iBoot exploit, then you can always unlock.

Or, to my understanding, this "signature string", may very well be a security check that is included in the iPhone 4's XMM 6180 baseband chip. The security check requires each thing that accesses it to be signed, (a signature, obviously). The ultrasn0w unlock for 1.59.00 disables this security check, so therefore, you may be able to unlock at any time. Hopefully this randomly generated signature string is the thing that accesses that security check, because if we disable that... we're in. The ultrasn0w unlock must disable the security check FIRST, then initiate the crash and exploit the bug, then upload the traditional unlock command "at+clck", or upload the wild-card unlock command, "at+xlock".

http://theiphonewiki.com/wiki/index.php?title=Talk:XMM_6180#Downgrade

Here is an example of the signature string on boot up.

http://iphwn.org/nonce.txt

Oh and by the way, this process is called "at+nonce". It contacts /dev/tty.debug on every boot up and runs that command, "at+nonce", then iPhone asks for the string, then it generates one randomly, then it passes it on.

--UPDATE--

To downgrade the iPhone 4 baseband, we need to cache the baseband SHSH, for now, to preserve your baseband, update through an edited hosts file.

Monday, July 19, 2010

A fix for the iPhone 4 reception issue.

As many of you may know, on July 16, 2010, Apple spoke at a conference regarding the reception issue of the iPhone 4. For a fix, they are giving out free bumpers, and if they run out of stock, they'll give you one of their selected third party cases for free. As Steve Jobs showed whilst using the "death grip" on the BlackBerry Bold 9700, you may have seen the bars decrease, what you did not see, is them go back up while still using the death grip. This is because on the BlackBerry Bold 9700, it has a SOFTWARE feature, that when it detects a loss in signal, it raises the output level of the antenna. This is fine as long as it does not pass the 1.6 SAR level limitation placed by the FCC. This can be done by software, meaning thats it's not only Apple who can do it, but it's the users too, provided they have a Jailbroken iPhone 4. Another way this can be fixed, is that sometimes, there are bugs or flaws within the way software communicates with hardware. Notice how I mentioned software in that sentence. This can also be fixed by tweaking the way the software communicates with the hardware, this can be done by Apple, or as I said before, a user with a Jailbroken device. For now though, I would recommend claiming your free bumper, even if you don't have the reception issue. Everybody likes free stuff.


- Posted using BlogPress from my iPad

Thursday, July 15, 2010

How to fix stuck pixels

So I've decided to do a blog post today on how to fix stuck pixels on your iPhone, iPod touch, or iPad. My iPod touch gets stuck pixels quite frequently, so I figured I'd share my fix with you. You don't need to use any chemicals or tools, and this won't void your warranty. All you need is a game or battery hogging app, your device, and your fingers. Use the app until the device gets pretty hot, then, put your finger below the stuck pixel, push down applying a decent amount of pressure, (when you see these green, blue, or purple spots on the LCD, then you're doing it right.), and now just keep applying that same amount of pressure, while sliding over then stuck pixel. Keep doing this until you no longer see the stuck pixel, it should then be gone for quite a while. A stuck pixel will be a red, blue, or green dot in your LCD. If it is a black dot, then the only fix is to have it replaced by Apple.


- Posted using BlogPress from my iPad

Saturday, July 3, 2010

Hacking Computers

Hacking computers is a very easy process, especially Linux computers. But, we aren't going to be hacking from a computer today, but an iPhone, iPod touch, or iPad. First you will need to learn a little about UNIX commands, specifically the "rm" commands, and what folders are important to a UNIX based file system. Now you'll need 3 third party applications, a network hosts scanner, an SSH client, and a VNC client. This can be done on a non-Jailbroken iDevice. I recommend using iNet, Touch Term SSH, and Jaadu VNC (iTeleport). Start by connecting to the same Wi-FI network as the Linux computer. Then, open up iNet, and start scanning from the widest range possible. Once you find the Linux computer, click on it, and take note of the network IP Address. Open Touch Term SSH, and put the IP Address as the server, and the username of the computer. Click connect. Enter the password, there are other tools out on the internet that can crack passwords, but I won't be showing you how. Now when you're connected, you don't yet have GUI access, but you have command line access, which you can enter a malicious "rm" command. But I can't tell you how to do that. Type startvnc in the black area. Now open iTeleport, and connect to that same IP Address, and type the VNC password in, should be none as default, you can try the administrator password, "root", "password", "passwd", "toor", or "alpine". And now, you have full GUI (Graphical User Interface) access of the computer from your device.


- Posted using BlogPress from my iPad

Saturday, June 5, 2010

Why Apple, and myself, does NOT want Flash on the iPhone, iPod Touch, or iPad.

Flash is horrible! Why do I want to have something that will, slow down my device by high amounts, drain my battery a lot, crash my browser, crash my phone, lag my browser, play content when I don't want it, like those ads that automatically start playing. For example, if I'm in a nice 5 star restaurant, browsing the web on my iPhone, and somehow a pornographic flash advertisement appears, starts playing and produces loud sex noises, what are people around me going to think? Not to mention the fact that it will probably lag my home button response, therefore staying there for longer. Also, most flash games require left and right clicking and mouse hovers, how am I supposed to do that on a touch screen device? If you want flash, get Cloud Browse on the App Store, then you can use it all you want, but when you do, then you'll realize why you don't want it to run natively on the device. Cloud Browse contacts a computer with a flash capable browser, allowing you to view flash on a remote server, rather than your actual device, which is what allowed it to be approved on the App Store.

Sunday, May 16, 2010

A permanent unlock for all devices.

Most of you know about factory unlocks. Well, 3.1.3 can be Jailbroken now. If you had a 3GS, and know someone has a factory unlocked 3GS, well its kind of obvious from here. When you're Jailbroken you have full access to your devices filesystem. If you Jailbreak the iPhone thats been factory unlocked, and you Jailbreak the one that needs an unlock, copy the contents of the factory unlocked iPhone, delete the contents of the locked iPhone, and paste the contents of the unlocked iPhone into the locked iPhone. Now you have an unlocked iPhone. And continue to do this every time you need to restore. This has not been tested, and is not guaranteed to work. If you know someone who has a factory unlocked iPhone, tell them to restore it, unlock it via iTunes, Jailbreak with Spirit, install afc2add from Cydia, use an application that can read a phone's filesystem, such as BitPim. And do the above. This way, you will have a fresh 3.1.3 Jailbroken and unlocked iPhone. Good luck!

Friday, May 7, 2010

3.1.3 Battery meter problems.

There has been recent reports of battery meter problems with the Spirit Jailbreak on 3.1.3. This has nothing to do with Spirit. This is Apple's fault, and was fixed in the 4.0 betas. In the 3.1.3 update, it included an update to make a more accurate battery meter, and to do that Apple had to tamper with the battery meter settings. This screwed up the battery meter, and made it all inaccurate until 4.0 betas. They released 3.1.3, and used the battery meter accuracy excuse to cover for the baseband exploit plug that was also released. This forced users to either sell their iPhones, or switch to an official carrier if they were on a non-official carrier. This has nothing to do with the Spirit Jailbreak as said before, and should be known that Apple already has a fix. I don't even notice the problem anymore, as I think it went away due to calibration. That might be something to try.