The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:Baseband Bootloader"
Caique2001 (talk | contribs) (→current baseband unlock status??: new section) |
|||
(5 intermediate revisions by 4 users not shown) | |||
Line 2: | Line 2: | ||
The fact that dev team could change the baseband firmware implies there '''is''' an exploit, doesn't it? |
The fact that dev team could change the baseband firmware implies there '''is''' an exploit, doesn't it? |
||
+ | |||
+ | I guess that the 5.8 exploit doesn't allow unlock because of sigcheck. Is the bootloaders 5.8 or 5.9 in the ramdisks? And is it possible to downgrade from 5.9 to 5.8 (maybe running some code in the baseband thru the at+stkprof to ask to erase the bootloader). Last thing, does 5.8 allow downgrading from any baseband? |
||
+ | dranfi 4/10/09 |
||
== drg == |
== drg == |
||
Line 7: | Line 10: | ||
There's an exploit somewhere, but it's not publicly known where. |
There's an exploit somewhere, but it's not publicly known where. |
||
+ | ==geohot== |
||
− | == current baseband unlock status?? == |
||
+ | They claimed to use the buffer overflows. |
||
− | |||
− | What actually did dev team achieve up to now?? |
||
− | |||
− | They claim they can flash disallowed code. What does it mean, actually? |
||
− | |||
− | Can they |
||
− | * flash an older firmware version, which is not allowed by the bootloader and they found a way to circumvent these checks |
||
− | |||
− | or can they |
||
− | * flash a firmware wich is not sig checked any more, which means they can also flash modified firmware? |
||
− | |||
− | The X-Gold 608 has TPM features. Could be, it doesn't run firmware code with wrong signature. In this case, dev team proceeded a little bit further, but is still ''very'' far from unlocking. |
||
+ | I found an exploit in 5.8, wait for details, I'll write it up. If it does what I think it does, it'll allow downgrades. |
||
− | Anybody knows? |
||
+ | == [[Baseband_Bootloader]] command's == |
||
− | -caique2001- |
||
+ | are there command's in the [[Baseband_Bootloader]] because when the baseband updates it need's to restart and not boot the [[Baseband_Firmware]] and to do that the rdisk need's to talk to the [[Baseband_Bootloader]] --[[User:Liamchat|liamchat]] 19:08, 28 September 2010 (UTC) |
Latest revision as of 19:09, 28 September 2010
5.8
The fact that dev team could change the baseband firmware implies there is an exploit, doesn't it?
I guess that the 5.8 exploit doesn't allow unlock because of sigcheck. Is the bootloaders 5.8 or 5.9 in the ramdisks? And is it possible to downgrade from 5.9 to 5.8 (maybe running some code in the baseband thru the at+stkprof to ask to erase the bootloader). Last thing, does 5.8 allow downgrading from any baseband? dranfi 4/10/09
drg
There's an exploit somewhere, but it's not publicly known where.
geohot
They claimed to use the buffer overflows.
I found an exploit in 5.8, wait for details, I'll write it up. If it does what I think it does, it'll allow downgrades.
Baseband_Bootloader command's
are there command's in the Baseband_Bootloader because when the baseband updates it need's to restart and not boot the Baseband_Firmware and to do that the rdisk need's to talk to the Baseband_Bootloader --liamchat 19:08, 28 September 2010 (UTC)