The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "X-Gold 618 Unlock"
(Time period) |
|||
Line 3: | Line 3: | ||
Unsigned code execution has been achieved by [[MuscleNerd]] on the device and the ability to insert a custom AT command has been demonstrated. Shortly after, a persistent/background task was inserted. Also, the bootrom has been successfully dumped. |
Unsigned code execution has been achieved by [[MuscleNerd]] on the device and the ability to insert a custom AT command has been demonstrated. Shortly after, a persistent/background task was inserted. Also, the bootrom has been successfully dumped. |
||
− | On July 13, 2010, planetbeing demonstrated a primitive but functional unlock on YouTube.[http://www.youtube.com/watch?v=41rm8MCdoh8] |
+ | On July 13, 2010, planetbeing demonstrated a primitive but functional unlock on YouTube.[http://www.youtube.com/watch?v=41rm8MCdoh8]. The unlock was made ready for release and on August 2, 2010, it was made available in Cydia via [[ultrasn0w]]. |
Revision as of 23:27, 9 September 2010
The iPhone 4 now uses the X-Gold 618. Unlike the X-Gold 608, the baseband now requires a signature akin to Apple's SHSH blobs for firmware files, so downgrading an updated baseband, provided there is a bootloader exploit, will be tougher.
Unsigned code execution has been achieved by MuscleNerd on the device and the ability to insert a custom AT command has been demonstrated. Shortly after, a persistent/background task was inserted. Also, the bootrom has been successfully dumped.
On July 13, 2010, planetbeing demonstrated a primitive but functional unlock on YouTube.[1]. The unlock was made ready for release and on August 2, 2010, it was made available in Cydia via ultrasn0w.
Possible Methods
Class 1
- Find an exploit in the bootrom to break the chain of trust.
- Improve by several orders of magnitude the NCK Brute Forcer, and find a way to extract the CHIPID and NORID
- Find the theorized algorithm of NCK generation
Class 2
- Use a SIM hack such as the TurboSIM Unlock
- Find a way to patch running memory to "unlock" the phone on every bootup. This is how ultrasn0w works.
- Find an exploit in the Baseband Bootloader so you can downgrade the baseband, then use an unlocking payload, similar to ultrasn0w.