Difference between revisions of "Talk:XMM6180"

From The iPhone Wiki
Jump to: navigation, search
m (Downgrade)
(comment on preserving baseband with TinyUmbrella)
Line 31: Line 31:
   
 
It manages to error out the signature for the baseband, that's why you get the 1004 error, not sure exactly how it's done but I'd assume that's how. ---OMEGA_RAZER
 
It manages to error out the signature for the baseband, that's why you get the 1004 error, not sure exactly how it's done but I'd assume that's how. ---OMEGA_RAZER
  +
  +
I think there's not much to do. When hosts is pointing to Cydia, you also won't get baseband downgraded, even if it would work when pointing to real Apple server. Same should apply for upgrade. Maybe local TSS server from TinyUmbrella just handles error returns better, so that firmware up/downgrade doesn't fail - maybe it just returns an invalid certificate for the baseband, but returns 'ok'. -- [[User:Http|http]] 11:08, 9 September 2010 (UTC)

Revision as of 11:08, 9 September 2010

Device for iPhone 4

Are we sure this is the baseband?

The infineon spec-sheet says "HSDPA/HSUPA capabilities of 7.2Mbps/2.9Mbps".

At the keynote Steve mentioned 5.8Mbps HSUPA. Iemit737 19:26, 21 June 2010 (UTC)

Running "string" on the new baseband files shows "XGold 618" multiple times. --Miketress 19:35, 21 June 2010 (UTC)

Ok, awesome. Thanks for finding this so quickly! Iemit737 19:50, 21 June 2010 (UTC)


Very unlikely it's the 618 after looking at the spec sheet. In case anyone is interested, | X-Gold 616 spec sheet, | X-Gold 618 spec sheet. D235j 21:43, 22 June 2010 (UTC)

Actually, it's the XMM 6180. ebl.fls says so. --oranav 21:56, 22 June 2010 (UTC)

Downgrade

Anybody knows more about the bb downgrade signatures? Or how to backup them like the shsh certs? Or how to use the replay attack here? Actually this is more related to baseband firmware and not to this iPhone 4 hardware. http

The baseband is signed with an at+nonce which is a random string generated on every bootup. Therefore, it is not possible to cache the SHSH signatures with a replay attack. I think this info either belongs on this page because it is specific to its baseband or in a special section on Baseband Firmware. Iemit737 18:18, 16 July 2010 (UTC)

Ah, that's what MuscleNerd meant with "stricter signed". I also found this example. And someone suggested to change iTunes to always send the same string. That would work, but BB wouldn't accept the response. My only idea would be to let BB generate (or store) the same string on every boot (I don't know how though). But even then we would have to backup the signatures at the time they were available. -- http 23:11, 16 July 2010 (UTC)

So how does TinyUmbrella give baseband protection ? ---Whiteshinyapple

It manages to error out the signature for the baseband, that's why you get the 1004 error, not sure exactly how it's done but I'd assume that's how. ---OMEGA_RAZER

I think there's not much to do. When hosts is pointing to Cydia, you also won't get baseband downgraded, even if it would work when pointing to real Apple server. Same should apply for upgrade. Maybe local TSS server from TinyUmbrella just handles error returns better, so that firmware up/downgrade doesn't fail - maybe it just returns an invalid certificate for the baseband, but returns 'ok'. -- http 11:08, 9 September 2010 (UTC)