Dev-Team Blog

Getting out of jail is free!

Mon, 26 Jul 2010 22:10:00 +0400

Fantastic news today from the Electronic Frontier Foundation (EFF). After a lot of hard work and mountains of paperwork, jailbreaking your iPhone is now explicitly a permitted fair use under the DMCA!

The first of EFF’s three successful requests clarifies the legality of cell phone “jailbreaking” — software modifications that liberate iPhones and other handsets to run applications from sources other than those approved by the phone maker. More than a million iPhone owners are said to have “jailbroken” their handsets in order to change wireless providers or use applications obtained from sources other than Apple’s own iTunes “App Store,” and many more have expressed a desire to do so. But the threat of DMCA liability had previously endangered these customers and alternate applications stores.

In its reasoning in favor of EFF’s jailbreaking exemption, the Copyright Office rejected Apple’s claim that copyright law prevents people from installing unapproved programs on iPhones: “When one jailbreaks a smartphone in order to make the operating system on that phone interoperable with an independently created application that has not been approved by the maker of the smartphone or the maker of its operating system, the modifications that are made purely for the purpose of such interoperability are fair uses.”

The EFF also successfully renewed the existing DMCA exception for carrier unlocking. More on the ruling by the Library of Congress is here and here (and many other places, since this is huge news!). The full ruling is here, and EFF’s history with this case is here (EFF’s servers are understandably getting hammered today!).

This doesn’t mean that Apple will stop their technical attempts to thwart jailbreaking, but it does mean that our iPhone jailbreaks and unlocks are now unambiguously legal under the DMCA.

Great job, EFF!

Blob banter

Tue, 20 Jul 2010 03:43:00 +0400

Those of you with jailbroken iPhone3G and ipt2G devices may now have noticed Cydia starting to save your SHSH blobs too, just like it does for iPhone3GS, ipt3G and later devices. That’s because starting with 4.0, Apple started putting a “soft” SHSH blob check in the firmware. The SHSH blob check is very real in the sense that if iTunes can’t get your blobs (because the Apple signing window has closed), the iTunes restore will error out. But it’s “soft” in the sense that those devices can always use redsn0w or PwnageTool to get past the error (the bootroms themselves for those devices don’t require blobs to be in the firmware files, unlike the newer bootroms).

Furthermore, since the 3.x IPSWs for these devices don’t enforce it, you can always restore to 3.x IPSWs outside of any signing windows.

So, Cydia is doing this to allow you to continue to use iTunes to restore to 4.x on iPhone3G and ipt2g outside of Apple’s signing window without needing to use redsn0w or PwnageTool to get around Apple’s annoying new restriction.

ultrasn0w is growing!

Sun, 18 Jul 2010 11:55:00 +0400

Those of you who follow @MuscleNerd or @planetbeing on Twitter probably already know that the team has had a series of successes with the carrier unlock on iPhone4 (#1, #2, #3, #4, #5-video). We’re fine-tuning the payload to make it as quick to load as possible (and making sure it remains crash-free of course!).

As usual before a public release, there are lots of fake Twitter and Facebook accounts trying to capitalize on the public’s eagerness to get the unlock. For those who only want to know when it’s released, either of these two official accounts will do. All other variations of these account names are fake!

@ultrasn0w

@iphone_dev

If you want to be kept up to date on progress as it’s being made, you can also follow:

@planetbeing

@MuscleNerd

And of course, our comment section below is a great place to ask general questions! There are lots of knowledgeable people able to respond, including our great moderators @confuciousmobil and @angiexpangie

P.S. If you want to help prevent more people from being fooled by the fake accounts, here are a few examples of them: fake#1 fake#2 fake#3 fake#4 fake#5. Feel free to tweet them, so that others following them realize they’re fake.

foursome news

Tue, 22 Jun 2010 22:53:00 +0400

~~PwnageTool 4.0 Release Info~~

PwnageTool 4.01 Release Info (UPDATED TO V 4.01)

On Monday, Apple released firmware 4.0 for the iPhone and iPod touch devices. This of course was a major upgrade.

As advised, you shouldn’t have upgraded your devices if you have previously relied on our tools for hacktivation and/or a carrier unlock.

With that said, today we are releasing ~~PwnageTool 4.0~~ PwnageTool 4.01

PLEASE READ THIS ENTIRE POST CAREFULLY, THERE ARE KNOWN UPGRADE TRAPS AND DIFFERENT UPGRADE SCENARIOS THAT NEED TO BE FULLY UNDERSTOOD AND CONSIDERED BEFORE USING THESE TOOLS.

Each supported device has few different scenarios that users need to consider when performing the upgrades, you need to check below and perform the upgrade in the particular way that matches your current device state.

NB: With ~~PwnageTool 4.0~~ PwnageTool 4.01 certain devices are not supported this is because they are not supported in iOS 4.0 or they are not supported by our software. We’re working on ways to get past these restrictions.

iPhone 2G - not supported
iPod Touch - not supported
iPod Touch 3G - not supported

~~PwnageTool 4.0~~ PwnageTool 4.01 only recognizes the official IPSWs that came out yesterday. If you had developer access to the “4.0 GM” IPSWs, do not try to use those.

iPhone 3GS

Summary: Currently, PwnageTool only works on previously jailbroken 3GS devices with the old bootrom.

If you have a Jailbroken iPhone 3GS with the OLD BOOTROM and you DID NOT use Spirit to jailbreak then you can create the ipsw with PwnageTool 4.0 and restore with your jailbroken recovery mode.
If you have an iPhone 3GS with the NEW BOOTROM this is NOT supported by ~~PwnageTool 4.0~~ PwnageTool 4.01

iPhone 3G

If you have a Jailbroken iPhone 3G at 3.1.2 (but not jailbroken with Spirit) then you should create the ipsw with PwnageTool 4.01 and restore from recovery mode or DFU mode.
If you have an out of the box iPhone 3G you should restore using a PwnageTool 4.01 ipsw using DFU mode.
If you have a Jailbroken 3.1.3 iPhone 3G it is very possible that this can fail from recovery mode, if this failure happens you will need to restore using DFU mode.
As an alternative to PwnageTool, you can use redsn0w on iPhone 3G (on both Windows and Mac) as mentioned in our last post.

IMPORTANT! Whenever you need to enter DFU mode, you will need to do so using PwnageTool.

iPod touch 2G

If you have an iPod touch 2G (non-MC model) that is jailbroken (but not with Spirit) then you can restore using recovery mode.
As an alternative to PwnageTool, you can use redsn0w on non-MC iPod Touch 2G (on both Windows and Mac) as mentioned in our last post.

Baseband Unlock

As you probably know by now, ultrasn0w has been updated to cover all basebands from 04.26.08 onward. Many thanks to @sherif_hashim for finding the crashing command that the new ultrasn0w 0.93 uses! He worked hard at finding the crash, and he kept it confidential until the right time to use it.
Major props to @oranav (who found the earlier +xlog crash). He also had this crashing command!
iPhone 3G and 3GS baseband unlockers (those who rely on ultrasn0w to make phone calls) should always be very wary to update their firmware, however our Ultrasn0w application will unlock all recent (including the current) 3GS and 3G baseband firmware versions. Once you are jailbroken using PwnageTool 4.01, install ultrasn0w from Cydia and you’ll be unlocked.
Remember! This baseband unlock situation is rare, should you upgrade your iPhone blindly at the next iOS release please don’t expect an unlock - but for now you are OK (whatever state your baseband is in).

Please feel free to ask any questions in the comment section below. We’ve got a bunch of expert help there, including our friendly moderators confucious and angie!

Official Bittorrent Releases

PwnageTool 4.01 Torrent - PwnageTool_4.01.dmg.5645662.TPB.torrent

~~SHA1 Sum = 15bdb90ec40f1e279bb648eb7e9d90ebe07b66d2~~

SHA1 Sum = a7e83163b4868256ac887975d7d2fd230110cf68

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash.

We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct dmg download links only (no rapidshare or filesharing sites please) to blog@iphone-dev.org — please don’t place mirrors in the comments as they will be deleted.

France

http://www.blogiphone.fr/PwnageTool_4.01.dmg

Poland

Switzerland

http://www.ifreak.ch/download/PwnageTool_4.01.dmg

Turkey

http://www.appleturk.net/PwnageTool_4.01.dmg

Netherlands

http://www.stimp.nl/mirrorfiles/PwnageTool_4.01.dmg

Germany

all four one!

Mon, 21 Jun 2010 22:38:00 +0400

Around an hour ago the new version of the iPhone Operating System (now called ‘iOS’) was released.

iOS 4 is a huge release for Apple with many many changes and those changes offer slick additional features.

These new features are being offered by Apple as a free upgrade to qualifying devices.

We are working hard on a release to our tools that will jailbreak your device (or give you iOS 4 via the jailbreak train) and provide you with a carrier unlock.

Until these tools are released you should hold off on updating your device until we have fully tested our tools with all the relevant devices.

If you rely on hacktivation or a carrier unlock (ultrasn0w) then you should not upgrade until we have fully tested and released our tools.

Don’t be tempted with unofficial PwnageTool/redsn0w bundles or releases, just check here or our team twitter for real time release information.

Remember, we risk our devices so you don’t have to (but this time anyone who has made a mistake upgrading their baseband firmware should be OK real soon ;) Now! :)

Update #1: redsn0w beta has been updated to hacktivate iOS 4.0 for iPhone3G (in addition to jailbreaking the iPhone3G and iPod Touch 2G). The download links for redsn0w are:

For now, the redsn0w beta release supports only the iPhone3G and iPod Touch 2G at today’s 4.0. It’s still a beta, so you’ll need to let Cydia reorganize, reload, and update after using redsn0w.

Update #2: There’s a new redsn0w beta (links were changed above) that should fix any iBooks problems people were seeing. Just run this new version 0.9.5b5-4 and deselect Cydia (you don’t want to reinstall Cydia over itself).

Update #3: Remember, there are scammers everywhere in the iPhone scene. The latest one involves something called “ClawPack”. Avoid this costly, untested, and certainly unendorsed ripoff of our free software.

Update #4: There’s a new redsn0w beta (links were changed above) that should fix any APN or MMS issues that users were seeing. It’s safe to re-run it on an already jailbroken iPhone without restoring…just deselect “Install Cydia” if you do that.

Spirit freed

Mon, 03 May 2010 07:58:58 +0400

The Spirit jailbreak is now out! Congratulations to @comex for the first userland jailbreak since the 1.x days.

Spirit provides an untethered jaibreak on those newer devices which used to require a computer nearby to finish the boot process. Spirit is able to do this because it doesn’t actually kick in until after the kernel is running.

You can get the goodies at http://spiritjb.com

Calm before the Spirit storm

Thu, 29 Apr 2010 23:43:00 +0400

At some point after (don’t ask when!) the iPad 3G is actually in customers’ hands, the first “userland” jailbreak since firmware 1.x will be released by @comex. It’s called “Spirit” and was first demonstrated working on an iPad by @MuscleNerd within 24 hours of the iPad’s release on April 3.

Userland jailbreaks are more troublesome for Apple since they expose security weaknesses that exist even for non-jailbroken owners. As such, Apple is likely to close them soon after they’re made public. One recent example of this is the SMS vulnerability exposed at Blackhat last summer. Apple released new firmware to close that hole within a day.

The Spirit jailbreak is most useful for newer devices: iPhone 3GS, iPod Touch 3G, and the iPads. Unfortunately those devices are the same ones that Apple can prevent you from downgrading unless you’ve got a backup of your personalized SHSH blobs. Unless you’ve backed up your SHSH blobs for vulnerable firmware versions, you’ll lose the ability to use the current Spirit jailbreak if you accidentally upgrade.

Please take the steps now to backup your SHSH blobs. Use either Firmware Umbrella to create a local copy, or go through saurik’s server. If you are getting an iPad 3G, it’s safest to backup your blobs using Firmware Umbrella, in case saurik’s server gets bogged down with requests.

Other things about Spirit that are useful to know:

Spirit is an untethered jailbreak.
Spirit works on all devices. (However, the redsn0w and PwnageTool flows will continue to work on those devices they’ve always worked on)
Spirit does not include a carrier unlock. (Please don’t bug @comex about that)
Spirit requires your device to be activated or hacktivated

Please make sure you have your SHSH blobs backed up! While @comex has indicated he’s not going to release the very minute the iPad 3G is out, there’s no telling what Apple might do anyway.

Update Friday, Apr 30:

As expected, the iPad 3G is equally vulnerable to @comex’s Spirit JB, as demonstrated below on MuscleNerd’s device soon after it arrived by FedEx on the iPad 3G release day.

Before even running Spirit, however, a backup of that iPad 3G’s blobs was made. Even though he already had blobs for his iPad Wifi, they can’t be used on the iPad 3G (or any other iPad Wifi or other device for that matter). Blobs are unique per-device, per-firmware.

iphoneos 4.0 on the horizon

Fri, 09 Apr 2010 01:21:03 +0400

Some interesting features were revealed in today’s preview of iphoneos 4.0. We’ll use this post as a placeholder for discussion about these features and how they relate to the jailbreak.

Also, it seemed like a good idea to move away from our last post, which was made on April 1 for a reason :)

Planned Tablet Hacks

Thu, 01 Apr 2010 14:18:59 +0400

The iPhone DevTeam has been passed confidential internal information relating to the next version of the tablet computer the ‘iPad’. An upcoming redesign of the iPad tablet computer will miniaturize the device so that it will be able to be carried on the user’s person (such as a pocket or small bag). Also a radical move to add a minimum of a 13 kbits/s speech codec to the miniaturized tablet variant is planned.

The inclusion of the voice codec will allow the user to directly utilize the GSM nomadic network, allowing person to person communications directly using your mini-iPad from anywhere dramatically speeding up the usual typed email or instant messaging capabilities that the iPad offers today.

It is the plan of the iPhone DevTeam to target this device as soon as it is released.

Scam season

Thu, 11 Feb 2010 21:54:00 +0300

While Apple’s 3.1.3 firmware was minor in terms of new features, it’s had the side effect of opening up a huge market for scam sites. These sites will promise you a 3.1.3 jailbreak for newer devices like the iPod touch 3G, or a baseband 05.12 software unlock. Those desperate enough to “just give it a shot” will find, 100% of the time, that they were misled. After money has changed hands they’ll be told “well the 05.12 unlock is coming, in the meantime here’s the 05.11 unlock” (of course the 05.11 unlock was intended to be free, as you all know). They’ll hold your money until one day the 05.12 unlock does come out, even if that’s months later (and of course it’ll be released for free). In the meantime they’ll be able to claim they gave you part of what they advertised, and keep at least part of your money (in actuality they’ll usually keep all of it).

Don’t fall for these scam sites! None of them have a 05.12 unlock, none have the 05.11 unlock working on 3.1.3, none have a 3.1.3 jailbreak for newer devices like the ipt3G. They’re trying to capitalize on your upgrade mistake, and they only need a very small percentage of people to fall for them to make their money and run.

Those following twitter may have seen some recent very early developments in the 05.12 unlock situation. One of our more helpful commenters sherif_hashim (at a rating of 84p you know he’s helped others much already!) found what looks like a very promising crash in the new baseband. He’s put in a lot of work looking for crashes over this past year, and he’s still looking for more! We’ve started to look at his crash but it’s a long road between any given crash and a fully working unlock, and we couldn’t put an ETA on it even if we wanted to. It’s not even guaranteed that an working unlock will come from this particular crash — it’s just too early to tell.

In the meantime, please stay vigilant against these scam sites. Don’t be part of the small percentage of people that fall for them because that small percentage is all they need.

Pre-game show

Sun, 07 Feb 2010 23:49:00 +0300

On Tuesday, Apple released firmware 3.1.3 for the iPhone and iPod touches. Unless you’ve personally observed a problem with the reporting of your battery percentage, there’s no reason to update to 3.1.3. We know some of you will want to anyway. Superbowl Sunday’s PwnageTool 3.1.5 for Mac OS X will let you do so safely, preserving your jailbreak and ultrasn0w unlock. (If you use the blacksn0w unlock (at baseband 05.11.07), you need to stay at 3.1.2.)

iPhone 3G and 3GS unlockers should always be very wary to update their firmware. This is no exception. If you make a mistake along the way you may find yourself updating to official 3.1.3 in which case you will lose your unlock, possibly forever.

iPhone 3GS users (regardless of unlock) should stay away from this and all 3.1.3 jailbreak tools unless you know you have your “SHSH hashes” backed up via Cydia. That’s because if you make a mistake you may find yourself stuck at official 3.1.3 with no way to jailbreak or come back down to 3.1.2 to jailbreak.

If you really truly feel that you need to update, this version creates a custom 3.1.3 IPSW for you to restore to on your iPhone 2G, iPhone 3G, iPhone 3GS with early bootrom, iPod touch 1G, and iPod touch 2G with early bootrom. If you don’t know if you have an early bootrom or not, please avoid updating until you learn more.

You don’t need to be pre-jailbroken on anything but the iPod touch 2G early bootrom. And really for that device, it’s faster and easier to use redsn0w 0.9.4 as mentioned in our last post. For that matter, if you have an ipt1g, iphone2g, or iphone3g(and don’t need an unlock), you should use redsn0w too (but version 0.9.3). It’s faster and you won’t have to go through a full restore process (just do an update then run redsn0w, pointing it at 3.1.2 FW instead of 3.1.3).

If you have an iPhone 3GS: PwnageTool works if you’re currently at version 3.1.2 or below (down to 3.0) and if you know you have a old bootrom. You don’t need to be already jailbroken — PwnageTool will ask you if you’re jailbroken after you’ve created the IPSW. Don’t use PwnageTool unless you know for sure you have an old bootrom (if you’re not sure, assume the worst and don’t use it). Don’t use PwnageTool on the iPhone 3GS if you’re at 3.1.3, it just won’t work. Downgrade to 3.1.2 using the methods described here. If you can’t downgrade because you don’t have your 3GS 3.1.2 hashes on file with Cydia, you’ll need to sit out the 3.1.3 jailbreak.

We aren’t revealing any new exploits to Apple with this jailbreak. Everything here has been used before, it’s just a straightforward port of Pwnage2 and 24Kpwn to the new firmware. It’s possible the new firmware was released largely to flush out new exploits before the next big release. We won’t be biting.

We’d really like the above warnings and disclaimers to sink in. Please don’t download the files below and use them blindly.

Please feel free to ask any questions in the comment section below. We’ve got a bunch of expert help there, including our friendly moderators confucious and angie!

Official Bittorrent Releases

PwnageTool 3.15 Torrent - PwnageTool_3.1.5.dmg.5344262.TPB.torrent
SHA1 Sum = 16611fb60d088edd2fa5128e4f95f35d8e56a603

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash. We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct download links only (no rapidshare or filesharing sites please) to blog@iphone-dev.org — please don’t place mirrors in the comments as they will be deleted.

United States

Austria

http://www.apfelzone.com/intern/downloads/PwnageTool_3.1.5.dmg

France

http://www.ipodtouchmasterfr.com/files/PwnageTool_3.1.5.dmg

Germany

Korea

http://iphone.ddisk.com/PwnageTool_3.1.5.dmg

Poland

http://bentkowski.com.pl/PwnageTool_3.1.5.dmg

Romania

http://www.accesoriigsm.net/PwnageTool_3.1.5.dmg

United Kingdom

http://hosted.z0id.com/PwnageTool_3.1.5.dmg

3.1.3 and thee

Tue, 02 Feb 2010 21:42:00 +0300

WARNING! At 10.30AM PST on February 2nd 2010 Apple released the 3.1.3 version (7E18) of the iPhoneOS.

If you care about your jailbreak and unlock, don’t update your device - 3G and 3G(S) owners should pay particular attention to this warning.

PwnageTool and redsn0w are not yet compatible with 3.1.3
There is no estimated release time for compatible tools (please don’t bug us about this).
Any information we have regarding this update will be posted here.
You can also follow us on twitter - @iphone_dev

Update 1: [Don’t go near this if you have 3GS, newer ipt2G, or any ipt3G] Thanks to daring experimenters in the comments, we can confirm that yesterday’s redsn0w works for today’s 3.1.3 update for iPhone 2G. Just point it at the 3.1.2 iPhone 2G IPSW after doing update or restore to 3.1.3. So far we’ve only confirmed this for iPhone 2G. (Note that if this does work for iPhone 3G too, you can *only* use it if you don’t care about the unlock.)

Update 2: [Don’t go near this if you have 3GS, newer ipt2G, or any ipt3G] Can confirm that this method works for iPhone 3G and iPod touch 1G too. Don’t do it for iPhone 3G if you need an unlock though (really, don’t!). For older iPod touch 2G, we’ll need a small (1-character) change in redsn0w source.

Update 3: [Don’t go near this if you have 3GS, newer ipt2G, or any ipt3G] For those with older (non-MC) iPod touch 2G, we’ve compiled a special version of redsn0w meant just for you: Mac and Windows. You guys can get in on the “3.1.2 loophole” too using this special version. Don’t try this if you have a newer iPod Touch 2G or if you’re not completely sure what version you have. And of course don’t try it for 3GS or ipt3G either.

That about does it for the 3.1.2 redsn0w loophole. Ultrasn0w/yellowsn0w/blacksn0w users shouldn’t go near it. Otherwise, it can be used by owners of iPhone 2G, iPhone 3G (not unlockers!), iPod 1G, and iPod 2G older version. Everyone else please wait for official support in the tools.

Reviving redsn0w

Tue, 02 Feb 2010 04:11:00 +0300

It sure has been a while since we last saw a firmware update from Apple. (And by the way, which will come first…the iPad wifi, FW version 3.1.3/4.0 for iPhones, or the new iPhone itself?) Anyway, while we’re waiting, we updated redsn0w to be compatible with FW 3.1.2. We also added a few new features!

It’s actually been in “open beta” for a while now, and those of you who already follow @MuscleNerd on twitter may already have tried the new redsn0w. You can read all about it and download it from our our wikee. Compared to our last release, we’ve given you the ability to quickly change your boot or recovery logos and enable “verbose” booting. And for those of you who want to experiment with your internet tethering options over cellular, try version 0.9.3 in the extra links at the bottom of that wikee page.

After reading the brief Q&A on our wikee, feel free to ask any questions below in the comments. Briefly though, if you’re already happy with your current jailbroken system (whether it’s via PwnageTool or blackra1n), and if you don’t want boot logos, then you can safely ignore this post and we’ll continue the wait for Apple’s next release together :) Otherwise go ahead and try some new boot logos using redsn0w, or use it for fresh jailbreaks. If you use it on an already jailbroken phone, be sure to checkmark “Already pwned” and don’t reinstall Cydia again (doing so will probably make Cydia lose track of what it has installed).

Caution: if you’re using the ultrasn0w or yellowsn0w unlocks then don’t be tempted to update to official 3.1.2 just to use redsn0w (and remember, redsn0w still works at 3.0 anyway). If you update to official 3.1.2, redsn0w will still work but you’ll lose ultrasn0w and yellowsn0w. There is geohot’s blacksn0w for those who updated to official 3.1.2 but there are still wifi problems with the unlock at that firmware in a small number of cases. iPhone 2G unlockers don’t need to worry about any of this, since BootNeuter handles all that regardless of firmware version (BootNeuter is installed for you by redsn0w if you have an iPhone 2G and choose “unlock”).

This version of redsn0w does not provide an untethered jailbreak for those of you with brand new iPhone 3GS, iPod touch 2G, or any iPod touch 3G. redsn0w will jailbreak those but it will still be a tethered jailbreak until some new exploit is found and released.

As always, redsn0w does not update your firmware version. You use it with whatever firmware is already running on your device (and you point redsn0w to the IPSW corresponding to that firmware already running on your device).

Ultrasn0w update

Mon, 09 Nov 2009 23:59:00 +0300

Today we released an ultrasn0w update that fixes an issue for those running firmware 3.1.x with the 04.26 baseband. That specific combination resulted in a missing carrier name in the upper left-hand corner of your home screen. Today’s ultrasn0w update from 0.91 to 0.92 fixes that problem (which was an important issue for roaming). You should see the update available if you have http://repo666.ultrasn0w.com as a Cydia source. Enjoy!

Baseband reprieve

Tue, 03 Nov 2009 20:51:00 +0300

iPhone 3G/3GS owners who found themselves stuck with version 05.11 of the baseband (either by accident or because they bought it that way) are now in luck! geohot was able to turn the already-public at+xemn crash into an injection vector, which can be used to inject his version of the unlock. The blacksn0w unlock is available for free via Cydia by adding the repository http://blackra1n.com in the Manage->Sources panel. Congratulations, geohot!

Those of you who are already unlocked at 3.1.2 because you kept your 04.26 baseband now have an extra cushion of comfort, and more choices: ultrasn0w, purplesn0w, and now blacksn0w (and of course the original yellowsn0w too if you’re still back at FW 2.x). Whether or not you choose to update your baseband solely to use the new unlock is a personal choice, but so far there are no advantages to doing so (and remember you can’t come back to 04.26 after you’ve gone to 05.11).

As with all the unlocks, it will probably very soon be re-sold through scam sites that charge you money for what is offered to the community for free. Please stay vigilant for these scam sites and steer your friends away from them.

Update: Some commenters are reporting a lingering problem with WiFi while using blacksn0w. Some are able to solve it with a single “Reset Network Settings” but others say they need to do that periodically. So far there seems to be no pattern to those affected or the best way to fix it.

Happy Pwnkin Day

Sun, 01 Nov 2009 03:53:00 +0300

No, this is not a release post! Just wanted to wish iPhone and iPod touch users everywhere a Happy Halloween!

This next one obviously isn’t a pumpkin but who can pass up on laser art by marcan!

If you have an iPhone or Apple related pumpkin photo you’d like to share, send it on in to blog@iphone-dev.org or tweet it to MuscleNerd :) The first pumpkin with our dev team pwnapple logo is MuscleNerd’s and for credit on the others, just click on them.

Pwnage Pie

Tue, 13 Oct 2009 11:44:00 +0400

Here are some details on our latest version of PwnageTool 3.1.4 for Mac OS X which supports the 3.1.2 release of the iPhone software for iPhone 2G/3G/3GS and iPod Touch 1G/2G.

If you’re already jailbroken (by whatever means), you don’t need to mess around with DFU mode at all. Just create (or get from a friend) your custom IPSW and Option-Restore (Shift-Restore on Windows) to it via iTunes. Don’t enter DFU mode at all. Please make sure you are restoring to the custom IPSW, not the stock one from Apple! For best results, use the latest iTunes (9.0.1) — which includes a nice new application organizer.

This release allows your baseband to remain unlocked at 3.1.2, but it does not unlock a new baseband put there by restoring to official 3.1.x. It is super important that people who need the unlock to understand they can keep it only by starting at 3.0 (or earlier) and updating solely to custom IPSWs that don’t update the baseband. For those who have been onboard the “unlock train”, simply install ultrasn0w via Cydia once you’ve restored to your custom IPSW. Don’t forget to turn off the “3G” setting in Settings->General->Network if you use T-Mobile in the U.S.A.

Note for 3GS users not already jailbroken and stuck at 3.1.x: this version of PwnageTool has a side feature to jailbreak your 3GS. It uses a simple implementation of the usb control msg hole found by chronicdev, geohot, and our very own gray. (Update: please make sure iTunes and iTunesHelper are not running when PwnageTool asks you if your 3GS is already jailbroken/pwned). Now that the hole is public and in use, we expect Apple to close it by the next major firmware update. That’s why 3GS users need to get their ECID hashes for 3.1.x now, and need to stay onboard the “jailbreak train” in all future updates. For more details on what this means, please see our earlier posts or ask in our comments section (moderated by the always helpful @angie and @confucious!).

For the early adopters who ran blackra1n and are having problems with mobilesubstrate, winterboard, diskaid, or ifunbox, you can install a custom .ipsw from PwnageTool to fix these issues. That’s because all jailbroken devices accept a custom .ipsw created by PwnageTool. (However, if you ran blackra1n on a 3G or 3GS that means you updated to stock 3.1.x, and the carrier unlock is now out of reach. We’ll continue to work on a carrier unlock for the latest basebands, but the timeframe for such an unlock is unknowable.)

Note: If you use internet tethering on a carrier that doesn’t officially support it, you’ll lose it by going to 3.1.x. Stay back at 3.0 until a hack for that is developed.

SUMMARY:

The iPhone 3GS is now supported out of the box in PwnageTool 3.1.4 (or if you have upgraded to 3.1.x in iTunes)
The iPod 2G is still supported in PwnageTool 3.1.4 but you must already be jailbroken (we’ll update this if there’s a big demand from non-jailbroken ipt2G owners)
The iPod touch 3G is NOT supported

DETAILS:

GOLDEN RULE: If you are using a iPhone 3G or iPhone 3G(S) with ultrasn0w and rely on ultrasn0w to obtain cellular service then you should only update your device with an .ipsw that is made with the new PwnageTool. There are no second chances with this. You need to remember that PwnageTool will provide an upgrade path to newer versions of the iPhone software in the future.
Please read all parts of this post before downloading and using these tools.
Read items 1, 2 and 3 again and again.
At the bottom of this post are the bittorrent files for the 3.1.4 capable version of PwnageTool.
PwnageTool will work for the iPhone 3GS
PwnageTool will work for the iPod touch 2G
PwnageTool WILL work for Original iPhone (1st Generation), the iPhone 3G and iPhone 3G(S) and the iPod touch (1st Generation and 2nd Generation) but NOT the iPod touch 3rd generation.
For 3G and 3G(S) users who are Pwned, PwnageTool is your key to updating in the future, just remember to never install an update directly from Apple, always use an .ipsw that has been created with PwnageTool.
There is no Windows version of PwnageTool yet. It is currently a Mac OS X tool only. Custom IPSWs created on a Mac can be used on a Windows machine too.

What’s a Baseband?

Think of it like a cable modem or other peripheral that is attached to your home PC that needs occasional updates. When a software update is released and presented to you within iTunes the baseband is sometimes updated (to fix bugs or add new features).

The 3.1.2 update for the iPhone 3G and 3GS contains such an update, so running the vanilla updater straight away with iTunes will reprogram and update the baseband.

WHICH DEVICE DO I HAVE?

Read the description to identify your device, once you have correctly identified your device follow the specific instructions for that device as listed below.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G(S)

This applies if you bought your iPhone 3G(S) for $$$$$$$. This model of iPhone 3G(S) doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, you can use PwnageTool to create an ipsw and then use this to update and jailbreak your phone.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G

This applies if you bought your iPhone 3G for $$$$$$$. This model of iPhone 3G doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, you can use PwnageTool to create a 3.1.ipsw and then use this to with iTunes to upgrade and jailbreak your phone.

iPhone 3G

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw

iPhone 3G(S)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw

iPhone 2G (1st Generation)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw ‘nuff said, you don’t need to worry about anything, the baseband will be unlocked, the phone jailbroken.

iPod Touch 1G (Original iPod Touch)

Use PwnageTool to create a firmware image and restore with that .ipsw using iTunes.

iPod Touch 2G

Use PwnageTool to create a firmware image and restore with that .ipsw to your already jailbroken device using iTunes.

iPod Touch 3G

At this time PwnageTool does not support this device.

Official Bittorrent Releases -

PwnageTool 3.14 Torrent

PwnageTool_3.1.4.dmg.5122330.TPB.torrent

SHA1(PwnageTool_3.1.4.dmg.5122330.TPB.torrent)= d9d44258ade35623ec71e83520943b6f4baa568a

Unofficial Mirrors

The following links are unofficial download mirrors, you download these at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links or archives and we accept no responsibility with regard to the validity of the files, or with other content these links provide or with the content that is on the linked site. Always check the published SHA1 sums. We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct links only to blog@iphone-dev.org , please don’t place mirrors in the comments as they will be deleted.

3.1.2 and you?

Thu, 08 Oct 2009 22:10:00 +0400

WARNING! At 10.20AM PDT on October 8th 2009 Apple released the 3.1.2 version (7D11) of the iPhoneOS.

If you care about your jailbreak and unlock, don’t update your device - 3G and 3G(S) owners should pay particular attention to this warning.

PwnageTool and redsn0w are not yet compatible with 3.1.2
There is no estimated release time for compatible tools (please don’t bug us about this).
Any information we have regarding this update will be posted here.
You can also follow us on twitter - @iphone_dev
@wizdaz has made a very cool DevTeam alert widget for his upcoming app called SmartScreen

Update: geohot released a Windows jailbreak called “blackra1n” which is similar to redsn0w in that it covers multiple devices (and it covers beyond just firmware 3.0.1 where redsn0w currently stops). blackra1n is not a carrier unlock. You must always avoid updating your baseband to maintain your unlockability. If you use blackra1n to jailbreak 3.1 or 3.1.2, the steps you take before running blackra1n will prevent the unlock from working on your iPhone for potentially a very long time. By the way, we haven’t yet tested whether a blackra1n’d device can accept a custom IPSW without tweaks, but if it doesn’t then it should only require a minor change.

All aboard the update train!

Fri, 02 Oct 2009 23:55:00 +0400

Here are some details on our latest version of PwnageTool for Mac OS X that adds support for the 3.1 release of the iPhone software for iPhone 3GS and iPod Touch 2G.

SUMMARY:

The iPhone 3GS is now supported in PwnageTool 3.1.3, assuming the phone was pwned at 3.0 or 3.0.1 - PwnageTool does not support the 3GS out of the box. If your iPhone 3GS has 3.1 preinstalled and is not Pwned then there is no tested jailbreak solution at the moment.

The iPod 2G is now supported in PwnageTool 3.1.3, assuming the iPod 2G was pwned at 3.0 or 3.0.1 - PwnageTool does not support the iPod 2G with 3.1 software out of the box.

DETAILS:

GOLDEN RULE: If you are using a iPhone 3G or iPhone 3G(S) with ultrasn0w and rely on ultrasn0w to obtain cellular service then you should only update your device with an .ipsw that is made with the new PwnageTool. There are no second chances with this. You need to remember that PwnageTool will provide an upgrade path to newer versions of the iPhone software in the future.
Please read all parts of this post before downloading and using these tools.
Read items 1, 2 and 3 again and again.
At the bottom of this post are the bittorrent files for the 3.1 capable version of PwnageTool.
PwnageTool will work for the iPhone 3GS assuming you have already Pwned it at 3.0 or 3.0.1
PwnageTool will work for the iPod touch 2G assuming you have already Pwned it at 3.0 or 3.0.1
PwnageTool WILL work for Original iPhone (1st Generation), the iPhone 3G and iPhone 3G(S) and the iPod touch (1st Generation and 2nd Generation) but NOT the iPod touch 3rd generation.
For 3G and 3G(S) users who are Pwned, PwnageTool is your key to updating in the future, just remember to never install an update directly from Apple, always use an .ipsw that has been created with PwnageTool.
There is no Windows version of PwnageTool it is a Mac OS X tool only, we are not developing a Windows version of PwnageTool.

What’s a Baseband?

The 3.1 update for the iPhone 3G and 3GS contains such an update, so running the vanilla updater straight away with iTunes will reprogram and update the baseband.

WHICH DEVICE DO I HAVE?

Read the description to identify your device, once you have correctly identified your device follow the specific instructions for that device as listed below.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G(S)

This applies if you bought your iPhone 3G(S) for $$$$$$$. This model of iPhone 3G(S) doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, if your device was Pwned at 3.0 or 3.0.1 then you can use PwnageTool to create an ipsw and then use this to update and jailbreak your phone.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G

This applies if you bought your iPhone 3G for $$$$$$$. This model of iPhone 3G doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, if your device was Pwned at 3.0 or 3.0.1 then you can use PwnageTool to create a 3.1.ipsw and then use this to with iTunes to upgrade and jailbreak your phone.

iPhone 2G (1st Generation)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw ‘nuff said, you don’t need to worry about anything, the baseband will be unlocked, the phone jailbroken.

iPod Touch 1G (Original iPod Touch)

Use PwnageTool to create a firmware image and restore with that .ipsw using iTunes.

iPod Touch 2G

Use PwnageTool to create a firmware image and restore with that .ipsw using iTunes, this will only work if you are already Pwned at 3.0 or 3.1. If you are at 3.1, downgrade to 3.0 and use redsn0w to Pwn 3.0 then you have an upgrade path using PwnageTool.

iPod Touch 3G

At this time PwnageTool does not support this device.

Official Bittorrent Releases -

PwnageTool 3.13 Torrent
SHA1(PwnageTool__3.1.3.dmg)=4141b7ecd3928c3a0c954bb06c86225a56b2f3e7

Unofficial Mirrors

The following links are unofficial download mirrors, you download these at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links or archives and we accept no responsibility with regard to the validity of the files, or with other content these links provide or with the content that is on the linked site. Always check the published SHA1 sums. We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct links only to blog@iphone-dev.org , please don’t place mirrors in the comments as they will be deleted.

3 • fun!

Wed, 16 Sep 2009 00:55:00 +0400

This is the low down on our tools for use with the 3.1 firmware from Apple, please read the whole post in full before attempting anything. Because of changes with Apple’s update techniques (that complicate the 3GS upgrade process) this will be a multipart release. This release starts with PwnageTool 3.1 for Mac OS X - this application supports the iPhone 1st Generation (2G), the iPhone 3G and the iPod touch 1G. NB: THIS DOES NOT SUPPORT THE 3GS OR 2G/3G IPOD TOUCH. redsn0w for Mac OS X and Windows will follow sometime in the near future, please don’t bug us about it - we’ll release when we have something ready.

GOLDEN RULE: If you are using a 3G iPhone with ultrasn0w and rely on ultrasn0w to obtain cellular service, then you should only upgrade to 3.1 with a PwnageTool created .ipsw. - Stay away from Apple’s direct updates as described here and here please get up to speed on the whole subject by reading the information contained in these posts.
If you have an original iPhone (1st generation) then 3.1 unlock works with this PwnageTool release. iPhone 3G users upgrading to 3.1 will need to continue using ultrasn0w with a PwnageTool created 3.1 .ipsw
Please read all parts of this post before downloading and using these tools.
Read items 1, 2 and 3 again and again.
At the bottom of this post are the bittorrent files for the 3.1 capable version of PwnageTool.
This app is suitable for the recent 3.1 release.
This version of PwnageTool will NOT work for the iPhone 3GS.
PwnageTool WILL work for Original iPhone (1st Generation), Original iPod touch (1st Generation) and the iPhone 3G.

Baseband 101

The ‘baseband’ is the generic nickname given to the internal components of the iPhone that handle the phone calls and Internet access. This ‘baseband’ is a tiny and unique independent computer system that runs inside your iPhone, it is separate to the main system that handles the applications (such as email and google maps) and it talks to the main part of the phone over an internal communications network. Think of it like a cable modem or other peripheral that is attached to your home PC that needs occasional updates. When a software update is released and presented to you within iTunes the baseband is sometimes updated (to fix bugs or add new features). The 3.1 update for the iPhone 3G contains such an update, so running the vanilla updater straight away with iTunes will reprogram and update the baseband.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G

This applies if you bought your iPhone 3G for $$$$$$$. This model of iPhone 3G doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, simply upgrade to 3.1 using iTunes and then use PwnageTool to create an ipsw and then use this to jailbreak your phone.

iPhone 2G (1st Generation)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw ‘nuff said, you don’t need to worry about anything, the baseband will be unlocked, the phone jailbroken.

iPod touch 1G (Original iPod Touch)

Use PwnageTool to create a firmware image and restore with that .ipsw using iTunes.

iPod touch 2G

Sorry, no support at this time within PwnageTool, use Redsn0w for an earlier (pre 3.1) firmware release instead.

iPod touch 3G (New iPod Touch)

Sorry, no support at this time within PwnageTool

Official Bittorrent Releases -

PwnageTool_3.1.dmg.5089960.TPB.torrent
SHA1 = ccc1e5db026362fc7eb9a40c76322b1fdcc90332

Unofficial Mirrors

The following links are unofficial download mirrors, you download these at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links or archives and we accept no responsibility with regard to the validity of the files, or with other content these links provide or with the content that is on the linked site. Always check the published SHA1 sums. We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct links only to blog@iphone-dev.org , please don’t place mirrors in the comments as they will be deleted.

Update 1: Please do not put links to custom IPSWs in your comments, because the software in them is copyrighted by Apple. The Dev Team motto has always been “patch, don’t pirate!”. And you’ll just make things harder for your friendly moderators angiepangie and Confucious :)

Update 2: Unlocked users on the 3G will probably notice that the name and/or logo of their carrier is missing, but they still have full bars and a signal. So far this seems to be purely a cosmetic issue and it doesn’t impact your signal or coverage. We hope to have this issue “fixed” when we release the 3GS compatible version of PwnageTool. This is very likely tied to Update #3…

Update 3: As of 3.1, the *.ipcc carrier bundles are signed, and you can no longer force tethering capability simply by crafting your own bundle. The good news is this obstacle can probably be overcome by virtue of the jailbreak. But so far that extra hack is not part of the PwnageTool custom IPSW creation.