Dev-Team Blog
To find yourself, think for yourself © Socrates 469 BC
Found 20 results for: redsn0w
Restoration reinvigoration 

Today we’re pleased to release redsn0w version 0.9.15b1, with significant new features supporting restoring to older firmware no longer being signed by Apple.  For brevity, we’ll list most of the new features in bullet form.  For more details, please feel free to drop by our comments section, or check out any upcoming guides on tutorial sites like http://iclarified.com

First, the high-level new feature list:

  • restore from any 5.x iOS to any other (up, down or the same) 5.x iOS on all devices as long as you have the correct blobs (see more below)
  • Cydia now included in the tethered 6.0 jailbreak on A4 devices
  • automatically “Just Boot” tethered when qualifying A4 device connects in DFU mode
  • untethered 6.0 jailbreak on old-bootrom 3GS
  • untethered 6.0 hactivation on any 3GS or iPhone4
  • directly restore pre-A5 devices to earlier firmware — no more complicated 15-step how-to’s with stitching, iTunes errors, and “hosts file” concerns
  • fetch new signed blobs for any IPSW (present or future — no redsn0w update required) using Extras->SHSH Blobs->New
  • block the BB update for any 3GS or iPhone4 restore (past, present, or future — no redsn0w update required) using Extras->Even More->Restore
  • deactivate any iPhone, useful for testing your “official” unlock status through iTunes.  (Please only deactivate your own iPhone!)
  • activation status shown on “Even more” page
  • significantly more (very nerdy) info returned by “Identify” button when device is in Normal mode
  • tethered jailbreak of ATV2 supported (but the only thing available for it is the SSH2 custom bundle available here — no Cydia yet.  Must use “Select IPSW” for tethered boot of ATV2 for now).
  • auto-exit WTF mode for older devices with broken buttons
  • any time a set of blobs is fetched remotely (from Apple or Cydia), redsn0w also saves them locally (and will check there first if you click “Local”)
  • for your future restoring convenience, you should also submit all of your past and present TinyUmbrella blobs to Cydia if you haven’t done so yet.  Resubmitting is okay and won’t cause conflicts.

Here are more details on the iOS5-to-iOS5 restores for A5+ devices.  (Note: pre-A5 devices don’t have these restrictions — just follow the redsn0w prompts during the restore).

1. redsn0w now lets you restore an A5+ device from any iOS5 to any other iOS5 as long as you have correct 5.x blobs for the starting (current) and ending points of the restore

  • APtickets eliminated “higher-version only” comparison of firmware restores (just like BBtickets did for the baseband)
  • example restores supported by redsn0w if you have the correct blobs: 5.1.1-to-5.0.1, 5.0.1-to-5.1.1, 5.1.1-to-5.1.1, 5.0.1-to-5.0.1
  • if you don’t have the blobs locally, let redsn0w try to fetch them remotely (redsn0w always tries both Apple and Cydia).  Any succesful remote fetch also saves a local copy too.

2. You DO NOT QUALIFY for iOS5-to-iOS5 restores if you got to your current 5.x via an OTA update

  • the tickets saved by Cydia, redsn0w, and TinyUmbrella do not cover OTA update ramdisk images 
  • even if they did, it’s the “wrong kind” of ramdisk (you’d need to start at that earlier pre-OTA FW)
  • devices fresh from factory or refurb may fall in the “does not qualify” category (your results will vary)
  • it’s okay if you previously got to 5.x via an OTA update, as long as your current 5.x was installed via a normal iTunes restore.  All that matters is how you got to your current 5.x most recently
  • redsn0w detects an OTA/normal-restore APticket mismatch very early, so if you don’t know your status there should be no harm in trying.  Any device in recovery mode after such a mismatch can boot normally again just by going back to “Even More” screen from the “Restore” screen (or use “Recovery Fix” if you quit redsn0w before doing that).

3. Unlike the A4 devices, redsn0w can’t (usefully) prevent the baseband updates of A5+ iPhones and iPads.

  • and so, redsn0w automatically flashes the currently signed baseband when it does A5+ restores, even if those basebands didn’t come with the original firmware
  • stay away from this if you have an unofficial unlock that isn’t supported by the newest baseband
  • the least-tested baseband update code in redsn0w is for iPad2,3 and iPad3,2.  Please give any feedback on those iOS5 restores in the comments section below.

4. iPad2 owners (all three models) with saved 4.x blobs can use those instead, even from 6.x

  • if you have both 4.x and 5.x iPad2 blobs, you can always get to 5.x via the 4.x blobs, even if you’re currently on 6.x
  • you cannot get to 5.x from 6.x without the 4.x blobs (but you may still qualify for the iOS5-to-iOS5 restore described above)
  • if somehow you have 4.x blobs but no 5.x blobs, you can still go down to 4.x from 6.x
  • this only applies to iPad2 owners (they’re the only A5+ devices that ever had a public 4.x FW)
  • redsn0w still supports (but doesn’t require) jailbreaking A5+ devices at 5.0.1 and 5.1.1.  Just head back to the first page after re-restoring to 5.x.  It’s always much faster to jailbreak those FW versions with a freshly-restored device, before letting iTunes restore from a saved userland backup.

And finally, some random details:

5. ultrasn0w isn’t yet updated for 6.x

  • by now you probably should be taking advantage of the extremely cheap IMEI-based unlocks of iPhones sold by established online retailers like http://cutyoursim.com
  • still, IMEI-based unlocks don’t work in all cases.  We’ll announce when ultrasn0w is ported up to 6.x
  • redsn0w will still hactivate your 3GS or iPhone4 if you run it before the device is activated.  Due to the current tethered 6.x JB status, redsn0w now hactivates 6.x without requiring subsequent tethered boots.  If you accidentally hactivate with redsn0w, use the “Deactivate” checkbox available from the Jailbreak screen, not the normal one in “Even more”

6. As always, redsn0w lets you “Fetch” the SHSH blobs currently flashed onto your pre-A5 device

  • use this if you’re at 5.x or 4.x but without having saved your blobs when the window was open
  • this is only useful when Apple is no longer signing the firmware, otherwise Cydia/redsn0w “New”/TinyUmbrella blobs are superior (but you’re welcome to fetch your 6.0 blobs this way anyway)
  • fetching blobs in this fashion will automatically forward them up to Cydia, as well as save a local copy

We realize there’s a lot of info in this post.  If you’re at all confused about things remember to visit our comments section, with our very helpful user base and moderators like dhlizard, Frank55, 41willys, and slavakulikoff.

If you’re in the Melbourne, Australia area, MuscleNerd (and another anonymous long-time Dev Team member) will be giving some talks at the Breakpoint conference http://www.ruxconbreakpoint.com this week.  And @mdowd’s iOS talk at the same conference should be quite interesting too!  We’ll also all be attending Ruxcon a few days later, so say hi if you see us!


Update #1 (Oct 15): Version 0.9.15b2 fixes a few issues for 3GS owners: old-bootrom awesomeness is no longer forgotten directly after a restore, and iPad baseband upgrade/downgrade support is fixed (same production date cutoffs apply!).  If your 3GS is currently tethered at 6.0 even though you have an old bootrom, just re-run redsn0w’s Jailbreak step (no need to restore).  Don’t forget you can add some pizzaz with your own boot logo or a nerdy verbose boot.

Update #2 (Nov 1): Version 0.9.15b3 fixes the redsn0w “error 2601” that Windows users were seeing using the Restore button.  It also fixes a related Windows iTunes error 14 for stitched files.   Note that if you have a baseband, you should probably avoid stitching and simply use redsn0w’s native Restore (not iTunes).  

Those lucky recipients of new iPad minis and iPad4s on Friday can use this redsn0w to save your 6.0 blobs off to Cydia.  First connect your new device and turn it on, then use redsn0w’s Extras->SHSH Blobs->New and point it at the 6.0 IPSW.

Expect an ultrasn0w compatibility update for iOS 6.0 by Friday (mostly useful for 3GS old-bootrom users who are currently enjoying the untethered 6.0 jailbreak!).  Same baseband support as with 5.x.

Thanks to @iamgolfy for helping test the 2601 Windows fix!

Here are the download links.  Enjoy!

Baseband Freedom 

Happy 4th of July!  Today’s release of redsn0w 0.9.14b2 improves the iPad baseband downgrade and should cover anyone who couldn’t downgrade with 0.9.14b1.  This version covers 3 different types of NOR chips in the iPhone 3G and 3GS (the earlier version covered only the most prevalent NOR chip).  We’ve also simplified the process and added logging to help diagnose any remaining stubborn iPhones.

The revised steps are:

  1. Connect your iPhone in normal mode, then click “Jailbreak” after redsn0w identifies its model and BB version (you needn’t pre-select the IPSW anymore).
  2. Choose the “Downgrade from iPad baseband” option (you needn’t worry about de-selecting Cydia anymore).
  3. Do a controlled “slide to power off” shutdown of your phone and proceed through the normal DFU ramdisk steps.

Should the downgrade fail to take, feel free to leave the redsn0w log in the comments below.  Use the “Extras->Even more->Backup” button to grab a copy of /var/mobile/Media/redsn0w_logs, then extract the log text file(s) from the zip and paste them into the comments (currently that log file is generated only during baseband downgrade runs).

NOTE: The original warning about 3GS units manufactured in early 2011 or later still holds!  They have a NOR chip that’s incompatible with 06.15.00 and so trying to install it will brick the device.  Please read and re-read the warning in our earlier post. 

Thanks to bobmutch, @healeydave and @dilbert4life for lending us their iPhones to improve the baseband downgrade!


DFU IPSW

We’ve gotten a lot of feedback from users who can’t launch a DFU ramdisk because their iPhone home/power buttons are broken or intermittent.  We’ve added a new redsn0w feature that lets you enter DFU mode as long as your phone is healthy enough to restore to a normal, everyday IPSW.  You don’t need to be already jailbroken to use this method.

In redsn0w, go to “Extras->Even More>DFU IPSW” and select an IPSW that is currently being signed for your device and that you’d normally be able to restore to without any hacks.  redsn0w will create an “ENTER_DFU_” version of the IPSW that you can restore to just like any other IPSW, except that now you’ll be dumped into DFU mode towards the end of the restore (WARNING, your screen will remain completely black…the only way to even know its on is that iTunes and redsn0w will detect it!).  The technique used by this feature is 3 years old but surprisingly still works today!

Update #1 7/25/12: redsn0w is compatible with today’s retail release of Mountain Lion OS X 10.8.  Until we start using an official developer ID for it (!), you’ll need to use the new Ctrl-Click-Open security bypass the first time you run it after downloading.

Here are the download links.  Enjoy!

0615 fun 

The iPhone Dev Team is happy to announce a baseband downgrade option in redsn0w for those who are using the iPad’s 06.15 baseband on the iPhone3G or iPhone3GS.

Typically you’d have the 06.15 baseband if you unlock with ultrasn0w but updated your iPhone baseband past 05.13.04.  With this new capability, you can now downgrade specifically from 06.15 to 05.13.04 (even if you never had 05.13.04 on that device before).  This gives you the best of both worlds: ultrasn0w compatibility and a normal iPhone baseband with full GPS and the ability to use stock IPSWs again.

Here are the steps:

  1. Use the “Extras->Select IPSW” button in redsn0w to tell it which firmware version you have installed (new-bootrom 3GS users can usually skip this step but it doesn’t hurt for them to do it too).
  2. Do a controlled shutdown of your iPhone (“slide to power off”).  This step is very important to avoid mount problems when the ramdisk is running!
  3. Go back to the first screen and click “Jailbreak”.  Enable the “Downgrade from iPad baseband” checkbox, disable Cydia if you already have it installed, and click Next to proceed through the normal DFU ramdisk steps.

After the ramdisk gets launched and you see the Pwnapple running on your iPhone, you’ll eventually get to the “Flashing Baseband” step.  THIS STEP TAKES A VERY LONG TIME to complete and there won’t be any feedback while its running.  Please just let it be for the next 3-8 minutes!  When the ramdisk has done its job it will reboot the phone on its own.

For those who are wondering if you can update your 3G or 3GS to 06.15 solely for the purposes of downgrading to 05.13.04, the answer is “yes” for 3G owners, and “maybe” for 3GS owners.  The iPad baseband is not compatible with 3GS units manufactured week 34 of 2011 or later.  If you have an iPhone3GS and if digits 3-5 of its Serial Number are 134 or later (xx134…), then you should NOT try to install the 06.15 baseband on your 3GS!  It will brick your radio, preventing both the downgrade from working and normal iPhone software from using it as a phone!  Be warned!

Thanks very much to @dilbert4life for graciously loaning us his 3GS at 06.15 (we had no such devices because we always prevent BB updates!)

If you have any questions or comments, please use our comments section below!

Here are the download links.  Enjoy!

Update #1: If you’re still using ultrasn0w after going down to 05.13.04, many people have reported that re-installing Mobile Substrate and/or ultrasn0w fixes crashes and “No Signal”.

Update #2: There’s a subset of 3GS iPhones that won’t take the downgrade.  We now understand why (they use a slightly different NOR chip), and should be receiving a loaner of such a phone on Thursday the 28th.  After we have one in hand we’ll tweak the redsn0w payload to handle that variation too! The improved downgrader is now available here.