Oh, The Huge Manatee

A blog about technology, open source, and the web... from someone who works with all three.

Unlocking and Jailbreaking My iPhone 3gs on 4.1.2 - a Little Late

While I was away over the weekend, I borked my iphone.  I was running IOS 4.0, and I was having trouble with network connections.
  • The statusbar wouldn’t reflect my actual connection status.  WiFi connections would rarely show up in the statusbar, though I knew I was surfing wirelessly (my router at 10.10.10.1 was accessible to the phone, for starters…)
  • WiFi would periodically crash.  In the middle of a good network connection, it would just. stop. working.  I could go to System Preferences and see that WiFi was inexplicably disabled.  If I tried to enable it, the switch animation would work, but no networks would be visible.  Exiting and re-entering System Preferences would show WiFi disabled again.
  • Periodically all networking would crap out.  The statusbar would show a good 3G connection, and ifconfig would show an IP… but the phone couldn’t establish any connections, anywhere.  
Only rebooting ever solved any of the above problems.  So this weekend I started to look into it, and it occurred to me that maybe SBSettings was interfering with networking - I periodically disable or enable Wifi in SBSettings, and it occurred to me that maybe there was a conflict there.  So I uninstalled SBSettings, (noting that it unnecessarily included iphone zsrelay in the uninstall)…

And my phone stopped getting signal.  I had never seen anything like it before.  It didn’t show an operator, just 0 signal bars.  It could get wifi, but couldn’t access the Internet over it.  In retrospect, I think the SBSettings uninstall borked my yellowsn0w unlock, and at the same time my networking subsystem in general wasn’t working.  

The solution was clear - I had to reinstall.  I figured I would do an update at the same time, just in case the networking issue was related.  So I spent this evening painfully updating to 4.1.2.  For anyone who encounters the same kind of pain I did:

  • Don’t bother with the latest Apple firmware.  Firmware 4.2.1 is not easily crackable for the iphone 3gs yet, and besides, the most common way to crack is to install the baseband from the iPad (06.15), which brings all sorts of problems, including broken GPS and disappearing battery charge…. deal breakers for most people IMO.  
  • But when you try to install a non-current version of the firmware, iTunes won’t let you!  It phones home to the iTunes update servers to make sure that you are restoring to the most recent version.  If it hears back that there is a MORE RECENT version than what you are trying to use, it will throw a message:
This device is not eligible for the requested build
  • If you use the older hack, and change your /etc/hosts so that gs.apple.com points to 127.0.0.1 (your own computer), it will complain that the update server is not responding, and refuse to go forward.  This check involves an exchange of an encrypted key, which uses your unique iPhone’s ID as one variable and Apple’s passphrase as another.  Saurik (of Cydia fame) set up a server (note: really awesome post, recommended reading) to keep a backup of examples of successful SHSH key “handshakes” for each device, so you have to use the IP of this server instead.

So here are the steps I had to follow, for reference:

  1. Download the 4.1.2 .ipsw for your iphone.  I found it on binsearch by searching iPhone2,1_4.1_8B117_Restore.ipsw .
  2. Download PwnageTool - get it from the torrent or the links on the official devteam blog site only! Everyone else is at best a scammer, or at worst a hack stealing the product of devteam’s hard work.
  3. Use pwnagetool to build yourself a custom version of the 4.1.2 firmware you just downloaded.
  4. To foil Apple’s update server check, add a line to etc/hosts pointing gs.apple.com to 74.208.10.249 , Saurik’s SHSH backup IP as of this writing.
    If you have used Cydia before (and clicked the “make my life easier” button), this will be enough to get the restore going.  If not, even a failed check of your validity for the firmware involves a key exchange, and having this IP in /etc/hosts will make sure that the SHSH key gets uploaded to Saurik’s server.  Give it about a day, and try again.  Did I remember to link to Saurik’s really interesting blog post about this? It explains a lot.  If that doesn’t help, try the TinyUmbrella tool.
  5. When your custom .ipsw is written, put your iphone into DFU mode, open iTunes, and OPTION-click (for Macs) on the Restore link to select your custom firmware.
  6. When your phone is restored and working, use Cydia to install ultrasn0w (the unlock).
This took up MUCH to much of my evening.  Once again, I found myself exercising creativity in swearing at computers.

Comments