This page has been robot translated, sorry for typos if any. Original content here.

Help on Bugs and Terms iPhone / iPod / iPad

On this topic:


You can check the unlock status and find out how to do this on the website - http://jailbreak-me.info

What do I need for my iPhone to work with any operator?

As you probably know, all phones sold by Apple are tied to a specific operator. In the US, this is AT & T, in France Orange, in Germany T-Mobile and finally O2 in the UK. This is due to the business model of Apple. Under the contract, the operator is obliged to deduct a certain percentage of the income from the subscriber Apple. It is not known for sure how many, but rumor has it that up to 20%.

In this regard, you can use the phone only with the SIM card of the above operators. And nothing else. The scheme for the "legal" iPhone user is as follows:

  • In the company store operator or in the Apple Store phone is bought
  • The subscriber comes home and concludes a contract with the operator via the Internet
  • After the conclusion of the contract, after a while the phone is activated and it can be used

Therefore, in order for the device to work in the network of any other operator, you need to perform the following steps:

  1. Activate phone
  2. Bypass sim card check

The first step, as one would expect, is called activation . Its essence is to gain access to the main functions of the device.

The second step, called unlocking, in the world - unlock .

What is unlock?

Unlock is a modification of the software of the GSM module , which allows you to use an iPhone, like a telephone, with a SIM card of any operator.

There are several methods:

  1. Software (soft unock) - when, without interference with the hardware of the phone, a radio modem is modified, which removes the check that the SIM card belongs to the operator. Usually for this, you use the program AnySim (iUnlock) or iPhoneSimFree. How this process takes place, in detail, you can read in the paragraph: "Bootloader, secpack, OTB and all-all-all."
  2. Hardware (hard unlock) - when the phone is opened and with the help of the Test Point circuit it gains access to the modification of the software part of the radio modem.
  3. Sim Clone (MultiSIM) - in fact, is not an unlock. This method uses some features of verifying that a SIM card belongs to an operator, through which the phone is "tricked" - the iPhone believes that the SIM card belongs to the AT & T operator. When using this method, the subscriber's SIM card scans the information necessary for authorization in the GSM network of the operator (IMSI, ICCID and secret key Ki) and is recorded on a special smart card that will emulate the SIM. The main problem with this method is that the secret key Ki can be read only from the first generation of SIM cards (SIMv1). Requires special equipment, takes a long time.
  4. Sim Proxy (TurboSIM, StealthSIM, NextSIM, X-SIM and others) is a logical continuation of the SimClone method. Only with the use of hardware "pads" (proxy) between the phone and the SIM card. When the phone asks for information in order to check its belonging to the operator, Sim Proxy gives the AT & T card metric, in other cases it redirects requests to the subscriber's SIM card. It is very easy to use - you simply cut off your SIM card and impose an adapter on it, then insert this design into the phone. Does not require special equipment.

How is the iPhone?

The phone that you hold (or will hold) in your hands, does not represent anything exclusive in terms of your device as a whole. Its only difference from fellow class is the absence of a keyboard and a display that recognizes two touch points at the same time.

I will not give a specific list of "hardware", which is located in the phone, and in a simplified form I will tell you how it all works, so that the forum does not cause confusion of concepts and all sorts of delusional stories.

Hardware

At the iron level, it is important to know that the phone actually has two processors:

  • ARM processor that controls the operating system
  • Infenion SGOLD2 which is responsible for working with the GSM network (it is called the radio modem, baseband, gsm modem, bb).

The first processor (we will call it CPU) is actually the heart of the phone: it is responsible for the operation of the operating system (by the way, almost the real MacOS X actually works on your phone), it is responsible for the work of absolutely all of your applications.

The second processor (we will call it baseband, abbreviated BB), is responsible for the communication capabilities of the phone: GSM, EDGE / GPRS, WiFi and Bluetooth. Like the CPU, it also has some sort of operating system, which consists of several components: boot loader (bootloader), flash (firmware) and eeprom (data). All this stuff is stored on a special memory module (Intel Wireless Flash Memory, a separate chip on the board), it is also called NOR flash.

Software

Now let's talk about things closer to us - software. If you look at the previous section, it becomes clear that the phone has two types of programs: for the CPU and for the BB.

Into the phone, all this gets through a software package, usually called firmware. This is where the first confusion usually arises, so we will take a closer look at this point.

When enough fixes are collected, Apple releases an update - an IPSW file of about 150 megabytes in size, containing an image of the phone's operating system and sometimes an update for the GSM part. Therefore, there can be two “firmware” in one update: for the software part of the phone (application update) and for the GSM part.

This package has its own version (1.0.0, 1.1.1, 1.1.2, etc.), but the GSM part has its own numbering (03.01_13G, 04.02_13G, etc.). It turned out that the programs installed in the phone itself are characterized by the version of the update package, for example, the latter has version 1.1.3. This is called the "firmware version of the phone."

It just so happened that you can install any of the currently existing updates on the phone, while the firmware version of the GSM part will not change. You can have the GSM part firmware for version 04.03_13G and phone firmware 1.0.2.

Now read the previous 2 paragraphs a few more times. Of these, we learned two main terms: the phone firmware and the GSM part firmware. Very much depends on their versions.

But in the light of recent events, another term appears on the scene: the bootloader version. This question deserves separate discussion.

Bootloader, secpack, OTB, unlock and all-all

With the release of the update number 1.1.2, one very unpleasant fact was revealed. All phones on sale with this firmware (as they say 1.1.2 out of the box - 1.1.2 out the box, OTB) have a different bootloader. The version of the new loader is 4.6, whereas the previous one had version 3.9.

In this version, Apple fixed many vulnerabilities and changed the secpack check algorithm.

Secpack is the area in the update package that contains digital signatures for a specific firmware version of the GSM part of the phone. Required to modify GSM modem software.

If in the version 3.9 bootloader it was possible to perform operations with the GSM part with secpack from the current or next firmware version (> =), then in the 4.6 bootloader such operations are possible only with secpack from the next firmware version (>). In addition to everything else, writing to the area in which the bootloader is located, after its initialization, became impossible, which makes its "rollback" impossible.

This little nuance ruined everything. Why? Let's now see what software unlock is.

How does unlock work?

In the GSM part of the firmware, there is a check that the SIM card belongs to a specific operator. To be precise, the unique IMSI card code is verified. This code consists of the MCC (Mobile Country Code, country code), MNC (Mobile Network Code, operator code) and the subscriber ID MSIN. In the GSM modem, the MCCMNC number is checked, if it is in the allowed table (this list is called the lockstate table), the phone is registered in the operator’s network, if not, the GSM part is blocked.

Accordingly, to use the phone with any operator, this check must be bypassed. The only method to find a place in the GSM part of the firmware and modify it in such a way that regardless of what MCCMNC code is contained in the ICCID, the check is always successful.

For this, a complete copy of the GSM part firmware (dump) is made, which is unloaded and contains the area that needs to be modified, this area is modified. After that, the existing firmware is removed, and the modified one is written back.

Voila, and the phone is unlocked.

It would seem, where does the bootloader?

The key points in the unlock process are erasing the old version and writing the new one. If earlier, it could be done using secpack from the available one, then now it is necessary to have secpack from the next version. Those. Unlock will always be a step later.

By the way, another obvious blow: updating the modem's firmware makes it impossible to unlock it. Those. If you had a working 1.1.2, and suddenly updated to 1.1.3, in order to make a call, you will have to wait until the next update is released, containing an update of the GSM modem.

Yes, by the way, the “good” news: Pioneer of the unlock movement Georg Hotz has released detailed instructions on how to downgrade the bootloader by hardware. Very risky operation, I tell you. On the notorious forum hackint0sh.org, a huge number of stories about a failed attempt. According to the results of the last vote, every third was unsuccessful.

Well, well, the educational program on basic concepts can be considered complete. It remains to highlight a few more points.

The Shawshank Redemption

Applications. You probably noticed that in the previous paragraphs we talked only about the "native" phone applications. As you most likely know, the case was not limited to native applications. Of course, Steve Jobs made it possible to write applications for the phone, but only within the framework of the Safari browser. But this was not enough.

Quickly enough, the iPhone community of hackers found an opportunity to write their own applications for the phone. It took only a few months and the number of applications began to be measured in hundreds, increasing with each passing day. Today, you probably cannot imagine your life without at least a Russian keyboard (Hello, Slavik!). But this is a third-party application.

And the life of third-party applications is impossible without jailbreak

Jailbreak (literally "jailbreak") - the process of obtaining full access to the file system of the phone. The notion of jail came to us from the depths of the * nix community and means "locking" the user in a specific directory when he cannot access everything that is "above" in the file system tree.

Initially, the user has write access only to the / var / root / directory (where all user settings and media content are stored) on the phone. All anything, but just by passing everything else, it is forbidden to launch applications in this directory.

Jailbreak allows you to get full access to all folders and files on your phone (read, write and execute). Now, with the release of each update, all users (including "legal") watch the news and wait for the jailbreak to become possible.

By the way, the de facto standard was the Installer application, the name of which speaks for itself - this is a third-party application installer. Undoubtedly the most popular and sought-after iPhone app ever created outside of Apple.

About the dark past, virgins and bricks

Many people remember the times of the first phones, when unlock took 40 minutes, during which we watched the lines run in the terminal. Then the air was cleaner and the grass is greener.

As a gift from these times, we got the term virginization. It all came from where: the old versions of AnySim (iUnlock), by mistake were deleting a small area from the GSM part of the firmware - seczone. A table with a list of "allowed" MCCMNC codes and some unique key for each was stored in this area.

As it turned out, when upgrading from 1.0.2 to 1.1.1, the phone stopped accepting even the AT & T native SIM card, turning into a beautiful brick. The explanation is simple: when updating the firmware, the area in which the seczone is stored is not updated. Therefore, the firmware is trying to check for the presence of MCCMNC in a table that does not exist.

Then the concept of virginization appeared. Speaking in Russian: bring the phone to a virgin state, when the original firmware version is returned (without unlock) and lockstate is restored in the section.

Consequently, virginization is needed if and only if the phone is unlocked by the old versions of AnySim (up to 1.1) and iUlock.

About officially unlocked phones

As you know, European legislation does not look very well at the idea of ​​linking a phone to a specific operator. As a result, there is such a beast in the whole of France as a telephone officially untied from the operator (in Germany, T-Mobile won the court and stopped selling such phones).

But there is a small catch here - such phones can only be used in the country in which the operator is located. Those. if you bought an officially unlocked phone in France, you can choose any french operator for yourself, no more. With SIM cards of operators from another country, such phones will not work!





Hangup in the recovery process: this problem can often be solved by following the instructions in the article "iTunes for Windows: troubleshooting security problems." This error may appear as a result of an incorrectly specified default packet size. A third-party security system software can be installed on the computer by modifying the standard package size in Windows using the registry key TcpWindowSize. Contact the software developer who changes the default package size for assistance.

Cannot perform recovery. The device is not supported for the requested assembly: if this error appears, it is likely that the latest version of iTunes is not installed. Check the latest available version of iTunes on the page. http: //www.apple.com..unes / download /. If the latest version of iTunes is installed, then this problem may occur when trying to restore using the IPSW file of the previous version. Installing earlier versions is not supported.

Recovery cycle (request to restore again after successful recovery completion): this error usually occurs due to outdated or incorrectly configured security software. If it turned out that the problem is not related to USB, follow the steps described in the article “iTunes for Windows: Troubleshooting Security Software.”

Error 2: This error is often resolved by disabling and uninstalling third-party security or firewall software.

Error -4: this error may appear under the following conditions:

  • access to ports 80 and / or 443 is blocked;
  • a firewall, third-party security software or other Internet access settings block access to albert.apple.com and / or phobos.apple.com;
  • iTunes Store server overloaded.

Error 6: All actions described in this article can be used to resolve this error. You can often fix this error by following the instructions described in the article "iTunes for Windows: Troubleshooting Security Software." A third-party security system software can be installed on the computer by modifying the standard package size in Windows using the registry key TcpWindowSize. Incorrect package size may cause this error. Contact the software developer who changes the default package size for help.

Error 9: this error appears when the device unexpectedly disconnects from the USB bus, as a result of which the data exchange is stopped. This can occur if the user manually disables the device during the recovery process. This problem can be resolved by localizing the malfunctioning USB port, by using another cable from the USB to the dock connector, by using another USB port, by repairing it on another computer or by eliminating conflicts with third-party security software.

Error 13 and 14: these errors can usually be fixed by following one or more of the following:
Troubleshoot the USB connection, connect the device directly to another USB port on the computer.
Connect your computer and device using a USB 2.0 hub.
Try using another 30-pin USB cable to the dock connector.
Eliminate conflicts with third-party security software.
A third-party security system software can be installed on the computer, which can change the standard package size in Windows using one or several registry keys TcpWindowSize. Incorrect package size may cause this error. Contact the software developer who changes the default package size for help.
Connect your computer to the Internet directly without using routers, hubs or switches. You may need to restart your computer and modem to access the Internet.
Try using a computer that is known to be working properly and a network connection.
If the log file of the iPhone, iPad, or iPod Updater contains an ASR 1000 error, an error occurred during the unpacking and transfer of the IPSW file loaded during recovery. This error often occurs due to the use of third-party security software, an unstable Internet connection that causes loading errors, or USB bus conflicts.

Error 18 (or -18): this error occurs when the media library on the device is damaged and cannot be changed or updated. To solve this problem, try updating iTunes to the latest version and restore again.

Error -19: full text: "iTunes could not be synced to the iPhone" [iPhone name] "due to an unknown error (-19)." This error occurs when updating iPhone 3G to a later version of software, when iTunes tries to back up the iPhone during syncing. To solve this problem, follow these steps.
Deselect the “Sync automatically if iPhone is connected” checkbox in the Browse tab in iTunes.
Remove the iPhone.
Reconnect iPhone.
Select "Update."

Error 20, 21, 34, 37: these errors usually occur when the security system interferes with the recovery or update process. If your computer is running Windows, follow the steps in this article.

Error 23, 28, 29, 1002, 1011, 1012, 1013, 1014, 1611: these errors may be related to the hardware of the device. Follow the instructions in this article, and also try the recovery process using a known good 30-pin USB cable to the dock connector, computer, and network connection to determine the source of this problem. If the MAC address is missing or IMEI is the default value (00 499901 064000 0), then the problem is related to the hardware.

Error 48: To resolve this error, follow the steps in this article. See also the instructions in the “Recovering with a new user account” section above related to the location of the IPSW files.

Error 1015: An error occurs due to attempts to install an earlier version of the iPhone, iPad or iPod touch device software. This can occur when attempting to restore using an earlier version of the IPSW file. Installing earlier versions is not supported. In this case, try to restore the iPhone, iPad or iPod touch software using the latest version provided by Apple.

Error 1479: This error appears when contacting Apple during the upgrade or repair process. Shut down the program, disconnect the device from USB, reboot the device with iOS, reconnect the device to the computer, then start iTunes and try updating or restoring again.

Error 1602: try to solve this problem by following these steps.
Follow the USB connection troubleshooting steps and try connecting using a known-good cable.
Perform the steps listed in the description of error 1604.
Try disabling, deactivating, or removing antivirus, firewall, or other third-party security software, perhaps this will fix the problem. For additional security troubleshooting tips, see this article.

Error 1603: if this error occurs and the iOS device does not automatically go into recovery mode, you need to do it manually. For instructions on forcing the iPhone into recovery mode, see the article “iPhone and iPod touch: Cannot update or restore.” Also try deleting the IPSW file and then restoring it again. If you need to save the IPSW file in the current user’s folder, try restoring to a new user account with administrator rights.

Error 1604: This error is often associated with USB sync. Try using other USB ports, disconnect and re-enable USB ports, and perform troubleshooting steps for USB connections (troubleshooting USB connections, the device is not recognized correctly, your computer does not recognize a FireWire device or USB). If you are using a docking station, exclude it from the wiring diagram and connect the device directly with a 30-pin USB cable to the dock connector. If the problem could not be solved on a known-good computer, the device may need to be serviced.
If you didn’t solve the problem by troubleshooting the USB connection, and you don’t have the opportunity to connect the device to another computer, try the following steps to fix the problem.
Connect your device to iTunes and make sure that the device is in recovery mode. If not, put the device into recovery mode.
Begin the recovery process and wait for the error 1604 to appear.
In the window that appears, click "OK".
Close and restart iTunes without disconnecting the iPhone.
The iPhone device must be recognized by the program as being in recovery mode.
Try to restore again.
If you cannot solve the problem using the above steps, try using a known-good USB cable, computer, and network connection to restore.

Error 2000-2009: (2001, 2002, 2005, 2006, 2009, etc.) when these errors appear on your Mac, disconnect all third-party devices, hubs, additional cables, displays, reset the system control controller (SMC) and try performing system restore. Learn more about resetting system control controller (SMC) parameters. When using a computer running Windows, unplug all USB devices and optional cables, leaving only the keyboard, mouse and device plugged in, then restart the computer and try the recovery again. If this does not solve the problem, see the above described USB troubleshooting and articles that contain information on how to resolve error 1604. If you still cannot resolve the problem, the cause may be security software.

Error 3000-3999: (3002, 3004, 3013, 3014, 3164, 3194, etc.) errors whose codes are in this range usually indicate that iTunes cannot connect to gs.apple.com on port 80 or 443. The problem may be caused by outdated or incorrectly configured security software, a firewall, or proxy server settings for accessing the Internet. If you connect through a proxy server, try upgrading or restoring without a proxy server, or use a known-good network connection. If you cannot solve the problem using the above steps, then follow the instructions described in the article "iTunes for Windows: Troubleshooting Security Software." Error 3014 may indicate that it is necessary to free up space on the hard disk of the computer before resuming the recovery attempt.

Error 3002: If this error occurs when you update iPod touch (2nd generation) or iPhone 3G, perform the update or repair using iTunes in the standard way (click "Update" or "Restore").

Error 3004: If the problem was not solved by performing the steps described for errors 3000-3999, try closing iTunes and running the following command from the command line: dscacheutil-flushcache

Error 9807: if this error occurs, make sure that the date and time are set correctly on the computer.
If this does not solve the problem, open access to the following VeriSign servers:
evintl-ocsp.verisign.com;
evsecure-ocsp.verisign.com.

Access to these servers can be blocked by security software, content filtering programs, and anti-spyware programs. If using iTunes for Windows, follow the instructions provided in the article “iTunes for Windows: Troubleshooting Security Software”

Error 9808: to resolve this error, follow the instructions described in the article "iTunes Store: message about an unknown error during connection." If the problem was not solved using the above steps, and after a reboot, all settings are reset, then follow the instructions described in the article "iTunes for Windows: troubleshoot security problems."

Error 9844: Usually, this error is caused by incorrect firewall settings. See the beginning of this article for a list of ports and servers that need to be enabled.

Error 40265xxxx: errors numbered 40265xxxx usually occur during the restore phase from the backup after installing iOS on the device. The problem is solved by restoring and configuring the device as a new one. Before setting up as a new device, back up the device backup created by iTunes earlier, for example, copy it to your desktop. For information on where backup files are stored in your operating system, as well as additional notes on how to set up as a new device, see the article “iPhone and iPod touch: backup information”. ITunes backups store SMS messages, various bookmarks, and other program data.

As you all see a large number of "if" or "or", and each error needs its own approach and its own solution! Having rummaged, I found several solutions to problems with errors, and I need your help with closing Black Holes on this list:

2: Firmware is recognized, but cannot be used due to the fact that it is assembled and packaged incorrectly (usually an error occurs when working with custom firmware)

four: ?

5: Firmware cannot be installed either due to damage to the boot logos, or due to the fact that the device was entered into the wrong service mode (for example, the firmware is for DFU Mode, and you are trying to recover through the Recovery Mode)

6: Firmware cannot be installed either due to damage to the boot logos, or due to the fact that the device was entered into the wrong service mode (for example, the firmware is for DFU Mode, and you are trying to recover through the Recovery Mode)

9: It helps the introduction of the phone in the DFU and restart the computer.

10: Damaged or missing low-level loader LLB due to crookedly assembled custom firmware-Download another custom firmware or rebuild it yourself.

13: It helps to disable the protection of your computer (firewall, antivirus) .- either the problem of a USB cable or a 30-pin connector, or an attempt to install a beta version of iOS from under Windows.

14: You downloaded the broken firmware file, establish a normal Internet connection and try again.

18: ?

nineteen: ?

20: Go to DFU.

21:?

23: iTunes cannot read the IMEI or MAC address of the device’s hardware (the error is often hardware)

28: Hardware failure 30-pin connector, go to the service.

29: hardware hardware error, associated with flash memory. - rather Update iTunes to version 10.

48:?

50: Update iTunes to the latest version, log out of the account and log in again, disable the firewall and antivirus.

1004: - Itunes error, with the modified file "hosts". Suppose there are registered addresses of Sarik. If all lines are replaced with #, then there will be no error, but SHSH files will be taken directly from Apple servers, and therefore only for the latest firmware.

1002:?

1011: occurs on 2G, and 23 on subsequent models, means a BB error, that is, in these cases, you probably do not have everything: IMEI, bluetooth, Wi-Fi, Modem Unknown.

1013: The firmware version is too low (you tried to roll back the modem, which is almost impossible). Flash on a later firmware version.

1014: Installing a firmware on the phone that does not change the modem, i.e. The firmware gets up normally, but the modem does not correspond to this firmware. You must use the Kick Device Out of Recovery function in the TinyUmbrella utility.

1015: Installing a firmware on the phone that does not change the modem, i.e. The firmware gets up normally, but the modem does not correspond to this firmware. You must use the Kick Device Out of Recovery function in the TinyUmbrella utility.

1600: An error occurs when trying to flash custom firmware on a phone that is not correctly entered into DFU mode. Helps to fix the problem program iReb . With its help, enter the device in DFU mode and then select the desired custom firmware in iTunes.

1601: Change the USB port, or try on another computer.

1602:?

1603: Non-jailbroken device is restored to custom firmware.

1604: Attempt to flash a custom phone on a non-geared phone, make a jailbreak.

1608:?

1609: iTunes version is too old to work with the device.

1611: Change the USB port, or try on another computer.

1612:?

1639:?

2009:?

3004:?

3013:?

3014: Server problems, download Hotspot Shield and there will be no error.

3015:?

3194: Unable to request a suitable SHSH hash from the firmware signing server. It occurs if you redirected iTunes to the Cydia server via the hosts file or the TinyUmbrella utility, but there are no saved hashes for this firmware on the server. The solution is if you do not have SHSH, then you need to flash on the latest off. firmware.

9807: iTunes cannot contact the digital signature verification server, disable the firewall and antivirus.

9808: Disable verification of certificates in the Internet settings.

9844:?

4026xxxxx:?