The iPhone Dev Team says the iPhone OS 2.0 software can be jailbroken and unlocked, and have videos to prove it. But original iPhone hacker Geohot says that while jailbreaking is easy and original iPhones with older basebands can be unlocked, the iPhone 3G is a different story and will take much longer. What’s going on?!


Remember George Hotz? He was the fellow that figured out how to unlock the original iPhone by opening it up and soldering things to the motherboard, and goes by the nickname “Geohot”.

It was a hardware unlock and there were even step-by-step instructions for anyone to follow, but most of the world was waiting for a software unlock which came relatively soon after, making the hardware hack unnecessary.

Still, it was a world first at the time, and it netted him a Nissan 350Z sportscar, 3 iPhones, world fame and more: he was feted as one of the 10 top achievers under 21, won an Intel prize worth US $20,000 and now works for Google.

He was also a part of the iPhone dev team for a while, but had a falling out with them. Even so, he figured out how to hack the 4.6 Bootloader for the iPhone, which the iPhone Dev Team gives him credit for.

Now, despite Gizmodo reporting that the iPhone Dev Team has figured out how to unlock and jailbreak the iPhone OS 2.0, it seems this is only for original iPhone 2G models. The iPhone 3G will be jailbreakable, but not unlockable, yet.

As Geohot explains, unlocking and jailbreaking are two different things. Unlocking lets you use any SIM card in your iPhone, while jailbreaking allows you to run unauthorised third party software on the iPhone and get into its software internals.

Before we get into Geohot’s post, it’s also important to understand a bit of iPhone hacking history. In short, another hacker out there is known as Zibri, of ZiPhone fame.

Turns out he’s accused of either “stealing” or “borrowing” some iPhone Dev Team code and then creating the ZiPhone unlock tool, which some say can permanently disable the Wi-Fi or Bluetooth of your phone because of poor coding.

Now ZiPhone’s software has worked fine for me and others that I know who have used it, but then I’m not a super iPhone hacker with intimate knowledge of hacking nor the intimate details of who backstabbed who in the iPhone hacking scene.

In any case, understanding that ZiPhone has been accused of stealing others’ work makes Geohot’s statement on the true status of the iPhone 3G unlock make sense – if you didn’t already know the background.

So, what does Geohot have to say about the iPhone 3G unlock, specifically to explain why he thinks it isn’t coming anytime soon? Please read on to page 2.


In a post titled “iPhone 3G Unlocked?”, Geohot says: “So I read this [about the iPhone OS 2.0 unlock and jailbreak] on gizmodo. Here's the truth...

“Post beta 4, the ramdisk hack stopped working. Sorry Zibri, guess you'll have to steal another exploit. They also changed the recovery mode USB protocol to use the control endpoint to send commands.

“The possiblity of unlocking, which is very distinct from jailbreaking, is based entirely on the baseband bootloader. Apple doesn't appear to upgrade the bootloader on phones in the field, probably for fear of breaks. So any old iPhones out there today, regardless of version, can be unlocked.

“The iPhone 3G uses a different bootloader, which I believe there aren't any known exploits in yet. So no unlock.

“There is a known exploit in iBoot, on both the old and 3G iPhones. The "the specific date/time is not firm yet" pwnage tool will leverage it to jailbreak all 2.0 software iPhones, 3G and otherwise. Dev team, that date better be soon or I might just have to release yiPhone . The iBoot exploit is yours, use it. You wouldn't want a repeat of ZiPhone now...”

Here Geohot ends, basically saying the original iPhone 2G can be jailbroken with the iPhone Dev Team’s software, and presumably unlocked as well, but as the iPhone Dev Team is taking its time in actually releasing its software, Geohot has put a counter at YiPhone.org to release his own jailbreak/unlock tool.

YiPhone is also a dig at Zibri and his "ZiPhone" software, with a picture above the counter that has George Hotz's head on the body of Zorro, and a 'Y' in the 'Zorro Z' font, which is funny.

This counter runs out at Tuesday, 6pm US time. I can’t remember exactly which timezone it is but you can see the counter running down at YiPhone.org now.

This challenge quite annoyed the iPhone Dev Team, who put out an explanation as to why they weren’t rushing to release their hack just yet, while also earlier releasing videos to show that their “Bootneuter” program was working on an original iPhone 2G to unlock it just fine.
Still it’s worth reading at the iPhone Dev Team site because of the many comments, most of which praise the Dev Team, suggest that Geohot is doing some of his own code stealing/borrowing and/or ask the Dev Team hurry up and release anyway. You'll also find my thoughts on the issue on pages 4 and 5.

The iPhone Dev Team won’t be rushed, however, as they explain in a post entitled “Rush, Rush, Rush”.

The post says: “Over the last year we’ve discovered some interesting things about the software used in the iPhone. These “hacks”, “exploits” and “techniques”, or whatever you want to call them, are valuable - not only from a financial perspective (so scummy people can sell unlocking software) but also from a strategic point of view. Think of it like a game of poker, showing your hand too early would certainly make you lose “the game”.

“The majority of iPhone users are not technical - they want an easy, one-stop, simple application that will allow them to quickly and painlessly unlock their phone. If we were to release a crummy command-line based tool that does the immediate job that everyone is screaming for, we’d only end up in the following situation:

“1) The technique is released to the world and people use this technique to quickly create GUI apps that they charge cash-money for, or re-release something hacky and horrible that bricks lots of devices, or for example disables the WiFi that then causes more stress that ultimately comes back to us

“2) The technique is exposed to the vendor, allowing them to locate and repair the security hole. Sometimes these security holes span product versions, for example: between the first generation and second generation iPhone. In such a case releasing the knowledge in the middle of the product development cycle is pointless and risks the “usefulness” of the technique - especially if there are existing hacks/techniques that work just fine.

“The iPhone DevTeam is comprised of a group of people who work together over IRC from various parts of the world. This distributed method of working happens 24 hours a day with people performing tasks in the time that best suits their time-zones. It is a completely self-managing, self-regulating and member-funded organization.

"Most of us have never met face-to-face and we rarely know real names - in fact, we would more than likely not recognize each other if we walk past one another on the street. Despite this we follow a strict “hacker code”: ground rules by which we all abide.

“Perhaps the foremost of these rules is management of knowledge. We keep certain information private, restricted to members of the team only (to help with points 1 and 2 above), and members are entrusted to make sure this secrecy is consistently enforced. This makes the team. Only when there is a majority vote from the team do we make any announcement or release.

“So now we come onto Geohot, the self appointed media frontman for last year’s iPhone hacks. Geohot actually worked with us a month or so before the media-circus that he led. Geohot is certainly a bright guy, but he couldn’t abide by rules that I described in the last paragraph and because of this he was asked to leave the team. Of course like any hacker Geohot continued on for his goal.”
”Using some of our techniques and tools (and some of his) and using his own brain power (and that of an unnamed Russian) he was able to release his hardware hack and demonstrate the first unlocked iPhone to the world, he has also demonstrated other things during the last year and some of those releases have helped us with our work.

“We thought that Geohot would have matured somewhat in the last year, but this clearly isn’t the case, as sadly one of the team members has leaked a copy of our exploit to Geohot and he is now using this to provoke us into making an early release :-(

“So finally, just in case some of you were wondering, we’re not sitting on this tool because we’re full of ourselves or stuck up our own asses. We’re not sitting on it cause we like to see you writhe.

“We are testing it to make sure it’s as glitch-free as we can make it. We want to avoid releasing something that turns expensive phones into pretty looking paperweights. Don’t you agree it’s worth the wait?

“If others want to feel like they’re in control by posting all-knowing entries on their blogs, we can’t stop that, but the new PwnageTool will be released when it’s ready, and not a moment later.”

So... that ends the iPhone Dev Team’s explanation of why there’s no software yet, but we’ve learned a few things.

It seems that Zibri won’t be updating ZiPhone until he figures out how to unlock the iPhone 3G baseband himself, or someone shares those details with him, as the hack he (and others) were relying on has been fixed up, as Geohot has explained - although Zibri is welcome to surprise us all!

The iPhone Dev Team seems to be confident they’ll figure it out, but in the meantime have an unlock and jailbreak for iPhone 2G models, and seemingly a jailbreak (but not unlock yet) for iPhone 3G models, because their 'BootNeuter' video specifically states it is for original iPhone 2G models in the description on the right hand side of the video.

The iPhone Dev Team hasn’t released its tool yet but Geohot is goading them into releasing it early, or he will release his own, but the iPhone Dev Team say that’s because one of their number shared their findings with Geohot.

Ah, iPhone hacker politics. Of course the users out here just want the software, and want it to work reliably so it doesn’t brick their iPhones.

I really wanted to just try and load iPhone OS 2.0 on my 2G 1.1.4 firmware iPhone anyway, but after reading so many horror stories of phones now re-locked and unlockable without new software, and difficulties in getting an OS 2.0 device back to 1.1.4, I’m still waiting as I’ve personally advised is the best course of action anyway.

Instead, I’ve updated my iPod Touch to OS 2.0 firmware instead, but that’s a whole other article which I’ll be writing soon!

So... iPhone 2G owners with unlocked devices wanting the new iPhone OS 2.0 software goodness just have to wait a bit longer. Yes, after having used it on my iPod Touch, the new software rocks.

It’s still a bit rough in places it would seem, things seem to crash here and there, but it’s lovely nevertheless and I can’t wait to put it on my iPhone 2G!

But not until the software is available, otherwise my iPhone will become an iBrick, and I sure as heck don’t want that to happen!

It’s happened to me in the past with previous firmware updates and unauthorised third party software issues that went awry, and even though I was able to successfully restore my iPhone back to normal working condition relatively quickly, I can assure you the feeling of dread that I’d bricked my iPhone and may not have been able to restore it was a very, very unpleasant feeling.

So... feel good with 1.1.4 and wait. It’s much nicer to wait with a working iPhone than a dead one! And if you have an iPod Touch, pay the upgrade fee (US $10 or AUD $12.99) and upgrade it already. It rocks!

A fuller review of iPod Touch OS 2.0 software is coming later today.

http://www.itwire.com/content/view/19419/1103/