A Complete Guide on How iPhone Unlocking Works

A Complete Guide on How iPhone Unlocking Works
Page content

Since the launch of the iPhone, it has been thoroughly cracked and hacked despite continuous efforts by Apple Inc. But, Mr. Steve Jobs CEO of Apple Inc. still says that he will make every effort to make it impractical for hackers to unlock the iPhone in the upcoming versions. To find out how current iPhone unlock works, continue reading below.

iPhone Unlock History

Hardware Unlock

The first iPhone unlock was achieved 60 days after the iPhone was launched. This hardware based unlock required opening up the iPhone in order to short some pins while running software, as done with other mobile phones. However, many people were not comfortable with this method. Some people tried it and successfully unlocked their iPhone while others got their iPhones destroyed. All in all, it was not the kind of method for fainthearted people.

SIM Unlock

Some time later, a New Jersey and Russian hacker together found out a way to unlock the iPhone. This new patch required changing 2 bytes in EEPROM (Electrically Erasable Programmable Read Only Memory) and using a hardware shot to trick the iPhone chip into using a different bootloader. This was loaded into a SIM size chip and attached to the SIM itself, which was then sent the command to unlock the baseband. However, the chip was required to be put in with the SIM forever and consumed a very small amount of battery.

The Unexplained Unlock - How iPhone Unlocking Works?

Soon after the SIM unlock, a new hardware based unlock was brought into the market by an unknown commercial company, which reverse-engineered the original hardware unlock method. A few weeks later, DEV Team, after finding out how to get past the baseband security, released a free software based (programmatically complex) unlock for iPhone users.

How DEV team worked?

Being a smartphone, the iPhone is a pocket sized computer that contains two processors. One a fast speed processor for handling the Apple’s X O.S, a UNIX based operating system and the other being a low speed processor for handling phone features like calling, communication, etc. Some people refer to the second part of the CPU that holds the data as baseband or firmware.

Apple never wanted the iPhone to be used in other countries, except the US and had therefore applied a subsidy lock (your iPhone runs only with an authenticated service provider like AT&T).The baseband or firmware was designed in such a way that it could not be read or written by any software except iTunes and also iPhone was to be activated by iTunes only.

Initially, it was difficult to get past these security barriers, but after the hardware based unlock, DEV Team figured out how to get past the security and break into the baseband to unlock the iPhone. Unlocking an iPhone often called jailbreaking is a simple process in comparison to SIM unlock, which requires a lot of effort.

To unlock a SIM, DEV team had to get past the CPU chip and the baseband chip, which means data loaded into the baseband chip had to be digitally signed by Apple; otherwise, the entire process would fail. However, DEV Team got their hands on the digitally signed encrypted Apple key, which they have been using to design simpler versions of iPhone unlock.

Quick Overview of Unlock Process

  1. Boot iPhone into recovery mode. Dump and rewrite the existing firmware with the modified version.
  2. Manually execute the command to unlock iPhone
  3. Reboot iPhone.

A BIG Thanks to DEV Team for their efforts.

Image Credit: Screenshot by softsailor.com