Dev-Team Blog
To find yourself, think for yourself © Socrates 469 BC
‘Tis the Season to be Jolly! - yellowsn0w 

Now that you guys have got used to the sunburn and blindness caused by the glare of our new blog template, we can get back to normal business. We’ll give you some updates and also tell you our schedule for the festive season.

Over the Christmas break some of our members will be talking at the Chaos Computer Club’s 25C3 Congress. This talk will be a juicy technical talk relating to iPhone platform and our previous exploits. You can see more information about the talk “Hacking the iPhone” and some more info at the CCC event blog. There is even a super-cool TeamPwnapple T-Shirt ;-)

3G Unlock

We have been working hard on a few other things. The main one being the 3G unlock codenamed “yellowsn0w”. This is now completed and is currently being packaged into a user-friendly application with the simplicity that you see in QuickPwn or BootNeuter.

  • The target release date for the unlock is New Year’s Eve 2008.
  • This unlock method is available to iPhone 3Gs that have 2.11.07 baseband or earlier, we did warn you.
  • You can tell what version baseband you have by going to Settings->General->About->Modem Firmware
  • The unlock requires a jailbroken 3G iPhone.  It’ll be installable via Cydia and so it doesn’t matter if you have a Mac or PC.
  • Please refrain from updating your baseband, regardless of what version you’re at.  We’ll have complete directions on New Year’s Eve.
  • We’ll stream a live demo of the unlock before Christmas (see the update at the end of this post)

DFU Issues in OS X 10.5.6

Lots of users have been experiencing problems with the use of DFU mode after applying yesterday’s 10.5.6 system update.

We believe this behavior is due to a kernel bug not a specific countermeasure by Apple. Possible fixes are (try at your own risk!) -

1. Replace the following plugin kexts from within IOUSBFamily.kext with the ones from 10.5.5 and then rebuild kextcache (if you don’t understand this, then you shouldn’t attempt it!)



2. Use a USB hub in-between the DFU device and the Mac and insert/reinsert the iPhone’s USB cable.

3. Use a PwnageTool created .ipsw on Windows! Oh the irony!

iPod touch 2G

Currently we are not investigating the iPod touch 2G. Other people outside the Dev-Team are looking into this, but we are not at the moment. Please don’t hassle us with comments and requests about this, they’ll just be deleted and ignored. If we do look at this device it will be sometime in the New Year and we’ll inform you guys if and when we commence this work.

We would like to reiterate that this is not because -

  1. We are mean
  2. We are turning our back on the iPod touch community
  3. We have been paid off by JFK, Princess Diana or Elvis

This is because -

  1. It’s not an iPhone
  2. We have been busy with the 3G unlock.
  3. We have been busy with the CCC talk.
  4. Only one of us has a iPod touch 2G (but we’ll see what Santa brings)
  5. Our employers don’t get as excited as us about hacking expensive pretty devices
  6. Unfortunately our partners, parents and pets need occasional attention too.

Update: Live Demo

Sometime before Christmas, MuscleNerd will show a live demo of the unlock (and some other random nucleus and pwnage stuff).  It’ll be streamed live via the awesome Qik application, and announced via his Twitter account just as the broadcast begins.