Free your iPhone


I wasn’t going to post this – it’s a freakin phone after all. But I’ve gotten quite a few tips on it, and I’d like them to end. [George] made a concerted effort to hack the iPhone – and it paid off. After his crazy ebay auction that topped out at 99,999,999.99 last time I checked, he ended up trading his first phone for a Nissan 350z and a few more iPhones.
He documented his process, step by step – if you’ve got the skills, you can probably do it yourself. The soldering work is damn fine work – probably the hardest thing there is. The write up is a little hard to follow, so plan on taking some time to comprehend everything. (Blogging software isn’t the best way to organize how-tos, trust me on this.) My hats off to [George], he did some great work. – So, why didn’t I want to post it? All this work yielded one thing: carrier choice for the iPhone.

Comments

  1. Karl says:

    Of course, it only sorta enabled carrier choice. In the US, T-Mobile is the only other carrier that uses GSM.

  2. Chris says:

    my friend knows some of georges close friends, he go to another school in the same district as him

  3. Bob says:

    He got a 350z and 3 iphones just for unlocking his freaking iphone!

  4. jackboy says:

    Or you could just go the software route:

    http://www.iphonesimfree.com/

  5. m4dm4n says:

    Do you think theres a chance that in the future updates may render this hack inoperable or broken? Surely they didn’t actually hard-wire the phone to that setting…

  6. phrogg says:

    karl – Not true. T-mobile isn’t the only other option. I know Cellular One (as bad as they are) uses GSM as well, along with several local providers.

    jackboy – Why pay for it when you can hack it yourself? This is, after all, HACK-a-day, not BUY-YOUR-SOLUTION-a-day.

  7. phnx says:

    No way in Hades would I trade a 350z… It’s a craptastic phone that shows that Apple really does suck… A pocketPC beats an iPod all to hell, the only real advantage Macs have on PC’s is in high end music and video production. iTunes is DRM locked crap. And now the iPhone… that whole only available through AT&T in the US while they sign with almost every European cellular carrier.

    I’m looking forward to a day when people wake up and do something about this corporate crap…

    *huh…what? Oh… The soapbox area is over there? sorry…*

  8. HeBD says:

    interesting. its gms _only_ in australia…
    so much more use here ;) thanks for the post.

  9. n0qbh says:

    Makes me wish IBM would enter the egg laying milk pig phone fray. At least it would probably be an open design. That’s why 90% of all computers are PCs.

  10. opg says:

    I heard the interview about this on NPR. Nice job!

  11. rmadmin says:

    This is one hot hack. Blood sweat and tears. love it.

  12. beak42 says:

    carrier choice is kinda of a major advance for all of us outside the US :)

  13. danielpops says:

    So anybody out there agree with my conspiracy theory?

    Apple, frustrated with their narrow minded exclusive contract with AT&T, either payed this kid or encouraged the kid to perform this righteous hack, to utilize the other millions of potential i-phone customers. Now they will have an immense rise in international sales and like somebody else mentioned the local cell providers as well as tmobile. Hats off Apple, well done. Theres no way they would have done it though unless they covered their asses every step of the way. you know they don’t want to get caught up in a scandal like that…. but i truly think this is what happened.

  14. Nubaeus says:

    I friggen go to school with George Hotz. I’m put to shame

  15. cde says:

    @danielpops: If you’re going the tin foil hat route, atleast do it right. Apple, as any company looking for profits, did it a hardware way as to maximize the number of fried by soldering iron dead iphones which means more iphones bought by the masses. If they were going your way, it would be software only that the one person would release every month.

  16. beak42 says:

    hey danielpops,
    wikipedia says that apple gets 10% of all voice/data calls of most its partners with iPhone. I think they are in a pretty good deal already without unlocking the phone.

  17. Cameron says:

    Um, just about every online music provider has DRM locked music. iTunes is far from the only one.

    And you say that Apple is corporate crap?
    What about Microsoft?

  18. mikey says:

    He says that he ties the A17 high. I’m wondering if he eventually releases the line, because if not, what ever part [CPU?] is driving the A17 address line (trying to toggle it, will be constantly stressed and could potentially get blown. I guess it doesn’t matter if that’s all you ever want on that line, is a logic 1. But, I’m wondering if eventually, blowing that I/O will have any adverse effects elsewhere inside the CPU (probably not).

  19. andrew says:

    yeah I noticed that too… directly driving an already-driven logic line to an opposite level can very well damage the driver (in this case, the CPU A17 driver). Generally bus drivers are pretty robust, but even so… I would have used a low value resistor and seen if I could still get the line level below V-sub-IL. :-)

    Can this be prevented with a software update? Yes and no. They can relocate the table elsewhere and make it more difficult, and they could always rev the board such that all address lines are on internal board layers. That’d pretty much put a stop to this, especially if there are parts on both sides covering the vias.

    Very cool hack though, my hat’s off to this guy.

  20. phrogg says:

    @danielpops:
    Ooh! I want a foil hat, too!!

    But if they were going to release it with this hardware hack and risk people winding up with $600 paperweights, why wouldn’t they have used any of the other 4 known solutions that -dont- require voiding your warranty? Granted, it would drive up demand for replacement iPhones, but how many people would actually shell out $500-600 for a phone, brick it, and then buy another one to try again?

  21. phrogg says:

    @mikey:
    Three israeli fellows have come up with a less-risky version that doesn’t require solder.
    Apparently, the a17 tie-in is only used to unlock the phone initially, and is not needed after that:
    http://gizmodo.com/gadgets/another-one%3F/new-hardware-iphone-unlocking-method-wont-void-your-warranty-if-you-are-careful-294054.php

  22. TJHooker says:

    No offense, but you’ve gotta be a self indulgent, materialistic, moron -to trade a car for a unlocked cellular phone/PPC.

    I seen a harder BUS level hack than this on a Siemens about a year ago, and people forgot about it days later.

    I’d actually bet a car that the person who traded the car as well as the auction crowd all have at least one pair of black framed non-prescription eye glasses.

    On the other hand I can appreciate how George exploited society’s need to be pretentiously isolated in this consumer plagued world we live in today.

    I bought a knockoff :p

  23. Crash says:
  24. lucas says:

    Not knocking the accomplishment either – just had to say, like many, was baffled by the media coverage this got.

  25. Adam C. says:

    I went to elementary school with that kid in glen rock, nj. he was taking apart ibms in first grade. lol

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,253 other followers