In some ways, this post is of limited value – as it’s for a first generation iPhone, running on iPhone software v1.1.4 – both of which will become old technology on Friday 11 July 2008. Even so, I expect the market to be flooded with secondhand iPhones over the next few days and contract-free devices will sell for more money than those still locked to O2. In time, the hackers will unlock v2.0 iPhones but, for now, v1.1.4 is the one to get.
I’ve been happily using my iPhone on an O2 contract since last November but, tomorrow, my iPhone auction on eBay will end and I wanted to get it ready for sale.
Last week, I unlocked (and “jailbroke”) the iPhone using iLiberty+ v1.5.1 for Mac and tested it with a Vodafone SIM (before listing it for sale) but tonight I followed the instructions to securely wipe the iPhone before I finally send it to the new owner.
When I first jailbroke my iPhone, I found that I’d entered a whole new world of mobile application possibilities. When I first thought about getting an iPhone and using it with my previous (Vodafone) contract, I was concerned about the impact of unlocking and jailbreaking the device but I am amazed to see just how many applications the AppTapp installer provides access to (especially with the Community Sources package installed). I really hope this ecosystem of iPhone underground application development is not killed off as the official Apple App Store route to market takes over but I guess, as long as the device is tied to a particular operator in each market, there will always be people who want to use their iPhone on another network (and I found that jailbreaking takes no more effort than unlocking the device).
So, with my iPhone restored to it’s factory defaults, then jailbroken, installer added to the splashscreen, the handset activated and unlocked, I set to work installing the BSD Subsystem 2.1 and OpenSSH. At first, I was downloading applications over O2’s 2G network, which took a long time (the BSD subsystem is 5.1MB), but then I figured I could share my MacBook’s Internet connection over Wi-Fi and that speeded things up considerably.
Even though I could ping the phone (the IP address is displayed in the Wi-Fi settings), I was having trouble connecting to the phone, with my terminal session reporting:
ssh: connect to host 10.0.2.3 port 22: Connection refused
Googling turned up various posts suggesting using the BossPrefs application to ensure that OpenSSH is running but I couldn’t get BossPrefs to complete its own installation.
Eventually, I figured that I could use iLiberty+ to install OpenSSH, after which I was able to copy a previously-downloaded copy of the
umount utility to the iPhone:
scp ~/Desktop/umount root@ipaddress:/sbin/umount
After entering this command, something similar to the following should be displayed:
The authenticity of host ‘ipaddress (ipaddress)’ can’t be established.
RSA key fingerprint is 8d:0c:46:44:6c:ff:25:7c:c3:d6:49:1b:6a:c5:31:8b.
Are you sure you want to continue connecting (yes/no)?
To which the, answer is
yes. Then you should see:
Warning: Permanently added ‘ipaddress‘ (RSA) to the list of known hosts.
Next up, should be a password prompt:
The default password (at least for iPhone v1.1.4) is
alpine and, once this has been entered, umount should finally be copied to the iPhone:
umount 100% 15KB 14.6KB/s 00:00
A few more commands are used to set execute permissions on umount, to do some Unix magic with mountpoints and then to copy lots of nothingness across both the partitions, as Jonathan A. Zdziarski describes:
chmod 755 /sbin/umount
umount -f /private/var
mount -o ro /private/var
mount -o ro /
cat /dev/zero > /dev/rdisk0s2; cat /dev/zero > /dev/rdisk0s1
This will take a while (I think it was about 45 minutes in my case) and when it’s done, you should see a couple of I/O error messages and a return to the shell prompt (#):
cat: stdout: Input/output error
cat: stdout: Input/output error
The iPhone GUI is also likely to be unresponsive (that is expected).
So, with all data removed, I could put the iPhone into recovery mode once more to restore its factory settings and then jailbreak/activate/unlock it for the final time. After a test with the Vodafone SIM inside the iPhone to call my O2 SIM (in another handset) I had confirmed that the handset was successfully unlocked and ready for its new owner.