Unlock an AT&T iPhone 3G (with iOS 4.1 or 4.2.1) For Use With T-Mobile (PwnageTool Edition)

11:07 pm Mobile Devices

iphone3g-pwnagetoolMy friend gave me his old AT&T iPhone 3G. I decided to unlock it for use with T-Mobile. On the web, there was a lot of info on how to go about doing the unlock and a lot of caveats. I wanted to summarize my findings below and provide details on how I went about the process of unlocking the iPhone 3G. (Though I did the unlock on Mac OS X, the instructions for Windows are the same.)

Note: I decided to remove the AT&T SIM card to see if I could do the unlock without it. This would be useful for those who got their iPhone 3G without an AT&T SIM card. It turns out that the AT&T SIM card is not required. (To remove the SIM card, locate the card slot at the top of the iPhone 3G with a visible little hole. Insert the end of paperclip into the hole, push down gently, and the SIM card holder will pop up.)

Some important pointers:

  • There are software and hardware unlocking methods. The hardware unlock usually requires a custom SIM card overlay or a custom SIM card holder. I will be doing a software unlock.
  • An iPhone has two very important information, the iOS version and the baseband version, which determines whether the unlock is possible. Confusingly, some websites will refer to the iOS version as the “firmware” version and Apple refers to the baseband version as the “modem firmware”.
  • An official Apple iOS version update may also include a baseband version update. Unlock is very dependent on the baseband version so be very careful to avoid official Apple iOS upgrades unless you know what you are doing.
  • In order to unlock, you must jailbreak first. The popular jailbreak methods (like RedSn0w and PwnageTool) will include a way to preserve the baseband version. PwnageTool creates a custom upgrade file (ipsw) by modifying the official upgrade ipsw file to remove the baseband version update.
  • The software unlock method “UltraSn0w” that I plan to use supports only specific baseband versions.

First, we need to figure out what we are working with:

  1. Determine the iPhone model by looking at the back of the phone for the model number. Check the Apple site to find a match. My iPhone had a model number of “A1241” which matched with “iPhone 3G”. (I couldn’t tell visually whether I had an iPhone 2G, 3G, or 3GS.)
  2. Determine the iOS and baseband versions by going to “Settings->General->About” on the iPhone. My iPhone 3G had an iOS “Version” of 4.1 and a baseband “Modem Firmware” version of 05.14.02.

Unfortunately, my iPhone 3G had a baseband version 05.14.02 which was not supported by UltraSn0w according to this UltraSn0w unlocking tutorial. If I upgrade to iOS 4.2.1, the baseband version would be upgraded to 05.15.xx which is also not supported by UltraSn0w. The workaround is to upgrade the baseband to the 06.15.00 version, which is surprisingly provided in the iPad 1 iOS 3.2.2 image.

Updating to 06.15.00 baseband is not reversible (back to 05.14.xx or 05.15.xx) so it would void the Apple warranty (I didn’t care because the iPhone is out of warranty) and future upgrades would require custom ipsw images. To me, it looks like Apple doesn’t plan to upgrade iPhone 3G past iOS version 4.2.1 and even if that were to happen, I could figure out how to use PwnageTool to create the necessary custom ipsw image. So, I made the decision to upgrade the iOS version to 4.2.1 and the baseband version to 06.15.00 so I could unlock using UltraSn0w.

According to the UltraSn0w tutorial, I could jailbreak and update to 06.15.00 using either the RedSn0w jailbreak tutorial or the PwnageTool jailbreak tutorial. I decided to use the PwnageTool because it would allow me to avoid having to do an official Apple iOS upgrade to 4.2.1 (required by the RedSn0w method) and it would allow me to get familiar with PwnageTool (I have used RedSn0w before).

To perform the jailbreak, I followed the PwnageTool tutorial step by step:

  • Before starting, I connected my iPhone 3G using the USB cable and quit the iTunes application.
  • In step #1, make sure to download the specific version 4.1.3 of PwnageTool requested (I tried the latest version 4.3.3.1 which wouldn’t accept any of the ipsw files), the iPhone 3G iOS 4.2.1 image file “iPhone1,2_4.2.1_8C148_Restore.ipsw”, and the iPad 1 iOS 3.2.2 image file “iPad1,1_3.2.2_7B500_Restore.ipsw” (which contained the 6.15.00 baseband).
  • In step #5, the first ipsw file to select is the iPhone 3G iOS 4.2.1 ipsw image file. The second one to select is the iPad 1 iOS 3.2.2 ipsw image file containing the baseband.
  • Step #6 was a little confusing. After reading it a couple of times, I got that if you plan to use the iPhone with the service provider it was originally locked to, then do not check the “Activate the phone” option. If like me, you wish to use an unofficial service provider (I’m using an AT&T iPhone with T-Mobile), then check the “Activate the phone” option. (For me, the “Activate the phone” option was selected by default.)
  • Also in step #6, my “Root partition size” was set to 731MB by default. I manually increased it to 834MB to match the picture in the tutorial. (I don’t know if this was necessary or not, but I figured it could only help.)
  • During step #12, when following PwnageTool’s steps to put the iPhone into DFU mode, the iTunes application was automatically started. I minimized iTunes and restarted the PwnageTool DFU instructions. When the iPhone entered DFU mode, iTunes threw an error dialog saying there was an unrecognized device. I had to disconnect and reconnect the USB cable in order for iTunes to recognize the phone properly and the DFU mode. (Now that the iPhone was in DFU mode, I quit the PwnageTool application.)
  • Once the iPhone was successfully restored (using the PwnageTool custom ipsw image) and restarted, I verified that the “Settings->General->About” listed the Version as 4.2.1 and the Modem Firmware as 6.15.00.
  • Whew, I was really glad the iPhone came back to life because I was waiting for a long time. The restore took about 10 minutes and the restart took several minutes.

To perform the unlock, I followed the original UltraSn0w tutorial step by step:

  • Before starting, I configured the iPhone (Settings->Wi-Fi) to connect to my wireless network.
  • In step #2, Cydia took a couple of minutes to update itself on initial startup. Then it asked me if I would like to update packages. I selected the “Complete Upgrade” option which took several minutes to complete and required a reboot. (Once Cydia was done with the update, it showed a large Reboot text at the bottom of the screen; I just tapped on the text to do a reboot.)
  • In step #3, I clicked on the Cydia Search tab to find and install UltraSn0w (that’s a number zero in the word “sn0w”). The UltraSn0w installation also required a reboot when it completed.

Finally everything was done. I shut down the iPhone, inserted my T-Mobile SIM card, and restarted. After startup, the iPhone took a couple of minutes to find the T-Mobile network. Because my T-Mobile plan did not have a data plan (and I didn’t want to be charged for one), I disabled the 3G connectivity function by going to “Settings->General->Network” and setting the “Enable 3G” and “Cellular Data” options to Off. I then tested the iPhone by taking a call, making a call, receiving a text, and sending a text. It works, yeah!

Unfortunately, when using PwnageTool to create the custom image earlier, I neglected to enable the very useful battery percentage indicator (which RedSn0w enables by default). To enable the battery percentage at this late stage, I found a useful guide, Enable Battery Percentage in iOS 4 on iPhone 3G without Redsn0w, which worked for me. (Hint: You may need to install “cmd-files” before you can install “iFile”.) After restarting the iphone, I went into Settings->General and turned on “Enable Battery Percentage”.

Hopefully the above is helpful. Good luck with your unlocking.

2 Responses
  1. Pazz :

    Date: September 19, 2012 @ 1:05 pm

    Hello,

    I’m writing to see if I could get your advice.

    By the way, I like the name of your website — Do It Scared. Cool.
    That’s a great name.
    I writing, a bit “Scared” . . . . LOL

    Let me preface to say, I apologize for my ‘grey’ areas and any uneducatedness with this Jailbreak process. I have been reading and researching alot. There’s so much out there, it’s a bit confusing.
    Don’t know if what I want is possible, but I’ll just lay it out, if you don’t mind. So, thank you for your patience.

    This is where I’m at with my iPhone:
    – It’s an AT&T iPhone 3GS 32gb
    – iOS 4.1 (8b117)
    – 05.14.02 Baseband
    – Model MC138LL
    – Purchased on eBay.
    – I set it up to use Straight Talk Unlimited

    I do know the limitation issues with iOS 4.1 and 05.14.02 Baseband for Jailbreak.
    I’ve read and noted the importance of doing a Backup and Restore before Jailbreak. This is what I found:
    “You’ll get a better Jailbreak and a more reliable Jailbreak if the device is wiped first, which a shift-restore/option-restore does, where as an upgrade does not.
    I know this is going to be difficult to decide to do, but it’s 100% worth it to set the iPhone up as a new iPhone after the restore. Before doing this, make a backup of your iPhone backup.”

    Recently, I read …. “Don’t unlock your phone. It will be worth less for resale.”
    Straight Talk uses the AT&T Network, so I don’t need to get a different carrier.

    I do want to get MMS.
    Want to do an Untethered Jailbreak and upgrade to iOS 5.1 ….. ?
    … or at least .. iOS 4.3.5 (in other words, upgrade as high as possible).
    Not unlock unless it needs to be.

    Maybe, I’ve been over-research and reading.
    I just want to do this right and not look back in regret.
    Your guide above seems to closely match my iPhone specs. I read all of your “Unlock an AT&T iPhone 3G (with iOS 4.1 or 4.2.1) For Use With T-Mobile (PwnageTool Edition)”

    Before I commit to beginning I wanted to possibly get your take.

    I appreciate any advice you may have.
    Any recommended guides or tutorials.

    Thank You Very, Very Much

  2. Chanh :

    Date: September 22, 2012 @ 12:10 am

    Hi Pazz,

    Sorry for the delay in my reply. Sounds like you did the research and should be okay. I think that a tether-less jailbreak and unlock actually improves the resale value. My thinking is that the iPhone is out of warranty and the jailbreak/unlock increases the options (lets you use it with other GSM providers inside and outside the USA) without breaking anything official (like buying apps or music from the iTunes store).

    Also, if you get into any complications, there are ways to get out. You can always redo the jailbreak and unlock from scratch. Please see my more recent article Repeat a Jailbreak and Unlock on iPhone 3G iOS 4.2.1 for troubleshooting pointers.

    Hope that helps and good luck with your jailbreak.
    Cheers – Chanh

Leave a Comment

Your comment

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.