My friend gave me his old AT&T iPhone 3G. I decided to unlock it for use with T-Mobile. On the web, there was a lot of info on how to go about doing the unlock and a lot of caveats. I wanted to summarize my findings below and provide details on how I went about the process of unlocking the iPhone 3G. (Though I did the unlock on Mac OS X, the instructions for Windows are the same.)
Note: I decided to remove the AT&T SIM card to see if I could do the unlock without it. This would be useful for those who got their iPhone 3G without an AT&T SIM card. It turns out that the AT&T SIM card is not required. (To remove the SIM card, locate the card slot at the top of the iPhone 3G with a visible little hole. Insert the end of paperclip into the hole, push down gently, and the SIM card holder will pop up.)
Some important pointers:
- There are software and hardware unlocking methods. The hardware unlock usually requires a custom SIM card overlay or a custom SIM card holder. I will be doing a software unlock.
- An iPhone has two very important information, the iOS version and the baseband version, which determines whether the unlock is possible. Confusingly, some websites will refer to the iOS version as the “firmware” version and Apple refers to the baseband version as the “modem firmware”.
- An official Apple iOS version update may also include a baseband version update. Unlock is very dependent on the baseband version so be very careful to avoid official Apple iOS upgrades unless you know what you are doing.
- In order to unlock, you must jailbreak first. The popular jailbreak methods (like RedSn0w and PwnageTool) will include a way to preserve the baseband version. PwnageTool creates a custom upgrade file (ipsw) by modifying the official upgrade ipsw file to remove the baseband version update.
- The software unlock method “UltraSn0w” that I plan to use supports only specific baseband versions.
First, we need to figure out what we are working with:
- Determine the iPhone model by looking at the back of the phone for the model number. Check the Apple site to find a match. My iPhone had a model number of “A1241” which matched with “iPhone 3G”. (I couldn’t tell visually whether I had an iPhone 2G, 3G, or 3GS.)
- Determine the iOS and baseband versions by going to “Settings->General->About” on the iPhone. My iPhone 3G had an iOS “Version” of 4.1 and a baseband “Modem Firmware” version of 05.14.02.
Unfortunately, my iPhone 3G had a baseband version 05.14.02 which was not supported by UltraSn0w according to this UltraSn0w unlocking tutorial. If I upgrade to iOS 4.2.1, the baseband version would be upgraded to 05.15.xx which is also not supported by UltraSn0w. The workaround is to upgrade the baseband to the 06.15.00 version, which is surprisingly provided in the iPad 1 iOS 3.2.2 image.
Updating to 06.15.00 baseband is not reversible (back to 05.14.xx or 05.15.xx) so it would void the Apple warranty (I didn’t care because the iPhone is out of warranty) and future upgrades would require custom ipsw images. To me, it looks like Apple doesn’t plan to upgrade iPhone 3G past iOS version 4.2.1 and even if that were to happen, I could figure out how to use PwnageTool to create the necessary custom ipsw image. So, I made the decision to upgrade the iOS version to 4.2.1 and the baseband version to 06.15.00 so I could unlock using UltraSn0w.
According to the UltraSn0w tutorial, I could jailbreak and update to 06.15.00 using either the RedSn0w jailbreak tutorial or the PwnageTool jailbreak tutorial. I decided to use the PwnageTool because it would allow me to avoid having to do an official Apple iOS upgrade to 4.2.1 (required by the RedSn0w method) and it would allow me to get familiar with PwnageTool (I have used RedSn0w before).
To perform the jailbreak, I followed the PwnageTool tutorial step by step:
- Before starting, I connected my iPhone 3G using the USB cable and quit the iTunes application.
- In step #1, make sure to download the specific version 4.1.3 of PwnageTool requested (I tried the latest version 220.127.116.11 which wouldn’t accept any of the ipsw files), the iPhone 3G iOS 4.2.1 image file “iPhone1,2_4.2.1_8C148_Restore.ipsw”, and the iPad 1 iOS 3.2.2 image file “iPad1,1_3.2.2_7B500_Restore.ipsw” (which contained the 6.15.00 baseband).
- In step #5, the first ipsw file to select is the iPhone 3G iOS 4.2.1 ipsw image file. The second one to select is the iPad 1 iOS 3.2.2 ipsw image file containing the baseband.
- Step #6 was a little confusing. After reading it a couple of times, I got that if you plan to use the iPhone with the service provider it was originally locked to, then do not check the “Activate the phone” option. If like me, you wish to use an unofficial service provider (I’m using an AT&T iPhone with T-Mobile), then check the “Activate the phone” option. (For me, the “Activate the phone” option was selected by default.)
- Also in step #6, my “Root partition size” was set to 731MB by default. I manually increased it to 834MB to match the picture in the tutorial. (I don’t know if this was necessary or not, but I figured it could only help.)
- During step #12, when following PwnageTool’s steps to put the iPhone into DFU mode, the iTunes application was automatically started. I minimized iTunes and restarted the PwnageTool DFU instructions. When the iPhone entered DFU mode, iTunes threw an error dialog saying there was an unrecognized device. I had to disconnect and reconnect the USB cable in order for iTunes to recognize the phone properly and the DFU mode. (Now that the iPhone was in DFU mode, I quit the PwnageTool application.)
- Once the iPhone was successfully restored (using the PwnageTool custom ipsw image) and restarted, I verified that the “Settings->General->About” listed the Version as 4.2.1 and the Modem Firmware as 6.15.00.
- Whew, I was really glad the iPhone came back to life because I was waiting for a long time. The restore took about 10 minutes and the restart took several minutes.
To perform the unlock, I followed the original UltraSn0w tutorial step by step:
- Before starting, I configured the iPhone (Settings->Wi-Fi) to connect to my wireless network.
- In step #2, Cydia took a couple of minutes to update itself on initial startup. Then it asked me if I would like to update packages. I selected the “Complete Upgrade” option which took several minutes to complete and required a reboot. (Once Cydia was done with the update, it showed a large Reboot text at the bottom of the screen; I just tapped on the text to do a reboot.)
- In step #3, I clicked on the Cydia Search tab to find and install UltraSn0w (that’s a number zero in the word “sn0w”). The UltraSn0w installation also required a reboot when it completed.
Finally everything was done. I shut down the iPhone, inserted my T-Mobile SIM card, and restarted. After startup, the iPhone took a couple of minutes to find the T-Mobile network. Because my T-Mobile plan did not have a data plan (and I didn’t want to be charged for one), I disabled the 3G connectivity function by going to “Settings->General->Network” and setting the “Enable 3G” and “Cellular Data” options to Off. I then tested the iPhone by taking a call, making a call, receiving a text, and sending a text. It works, yeah!
Unfortunately, when using PwnageTool to create the custom image earlier, I neglected to enable the very useful battery percentage indicator (which RedSn0w enables by default). To enable the battery percentage at this late stage, I found a useful guide, Enable Battery Percentage in iOS 4 on iPhone 3G without Redsn0w, which worked for me. (Hint: You may need to install “cmd-files” before you can install “iFile”.) After restarting the iphone, I went into Settings->General and turned on “Enable Battery Percentage”.
Hopefully the above is helpful. Good luck with your unlocking.