Pwnage ToolEven though I am not in Hong Kong and on vacation in Beijing I am blogging and keeping an eye on the iPhone hacking community. In the past 14 months I had unlocked/restored my iPhone over 30+ times, and documented my experience and findings with fellow readers. Much of these repeated unlocking and restoring was because I was testing various "unauthorized" 3rd party applications ("hacks") for the iPhone, and some of them were not as stable as they should be. Even with authorized 3rd party applications my iPhone was sluggish and crashes when I run some of the applications.

When Apple claims that the iPhone firmware 2.1, released on September 12th, will correct much of the problems I've been encountering, I was again excited for the possibilities of returning my iPhone (1st generation) to its efficient spiffy 1.x state. Unfortunately, since my iPhone is unlocked and jailbroken I had to wait for the iPhone Dev team to upgrade their hacking tool, Pwnage Tool.

The iPhone Dev Team released their new version of Pwnage Tool 2.1 (Bittorent download) on Sunday (September 14), but I did not have time; rightfully, to check it out. I was planning to visit the Forbidden City this morning, but it is raining heavily in Beijing, so I decided to upgrade my iPhone (1st generation) instead.

I had wanted to hold myself back for 24 hours to give iPhone web sites: ModMyiFone, Hack the iPhone, MacGeekBlog, etc. time to refine the procedures and all the possible things that may go wrong during the process.

Now I am happy to say that I have now successfully unlocked my iPhone running firmware 2.1. The process went without a hitch.

I did not have to do anything to my already unlocked iPhone running firmware 2.0.2. All I did to prepare myself for the unlocking was the following:

  1. Upgrade my iTunes to 8.0
  2. Download the firmware 2.1 (5F136) (for 1st generation iPhone), placing this firmware (IPSW file) in ~/Library/iTunes/iPhone Software Updates/ folder on your Mac.
  3. If you had not already done so, you will need to download the 3.9 and 4.6 bootloaders. onto your computer.

The rest is simple. You can choose the well written tutorials from Hack the iPhone.

Enjoy and do share you experience with rest of the readers here. Particularly iPhone users from Hong Kong.


I should add "YET!". Apple made available firmware 2.0.1 for the iPhone and iPod Touch.

iPhone Firmware 2.0.1 Availability

If you have an iPhone 3G (non-jailbroken), original iPhone (non-jailbroken and locked) or a pristine iPod Touch, then you should definitely upgrade to this latest firmware. So far all reports show that applications runs faster, quicker synchronization with iTunes and spiffier overall functions of the iPhone or iPod Touch.

WARNING: if you are not in the above group of Apple device owners, meaning you have jailbroken and/or unlocked your iPhone or iPod Touch you should NOT upgrade. You will need to wait for the hacking community to update their hacking methods (currently Pwnage Tool) before doing any firmware update.

The only exception will be the iPod Touch owners who had jailbroken their device and do not mind returning their iPod to Apple factory condition (ie. no more unauthorized 3rd party applications).

BTW: As I have reported on Twitter and other Social Networks, I am experimenting with a method to resolve much of the frequent crashes on the iPhone with firmware 2.0. I will be reporting here on my blog as soon as I have definite results. Please stay tune.

Many of you know that I was in North America this past two weeks and was also in New York City. While at NYC I spent some time at the 5th Ave. Apple Store gaining some hands on experience with the iPhone. This was the first time I saw the iPhone in person and played with its applications and Multitouch interface. I will talk more about this in a separate post.

Getting back to the topic in question. While in NYC last week much had transpired regarding the unlocking (release of the lock down of the iPhone to the AT&T carrier). End of last month iPhone SIM Free announced that they had a software to unlock the iPhone from AT&T iron fist. They said that they will be selling the software on a per user (iPhone) license within a few days. Weeks had past and no announcements.All of a sudden last Sunday iPhone SIM Free announced 4 resellers for their software and on Monday this past week the resellers started to sell the software within hours the pre-order were full and Tuesday was when the iPhone SIM Free resellers started to fulfill their pre-orders.

Then Tuesday evening there was news of the Internet that the iPhone SIM Free software had been hacked. On Wednesday morning news of a verified OpenSource hack was spreading throughout the iPhone hacker community. On that same afternoon a beta application to unlock the iPhone had been made available. Later that evening written guides for people to follow start to appear. I personally like the guide by

I told this to my friends back in Hong Kong and one of them asked me to get an iPhone for them and unlock it using the OpenSource method.

I was very excited to have the opportunity to try the hack, while at the same time a bit worry that I will create a USD400+ iPhone Brick if the hack fails.

Unfortunately, I was not able to get a clear WiFi signal from the hotel room and none of the Starbucks had free WiFi access and requires the patrons to be T-Mobile customers.

I even attempted to use the WiFi network at the 5th Ave. Apple Store, but the signal was too weak from the street level. I thought setting up my MacBook Pro and a brand new iPhone, to hack the iPhone using Apple's WiFi network was going a bit too far.

So, I had to give up and hope for the best when I return to Hong Kong with the brand new iPhone.

Tonight I got off the plane and as soon as I had unpacked and clean up, I attempted the hack. It was amazing aside from having to change my home WiFi network's channel, I did not have any other problems with the hack.

Within 45 minutes I had an iPhone on the Smartone-Vodafone network. Made a test call and then used the Edge network to connect to the Internet.

As far as I know this is the first published unlock hack of an iPhone in Hong Kong using the pure software (free) method, without reprograming the SIM card or opening up the iPhone itself.

[Update: October 3, 2007] The above described hack was done on a Macintosh, running Mac OS 10.4.10, iTunes 7.4.1, iPhone firmware 1.0.2, iNdependence 1.2.1a and the "iUnlock" application from iPhone Dev Team dated September 12, 2007.

[Update: October 4, 2007] For all those who are trying to get their EDGE connection working, please check out either Ross Barkman's GPRS Info page or ModMyiPhone's "Carrier APN Settings" page for assistance. If the carrier you're trying to connect is not listed on the ModMyiPhone Wiki page, please do your part to add to the list.

[Update: October 4, 2007] I am happy to confirm that I was able to synchronize successfully an unlocked iPhone to iTunes 7.4.2 running on the Macintosh.

[Update: October 5, 2007] All, especially those thinking of switching to Smartone-Vodafone.

I believe that some of the sales people at the stores are now telling customers that the "Internet Browsing Plan" is for 3G Voice Plan customers only. This is based on feedback from others who have spoken to Smartone-Vodafone.

I personally have a 3G Voice Plan from a previous phone, so the question never came up. I will try to confirm this at a store this afternoon.

One other thing is relating to the so called "extra features" that Smartone-Vodafone is offering for extra fees are not worth it. Do not fall into the trap. Also be aware of their "Fair Use" policy to avoid violating any of their policies.

[Update: October 23, 2007] Instead of my readers having to scroll down to the comments below or email me about the following must have knowledge about hacking your iPhone. I will post it here for all:

  • Activate the Voicemail button so that it calls your carrier's Voicemail service. Prior to doing this hack you will need to know the code to dial from your own mobile phone to access your carrier's Voice Mail service.For example, Smartone-Vodafone in Hong Kong, the code is "138" to reach the Voicemail from your OWN mobile phone.

    1. Go to the Phone button;
    2. Click on the Keypad button;
    3. Type the command: *5005*86*XXX#
      • where "XXX" is the access code for your carrier's Voice Mail service. In my example, I will enter "138" in place of the "XXX";
      • if your carrier's Voice Mail service has a number in the format *XXX, then you should enter the command *5005*86+XXX# instead.
    4. Click on the Call button.
  • Determine the firmware version of your iPhone straight out of the box from Apple before any hacking, activation or unlocking.
    1. Go to the Phone button;
    2. Click on the Keypad button;
    3. Type the command: *3001#12345#* to enter the Field Test mode;
    4. Select the Version item

    The following are the definitions of the "Firmware version" values:

    • 1.0.0 firmware has the modem firmware version 03.12.06_G
    • 1.0.1 firmware has the modem firmware version 03.12.08_G
    • 1.0.2 firmware has the modem firmware version 03.14.08_G
    • 1.1.1 firmware has the modem firmware version 04.01.13_G
    • 1.1.2 firmware has the modem firmware version 04.02.13_G
    • 1.1.3 firmware has the modem firmware version 04.03.13_G
    • 1.1.4 firmware has the modem firmware version 04.04.05_G
    • 2.0 firmware has the modem firmware version 04.05.04_G (all 1st generation iPhone stays at this modem firmware)
    • 2.0 firmware has the modem firmware version 01.45.00
    • 2.0.1 firmware has the modem firmware version 01.48.02
    • 2.0.2 firmware has the modem firmware version 02.08.01
    • 2.1 firmware has the modem firmware version 02.11.07
    • 2.2 firmware has the modem firmware version 02.28.00
    • 2.2.1 firmware has the modem firmware version 02.30.03
    • 3.0 firmware has the modem firmware version 04.26.08
    • 3.0.1 firmware has the modem firmware version 04.26.08
    • 3.1 firmware has the modem firmware version 05.11.07
    • 3.1.2 firmware has the modem firmware version 05.11.07

[Update: November 21, 2007] On November 12, the German courts ruled against T-Mobile and issued an injunction preventing T-Mobile from selling Apple iPhones requiring a 2 years contract. The injunction also prevents T-Mobile from selling Apple iPhones with the so called "SIM lock" that prevents users from switching the Apple iPhone to any other carriers.

This evening T-Mobile announced that they will be selling the Apple iPhone for EUR999.00 without a 2 years contract and continues to sell the Apple iPhone for EUR399 with a 2 years contract commitment. In addition T-Mobile will remove the SIM lock for any customers who wishes, including any customers who previously purchased the Apple iPhone from them.

This is all quite interesting. As there is now official "unlocked Apple iPhones" in the market. What will the iPhone hacking community do? Will they stop their continue unlock hack of the iPhone?

Last week the iPhone firmware 1.1.2 had been unlocked for iPhones with firmware 1.0.2 and 1.1.1, but not brand new out-of-the-box iPhones with firmware 1.1.2.

May be the iPhone hacking community can work on jailbreaking future iPhone firmwares and continue allowing unauthorized 3rd party native application on the iPhone. Hold on a sec... Apple will be doing the same in the coming February.

I guess the work and efforts of the iPhone Hacking community had succeeded. With the helps of various courts (first the French and then German), by Spring of 2008 the iPhone with be officially open to all networks and contains sanctioned 3rd party native applications.

This is another example of people power.

[Update: December 1, 2007] Sorry for the late posting of my findings regarding the most appropriate package(s) to subscribe to from Smartine-Vodafone.

After one and a half month of use, I have a fairly good idea whether my original proposed "Internet Browsing" and "2G/3G Data" plans are sufficient to allow for the freedom of using the iPhone, without worrying about the amount may be charged for the privilege.

Although these packages are not unlimited usage plans, they do provide enough data (GPRS/EDGE) allowance to cover the typical use of an iPhone. This includes features like: Mail, Stock application, Weather application, YouTube application, web browsing and various 3rd party applications that require Internet access.

These Smartone-Vodafone plans are: the HKD38.00/month "Internet Browsing" and the HKD118.00/month "2G/3G Data" plans; both these are non-commitment/contract prices.

As explained in my previous posting, for some undisclosed reason, the "Internet Browsing" plan does not cover all data usage on the iPhone, therefore one needs to also subscribe to a "2G/3G Data" plan. Otherwise you will be charged a data charge of HKD0.06/kb.

My test last month had me using 5.5MB of additional data usage aside from my "Internet Browsing" plan allowance. If I did not have a "2G/3G Data" plan I will have to pay an additional HKD330.00. If I had the HKD48.00/month "2G/3G Data" plan (the lowest available), I will still have to pay an extra HKD100.00.

Therefore I found the HKD118.00 "2G/3G Data" plan is the most economical choice, while allowing me to use the iPhone without any worries of being charged an extremely high data usage fee.

I hope these findings will help my fellow iPhone users in Hong Kong.

[Update: November 1, 2008]

I have now confirmed that the Internet Browsing plan; now known as IOM plan, indeed only cover HTTP and the corresponding HTTPS traffic. So any web traffic through Mobile Safari on your iPhone and any applications; whether it is downloaded from the Apple AppStore or unauthorized 3rd party, that uses the HTTP Posts and Gets will be covered in the Internet Browsing plan.

Any POP3 traffic will be outside of the Internet Browsing plan allowance and Smartone-Vodafone has a separate POP3 Email monthly plan for HKD30/month. As a result any IMAP or Exchange Push traffic will be count as regular Data traffic. I think this omission of IMAP and Exchange traffic from the Email monthly plan is the wrong thing to do for Smartone-Vodafone. Why would anyone choose POP3 over IMAP or Exchange email is beyond me. Especially when the iPhone is only one of many devices most users will use to access their emails, and definitely not the primary device. I urge Smartone-Vodafone to listen to its customers and change their Email monthly plan.

Many of you may have followed the news on the Internet about "the code". If not you can read this story on WIRED magazine. Unfortunately, in fear of Blogger or Google sending me a DCMA takedown notice; since my web site is hosted in the United States and my blog library is hosted within Blogger. I will not mention the actual "code", but to refer you to only place where this is discussed in detail.

If you like to exercise your freedom of speech, particularly for citizens of United States, you can purchase on of the items from my "The Code" store.

All profit collected from the sale of these items will be donated to the UN HCR (United Nation High Commissioner for Refugees)