Talk:Main Page

iPhone Tracker
Can we add iPhone Tracker to this page? --5urd 10:06, 8 October 2012 (MDT)

Apple TV 3
As I am told, it is Apple TV 3G. Just because the blogs use "iPod Touch 4," that doesnt mean we use that. --5urd 17:30, 7 March 2012 (MST)

Firmware
How is iOS 5.1 for iPhone 3GS Jailbreakable untethered for old bootrom and tethered for new bootrom when the holes were patched(from what I understand) and on the main page it shows there is no jailbreak for everything else. I'm confused here.
 * I am going to try and answer though it is hard to tell what you are asking by your grammar. Those are bootrom exploits, which cannot be patched by any firmware update. There isn't a jailbreak available though, they have to update the programs like redsn0w to work with the new version of iOS. Once it is updated the jailbreak will be untethered for old bootroms and tethered for the new ones (excluding 4S and iPads since there isn't any bootrom exploits for those). Modern jailbreaks require userland exploits to be untethered, but iOS 5.1 patched the vulnerabilities we have been using to get untethered. Hope that helps. --Jacob 18:09, 7 March 2012 (MST)
 * Correct the vulnerabilities for iOS 5.1 are patched so therefor on the firmware page iOS 5.1 for iPhone 3GS should say no for (Can it be jailbroken? (old bootrom and new bootrom) and not yes, that it why I am confused because the main page says no --Staycool72 20:30, 7 March 2012 (EST)
 * iOS 5.1 can be jailbroken on the iPhone 3GS, but at the time of writing this, there are no tools that support jailbreaking iOS 5.1. -- Dialexio 18:34, 7 March 2012 (MST)
 * ok it answers my question. --Staycool72 20:49, 7 March 2012 (EST)

Brazilian Carriers and Cellular Devices
Wanted to let you people know that all Cellular devices sold in Brazil must be factory-unlocked according to a federal law. This should be added to the main page, as it already states the same about GSM iPads in everywhere but Japan. Cellular devices sold in Brazil must be factory-unlocked or the supplier must provide an official unlock if the user demands so. Luxiel 06:55, 24 April 2012 (MDT)
 * I'm against this. Japan is the other way round, an exception. Many countries now sell unlocked devices. Anybody else? --http 16:15, 24 April 2012 (MDT)
 * I'll have to say no to this also. Cellular iPads are sold unlocked in every country except Japan (and maybe a few others that we don't know of). -- Dialexio 16:56, 24 April 2012 (MDT)
 * My bad, I think I mistook the real reason behind that information being stated... Thanks for the answers. --Luxiel 08:28, 2 May 2012 (MDT)

Baseband Chip Page Titles
For the baseband chip page titles, I think we should stick with the model number despite the marketing name. Pages: --5urd 21:35, 8 May 2012 (MDT)
 * PMB8876 marketed "S-Gold 2"
 * PMB8878 marketed "X-Gold 608"
 * XMM 6180 marketed "X-Gold 618"
 * MDM6600 (unknown marketing name)
 * MDM6610 (unknown marketing name)
 * MDM9x00 (unknown marketing name)
 * I'm leaning more towards the marketing names, since I think people are more familiar with them and they've been in use for a long time. We've always referred to the iPhone 2G's baseband as the "S-Gold 2" and the iPhone 3G/3GS's baseband as the "X-Gold 608." (By the way, it sounds like Qualcomm "markets" their chips by model number. ) -- Dialexio 00:11, 9 May 2012 (MDT)
 * I created most of these newer pages and always used the model number (without space). So I agree with that in general. Changing old ones is a totally different story though, where we need more consent. I would be for it (and create a redirect on the marketing names). --http 01:52, 9 May 2012 (MDT)

Baseband downgrade possibility: Attempt for 04.11.08/04.12.01 to 04.10.01
0x1 There is no downgrade possibility; according to the most basis of fact in how baseband works as explained by dear MuscleNerd and there is signature checks as well as bootloader's chain of trust that I'm not going to repeat them again, but for this topic I start from iTunes error 1,-1,11 0x2 iTunes error 1,-1,11 : We will get this error whenever we want to do something with BB which is not allowed by apple. you can read about these error in detail from here. Going deeper, this error raise by baseband's bootloader whenever you attempt to downgrade BB (in this case), this happens inside the NOR so this is why we can not exploit it easily from the outside. Another reason for this error (and in here the most important one that I wanted to discuss) is that apple no longer signing that firmware.

0x3 The situation that there is no BB installed on iPhone! : I could restore my iPhone4 in the case of there will be no BB at all. I called it reset my BB. There will be no Wifi, no BT. At the first time (a few months since I've started to work on) I thought it is dead (as apple confirmed this also). But I could restore it only to stock firmware with the latest one. So for who stays in 04.11.08 it may lead to do upgrade to 04.12.01 permanently with the latest iOS, now is 5.1.1 and before for me was 5.0.1, so be sure what you are doing and then go to reset the BB. So back to the game, if there was no BB then there is no bootloeader inside the NOR to stuck BB update process but I do not know that in this case what happened to "sectable" also known as "locktable" which is the master accountable to unlock the carrier, any way I think so only firmware signature checking by apple will be remain in "restore verify process" by iTunes. because as mentioned earlier, "currentBB"(BB to be updated) is allowed to be update by "comingBB" (BB to be updating to) only if : 1. "currentBB" < "comingBB" (= are you the most recent/lastest BB?) 2. "comingBB" is now signing by apple (=if so, does apple sign you? Are you eligible?) Huum... What happens if "currentBB"="null/zero/no matter"? Could we eliminate option (1) from the security check above in this case? So what next?

0x4 Track back to the issue lead us inside the bbfw file (ICE3_04.11.08_BOOT_02.13.Release) which contains four .fls files inside, and the most important one is psi_flash.fls who is in charge of security checks before handover the routines to stack.fls which is responsible for updating the baseband. This file does like NOR bootloader but fortunately it's outside the device so it is accessible but not such easy format to be understand by programmers. They are raw ROM based images for XMM6180 chip, ARM based and programmed in Thread-X, but the compiler is unknown; I will write about some disassembly notes using ida pro 6.1; by the way I leave my iPhone with no BB trying to find out and break the trust chains in the above files in order to bypass the bootloader security checks which may let us to downgrade to 04.10.01 which is currently unlocked by Gevey. Keep in mind that if this solution works..., it will need the SHSH for downgrading the iOS firmware to do reset the BB. I heard that iPhoneDevTeam are going to release the new version of Redsn0w which there will be no need to restore by iTunes but I do not know if the baseband approaches supposed to be addressed or it will work like iFaith that is basically bypass (preserve) BB, any way if I found this article useful I will note about disassembly and possibility approach as well as BB reset to share with any followers. --Kambiz 07:49, 13 May 2012 (MDT)K.N

Bluetooth Chip on iPhone 5
Is there any confirmation of the Bluetooth chip used in the iPhone 5? If there is, can we edit this page and add it? --|5urd 10:04, 8 October 2012 (MDT)
 * Chipworks analyzed the iPhone 5's Murata Wi-Fi module and determined it uses the BCM4334. I'll add it to the Main Page now. -- Dialexio 20:35, 8 October 2012 (MDT)

Change Jailbreak Table
Can we change the jailbreak table to be vertical? Or at least put deprecated devices on a new line? Because at apple releases the iPad 4 while still keeping the 3GS and most likely the iPad 2 until iOS 7, the page is going to get really wide and making sure it looks good at almost all screen resolutions will be a real pain in the @$$ (like what iDebStore really is).

A vertical table may not be appealing for a home page, but putting the old devices on in a new table or making it like VFDecrypt Keys' tables are. Any thoughts? --5urd 10:11, 8 October 2012 (MDT)
 * Maybe we can drop devices that Apple no longer updates from the table entirely. Owners of these devices don't really need to worry about whether or not their device can be jailbroken, after all. -- Dialexio 20:35, 8 October 2012 (MDT)
 * I like the idea of getting rid of dropped devices. We could just redirect them to Jailbreak. --5urd 10:22, 9 October 2012 (MDT)

Administration
Someone needs to help this website. It's starting to fall apart... --posixninja 01:42, 11 October 2012 (MDT)
 * Other than George falling away from the scene, what ways is this falling apart? Granted, maybe we could up some long lasting, helpful people like myself or Adam to the admin list? --5urd 09:59, 11 October 2012 (MDT)
 * Anything special you'd like to change? I remember that geohot wanted to have more technical content and we're far away from improving that a lot. Main reason is that the people with the knowledge don't contribute much here. I know that most of the recent changes here are just some keys and new models and stuff. If you have the time, you're welcome to help and reorganize things here. New good articles about KASLR and things that mdowd mentioned in his speech are missing here completely and you could help with that. Tell us your ideas and we will listen. I like being critizised in order to improve things. But please no general "everything is bad". --http 16:34, 11 October 2012 (MDT)
 * The stuff at JailbreakCon 2012 I was going to add, but I have way too much homework on my hands. The only times I can edit are right before I get ready for bed and during fourth period (Graphic Arts). --5urd 20:28, 11 October 2012 (MDT)
 * As you mentioned on Twitter, you'd like to have more technical content. I just added some infos from Mark Dowd's presentation (Heap Hardening, Stack Cookies, KASLR). Let me know if you have specific things that you'd like us to add. -- http 17:39, 16 October 2012 (MDT)

Everything Else
Can we list the devices, instead of writing "Everything Else"? -- http 16:15, 16 October 2012 (MDT)
 * Yeah, that's a good idea. (Especially since the older devices have been removed!) -- Dialexio 17:57, 16 October 2012 (MDT)

iPad 4 and iPad mini
Can we add the new iPads to the list? The A6X is 8955 as per the heat sink cover on it. --5urd 09:43, 25 October 2012 (MDT)
 * If you mean the badge Apple depicts the A6X as, the depiction actually still says "APL5498" (which translates to the S5L8945/A5X… yeah, Apple got lazy with this badge as well). The A6X probably will be S5L8955, but I haven't seen any sort of confirmation yet. -- Dialexio 09:56, 25 October 2012 (MDT)
 * Yeah the badge. Derp. Anyways, the A6X badge is  which translates to  . Maybe it actually is 5598 (little endian?) but that is unlikely. --5urd 10:17, 25 October 2012 (MDT)
 * The description of that image clearly states that it's an enhanced version of the A5X image on Wikipedia (i.e. it's edited). -- Dialexio 10:57, 25 October 2012 (MDT)
 * Oh derp. From the keynote, it appears to be  which is   (A5X). But I am sure it will be  . The   was a revised A5, not A5X. It appears Apple just opened their Photoshop document and changed the   to  . Guess we'll find out for sure from a Geekbench or the teardown. We can at least for sure add the iPad mini to the page. --5urd 11:36, 25 October 2012 (MDT)

Racoon as jailbreak software.
Can you please add racoon as a jailbreak software as corona is on the list.
 * raccoon is a daemon that was exploited. Not a jailbreak. --5urd 14:17, 4 November 2012 (MST)

ATV iOS 5.1.1
Please add ATV 5.1.1. --Adaminsull 18:59, December 1, 2012 (MDT)

ATV 5.1.1 jailbreak
This is listed as tethered but afaik there is no jailbreak. --Adaminsull 11:09, 3 December 2012 (MDT)
 * It was listed as "point to 5.1/6.0(?)" firmware, but I changed it to "Yes". The Apple TV jailbreaks aren't as profound (AFAIK 9to5Mac doesn't even report them anymore). --5urd 10:11, 3 December 2012 (MST)
 * Ok but im saying there is no jailbreak not even tethered afaik. --Adaminsull 13:29, 3 December 2012 (MST)
 * Please fix this. --Adaminsull 11:09, 4 December 2012 (MST)
 * Actually ATV 2G is jailbroken for life with limera1n. Maybe the available tools are not supporting it for any reason, but that's just a tool question. I'm not sure if we should update this everytime a new firmware comes out and change it back when redsn0w (or whatever) has been updated. -- http 18:03, 4 December 2012 (MST)
 * Oh great thanks . I will correct the other pages. --Adaminsull 04:32, 5 December 2012 (MST)