How I Dodged The iBoot Bullet — State of Jailbreak Affairs

I am very careful with updating my iPhone 3GS, since I have become quite accustomed to freeing the device from Apple’s tight grip via jail-breaking.

I use Backgrounder to run apps such as Cyclemeter and Skype in the background. I utilize 3G Unrestrictor to make VOIP calls over the 3G network. I implement various other hacks to enable iPhone tethering for light laptop browsing. And I unlock my iPhone while traveling overseas. Without this freedom, I can’t tell if I’d be able to tolerate Apple’s tight grip on the iPhone with “more open” platforms such as Google’s Android quickly catching up.

Hence, I kept my iPhone’s baseband at it’s original version (04.26.08), while carefully upgrading my firmware to 3.1.2 via DevTeam’s Pwnage tool. Because I purchased my 3GS before October 2009, it also sports the original iBoot 359.3 (more on that later). With this configuration I’d be able to jailbreak and unlock indefinitely.

Unfortunately, this week, my carefully preserved iPhone needed replacement due to a faulty dock connector. Not a big deal—Apple usually replaces broken iPhone’s right on the spot—but what would happen to my jailbreak options?

Since Apple has made it nearly impossible to downgrade the firmware and baseband of the 3GS (unless you’ve put some safeguards in place during the very early 3.0 days) I knew that I’d loose control over what configuration I would receive with my exchange unit.¹

So, let’s have a quick look at the possible options and their (current) ramifications in terms of jail-breaking:

• iPhone 3GS | 3.1.3 Firmware | 05.12.01 Baseband | 359.3 or 359.3.2 iBoot
  Game over. No jailbreak or unlock possible. Period.

  Neither the Dev-Team nor Geohot currently offer a solution to jailbreak or unlock an iPhone 3GS preloaded with the 3.1.3 firmware. Geohot has publicly stated his opposition to support iPhone OS 3.1.3 while the DevTeam tools only allow you to upgrade an already jail-broken device to firmware 3.1.3. This is not to say that new vulnerabilities haven’t already been discovered, but it is highly unlikely that either the DevTeam or Geohot will release new tools until a bigger update such as OS 4.0 is released. For now: You’re stuck.

• iPhone 3GS | 3.1 – 3.1.2 Firmware | 05.11.07 Baseband | 359.3.2 iBoot
  Tethered Jailbreak via Pwnage (DevTeam) or Blackra1n (Geohot) and unlock via Blacksn0w (Geohot).

  Your situation improves slightly if you get a hold of an iPhone 3GS with 359.3.2 iBoot and firmware 3.1.2 preloaded. At least you’ll be able to jailbreak (choice of DevTeam or Gehot) and unlock via Blackra1n. Since Apple has upgraded the iPhone 3GS’ iBoot version to 359.3.2 for all devices manufactured after October 2009, however, a tethered jailbreak will be your only option.

  A tethered jailbreak basically works the same as an untethered jailbreak with one obnoxious difference: To reboot your iPhone it must be connected to a computer with your jail-breaking software installed. If you run out of battery, for example, you won’t be able to reboot your phone until you have a chance to connect it to your computer. Same with an unexpected restart. Obnoxious, but your only option at this point.

  To find out what iBoot version your 3GS has boot the phone into DFU mode and look for “Apple Mobile Device (DFU Mode)” under the USB header in Apple’s System Profiler.

  

• iPhone 3GS | 3.1 – 3.1.2 Firmware | 05.11.07 Baseband | 359.3 iBoot
  Untethered Jailbreak via Pwnage (DevTeam) or Blackra1n (Geohot) and unlock via Blacksn0w (Geohot).

  With the original iBoot you’re all clear for an untethered jailbreak via your choice of Pwanage or Blackra1n. No rebooting issues. The only unlock option remains Geohot’s Blacksn0w.

• iPhone 3GS | 3.0 Firmware | 04.26.08 Baseband | 359.3 iBoot
  Choice of Pwnage/Blackra1n for untethered Jailbreak and UltraSn0w/Blacksn0w for unlock.

  The holy grail for jail-breaking and unlocking. If you start off with a 3GS on firmware 3.0 you can keep all your options wide open. Unfortunately, it’s VERY unlikely that you’ll be able to get a hold of this configuration through any official channels at this point in time. Even on a refurbished unit.

With iPhone 3GS jail breaking has become quite a bit more complex. And it is safe to assume, that Apple will continue to further fight the hacking community with the release of their next major hardware upgrade. If jail-breaking is near and dear to your heart, but your iPhone 3GS needs replacement, I can only suggest you look into either getting it fixed through unofficial channels, or cross your fingers and hope for the best.

Fortunately for me, my refurbished exchange unit came pre-loaded with 3.1.2 (05.11.07 baseband) and the original 359.3 iBoot. Hence, I was able to jailbreak and unlock via Gehot’s Blackra1n and Blacksn0w without a hitch.

I dodged the iBoot bullet. Now I’ll be guarding my 3GS by all means necessary. I doubt I’ll be this lucky again next time around.

Questions or comments? Let me know: @eierund on twitter.

1. Don’t forget to wipe your jailbreak by upgrading your 3GS to an official Apple firmware before taking it in to the Apple Store. You may void your warranty otherwise. Remember that you may risk loosing your jailbreak/unlock for a long time to come. [↩]