Dev Team Demos UltraSn0w – iPhone 3G Unlock

As announced yesterday, Dev Team member MuscleNerd did a demo of UltraSn0w, the new software unlock for the iPhone 3G (skip to 2.20 min on the video below). Unlike its predecessor YellowSn0w, UltraSn0w will unlock your iPhone 3G no matter what firmware, bootloader or baseband you have, as long as you have the new 3.0 firmware installed.

The actual program that UltraSn0w injects into the baseband to accomplish the unlock is the exact same one the Dev Team developed for YellowSn0w. What changed is that the Dev Team found a new "hole" to inject the unlocking payload.

During his demo, MuscleNerd successfully jailbroke his iPhone 3G and proved it by inserting a T-Mobile SIM card.

UltraSn0w won't be available until Friday and like YellowSn0w, it will be downloadable through Cydia. Your iPhone will obviously have to be jailbroken and the Dev Team will release the necessary tools for that (QuickPwn and PwnageTool) soon.

Again, just to make this clear, there is no baseband downgrade needed. You can just upgrade to 3.0 tomorrow and wait for the Dev Team to push its unlocking tools and UltraSn0w on Friday.

Note that this unlock is only valid for the iPhone 3G. According to the Dev Team, this hack may be applicable to the new iPhone 3G S if it can be jailbroken, which should happen sometimes soon. Go Dev Team!

iPhone 3.0 Unlock YellowSn0w Demo

Dev Team member MuscleNerd sent a tweet a few minutes ago about an upcoming live demo of the YellowSn0w unlock for iPhone 3.0. The live demo will happen Tuesday night, most likely on Qik and should answer a lot of questions.

This demo should show how YellowSn0w can unlock firmware 3.0. I assume this unlock will only work for iPhones that currently support YellowSn0w.

Apple Releases iPhone 3.0 Beta 5 – Dev Team Says It’s Already Jailbroken

You gotta love the Dev Team! It hasn't been 24 hours since Apple released the fifth beta of their OS 3.0 that our favorite team of iPhone hackers has already shown proofs that it has been jailbroken. And better than that, the Dev Team says that unless Apple changes the hardware of the iPhone, all future version of the OS will be jailbreakable as well.

As should be expected, the modern devteam jailbreak process is still valid.   The picture below is 3.0beta5 jailbroken on an iPhone 3G.   As we’ve said in previous posts, nothing other than a hardware respin can prevent our jailbreak from working on all exisiting iPhone and iPod Touches.  They’ve chased our jailbreak so far down in the chain of trust, the only way they can fix it is in hardware.

One thing worries me a bit here though. Why is the Dev Team so open about it? I mean, they said several times now that Apple would have to spin the iPhone hardware to prevent all future jailbreak. If I was the Dev Team, that's something I would keep for myself. I assume by now Apple has figured out what little piece of electronics it needs to add to the future iPhone to prevent any jailbreak.

What I think about that is that the Dev Team likes challenges. It likes to be fair play too! It's as if the Dev Team said to Apple "hey, look what you need to do to prevent me from hacking your phone. I'm telling you all that because I'm smarter than you and whatever you do, I'll still me able to hack your phone".

In its blog post today, the Dev Team also warns us about the non-official version of QuickPwn:

Because there are so many beta releases, we couldn’t possible refine, test, and release both PwnageTool and QuickPwn for each of them.  That’s why we’re waiting until the final release.  You may have seen other “hijacked” versions of QuickPwn out there, but all of them are buggy, none of them work on OSX, and almost everyone who uses them reverts back to 2.2.1 (because none of the useful jailbroken apps (Qik, Cycorder, and others) work on 3.0 yet).

As usual, it is safe to remind everyone that if you care about the YellowSn0w unlock, you should NOT play with the 3.0 betas as they may prevent you from ever being able to unlock your iPhone.

My YellowSn0w Success Story

I am currently in my home country of France for a couple of weeks. Before getting here, I was a little worried about whether I could use my iPhone with a local carrier as I never was able to try YellowSn0w when I was in the US. I unlocked my iPhone 3G about a month ago using YellowSn0w but since all my friends either are with AT&T or Verizon, I couldn't make sure the unlocking worked.

One of the first things I did when I got at my Mom's was popping out her Orange (French carrier) SIM and put it in my iPhone. An error message showed up saying the SIM was locked and giving me the option to unlock it. I taped "unlock" and waited a few seconds until I realized that I was not getting any cell signal at all.

I rebooted my iPhone, got the same error and still no success. Until I finally remembered that the SIM card you put in your jailbroken iPhone cannot be SIM locked. This means that the SIM card can't be protected by a PIN.

So I put back the SIM card in my Mom's phone and went to the settings to deactivate the lock on the SIM. As I am writing this, I realize that I probably could have deactivated it from my iPhone's settings…

Two seconds later, I was getting signal and tried making my first call with my unlocked phone. It was a success. I also realized that I was getting on Edge. I asked my Mom if she had Internet access on her phone but she said she didn't. I launched Safari and went online in no time. My Mom had Internet access on her phone and she wasn't even aware of it…

The following day I went buy a my own SIM card as I couldn't use my Mom's for the next 2 weeks… I bought a SFR SIM as it to me the best carrier.

So this is my success story with YellowSn0w. If there is one thing to remember here, it is that if you have an issue with YellowSn0w, make sure the SIM you insert in your iPhone is not locked (PIN protected).

Heads Up On Firmware 2.2.1 And Jailbreak/Unlock

Since firmware 2.2.1 was released yesterday, a lot of concerns were raised whether or not you should update. The quick answer is NO, do not update if you care about your jailbreak or your unlock. MuscleNerd released a video on Qik giving us more info about the situation. Below are notes from the video.

About the iPhone 3G:

If you use YellowSn0w, you do not want to update to 2.2.1 as it will remove the possibility to install it. The only way you could do it is my installing a custom firmware that doesn't update the baseband. PwnageTool and QuickPwn do just that but they haven't been updated for 2.2.1 yet so wait for them to come out.

About the iPod Touch 2G:

The 2.2.1 firmware doesn't affect your ability to jailbreak your iPod Touch 2G. It didn't remove the ability for the Dev Team to do a tethered jailbreak. The Dev Team is still looking for an exploit to allow an untethered jailbreak. In other words, hang in there, they are working on it.

About iPhone 2G and iPod Touch 1st Gen:

2.2.1 doesn't affect your ability to jailbreak or unlock but again, wait for an updated version of QuickPwn and PwnageTool to do that.

As usual, I will report to you as the news come about 2.2.1 and jailbreaking/unlocking so you may want to subscribe to the RSS feed to be notified in time.

RedSn0w Might Be The iPod Touch Jailbreak We Were Waiting For

If you follow the Dev Team on Twitter, you prbably saw this tweet that points to a website named You can't help but noticing how close this domain name is to YellowSn0w, the iPhone 3G soft unlock...

Looking at it a little closer and doing a "who is" search for the 2 domain names (YS - RS) show that both domains are hosted on the save servers, which makes it very likely that RedSn0w was registered by a member of the Dev Team and most importantly, that RedSn0w is a new product from our favorite Apple hackers.

It doesn't require you to be some kind of psychic to figure out that an iPod Touch jailbreak is the only thing right now. We have the iPhone 2G and 3G jailbreak and unlock. We have the iPod Touch 1st gen jailbreak. All we need now is an iPod Touch 2nd generation jailbreak.

So what do you think? Am I right? Am I wrong? I look forward to reading your thoughts...

UPDATE: It seems I am on something here. After asking MuscleNerd, Pumpkin, and the Dev Team on Twitter to comment on my post, they all gave the same answer within minutes (see 1, 2, 3).

YellowSn0w Has Been Revised. Try It Again!

If there is one good thing about the Dev Team, it's that they work fast. Following a few issues with YellowSn0w, they have already updated it to version 0.9.4 and it supposedly fixes a bunch of issues. It is still in beta but it's much more stable than it was. So if you had issues unlocking your iPhone 3G using YellowSn0w, try again with the latest version.

It's still available in Cydia and you can still read this for the full iPhone 3G unclok tutorial.

Unlock Your iPhone 3G With Yellow Sn0w Guide & Tutorial

[digg-me]Below are instructions on how to unlock your iPhone 3G using Yellow Sn0w. Unlocking your iPhone 3G will make it possible for you to use any cellphone carrier.

Before you go any further, make sure to READ EVERY SINGLE WORD OF THIS TUTORIAL. If you think you're too cool for school, then go directly to the instructions but please, do not complain if you mess up your iPhone during the process, which is very unlikely to happen anyways...

First things first. In order to be able for you to use Yellow Sn0w to unlock your iPhone 3G, you have to be on a jailbroken iPhone that runs the latest firmware 2.2 with the latest baseband 02.28.00. To find out what firmware you're on, go to Settings > General > About and look for "Modem Firmware". It should say 02.28.00.

If you have not jailbroken your iPhone yet, you have to now in order to unlock. To jailbreak your iPhone, follow the QuickPwn 2.2 guide that I wrote a few weeks ago.

If you have already jailbroken your iPhone using PwnageTool to preserve your baseband, sorry but you have to restore and rejailbreak again in order to have the latest 02.28.00 baseband.

If you have updated to the latest firmware 2.2 with its latest 02.28.00 baseband, then you're good to go.

So from now on, I assume that you are on a clean firmware 2.2 with firmware 02.28.00 and that your iPhone is jailbroken.

1. Go to Cydia and install this new source: (note that snow is spelled with a zero, not an "o"). To install a new source in Cydia, go to Manage > Sources > Edit > Add, then type in the source and tap "Add Source".

2. Once the source has been added, tap "Return To Cydia", then tap "Done".

3. Now tap " from the list of sources "Entered By Users".

4. Select Yellow Sn0w, then tap install nad confirm.

5. Once the installation had been successfully completed, return to Cydia.

6. Hard reset your iPhone. To do this, hold the home and power buttons simultaneously for a few seconds until the phone shuts off by itself (ignore the "slide to power off" message)

7. Insert whatever SIM card you want! Wait a few seconds and you should be good.

8. Done!

See, that wasn't too hard at all. Users that are already familiar with Cydia and sources shouldn't have any problem at all. But first time jailbreakers might be a little lost, which is why I detailed this tutorial a lot.

Now there are a few known issues with Yellow Sn0w and I highly recommend you either read my previous post about it, or go directly to the Dev Team's blog.


1) If you are on tmobile USA you should disable 3G in Settings or sbsettings. 2) YellowSn0w does not work with a SIM PIN. You  must disable your SIM card pin lock.

At any rate, I would really appreciate it if you could digg this post, then write a comment, then go to the Dev Team's blog to thank them for their great work.

iPhone 3G Unlock Is Now Available

Yellow Sn0w, the soft unlock created by the Dev Team is now available from Cydia or Installer. Instead of rewording what the Dev Team has to say about it, I will simply copy/paste their entire post from their blog.

I don't like copy/pasting large amounts of texts from other sites, but in this case, I find it really necessary. I really recommend you go over to the Dev Team's blog, read the post from there, and write a nice thank you comment.

For those of you that don't care about the fine prints, here are the repos for Yellow Sn0w. Cydia source: Installer repo:

I will be writing a guide wrote an iPhone 3G unlock tutorial on how to unlock the iPhone 3G using YellowSn0w.

Again, please make sure to visit the Dev Team's blog and thanks these guys for spending New Year's Eve behind a computer screen so everyone can have an unlocked iPhone.

From the Dev Team Blog:


The unlock works exclusively with baseband 02.28.00. This baseband is provided by the latest firmware update (2.2) from Apple.  You’ll need to upgrade to this release using iTunes and then use QuickPwn to activate etc. There are plenty of tutorials about this on iclarified, bigboss, and other established tutorial sites.  Because it works on 02.28.00, it is available to everyone on the planet.  This means we don’t need to unnecessarily expose holes in earlier basebands, which is an important concern. The application is a small daemon that is launched on boot.  It injects the payload at boot and also whenever there is a baseband reset.  You won’t notice anything about it other than that your third-party sim now works.  It’s a small program and unobtrusive.  There is no GUI (this is by design). You can add the application using the sources outlined below (coming soon). There are Cydia and Installer sources available, so use whichever you are comfortable using. yellowsn0w is completely removable through Cydia, the command line, and iTunes.


There is a known issue with SIM cards that have STK (SIM Toolkit) application menus.  These menus are usually items such as “top up” “get credit” “lotto numbers” etc. These menu items confuse the application sometimes.  Removing and reinserting the SIM once after reboot (give it about 10 secs 60 seconds (with v0.9.1) after you see the slide to unlock widget) fixes this issue.  We’re working on a better fix. For those of you using SIM cards without STK menus, the application has some optional arguments that will make the unlock much faster for you.  So either experiment on your own (use “yellowsn0w -h” for usage) or wait for a customization writeup. After you install yellowsn0w via Cydia, you should return to the Cydia main menu then reboot your iPhone with the 3rd party SIM installed.  Wait for the slide to unlock screen, then wait 10 or 15 secs more.   If you don’t see your carrier name pop up, then remove your SIM, reinsert it, and wait 10 secs more.  This is the step we’ll be working on eliminating next.


The application is version 0.9 0.9.1.  This is considered beta software, you use it at your own risk. You know the score. The application is released on a non-commerical basis.  Please do not accept pirates and scummy ripoffs of this software. We license this software for single use and in a non-commerical environment (meaning you can’t charge for it). The techniques and methods used are not to be used by third party companies. We are watching you Jody…we won’t be so forgiving this time. Direct linking to the repository URLs is prohibited, please only link to this post. We will be checking referers. Happy 2009 and enjoy!

The iPhone 3G is used all over the world with all sorts of SIM cards, and we almost certainly will see untested and unexpected situations.  If the soft unlock doesn’t work for you on day 1 (literally day 1, of 2009!) then please don’t panic or be impatient.  This is new territory for everyone, so enjoy the ride as much as you can :)


Cydia source: Installer repo:


Soon you’ll see yellowsn0w 0.9.1 in the repos.  It uses a much longer delay to let your SIM card initialize.  If you have problems with 0.9.0, try this one and wait a full minute after you see homescreen, then reinsert sim card.  We need both success and failure reports to tune this across the world, so please be patient (but please also report result!) If you are in the U.S. and are trying this with T-Mobile, you must turn off the 3G switch in Settings.  Also if you are good with the command line, you can make it much easier by adding the line <string>-q</string> right after the /usr/bin/yellowsn0w line in /System/Library/LaunchDaemons/org.iphone-dev.yellowsn0w.plist  (that’s and advanced tip, hopefully someone will make a boosprefs type of tool for it) No PIN support yet. Remember how we said this was beta?  Well we’re still working out the flow for SIMs with PINs enabled.  Please disable any PIN you may have on that SIM before trying yellowsn0w, for now. The unlock will silently quit on anything other than baseband 02.28.00. It detects the wrong version and just quits to avoid any damage.  Please double check your Modem Firmware setting in Settings->General->About.

Mobile Crunch Interview With Dev Team Member Pytey

Mobile Crunch published a nice interview with Pytey, one of the preeminent Dev Team members. Interviews with Dev Team members are very rare and I suggest that you have a look at it if you're remotely interested in jailbreaking and unlocking your iPhone. The interview obviously evolves a lot around the awaited Yellow Sn0w, supposed to be available today.

Here is my favorite part of the interview:

However, Apple places restrictions on what you can run on the device. They impose draconian restrictions on the type of application that you can run, they don’t allow applications to run in the background and they even restrict the applications by subject matter or if they compete with their own applications. If I buy a device I want to be able to do what I want with it, if that involves gambling or looking at an application that involves porn then so be it. The real estate agent who sold me my house doesn’t knock on my door every month to check what pictures I have hanging on the walls, so why should Apple have this right?

Earlier this month, I published a translation of another interview with Pytey.

Breaking News: iPhone 3G Unlock Will Work For All Basebands

Earlier today, the Dev Team published a post on the blog with some strange binary codes that won't mean anything to anyone that doesn't speak geek fluently (I don't!). I completely disregarded this post as I thought it was a pre-message for tonight's release of yellow sn0w, the new unlocking tool that will be available sometimes today through Cydia.

However, a tweet from twitter user Yellow Sn0w got me all excited when it said that it will be safe to use yellow sn0w on any firmware. Tweeting back and forth with him, I was directed to a blog post of his that actually explains the full meaning of the binary codes posted by the Dev Team.

Here is his explanation:

In binary that message translates to vtaber 61060174. vtaber translates to "ignore" and the 61060174 means post# 61060174 on the iPhone DevTeam blog.

Hoping that this is true...