Why I jailbroke (unlocked) an iPhone and How

First, the mini <rant>: F-U Apple & AT&T.    You pissed me off this weekend, and I’m a bloody self-admitted Apple fanboy!  Why on earth can’t I take an iPhone and yank the SIM chip and have an effective iPod Touch?  Why doesn’t this work?  Why do you force me to sign up for AT&T or brick the phone?  Why would you both do such a stupid, shortsighted, retarded, AT&T monopolistic thing.   It’s time for the federal government to once again break AT&T up into little bitty pieces that actually serve customers.     While I’m at it, WHY THE F@#& can’t I forward text messages from one phone to another???  I can auto-forward my phone calls, why can’t I forward text messages!  ARGH.  </rant>

Which brings me to the post.  Disclaimer….if you are from AT&T or Apple Legal, then be advised that this entire post is a work of fan fiction from one hell of an angry ‘fan’.


So I have this extra 2G iPhone lying around that was gathering dust (reason #1).   We like to keep it around as a backup, so selling it off on eBay was not an option.    Dagny is cute (reason #2) and always tries to play with our phones (reason #3).  In fact, Dagny has learned how to unlock an iPhone without missing a beat.  She’s so good at manipulating our iPhones that we can no longer let her near them (reason #4) (deleted apps, random dialed calls, removed contacts, etc).

I figured I would simply back up, then do a factory restore on this old 2G iPhone and hand the new baby rattle over.  Without a SIM card, Dagny couldn’t dial out, and who cares what else she did, ’cause I could just restore it over and over.    But that’s where AT&T and Apple screwed me and my toddler over.

AT&T Executives:  “Sorry, consumer.  That phone that you paid $200 for a few years ago is a stupid glass monolithic brick.  You don’t reallly own it…think of it more like an extended $60/month lease with a big down payment.  In it’s current state, it wouldn’t even interest a 6 month old.  Would you like to buy a data plan and a hefty 2 year contract?”

Me: “Screw you, AT&T and Apple.   I’m jailbreaking this thing so that my toddler can play with it the way Geek intended.  After all, the iPhone 2G is a marvelous baby rattle and a baby rattle needs no cell tower access!”

How I did it

Disclaimer:  This post is for informational purposes only….and might even be a work of fiction. Any instructions in here are merely illustrative of what one could do if one lived in a realm free of retarded government regulations, Bristol Palin and AT&T.  Don’t do anything illegal, okay, even if you own the device outright and want it to just f’ing work without needing a 2 year contract to a horrible service provider.

As of November 2010, unlocking a 2G iPhone took about a day of dedication, as the jailbreakers out there don’t actively support the older phones (e.g. the 2G iPhone).  I had to piece some things togther, but managed to get it done with a few tidbits of luck.   Those sneaky details are below.

Step 1:  Gather ye tools

You will need PwnageTool 3.1.5 (the 4.1 line doesn’t support the 2G).    I am told that google has said links to said torrents.  On the mac, Transmission.app is seemingly decent at getting ahold of torrent files.

You are also going to want a copy of the iPhone1,1_3.1.2_7D11_Restore.ipsw file.   The IPSW (iPhone SoftWare) file can also be found around the net.  You could use 3.1.3, but I stuck with 3.1.2 out of blind luck and stubborness.  PwnageTool will take this off-the-shelf .ipsw file and create a custom one capable of unlocking your iPhone.

Step 2: Create your custom .ipsw file

I then followed a great post on iClarified on how to use pwnagetool to unlock your 2G iPhone. The most important step here is to use the Expert setting and make sure that openSSH is installed with Cydia.   We’re going to need this later to fix some Cydia crap.   I eventually learned that Cydia is like the AppStore for unlocked iPhones, there’s a lot of cool free and paid stuff in there, and it serves as a sort of central distribution point for getting things on and off the unlocked phone.

While I was at it, I installed some other packages. However, not all packages work with 3.1.x and they won’t tell you this until too late, so be careful here.

Now, finish up and create your custom .ipsw file and save it where you can find it.

Step 3: Load your custom .ipsw file

Follow pwnagetools guide for getting your iPhone into DFU mode.  In this mode, iTunes will ask to restore the software, and that’s exactly what we want.   Once again, we’re following iClarified and their sweet post.

So, you’ll launch iTunes and it will ask you to restore the phone.  The little trick here is to hold the option (or “alt”) key down when you click the restore button.   This will get iTunes to ask you for the location to your custom .ipsw file.   Thanks for loading my hacked file onto the phone, iTunes.  You’re like a free piece of music software to me.

Step 4:  Allow your phone to do its thing

This isn’t really a step, but your phone will get all the bits onto it, then it will reboot (with the hacked pineapple logo from pwnagetool) and then it will upgrade stuff for a few minutes and then it will reboot again and you will have an unlocked phone in less time than it took to read this long runon and poorly structured sentence.

Step 5:  Now the fun begins

This is where the instructions leave off, and my possibly fictional help leads you to unlocked bliss.

First, get your wifi connection up and running (just as you normally would).

Second, launch the Cydia app that is on your phone.  It’s slow as a dog, but eventually should show something.    But when I tried to apply it’s upgrades or install packages, I would keep getting error messages, and this is where it got interesting. (If your Cydia app works fine at this point, then there is no reason to read further…)

After much stumbling, re-installing of the .ipsw file, re-tweaking of the installed packages, etc….I pieced together some posts and figured out a sequence of events that mostly worked.

Step 6: Getting Cydia and installed packages to work

First, SSH into your device.  (Under your iPhone settings, to to WiFi and figure out your iPhone’s IP address).  On your mac, launch Terminal.app and type ssh root@my.ip.add.ress

Your terminal will freeze for minutes as the iPhone generates a series of ssh keys.   Eventually you will be asked to accept the fingerprint of the iPhone, and you obviously agree.

The password for this version of pwnagetool/cydia is alpine.  (You can change it from your iPhone’s command line by using the passwd command).

Wow…..you’re in!   If you’re a geek, you are excited by the fact that you are on the command line of your iPhone.   If you’re not a geek, you may never get this far, or are pissed off at having to type commands to get simple things to actually happen

On the command line of the iPhone:

  • su to get to root access
  • dpkg –configure -a to fix the messed up package system
  • apt-get update
  • apt-get install cydia (or  apt-get install cydia –fix-missing)
  • apt-get upgrade

But that didn’t seem to work completely for me.  I kept getting errors from other packages.  The super secret trick.

  • cd /usr/sbin
  • ls -a check to see if there is a file “nvram”.  Most likely it isn’t there
  • touch nvram create a file that apparently was missing in the first place
  • apt-get -f install
  • apt-get -f update
  • apt-get -f upgrade

That did it.   By creating the nvram file, I was able to re-run the other commands and get them to work.  If the “dpkg –configure -a” command still doesn’t work, you may have to remove some packages that aren’t compatible.  At this point, “apt-get install cydia” should work as well.

Step 7:  Final tweaks

I was still getting some Cydia issues when starting the app.  It would get stuck on some repositories, and make the app almost unusable (Dear Cydia, your timeouts are too long.)   First, try to figure out what repositories are not responding (Cydia will typically pop up an error message with the link names that failed).

Now, fire up Terminal.app and SSH into your iPhone.  On the iPhone’s command line:

  • cd /etc/apt/sources.list.d/
  • Depending on the version of Cydia, you will either see one file (“Cydia.list”) or several files.  I had to go through each of the files (using either “more” or “less”) to find the repository in question.
  • rm name-of-file to get rid of it.

Once you re-open/re-launch Cydia, it should no longer look for the repository you just removed.

Living with the jailbroken Baby Rattle

Dagny just loves her new phone.  However, we learned two things quickly.

  1. We desperately needed a soft case on the phone to keep her from chewing on the metal/glass.
  2. Once we give the phone to her to play with….. we don’t get it back!

Making the baby rattle better

I immediately signed Dagny up (using a junk email address) for an iTunes account without a secured credit card).  That enabled us/her to download free apps, like Animal Sounds Free and other age appropriate tidbits.

I also took a little Daddy time and played with Cydia and some of the nice apps out there.  After all, if I can be interested enough to play with a baby rattle, it’s a pretty fun baby rattle.  Note that there are some Cydia apps that supposedly enable backups of unlocked apps to be downloaded through iTunes — this should make restoring a bit easier should something go awry.

Keeping the rattle jailbroken

Once I had Cydia fixed and things stable, I immediately made a backup through iTunes.   Hopefully this will provide a parachute for when Dagny inevitably messes up some key setting.

That said, I also plan to never allow iTunes to upgrade the firmware on the iPhone. This is key to keep things unlocked.

Wrapping it up

Sorry if this wasn’t the most complete tutorial, and I hope soembody finds the last few command line tidbits useful.   After all (1) this isn’t a bad way to get some utility out of an older backup phone that you might have lying around and (2) it was kind of a fun side project.

Leave a Reply