Results 1 to 16 of 16

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: MuscleNerd Explains Evolution of the iPhone Baseband and Unlock at Hack in The Box 2012

  1. #1
    Default MuscleNerd Explains Evolution of the iPhone Baseband and Unlock at Hack in The Box 2012


    In the video above MuscleNerd of the iPhone
    Dev Team explains the evolution of iPhone baseband and Unlocks since the phone’s inception back in 2007.

    The audio may be poor (ok it is surprisingly horrendous), but the subject matter is incredibly interesting. The 43 minute presentation contains a bevy of information, but the main points MuscleNerd covers include:

    Baseband ROP: Overview of the role ROP plays in software unlocks like yellowsn0w and ultrasn0w. Comparison to ROP on the main Application-side CPU (jailbreaks). Why ROP wasn't even necessary on the first generation of iPhones.

    Software Unlocks vs. Hardware Unlocks: How iPhone software unlocks differ from those using hardware SIM interposers. Which layers of the baseband are exposed to each, and how the exploit development environment differs. Description of even more radical hacks like baseband chipset retrofitting and what Apple has done to prevent them.

    iPhone4 DEP: How Apple implemented DEP with specific hardware changes on the iPhone4 baseband, and what went wrong. How ultrasn0w was made to work despite aggressive hardware-based DEP.

    Operating Systems: So far, Apple has used 3 completely different baseband operating systems in the iPhone line. Description of which parts Apple tends to customize and why. Comparison of past and present custom command parsing.

    Infineon vs. Qualcomm: Discussion of the transition from Infineon baseband chipsets to Qualcomm chipsets. Comparison of the older serial-based AT interface (still used on many other handsets) to the USB-based QMI used by the iPhone4S.

    Activation Tickets: Detailed description of the "activation ticket" Apple uses to authorize use with specific (or all) carriers. How activation tickets interact with the traditional PIN-based NCK codes. Contrasting activation tickets and baseband tickets.

    Baseband Tickets: Details on how Apple authenticates software updates to the baseband. Comparison of baseband tickets to "ApTickets" that Apple now uses on the main Application CPU to control software changes. Why baseband tickets provide even strong protection than ApTickets. The role of nonces in both the baseband and main application CPU.

    iPhone4S: What we've learned so far about the iPhone4S baseband. Overview of changes Apple has made to the original Qualcomm bootrom. How the iPhone4S baseband boot process differs from most other Qualcomm-based handsets. Which features the iPhone4S baseband has in common with other handsets and which have been removed. Description of the current attack surfaces, and comparing iPhone4 vs iPhone4S hardware-based protection mechanisms.
    Definitely worth the listen. It’s always interesting to see Dev Team members and other members of the iPhone community outside of their screen names and Twitter handles. Sometimes, especially in our impatience, we forget that these are real people and not faceless coding machines with lives outside of delivering the latest Jailbreak.

    Source: HITB [via iClarified]

  2. #2
    Last paragraph so agreeable! Some people are always like "just make the jailbreak!" like it's easy or there life's duty to exploit an iphone

  3. #3
    Wow, Musclenerd knows how to deliver a good speech in plain English!

    I originally clicked the link just to put a face to someone whose work I respect, thinking it would be too technical to follow, but I got interested and watched the whole thing because he was easy to understand.

  4. #4
    I lasted ten second into that video. Too boring, and msucle (fat?) nerd sounded very nervous.

  5. #5
    Quote Originally Posted by billmilo View Post
    I lasted ten second into that video. Too boring, and msucle (fat?) nerd sounded very nervous.
    It's because of him that people like you can do what you want to your iphones

    I'd be a little bit more courteous

  6. #6
    Quote Originally Posted by billmilo View Post
    I lasted ten second into that video. Too boring, and msucle (fat?) nerd sounded very nervous.
    To each his own... I thought it was cool getting a peek under the hood and learning a bit of how they do what they do.

  7. #7
    Gah, stupid audio. I'd rather read the transcripts

    It's fascinating to hear what they went through to break someone else's code and use it against them, essentially.

  8. #8
    Guess I'm gullible, I always thought his twitter pic was actually him. The photo made his name make sense and since he blocked out the face it also made sense. I thought that's cool someone who's into tech, can program and is ripped.

  9. #9
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    46,595
    Thanks
    6,868
    Thanked 15,287 Times in 7,012 Posts

    Quote Originally Posted by exNavy View Post
    Guess I'm gullible, I always thought his twitter pic was actually him. The photo made his name make sense and since he blocked out the face it also made sense. I thought that's cool someone who's into tech, can program and is ripped.
    Well that photo was probably taken years ago. So he may very well have been "ripped" back then. With age tends to come extra pounds for most. Trust me, I know lol.

  10. #10
    Quote Originally Posted by Simon View Post
    Well that photo was probably taken years ago. So he may very well have been "ripped" back then. With age tends to come extra pounds for most. Trust me, I know lol.
    Haha!

  11. #11
    Quote Originally Posted by billmilo View Post
    I lasted ten second into that video. Too boring, and msucle (fat?) nerd sounded very nervous.

    wow amazes me how ungrateful someone can be..... you may see him as being fat and he sees you as stupid(low IQ) as you are in the head, if this seems boring to you than dont click on it and go back to watching jersey shore.

  12. #12
    just watched the whole video and I have to say this is some seriously intriquing stuff!!! (speaking from a programmer's perspective)

  13. #13
    It would be cool to see him with a pineapple mask 😝





  14. #14
    iPhone? More like MyPhone k3u's Avatar
    Join Date
    Sep 2009
    Location
    Arizona
    Posts
    119
    Thanks
    16
    Thanked 2 Times in 2 Posts

    Haha, like many of you here I was also thinking he would look somewhat ripped and being into tech. However, it really doesn't matter in the end as he is one of the many people who got us where we are in terms in jailbreak right now so props to him for being so nice and making a jailbreak out of his own time. (:

  15. #15
    Quote Originally Posted by k3u View Post
    Haha, like many of you here I was also thinking he would look somewhat ripped and being into tech. However, it really doesn't matter in the end as he is one of the many people who got us where we are in terms in jailbreak right now so props to him for being so nice and making a jailbreak out of his own time. (:
    he's still somewhat ripped.....look at the traps on his shoulders!

  16. #16
    Quote Originally Posted by Jahooba View Post
    Gah, stupid audio. I'd rather read the transcripts

    It's fascinating to hear what they went through to break someone else's code and use it against them, essentially.
    I posted a link to the slides here -> MuscleNerds iPhone Baseband Presentation
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •