Baseband version. Baseband Hacking: A New Era of Smartphone Hacking

Below you will read about how to find exclusively 100% original copy your first check!

For lately I received many messages asking for help in certain issues related to unlocking Apple iCloud Activation Lock.
I hasten to answer you all right away here - on the pages of my blog.
Many people ask where to get the original receipt for the first purchase and what is it?
The answer is - this is the most common cash receipt if you bought your device in person at the store. For example, when purchasing Apple iPhone in the store Apple Store You will definitely be given such a check and it will look something like this -

About iOS iCloud Activation lock- one more time!
Since Apple launched its security iOS features Activation lock has been around for a long time and this option has proven to be quite reliable. The content of the Apple website has also changed significantly regarding iCloud usage Lock. The conditions for the official unlocking of iOS iCloud Activation lock from Apple have radically changed.
All these factors, as well as letters with questions about how you can actually disable iOS iCloud Activation lock on iOS devices, prompted me to write this article. Below you will get detailed description How can you independently and completely officially disable it on your iOS device iCloud Activation lock. After this procedure, your iPhone - iPod - iPad will work absolutely fully without any nuances in use. This is especially true for devices with a modem module, such as iPhone and iPad with 3G.

Security researcher Ralf-Philipp Weinmann says he
found a new way to implement mobile devices- using a fake
base station and vulnerabilities found in the firmware of chips sold
by Qualcomm and Infineon Technologies. Weinmann will demonstrate hacking on
example, both iPhone and Android devices, this week during
Black Hat conference in Washington.

Previous mobile hacking attempts have affected the phone's operating system
or other software, but this hack focuses on intruding into
telephone processor, which is the equipment that sends radio signals and
receiving them from telephone towers.

Details of Baseband hacking

In reports

IDG News Service and
, this new hack is described in detail. In short, this
a highly technical process that requires the installation of a fake telephone tower
to communicate with the target device. In recent years this has been an impossible task
due to the enormous costs - tens of thousands of dollars. But now, thanks to the new
open software called
, any
can install a tower for $2,000, which is equal to the price of computer equipment.
Mobile companies are also making necessary equipment more accessible by
providing consumers with femtocells (low-power and miniature cellular station
communications designed to serve a small area - one office or
apartments) in an attempt to expand mobile coverage. Femtocells such as 3G MicroCell
from AT&T, even less expensive; AT&T equipment costs only $150.

To carry out the attack, Weinmann installs a fake transceiver, which
used to send malicious code using a radio signal to
target device. The code exploits a vulnerability discovered in GSM/3GPP
phone baseband processor stacks. Weinmann says that such organizations
as GSM Association and European Telecommunications Standards Institute
(European Telecommunications Standardization Institute) not even
considered the possibility of this type of attack.

Should I worry?

In addition to the costs of this particular type of hacking - it is still
quite expensive - the code that Weinmann wrote is unique,
because it requires deep knowledge of the chipset device and only some hackers
quite a lot of people know about this, says the IDG report.

Essentially, Weinmann was able to set a new vector of development in the field of hacking
smartphones, open up a field of activity that is currently being explored by little
number of researchers. In August, for example, Chris Paget demonstrated
spoofing attack at the Defcon hacker conference in Las Vegas, after receiving
permission for this from the US Federal Communications Agency at the last minute.
Weinmann's followers will probably be able to continue his work, but it will take
enough time.

In other words, this is still a growing area for hackers.

It's too early to talk about the variations of this new baseband hacking technique
hacking, but on at the moment security experts say that
The general public shouldn't have to worry about attacks like this in the near future.

According to Sophos security consultant Graham Cluley, "If
would someone like to spy on your conversations on mobile phone, it would be
it's easier to trick a user into installing an application that
is a spy, or get physical access to a mobile phone for
installation of spyware code," he said. "I would be surprised if someone
made every effort that this researcher suggests for this purpose.”

Bootloader is not BaseBand or Firmware.

BOOTLOADER:
Versions: 3.9, 4.6

What is it?

The iPhone has at least two bootloaders. One is called "ARM Core Bootloader" (ARM is the iPhone processor), it refers to the operating system. We are interested in the bootloader, which is called "BaseBand Bootloader". Additional information about bootloader functions will be enabled soon.

A bootloader is a loving mother who goes into the iPhone's room when it turns on. She wakes him up, gets him out of his crib, and gets him ready for school. Its main function is to make sure that the iPhone wakes up before getting out of the crib; that the iPhone got out of the crib before going to the shower; that iPhone took a shower before getting dressed and that iPhone got dressed before going outside. Without a bootloader, the iPhone would be dozing at the bus stop in wet pajamas, waiting for the bus.

Bootloaders are responsible for ensuring that when the iPhone boots, it does everything it needs to do and in the right order.

Like people, iPhone has one mother for life. If you bought an iPhone with bootloader version 3.9, then you always have it, no matter how many upgrades you make.

Of course, there are cases when people have a stepmother. Some people have gone from their 4.6 mommy to a 3.9 mommy. We hope that if your iPhone did this, you know about it.

Why is this important?

The version of your bootloader determines the type of unlock possible for you. Because 3.9 is a liberal and open-minded mother, it will allow developers to do whatever they want during loading. This makes the phone accessible.

Bootloader 4.6 is much stricter. Mrs. 4.6 is confident that her iPhone will grow up to become President and she controls everything he does (or doesn’t do). For example, 4.6 does not allow recording of a BaseBand that fails validation.

In order for BaseBand (explained below) to pass validation, you need secpack. Imagine that this is a secret word that children and parents came up with in case the uncle suddenly wants to pick up the children from school. Without the secret word "secpack" it is impossible to record a hacked BaseBand on your phone. And without hacking BaseBand it is impossible to use the unlock method that is used in ZiPhone. To somehow combat this, ZiPhone and Independence offer you a divorce from your impenetrable mother 4.6 and give you in return kind mommy 3.9.

If you still want to live with mom 4.6 (because you also want to become President), then you will have to use the so-called soft-update method, which installs software updates in the OS, but does not change the BaseBand. This method is sometimes called a hybrid unlock.

What do I have?

iPhone unlocking methods mainly target “BaseBand Bootloader”. There are versions 3.9 and 4.6. Initially, iPhones came with Bootloader 3.9. If your firmware was version 1.1.1 or earlier, you have 3.9. If you bought an iPhone in 2008, you most likely have 4.6.
In any case, if you used ZiPhone, then you have version 3.9 Original.

BASEBAND:
Versions: 03.12.06_G, 03.14.08_G, 04.01.13_G, 04.02.13_G, 04.03.13_G, 04.04.05_G

What is it?

BaseBand (hereinafter referred to as BB) is an iPhone briefcase.

BB controls the interaction between the telephone part of the iPhone and the operating system. In most cell phones, the IC chip is separate from the phone's main memory and processor. We don't know if this is the case with the iPhone. BB is one of those things that Ms. Bootloader checks when she wakes up her iPhone.

Whenever the iPhone connects to cell towers - for voice or data - it works through BB. The BB is also responsible for the operation of the SIM card and for receiving the signal.

So why did Apple do this? Why did Apple create a secure, hard-to-reach and closed piece of hardware to store phone functions?

Obviously, in order for it to be protected, difficult to access and closed. More reasons? Because that's how cell phones work. Every modern cell phone there is BB. These functions are separated for the same reason that computers have separate audio and video cards - to ensure stability.

When iPhone goes to school he has to take something with him. He needs notebooks, a ruler, a calculator, a folder, etc. BB has it all. As many of you know, you can take away a student's schoolbag without causing death. Your BB may not work, but your iPhone will work - although in this case it will look more like an iPod Touch.

You may think that you are making a call when you dial numbers on your iPhone. Wrong. You create a chain of instructions. By clicking the "Call" button you are transmitting these instructions operating system, and she passes them on to VV. BB turns off EDGE/GPRS, sends a message to the cell tower to start a call, sends it to the tower telephone number, waits for a response signal ("Busy" or "Free") and, as soon as the connection begins, it turns on the microphone and speaker of the phone. Since BB knows how to do all this, the iPhone can only say “Call this number” and wait for an answer. He doesn't need to use his comparative powerful processor to do such mundane things.

Why is this important?

At this point, this is important because it is the difference between having and not having the Find Me feature in Google Maps. In the future, other functions may rely on the updated BB. So far, “Find Me” is the only “new” feature of BB.

Remember - BB handles all communications between cell towers and the iPhone OS. There is a chance that the phone always receives data about its location from the towers - that is why programs like Navizon work. But with version 4.03.13_G, Apple added code that simplified the process. Navizon is probably looking for the coordinates of the towers in BB. From version 4.03.13_G and higher, the Apple program just needs to ask “Where am I?” BB does all the work and sends coordinates in response.

What do I have?

FIRMWARE:
Versions: 1.0.0, 1.0.1, 1.0.2, 1.1.1, 1.1.2, 1.1.3, 1.1.4

What is this?

Firmware (hereinafter - FW) is our schoolboy, iPhone. That's all he is, his soul. This is its operating system.

Let's look again at what we've already read. When you turn on the iPhone, Mommy/BB begins to wake up and prepare the student/Firmware for school. She ensures that all morning procedures/Services are completed. She equips and gives the briefcase/Baseband to the student/Firmware and sends him to school.

FW is very flexible. Today it includes the iPhone core, Springboard (desktop), all its applications, WiFi, Internet functions, etc. Through FW, Apple can and does change a lot of things.

Why is this important?

Shaky icons and web applications, sending SMS to multiple numbers, "Find me" in Google Maps and SDK (already!). Knowing your FW version is important in order to keep abreast of events around Jailbreak and Unlock. With each new version In-demand features and applications appeared that forced people to upgrade - or be killed for fear of losing compatibility with third party applications or unlocked SIM cards after updating.

What do I have?

Your version appears in iTunes whenever you connect your iPhone to your computer. Look in the Summary tab.