|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Bootrom"
(I don't know details, but new bootrom stands for tethered, not untethered) |
|||
| Line 2: | Line 2: | ||
The bootrom (called "SecureROM" by Apple) is the first significant code that runs on an iDevice. The bootrom is unwritable. Finding exploits in the bootrom level is a big achievement since Apple won't be able to fix it without a hardware revision. |
The bootrom (called "SecureROM" by Apple) is the first significant code that runs on an iDevice. The bootrom is unwritable. Finding exploits in the bootrom level is a big achievement since Apple won't be able to fix it without a hardware revision. |
||
| − | + | Certain models, including the [[N72ap|iPod touch 2G]] and [[N88ap|iPhone 3GS]], have different bootrom versions. These are most commonly referred to with the terms "old bootrom" and "new bootrom." These "new bootrom" devices were released after [[Timeline#September|9 September 2009]] and have the [[0x24000 Segment Overflow]] fixed. While the new bootrom revisions have an exploit, the exploit needs the assistance of a firmware-based exploit to achieve an [[untethered jailbreak]]. |
|
| − | + | You might also be looking for [[iBoot (Bootloader)|Apple's stage 2 bootloader]], which also uses the "iBoot" name. |
|
==Check bootrom version== |
==Check bootrom version== |
||
| − | To find out if |
+ | To find out if your [[N72ap|iPod touch 2G]] has an old or new bootrom, the easiest way is to look at the model number. If the second character is "B" (as in "MB533" or "PB533"), your iPod has the old bootrom. If the second character is "C" (as in "MC086" or "PC086"), your iPod has the new bootrom. |
| + | To find out if your [[N88ap|iPhone 3GS]] has an old or new bootrom, the easiest way is to look at the serial number. If the 4th and 5th digits are lower than 40, then you probably have an old bootrom. If they are higher than 45, then you probably have a new bootrom. These two digits show the production week. For refurbished phones and for numbers inbetween, the result is undefined and you have to make the following exact check. |
||
| − | To check your device's bootrom version, you must put your device into [[DFU Mode]]. Make sure it is '''not''' in [[Recovery Mode]], as Recovery Mode does not mention the bootrom version. If you have Mac OS X, go to System Profiler, and under the "Hardware" category, go to USB, and click on "Apple Mobile Device (DFU Mode)." If you have Windows, go to Device Manager, find USB controller, subitem Apple Mobile Device USB Driver. In Properties, Details, select Device Instance Path in the dropdown. The end of the info string will show the bootrom version. |
||
| + | |||
| + | For a more sure-fire way of detecting the bootrom version, you must put your device into [[DFU Mode]]. Make sure it is '''not''' in [[Recovery Mode]], as Recovery Mode does not mention the bootrom version. If you have Mac OS X, go to System Profiler, and under the "Hardware" category, go to USB, and click on "Apple Mobile Device (DFU Mode)." If you have Windows, go to Device Manager, find USB controller, subitem Apple Mobile Device USB Driver. In Properties, Details, select Device Instance Path in the dropdown. The end of the info string will show the bootrom version. |
||
If you're on Linux and have a Desktop Environment setup, install gnome-device-manager and start it. Connect you're device in DFU Mode, search in the left tree-view for "USB Device" and look at Summary -> Model until it says "Apple Mobile Device (DFU Mode)". If it does go to Properties (next to Summary) and search for "usb_device.serial". The end of the String will show you the bootrom version. |
If you're on Linux and have a Desktop Environment setup, install gnome-device-manager and start it. Connect you're device in DFU Mode, search in the left tree-view for "USB Device" and look at Summary -> Model until it says "Apple Mobile Device (DFU Mode)". If it does go to Properties (next to Summary) and search for "usb_device.serial". The end of the String will show you the bootrom version. |
||
| Line 15: | Line 17: | ||
== Revisions == |
== Revisions == |
||
===[[S5L8900]], used in the [[M68ap|iPhone]], [[N45ap|iPod touch 1G]], and [[N82ap|iPhone 3G]]=== |
===[[S5L8900]], used in the [[M68ap|iPhone]], [[N45ap|iPod touch 1G]], and [[N82ap|iPhone 3G]]=== |
||
| − | * [[?|iBoot-596.24]] (was reported on my [[N45ap| |
+ | * [[?|iBoot-596.24]] (was reported on my [[N45ap|iPod touch 1G]] in DFU mode, but is probably wrong) |
===[[S5L8720]], used in the [[N72ap|iPod touch 2G]]=== |
===[[S5L8720]], used in the [[N72ap|iPod touch 2G]]=== |
||
| Line 26: | Line 28: | ||
===[[S5L8922]], used in the [[N18ap|iPod touch 3G]]=== |
===[[S5L8922]], used in the [[N18ap|iPod touch 3G]]=== |
||
| − | * [[iBoot-359.5]] |
+ | * [[iBoot-359.5]] |
===[[S5L8930]], used in the [[K48ap|iPad]], [[N90ap|iPhone 4]], [[K66ap|Apple TV 2G]] and [[N81ap|iPod touch 4G]]=== |
===[[S5L8930]], used in the [[K48ap|iPad]], [[N90ap|iPhone 4]], [[K66ap|Apple TV 2G]] and [[N81ap|iPod touch 4G]]=== |
||
| − | * [[iBoot-574.4]] |
+ | * [[iBoot-574.4]] |
Revision as of 19:24, 25 October 2010
Introduction / old+new
The bootrom (called "SecureROM" by Apple) is the first significant code that runs on an iDevice. The bootrom is unwritable. Finding exploits in the bootrom level is a big achievement since Apple won't be able to fix it without a hardware revision.
Certain models, including the iPod touch 2G and iPhone 3GS, have different bootrom versions. These are most commonly referred to with the terms "old bootrom" and "new bootrom." These "new bootrom" devices were released after 9 September 2009 and have the 0x24000 Segment Overflow fixed. While the new bootrom revisions have an exploit, the exploit needs the assistance of a firmware-based exploit to achieve an untethered jailbreak.
You might also be looking for Apple's stage 2 bootloader, which also uses the "iBoot" name.
Check bootrom version
To find out if your iPod touch 2G has an old or new bootrom, the easiest way is to look at the model number. If the second character is "B" (as in "MB533" or "PB533"), your iPod has the old bootrom. If the second character is "C" (as in "MC086" or "PC086"), your iPod has the new bootrom.
To find out if your iPhone 3GS has an old or new bootrom, the easiest way is to look at the serial number. If the 4th and 5th digits are lower than 40, then you probably have an old bootrom. If they are higher than 45, then you probably have a new bootrom. These two digits show the production week. For refurbished phones and for numbers inbetween, the result is undefined and you have to make the following exact check.
For a more sure-fire way of detecting the bootrom version, you must put your device into DFU Mode. Make sure it is not in Recovery Mode, as Recovery Mode does not mention the bootrom version. If you have Mac OS X, go to System Profiler, and under the "Hardware" category, go to USB, and click on "Apple Mobile Device (DFU Mode)." If you have Windows, go to Device Manager, find USB controller, subitem Apple Mobile Device USB Driver. In Properties, Details, select Device Instance Path in the dropdown. The end of the info string will show the bootrom version.
If you're on Linux and have a Desktop Environment setup, install gnome-device-manager and start it. Connect you're device in DFU Mode, search in the left tree-view for "USB Device" and look at Summary -> Model until it says "Apple Mobile Device (DFU Mode)". If it does go to Properties (next to Summary) and search for "usb_device.serial". The end of the String will show you the bootrom version.
Revisions
S5L8900, used in the iPhone, iPod touch 1G, and iPhone 3G
- iBoot-596.24 (was reported on my iPod touch 1G in DFU mode, but is probably wrong)
S5L8720, used in the iPod touch 2G
- iBoot-240.4 "old bootrom"
- iBoot-240.5.1 "new bootrom"
S5L8920, used in the iPhone 3GS
- iBoot-359.3 "old bootrom"
- iBoot-359.3.2 "new bootrom"
