Difference between revisions of "Talk:XMM6180"

Flash Possibility

Okay, so hypothetically speaking, if I flashed my baseband to 1.59.00 from 3.10.01 while my phone is on 4.2.1 (ONLY 4.2.1 SHSH IS AVAILABLE), it would enter the boot loop because the baseband doesnt meet the requirements for iOS 4.2.1. I am willing to try and flash my baseband in an attempt to downgrade and use ultrasn0w. And if the downgrade was to work and I restored it to a pwned 4.2.1 fw where the baseband update would be neglected, would the boot loop occur? Leobruh 01:20, 10 February 2011 (UTC)!

You can't flash baseband 1.59.00; Apple's not signing it anymore. --Dialexio 02:47, 10 February 2011 (UTC)

Well look at this, http://tysiphonehelp.com/forum/showthread.php?7908-Manually-flash-iphone-to-05.11.07-baseband . I don't know whether or not this could be done to the iPhone 4 but it proves that a manual flash can be used so long as you have the proper firmware ipsw available. I mean if this is possible for the iPhone 4, then I will do it without a doubt. Leobruh 04:05, 10 February 2011 (UTC)!

Device for iPhone 4

Are we sure this is the baseband?

The infineon spec-sheet says "HSDPA/HSUPA capabilities of 7.2Mbps/2.9Mbps".

At the keynote Steve mentioned 5.8Mbps HSUPA. Iemit737 19:26, 21 June 2010 (UTC)

Running "string" on the new baseband files shows "XGold 618" multiple times. --Miketress 19:35, 21 June 2010 (UTC)

Ok, awesome. Thanks for finding this so quickly! Iemit737 19:50, 21 June 2010 (UTC)

Very unlikely it's the 618 after looking at the spec sheet. In case anyone is interested, | X-Gold 616 spec sheet, | X-Gold 618 spec sheet. D235j 21:43, 22 June 2010 (UTC)

Actually, it's the XMM 6180. ebl.fls says so. --oranav 21:56, 22 June 2010 (UTC)

Downgrade

Anybody knows more about the bb downgrade signatures? Or how to backup them like the shsh certs? Or how to use the replay attack here? Actually this is more related to baseband firmware and not to this iPhone 4 hardware. http

The baseband is signed with an AT+XNONCE which is a random string generated on every bootup. Therefore, it is not possible to cache the SHSH signatures with a replay attack. I think this info either belongs on this page because it is specific to its baseband or in a special section on Baseband Firmware. Iemit737 18:18, 16 July 2010 (UTC)

Ah, that's what MuscleNerd meant with "stricter signed". I also found this example. And someone suggested to change iTunes to always send the same string. That would work, but BB wouldn't accept the response. My only idea would be to let BB generate (or store) the same string on every boot (I don't know how though). But even then we would have to backup the signatures at the time they were available. -- http 23:11, 16 July 2010 (UTC)

So how does TinyUmbrella give baseband protection ? ---Whiteshinyapple

It manages to error out the signature for the baseband, that's why you get the 1004 error, not sure exactly how it's done but I'd assume that's how. ---OMEGA_RAZER

I think there's not much to do. When hosts is pointing to Cydia, you also won't get baseband downgraded, even if it would work when pointing to real Apple server. Same should apply for upgrade. Maybe local TSS server from TinyUmbrella just handles error returns better, so that firmware up/downgrade doesn't fail - maybe it just returns an invalid certificate for the baseband, but returns 'ok'. -- http 11:08, 9 September 2010 (UTC)