Adios AT&T – Adventures in jailbreaking an iPhone 3GS

I’m temporarily very very technologically happy… And it’s mostly because I can put AT&T behind me. Adios AT&T aka Awful Telephone & Technology co. Hello T-Mobile.

I’ve been itching to make the switch for a while, but my better half uses an iPhone and the jailbreaking thing has always seemed rather convoluted.

First things first, for those that don’t know…

Jailbreaking is the process of eliminating Apple’s almighty control over your iPhone. Once jailbroken, you can make all kinds of changes that Apple won’t allow and install all kinds of applications Apple won’t approve.

Carrier Unlock is the process of eliminating AT&T’s unholy grip on your iPhone. Once unlocked, it will run on any GSM-based network. In the US, that means T-Mobile. If you ever travel abroad, it means more or less any carrier in the world except parts of China.

Simply put, you cannot do a Carrier Unlock unless the iPhone has been jailbroken.

Fair enough. Oh, and I’m going to say upfront:

a) Back up your iPhone before you try this
b) Be afraid as things can go wrong
c) Be patient for the same reason
d) If you’re not up for google-whacking to get answers, don’t try this at home

and last but not least:

no, I can’t help you if you get stuck!

Anyway, on with the fun. The model I’m working with is a late model iPhone 3GS. The phrase “late model” is key. When you look at the Serial Number (listed under Settings -> General -> About) you’ll see it starts with 5 digits followed by a letter. The last two digits before the letter are the week of manufacture. If it is a number bigger than about 40 (opinion varies slightly) it is a late model device. The bad news is that jailbreaking a late model device can be messy as Apple changed the device’s firmware in an attempt to thwart the hackers.

My first successful jailbreak was using blackra1n (ooh, sounds very Hackers, doesn’t it). This is a simple enough app — you download it to your Mac/PC, plug in your iPhone and run the app. The phone reboots to a rather un-Appley boot screen and seconds later you’re jailbroken.

There is however, a caveat. If you have a late model device, you end up with what is called a “tethered jailbreak”. This is cunning hacker-eze for “not the dream you were looking for”. If you ever have to reboot your iPhone, it has to be connected to a computer with Blackra!n in order to boot. If your battery dies, or the phone crashes, and you don’t have a laptop/desktop handy, you’re stuck without a phone.

However, Blackra1n does install Cydia, which is rather handy. Imagine Steve Jobs has a stoner/hacker/anti-the-man brother (or sister) that creates their own version of the iTunes app store, and you have a good idea of what Cydia is. It contains all kinds of useful goodies that can be installed, from settings to carrier unlocks to applications Apple won’t approve.

So after a tethered boot, I fired up Cydia and installed Ultrasn0w, which is a carrier unlock from the infamous DEV-TEAM (the folks behind much of the iPhone hackery that goes on).

Once you’ve done that, you’re free as a bird. Grab a paper clip and stick it in the tiny hole next to the headphone jack to pop out your old SIM card (a tiny card with a chip about half the size of a stamp that tells the network what your number is) and drop in the new one. You’re now free from AT&T!

Well, almost.

You need to set up some network settings for data access, switch on data roaming and then set up your MMS settings if you want to send photos with texts. T-Mobile are pretty helpful over the phone, but the MMS stuff is a bit tricky. More on that in a minute.

So everything more or less worked, but the jailbreak was tethered. And sure enough a couple of times the phone ran out of battery and had to be re-connected to my laptop.

So ever the adventurer with a fondness for technological screwups, I decided to try something new. I restored the iPhone 3GS to its original state and then updated to the shiny new OS 4.0.1 from Apple.

Since I had backed everything up first (you did do that, right?), restoring all of my apps and photos was easy. Just hit the Sync button in iTunes and leave the phone alone for a while.

Minor bump in the road: when you do a full restore, the phone needs to be activated. This REQUIRES an AT&T SIM card and AT&T service. Fortunately I haven’t shut mine off yet, so a quick SIM swap and a reboot and all was well.

Probably best to switch on wi-fi and connect to a network at this point.

The next step relies on a rather nasty security bug discovered in Adobe’s PDF file format. I won’t bore you with the details, but by simply visiting a website you can Jailbreak your iPhone running iOS 4. Again, the website is http://www.jailbreakme.com.

Just fire up Safari on your iPhone and go to the Jailbreakme.com site. Slide the button and it will start the process. It was all very easy and only took a few minutes to complete.

Better still, it is an untethered jailbreak. No more rushing for the laptop after a reboot.

The jailbreak installed Cydia, so once it had completed, I simply downloaded the Ultrasn0w package again and swapped SIM cards. Happily unlocked and running on T-Mobile.

But you’re not done yet. Two things left to do.

  1. Fix data access to T-Mobile’s network
  2. Set up MMS

The data access stuff is easy. Go to Settings -> General -> Network and switch on Data Roaming. Then select Cellular Data Network and next to where it says APN type in epc.tmobile.com. That’s all you need to do.

Bear in mind that you will not be able to get 3G speeds on T-Mobile. They use a different frequency to AT&T so it simply won’t work.

Now MMS is a bit tricky and I had to try a bunch of things to make it work. I’m not sure if all of these steps are necessary or not… I was able to pretty quickly get the iPhone to send MMS messages, but every time it tried to receive a message, it produced an error stating that the media content wasn’t included and implying that the incoming file was too big.

The combination that seemed to work for me was as follows.

Go here:

http://modmyi.com/forums/t-mobile/656651-t-mobile-usa-carrier-bundles-bluetooth-internet-mms-tethering-2g-3g-3gs-4-a.html

Scroll down until you see the following link:

DOWNLOAD T-Mobile US iOS4 1.1.1 IPCC

Click the link, download the zip file and unzip it. In the list of unzipped files, you’ll see a README.txt file. Read this carefully. I installed the ipcc file for T-Mobile Prepaid.

After doing everything the README says and rebooting, I could send MMS without a problem, but receiving was still broken.

The last step is to go here:

http://modmyi.com/forums/general/719997-media-content-not-included-help.html#post5353764

and read post #3.

Fire up Cydia on your iPhone, select Manage -> Sources -> Edit -> Add and type in:

htttp://beta.leimobile.com/repo

Then hit Done and select the LEIMobile Repo from the list. Scroll down until you see T-Mobile 4.0 MMS Fix, select it and install it.

One more reboot and you are done.

It’s not for the faint-hearted, but freedom from AT&T is a beautiful thing…

P.s. Please note that the security hole that Jailbreakme.com uses is a doozy. I cannot imagine it will be very long before Apple updates iOS to block it as it is a very real security risk. But I’m equally sure that the crafty hackers will figure out a way to break whatever they come up with.

1 comment for “Adios AT&T – Adventures in jailbreaking an iPhone 3GS

  1. Tanner Lovelace
    August 12, 2010 at 11:10 am

    "I cannot imagine it will be very long before Apple updates iOS to block it as it is a very real security risk."

    Nope, not long at all:
    http://www.macrumors.com/2010/08/11/apple-fixes-i

Comments are closed.