Tuesday, July 24, 2007

Searching for the Network Control Key

Every SIM card has a unique IMSI (International Mobile Subscriber Identity) number of between 14 and 15 digits. The first three digits are the MCC (Mobile Country Code) and the next two or three the MNC (Mobile Network Code).

The iPhone's baseband radio's firmware is locked to only work with SIM cards with IMSI numbers starting with the digits 310410, i.e. Mobile Country Code = US* and Mobile Network Code = AT&T.

According to the iPhone Dev Wiki the radio firmware can be unlocked with the AT command:


where xxxxxxxx is a number specific to each iPhone. I suspect - although the wiki does not say so – that the "specificity" is based on the unique IMEI number that every GSM phone has, including the iPhone.

The x's are the NCK (Network Control Key). Brute-force can't be used most notably because "there is a limit of 3-10 unlock attempts per phone, after which the firmware will "hard-lock" itself to AT&T".

Of course someone at Apple or AT&T holds the cryptographic key to calculate the NCKs. If you are buying your iPhone in France Apple or AT&T will be legally obliged to use that key to calculate a NCK based on your iPhones IMEI.

(*) the US actually has 7 country codes: 310, 311, 312, 313, 314 and 316. I wonder what the story behind that is?

Friday, July 13, 2007

Unlocked iPhone - harder than initially thought?

It's been two weeks since the iPhone launch and despite wild rumors and some real progress, no one has – at least publicly – managed to unlock the iPhone SIM-lock to AT&T.

As reported here the iPhone will be released un-simlocked, at least in some countries.

In the meantime I'm scrounging the forums looking for breakthroughs that I'll report back here.

Friday, July 6, 2007

iPhones in France - law says they must be unlocked

In the United States mobile phones may be unlocked but phone operators are not legally obliged to assist you.

In France however, according to a by-law passed on the 17th of November 1998 (text, scan), phone operators are obliged to unlock your phone, for a cost during the first 6 months of a contract but for free after the initial 6 months.

All three operators have lost civil lawsuits citing this by-law: Bouygues Telecom in April 2000, France Telecom Orange in January 2002 and SFR in October 2002.

Vivre le iPhone! Vivre la France!

Thursday, July 5, 2007

iPhone Development Project: 2 down, 6 to go

Only five days since the iPhone release and the iPhone Dev Wiki has reached 2 of its 8 goals:

  1. Break DMG Password (Done)
  2. Break Activation (Done(
  3. Download a Faked dmg
  4. Unlock Phone
  5. Run Third Party Applications
  6. Allow DUN/Tethering
  7. Remove IMEI Transmitting
  8. Enable Disk Mode

I'll be watching the fourth in the list, and will report any findings here in this blog.

Update 7 July: links to iPhone Dev Wiki removed on request so as to reduce their server load.

Monday, July 2, 2007

Why the iPhone should be unlocked and SIM-Free

There's a great article over at allaboutsymbian entitled Unlocking the Mobile Phone: Why we need to go SIM-Free.
It explains why myths such as "Phones need phone network operators, that's why they have unusual pricing arrangements" is simply not true. Well worth reading!

iPhone Hack Unlock Thread

I'll be following the Consolidated iPhone Hack Unlock Thread on hackint0sh and reporting back here with any breakthroughs.

It's my feeling that the hackint0sh community stands a good chance of being one of the first to unlock the iPhone.

Here's where they stand today:

The iPhone SIM, once activated seems to work fine in unlocked and newer and older AT&T/Cingular phones that are locked. Other AT&T/Cingular SIM cards will not work until activated with iPhone plans. They connect, can't dial. iTunes will let you activated it. Non AT&T/Cingular SIM cards will not work at all.
So, this phone has almost a double-lock on it. You have your standard GSM subsidy lock, but you also have some sort of mechanism that is tying the SIM card to the phone.

Unlocked iPhones for Belgium?

It will be interesting to see what Apple does if and when the iPhone is sold in Belgium as, according to Wikipedia:

Belgium doesn't allow networks to sell locked handsets

Know of any other countries where this is the case? Please feel free to comment.
Update 11 July 2008: OK, The Register and Wired have the story 1 year after you saw it here ;-)

All about SIM Locks

Wikipedia has a great page on SIM locks, covering "Types of SIM locks, "Laws on SIM locking" and "Unlocking technology".

Looks like the iPhone has a service provider lock (SP-lock) to AT&T that:
[...] ensures that the handset is only used with SIM cards for the same service provider that marketed the handset

Bad news Apple chose AT&T:
However, some providers, including the former AT&T Wireless, never unlock handsets, even after a customer has fulfilled their service contract.

Bluetooth needs unlocking too :-(

Gizmodo reports that Bluetooth can't be used for file transfer, Bluetooth printing, or headset streaming. My guess is that it won't be usable as a modem either, sigh.
So not only do we need to find a way to unlock the SIM card from the iPhone, now we also need to unlock the Bluetooth. Eeeks!

Sunday, July 1, 2007

First unlocking services available

With the the iPhone just released, Gizmodo reports that iphoneunlocking.com are "beta testing" a iphone unlocking service and that arstechnica has the story.
I guess time will tell whether these business are legit.
Thanks Robert for the tip!