Okay, this article is an attempt to answer some people who asked “What’s the difference between iLiberty+, iPlus and ZiPhone ?” The versions referenced in this article are: iLiberty+ 1.2.0.65, iPlus 2.0b, ZiPhone 2.2. For iPlus and ZiPhone, I didn’t try any further versions ever since the development of iLiberty+ so it might not be accurate for the latest version.
Working Model
iLiberty+ and iPlus use the same working model:
GUI or CLI uploads payloads to device, then boots a customized ramdisk, the ramdisk does jailbreak and setup AFC for iPHUC/iBrickr, then setup a master script for later operations, when device is rebooted, master script takes control and executes the payloads one by one to finish the other operations. This model is called “2-pass procedure”.
This model offers the most reliability and flexibility.
On the other hand, ZiPhone uses a different working model:
CLI boots a customized ramdisk, the ramdisk does all jobs. There’s no payload concept in ZiPhone because all stuffs are on the ramdisk. This is a “1-pass procedure”.
Difference Between Two Models
As you have seen, there’re 2 models here: 1-pass and 2-pass. I’ll try to describe the cons and pros of the two models.
1-Pass Model
In 1-pass model, all stuffs are stored in the ramdisk, so ramdisk has to finish all the jobs by itself. If the operating system is stable, this will not be a problem. But two reasons limit this model and makes it un-extensible:
Ramdisk Size
You may have already known the ramdisk size cannot exceed 32MB, this is a hard line that you can’t cross, no matter what you want to do with ramdisk, you can’t make it exceed 32MB, this makes it impossible to do some jobs.
Memory Corruption
According to the technique used in booting customized ramdisk, the memory will corrupt if you try to allocate alot of memory during the operations. This can be easily re-produced by trying to extract some large files.
With the above two restrictions, the 1-pass model is obviously a dead-end. With the new firmwares / baseband updates coming, more and more files need to be added into ramdisk, and it’ll eventually reach the 32MB limit. Even all the files can be arranged into the ramdisk, the memory will eventually be used up due to the large request of memory.
2-Pass Model
The 2-pass model also uses the ramdisk, but in a smarter manner which solves the 2 problems in 1-pass model.
Ramdisk Size
In 2-pass model, ramdisk does little (almost nothing) jobs so it doesn’t have to contain many files, actually, if nvram is not required, the ramdisk size can be as small as 5MB or so.
Memory
In 2-pass model, all the real jobs are done through payloads in the real working operating system, so there’ll be no memory corruption issue. The payload can allocate as much memory as it needs without worrying about the corruption as the operating system memory management will deal with it.
Conclusion
From the above comparison it’s easy to tell that 2-pass model is better than 1-pass model. But the 1-pass model can be used in other situations, for example, it’s possible to create a small emergency ramdisk to fix the potential failure during the 2-pass model execution. So iLiberty+ and iPlus win this turn.
Unlocking Methods
Although the theory behind unlocking methods are the same in all three tools. The implementations are different. Technically, there’s no difference when unlocking a phone with bootloader 3.9, but for unlocking a phone with bootloader 4.6, things are different.
ZiPhone
When ZiPhone sees bootloader 4.6, it downgrades it to 3.9 stock version automatically. As far as I can tell, there’s no way to raise your bootloader 3.9 stock to 4.6 at the time of this article is written. So when you have used ZiPhone on a bootloader 4.6 phone, your phone will stay in 3.9 forever unless new method is found.
iPlus
iPlus takes advantages of the bootloader 3.9FakeBlank (by DevTeam), when it sees bootloader 4.6, it downgrades it to 3.9FB automatically. Since this operations is reversable, you may later upgrade to 4.6 or 4.6FB (also by DevTeam) with special software utility.
iLiberty+
iLiberty+ goes further than ZiPhone and iPlus, it utilizes the advantages of 3.9FB as well as gunlock, it can unlock a phone with bootloaders 3.9, 3.9FB, 4.6, and 4.6FB.
For bootloader 4.6 and 4.6FB, iLiberty+ doesn’t automatically downgrade it, it lets user make his/her own decision. If the user doesn’t check “Downgrade bootloader” option, then phone will still be unlocked, baseband will be changed to 04.02.13 after unlock. If the user does check the “Downgrade bootloader” option, then bootloader will be downgraded to 3.9FB first then unlock, and baseband version will not change after unlock. iLiberty+ also uses 3.9FB to downgrade bootloader when asked so it’s reversable as well.
Conclusion
Since iLiberty+ and iPlus gives user a chance to revert back to bootloader 4.6, they both are the winner in this turn.
2-Pass Models In iLiberty+ and iPlus
Although 2-pass models and payloads are used both in iLiberty+ and iPlus, they are arranged in a different manner.
iPlus
In iPlus, all payloads are packed into a ZIP file, there’s only one script to control all the payloads execution, this makes the whole thing tightened together. But if you want to add payload into it, you have to do it in such a way:
1. Prepare the new payloads
2. Modify the master script to process the new payload
3. Repack the payload to add new payloads and update the modified master script
When you want to distribute your modified (update) version, you have to offer the new ZIP file, since all payloads are packed into this single ZIP, its size will be huge when many payloads are bundled. So for a user that only needs some of the functions, the other parts of the payload is simply useless. For example, AT&T users tend to use only jailbreak and Installer, but they still have to download the whole thing even if most of the contents are not necessary to them.
When this comes to online-update system, there’s another problem. Some people (like me :) are on slow and sometimes unstable links, they can’t update because the update package is too large to download on such a link.
iLiberty+
Now let’s turn to iLiberty+, it tries to utilize the flexibility of iPlus but overcome the disadvantages that the single payload brings. iLiberty+ is designed with the theory:
Make the package as small as possible, and let user choose to download what they want
To achieve the above goal, iLiberty+ is constructed with 2 totally independant parts: the GUI and the payload.
The GUI offers an interface for user to choose what they want, then pack the selected contents into a single ZIP and upload, then boots the ramdisk, its job is done after this.
The payload does the real magic, to make it more flexible, each payload is specifically designed to do only one particular job. So if you want to activate, unlock, and have Installer settled, you have to choose three payloads.
For example, as an AT&T user who wants to jailbreak and install Installer, all he needs to do is selecting Installer and clicking Go (because jailbreak is implied in ramdisk), and he doesn’t need to download anything irrelevant to his purpose.
In fact, if iLiberty+ is distributed without any bundled payload, its size can be reduced to as small as 2MB (without ramdisk) or so. But since most people who uses iLiberty+ are tend to use Jailbreak, Activation, Unlock, Installer, etc. I have packaged these most common payloads into the Setup which raises the size to some 20MB.
The payload distribution in iLiberty+ is relatively easy:
1. Prepare the new payload and its script
2. Put the payload and its script into payload folder under installation folder
As you can see, it has nothing to do with those already-made payloads. You don’t have to distribute a huge modified payload, you just need to add the new payload. This makes the online update easier and more efficient.
Notes
I hope the above descriptions have answered the question asked by some people who care about how the tools they’re using work. There’re some issues, bugs, confusion in the current iLiberty+ and I’m trying to locate and update the application. I hope you understand this is not a commercial application and I and all other developers are doing this in spare time, so please just give me some time, the problems will hopefully be solved one by one eventually.
If there’s anything I missed in the article, please don’t hesitate to comment.
47 Comments
Hi George,
Phone : 112 46
My iPhone has “No Wi-Fi and Bluetooth Unavailable (00:00:00:00:00:00)” problem.
Unlocking Methods my friend tried on the iPhone
Downgraded to 1.1.1, AppSnap, OkToPrep 1.1.2, Upgraded 1.1.2, 112JB (Conceited)
followed by iUnlock, AnySim (All Versions) and gunlocked (on the same day when he released)
It was unlocked on that day (thanks to GeoHot), ever since it had “Bluetooth Unavailable” issue
and yesterday I tried iLiberty+ (Fix bluetooth,Wi-Fi … payload) and then this “No Wi-Fi” issue appeared.
( DFU - Restored 1.1.4 and Tested Your iLiberty+)
Is there any solution available to this solution? If yes, please provide me the solution.
The Fix is trying to force an unlock even when baseband does not exist, it was designed for 04.04.05 (as described in payload), if the eeprom is not corrupted, this will hopefully bring back the corrupted (or empty) baseband, but if the eeprom is corrupted, there’s no way to fix it atm. The no signla/wifi/bluetooth problem is annoying, we’re still working on a better solution.
The Fix does the following things:
1. Assume it’s a BL3.9 and try unlock it (04.04.05)
2. If the above step fails, it assumes it’s BL4.6 and try downgrade BL to
3.93.9FakeBlank3. Try unlock again (04.04.05)
In many cases, this will bring back the baseband but I can’t guarantee its effect as I never had a *real* broken phone, some tests are done by other people.
Congratulations to U and AViegas (from India)
Phone is working perfectly (except Wi-Fi and Bluetooth)
Even Wi-Fi worked perfectly till I tried iLiberty+ (with Fix Bluetooth payload)
DFU - Restored 1.1.4 - iLiberty+ ( Jailbreak, Activate, Unlock with 3.9FB, Installer and Fix Wifi …)
still the same problem.
Shall I try BL downgrading (it’s on FB)? (or) wait until some one finds a way to fix this problem ? (I can make/receive calls/sms)
Really appreciate you writing this, it’s very informative, thank you. :)
Hi, can you explain the differences between ijaibreak and these All-in-one suites, thanks!
guccio, there’s no difference in all jailbreaks, /etc/fstab gets replaced, thats it.
vkram, the Fix payload cannot guarantee a fix, we’re still trying a better method.
Hi George (Thanks for taking time to replying to my post)
DFU - Restored 1.1.2 - Followed by - DFU - Restored 1.1.4 (my iPhone with Bluetooth/Wi-Fi issue)
then what ? (above mentioned phone)
My Signal appeared !!!
I’m able to receive/make calls, even when my iPhone says only emergency calls !
Any answers ?
Hi.
Excelent work, but at the moment I have a problem, When i install Libert+ make jalibreak and activation, but when try “unlock”, in the screen appear:
Found 3.9_m3s2
10 seconds to abort
If i continue, the process appear like unlocked, but the result is the same, only accept AT&T Sim card, if i put other carrier SIM Card appear like “No Service” and a red point appear in the phone icon:
I have tried, reset Network Settings, All Settings.
before executing Liberty+, I do itunes restore.
After all of the process, everything is working, but not is unlocked.
The info of my phone is:
Model: MA712LL
Ver: 1.1.4 (4A102)
Modem Firmware: 04.04.05_G
3.9_m3s2
excuses by my badly ingles
Thnx
My iphone loose signal all time. the wi fi and bluetooth are okay, only cell phone loose signal, some times take signal some times loose
how can i install the payloads??? i check the payload box but no have buton to install
Hola George.
iLiberty unlock is compatible with original IPSF?
@Vikiram, if you’ve got signal but still in emergecy mode, then your phone has not been activated, just try activation, no need to unlock because it’s already unlocked.
@nes0x, if it failed before unlock, then the unlock was not even executed so the phone is still locked. Are you sure there’s no other error message before Abort in 10 seconds ? And which app are you using, iLiberty+ or iLibertyX ?
@Christian, in theory, iLiberty+ should not conflict with IPSF as it uses a modified gunlock to do the trick. I tried on my BL3.9 phone with GeoIPSF long time ago, but I didn’t get a chance to try on a real IPSF, nor did I try bootloader downgrade on IPSF because I didn’t even have BL4.6.
@Alexandre, if you’re talking about the payloads listed in Downloadable tab, it’s in the next update, not work atm. For current version, you’ll need to manually download the payloads and put into payload folder.
Hey George thanks for this great tool, I have a question by using gunlock is iLiberty+ making backups of the original baseband before the unlock??
If so then how are we able to restore to original locked status?? Or is that just not possible??
@Diego, baseband doesn’t need to backup because it’s in firmware. I took the following steps to restore to locked state (I’m on BL3.9):
1. Reflash baseband to a previous version, say 04.03.13
2. Enter DFU and restore to latest with iTunes, it will reflash the baseband and lock it
@George, you are right I meant to say backup of the NOR seczone. To my understanding gunlock will modify the seczone to accept xxxxx as NCK right (same as IPSF)? Then how can reflashing the baseband relock the phone without writing a backup of the original seczone?
thanks pal
@Diego, no, gunlock will unlock and downgrade baseband to 04.02.13, it doesn’t touch your seczone. GeoIPSF does the IPSF-alike unlock though. There’s no way (as far as I know) to restore IPSF without recovering with the original seczone. iLiberty+ doesn’t use GeoIPSF.
George,
Thanks for straighting things out on my mind I got confused with the names of the unlocks. Sorry my bad.
Thanks for your work on this.
Two things I am unclear on:
1) Can iLiberty+ be used to unlock an iphone so I can develop on it with the official Apple SDK?
2) Can I used a pre-paid SIM in the phone? What if there is no SIM - does the non-phone functionality work?
Just unlocked a new phone using Ziphone to 1.1.4. Everything seems to be working fine except for the incoming call (area code) problem. For a limited time I will not be able to use WIFI or edge or any other tool to connect to the net for installer to work. Is there any way I can install apps and games using windows and also rectify the incoming caller id problem?
如果在standard中够选了avtivate,unlock,还需要在advanced中再够选一次相应的payload吗?两者有什么不同,同时勾了会怎么样?
不好意思,写英文的水平比较烂,用中文直接问了:P
@RoGeRcHu, the new iLiberty+ revision has fixed the bug, now when you check the Standard options, payloads are automatically added into the Selected tab under Advanced. Please update to the latest version, it has the ability to download missing payloads directly in GUI.
Hello and thank you for your excellent work on iLibertyX! I just got a phone from the States and wanted to use with a European carrier. I admin not reading a lot on the subject of activation-unlocking-jailbraking so I ran ZiPhone 2.6b. It worked, eventually, but now I discovered that the bootloader is 3.9_m3s2. Does that mean I am STUCK with that bootloader? When restoring and running iLibertyX, I checked “Unlock with 3.9FB” but I got an error like a previous poster, “10 seconds to abort”.
(a) when we have bootloader 3.9_m3s2 is there a way to go to 3.9FB?
(b) although the Modem Firmware is reported to be: 04.04.05_G why do you have “Reflash EDGE/WiFi” as payload? What do these do, exactly?
Many thanks –K.
@Konsti,
(a) it’s already answered in the article.
(b) you don’t need it if you only need to unlock your phone, that’s why it’s in Advanced tab.
Thanks George for your quick reply! I just wanted to confirm (sigh) that ZiPhone irreversely downgrades to (original) bootloader 3.9 [3.9_m3s2] and doesn’t even warn about us!
(a) if we want to jailbreak, activate and unlock a recent US iPhone for e.g. European providers, will we need to “Reflash EDGE/WiFi” too? It seems there are a couple versions around, perhaps you can be more explicit if you know what these versions do and don’t… In what is 04.04.05_G different to version 04.03.13? With mine (16GB ex-4.6BL) at 04.04.05_G I can connect to WiFi… didn’t try EDGE, yet.
(b) if Apple ever releases an update that also *includes* a bootloader upgrade, will we be able to upgrade, too, you think? I mean, is there any sense for Apple to upgrade the bootloader? Will it work with phones that used ZiPhone and iLibertyX?
Thanks again, K.
@Konsti, (a) you dont need that Reflash thing in normal cases, it’s there just as an attempt to fix some phones that have baseband issues, this fix is not guaranteed to work though. if your phone works fine, no reason to reflash it. (b) Apple will not upgrade bootloader through iTunes update, you need more Google :)
Hello George and all people here, I think I have good news regarding the “forced” bootloader downgrade,, and a solution to revert:
http://wikee.iphwn.org/sgold_bootrom:bootneuter
I would like your opinion, George, and if I use this tool to go back to 4.6BL, can I re-run iLibertyX to unlock/activate/jailbreak my iPhone? Thank you!
Hi George. Thanks for this amazing article. It resolves a lot of doubts in my mind as a new iPhone buyer on the hunt for the best unlock method available. I was wondering if you could update this article with the links that best explain the process of using these methods. I would be very grateful as the internet is full of tutorials and it really is confusing !!
I have just gotten an iPhone from the US (about 10 days back)
Hi all,
In this article you say iLiberty is better than other to unlock the iPhoneI.
with a iPhone with bootloader 4.6, iLiberty let user to choose downgrade to 3.9 or leave 4.6.
But I don’t understand what option is better. (Perphaps I need more technical information, but I dont find anythig about this)
Regards
@terminus, actually I said iLiberty+ gives you more choices and let you decide, not like others that go for it without even asking. Cons and Pros of bootloaders? Sorry, that’s out of my scope, I can’t think of anything better than googling.
George, thanks for developing this great tool.
I have one question. I used Iliberty+ to jailbreak/activate/unlock the phone and installed some payload I need. If I want to add more specific payloads, how should I set up the tool? Can I just check the payloads and click “Go for it”? Or I have to check “activate” and other options in standard tab?
Many thanks!
@Bill, in iLiberty+ everything is a payload except the GUI and Ramdisk. So activate is a payload, unlock is a payload, etc. A payload is a payload, it does what it’s designed to do independantly, so if you wanna run a payload, just check it and Go for it, no need to check others.
Note: Jailbreak is special because it’s the essential of all hacking, thus it’s always checked to ensure further opeartions can go w/o problems. There’s no side effects jailbreaking for multiple times.
I have an 1.1.2 OTB iphone upgraded to 1.1.4 and unlocked
Now my iphone freezes all the time wheen its sleep and go to the activation screen.
I have tried to downgrade to 1.1.1, 1.1.2, 1.1.3 but the problem persist.
Any ideias ?
I believe the firmware is corrupted, I tried to flash from 4_04_05 to 4_02_13 and 4_01_13 but did not solve…I`ve already tried to reset network settings and the phone freezes too
If I try to use wifi or make calls the phone resets and freezes at start up screen
=(
Hi I was wondering if this is compatible with an iPod touch 16 gig.
I am very paranoid about this but using iLiberty+ seems to be the safest method
and most reversible method so i was just wondering if it is compatible
and how to do it for an iPod touch 16gig version.
Thanks
Hi evertbody, i’ve got a question, when i gonna jailbreak a 1.1.4 oob, can i choose some payload the first time or do i have to choose next time?
george,
thanks for taking the time to explain all these differences in a clean article. great job.
i ordered a new iphone yesterday but i’m not sure what to do in order to jailbreak / unlock / etc. will the new phone have preinstalled firmware that prevents me from doing what i need to do?
do you have an article listing how to make a new iphone better (without losing any of the existing functionality the phone ships with?)
reading about the phone and wifi not working has me worried that i could break the new phone on day one if i’m not careful.
thanks for the advice and article links
george..
i jailbreak my iphone 1.1.4 using ziphone 3.0 since then my bluetooth is not working it shows that is paired but just dont work…
how can i fix this??
and many times when im on a call the screen stays black even when im done…need to hit the home buttom couple times..
thanxxxx
Hi all,
after jailbreaking by using iliberty and after adding the connection’s password, I can’t connect with the wifi, it give a messag says ” unable to join the network”
(I have the latest iphone 16GB)
Because, Iphone without wifi = 0
Any help appreciated
Thank you
George,
I am having problems with my iphone. I accidentally upgraded it to ver.1.1.4. and got locked. Before it was upgrade i was able to use wifi but after the upgrade and unlocking it with unlock tools, i can’t use the wifi. It says you’re not subscribed to EDGE. Can you help me out? Thanks.
since the article was written, has a key been found for BL4.6?
i am having problems with my wifi connection on my phone it keeps logging itself out, or just dropping the connection, then after a few attempts at on/off it will freeze. resulting in not being able to download 3rd party apps. can anybody help me?
i have a otb.1.1.2 (modem firmware 04.04.05) problems started after uograding to 1.1.4 using ziphone (after jailbreaking with dev team method) i have also tried restoring and starting afresh with iliberty+ but i have the same problem.
ps. i see a lot of people have the same or similar problem, so if their is a fix out their i would appreciate a heads-up.
PE-ACE
pps. thanx so far!
Hi all,
I recently unlocked and jailbroke my iphone using iliberty+. The unlocking and jailbraking process was a breeze and everything turned out well. However, when I went to check my music I noticed that all of my music and videos had disappeared…and when I went to plug it into iTunes it shows all the space that the music and videos took up as used by “other”. While running iliberty+ I noticed that one of the things the software did was “relocate” some files. Did my music and videos get relocated by the software? If so, how do I go about accessing them again?
- D
The iLiberty is the ultimate program to jailbreak unlock and activate.
because in ziphone the jailbreak is not working. And many more bugs.
Thanks to George Zhu for this incredible prog. ^_^
George,
I bought my iphone in november of 2007 with version 1.1.1. I used IPSF to unlock it and then I upgraded to 1.1.2 and then to 1.1.3 and I have to run the annoying signal.app. Now I want to upgrade to 1.1.4 but I want to forget completely about IPSF and signal.app. Is there a way to start from scratch? Erase everything on my iphone and then re-do the unlock via iliberty or ziphone or any other method? Can I restore my iphone via itunes to 1.1.4 and then use iliberty to activate, jailbreak and unlock and not use signal.app? please help me, it seems people are forgetting about those who first unlocked with IPSF.
Thank You
hi, everyone….i need help…when i was go to do jailbreak to my ipod touch 1.1.4version…with ZIPHONE..and they start to say “”BSD root : md0, major 2, minor 0” and i can’t do nothing…they don’t close and i can’t do nothing..somebody to help me..
Hello George,
i must admit, i’m not a computer whiz. where can i download iliberty+ and will it install the Installer app. and will there be any problem wit my phone, and u sure i can restore in itunes. Thanks a lot.
Hey george.. great work! thanks for the product.. you guys did a great job..
I have a slight issue.. i’m over seas.. internet is beyond sluggish, I can barely keep a steady dsl connection up! and have a bricked phone.
Originally had it unlocked with ziphone firm 1.1.4 — I decided to update it to 2.0 (i know i know) and could it get it unlocked with any util on the net (although i did read a thread somewhere indicating that the unlocked status will remiain the same.. unfortuantely, i bricked it and now I’ve reverted back to 1.1.4 yet I can’t jailbreak the phone. i’ve tried iliberty yet the phone gets stuck at the recovery mode and iliberty will not detect it going into the mode thus timing out all the time.
PLEASE someone help me.. I’m stranded in EGYPT and been without a phone for almost 24 hours.
I have bought your program in order to unblock mine iphone. but I do not succeed you can help me? thanks