iPhone 4 baseband 4.10.01, 3.10.01, 2.10.04 is not yet unlockable with UltraSn0w. So, a Chinese hackers team named Gevey have come up with a solution that can unlock iPhone 4 on baseband 4.10.01, 3.10.01, 2.10.04 and 1.59.00 Using Gevey SIM Interposer.
Hit the jump to know more about Gevey SIM Interposer and How to use Gevey Sim to unlock iPhone 4 on the said basebands.
What is Gevey SIM Interposer?
Gevey Sim is an unlock solution for iPhone 4 with baseband 01.59.00, 02.10.04, 03.10.01, and 04.10.01 on iOS 4.0, 4.1, 4.2, 4.2.1, 4.3, 4.3.1, 4.3.2, and 4.3.3. Unlike UltraSn0w, Gevey SIM is a hardware solution, a SIM interposer sits between the SIM card and the Modem to perform a classical MITM. Gevey SIM interposer should always stay in-between SIM card and the iPhone modem in order to stay unlocked.
How the Gevey SIM Interposer Unlocks iPhone 4
SIM card holds many different types of information, but the part most involved with carrier lock is the IMSI number. IMSI (International Mobile Subscriber Identity) which is a unique code that corresponds to your account in the mobile carrier’s database. A sample IMSI might look like this:
310 150 987654321
The first two segments are known as Mobile Country Code (MCC) and Mobile Network Code (MNC) respectively, and in the example above the IMSI indicate the SIM is from USA (310) AT&T (150).
When the iPhone baseband is loaded into memory, it checks the MCC and MNC against its own network lock state stored in the seczone. If the combination is allowed, the cell radio is activated and vice versa. The earliest iPhone baseband revisions only check IMSI twice following a restart, therefore it is very easy to send spoof information in order to bypass the check. Nevertheless, the baseband was soon updated to validate SIM more aggressively and the method soon became obsolete.
Gevey SIM makes use of the emergency number 112 to get the TMSI for your connection. As soon as the network issues TMSI for your connection, Gevey’s SIM interposer finds an acceptable MCC/MNC combination by rapidly cycling a list of IMSI. To prevent your baseband from detecting the fake IMSI, flight mode is Toggled (for a second is enough). This makes your carrier think that your iPhone 4 is factory unlocked.
Spoofing of IMSI and ICCID using an emergency number is unethical or downright illegal. Please note that your carrier may ban your account on account of using false information and tampering with your SIM card.
- It works if A.your network handles 112 calls properly according to the GSM standard; B.they are tolerant to TSMI spoofing and does not actively validate your SIM again for incoming calls. *If your network validates your IMSI on every incoming call, do not think of buying Gevey SIM.*
- Even if your network do not validates your IMSI on every incoming call, the exact precedure must be performed whenever the device restarts, lose reception, or move to another PLMN.
- All firmware/baseband combinations for the iPhone 4 up to iOS 4.3.3 are vulnerable.
- SIM interposer should not harm your phone hardware, however your network could request IMEI and identify your device during the emergency call. Your identity cannot be faked and it is possible that they will ban your account. There is a reason why SIM cards remain legally the property of the service provider: you are not supposed to tamper with them without breaching contract.
- SIM interposer does not cause any battery drain since it is only active transiently, nor would it cause signal loss because it does not change cellular transmission other than the initial validation step.
- Not all carrier will work with 3G services, but all carrier will work with GPRS or EDGE.