SYSSEC: September 2007 Archives


September 1, 2007

These guys claim that they have a program to unlock the iPhone. For those of you who aren't mobile phone wonks, here's how things work. In principle, the iPhone can work with two networks in the US: AT&T (formerly Cingular) and T-Mobile. Sprint and Verizon use a different cellular technology. The iPhone uses the European standard, GSM. One of the nice features of GSM is that the caller's information is contained on a chip called a Subscriber Identity Module (SIM). This has two implications:
  • You can move your number from phone to phone by moving the SIM.
  • You can move your phone from network to network just by putting the appropriate SIM in your phone.

For our purposes the second property is more interesting, because it allows consumers to mix and match phones and networks, forcing mobile phone carriers to compete on the basis of network quality rather than of who offers the coolest phones. Obviously, phone companies would prefer not to have to compete on these grounds; if you have to pay for a new phone whenever you want to switch carriers this disincentivizes switching. 1 One technique for stopping switching is to SIM lock the phone. The carrier (or more likely the vendor) programs the phone so it only works with a SIM from that carrier. However, generally the information about how to unlock the phone leaks somehow and it's pretty common for there to be third-party unlocking services. Sometimes the carrier will even do it for you; T-Mobile will if you've had the phone for more than 90 days.

This brings us to the topic of the iPhone. The iPhone is sold at the Apple store (and, of course, the AT&T store, but you have to be kind of nuts to go to the AT&T store) but SIM locked to AT&T. Naturally there's been some interest in unlocking it. An unlocked iPhone could also be used with T-Mobile in the US (a modest advantage in terms of coverage but a big advantage in terms of price) but could also be used with a non-US carrier.

A number of different techniques have been found for unlocking the iPhone (summary here) but all the readily available ones are either expensive (requiring some new hardware) or somewhat scary (opening it up and soldering some stuff). As noted above, there have been claims of software-only solutions but as of yet there doesn't appear to be any such software publicly available. Obviously something like this would be better than having to screw with the hardware.

This is all a basically separate issue from the question of running arbitrary software on the iPhone. As everyone knows, the iPhone is a closed platform, so, unlike your computer, you can't (officially) just load whatever software you want onto it. That protection has been broken for some time now (see here) and I have several friends who are running arbitrary software on their iPhones. Of course, it may be the case that being able to break that protection is important to making a software unlocking solution work. I don't think we'll know that till we see such a solution in action.

Oh, one more thing: the only people who claim to be offering unlocking software intend to sell you the software. However, I would expect that very shortly after such software is released, it will be reverse engineered and a free solution will be produced.

1. An additional complication is that in the US, at least, many carriers subsidize the initial purchase of the cell phone and require a contract with a cancellation fee, but that's just another way of making you pay to switch.