There’s a new iPhone 4 unlocking method, which achieves a full unlock using only a Turbo SIM card. Gevey has released a SIM Interposer which can unlock the iPhone 4 with any baseband (o2.10, 03.10 & 04.10) by force activating the baseband using the emergency dialer.
Basically, Turbo SIM spoofs the IMSI number and authentication key (Ki) supplied by the SIM card to the network, allowing locked phones to be used on any mobile network with which they are technically compatible. It copies the information from your AT&T SIM card and then the SIM to carrier of your choice. This allows the Turbo SIM to append on your carrier SIM, and apparently gives you full calling, SMS capabilities.
What does it mean to Unlockers?
It works if A.your network handles 112 calls properly according to the GSM standard; B.they are tolerant to TSMI spoofing and does not actively validate your SIM again for incoming calls.
Unlike its ancestors, the i4 SIM interposer is not a drop-in-and-forget device. The exact precedure must be performed should the device restart, lose reception for an extended period of time or move to another PLMN. In all these situations the TMSI expires and has to be obtained again. Theoretically it is possible for a daemon to automate the process similar to ZeroG, but that only makes thing more convoluted.
It is, without question, unethical or downright illegal to use the technique anywhere 112 is a legitmate emergency number. Not a huge issue in China where the number is only used for informative purposes and the networks cannot be bothered to fix the issue.
All firmware/baseband combinations for the i4 up to iOS4.3 are vulnerable, however the exploit may be patched in any future software updates or via the carrier. If apple can influence providers to block Cydia it is not impossible for them to press them to fix the exploit. The only way to permanently unlock your baseband is NCK.
SIM interposer should not harm your phone hardware, however your network could request IMEI and identify your device during the emergency call. Your identity cannot be faked and it is possible that they will ban your account. There is a reason why SIM cards remain legally the property of the service provider: you are not supposed to tamper with them without breaching contract.
Notwithstanding all the problems, SIM interposer does not cause any battery drain since it is only active transiently, nor would it cause signal loss because it does not change cellular transmission other than the initial validation step.
Appelnberry has confirmed that Gevey SIM works and will be available from March 18 or 21 to all countires except China. The Gevey Turbo SIM cards are available only in China and not available in European or American markets.
From the tweet:
Yes it WORKS. The website to buy GEVEY SIM is http://applenberry.com on March 18 or 21. We will ship to all country except China. It is currently also available on ebay.
Musclenerd from Dev Team when asked about Gevey SIM did not deny it completely, but said that the exploit they have used cannot be used by Dev Team. He even replied to users when asked about Gevey SIM’s credibility:
Question: have u seen Gevey sim to unlock ip4 ?
Answer : sim carrier cards have a long/mixed history with iPhone (often hit&miss), so it’s too early to tell. I have 3 or 4 older ones. For reference though, google: Turbo SIM. In its day, that was a nice programmable SIM interposer board.
Question: a lot of UL victim is going to pay for that TurboSim if u can not give a clue be4 weekend and we have no idea if it ll damage
Answer: back during the iPhone2G SIM interposer days, they never did damage (they were just always hit & miss)
Question: so u mean the gevey sim may work or may not??? on what criteria does the hit & miss depends???
Answer: unlike software unlocks, SIM interposer can take advantage of bugs in SIM Toolkit (STK). Too early to tell if this does that.
Question: So it’s less likely you guys can make a SW unlock using the trick that gevey uses? (of course if we assume gevey works.)
Answer: right….hardware SIM interposers can’t use any bugs that we can, and we can’t use any bugs they can.
( similarly, there are known bugs that could unlock your i4 if you had an OpenBTS setup. all 3 of these interfaces to the BB have different (exploitable?) bugs: AT /dev interface, SIM (STK), cell network (OpenBTS)
right …. Hardware SIM interposer can not use any bugs that we can, and we can not use any bugs they can
veeence has also answers some of the doubts related to the authenticity of the Gevey SIM but me mentioned that he has no idea how this Savay SIM works.
This Gevey SIM seems to work via TMSI spoofing through emergency calling (112). I’m not quite sure if this legal in other countries than China.
But older TurboSIM’s Seemed to work like this as well; spoof info (dial 112) and then abruptly switch back to true TMSI to connect to cell.
If you are tired of waiting for software based unlock, you can get this mod to unlock your iPhone 4. However we wont recommend it due to its legal status. The reviewer also suggests to wait for the 40-bit NCK hack for iPhone 4 by the iPhone Dev-Team.
Click On Ads To Buy Gevey SIMs