Preparation of iPhone for Testing. Upgrade and Downgrade

In this article, we will touch upon the following questions: iPhone device upgrade and downgrade, key moments of these processes, and also the most frequent problems and possible solutions for them.
Our testing tasks are often connected with iPhone devices of different firmware versions. In this article, we will discuss how to deal with all these tasks having only one device.

iPhone Models

When you need to upgrade iPhone firmware, you have to ask what generation the iPhone device is. There is information about such generations as 2G, 3G, 3GS, and 4G in the Internet. Someone even mentions 1G generation. Each generation has a lot of hardware differences: beginning with processor and baseband chipset (that is responsible for working with network) and ending with manufacturers of NOR/NAND memory and frame. Though, this terminology (2G/3G) is directly related to network generations:

• iPhone 2G – the first generation for GSM networks;
• iPhone 3G/iPhone 3GS – variants for 3G networks.

Four Existing Models on the Market

1. iPhone 2G – the first iPhone model. Its disadvantage is that it needs to be activated or jailbroken. As soon as the phone software is updated, software update for the jailbreaking is available.

Jailbreaking is an operation that must be performed with iPhone in order to get full access to the phone file system. It is necessary to write programs of third-party manufacturers to iPhone and also to handle phone data (such as music, video, contacts, SMS messages, etc.) not only via iTunes official application but also via applications of third-party manufacturers. Sometimes, to make it shorter, it is called jail.

Warning: do not update immediately after the new firmware is available. First, you should look for an available jail program. However, if you updated, you would have to perform the downgrade.

1. iPhone 3G – the second device generation. Beginning with this model, models are divided into American and European devices.

An American device is a locked one; a European device works with any operator.

For European devices: You are lucky if you have such device. You can upgrade the device with no fear that something bad will happen to it. The worst that can happen is that you will like the firmware but there won’t be the jail program for it. But there is always the possibility to downgrade.

For American devices: With the appearance of 3Gs model, Apple did not neglect the previous model but supports it actively. It can turn your phone to iPod in case of firmware updating and absence of jail program.

Warning: Never click Update in iTunes without specifying the availability of jail! It often happens that there is a firmware jail but there is no modem unlocking. This happened with version 3.1.2 (modem 05.11.07) but later, the unlocking appeared. Then, it happened with version 3.1.3 (modem 05.12.01).

We can update to the so-called custom firmware versions with certainty. These are the same original firmware versions but jail is already rooted in the firmware. While there is no unlocking of a new modem version, custom firmware with old modem is often proposed. It is complicated but it is always indicated by the firmware author whether you can use it with “American” devices.

1. iPhone 3Gs – this model appeared in summer 2009 and was jailbroken immediately. iPhone 3Gs model is also divided into “American” and “European” devices.

Warning: A new Apple device could be easily jailbroken. So, Apple started to produce phones with updated loader version. Due to this, the jailbreak procedure is canceled just after the phone reload. Thus, a new term appeared: “tethered jail”. It means that jail is present and it works but only till the first reload. After this, you need to connect the device to the computer and start the phone with the help of the program with which jail was performed. But now, there is a program called Spirit. With its appearance, there is no problem of “tethered jail”.

For American devices: do not update to new firmware before DevTeam allows (jail program authors)!

For European devices: update consciously.

1. iPhone 4G – the fourth iPhone generation of Apple company. Experts have already assumed that this iPhone version will be the “golden standard”. It is all due to the fact that there are more than 100 new functions in a new model.

How to Differ iPhone 2G and 3G

Next, we will examine two models of iPhone devices: iPhone 2G and iPhone 3G. To know what iPhone model you have at your disposal, it is enough to look at it closely. Let’s do it right now:

2G to the left; 3G to the right

For those who are interested in a more detailed description of differences between these two models, the following table is proposed:

	iPhone 2G	iPhone 3G
1	Aluminum Back Case	Plastic Back Case
2	Memory: 4/8 Gb (later, 8/16 Gb)	Memory: 8/16 Gb
3	Edge network	3G network
4	Color: Standard Aluminum	Colors: Black, White
5	No GPS antenna	GPS Tracking
6	4 mm headphone minijack	3.55 mm headphone minijack

Explanations:

1. Due to this, iPhone 2G is heavier than 3G.
2. Launching of applications and loading of web pages is performed 3 times quicker with 3G networks. Also, audio quality of calls is better.
3. As for the 3G model, the version with 16 Gb of memory can be both black and white. Version with 8 Gb of memory can be only of black color.
4. GPS antenna in 3G devices is used for Google Maps and other similar applications.
5. iPhone 2G is compatible only with original Apple plugs for iPhone 2G. Otherwise, you will need to buy the converter.

And now, let’s single out custom groups of models to find out which firmware is suitable for your device.

The following classification on the modem firmware build version (baseband) is rather convenient:

• First, baseband has its own processor and it means that it has its own firmware too. This firmware has nothing in common with iPhone OS firmware and its version.
• Secondly, it happened so that the firmware for baseband changes exactly on the border of generations: either the baseband processor version changes (as between the 1 and 2 generation) or memory or WiFi change (as between the 2 and 3 generation).
• Thirdly, the version is numbered by dates.

That is why, we go to Settings->General->About->Modem Firmware to learn baseband version.

For example, it is 04.05.04_G on our device. There is a classification of basebands by dates (Apple TV/iPad/iPhone/iPod touch Firmware.doc that is attached to the article). In this classification, basebands with such date come only for devices of the first generation (2G) no matter which version of OS they have.

Now we know exactly which iPhone model we have and we can move to the following step, i.e., to the firmware changing itself.

Next, all upgrade and downgrade processes will be examined only for 2G device. So, if you have other iPhone model, wait for the required information in the next articles.

iPhone Upgrade

In the process of upgrade of your Apple device, there are several checkpoints, which we will examine now.

iPhone Data Saving or Backup

When moving to a new firmware, it would be better if you save data stored on your phone. For this, we perform the so-called data backup, i.e., we save the backup copy. The main function of the backup copy is the possibility to restore personal data and iPhone settings parameters. Later, we can load this backup to the phone (restore from the backup copy). So, our data returns to our phone again.

Otherwise, you will get the required firmware but empty phone because the firmware reinstallation returns the phone to default configuration.

We usually use iTunes program to backup data. The backup copy is created by iTunes every time when performing one of the following operations:

• Synchronization with iTunes (automatically at first synchronization and then, at each connection to the computer).
• Updating in iTunes (automatically without the confirmation message).
• Recovery in iTunes (before the start of the recovery procedure, the program proposes to create a backup copy).
• Manual backup copy.

The list of data stored in iPhone backup copy is presented below:

• Various settings: beginning with program settings, including Mail and ending with user settings of the Calendar (but without Mail messages and Calendar events);
• Ganged Bluetooth devices;
• Bookmarks and Safari autofill data;
• SMS and MMS messages, Notes, voice recordings, camera photos and video (except video files larger than 2 Gb, which won’t be saved in the backup copy);
• Settings and data of third-party applications (such as the top scores list in a game) but not the third-party applications themselves;
• Passwords of Mail and WiFi accounts (from the iPhone keychain). These passwords will resume only on the same iPhone device. If you change the old device to a new one, you need to reenter these passwords. Perhaps, you will need to change the password of the voice mail.

The backup copy does not store photos that were synchronized via iTunes, as well as music, and video files. This data is stored in the following locations by default:

• Windows XP: C:/Documents and Settings/(user name)/My Documents/My Music/iTunes.
• Windows 7/Vista: C:/(user name)/Music/iTunes.

To create the backup copy manually, hold down the Ctrl key and click iPhone to the left of the iTunes application window. You can also right click the icon and select Back Up:

To view the list of recent backup copies, select Edit à Preferences à Devices. You will see the list of backup copies with defined dates.

Each backup copy includes date and time when it was created. Old backup copies are not replaced with new ones. But if you are sure you won’t need the old copy anymore, you can simply delete it. iTunes application creates backup files in the following directories:

• Windows XP: Documents and Settings(user name)Application DataApple ComputerMobileSyncBackup
• Windows Vista/Windows 7: Users(user name)AppDataRoamingApple ComputerMobileSyncBackup

Let’s examine the process of recovery from the backup copy in order to have the possibility to return data to iPhone after our manipulations with firmware versions.

We can initiate it in the same way as the backup copy. Hold down the Ctrl key and click iPhone to the left of the iTunes application window or right click the icon and select Restore from Backup. In the opened window, select the backup copy from which you will restore data. Then, click Restore and after a while you receive iPhone data restored from the selected backup copy.

Device Firmware Upgrade

Moving to a higher version of the firmware on the device does not usually cause any difficulties. There are the following official and custom firmware versions for the 2G device: iOS 1.x, iOS 2.x, and iOS 3.x. There are no official iOS 4.x firmware versions for the 2G device because Apple stopped updating firmware versions for this model. But developers keep developing different variants of the custom firmware to get access to the new features of the official iOS 4.x firmware version.

To perform the upgrade, you will need the following:

• iPhone of 2G model;
• Number of the current iPhone firmware version. To check it, go to Setting->General->About->Version;
• iTunes application;
• iPhone firmware to which you are going to upgrade.

For example, for the last upgrade, we used iTunes 10.1, upgrade from the firmware 2.2 (iPhone1,1_2.2_5G77_Restore.ipsw) to the firmware 3.1.2 (iPhone1,1_3.1.2_7D11_Restore.ipsw). There is a connection between iTunes versions and firmware versions on the device. For example, if the device has firmware version starting from 3.0, we will need iTunes version 8.2 and higher to work with it. If we have iTunes with version lower than 8.2, the program will return an information message that we cannot use the iPhone device with the current version of iTunes. In this message, the program specifies the version to which we need to update. Also, iTunes itself can propose to update the firmware on the phone for a newer version.

So, if we have everything mentioned above, we should do the following:

1. Start iTunes;
2. Connect iPhone via USB;
3. Set the phone to DFU.

DFU (Device Firmware Upgrade) mode differs from the Recovery Mode. It doesn’t deal with the iPhone OS and updates the firmware directly. It’s an effective method and it helps to solve such problems as the impossibility to update via iTunes in the Recovery Mode, impossibility to unlock the phone, etc.

To enter the DFU Mode correctly:

1. connect the phone to the computer;
2. turn the phone off;
3. press the Home and Power buttons for 10 seconds;
4. release the Power button and keep holding down the Home button till the computer detects a new USB device. This can also not happen. In this case, hold down the Home button for 20-30 seconds;
5. the phone screen won’t turn on in the DFU Mode;
6. as soon as the phone is set to the DFU mode, you will hear the connection sounds on your computer and see the iTunes message that it has detected a phone in the Recovery Mode.

After the device appears in iTunes, hold down the Shift key and click Restore in iTunes.

In the opened dialog window, select the required firmware.

And that’s all; wait till the end of the process and you will have your iPhone with a new firmware version. After the firmware update, the phone is locked. Next, we will examine how to make that we can use our device again.

Jailbreaking/Unlocking of iPhone – RedsnOw

There are several ways to unlock the Apple device. And these methods differ in the tools that we will use.

We used two tools when unlocking iPhone device with different firmware versions: RedsnOw and QuickPwn. Both remove the binding to the operator on the already installed firmware.

It is important to choose the appropriate version of RedSn0w, QuickPwn, or any other unlock program that is compatible with the version of the firmware we install. We use RedsnOw when working with iOS 3.x;, and QuickPwn when working with iOS 2.x;. Both these tools help to perform our task successfully and will be examined in this article.

Let’s start from RedsnOw:

• You can start unlocking for iOS 3.x.
• You may need bootloaders 3.9 and 4.6

Bootloader is a loader program that starts the system when turning the device on. Check out our another article to learn how to make a bootloader. It’s responsible for making everything that is needed in the right order when iPhone is loading.

• Connect the iPhone device to the computer via the USB cable;
• Start the Redsn0w application (we used the version 0.9.4 for the last upgrade) and click Browse.
• In the opened window, you are proposed to choose the original version of the iOS 3.x firmware (that we downloaded before and used for the upgrade). The program must identify the firmware. Click Next.

• Select the required options. You must select the Unlock option.

• RedsnOw may ask you to define the location for bootloaders 3.9 and 4.6. For 3.9, define the location to the BL-39.bin bootloader; for 4.6, define the location to the BL-46.bin bootloader. Click Next.
• Make sure that the phone is turned off and connected to the computer. If it is not so, first, connect the phone to the computer and then turn it off.
• In the opened window, you will see the instruction on how to move the phone to the DFU mode. The countdown of seconds starts immediately, so be ready to click the buttons.
• So, you need to move iPhone to the DFU mode. To do this, strictly follow the instructions of the program. Be attentive, because the method of moving to the DFU mode in this program differs from that one mentioned above.

• The unlocking process starts automatically. It will also run on the device.
• When the process finishes, you will see the Done message. Also, you will be proposed to wait while the process finishes on the device (till the device is jailbroken).
• Do not touch iPhone until it reloads by itself and you see familiar icons on the display.

The full upgrade process is complete. We have the working phone with a new firmware. Now it’s time to restore the previously saved data from the iTunes backup copy and use this iPhone easily. Jailbreaking with the help of the QuickPwn program will be described in the Downgrade part of the article.

iPhone Downgrade

The following information will help you to perform the quick and easy downgrade of the iPhone device. The matter is that iTunes program can produce some unkown errors here. First, we will examine these errors and possible ways of their solving.

iTunes Errors

There are a lot of iTunes errors. Next, we will examine only main errors:

• Error “9”: restart the computer, then reboot iPhone and move it to the DFU mode.
• Error “13”: disable firewall and anti-virus.
• Errors “20”, “6”, and “2003”: these errors can indicate that we did not set the DFU mode correctly. Sometimes, it is possible to confuse the Recovery Mode and the DFU mode. That is why, such errors are returned. You should wait for a required number of seconds to enter the DFU mode.
• Errors “1”, “2”, “5”, “6”, and “10”: the problem is in the firmware; upgrade it again.
• Error “14”: the problem is in the checksum with the microprogram image that is located in the firmware.
• Error “19”: reconnect iPhone.
• Error “3194”: it appears when you try to upgrade to the firmware that Apple forbade for you phone.
• Errors “1013”, “1014”, “1015”, and other “10**” (except error “1011” – hardware error):  these errors appear when you downgrade/upgrade on baseband that differs from that the firmware has. It does not mean that the restore failed. The error just informs you that the phone firmware does not correspond to baseband. iLiberty/Independence and the kiphone program (patched ZiPhone) for moving iPhone to Normal Mode will help you.
• Errors “1603” and other “16**” are the worst ones. There are a lot of reasons why they appear as well as the ways of solving them. Unfortunately, there is no universal method that would fit each reason. Our goal is to give all alternative ways that we met and that helped us.

The main steps that should be taken if “16**” error appears are the following:

1. connect the phone to another port;
2. restart iTunes several times;
3. let iTunes load the firmware by itself;
4. restart the system;
5. change the user;
6. change the OS (it is recommended that you use clean OS where iTunes was not installed before);
7. change the computer;
8. if another iTunes version was installed on the computer, it can happen that it was not fully uninstalled. In this case, you should uninstall the following items:
   • iTunes;
   • QuickTime;
   • Apple Mobile Device Support;
   • Apple Application Support;
   • Bonjour;
   • Apple Software Update.

Also, it is recommended to clean the registry. After everything is done, restart the system.

Before installing iTunes, rename the iTunes folder to save all your information and music:

• Windows XP: C:/Documents and Settings/(user name)/My Documents/My Music/iTunes – rename to Backup.
• Windows 7/Vista: C:/(user name)/Music/iTunes – rename to Backup.

1. Wait for the number of seconds required for entering the DFU mode, i.e., enter the DFU mode correctly;
2. These errors can also appear when installing the original firmware after the custom one. To solve this problem, do the following:
   • exit the DFU mode;
   • rewrite a new custom firmware with the help of one of the appropriate programs (when the program asks if you performed this before, click No);
   • iTunes must be closed when creating the custom firmware;
   • set the phone to DFU mode and install the firmware via iTunes.

Not all iTunes versions are suitable for downgrade to an earlier firmware. Some errors can appear because of this. Install the newer version of iTunes or roll back to the older one.

And the most important advice: if you did not manage with iTunes errors the first time, don’t give up! Just try all possible methods and one of them will surely work!

iPhone Downgrade

As I have already mentioned, create the backup copy of your data before moving to a new firmware. Remember that it won’t be unnecessary. Main steps of the downgrade process will be the same that we examined in the upgrade process. Perform all this from the beginning to the end. If iTunes returns an error during the process, further actions depend on the kind and reasons of this error. Some small additions are as follows:

• If you cannot perform the downgrade from version 3.1 to version 2.0, try to downgrade from version 3.1 to 3.0, and then, from version 3.0 to 2.0.
• It can happen that the downgrade process started normally, progress bar appeared on the device display and then it suddenly stopped in the middle of the process. When trying to repeat the procedure from the beginning, iTunes returns an error message without number that says it is impossible to perform the operation. In this case, don’t worry, your iPhone is already downgraded!

After the downgrade, the phone is locked. Of course, we can use RedsnOw application again to unlock the phone. But now, let’s examine how to use QuickPwn application for this.

Jailbreaking/Unlocking of iPhone – QuickPwn

To do this, you need to have the following:

• QuickPwn 2.2;
• Bootloaders 3.9 and 4.6

When we performe the downgrade (and then jailbreaking with the help of QuickPwn), we use iTunes 8.1, downgrade from the firmware 3.0 to 2.2 (iPhone1,1_2.2_5G77_Restore.ipsw), QuickPwn 2.2, and bootloaders 3.9 and 4.6.

Then, perform the following steps:

• Start QuickPwn;
• In the first window, you are asked to connect the phone to the computer. This has already been done, click Next.

• In the opened window, define the required iPhone firmware and wait till the Next button is enabled.

• The opened window is intended for defining additional options. Leave everything set by default but check the Unlock phone option. Click Next.

• Define the bootloaders. Navigate to the BL-39.bin file for the bootloader 3.9; navigate to the BL-46.bin file for the bootloader 4.6. Click Next.

• The program asks you to make sure that your phone is connected to the computer via USB. Click Next.

• Next, QuickPwn asks you to perform some more actions:

• First, it moves iPhone to the Recovery mode by itself;
• After that, you will be asked to hold down the Home button for a while (the program will inform you for how many seconds and will display the count-down timer);
• Then, you will be asked to hold down the Home and Power buttons simultaneously (you will be also informed for how many seconds);
• Then, you will be asked to release the Power button and to keep holding down the Home button;
• After that, iPhone will move to the DFU mode and everything will be performed automatically.

• Wait till the process completes.

The unlocking is complete, congratulations! Our device is an unlocked iPhone again and we can use all its functions again and perform testing tasks connected with it.

Conclusion

So, we examined the key moments of iPhone upgrade and downgrade processes: creation of a backup copy and restoring from it, device flashing itself, jailbreaking with the help of different programs. We discovered the most frequent problems while upgrading and downgrading Apple devices and also the possible ways of their solving.

You can find a lot of information about upgrades and downgrades on the Internet, also, there is a lot of software, firmware, iPhone versions, and terminology that can confuse anybody. That is why we tried to combine all existing and required information so that you could receive the expected result. Now everybody who reads this article can perform the iPhone upgrade and downgrade by himself with less time spent but with better understanding of the process. And even if you have one iPhone device, you can perform all tasks connected with it successfully.

Download Apple TViPadiPhoneiPod touch Firmware document (docx, 33.2 KB)

This article is created by our mobile / iOS testing team – now take a look at the articles created by Apriorit iOS researchers, e.g. iOS reverse engineering post.