[xDroid]

Many of us saw the member of Hackulous called "CodeBlue" post on BigBoss about his "way to downgrade to a lower firmware without SHSH blobs". Saurik and Semaphore have both tweeted and posted saying this is impossible, as BuildManifests do not contribute to the SHSH request (CodeBlue's method changed the BuildManifests). Semaphore's post reads below:

Quote

Monday, August 30, 2010
Downgrade 4.0.2 -> 4.0.1: Of Myths and SHSHs
EDIT: Given the sheer number of people that are getting lucky with having their SHSH's on file with Cydia, I cannot stress enough how important it is to at least try to save your SHSH for 4.0 and 4.0.1. Remember to make sure Cydia is selected because Cydia is where your SHSHs would be. Who knows? You might be one of the lucky ones


There is much discussion on many blogs about a potential means of downgrading iOS 4.0.2 to 4.0.1 by simply changing a couple values in the buildmanifest.plist and copying all of the images from 4.0.1 into 4.0.2 and then deleting the files ending with 002. Following all of this, perform a DFU restore and somehow you will be on 4.0.1.


There is a perfectly logical explanation for all of this and I will lay out exactly what is happening and explain why it is working for the folks that are the lucky ones.


Let me get this out first.

This is not a miracle, at least not in the sense you all hope for
SHSHs are STILL required for any iPhone 4, iPhone 3GS, iPad, iPod Touch 3G, and iPod Touch 2G (MC Model)
There is NO way around this... unfortunately this method included.

Let me start by explaining something very important. The buildmanifest is used by iTunes to build much of the TSS request that is used to obtain your SHSH for any given firmware revision. Unfortunately, the BuildNumber has no part to play in the request for SHSH. All that you ended up doing in following these directions is request 4.0.1 SHSH blobs. THAT IS ALL. Since every single one of you that got this to work changed your hosts file to point to Cydia, Cydia responded to the TSS request with an SHSH blob that was ALREADY "on-file". There was no magic. There was no miracle, apart from the lucky break that your device had been put on Cydia's SHSH request list at some time in the distant past.


That's it in a nutshell folks. There was no amazing technique for bypassing Apple's TSS. There was no amazing exploit that exists in DFU mode allowing for 4.0.2 -> 4.0.1 downgrading. It's simple; Cydia had your SHSH because at sometime in the past either:

Someone saved your SHSH with that device using TinyUmbrella and the default options
Someone restored that device with Cydia in the hosts pointing to gs.apple.com
Someone jailbroke the device and pressed 'Make my life easier'

That's it folks. Sorry to be a buzzkill but there was much confusion about this issue and many blog posts that simply didn't give the full story of what exactly was going on.

Sorry to anyone who thought this method was real.

[x-bot]

[nastydevil]

Wow, if this is true, then it proves those who replied to that thread and said this method works otherwise.

[Freerunnering]

They are missing the POINT no this doesn't have anything to do with the SHSH request but by telling iTunes it's 4.x instead of 3.x it makes iTunes ask if 4.x SHSH blobs are available not what it actually is.

[iPhoneBlogr]

This is old news......

http://xsellize.com/...shsh-was-saved/

[x_wanted_x]

You failed to understand the post. There is no mention of OS 3.x, just OS 4.01 and OS 4.02.
The above method by CodeBlue "attempts" to foil iTunes into requesting IOS 4.01 SHSH blobs for a device with 4.02 Firmware by changing the buildNumber.
Droidx has explained that the SHSH request that iTunes makes has NOTHING TO DO WITH THE BUILDNUMBER FILE.

Therefore, the REASON CodeBlues method WORKS apparently, is by the presence of IOS 4.01 SHSH blobs in cydia PRESENT ALREADY. Meaning try this method out on a new iDevice without any shs blobs on file, and it will NOT work since the method has NOT changed the way and the place of the request of the SHSH Blobs.

Freerunnering, on 03 September 2010 - 03:10 AM, said:

They are missing the POINT no this doesn't have anything to do with the SHSH request but by telling iTunes it's 4.x instead of 3.x it makes iTunes ask if 4.x SHSH blobs are available not what it actually is.

Consider your logic also. You say

Quote

this doesn't have anything to do with the SHSH request

and then you say..

Quote

but .. it makes iTunes ask if 4.x SHSH blobs are available..

Since Ask == Request,

Do you yourself know what your saying?

Can we please THINK first before negating other peoples intelligent and thought out posts.
Thank You!

[b1azn]

it's weird. i just downgraded a 3g from 4.0.1 to 4.0 right now with it not ever having shsh blob. i did turn on tinyumbrella's server one. i don't know if that makes a difference

[r0bop0lo]

b1azn, on 10 September 2010 - 07:53 AM, said:

it's weird. i just downgraded a 3g from 4.0.1 to 4.0 right now with it not ever having shsh blob. i did turn on tinyumbrella's server one. i don't know if that makes a difference

Not at all. Only new bootrom devices require an shsh blob to be saved. That excludes anything below a 3GS