Re: T2 Chip Programmer Tool
Lots of talk about swapping components from unlocked boards, does anyone think a new jailbreak won't be released?
-
Re: T2 Chip Programmer Tool
Can confirm this removal process is complicated as hell. Just a heads up to anyone trying it. Very tedious and grueling as T2 chip is bi-layered and bottom portion really tough to get off without first pulling the top-half, but then it's difficult to re-attach top layer. Will have to play around with heat/etc, but it's definitely a challenge.Originally posted by lamo View PostLeave a comment:
-
Re: T2 Chip Programmer Tool
Swapping chips is still a working solution for iPhones. Of course, if we're talking about iPhones it may not worth it, but the solution itself works.Originally posted by ugamazing View Post
That's why I thought if it works with a macbook.Leave a comment:
-
Re: T2 Chip Programmer Tool
What's complicated about it? Replacing the chips themselves not a problem. What else do you think is involved? If it means unlocking a T2 board, replacing the T2/ROM is not a big task at all lol. I'm sure there's more to getting it to work than simply swapping chips though. Someone would have found that out by now, of course.Originally posted by lamo View PostLeave a comment:
-
Re: T2 Chip Programmer Tool
I don't think anyone "knows" the answer to your question; you should try it and let us know how it goes!
I think you'd need to change T2/ROM and at least one nand, but not sure which. Not sure if WiFi "needs" to be replaced, but may need to be as well. Short answer, though, is: "nobody knows, or we'd be unlocking boards already".
Leave a comment:
-
Re: T2 Chip Programmer Tool
Yeah I know it's complicated. I made many T2 reballs but it was just a reball.Originally posted by lamo View Post
And now I want to unlock the locked logic board by replacing T2.
So the main question is if it's enough just to replace locked T2 by the unlocked one (and it's SPI) or I have to replace some else ICs (wifi, nand, etc.)?Leave a comment:
-
Re: T2 Chip Programmer Tool
i replaced about 20 t2's. it's very complicated procedure by itself. too many issues. but it's possible.Leave a comment:
-
Re: T2 Chip Programmer Tool
Hey guys!
Sorry for my english. I know it’s poor cuz I’m from Ukraine))
Look, I’ve got AppleID locked MB Pro A2141 and I wonder if I can unlock it.
As I know Apple blocked jailbreak ability on the last MacOS.
I’ve got another A2141 logic board with issues and it has FMM OFF.
So I wonder if it’s possible to replace some IC’s from the defective logic board with FMM off to my locked board? Has anybody done this before?
Should I replace T2 itself + SPI or should I replace WIFI+NANDs additionaly?
Thanks in advance!Leave a comment:
-
Re: T2 Chip Programmer Tool
according to my investigations, there're no useful information, except machine serial number and board number in t2 rom. t2 rom only need to boot into dfu. also, all known methods of jailbreak won't work, because of usb-c firmware patch in t2 chip. t2 chip also have small rom-memory inside. the only way to remove icloud lock is to modify ECID of t2. this operation isn't possible for current moment.Originally posted by Stephen View PostLeave a comment:
-
Re: T2 Chip Programmer Tool
I am not sure how we could read the T2 chip itself, it could be possible if we are able to remove the T2 chip and one day able to read it, nothing is impossible in this world remember that. However, even if we were able to read the T2, the serial of that T2 itself would tie to the iCloud that it is locked to, even if you were able to some how reset it which basically is a DFU, which means that serial still has to go through Activation on Apples servers, so if we are able to figure a way to read it before it is ERASED, maybe so? No idea, the glitch comes sometimes when you bypass the machine and then it has the email once you get to the setup screen when the OS is installed. I sometimes see an email and sometimes I don't , however if we are able to produce the glitch all the time that would be perfect after you bypass it so you can ask them to remove it for good.
Originally posted by ugamazing View PostI just received my 1.8v level shifter and can now read/pull dumps from the T2+ models.
Confirmed it's quite easy to find the serial/MLB# as mentioned by others. Will now move onto comparing dumps from boards without lock (that I own), then locking to my own iCloud/FMM, then comparing dumps again.
Anyone have any ideas for additional things to check/try? I wish there was some way to reconcile iCloud ID with serial number, but I know that's likely not something that will easily be done.
Stephen, when you mentioned the bypass method sometimes producing/printing the full iCloud email address; is it theoretically possible to--somehow--modify the T2 ROM to produce this 'glitch' and instruct the T2 to print the full email (instead of the s*****@gmail.com or whatever)? Just spitballing, I have zero knowledge of how the actual data/encryption works or is stored/handled at all. I am a hardware guy, and getting down to these details is a learning experience, but I'm definitely willing to learn!Leave a comment:
-
Re: T2 Chip Programmer Tool
Got my 1.8v ROM reader working well, and will begin pulling dumps from all T2/M1 models this weekend. Will then lock them, pull dumps again, compare, etc.Leave a comment:
-
Re: T2 Chip Programmer Tool
I just received my 1.8v level shifter and can now read/pull dumps from the T2+ models.
Confirmed it's quite easy to find the serial/MLB# as mentioned by others. Will now move onto comparing dumps from boards without lock (that I own), then locking to my own iCloud/FMM, then comparing dumps again.
Anyone have any ideas for additional things to check/try? I wish there was some way to reconcile iCloud ID with serial number, but I know that's likely not something that will easily be done.
Stephen, when you mentioned the bypass method sometimes producing/printing the full iCloud email address; is it theoretically possible to--somehow--modify the T2 ROM to produce this 'glitch' and instruct the T2 to print the full email (instead of the s*****@gmail.com or whatever)? Just spitballing, I have zero knowledge of how the actual data/encryption works or is stored/handled at all. I am a hardware guy, and getting down to these details is a learning experience, but I'm definitely willing to learn!
Leave a comment:
-
Re: T2 Chip Programmer Tool
there's no need to change serial number to avoid icloud lock. icloud lock is connected to ECID of T2. so, only t2 replacement will helps.Leave a comment:
Leave a comment: