Even Non-jailbeakers Can (and Should) Get Their 3GS' SHSH "On-file"

thelatinist

macrumors 603
Original poster
Aug 15, 2009
5,933
49
Connecticut, USA
As most jailbreakers (and many non-jailbreakers) know, with the iPhone 3GS Apple implemented a new "security" feature which gives Apple an unprecedented amount of control over what firmware we can run on our phones. Because the 3GS requires authorization before accepting firmware, it is possible for Apple to recall past firmwares…essentially requiring anyone who needs to restore his iPhone to upgrade to the latest firmware.

Members of the jailbreak community have developed several workarounds for this problem. By saving the signature hash (SHSH) for your iPhone either to a remote server run by Jay Freeman (Saurik) or locally on your computer, you can guarantee that you will be able to restore to the current OS version even should Apple later decide to stop allowing it.

Even if you don't jailbreak, you should get your SHSH on file.

There are at least two reasons even non-jailbreakers should take the steps now to get their SHSH cached:

1) Imagine that some future version of the OS breaks or removes some feature of the current OS on which you rely (this happened to many people with the 3.0 tethering hack). It is impossible to predict what future bug or feature change might make you want to downgrade.

2) You will be preserving the possibility of jailbreak, something even non-jailbreakers should do as it could significantly increase the value of your device at resale.

In either of these cases, it might be essential for you to restore your phone to a previous firmware, something you won't be able to do unless you are prepared.

Anyone Can Get His 3.1.3 SHSH On-file in Cydia!

I have created this guide to dispel a widespread misconception: that it is only possible to get your SHSH on file if you have a currently jailbroken phone. This is simply not true. If you don't jailbreak, you cannot use the method most jailbreakers use to get their SHSH on file, but there are two work-arounds which will accomplish the same thing but which do not require your phone to be jailbroken. By following one of these two methods, it should be possible for anyone -- regardless of current firmware version, bootrom version, or current jailbreak status -- to get his 3.1.3 SHSH on file with Saurik.

1) Using The Firmware Umbrella

Benefits: Stores your SHSH locally as a backup to Cydia
Creates Local Backup: Yes

This method has the added advantage of creating a local backup of your SHSH in addition to getting your SHSH on file in Cydia. This is done using free software called The Firmware Umbrella. The steps are as follows:

For Windows:

1) Download and unzip the latest version of The Firmware Umbrella from http://thefirmwareumbrella.blogspot.com/.
2) Double click Umbrella.exe to run it.
3) Enter your phone's ECID into the first box (follow steps 1-6 in this tutorial to find your ECID).
4) Choose iPhone 3GS - 3.1.3 in the Device Version dropdown menu.
5) Choose Saurik - Cydia in the SHSH Repository dropdown.
6) Click Submit.

For Mac:

1) Download and unzip the latest version of The Firmware Umbrella from http://thefirmwareumbrella.blogspot.com/.
2) Open Umbrella.dmg and copy the file Umbrella.app to your hard drive.
3) Run Umbrella.app
4) Enter your phone's ECID into the first box (follow steps 1-4 in this tutorial to find your ECID).
5) Choose iPhone 3GS - 3.1.3 in the Device Version dropdown menu.
6) Choose Saurik - Cydia in the SHSH Repository dropdown.
7) Click Submit.

This will accomplish two things in once step: Saurik's server will download and save your 3.1.3 SHSH (along with the information it will need to request any future version's SHSH) and Umbrella will download a copy of the SHSH from Saurik's server and save it to your computer.


2) Using iTunes and a Hacked hosts File

Benefits: Fewer steps than Umbrella; doesn't require you to know ECID.
Creates Local Backup: No

There is one other way that you can get your 3.1.3 SHSH on file with Saurik. This method does not require you to download any software or to jailbreak your phone, but it does require that you edit the hosts file on your computer and have a copy of the 3.1.2 firmware file (you can download it here.

1) Open the file C:\Windows\System32\drivers\etc\hosts (Windows) or /etc/hosts (Mac OS X) and edit it by adding the following entry to the bottom of the file:
Code:
74.208.10.249 gs.apple.com
2) Plug in your iPhone and open iTunes.
3) Hold down shift (Win) or option (Mac) and click restore.
4) Browse to your copy of the 3.1.2 firmware (not the 3.1.3 firmware).
5) Click OK.

Please note: you will get an error message. This is expected. Because Apple is no longer signing 3.1.2, you will not be able to restore, and Saurik's server will return an "device ineligible" error. Your phone will not be restored to 3.1.2. This unsuccessful request will, however, have placed your ECID on file with Saurik's server and will place you in the queue for 3.1.3 SHSH. You should have your 3.1.3 SHSH on file within a day or so. If you need to restore to 3.1.3 in the meantime, simply do so using iTunes. iTunes will send the 3.1.3 SHSH request to Saurik's server, which will request it immediately and pass it back to you so that you can restore.
 

Small White Car

macrumors G4
Aug 29, 2006
10,888
1,125
Washington DC
Thanks for the details on how to do this.

But I disagree with your thread title that everyone 'should' do it. I still see no reason why I would want to do this.

But that's just my minor quibble with the title. It's a great thread for those who need it, I appreciate the fact that you did this work and I'll definitely be pointing people this way who I know need this information.
 

Blueline29

macrumors 68020
Jun 16, 2009
2,291
513
Saint Augustine, FL
I'm jailbroken and already have my SHSH on file with Cydia, but I can totally see why someone who doesn't yet have this taken care of might want to-- to retain as much control over your phone as possible in the event Apple decides to lock things down that you're already using. It doesn't hurt anything to store it, so why not? JMO.
 

ozzyman500

macrumors 65816
Feb 4, 2009
1,413
0
Mine probably is already because I had mine jailbroken on 3.1 or 3.1.2 or whatever it was. Now I'm on 3.1.3 and don't mind not being jailbroken. I actually like my phone to work. :D
 

ozzyman500

macrumors 65816
Feb 4, 2009
1,413
0
It's not that simple. I've jailbroken my iPhones since forever. I know what I'm doing. But once in a while something would just go wrong, without me doing anything.
Exactly.

I know JB is not simple.
Last time I tried jailbreaking and installed SBSettings (which normally works good) it just crashed and I had to reformat. I'm not much into that anymore. Every now and then you got a bad app.
 

thelatinist

macrumors 603
Original poster
Aug 15, 2009
5,933
49
Connecticut, USA
Thanks for the details on how to do this.

But I disagree with your thread title that everyone 'should' do it. I still see no reason why I would want to do this.

But that's just my minor quibble with the title. It's a great thread for those who need it, I appreciate the fact that you did this work and I'll definitely be pointing people this way who I know need this information.
The point is that you cannot know that you will never need to downgrade your phone. Just because you haven't in the past does not mean that never will. Not providing for the possibility, small though it might be, that Apple might create a new firmware you would not want (and that you might want or need either to downgrade or even to restore to the same version currently on your phone) is rather short-sighted. If the event arises, it will be too late.

Suppose, for example, that you rely on exchange email support for your work email and that version 3.1.4 breaks that support (or even that Apple decides to remove Exchange support). Or you upgrade only to find that the Google calendar you've been keeping track of your life on suddenly no longer syncs properly. Or what if that website you spend half your day on suddenly no longer displays properly in the latest version of MobileSafari. Stranger things have happened. There are all kinds of reasons one might not want the latest incremental update of the iPhone Firmware, but if they do not have their SHSH on file, they will be forced to upgrade if they need to restore their phone.

I'm jailbroken and already have my SHSH on file with Cydia, but I can totally see why someone who doesn't yet have this taken care of might want to-- to retain as much control over your phone as possible in the event Apple decides to lock things down that you're already using. It doesn't hurt anything to store it, so why not? JMO.
Exactly. I know a lot of people who relied on the tethering hack who would have loved to be able to downgrade to 3.0.1, but couldn't. You never know what feature we take for granted might be locked down (or even unintentionally broken) by the next firmware update. I personally don't like the idea that, should I need to restore my phone, Apple wouldn't allow me to restore it to the 3.1.2 firmware version currently on my phone, but would force me to accept an upgrade.
 

Small White Car

macrumors G4
Aug 29, 2006
10,888
1,125
Washington DC
Not providing for the possibility, small though it might be, that Apple might create a new firmware you would not want (and that you might want or need either to downgrade or even to restore to the same version currently on your phone) is rather short-sighted.
I guess I'm just short-sighted, then. I really can't think of an actual example of when I'd want to go backwards.

I mean, I understand the general "you never know!" warnings, but I can't think of an actual example, is what I'm talking about. I guess I just don't have a very good imagination.
 

Small White Car

macrumors G4
Aug 29, 2006
10,888
1,125
Washington DC
JB is not for everyone. Some simply like to be told what their device can and cannot do.
Jailbreakers are also told what they can and cannot do.

They're just being told by different people.

I'm not knocking jailbreaking, it does good things for the people who want those things. But lets drop the rhetoric. You still have people telling you what to do...it's just not Apple who's doing the telling anymore.
 

anjinha

macrumors 604
Oct 21, 2006
7,271
62
San Francisco, CA
I know JB is not simple.
Actually it is pretty simple with Pwnage Tool, specially if you don't use the advanced options. But there's still a lot that can wrong even if you do everything right.

The first time I JBed my 3GS I only installed pretty basic stuff, the same stuff I used to install on my 3G. After a while my 3GS started to go to safe mode randomly. So I restored, jailbroke it again exactly the same way as I had done before, installed exactly the same Cydia apps but now everything worked fine.

So saying that things will only go wrong with jailbreak if you don't know what you are doing is not true. For the most part jailbreak works great, but every once in a while some weird stuff happens. The difference is that if you do know what you're doing you know what to do to fix it. Whether it's worth it or not is up to you.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,650
6,403
At the iPhone hacks section.
Jailbreakers are also told what they can and cannot do.

They're just being told by different people.

I'm not knocking jailbreaking, it does good things for the people who want those things. But lets drop the rhetoric. You still have people telling you what to do...it's just not Apple who's doing the telling anymore.
Who's telling JB's what to do?
You can do tons more stuff on JB that Apple would ever allow any iphone user acess to.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,650
6,403
At the iPhone hacks section.
Actually it is pretty simple with Pwnage Tool, specially if you don't use the advanced options. But there's still a lot that can wrong even if you do everything right.

The first time I JBed my 3GS I only installed pretty basic stuff, the same stuff I used to install on my 3G. After a while my 3GS started to go to safe mode randomly. So I restored, jailbroke it again exactly the same way as I had done before, installed exactly the same Cydia apps but now everything worked fine.

So saying that things will only go wrong with jailbreak if you don't know what you are doing is not true. For the most part jailbreak works great, but every once in a while some weird stuff happens. The difference is that if you do know what you're doing you know what to do to fix it. Whether it's worth it or not is up to you.
Exactly.
Its not just to know how to click a few buttons to JB but to also be able to troubleshoot and restore and redo it if needed. Theres tons of packages and items that can be installed from many repos out there. Some stuff might not be compatible with your firmware or other stuff might be buggy and cause problems.
To some people is worth it while others should avoid it if they're not educated enough on it.
Just like the many people with unlocked iphones that updated without thinking to the latest 3.1.3 and now they're stuck.
 

Small White Car

macrumors G4
Aug 29, 2006
10,888
1,125
Washington DC
Who's telling JB's what to do?
You can do tons more stuff on JB that Apple would ever allow any iphone user acess to.
You can add 5 icons on your dock or change your background. Apple tells me I can't do that.

On the other hand, I can have iTunes automatically compress all my music before it goes onto my iPhone, saving space. The jailbreak community tells you that you can't do that if you want to keep using their software.


So we have different things we can and can't do, and we have different people telling us what we can and can't do. One way isn't better than the other. It just depends on which things you like more.

Just like the many people with unlocked iphones that updated without thinking to the latest 3.1.3 and now they're stuck.
That's what I'm talking about. THAT'S who is telling JB'ers what they can and can't do. People like you.

Again, I'm not saying it's wrong. I'm just saying that I follow rules from Apple and you follow rules from people on message boards. We both follow rules other people have set up for us. That's the point I'm making.

I don't have a problem with Jailbreaking. I have a problem with people like CocoaPuffs making it sound like there are no rules when you Jailbreak. As you yourself said, you can get yourself into trouble acting like that. People should be aware of reality. That's all I'm saying.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,650
6,403
At the iPhone hacks section.
On the other hand, I can have iTunes automatically compress all my music before it goes onto my iPhone, saving space. The jailbreak community tells you that you can't do that if you want to keep using their software.
I never heard of that before.
Compress music before it goes into the iphone? Can you compress MP3's or videos, pics any more?
The JB communities limitations are very very few compared to what Apple restrics and those limitations are not based on someones opinion what the user should be able to do or not do with their phone.
Those are usually restrictions either by Apple or their repeat attempts to put an end to JB and make it illegal.
 

Applejuiced

macrumors Westmere
Apr 16, 2008
40,650
6,403
At the iPhone hacks section.
That's what I'm talking about. THAT'S who is telling JB'ers what they can and can't do. People like you.

Again, I'm not saying it's wrong. I'm just saying that I follow rules from Apple and you follow rules from people on message boards. We both follow rules other people have set up for us. That's the point I'm making.

I don't have a problem with Jailbreaking. I have a problem with people like CocoaPuffs making it sound like there are no rules when you Jailbreak. As you yourself said, you can get yourself into trouble acting like that. People should be aware of reality and not pretend that Jailbreaking means your phone is perfect and you can't mess it up no matter what you do.
Yes, if you dont want to wait for a JB or unlock you can always try to find one yourself :D
Alot harder but usually those groups work for the general ability to help many people worldwide gain full acess to their device and put countless of volunteer hours in the process with no pay.
Sometimes its better to wait than put all your eggs in that basket but I know where your logic is comming from. But again noone is forcing you to update, you can keep your JB and unlocked device and not be stuck if you research before you hit the update button.
Its got its pros and cons but I think the pros do outweight the little wait and research that needs to be done to accomplish it.
 

Small White Car

macrumors G4
Aug 29, 2006
10,888
1,125
Washington DC
I never heard of that before.
Compress music before it goes into the iphone? Can you compress MP3's or videos, pics any more?
It's in the new iTunes (the one that you shouldn't use if you're jailbroken). It has the option of making music files smaller when they copy to the phone. (Photos already do this automatically on everyone's phones, same as before.) No change to videos.


The JB communities limitations are very very few compared to what Apple restrics and those limitations are not based on someones opinion what the user should be able to do or not do with their phone.
Those are usually restrictions either by Apple or their repeat attempts to put an end to JB and make it illegal.
And none of that matters if I like those 2 or 3 Apple features I'd be losing and I don't care about the 50 features jailbreaking would give me. (Made up numbers, but you get my point.)

Ok, so Jailbreaking has a bigger number, but if it's all stuff I don't care about it doesn't matter how many of them there are? I still won't care.

Again, not saying one is better. I'm just saying that we each make choices based on what is important to us. Nothing more than that.

What I'm arguing against is the idea that I don't Jailbreak because I want to have Apple's control over me. No, I just don't care about JB features. Nothing more than that.
 

ngenerator

macrumors 68000
May 12, 2009
1,834
0
USG Ishimura
The jailbreak community tells you that you can't do that if you want to keep using their software.
Where does it say that anyone says you can't do that if you want to still use their software? Who's software? Mine are all compressed via iTunes 9.1 and it's working just fine for me...