Feature Request: Add option to downgrade baseband, with "yes" as the default

[mariobrostech]

Hi,

I recently tried downgrading my iPad 4 to iOS 8.4.1, and everything was working smoothly until I decided to reboot my device. Shortly after, I was unable to enable Wi-Fi because the option was greyed out, indicating an issue with the baseband.

From my short reading through a few issues, you only downgrade the baseband on certain devices. While I understand this approach, it doesn't help in the rare cases in which preserving the iOS 10.x baseband doesn't work. Is there any way you could make this an option that the user can set during the downgrade, and can you default it to downgrade the baseband? What are the benefits to preserving the iOS 10.x baseband?

Thanks, and I appreciate your help!

[LukeZGD]

I use latest baseband as default for the script because of the reported Nov 2019 GPS rollover problems, which were fixed in the latest basebands from 9.3.6 and 10.3.4. But yeah downgrading the baseband should be an option that I will be adding sometime later, I don't think I will be setting it as the default though

[mariobrostech]

Ok, thanks for the explanation! I'm looking forward to seeing the option to change this setting to prevent baseband issues. Maybe make the downgrade a default on all Wi-Fi only iPads and iPod touches? Those devices shouldn't experience the GPS rollover bug because it only affects devices with cellular radios.

[LukeZGD]

The baseband option doesn't affect WiFi only devices as they use the --no-baseband argument instead

btw is the iPad 4 in question a Wi-Fi only? Because if it is, the issue might be a different problem entirely that I'm not aware of

[mariobrostech]

It is, actually (iPad3,4 to be exact). The Wi-Fi icon was completely greyed out, though, which made me assume it was an issue with the baseband. A restore to iOS 10.3.3 fixed it, so it was pretty obvious to me that this isn't a hardware issue.

Another reason why I assumed it might have been the baseband is because I've had no issues with connectivity after using odysseusOTA2, and one of the parameters used in creating a custom IPSW file for all devices is the -bbupdate command. I assumed this had something to do with the issues I've been having with iOS OTA Downgrader, but I could be mistaken.

[LukeZGD]

I found it now: see issue #78

Older versions of the script mess with the wifiaddr in NVRAM which causes issues, try this solution in my comment

[mariobrostech]

I'll be sure to give that a shot, but I had just re-downloaded the script before I had tested it yesterday. Shouldn't that be fixed in this case?

[LukeZGD]

If you have used the script on A6/A6X devices before the commit 6f0fdbf, the modified wifiaddr value in nvram stays - this can be pretty bad for troubleshooting on other users as well, so i'll be putting it in the "Other notes"

Messing with NVRAM is a really bad idea and an outdated workaround even at that time, it is something that I shouldn't have added in the script..

[mariobrostech]

I have used the script in the past, when that NVRAM commit was still in-place. Is there any way I can roll that back so it's as if I had never encountered the NVRAM flag change so I can better troubleshoot and figure out the cause of my issue? I thought a DFU restore would fix something like this, but please correct me if I'm wrong.

[LukeZGD]

DFU restores do not remove wifiaddr from nvram, but iOS 9 and above ignore it, which is the key

Restore to 10.3.3/10.3.4 (which ignores wifiaddr), jailbreak and install MTerminal in Cydia, and run:

su
(enter password, default is alpine)
nvram -d wifiaddr

There is also nvram -c which clears values in the nvram, but I don't really recommend it

[mariobrostech]

I'll give that a try, thank you! Why wouldn't you recommend running nvram -c, out of curiosity?

[LukeZGD]

nvram -c deletes all variables, though I think it is harmless and will just reset to default values but I haven't really tried

[mariobrostech]

Ok, thanks for the insight! I'll try resetting the wifiaddr variable when I get the chance to see if that fixes the issue.

[mariobrostech]

Ok, I think I finally found a relatively surefire way to reproduce this issue. This will make your device unusable and will likely require a restore, so please don't do this on a mission-critical device:

1) Install iCleaner Pro from https://ib-soft.net/cydia 2) Within iCleaner Pro, disable the OTA update dameon, which works fine when using etasonJB 3) Reboot your device a couple of times. After this, you should notice nearly every app crashing and Wi-Fi being unable to turn on.

I'm not sure if this is a separate issue or not, but it's consistent (with the addition of making almost every app crash) to the symptoms that I'm experiencing.

[mariobrostech]

Also, I can confirm that this isn't an issue by using iCleaner Pro to disable the OTA dameons; in fact, disabling OTA dameons is one of the first things I do on any jailbreak that doesn't have OTA-disabling functionality built-in. It worked fine under a vanilla copy of etasonJB as well, so I'm not sure what could be causing this.

[LukeZGD]

Thanks for the info, I will try reproducing this on my 4S later

[mariobrostech]

Great, thanks! Yes, it's jailbroken with the OTA downgrader's option. Just be careful because it will likely render your device unusable until it gets restored

[LukeZGD]

I can't seem to reproduce it... I disabled OTA daemons, rebooted a few times, and Wi-Fi worked every time, I even tried changing the nvram wifiaddr, deleting it and all that, and it always worked

To clarify, the Wi-Fi greying out can be reproduced even after deleting wifiaddr from NVRAM? That might be a different problem entirely if it is..

I would like to try reproducing this on my iPhone 5 also, but it is pretty much in a broken state right now (nearly all buttons not working)

[mariobrostech]

This issue is a bit more nuanced than just the Wi-Fi not working, though. Almost of the apps, including most system apps, instantly crash when the Wi-Fi stops working. As an example, I've attached a video showing the apps crashing and screenshots of the crash logs below. I'm not sure if this can help you pinpoint the problem, but I hope it does.

Thanks again for all of your help!

YouTube video of apps crashing

[LukeZGD]

I see now, so the problem might lie with the EtasonJB untether itself, since the apps including the jailbreak apps are crashing. This adds more reason to try switching to daibutsu untether by dora2ios then, I have not tested that out yet (I may try in the next few days/week/s) but hopefully it works

[mariobrostech]

Sounds good! It's just kind of strange that when I used etasonJB with OTA dameons disabled in iCleaner Pro, this didn't happen. I can't re-test etasonJB since iOS App Signer has stopped working for me recently, but I remember that being the first setting I disabled.

Do you know of any alternative non-destructive ways of disabling OTA updates so I can test them to see if they work?

Also, I'm really excited about the switch to dora2ios's jailbreak, so please keep me updated here with any progress you make in merging those changes upstream. I'll be happy to give it a spin!

[LukeZGD]

Do you know of any alternative non-destructive ways of disabling OTA updates so I can test them to see if they work?

You can try using mikoto from: https://cydia.akemi.ai

[LukeZGD]

I will be closing this now, basically:

• Downgrade baseband won't be added anymore, but with the latest commit (0a3d69f) now has restore tool selection when jailbreak option is not enabled.
• In iOS-OTA-Downgrader, only restoring with futurerestore will always flash the latest baseband, except on A7 devices where 10.3.3 SEP and baseband is flashed. This will not be changed
• In case futurerestore fails, Selecting 2 (idevicerestore) instead of 1 (futurerestore) is now an option, which will create a custom IPSW like when jailbreak option is enabled, but unlike that, this is just for downgrading (no jailbreak bundled).
• Restoring with custom IPSWs downgrades the baseband (or at least, it seems to.. the modem firmware version gets lowered in Settings). I have not tested the effects of this, but my devices seem to work with no problems so I guess it should be fine...
• If users choose to not enable the jailbreak option, they can now sideload the jailbreak using Sideloadly, which was just updated recently to fix iOS 8 support.
• Most if not all errors (Wi-Fi greyed out, getting stuck in recovery after restores) that are most likely NVRAM related can be fixed by going to the latest version, jailbreaking, and running nvram -c from MTerminal as root (su), then downgrading again
• Disabling the OTA update daemon should not be done, users should install Mikoto from Karen's repo instead
• Losing the jailbreak after a reboot seems to be a bug with EtasonJB, and there's nothing I can do about it. Daibutsu might not get updated anytime soon, so there are no alternatives for now

[mariobrostech]

Hi @LukeZGD,

Thanks for doing this! I'll be sure to try this out if I ever need to restore my iPad in the future since I don't have dedicated testing device set up atm.

Regarding the OTA update daemon issues (and possibly some of the app crashing issues?), I did some digging and found that Karen's stashing fix for iOS 8.4.1 also claims to fix "certain apps (including kDFUApp, iCleaner Pro, etc.) that may have been broken if stashing was enabled using a different method."

Upon looking into this some more, it seems that this was done through enabling Cydia stashing and removing the nosuid flag, according to this Reddit post by Karen. Is it possible that iOS OTA Downgrader only enables the stashing but doesn't modify the nosuid flag? This seems like an easy fix to the iCleaner Pro issue if the flag isn't already being disabled.

Thank you again, and I appreciate your help as always!

[LukeZGD]

iOS-OTA-Downgrader removes the nosuid from fstab as well, see fstab.tar

[mariobrostech]

Great, thanks for the clarification :)