Announcement

Collapse
No announcement yet.

T2 Chip Programmer Tool

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Re: T2 Chip Programmer Tool

    Mina did this because you had a special someone in the thread tell them so they had to create a code to stop this since you know…people don’t want people to have nice things lol. I’m not worried about it. Our software is half way there.
    sigpic
    MEOWING IN THE IMPOSSIBLE UNIVERSE!

    Comment


      Re: T2 Chip Programmer Tool

      Without being too informed on the current status/progress of a T2 bypass or unlock, can I ask a potentially-dumb question?

      Would it be possible to somehow identify the contact information (name/email) of the iCloud account owner of a particular board, and then simply attempt to contact them to have the lock removed? Of course many people wouldn't respond, and you'd still be stuck with a locked board, but I was curious if that information would somehow be stored on the board. I'd imagine that info is securely stored/encrypted in the SE, so probably impossible to get to, but was just curious.

      Comment


        Re: T2 Chip Programmer Tool

        guys from mina also reading badcaps

        Comment


          Re: T2 Chip Programmer Tool

          Originally posted by ugamazing View Post
          Without being too informed on the current status/progress of a T2 bypass or unlock, can I ask a potentially-dumb question?

          Would it be possible to somehow identify the contact information (name/email) of the iCloud account owner of a particular board, and then simply attempt to contact them to have the lock removed? Of course many people wouldn't respond, and you'd still be stuck with a locked board, but I was curious if that information would somehow be stored on the board. I'd imagine that info is securely stored/encrypted in the SE, so probably impossible to get to, but was just curious.

          Believe it or not it is stored into the T2 chip. That information is easily obtained if you had admin access to the board if bypassed. What do I mean?

          When you bypass a board, sometimes a board will say at setup “find my mac” is enabled. And you see the actual email in result, I think this is a minor glitch in bypass but it happens sometimes and I write that information down. But it’s always not the case. Now when the computer is fully wiped and updated with iBridge, it will have to be a little more digging to figure out how to bypass it again. That is when checkrain comes into play (when they finally update it). I anticipate it happening soon since they have updated pongoOS and the libs files. Just a matter of time.

          Nextly to the response saying Mina developers are on here. I am fairly certain the trolls that got banned were the ones by Mina. They want to make money let them. However they have no ownership to the jailbreak since it is open source and all it is a few key strokes in SSH control. Checkm8 and Mina use the exact same concept to remove the lock. It actually is just telling the device it is activated and you get OS install.
          Last edited by piernov; 06-13-2022, 08:53 AM.
          sigpic
          MEOWING IN THE IMPOSSIBLE UNIVERSE!

          Comment


            Re: T2 Chip Programmer Tool

            Thanks, Stephen! That's good information, thank you. I've had moderate success in just contacting the iCloud owners; some of them are happy to make a quick buck (we offer them a monetary incentive to remove, and explain that if it was stolen, we're happy to return, etc). Seems the way to go (if possible) until an actual unlocking process is discovered.

            Comment


              Re: T2 Chip Programmer Tool

              Originally posted by ugamazing View Post
              Thanks, Stephen! That's good information, thank you. I've had moderate success in just contacting the iCloud owners; some of them are happy to make a quick buck (we offer them a monetary incentive to remove, and explain that if it was stolen, we're happy to return, etc). Seems the way to go (if possible) until an actual unlocking process is discovered.
              But how can you get the owner information to contact them?

              Comment


                Re: T2 Chip Programmer Tool

                Originally posted by anhbanxoi View Post
                But how can you get the owner information to contact them?
                just read what was just posted

                Originally posted by Stephen View Post
                Believe it or not it is stored into the T2 chip. That information is easily obtained if you had admin access to the board if bypassed. What do I mean?

                When you bypass a board, sometimes a board will say at setup “find my mac” is enabled. And you see the actual email in result, I think this is a minor glitch in bypass but it happens sometimes and I write that information down. But it's always not the case. Now when the computer is fully wiped and updated with iBridge, it will have to be a little more digging to figure out how to bypass it again. That is when checkrain comes into play (when they finally update it). I anticipate it happening soon since they have updated pongoOS and the libs files. Just a matter of time.
                My YouTube channel - https://www.youtube.com/channel/UCiD...5d6OgizDqoi_SA

                Comment


                  Re: T2 Chip Programmer Tool

                  I was reading all posts here, very good and interesting information also.many thanks for share also.

                  I use to work with BIOS editing with TL866II -Plus and CH341-A , does anyone found any difference with another tools on T2 edition?

                  I want to try with some MAC mini (2018) , having a blocked model and the same unit unlocked for serial number collection if necessary.

                  Also i have Imac (2020) various units icloud locked, and other identic stuff unlocked and avaliable.

                  Anyone has access to the guide that was removed here with hardware modification methods?

                  I have access to other M1, locked and unlocked devices if someone needs more info or wants me to make any tests.

                  Kind Regards

                  Comment


                    Re: T2 Chip Programmer Tool

                    I have tried the ufix u-bos2 to change serial number.
                    When soldered the T2 chip it was in DFu mode.
                    Tried a revive came on briefly and now nothing.
                    Any tips on what to do now ??

                    Comment


                      Re: T2 Chip Programmer Tool

                      Originally posted by simplylcd View Post
                      I have tried the ufix u-bos2 to change serial number.
                      When soldered the T2 chip it was in DFu mode.
                      Tried a revive came on briefly and now nothing.
                      Any tips on what to do now ??
                      Christopher, you were told on FB, the SN is stored in the SPI ROM chip so what are you talking about "When soldered the T2 chip" ?

                      That statement makes no sense
                      My YouTube channel - https://www.youtube.com/channel/UCiD...5d6OgizDqoi_SA

                      Comment


                        Re: T2 Chip Programmer Tool

                        there's no need to change serial number to avoid icloud lock. icloud lock is connected to ECID of T2. so, only t2 replacement will helps.

                        Comment


                          Re: T2 Chip Programmer Tool

                          Originally posted by simplylcd View Post
                          I have tried the ufix u-bos2 to change serial number.
                          When soldered the T2 chip it was in DFu mode.
                          Tried a revive came on briefly and now nothing.
                          Any tips on what to do now ??
                          Might have to do a restore, also if that doesn't help check the battery to make sure it is a good battery. Believe it or not a bad battery will not allow a proper restore or revive.
                          sigpic
                          MEOWING IN THE IMPOSSIBLE UNIVERSE!

                          Comment


                            Re: T2 Chip Programmer Tool

                            I just received my 1.8v level shifter and can now read/pull dumps from the T2+ models.

                            Confirmed it's quite easy to find the serial/MLB# as mentioned by others. Will now move onto comparing dumps from boards without lock (that I own), then locking to my own iCloud/FMM, then comparing dumps again.

                            Anyone have any ideas for additional things to check/try? I wish there was some way to reconcile iCloud ID with serial number, but I know that's likely not something that will easily be done.

                            Stephen, when you mentioned the bypass method sometimes producing/printing the full iCloud email address; is it theoretically possible to--somehow--modify the T2 ROM to produce this 'glitch' and instruct the T2 to print the full email (instead of the s*****@gmail.com or whatever)? Just spitballing, I have zero knowledge of how the actual data/encryption works or is stored/handled at all. I am a hardware guy, and getting down to these details is a learning experience, but I'm definitely willing to learn!

                            Comment


                              Re: T2 Chip Programmer Tool

                              Originally posted by Pedro147 View Post
                              Christopher, you were told on FB, the SN is stored in the SPI ROM chip so what are you talking about "When soldered the T2 chip" ?

                              That statement makes no sense
                              I removed the chip put it in the programmer and then soldered back onto the board

                              Comment


                                Re: T2 Chip Programmer Tool

                                Got my 1.8v ROM reader working well, and will begin pulling dumps from all T2/M1 models this weekend. Will then lock them, pull dumps again, compare, etc.

                                Comment


                                  Re: T2 Chip Programmer Tool

                                  I am not sure how we could read the T2 chip itself, it could be possible if we are able to remove the T2 chip and one day able to read it, nothing is impossible in this world remember that. However, even if we were able to read the T2, the serial of that T2 itself would tie to the iCloud that it is locked to, even if you were able to some how reset it which basically is a DFU, which means that serial still has to go through Activation on Apples servers, so if we are able to figure a way to read it before it is ERASED, maybe so? No idea, the glitch comes sometimes when you bypass the machine and then it has the email once you get to the setup screen when the OS is installed. I sometimes see an email and sometimes I don't , however if we are able to produce the glitch all the time that would be perfect after you bypass it so you can ask them to remove it for good.

                                  Originally posted by ugamazing View Post
                                  I just received my 1.8v level shifter and can now read/pull dumps from the T2+ models.

                                  Confirmed it's quite easy to find the serial/MLB# as mentioned by others. Will now move onto comparing dumps from boards without lock (that I own), then locking to my own iCloud/FMM, then comparing dumps again.

                                  Anyone have any ideas for additional things to check/try? I wish there was some way to reconcile iCloud ID with serial number, but I know that's likely not something that will easily be done.

                                  Stephen, when you mentioned the bypass method sometimes producing/printing the full iCloud email address; is it theoretically possible to--somehow--modify the T2 ROM to produce this 'glitch' and instruct the T2 to print the full email (instead of the s*****@gmail.com or whatever)? Just spitballing, I have zero knowledge of how the actual data/encryption works or is stored/handled at all. I am a hardware guy, and getting down to these details is a learning experience, but I'm definitely willing to learn!
                                  sigpic
                                  MEOWING IN THE IMPOSSIBLE UNIVERSE!

                                  Comment


                                    Re: T2 Chip Programmer Tool

                                    Originally posted by Stephen View Post
                                    I am not sure how we could read the T2 chip itself, it could be possible if we are able to remove the T2 chip and one day able to read it, nothing is impossible in this world remember that. However, even if we were able to read the T2, the serial of that T2 itself would tie to the iCloud that it is locked to, even if you were able to some how reset it which basically is a DFU, which means that serial still has to go through Activation on Apples servers, so if we are able to figure a way to read it before it is ERASED, maybe so? No idea, the glitch comes sometimes when you bypass the machine and then it has the email once you get to the setup screen when the OS is installed. I sometimes see an email and sometimes I don't , however if we are able to produce the glitch all the time that would be perfect after you bypass it so you can ask them to remove it for good.
                                    Hey Stephen, I'm shooting you a private message, thanks!

                                    Comment


                                      Re: T2 Chip Programmer Tool

                                      Originally posted by Stephen View Post
                                      I am not sure how we could read the T2 chip itself, it could be possible if we are able to remove the T2 chip and one day able to read it, nothing is impossible in this world remember that. However, even if we were able to read the T2, the serial of that T2 itself would tie to the iCloud that it is locked to, even if you were able to some how reset it which basically is a DFU, which means that serial still has to go through Activation on Apples servers, so if we are able to figure a way to read it before it is ERASED, maybe so? No idea, the glitch comes sometimes when you bypass the machine and then it has the email once you get to the setup screen when the OS is installed. I sometimes see an email and sometimes I don't , however if we are able to produce the glitch all the time that would be perfect after you bypass it so you can ask them to remove it for good.
                                      according to my investigations, there're no useful information, except machine serial number and board number in t2 rom. t2 rom only need to boot into dfu. also, all known methods of jailbreak won't work, because of usb-c firmware patch in t2 chip. t2 chip also have small rom-memory inside. the only way to remove icloud lock is to modify ECID of t2. this operation isn't possible for current moment.

                                      Comment


                                        Re: T2 Chip Programmer Tool

                                        Hey guys!
                                        Sorry for my english. I know it’s poor cuz I’m from Ukraine))

                                        Look, I’ve got AppleID locked MB Pro A2141 and I wonder if I can unlock it.
                                        As I know Apple blocked jailbreak ability on the last MacOS.
                                        I’ve got another A2141 logic board with issues and it has FMM OFF.

                                        So I wonder if it’s possible to replace some IC’s from the defective logic board with FMM off to my locked board? Has anybody done this before?
                                        Should I replace T2 itself + SPI or should I replace WIFI+NANDs additionaly?

                                        Thanks in advance!

                                        Comment


                                          Re: T2 Chip Programmer Tool

                                          i replaced about 20 t2's. it's very complicated procedure by itself. too many issues. but it's possible.

                                          Comment

                                          Working...
                                          X