This was the fix to the iPhone Antennagate in 2010. 20 bytes

1 month ago 5

sam henri gold Profile picture

hey wanna see something kinda interesting? this was the entire fix to the iPhone Antennagate in 2010. 20 bytes. 86 ff ff ff 98 ff ff ff 9e ff ff ff a7 ff ff ff b0 ff ff ff

For context, back in 2010 when the iPhone 4 came out, people noticed you could grip the phone in a certain way and the signal bars would plummet from 5 to, like, 2.

A few weeks later, they published a letter admitting fault, blaming a bad formula. apple.com/newsroom/2010/…Upon investigation, we were stunned to find that the formula we use to calculate how many bars of signal strength to display is totally wrong. Our formula, in many instances, mistakenly displays 2 more bars than it should for a given signal strength. For example, we sometimes display 4 bars when we should be displaying as few as 2 bars. Users observing a drop of several bars when they grip their iPhone in a certain way are most likely in an area with very weak signal strength, but they don’t know it because we are erroneously displaying 4 or 5 bars. Their big drop in bars is because their h...

The letter was shared around and clowned upon () but nobody really looked into what the formula between 4.0 and the patch in 4.0.1

I was a stupid eight-year-old at the time, but now I’m a stupid adult with access to a disassembler.daringfireball.net/2010/07/transl…

I downloaded both firmwares and started poking around. In the CoreTelephony framework, I found a promising looking binary: CommCenter. Looking at the strings gave me a pretty good sense that this is where the bar formula was. strings CommCenter | grep -i bars UseEcn0Bars ecn0 is %d / signal is %d, assuming 5 bars ecn0 is %d / signal is %d, assuming 4 bars ecn0 is %d / signal is %d, we say %d bars telling UI to draw %d bars, %d signal

The actual calculation is dead simple. When converting signal strength to bars, CommCenter loads each threshold from memory and compares until it finds the right range.

This code is not the problem... 0003434e ldr.w r3, [r2, r4, lsl #2] ; Load threshold[bar_count] 00034352 cmp r5, r3 ; Compare RSSI to threshold 00034354 ble loc_3435c ; If RSSI <= threshold, stop 00034356 adds r4, #0x1 ; bar_count++ 00034358 cmp r4, #0x5 ; Check if reached 5 bars 0003435a bne loc_3434e ; Loop

...this is. This is the lookup table. When you convert the bytes to actual dBm values, you get:
-115, -111, -107, -103, and -99

(the closer to zero, the better the signal)

For example, here you need -107 or better signal to see 3 bars. Raw bytes
Five threshold values for signal bars. - 0x8DFFFFFF equals −115 dBm, marking the 1-bar threshold. - 0x91FFFFFF equals −111 dBm, 2-bar threshold. - 0x95FFFFFF equals −107 dBm, 3-bar threshold. - 0x99FFFFFF equals −103 dBm, 4-bar threshold. - 0x9DFFFFFF equals −99 dBm, 5-bar threshold.

When you plot this onto a chart, you can see how the values are kinda screwed up since the values are really optimistic. Most of the time, you would see 4-5 bars. But when you gripped it, since the falloff is so sharp, you’d see a catastrophic drop from 5 to 2 bars. Image

In 4.0.1, they changed these values to be way smoother. Raw 4.0.1 lookup table values
• 0x86FFFFFF equals −122 dBm — 1 bar threshold. • 0x98FFFFFF equals −104 dBm — 2 bars threshold. • 0x9EFFFFFF equals −98 dBm — 3 bars threshold. • 0xA7FFFFFF equals −89 dBm — 4 bars threshold. • 0xB0FFFFFF equals −80 dBm — 5 bars threshold.

Mapped onto a chart, you can see that it takes a lot to drop from 5 to 0 bars. It’s harder to see 5 bars, but it’s harder to plummet bars. 4.0 and 4.0.1 signal bar thresholds mapped onto each other. The 4.0 line jumps from 0 to full bars in a fairly short span compared to 4.0.1

So there ya go. 20 bytes.

This has concluded a Tech Thread. Back to shitposting.

oh also in 4.0.1 they changed the height of the lower bars to be taller lmao

• • •

Missing some Tweet in this thread? You can try to force a refresh

Read Entire Article
  1. Homepage
  2. Technology
  3. This was the fix to the iPhone Antennagate in 2010. 20 bytes

Related

The Perfect Router Does Not Exi [video]

The Perfect Router Does Not Exi [video]

15 minutes ago 0
Suneung: Blind students sit 13-hour college entry exam in South Korea

Suneung: Blind students sit 13-hour college entry exam in So...

15 minutes ago 0
October Jobs Report to Skip Unemployment Rate, Hassett Says

October Jobs Report to Skip Unemployment Rate, Hassett Says

15 minutes ago 0
Hostinger Web Hosting