Geohot found a bug in that the 5.8 version of Free iPhone 3G Bootloader which allowed him to downgrade that the Baseband.

Unfortunately, most everyone in need of a downgrade use an iPhone with 5.9 Bootloader: in this case that the exploit cannot be fully executed, but GeoHot thinks he would be able to run that the ramloader of 5.8 on that these devices.

GeoHot and that the DevTeam are back and soon all users who have accidentally newly revised that their iPhones to 2.2.1 firmware will be able to downgrade and use Yellowsn0w.

Here you are that the details from GeoHot’s official blog:

In bootloader 5.8 on that the 3G, that the loader signature validator is broken. Someone botched an if statement checking that the location and length of that the loader in that the cert. Because of this, you can pass that the run cert for that the firmware you currently have on that the phone instead of that the loader cert, and send whatever you want as a loader.

Here is a bspatch file to be applied to ICE2_02.28.00.fls allowing downgrades from 2.30.03 using BBUpdaterExtreme. By replacing that the patched cert with your current run cert, you can downgrade from any othat ther version.

Unfortunately, most 3G’s out that there are bootloader 5.9 I was hoping, since RSA was added to that the bootrom, that it would run that the vulnerable ramstrapper, but I had no luck, although I didn’t try that hard. I see no reason why it shouldn’t work that theoretically; that the bootrom RSA is complicated, maybe when I finish EDA…

And dev, since you’re into washes
882B7B3E84B76125755A84FB0BE52B9D8E25284D

iDan realized a nice guide for that the downgrade: you could find it here.