Portable media player. Released in September 2009.
Nano runs propertiary Apple firmware. Nothing more is known about it since it's encrypted.
CPU: Samsung S5L8730 SoC (iPod Touch 2G has S5L8720)
8/16 GB NAND flash (depending on model)
Select+Menu - Reboot
Select+Prev - Diags Menu (hold during startup - see below)
Select+Play - Disk Mode
Hardware checks and system information. About menu displays SysCfg contents and other things (for example… EFI Version)
Nano has a DFU Mode. Uses the same protocol as iPhone.
To enter DFU, plug in USB cable, hold Select+Menu until screen goes off, then press Select+Menu again. If iTunes is running, it will download WTF and then FIRMWARE file that launches Disk Mode, allowing firmware restore.
Files downloaded by iTunes when it detects Nano in DFU
x12310000_Recovery/ Restore.plist //parsed by iTunes - nothing interesting in here Firmware/ dfu/ WTF.x1231.RELEASE.dfu //encrypted in the same way as N33.bootloader.release.rb3
When iTunes sends it to Nano, screen stays white for a few seconds and then Disk Mode is executed.
x12460000_Recovery/ Restore.plist Firmware/ dfu/ FIRMWARE.x1246.RELEASE.dfu //encrypted in the same way as N33.bootloader.release.rb3
Playing with iRecovery
Change Product IDs in iRecovery source and compile it. It works fine with nano. Sending WTF twice causes white screen and USB communication loss
Note: IPSW files are normal ZIP files with changed file extension
The actual firmware file. Copied to NAND during restore. Divided into 9 sections:
- disk (Disk mode - shows a iPod1G-style Disk Mode screen)
- diag (Diagnostics)
- appl (probably Apple boot logo)
- lbat (low battery image - loaded instead of osos image when battery is low)
- bdsw (Connect to iTunes screen)
- bdhw (Need Service screen?)
- rsrc (OS resources - graphics, fonts, localization strings etc.)
- osos (iPod operating system - encrypted)
Encrypted bootloader. This is a 8730 file (variation of iPhone1,1 8900 file format).
iTunes parses this during restore.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>FirmwarePayload</key> <dict> <key>FirmwareName</key> <string>Firmware.MSE</string> <key>BootloaderName</key> <string>N33.bootloader.release.rb3</string> <key>BuildVersion</key> <string>34A20020</string> <key>ProductVersion</key> <string>1.0.2</string> <key>UpdaterFamilyID</key> <integer>34</integer> <key>FamilyID</key> <integer>16</integer> </dict> </dict> </plist>
on iPhone, iPad, AppleTV, PC. It's free.