Huh, this is an old trick but always a good one. Back in the days when iPhones were AT&T exclusive people managed to bypass the carrier lock by fuzzing all possible permutations of AT commands to the baseband. Once a crash was found it could potebtially be used as an exploit to modify its internal state.
It took Apple four years to harden their baseband firmware to resist all kinds of fuzzing efforts and bear in mind Apple only had 2-3 concurrent models to worry about. It must be harder for android vendors with their myriad different platforms.
That would be a later jailbreak, not a baseband unlock per se.
Geohot's first iPhone hack, IIRC, used an unsecured JTAG pinout he managed to find on the PCB that allowed direct write access to the firmware. Later it was discovered that the system bootloader had enough exploits that the process could be done entirely in software.
Later iPhone models would gradually ramp up security to the point that nothing of this sort could be done very easily even with physical access.
It took Apple four years to harden their baseband firmware to resist all kinds of fuzzing efforts and bear in mind Apple only had 2-3 concurrent models to worry about. It must be harder for android vendors with their myriad different platforms.