Alright, so we have certainly come into a problem here. We have a rooted 1.5 release, but we can't find any way to downgrade from 2.1 to 1.5. So how do we do it? Well I noticed no matter what device, whether it be the MyTouch Fender Edition or the CDMA Hero; they have had success using a goldcard to downgrade. Unfortunately, the eris team has had no luck in doing the same. Has anyone tried using the successor of QMat to create the goldcard?
So anyone running 2.1 on the Eris can give this a try. Follow the CDMA Hero Goldcard tutorial on this site: http://forum.xda-developers.com/showthread.php?t=572683
Except instead of using the QMAT application in step one, download the PSAS application from this site: http://psas.revskills.de/?q=node/6
After you create your goldcard: Try flashing the MR1 or MR2 update. You can find the MR2 from here http://www.pcdphones.com/phone_downloads.aspx?bid=126&cid=1&mid=353&carrier=Verizon Wireless .
If this new application does not work, I will attempt to contact the developers of QMAT, as a goldcard should work if it is working properly.
psas 1.07
Downloaded PSAS 1.07 from your link and run it through AVG anti-virus with the following results.
psas.zip";"Virus identified Win32/Themida";"Infected"
are these false or is this really infected.
I can verify that is how my gold card was made and it does not work.
binny1007 said:
I can verify that is how my gold card was made and it does not work.
Click to expand...
Click to collapse
Alright Binny, I'll go ahead and contact the devs and see if they have any ideas.
stormtrader said:
Downloaded PSAS 1.07 from your link and run it through AVG anti-virus with the following results.
psas.zip";"Virus identified Win32/Themida";"Infected"
are these false or is this really infected.
Click to expand...
Click to collapse
virusscan.jotti.org/en/scanresult/c02a06eda58214e6d05968254145663cf12ea2d1
mdc4115 said:
virusscan.jotti.org/en/scanresult/c02a06eda58214e6d05968254145663cf12ea2d1
Click to expand...
Click to collapse
This is what PSAS claims on their site: "All downloads from this site are confirmed to be 100% virusfree. Some virus scanners however (like NOD) tend to report it as virus, although it isn't."
Feels a bit like I'm kicking a dead horse, however;
I've also created a gold card and was unable to get the RUU to run its course. Sad day for 2.1 ers
Gold card DOES NOT work with 2.1. I'm assuming that they messed with how they are created in the newer hboot version. Thanks apreichner for talking to the devs for us!
Hi everyone. It's my first post, but I've been following your activity with some interest. I did a little research on goldcards and QMAT/PSAS.
Turns out that as of a year ago anyway, the PSAS dev team was two people: viperbjk and cmonex, who are members of this forum. I also discovered that the latest version of PSAS only generates goldcards for older devices like the G1 unless you register the software and pay viperbjk a fee. Here's some of the drama surrounding that decision (not a full link since I'm not yet allowed): showthread.php?t=485364&page=21
Before there was QMAT, there was a Perl script called typhoonnbfdecode.pl which was developed by itsme, also a forum member. This script was written for HTC Windows Mobile devices, but I gather that the CID encryption algorithm is similar for our Android devices. I think that QMAT/PSAS is just a another implementation of the algorithm, although extended for newer devices (i.e. some extra reverse engineering that viperbjk & cmonex are now charging for). There's lots of old information in the forum about the itsme Perl script, but the links for the Perl script seem broken. However I found a copy on the web (don't know if its the latest version), and it is attached.
So anyway, it seems to me that we either need to rediscover how to make a goldcard for the newer Android devices (starting with the itsme script), or start paying off the PSAS dev team...
lurker/n00b question here
What is PSAS supposed to be doing, exactly?
From all I can tell by the instructions, I'm simply reversing the string that I got from the adb command (although, in my case, it's dropping the last character from the initial string in the reversed output).. I'm assuming it's no better at reversing strings than QMAT, so I figure I must be missing something?
t2of3 said:
Hi everyone. It's my first post, but I've been following your activity with some interest. I did a little research on goldcards and QMAT/PSAS.
Turns out that as of a year ago anyway, the PSAS dev team was two people: viperbjk and cmonex, who are members of this forum. I also discovered that the latest version of PSAS only generates goldcards for older devices like the G1 unless you register the software and pay viperbjk a fee. Here's some of the drama surrounding that decision (not a full link since I'm not yet allowed): showthread.php?t=485364&page=21
Before there was QMAT, there was a Perl script called typhoonnbfdecode.pl which was developed by itsme, also a forum member. This script was written for HTC Windows Mobile devices, but I gather that the CID encryption algorithm is similar for our Android devices. I think that QMAT/PSAS is just a another implementation of the algorithm, although extended for newer devices (i.e. some extra reverse engineering that viperbjk & cmonex are now charging for). There's lots of old information in the forum about the itsme Perl script, but the links for the Perl script seem broken. However I found a copy on the web (don't know if its the latest version), and it is attached.
So anyway, it seems to me that we either need to rediscover how to make a goldcard for the newer Android devices (starting with the itsme script), or start paying off the PSAS dev team...
Click to expand...
Click to collapse
you are wrong about applying the itsme algo, the newer devices use a completely different one.
So how much would it take to have a gold card made for the eris? There were quite a few people willing to pool together for root. I dont see the difference.
@stingbliss: Depending on how you read the CID off the SD card, the bytes may be reversed. So the first step is always to get them in the right order. You can easily do this by hand or you can use PSAS to do it for you. Then there is an encryption algorithm which involves the CID and some device-specific keys that PSAS performs to generate a Goldcard image. That's my interpretation anyway.
@JTF2007: If you are willing to pay for a Goldcard, I think you can do it today using a registered version of PSAS. Eris shows up in the software's device list, so I assume that it is supported (though you might want to check with the devs before paying). You can create up to 5 Goldcards with your registered software. So the difference is that each person pays--a pool does not deliver root for all.
t2of3 said:
@stingbliss: Depending on how you read the CID off the SD card, the bytes may be reversed. So the first step is always to get them in the right order. You can easily do this by hand or you can use PSAS to do it for you. Then there is an encryption algorithm which involves the CID and some device-specific keys that PSAS performs to generate a Goldcard image. That's my interpretation anyway.
@JTF2007: If you are willing to pay for a Goldcard, I think you can do it today using a registered version of PSAS. Eris shows up in the software's device list, so I assume that it is supported (though you might want to check with the devs before paying). You can create up to 5 Goldcards with your registered software. So the difference is that each person pays--a pool does not deliver root for all.
Click to expand...
Click to collapse
Do you know what the price is on the gold cards? Can you give the other 4 to 4 other people or does it all have to be done on the same comp.
zifnab06 said:
Gold card DOES NOT work with 2.1. I'm assuming that they messed with how they are created in the newer hboot version. Thanks apreichner for talking to the devs for us!
Click to expand...
Click to collapse
Well, I didn't have yet a look at the 2.1 one, but I'll have a look at it right now
in order to confirm whether the same algo is used and if they just disabled downgrade by version check (as they did with all other android phones) OR
if they use a new goldcard algo (or even disabled it).
So From what I picked up Gold card is still a posibility?
Ok, here is the news :
The algorithm is just the same. The protection is just the same as for all other newer SPLs. And yes, downgrade using goldcard isn't possible. There is a security check that will allow to downgrade the version only if the device is security unlocked (S-OFF not S-ON).
viperbjk said:
Ok, here is the news :
The algorithm is just the same. The protection is just the same as for all other newer SPLs. And yes, downgrade using goldcard isn't possible. There is a security check that will allow to downgrade the version only if the device is security unlocked (S-OFF not S-ON).
Click to expand...
Click to collapse
viperbjk,
this sounds like a stupid question. But how do we turn S-ON to S-OFF? You seem to know alot more about this than most people i've talked to.
Thanks!
Edit - and I'd like to know what other uses a goldcard has then if that is possible. Thanks
zifnab06 said:
viperbjk,
this sounds like a stupid question. But how do we turn S-ON to S-OFF? You seem to know alot more about this than most people i've talked to.
Thanks!
Edit - and I'd like to know what other uses a goldcard has then if that is possible. Thanks
Click to expand...
Click to collapse
Goldcard : it gives supercid, which means you can write any rom with any cid.
S-ON : Security Lock, a flag in NAND to switch between developer and
production rom ... also known as "full root". If ram can be written,
the flag can be temporary set to S-OFF. If nand can be written,
you can permanently switch to S-OFF.
WBR
Im wondering if someone can post pics of the motherboard I'll attempt a NAND dump if there are points for me to jtag it.
Related
Hello friends,
I cannot see the archives that are in the ext-ROM, of any of the ways that I have seen in all this forum, I have proven all and no it has worked to me. Somebody can make use to me?
Thank you very much by everything a greeting
As I read in these forums you must unlock your device in order to make visible your extrom...
Pocha said:
As I read in these forums you must unlock your device in order to make visible your extrom...
Click to expand...
Click to collapse
I have watched in all the forums, and have proven everything, even my HTC this unblocked, but I follow without seeing extrom, have proven with this tuto http://forum.xda-developers.com/showthread.php?t=296276 to install another ROM and it gives a failure me at the end of writing in the ROM
Your device doesn't have to bee CID unlocked to be able write the images to the phone using this procedure.
Although this procedure seems to be pretty easy be careful Be sure you have at least one working ship update from your provider in case things go wrong
Uhm... I really thought that you need CID unlocked your device in order to make changes in your ExtRom... when I can recover my HTC I will make some tests about it...
I if you want pass my ROM, single you must say to me as he is and it attempt, is but if you speak in spanishl me you explain it in spanish by private, and I watch to have if you I can happen. A greeting
at chustaschus I wrote a pm
i am using the vodavone vpa compact II which came locked for one specific provider. when i put my simcard into the device, it said that in order to unlock it, i had to input some code (cannot remember what the name was, it's been a long time since then). from a friend who happens to work at another provider i got this code, he just needed to know the IMEI of the device. after using it my wizard was unlocked and i was able to use my simcard.
but how do i know if it is also CID-unlocked?
if yes, then it would be much easier now to update it to wm6, right?
EricCartman said:
if yes, then it would be much easier now to update it to wm6, right?
Click to expand...
Click to collapse
CID unlocking isn't the same as SPL unlocking. They are exclusive to one another.
You need to know if your phone is G3 or G4, and then decide whether to do a SoftSPL unlock or a HardSPL unlock, if it's a G4.
Bottom line, you have a LOT of reading to do first.
You need to learn the pitfalls before you go bricking your phone, and then start sending those frantic "PLEASE HELP!" posts to the boards. Flashing your phone with a cooked ROM isn't like installing a plugin, or loading Google Maps. It's much more treacherous. Judging by the frequency with which "Please Help!" posts get published, I'd say that 4 out of 5 noobs don't bother reading the Wiki or the sticky threads on these boards before proceeding with a ROM flash. Do yourself a favor and don't be that guy. Do a LOT of reading before you start downloading anything.
Read the Wizard wiki THOROUGHLY
Read the Wizard Mobile 6 Sticky messages
Read the SoftSPL thread
Find a good backup tool that you like
Load Total Commander CE. Get used to using it. Most ROMs include it as a default, and it's priceless as a file manager and registry editor, combined
Learn about OMAPClock Plus. If you're planning on flashing to WM6, you're going to want overclocking capabilities!
This list is by no means comprehensive. This is just the "Getting Started" homework you should be doing. An informed geek makes better choices for himself than anyone else can make for him/her.
EricCartman said:
i am using the vodavone vpa compact II which came locked for one specific provider. when i put my simcard into the device, it said that in order to unlock it, i had to input some code (cannot remember what the name was, it's been a long time since then). from a friend who happens to work at another provider i got this code, he just needed to know the IMEI of the device. after using it my wizard was unlocked and i was able to use my simcard.
but how do i know if it is also CID-unlocked?
if yes, then it would be much easier now to update it to wm6, right?
Click to expand...
Click to collapse
Simply download WST_4.2.2 and run it,it'll give all the details and confirm if its CID locked or unlocked,After that decide what you have to do.
zabardast_1 said:
Simply download WST_4.2.2 and run it,it'll give all the details and confirm if its CID locked or unlocked,After that decide what you have to do.
Click to expand...
Click to collapse
thanks, that's the answer i've been looking for.
I was wondering if it would be possible to take a BA Windows Mobile 6.5 rom and put it on to a Harrier/PPC-6600.
I'm sure this has been asked before, I just haven't found it.
I believe the only differences between the two devices are:
Harrier: BlueAngel:
64 MB ROM 96 MB ROM
No WiFi WiFi
CDMA GSM?
We could remove the WiFi module/software and then we wouldn't need the extra 32MB of ROM (hehe because I'm sure it would take 32MB ).
I have little programming experience (conversational in Flash, a few words in Python) but a fair knowledge of computers and I do have a Harrier so I could test it out(provided there's less than a 50% chance of bricking it) and help out to try to get it working if I had instructions.
Is this possible or should I just stick with WM 2003 SE?
If this question has been asked 3428930480328 times, then I apologize.
Thanks in advance .
It actually has been asked before
Next time you have questions, please post them in the Q&A section. Opening new threads is only for contributions to the forum (roms, kitchens, themes, etc).
To answer your question, no one has been able to port anything over 2003 to the Harrier. There are many major differences aside from the ones that you have already mentioned, which are substantial in the first place. Hope this answers your question.
It can be done you would just need to write a bootloader from scratch, one which can support wince 5.0.
What are the other major substantial differences?
A previous post from GnatGoSplat suggested that the following steps should make a GSM ROM work on a CDMA phone.
To make this work, you would have to:
1. Dump your WM5 ROM.
2. Separate dump into SYS and OEM packages.
3. Extract XIP.
4. Build new XIP with WM6.1 MSXIPKERNEL.
5. Build new IMGFS with new WM6.1 SYS folder.
6. G'Reloc the entire ROM.
7. BuildOS to create a dump.
8. Use Tadzio's tools to create a .bin, then to a .nb file.
9. Flash the .nb file.
This is sure to work, but isn't simple to do. If you're new to ROM cooking in general, you'll have a lot to learn before you can even attempt this. I've been cooking ROMs for 4-months and I still have a lot to learn.
Click to expand...
Click to collapse
I'd really like to get this to work. I have the time to donate and I'm a quick learner.
Are the steps shown above accurate in this context?
michael-knight said:
What are the other major substantial differences?
A previous post from GnatGoSplat suggested that the following steps should make a GSM ROM work on a CDMA phone.
I'd really like to get this to work. I have the time to donate and I'm a quick learner.
Are the steps shown above accurate in this context?
Click to expand...
Click to collapse
Here is the thing... WM5 was never ported to the Harrier, so going from WM2003, you need to do something far substantially different to what you described.
Again, it has not been done. I am not saying it is impossible, but no one has done it.
Update and some questions
After much research and screwing around lol, I attempted to extract a Harrier rom using xda3nbftool.exe . Unfortunately, using the password "0x20040521" gave me the "WARNING: this does not look like a nbf header, possible you provided the wrong password" error.
So, I compared it to a BlueAngel rom that WOULD extract using a hex editor to try and figure out what the difference was, and at the address 0x20040521 (I assumed that's what the "password" meant), there is no difference.
In fact, there are NO differences after 12MB in the file. That means AT LEAST 20MB of a Harrier ROM is IDENTICAL to that of a BlueAngel rom.
It's not like there's even 12 MB worth of differences - there's far less than that. I would guess around 5 or 6 worth. What I said was that 12MB into the file, there are none. In that 12MB, there are similarities still - I'm just too lazy atm to total it up
Anyway, that was just to prove how similar the Harrier is to the BlueAngel for some more support over here on the CDMA side of things (although that 20MB of similarity is probably just Windows Mobile 2003SE ).
My question is, why won't xda3nbftool.exe produce a usable result if the address it looks at is about 6.6 MB after the end of differences and start of 100% similarity?
Also, I have my own Harrier's rom dumped (using d2s, haven't done anything to it after that). How do I turn this into a nk.nbf file or split it into SYS and OEM? I've done much googling. The things I've tried so far have failed.
michael-knight said:
After much research and screwing around lol, I attempted to extract a Harrier rom using xda3nbftool.exe . Unfortunately, using the password "0x20040521" gave me the "WARNING: this does not look like a nbf header, possible you provided the wrong password" error.
So, I compared it to a BlueAngel rom that WOULD extract using a hex editor to try and figure out what the difference was, and at the address 0x20040521 (I assumed that's what the "password" meant), there is no difference.
In fact, there are NO differences after 12MB in the file. That means AT LEAST 20MB of a Harrier ROM is IDENTICAL to that of a BlueAngel rom.
It's not like there's even 12 MB worth of differences - there's far less than that. I would guess around 5 or 6 worth. What I said was that 12MB into the file, there are none. In that 12MB, there are similarities still - I'm just too lazy atm to total it up
Anyway, that was just to prove how similar the Harrier is to the BlueAngel for some more support over here on the CDMA side of things (although that 20MB of similarity is probably just Windows Mobile 2003SE ).
My question is, why won't xda3nbftool.exe produce a usable result if the address it looks at is about 6.6 MB after the end of differences and start of 100% similarity?
Also, I have my own Harrier's rom dumped (using d2s, haven't done anything to it after that). How do I turn this into a nk.nbf file or split it into SYS and OEM? I've done much googling. The things I've tried so far have failed.
Click to expand...
Click to collapse
Since it seems that you are really inclined into making this work... I guess I can try to point you were you can get more info since I don't know much about porting stuff myself
Check in the Himalaya section. There is a porting guide (I believe by Ather90), which goes into a lot of the stuff that you are asking about. Unfortunately for us, cooking nbf files is a lost art and very few people in this forum will be able to help you (Da_G probably being one of them)
michael-knight said:
I was wondering if it would be possible to take a BA Windows Mobile 6.5 rom and put it on to a Harrier/PPC-6600.
I'm sure this has been asked before, I just haven't found it.
I believe the only differences between the two devices are:
Harrier: BlueAngel:
64 MB ROM 96 MB ROM
No WiFi WiFi
CDMA GSM?
We could remove the WiFi module/software and then we wouldn't need the extra 32MB of ROM (hehe because I'm sure it would take 32MB ).
I have little programming experience (conversational in Flash, a few words in Python) but a fair knowledge of computers and I do have a Harrier so I could test it out(provided there's less than a 50% chance of bricking it) and help out to try to get it working if I had instructions.
Is this possible or should I just stick with WM 2003 SE?
If this question has been asked 3428930480328 times, then I apologize.
Thanks in advance .
Click to expand...
Click to collapse
Lots of us waiting for such thing. Good luck!
Sorry to bump the thread, but now my real world things have came to an end with exams being over and such.
I sent a private message at the beginning of this month to Ather90 and Da_G but neither of them have replied. If anyone has any suggestions or advice, please let me know.
michael-knight said:
Sorry to bump the thread, but now my real world things have came to an end with exams being over and such.
I sent a private message at the beginning of this month to Ather90 and Da_G but neither of them have replied. If anyone has any suggestions or advice, please let me know.
Click to expand...
Click to collapse
Da_G has been somewhat absent lately and (my mistake) Ather90 is now Ather. Try to send him a message and see if he replies.
First i apologize for creating another new thread and disturbing you guys. But i took mytime going through the website and the tutorials, and it made me more confused.
Quick info got HTC HD2 from craigslist today and thinking for a possible solution to unlock the device..here people talks about various ROM's , i think installing any of one these wont unlock the phone. Can you please suggest me how to unlock the mobile by pointing to a thread or tutorial.
my htc details
OS version 5.2.21892
manila version 2.5.20121412.2
ROM version 2.13.531.1 (90963) WWE
Radiio version 2.10.50.26
protocol version 15.39.50.07u.
the threads talks about various ROM and HSLP and all..but i am completely lost what is what.
Thanks,
WY.
going to sleep my next reply will take time.
http://forum.xda-developers.com/showthread.php?t=653614
Sticky right at the top of rom threads!!!
so flashing means unlocking...and i dont have a sd card with still i can do it right.
whatyaar said:
so flashing means unlocking...and i dont have a sd card with still i can do it right.
Click to expand...
Click to collapse
A Rom is basically an operating system for your phone. A Custom/Cooked Rom is a Stock/Shipped Rom that has been stripped of clutter and tweaked to give the best performance. Custom Roms usually contain the latest updates and programs so are more stable and up to date and work better than stock roms that are supplied with your phone.
In my understanding, think of flashing as giving your phone more freedom and you only need to flash HARDSPL your device only "ONCE" to take advantage of the features that custom ROMs offer. You can hardspl ur device easily via usb cable (without a memory card), so read the post in d link above thoroughly n ask feel free 2 ask more questions.
whatyaar said:
the threads talks about various ROM and HSLP and all..but i am completely lost what is what.
Click to expand...
Click to collapse
The HPSL is what, for lack of a better term, "jailbreaks" the HD2. The ROMs are the operating systems of the phones. Radios are also an important thing, and they have something to do with how your phone interacts with the network.
Now, I'm a n00b myself, so anybody please feel free to correct any errors I made.
whatyaar said:
so flashing means unlocking...and i dont have a sd card with still i can do it right.
Click to expand...
Click to collapse
I want to make sure you're not getting confused on something here...
Are you trying to get your phone to the point where you can run non-official ROM's on it? That's what using HSPL and flashing is.
Or, are you trying to be able to use the phone with other carriers than T-Mobile? That requires unlocking (completely independent of HSPL/flashing), and that's not something that's there's a tutorial for you to do...you either need to call T-Mobile and tell them you need the unlock code, or if you aren't a T-Mobile customer you will need to use one of the various unlocking services you'll find on e-bay, etc.
sirphunkee said:
I want to make sure you're not getting confused on something here...
Are you trying to get your phone to the point where you can run non-official ROM's on it? That's what using HSPL and flashing is.
Or, are you trying to be able to use the phone with other carriers than T-Mobile? That requires unlocking (completely independent of HSPL/flashing), and that's not something that's there's a tutorial for you to do...you either need to call T-Mobile and tell them you need the unlock code, or if you aren't a T-Mobile customer you will need to use one of the various unlocking services you'll find on e-bay, etc.
Click to expand...
Click to collapse
thanks a lot you answered mypoint correctly. i tried to flash the rom from the above link and then installed Cleanex ultra series.
..dint liked it and want to get my previous settings. i selected clear data..butits not doing any thing...can anyone help.
whatyaar said:
thanks a lot you answered mypoint correctly. i tried to flash the rom from the above link and then installed Cleanex ultra series.
..dint liked it and want to get my previous settings. i selected clear data..butits not doing any thing...can anyone help.
Click to expand...
Click to collapse
The step you're trying there (clear data) is also known as a "hard-reset"...it wipes the data off your phone and returns it to the orginial state of whatever ROM you currently have flashed on it (in your case: Cleanex)....so to get it back the way it was when you bought it, you'll need to flash a stock T-Mobile ROM back on to it.
sirphunkee said:
The step you're trying there (clear data) is also known as a "hard-reset"...it wipes the data off your phone and returns it to the orginial state of whatever ROM you currently have flashed on it (in your case: Cleanex)....so to get it back the way it was when you bought it, you'll need to flash a stock T-Mobile ROM back on to it.
Click to expand...
Click to collapse
can you guide me how to do it. so will there be .exe that can be downloaded from tmobile and connect my mobile and execute it..
some body please help me to find the Original tmobile USA rom.
whatyaar said:
can you guide me how to do it. so will there be .exe that can be downloaded from tmobile and connect my mobile and execute it..
Click to expand...
Click to collapse
Yes, that's pretty much exactly how it works. You can find the official download for it at this link:
http://dl.htc.com/ruudownload/t-mobileUS/Filedownload.aspx?pid=leo
You'll have to enter your phone's IMEI number (located on a sticker beneath the battery) to verify that you have an HD2, and then it will let you download. It's pretty simple to do, but here's a set of detailed instructions if you need (which include the step of downloading from that link above):
http://support.t-mobile.com/doc/tm54430.xml?
thank you very much Mr.sirphunkee ...you saved my day.
whatyaar said:
thank you very much Mr.sirphunkee ...you saved my day.
Click to expand...
Click to collapse
No problem...that's what we're here for
whatyaar said:
First i apologize for creating another new thread and disturbing you guys. But i took mytime going through the website and the tutorials, and it made me more confused.
Quick info got HTC HD2 from craigslist today and thinking for a possible solution to unlock the device..here people talks about various ROM's , i think installing any of one these wont unlock the phone. Can you please suggest me how to unlock the mobile by pointing to a thread or tutorial.
my htc details
OS version 5.2.21892
manila version 2.5.20121412.2
ROM version 2.13.531.1 (90963) WWE
Radiio version 2.10.50.26
protocol version 15.39.50.07u.
the threads talks about various ROM and HSLP and all..but i am completely lost what is what.
Thanks,
WY.
going to sleep my next reply will take time.
Click to expand...
Click to collapse
I read in the forum that the ROMs don't unlock your phone. They are just customizations for whatever the purpose may be. I use MIRI v17.6 ROM so that I can run Android on my HD2 US. I'm only missing Microsoft Word Mobile. My HTC HD2 US is unlocked because I paid cash for it and I requested the unlock code from T-Mobile unlike my iPhone 3GS that is still locked even though I owed no money on it.
I have not read anything about unlocking (rooting in this forum?) your HD2 (I assume) in this forum. Remember, Google has the answer for virtually everything if you ask her.
I hope you slept well!
ttownfeen said:
The HPSL is what, for lack of a better term, "jailbreaks" the HD2. The ROMs are the operating systems of the phones. Radios are also an important thing, and they have something to do with how your phone interacts with the network.
Now, I'm a n00b myself, so anybody please feel free to correct any errors I made.
Click to expand...
Click to collapse
Also, if i may add, the HPSL3 is some kind of protection not to damage your phone in case you use the wrong ROM, I read. therefore, for the HD2 US, I watched on youtube how to install the HSPL3. Then I picked a ROM that suits my purpose and I flashed my HD2 (on youtube also). That's it. I did not have to bother installing a radio file because my ROM did not require it since I have the US hd2.
ketzazu said:
I read in the forum that the ROMs don't unlock your phone. They are just customizations for whatever the purpose may be. I use MIRI v17.6 ROM so that I can run Android on my HD2 US. I'm only missing Microsoft Word Mobile. My HTC HD2 US is unlocked because I paid cash for it and I requested the unlock code from T-Mobile unlike my iPhone 3GS that is still locked even though I owed no money on it.
I have not read anything about unlocking (rooting in this forum?) your HD2 (I assume) in this forum. Remember, Google has the answer for virtually everything if you ask her.
I hope you slept well!
Click to expand...
Click to collapse
Ketzazu, did you read any of the posts in this thread after the 1st one...?
Anyone heard about M9+ S-Off method in development?
It would be very nice to have that so we can change carrier ID.
At the moment we can't change from chinese to asia wwe or Taiwan etc etc firmwares or just CIDs, and thus who has a chinese CID in the aboot partition is bound to get Chinese news on blinkfeed. (I've gathered some information and this is the situation: blinkfeed is working with carrier id of the phone and other language resources. Read about this on E8 and chinese m8 phones, but now there's a solution for this with custom rom and mod, look up in this forum, CleanSlate or Mod Sense Home...)
I'd be willing to donate if S-Off would become possible. Of course we don't have the kernel sources yet, so it's very improbable that someone would be working on it already, but let's just start a discussion about this.
UPDATES:
So what we know so far,
- there's the JCard method possible which needs a service or a JCard at home
- the bootloader is type ABoot
- no method yet for s-offing without JCard
- no kernel sources out yet for the phone
J card works.
so far, only java card works
Thanks good to know about JCard thing!
Hopefully when kernel sources will be out, some brute force method can be found to access the protected partition and flip it to S-Off.
It would be nice to have a method that can be done with only software and PC.
There's been a recent dump of kernel sources yesterday on http://www.htcdev.com/devcenter/downloads but not the m9pw yet. Hope they release it soon enough, so someone can look at it. Hopefully a hoard of M9+ users would be willing to donate for the one who brings such method. I'll be first in line to donate.
Maybe there's already a similar device with MTK and similar boot loading mechanism cracked?
Do someone know if there were any other HTC device with MTK chipset S-Offed without JCard, like S-Off with revone and such methods?
Not sure if the sunshine boys are going to be working on s off on the plus but those guys would probably be the ones who do it, their stomping ground is Qualcomm however
I have access to HTC Authorized service in my City. These guys already have J Card but unfortunately the don't have detailed guideline how to deal with M9 +
They said that in another MTK HTC devices there is a option in the bootloader mode (Sim lock) and they are doing official S off in this menu, but there was no Sim lock Menu in M9+ bootloader.
If someone knows how to deal with this issue I will continue my attempts for S Off.
zazabichi said:
I have access to HTC Authorized service in my City. These guys already have J Card but unfortunately the don't have detailed guideline how to deal with M9 +
They said that in another MTK HTC devices there is a option in the bootloader mode (Sim lock) and they are doing official S off in this menu, but there was no Sim lock Menu in M9+ bootloader.
If someone knows how to deal with this issue I will continue my attempts for S Off.
Click to expand...
Click to collapse
maybe @SteelH or @ntflc has some tips?
tbalden said:
maybe @SteelH or @ntflc has some tips?
Click to expand...
Click to collapse
S-off is possible with jcard. Dont know what tip you are looking for.
SteelH said:
S-off is possible with jcard. Dont know what tip you are looking for.
Click to expand...
Click to collapse
I have access to Jcard but don't know how to S off the device.
Could you please please advice me?
zazabichi said:
I have access to Jcard but don't know how to S off the device.
Could you please please advice me?
Click to expand...
Click to collapse
oem writesecureflag 0
Already S offed. What's next?
zazabichi said:
Already S offed. What's next?
Click to expand...
Click to collapse
Nice! What's your intentions? Do you want to try to convert your phone to another region's full firmware? There's some risk in that, we don't exactly know if the hardware from China and the other regions are fully the same and compatible, like the radio unit. I guess they are, I didn't have any issues running the phone on Asia WWE firmware or European, but I didn't (and couldn't because of S-On on my device) try a full conversion with all the S-On protected partitions of the phone. I only could flash boot/recovery/data and system, but there's a lot more of different partitions related to the hardware functionality.
Practically with s-off you can overwrite the CID (carrierid) to supercid (1111111 or something like that ) of your phone and thus you can convert flash any other regions full RUU firmware zip from 'fastboot oem rebootRUU' mode. Then you can receive OTAs of that different regions.
Otherwise being s-off means nothing much more than that opportunity.
Also probably you could unlock the sim lock to a certain phone company if your sim is bound to a phone company, on an S-Offed device you can do that. But I'm not sure how that's done.
tbalden said:
Nice! What's your intentions? Do you want to try to convert your phone to another region's full firmware? There's some risk in that, we don't exactly know if the hardware from China and the other regions are fully the same and compatible, like the radio unit. I guess they are, I didn't have any issues running the phone on Asia WWE firmware or European, but I didn't (and couldn't because of S-On on my device) try a full conversion with all the S-On protected partitions of the phone. I only could flash boot/recovery/data and system, but there's a lot more of different partitions related to the hardware functionality.
Practically with s-off you can overwrite the CID (carrierid) to supercid (1111111 or something like that ) of your phone and thus you can convert flash any other regions full RUU firmware zip from 'fastboot oem rebootRUU' mode. Then you can receive OTAs of that different regions.
Otherwise being s-off means nothing much more than that opportunity.
Also probably you could unlock the sim lock to a certain phone company if your sim is bound to a phone company, on an S-Offed device you can do that. But I'm not sure how that's done.
Click to expand...
Click to collapse
Yes I wanna have European Firmware.
Is it possible to extract Non Chinese dialer file?
zazabichi said:
Already S offed. What's next?
Click to expand...
Click to collapse
Please give us some more details.
As far as i understand - you connect the jcard, reboot in bootloader, and enter that command?
Thanks!
I have one from UAE. I did everything to s-off this device but no luck until now. It did not work with jcard. I have version 1.61.401.6 installed. Now, I see some people had luck with m9+ from other regions. I mean is it region related or something? I even did unlock my bootloader, installed twrp and rooted my device just to try that sunshine's method. Unfortunately sunshine's method did not work either. Now my question is,, If Taiwanese or Chinese versions can be s-off with jcard, how can I install their software version? Why can't I s-off my m9+ ? I really appreciate if people shared their s-off experiences.
Sorry for the ignorrance, but from where can I get Jcard? I see there a lot of people in here have it.
Also can a Java Card or Jcard be emulated on a PC?
Sent from my HTC One M9+
Good news ahead https://twitter.com/illespal/status/621710108154695680 sunshine maybe soon for m9+ soff exploit
tbalden said:
Good news ahead https://twitter.com/illespal/status/621710108154695680 sunshine maybe soon for m9+ soff exploit
Click to expand...
Click to collapse
I have an XTC2Clip on its way for this, will keep you all posted on how it goes.
Sent from my HTC One M8x using Tapatalk.