Related
Hi all,
Bear with me while I explain my case.
I have a friend in Texas that has an Android phone and I'm in England, so, all the help I can gather I will email her and if would be better if the "tutorial" have pictures if you know what I mean as she is not at all a tech person, and she is older than me !
She likes her Android phone and she said it is a G2. I don't have a clue as to the Android version and asking her this is a waste of time; it is definitely not rooted; did I mention that she is not techy? The fact is that she says the text (font?) on the interface and everywhere else is too small for her and she cannot find a way to change the font. Is it a possibility with Android? Her phone provider says it is not or they don't know.
Any help appreciated.
Regards,
Me!
wovens said:
Hi all,
Bear with me while I explain my case.
I have a friend in Texas that has an Android phone and I'm in England, so, all the help I can gather I will email her and if would be better if the "tutorial" have pictures if you know what I mean as she is not at all a tech person, and she is older than me !
She likes her Android phone and she said it is a G2. I don't have a clue as to the Android version and asking her this is a waste of time; it is definitely not rooted; did I mention that she is not techy? The fact is that she says the text (font?) on the interface and everywhere else is too small for her and she cannot find a way to change the font. Is it a possibility with Android? Her phone provider says it is not or they don't know.
Any help appreciated.
Regards,
Me!
Click to expand...
Click to collapse
There is no such thing as the G2 in the states (There is in Europe, but it's actually the HTC Hero), so I'm assuming she is talking about the HTC Magic (or here it is called the MyTouch 3G). If this is her phone, she has 1.6 (If it's the Hero, she has 1.5).
As far as I remember, there is an app called "Spare Parts" in the Market which allows you to adjust the font size, but there were problems where it would return to default size at some time (Not sure if it was when you closed the app or rebooted the phone).
@JAguirre1231
Thanks for your input. You are probably right about the 3G model thing. I will mention "Spare Parts" to her and see how she gets on with it.
After posting I've decided to search the Android section here for themes but had the feeling that everything that is done here uses the premise that everyone roots their phones but that does not happen out there in the real world where not everybody is a geek or tech savvy.
I've found some very interesting stuff using Metamorph but rooting is not an option unfortunatelly and I don't have time to dig deep right now.
Cheers!
wovens said:
@JAguirre1231
Thanks for your input. You are probably right about the 3G model thing. I will mention "Spare Parts" to her and see how she gets on with it.
After posting I've decided to search the Android section here for themes but had the feeling that everything that is done here uses the premise that everyone roots their phones but that does not happen out there in the real world where not everybody is a geek or tech savvy.
I've found some very interesting stuff using Metamorph but rooting is not an option unfortunatelly and I don't have time to dig deep right now.
Cheers!
Click to expand...
Click to collapse
Rooting these days can be as simple as putting a file on your sdcard, booting up and installing an app.
Unfortunately, yes, if you want a full theme, you will have to root your phone. The best you can do without a rooted phone is install themes on an alternate launcher (which will slow down the phone since you will have two launchers running).
I can't seem to find a good post or thread about this so I'll be the one to ask the dumbest question.
Can a GSM rom be flashed to a CDMA tab? Other than networking issue with the modem, will phone actually boot and be usable on wifi? I'm assuming it most likely will either not work at all or just FC constantly but wanted to ask first.
MODS please delete after a few answers. I don't want to waste thread space...
Anybody has flashed this before ? And i don't know can Verizon tab be able to flash rom for Sprint Tab ?
Waiting for anwser too .
Sent from my SCH-I800
connexion2005 said:
I can't seem to find a good post or thread about this so I'll be the one to ask the dumbest question.
Can a GSM rom be flashed to a CDMA tab? Other than networking issue with the modem, will phone actually boot and be usable on wifi? I'm assuming it most likely will either not work at all or just FC constantly but wanted to ask first.
MODS please delete after a few answers. I don't want to waste thread space...
Click to expand...
Click to collapse
One of the other members did and it worked, I am not sure what was FC'ing but he was using it that way. A word of WARNING, if you accidentally flash the modem with the GSM one, its dead forever! You cannot restore it!!
But yeah it should boot, and be able to use WiFi.
lhttan said:
Anybody has flashed this before ? And i don't know can Verizon tab be able to flash rom for Sprint Tab ?
Waiting for anwser too .
Sent from my SCH-I800
Click to expand...
Click to collapse
Verizon and Sprint use the same radio's so this should not be an issue
OK second question. Where on earth can I find the VZW firmware files to use with Odin or Heimdall? I flashed the Klean ROM and like it but then I realized I was having problems finding the stock pit and pda files to revert back to stock if needed!
I would love if I could use GSM ROM's. I bought a Verizon TAB (mistake now that I realized this) and just use it for WIFI only so network access is not an issue for me.
Is that file you need ?
lhttan said:
Is that file you need ?
Click to expand...
Click to collapse
Downloading now but I'm pretty sure thats it! You are awesome. And I'm a lazy searcher.
try this... its the vzw recovery package i use... unrar and bring it into hiemdall... try using the voodoo overclocked kernal with it... great improvements, blazing fast, and the sound is unmatched... im not sure why, and i could very well be doing it wrong... but when i flash the zImage for the kernal, i always have to flash that zImage into the recovery as well... like i said idk why but 90% of the time my flash will fail unless i do that... so if you have any problems try it... hope this helps!
http://www.megaupload.com/?d=TC4G5IYC
probably the same files... beat me to it haha
I'd actually really like to know this as well... I've got a VZW tab I was given from a friend who updated to a Xoom... I'm only ever gonna use it wifi, and am a bit disappointed in the lack of roms for CDMA tabs... if a GSM Rom would work, and let me use wifi, that would be great for folks like me.
How can I avoid to flash the modem with the GSM one ? I usally use heimdall-frontend.exe to flash !
I could be wrong, but if you go through frontend dont you have to manually palce the moden file into the slot for modem? couldnt you just flash everything but modem? or is it in the kernal as well??
Soft
Brick.
arariel said:
I'd actually really like to know this as well... I've got a VZW tab I was given from a friend who updated to a Xoom... I'm only ever gonna use it wifi, and am a bit disappointed in the lack of roms for CDMA tabs... if a GSM Rom would work, and let me use wifi, that would be great for folks like me.
Click to expand...
Click to collapse
You could always contribute instead of just ***** about the lack of support. You got a free Tab for pete's sake....
Boushh said:
Soft
Brick.
You could always contribute instead of just ***** about the lack of support. You got a free Tab for pete's sake....
Click to expand...
Click to collapse
Wow, ok... I just got the damn thing, let me, you know, learn how to code and program etc... got a while?
Yeah, I got a free tab, and I know next to nothing about it, so I'm trying to find out some information. I dunno that I would call expressing mild disappointment really classifies as "*****ing" but, hey, thanks for YOUR contribution to the thread too, guy. Super helpful. I understand the VZW tab isn't nearly as popular, and that means less people working on it, or maybe there are technical difficulties or something. I have no idea. I just know there is less information, etc. out there about it, and that's disappointing. Nowhere did I say anything like "people here suck for not supporting my device!" The ROM makers here are a talented bunch, that much is obvious... I really like what they're doing, and I'm guessing so does the OP. That's why we're asking about GSM roms... we obviously liked something someone made, and wish we could use it on our device. We're trying to find information, and you come and attack someone with the equivalent of an ER nurse getting mad at a Vet for coming in with a question about their daughter, and demanding that they help treat her themselves.
If I had ANYTHING even CLOSE to as helpful as some of the people here to contribute right now, I would... but I don't... I'm just trying to learn about this device. At my level of knowledge right now, I don't HAVE anything to give. So very sorry if that somehow offends you personally.
That was ugly!
Boushh said:
Soft
Brick.
You could always contribute instead of just ***** about the lack of support. You got a free Tab for pete's sake....
Click to expand...
Click to collapse
Hmm. I wonder what my PM reply from you will have to say in it lol. Anyhow, is a soft brick inevitable? Are there options I can avoid such as obviously not flashing the modem? Or param.lfs? To prevent a soft brick. One person claims it worked on a certain ROM from them. I know I can find out the hard way myself but if I can benefit from someone else's experience I'd like to see if I can do that first.
connexion2005 said:
Hmm. I wonder what my PM reply from you will have to say in it lol. Anyhow, is a soft brick inevitable? Are there options I can avoid such as obviously not flashing the modem? Or param.lfs? To prevent a soft brick. One person claims it worked on a certain ROM from them. I know I can find out the hard way myself but if I can benefit from someone else's experience I'd like to see if I can do that first.
Click to expand...
Click to collapse
Think about it guys you've got devs, and then you have those of us who are just using what the devs design, be it lack of knowledge or lack of effort, either way if you have a free tab, make a backup, make a couple backups, and try it, or maybe get with a dev working on your tab to add the features of the gsm tab to our vzw tab. help them test it, It makes sense that devs get pissed when someone says i got a free tab, do some research, make some effort to further the development for a device in which the devs purchase in most cases with they're own money, and if they brick it in the process they are out alot more money then you are. and the way they save them selves is by again treading on undiscovered territory. So instead of asking make some attempt. learn to use the emulator, learn your device, if you are just getting to know the device then it may not be a good idea to jump right into rooting, and flashing roms....
matthewflinchbaugh said:
Think about it guys you've got devs, and then you have those of us who are just using what the devs design, be it lack of knowledge or lack of effort, either way if you have a free tab, make a backup, make a couple backups, and try it, or maybe get with a dev working on your tab to add the features of the gsm tab to our vzw tab. help them test it, It makes sense that devs get pissed when someone says i got a free tab, do some research, make some effort to further the development for a device in which the devs purchase in most cases with they're own money, and if they brick it in the process they are out alot more money then you are. and the way they save them selves is by again treading on undiscovered territory. So instead of asking make some attempt. learn to use the emulator, learn your device, if you are just getting to know the device then it may not be a good idea to jump right into rooting, and flashing roms....
Click to expand...
Click to collapse
Good post. Hope you weren't referring to me though! Check my sig I've been around the block with Android.
Oh and I'm running Overcome ROM right now on my VZW TAB. I'll be posting a video of the steps to take to ensure this works correctly some time this weekend.
Looks like my VZW may work out afterall...
arariel said:
Wow, ok... I just got the damn thing, let me, you know, learn how to code and program etc... got a while?
Yeah, I got a free tab, and I know next to nothing about it, so I'm trying to find out some information. I dunno that I would call expressing mild disappointment really classifies as "*****ing" but, hey, thanks for YOUR contribution to the thread too, guy. Super helpful. I understand the VZW tab isn't nearly as popular, and that means less people working on it, or maybe there are technical difficulties or something. I have no idea. I just know there is less information, etc. out there about it, and that's disappointing. Nowhere did I say anything like "people here suck for not supporting my device!" The ROM makers here are a talented bunch, that much is obvious... I really like what they're doing, and I'm guessing so does the OP. That's why we're asking about GSM roms... we obviously liked something someone made, and wish we could use it on our device. We're trying to find information, and you come and attack someone with the equivalent of an ER nurse getting mad at a Vet for coming in with a question about their daughter, and demanding that they help treat her themselves.
If I had ANYTHING even CLOSE to as helpful as some of the people here to contribute right now, I would... but I don't... I'm just trying to learn about this device. At my level of knowledge right now, I don't HAVE anything to give. So very sorry if that somehow offends you personally.
Click to expand...
Click to collapse
LOL You just had a *****fit with the best CDMA dev we have, nice work.
How did you do it?
Hey man, watched your video review great stuff, any update date on how you got the rom on your CDMA Tab however? I just got a Sprint Tab and would love to flash Overcome on it...thanks for any advice
connexion2005 said:
Good post. Hope you weren't referring to me though! Check my sig I've been around the block with Android.
Oh and I'm running Overcome ROM right now on my VZW TAB. I'll be posting a video of the steps to take to ensure this works correctly some time this weekend.
Looks like my VZW may work out afterall...
Click to expand...
Click to collapse
connexion2005 said:
Good post. Hope you weren't referring to me though! Check my sig I've been around the block with Android.
Oh and I'm running Overcome ROM right now on my VZW TAB. I'll be posting a video of the steps to take to ensure this works correctly some time this weekend.
Looks like my VZW may work out afterall...
Click to expand...
Click to collapse
hey connexion2005, any update on the video? i´ve been surfing around the forums for a couple of hours now and haven´t found any procedures on how to get overcome on the VZW tab. just wondering
Hi, i'd like to put my dear new ativ S in download mode to install a general firmware(follwed the instruction here: http://forum.gsmhosting.com/vbb/f20...set-tutorial-firmware-flashing-guide-1671518/)
the problem is that i can't seem to make the pc able to find the phone in download mode. i tried 3-4 drivers without success. Can anyone help me?
sireangelus said:
Hi, i'd like to put my dear new ativ S in download mode to install a general firmware(follwed the instruction here: http://forum.gsmhosting.com/vbb/f20...set-tutorial-firmware-flashing-guide-1671518/)
the problem is that i can't seem to make the pc able to find the phone in download mode. i tried 3-4 drivers without success. Can anyone help me?
Click to expand...
Click to collapse
Install drivers as it explain to the link
http://clubsg.skygolf.com/content/f...10-Windows_8_Installing_unsigned_drivers.html
Rotry83 said:
Install drivers as it explain to the link
http://clubsg.skygolf.com/content/f...10-Windows_8_Installing_unsigned_drivers.html
Click to expand...
Click to collapse
it seems it didn't work for me.. USB\VID_045E&PID_062B&REV_0000..
i'm gonna try virtualbox, maybe i'll have more luck.(currently i have Windows 8.1 rtm pro x64 only and Linux)
The problem is that i'm stuck with a not for resale phone by Tim. No updates and strange bugs( like, won't memorize the date between reboots)
Ok, now the program sees it under Windows 7 x86... but it says engineer, and returns an error(gonna past in a sec)
[Channel 0] Device Security Version does not Match !![Channel 0] Binary Download complete!!
this is the error.
Uploaded with ImageShack.com
up for multiple edits.
Up this is important.
Sent from my Engineering Ativ-s using XDA Windows Phone 8 App
I don't know for sure but your phone might have an engineering ROM on it at the moment, so only engineering ROMs can be flashed.
jessenic said:
I don't know for sure but your phone might have an engineering ROM on it at the moment, so only engineering ROMs can be flashed.
Click to expand...
Click to collapse
yep, but i might have outsmarted them.. we simply need to repack the rom without signin/secureboot
Hi All
Sorry if this is a silly question but I thought all WP8 updates and Ativ S were done OTA and we didn't need to start flashing Roms like we do for SGS3.
My Ativ S says its on version 8.0.10327.77, isn't this GDR2, Am I missing something?
Thanks
Yep.i have a completely unlocked Developer Version. Secureboot is disabled an such
Sent from my GT-I8750 using XDA Windows Phone 7 App
May I ask what this implies an advantage? Can I install xap and edit registry like as Samsung Omnia 7?
tgriger said:
May I ask what this implies an advantage? Can I install xap and edit registry like as Samsung Omnia 7?
Click to expand...
Click to collapse
you can't buy one. I happened to stumble into one, and i'm trying to do everything i can to bring it back to normal, since the phone won't update itself.
If I may suggest, there are people on this site who could do far more useful things with a phone like that. Heathcliff74, for example, is working on a root-unlock for WP8 (as am I) and a non-secure-boot test device would be useful to him (though I don't know if he actually needs a device at this time, or what he'd pay; that was just an example of somebody who might be interested). You can probably recoup most or all of the money you sunk into it and give the hacking community a boost as well.
Oh, and @tgriger, we can already do that. I found out how a couple weeks ago. Read the dev&hacking subforum.
GoodDayToDie said:
If I may suggest, there are people on this site who could do far more useful things with a phone like that. Heathcliff74, for example, is working on a root-unlock for WP8 (as am I) and a non-secure-boot test device would be useful to him (though I don't know if he actually needs a device at this time, or what he'd pay; that was just an example of somebody who might be interested). You can probably recoup most or all of the money you sunk into it and give the hacking community a boost as well.
Oh, and @tgriger, we can already do that. I found out how a couple weeks ago. Read the dev&hacking subforum.
Click to expand...
Click to collapse
i'd like to do that, but i'm from italy... i kind of doubt there is a safe way for the phone to arrive to you intact, plus the fees are outrageous. If someone wants to buy it can talk to me in private thought, i'll see if i can arrange it. But you can't disable secureboot once the fuse is blown, so i think you can't root the device; and the feaure i think it's provided at the SOC level. And i'm a little bit of a rom developer, so if i learn how to change things i can provide a platform for mods. I can even tell you this: if someone pays me the fees and buy me a new one( the phone is like new, it was bought march 2013 and it had no sign of being used a lot, and on expansys is at 230€ so i think it's fair, it was over 500€ when i bought it)
sireangelus said:
i'd like to do that, but i'm from italy... i kind of doubt there is a safe way for the phone to arrive to you intact, plus the fees are outrageous. If someone wants to buy it can talk to me in private thought, i'll see if i can arrange it. But you can't disable secureboot once the fuse is blown, so i think you can't root the device; and the feaure i think it's provided at the SOC level. And i'm a little bit of a rom developer, so if i learn how to change things i can provide a platform for mods. I can even tell you this: if someone pays me the fees and buy me a new one( the phone is like new, it was bought march 2013 and it had no sign of being used a lot, and on expansys is at 230€ so i think it's fair, it was over 500€ when i bought it)
Click to expand...
Click to collapse
@Heathcliff74 is from the Netherlands, so shipping would not be too hard from Italy. Also I just bought an ATIV S from Amazon.de for a bit under 200€.
A non-secureboot device would just be a test platform, not something that it's expected that all devices would be able to make use of. Secure Boot isn't perfect; there are ways around it (some are device-specific, which is less ideal but seems likely to exist on most smartphones; others are not). However, while some people hack on SB, others could hack on making *use* of the ability to install custom ROMs. That's where an unlocked bootloader device would be handy.
Also, yeah, there are lots of European phone hackers. No need to worry about sending it to the US!
It's an interesting device for sure. But there is no way I can afford € 200 now. I have a wife an kids to support too, you know. Maybe at a later time.
Never Said it was an obligation- only stated what i thought was a fair price. If someone wants it and has other proposals I'm listening.
Sent from my GT-I8750 using Tapatalk
Heathcliff74 said:
It's an interesting device for sure. But there is no way I can afford € 200 now. I have a wife an kids to support too, you know. Maybe at a later time.
Click to expand...
Click to collapse
So, i would say we could donate to you, that you can afford the device.
Depending on how many users would hop onto this idea, it wouldn't be that much per person
Well, if you're fine with that idea, you can count on my donation
lordmaxey said:
So, i would say we could donate to you, that you can afford the device.
Depending on how many users would hop onto this idea, it wouldn't be that much per person
Well, if you're fine with that idea, you can count on my donation
Click to expand...
Click to collapse
That's a good idea. I'm in. ... :good:
I have same problem with my Ativ S ([Channel 0] Device Security Version does not Match !![Channel 0] Binary Download complete!!)
What is it mean `Up this is important.` ?
Please help someone.
CyboLabs is Proud to present
Open Bump!
What is Open Bump?
Open Bump is a recreation of the closed source Bump project run by Codefire.
It will allow you to "sign" your boot images in the same way that Codefire does it, only you don't need an internet connection.
Click to expand...
Click to collapse
What Open Bump is NOT
lets get the obvious out the way. It won't axe murder you.
It is not a direct reverse engineer of Codefire's implementation. I found the key and iv on my own
The magic bytes were taken from Codefire's method however. If anyone has insight has to how they were found, please shout up.
It does NOT take your private data so you can use it. Tin hatters feel free to double check
Click to expand...
Click to collapse
How did I find this out
I had a general idea of what to look for, having heard that the exploit is related uicc, and is signed with a cipher.
Dropping the aboot image in to Ghex led me to finding a reference to "uiccsecurity". Using the bytes around this, I found a repeat of 32 bytes, which was followed by 16 bytes which formed something that resembled "SecureWallpaper".
As you can probably guess, this was mainly trail and error backed by common sense and logical thinking.
you can programmatically find these values with the python script:
Python:
aboot_name = './aboot.img'
aboot = open(aboot_name, 'rb').read()
key_end = aboot.index('uicc')
key_start = key_end - 32
key = aboot[key_start:key_end]
sec_key_start = aboot.index(key, key_end)
iv_start = sec_key_start + 32
iv_end = iv_start + 16
iv = aboot[iv_start:iv_end]
deciphering some already generated "signatures" proved that these were the key and iv used for "signing" the images.
Click to expand...
Click to collapse
What is coming next?
Inspecting the signatures that were originally uploaded and the ones that people can generate now, I found only one pattern.
The only similarities were the first 16 bytes of each "signature". I believe that only the magic number is needed, and none of the garbage that follows. This has been confirmed by the LG G3 dev from CyanogenMod, Invisiblek Done
Click to expand...
Click to collapse
How to use it?
I don't know how well this will run on anything other than linux, so for now.. I won't talk about it.
First, ensure you are using python2
then run the script
Code:
python2 open_bump.py "/path/to/boot.img"
flash the output, and enjoy
Click to expand...
Click to collapse
Thanks to:
Obviously, this wouldn't have been possible without Codefire since I wouldn't have known where to look, or that it was exploitable. And it was them that found the magic key.
Big thank you to @pulser_g2, who offered invaluable input on cryptography
Big thank you to @invisiblek, who I mercilessly kanged the main part of the image padding script from
note:
The original part of finding this information out was done on my own with guidance from pulser. The final results of this are posted above.
XDA:DevDB Information
Open_Bump, Tool/Utility for the LG G2
Contributors
cybojenix
Source Code: https://github.com/CyboLabs/Open_Bump
Version Information
Status: Beta
Created 2014-11-23
Last Updated 2014-11-23
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
g4rb4g3 said:
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
Click to expand...
Click to collapse
simple answer, this can be added to the build step really easily. See this commit
edit:
of course it may be useful to make a c program to do this.... I shall think on it.
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
After getting the bootloader may be open G3؟؟
Why not use the original Bump?
Quote:
Codefire has been extremely vague about their method, obviously to prevent someone else replicating their results.
They are also storing people's data unnecessarily, and even adding some information relating to the user in to the "signature", possibly for tracking purposes.
As a result of it being an external service, many reputable teams (which won't be named unless they want to be) have said they will not use it, and would rather wait till LG releases the official unlock method.
Finally, Codefire have said the sha1sum of the boot image is required. Whether they knew or not, it is NOT required, and I will be changing this tool to compensate for that.
Click to expand...
Click to collapse
Happy you found a new exploit for us builders and devs, just feel like you kinda disrespected codefire team by accusing them of things before actually talking to them, seems a bit counter productive, this may piss them off and next device you can kiss new exploits by them good-bye,
just my 2 cents on the matter,
i'd remove the line...
in any case thank you very much, i will add it to my build script
---------- Post added at 08:34 PM ---------- Previous post was at 08:29 PM ----------
nikosblade said:
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
Click to expand...
Click to collapse
"Bump stuff" has nothing to do with users, the devs and builders do the "bumping", and development of the G series has nothing to do with bumping, it just takes time to bring everything up
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
thecubed said:
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
Click to expand...
Click to collapse
First off, I didn't black mail. I gave your team notice about open sourcing it after reverse engineering the LG bootloader, not your "signatures".
It's your choice if you want to leave Android. Pinning the blame on me is somewhat childish though.
LG not patching Bump? That's a ludicrous statement, and even if it's true, it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
The hardest part of your teams work was getting the keys. If you know where to look, then it's easy enough to get engineering builds which I suspect contain the master magic bytes which you released.
I'm honestly shocked at your reaction though. I gave your team all the credit and stated which parts I did myself. The part about the service, and the deception was justified.
You tried to obscure something which by logic can't be obscured. That's how so many people realised they can just append the bytes to the image.
So which one would you rather have, LG not patching the exploit (as you so claim), and having an unknown number of people in china running around flashing custom boot images, or have everyone know how to do it to force LG to recheck their security measures.
What I did may not have been fantastic for the community, but what you did was insanely dangerous for the 90% of LG users.
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
cybojenix said:
it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
Click to expand...
Click to collapse
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
savoca said:
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
Click to expand...
Click to collapse
Yes, because I've been such a massive supporter of cm. (sarcasm in case you didn't realise).
I started reverse engineering the bootloader for research purposes. If it was more complex than what I have said above, then I probably wouldn't have done this thread.
If it weren't for the fact that the magic stays the same across all signatures, then I also wouldn't have done this thread.
The response I got from them when I contacted them before releasing this was pretty much one of lack of care. So I went ahead and posted it.
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
And once again, I refuse to take the blame for their team leaving Android.
whoppe862005 said:
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
Click to expand...
Click to collapse
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
cybojenix said:
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
Click to expand...
Click to collapse
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
savoca said:
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
Click to expand...
Click to collapse
Tbh I thought it would have been clear by now what I care about. Then again I may have been wrong about considering you one of the smart android people.
I care about learning and sharing knowledge. Which is precisely what this thread did.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
sooti said:
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
Click to expand...
Click to collapse
Wrong, I stated that I was going to open source it, meaning the work of put in to getting the key and how it's used to get the original magic.
It was after that that I realised the final magic is the only thing needed. I actually worked out how to get the magic key a few hours ago, but since I don't have the right images, it won't be globally usable.
Fair enough, I apologise for pointing out the flaws in codefires service, and that they took it badly.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
I don't know who Enderblue is, and I'm not affiliated with him..
whoppe862005 said:
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
Click to expand...
Click to collapse
cybojenix said:
I don't know who Enderblue is, and I'm not affiliated with him..
Click to expand...
Click to collapse
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
whoppe862005 said:
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
Click to expand...
Click to collapse
but the chat wasn't with me, so your point is null
autoprime had ample opportunity to say "don't do it yet", or "go talk to IO". but no, no objections were made.
Codefire treated the service like any other company would treat their unlocking service, so I treated them like a company and showed how it was done.
Do not ask for an ETA
Once the mods start getting onto people for asking, I'll take my dev work off site. I don't want to upset mods and admin over people being impatient.
I've been looking and root isn't available yet for the Snapdragon version. I've created root access for a few devices so far, be it years ago. I want root, so I've decided to start dev work on my own. Can't say how long it will take, or if I will be able to, but anyone that is willing to test or help, feel free to comment and say so, since help would be greatly appreciated. Testers are needed.
First off though, what advancements have been made so far? Several posts I've seen have dead links to data, so to start, I'll need to know what's been done already. No need to reproduce failed outcomes.
Reserved for future links.
drakaina said:
Do not ask for an ETA
Once the mods start getting onto people for asking, I'll take my dev work off site. I don't want to upset mods and admin over people being impatient.
I've been looking and root isn't available yet for the Snapdragon version. I've created root access for a few devices so far, be it years ago. I want root, so I've decided to start dev work on my own. Can't say how long it will take, or if I will be able to, but anyone that is willing to test or help, feel free to comment and say so, since help would be greatly appreciated. Testers are needed.
First off though, what advancements have been made so far? Several posts I've seen have dead links to data, so to start, I'll need to know what's been done already. No need to reproduce failed outcomes.
Click to expand...
Click to collapse
One guy flashed a combination version of the firmware and got the OEM unlock toggle to show on a SM-G960U. It switched on and off but I am not sure if it actually unlocked the bootloader or not. There is a TWRP already ported to the Snapdragon version as well, although only for the Chinese and Hong Kong version, it should work on our device if you can get the bootloader unlocked first. I have been scouring online and in the forums since the phone came out and that's all I nave found thus far. Im sure you already know these things, but I figured I would say it just in case you weren't aware. Hope you get it figured out! Good luck! ?
The only development I've heard of is one user claiming he got a diagnostic boot with SElinux permissive. (In the S9 root dev forum/thread) I also have a source who is NOT trying to be identified publicly because he works for google, but he informed me that "the android O build for SAMSUNG DEVICES, was developed with special instructions in it to automatically kick a KERNEL PANIC , if ANY app NOT on some internal White List attempts to access, modify, or send SU commands through any NOT LISTED app with those permissions granted already." ... now I'm not an Android level programmer, but I'm an old Linux dev/ penetration systems tester (lol) and from what I am gathering is that the patches or whatever that Samsung added to the O.S. also included an encrypted or hidden white list, which he says is VERY small, (as in number of items actually in the list) , but even he said they do not have any access nor knowledge of where they stored this. He did tell me that they delivered an incomplete or infant code for Samsung Snapdragon Model Note 8,9 and s8,9, and it was so crude that not only would it not compile because of missing crap Samsung deliberately did not supply them with... but he said that it was NOT lockable in that state, so Samsung either inserted their own locked kernel and whatever to create this B.S. broke down version of Android that is Root crippled. BUT the only clue he could give me was that "On no level can an E-fuse provide an unbreakable chain of trust, and that if an extreme modded were to actually break down the system board of an S9, they could in theory remove or add some sort of device that would bypass the Qualcomm Secure boot completely!" ... now this ain't a best friend or nothing so truthfully I'm surprised I got this much from him... but I've known who he was and that hes worked for Google nearly 12 years as a developer and software engineer. So I dont know if any of that info helps... but my contribution is that I can get my device (s9+ from Sprint USA Sm-g965U) replaced with little to no hassle, so I'm 100% willing to do any tests u need, providing that you give me at least a basic level of instruction, as to each set of commands or package u want me to flash. I'm pretty android savvy considering it's just a linux derivative... and I know Samsung 100% .. I've had every S - galaxy since day 1 . BUT throwing blind commands at my device that I have 0 understanding of their impact, makes me feel like a squirrel running across the freeway during rush hour! Plz Do me a favor and shoot me a private message and I'll give you my cell number and email so u can reach me quicker when you have something u need tested! Now please people don't berate me if something he said to me was not correct or you have different data to disprove what he said. I literally took notes by hand and had him confirm them, so I'm just the messenger/informant and u gotta realize that as a google employee, he #1 is partially not knowledgeable of ways to exploit the O.S. which is what the hackers come into play for. And make the developers work **** tons harder to FIX the hole the ****ed up in the 1st place! ? Lol... and #2. I did ask about the possibility of a $$$$ number he would take in order to provide an actual Eng-boot like that of the S8, and he said that "Those are developed by each individual corporation after they are provided the build source code", and that "google has no interest in possessing or archiving any such file because the O.S. does not need it to provide a developers version of the O.S., which is as far as Google goes in providing a new system to the companies.... so for something like that, reach out to one of the underpaid factories full of workers and I'm sure they would happily give you what you want for much cheaper than you imagine!" Ok that was very long winded but I wanted to cover all I could because I prob wont check this thread anymore.... plz PM me bro so I can get you my info ... and let's put this Flashing Guinea Pig (me) to work in getting this ***** at least hack rooted or maybe full!!!
Hello, i've just finished reading all above and from what I've read I can tell that not all hopes are lost as well I'm offering my help to be a (TESTER) for any attempts you wanna try, however, please note that I'm NO DEV just a user who would like to his phone rooted ASAP that's all, so please explain the commands that you would give me and the steps. plz PM me so I can get you my contact info
It ain't happening with the known exploits.
Ok, so far I have a few routes I plan to take that have worked on other devices. Working on the first, but not at the moment. The rude comment compelled me to post my own. Devs don't follow old ways of doing things so get that out of your head if you want to think forward, not backwards. I have found what could be an exploit in the rom itself that "might" be the starting point to get root access. This is NOT an ETA but hopefully we can start testing in the next few weeks.
I'll say it now, don't get overly excited a possible exploit has been found. I make no guarantee on it being THE exploit needed. Just be patient, and if you have insight on a way to attack this or another possible exploit, do say so.
If anyone knows of the bootloader partition already having been copied, post a link. I share mine at the moment so I don't always have it around, so any of the bootloader data would help greatly.
drakaina said:
Ok, so far I have a few routes I plan to take that have worked on other devices. Working on the first, but not at the moment. The rude comment compelled me to post my own.
Click to expand...
Click to collapse
I saw no rude comment, just a dose of reality for you, a little thin skinned are we?
You're continuing to be rude and attempting to derail the point of the thread. Meh, I'm getting back to work since it not good to feed trolls.
Pretty sure placeholder threads are not allowed on XDA...
I am making presence known now. I will be watching this closely
Technicly this thread don't even need to exist right now.
drakaina said:
Do not ask for an ETA
First off though, what advancements have been made so far? Several posts I've seen have dead links to data, so to start, I'll need to know what's been done already. No need to reproduce failed outcomes.
Click to expand...
Click to collapse
Myself and a handful of other people involved in us snapdragon s8/s8+/n8+ took a brief crack at it a little while ago to no avail. I don't want to go into too many details on here as 1) Samsung is watching surely and 2) the contents from the peanut gallery get old quick but here are the cliff notes. Feel free to pm me here or on telegram for more details. (Backstory on me, I created samfail which was the first/only n8 root method and the second for the s8/s8+ and the only published one beyond bootloader v1.
- samfail is 100% patched. No known way to modify system
- you can't mix combo boot with stock images anymore. Samsung got wise to that. Figured out how to track it if we can force write a system image
- there is a ton of new system level security because they had to move out of the boot image due to treble. Probably the first big nail in the coffin I'm.
- don't waste your time on the oem unlock toggle in the combo/factory rom. No it doesn't unlock the bootloader. The us snapdragons don't respect it's value outside of turning off frp, but that was with the s8 idk if it is still true on the s9.
- the other poster is right about the anti root thing. It's in the open source kernel code. If anything being exexuted under uid 0 matches a list of common/known root mods/not stuff that is supposed to be there, instant kernel panic. Things like "binary is called BusyBox" are on that list.
This was the point I gave up. Partially because I don't have the device so testing is extremely difficult (I wised up this year and purchased a intl. Snapdragon sm-g9650 which has full oem unlock just like the exy).
In sure there's things in forgetting right now and again, being too transparent here results in root method bring patched faster, hit me up if you want more brain dump
drakaina said:
You're continuing to be rude and attempting to derail the point of the thread. Meh, I'm getting back to work since it not good to feed trolls.
Click to expand...
Click to collapse
Although I have seen a lot worse on these threads, his comment was pretty negative, which is what we do not need in this thread. I wish people would just keep their thoughts to themselves if they have nothing to add to the discussion. I also will test so let me know if there is anything I can do to help.
i also have a g965u and have been trying various mwthods to no avail at this point.. we need new exploits to be found.. all the obvious stuff will not work
It is because of this is why I will never buy another Galaxy phone. I need root.
zzEvilGeniuszz said:
It is because of this is why I will never buy another Galaxy phone. I need root.
Click to expand...
Click to collapse
Just don't buy snapdragon, the Exynos S9s are unlocked
*Detection* said:
Just don't buy snapdragon, the Exynos S9s are unlocked
Click to expand...
Click to collapse
You cannot buy Exynos from a carrier. You have to buy directly from Samsung for that. I know because I requested a Exynos variant. Sprint said they couldn't (or wouldn't) give me one.
edit: nvm not worth it.
zzEvilGeniuszz said:
You cannot buy Exynos from a carrier. You have to buy directly from Samsung for that. I know because I requested a Exynos variant. Sprint said they couldn't (or wouldn't) give me one.
Click to expand...
Click to collapse
i talked to samsung a couple months ago before i got my s9 and they told me they wont sell you one directly with the Exynos. I was going to get the s8 with the exynos if they would of sold me one. They wouldn'ty so i bought a tmobile s9 with my carrier.
has anyone been able to reboot phone into edl mode?