Related
Both of these have been completed by the seller I am purchasing my HTC G1 from. I intend to attempt to root, mod, etc. the device, but I'm in foreign waters. I have experience with the Tilt, but never Android based phones.
So my question is:
Is there anything I will have to do, or could easily do by mistake, that would result in losing my subsidy unlock and/or activation, requiring me to redo either?
I'm sorry, this was posted originally but I don't seem to be able to find my post. I think I placed it in the wrong forum.
Ninjineer said:
Both of these have been completed by the seller I am purchasing my HTC G1 from. I intend to attempt to root, mod, etc. the device, but I'm in foreign waters. I have experience with the Tilt, but never Android based phones.
So my question is:
Is there anything I will have to do, or could easily do by mistake, that would result in losing my subsidy unlock and/or activation, requiring me to redo either?
I'm sorry, this was posted originally but I don't seem to be able to find my post. I think I placed it in the wrong forum.
Click to expand...
Click to collapse
If you have an actual subsidy unlock code then no matter what you do that code will never change.
If you want to root your G1 you should start by looking here: ***Informative Threads*** - Read before clicking "New Thread" [06/18]
During the process of rooting, will I lose my Subsidy Unlock? I don't actually have the code, it's being sold to me by someone on eBay who has already unlocked it.
I think I understand enough about the rooting process to tackle it, but I just don't gather whether or not the device will need the subsidy unlock code again after a wipe or the flash.
Ninjineer said:
During the process of rooting, will I lose my Subsidy Unlock? I don't actually have the code, it's being sold to me by someone on eBay who has already unlocked it.
I think I understand enough about the rooting process to tackle it, but I just don't gather whether or not the device will need the subsidy unlock code again after a wipe or the flash.
Click to expand...
Click to collapse
No. Once you unlock your phone it stays unlocked.
Thank you very much.
Hello,
I just got my new Xperia Z having used my ancient Iphone 1G for the last 4 years and I have no experience with Android and anything related to it what so ever. I've spent the last 2 days tirelessly working my way through various forums, guides, wikis to get an idea what I'm dealing with here and where to start, but there's an important decision that I could really use your thoughts and tips on.
After reading up on it, I decided I want to root my phone and this seems to be somehow connected to unlocking the bootloader and this is where I'm worried. I read the guide on how to unlock the bootloader and the warning about losing DRM Keys and the consequences of this scared me away from it. Now I'm left wondering, and this is my actual question here:
What is the difference between unlocking the bootloader and rooting my phone and simply rooting without unlocking the bootloader?
And in case the things I want to do are only available with an unlocked bootloader: how damaging is it to lose DRM keys and therefore the bravia engine and gracenote? What made you decided for or against unlocking the bootloader?
Thanks!
Hi,
maybe I can help you.
Bootloader is like the BIOS of a PC. It checks everything at start up.
Locked Bootloader only allows to run the Stock FW and in this case the DRM-Keys are working (everything is checked and safe)
Unlock the Bootloader means you were able to install an modified / other FW and then you loose the DRM-Keys (the manufacturer hasn´t checked the FW and it is in the eyes of an manufacturer "not safe". You will also loose your warranty.
If you unlock the bootloader Root is always possible as I know.
In this case the system is not from the manufacturer and unofficial modification could be done to the system. Normally all modified Systems have Root access. So you were able to do things that the manufacturer has normally not allowed. Modify system files or something like that. Also it could be possible to copy for example a downloaded and payed movie to another device. This is why you were not able to download a movie on the Play Store if you have root. On a locked bootloader the FW (system) does not give you the possibility to copy the movie to an other device and everything is "safe" (from the view of companies). No illegal copies are possible. (DRM-Keys)
Since some days Root is also possible on a locked bootloader.
The bootloader is checking the status (locked) .. then checking the FW (stock) ... DRM-Keys still valid.
But due to the root access you were also able to modify system files and apps can recognize that you have root access. So you can still use the bravia engine for example (DRM-Keys are ok). But the Google Play Store will still recognize that you have root and will not let you download movies.
This is my experience with Root ... If something is not correct, please correct me
UserX10 said:
Hi,
maybe I can help you.
Bootloader is like the BIOS of a PC. It checks everything at start up.
Locked Bootloader only allows to run the Stock FW and in this case the DRM-Keys are working (everything is checked and safe)
Unlock the Bootloader means you were able to install an modified / other FW and then you loose the DRM-Keys (the manufacturer hasn´t checked the FW and it is in the eyes of an manufacturer "not safe". You will also loose your warranty.
If you unlock the bootloader Root is always possible as I know.
In this case the system is not from the manufacturer and unofficial modification could be done to the system. Normally all modified Systems have Root access. So you were able to do things that the manufacturer has normally not allowed. Modify system files or something like that. Also it could be possible to copy for example a downloaded and payed movie to another device. This is why you were not able to download a movie on the Play Store if you have root. On a locked bootloader the FW (system) does not give you the possibility to copy the movie to an other device and everything is "safe" (from the view of companies). No illegal copies are possible. (DRM-Keys)
Since some days Root is also possible on a locked bootloader.
The bootloader is checking the status (locked) .. then checking the FW (stock) ... DRM-Keys still valid.
But due to the root access you were also able to modify system files and apps can recognize that you have root access. So you can still use the bravia engine for example (DRM-Keys are ok). But the Google Play Store will still recognize that you have root and will not let you download movies.
This is my experience with Root ... If something is not correct, please correct me
Click to expand...
Click to collapse
Hi and thanks a lot for your reply, helped me understand the difference of both better!
If I only root but do not unlock my bootloader will I be able to do anything other than using custom firmware (ROMs)? Will I be able to install Apps that require root or install custom modification like the ones offered on this forum that need to be "flashed in recovery" if I only root not unlock my bootloader?
Also, still looking for some pros and cons (my second question in the original post).
Appreciate all your help!
root will give you access to recovery (in time - still in development) and you can install apps that require root access
custom mods - yes you can install them via recovery and some can be installed with root access and without recovery
if u unlock bootloader you will lose bravia engine not sure bout gracenote as i dont use it
you can check this thread http://forum.xda-developers.com/showthread.php?t=2154310 too see what have people wrote bout
rooting with unlocked bootloader
The main thing pointing me towards unlocking bootloader (I'm already rooted on locked bootloader) is being able to install kernels and major roms.
For example, you could flash Doomlords kernel and over clock the processor a bit, but you could also reduce power and save battery
The major roms I speak of are the ones that are kinda cross device: CyanogenMod and Paranoid Android to name 2. CM is based on pure android, no Sony changes so we can't flash that on locked bootloaders as it requires changing kernel. PA is same.
As for the downsides. I'm not too bothered about DRM keys. I use Spotify for music so don't think I need gracenote. Never watched a movie on my phone. BE2 isn't my cup of tea... Over saturates everything.
I'm going to look into DRM keys more tomorrow, but if someone can correct anything I've written then please do
Not being able to restore via Sony tools... Isn't that bad as you're going to be using flash tool a lot so you'll be used to that. Just keep a generic stick firmware .ftf around in case something goes horrendously wrong (usually recovery backup is enough I think).
Sent from my C6603 using Tapatalk 2
Nice thread, I had this question too
It's my first android and I guess I should unlock the bootloader and then root, this way I won't have to wipe my data later when I decide to try cyanogenmod or something else?
Also what happens if sony release 4.2? Will I lose my bootloader unlock and root?
Al Gore said:
Nice thread, I had this question too
It's my first android and I guess I should unlock the bootloader and then root, this way I won't have to wipe my data later when I decide to try cyanogenmod or something else?
Also what happens if sony release 4.2? Will I lose my bootloader unlock and root?
Click to expand...
Click to collapse
I would say root without unlock for now.
When you want to try cyanogenmod or others. Just backup everything using titanium backup and then u can restore after unlocking.
Rooting with a locked bootloader means sony are not aware your bootloader is unlocked
Sent from my C6603 using xda premium
Thanks for all your replies, helped me out a ton!
I think Im gonna root without unlocking bootloader for now to get my feet wet and get a grasp of it's capabilities and limits. Can always restore the phone if I screw up and can always unlock bootloader later if I need it.
Al Gore said:
Nice thread, I had this question too
It's my first android and I guess I should unlock the bootloader and then root, this way I won't have to wipe my data later when I decide to try cyanogenmod or something else?
Also what happens if sony release 4.2? Will I lose my bootloader unlock and root?
Click to expand...
Click to collapse
If you unlock Bootloader, you shouldn't update from Sony. Since you've (hypothetically) already unlocked, you already have 4.2 avaliable from FXP and if you really want the Sony Update maybe you could flash it via flash tool. Bootloader unlock will never be lost (until someone can create an explicit relock file, but customs roms won't relock it). Root maybe lost if you flash a rom without it but you should be able to get it back easy.
With locked bootloader, we have to wait for Sony to bring 4.2 as we can't access the kernel, but we retain the ability to use the official updates. If we're rooted and we update, we are no longer rooted and we may be unable to use the same exploit.
Sent from my C6603 using Tapatalk 2
Is there anyway unlocking bootloader without sony knowing it?
Flashtool has this feature, but since I've never done it that way I don't know if the unlocking code is still required for that procedure. If yes, you'll have no choice because the code provided by Sony seems depending on the IMEI so it may be IMEI specific... this is a supposition that needs to be confirmed.
Its ok.You can use flashtool for unlocking your bootloader.
Unlocking code is still required by flashtool as well.....
I looked into using SamDunk for unlocking the bootloader for my AT&T galaxy s5 but noticed that the code posted on the git was Verizon-specific (in that the bits it writes over in the cid of the phone is verizon-specific). This makes it to where running the code does not unlock the bootloader on a AT&T galaxy s5.
I wrote some python code parsing my original cid and the cid resulting from the current exploit code and noticed that the only difference pertained to the product's serial number (bits 47-16 of the cid). Even then, only certain bits within the product serial number are different. I suspect that some bits within product serial pertain to carrier, and some bits pertain to the bootloader, but I could be wrong.
My hunch is that if I can figure out which bits from the original cid's product serial number correspond to developer bootloader access then I may be able to modify the SamDunk code to allow for unlocking AT&T bootloaders. Or provide some method of calculating a dev bootloader cid from an original.
Has anyone else looked into this, and is this worth pursuing?
edit: looking further through SamDunk code. It appears that there is a dev signature associated with the cid (?) that gets written to aboot. Not sure if this is different between phones... If so then experimenting with only the cid may be futile.
product serial numbers are different for the first 12 bits then bits 25-32. I could post a link to my git if anyone is interested in experimenting with their cids
_ibis said:
I looked into using SamDunk for unlocking the bootloader for my AT&T galaxy s5 but noticed that the code posted on the git was Verizon-specific (in that the bits it writes over in the cid of the phone is verizon-specific). This makes it to where running the code does not unlock the bootloader on a AT&T galaxy s5.
I wrote some python code parsing my original cid and the cid resulting from the current exploit code and noticed that the only difference pertained to the product's serial number (bits 47-16 of the cid). Even then, only certain bits within the product serial number are different. I suspect that some bits within product serial pertain to carrier, and some bits pertain to the bootloader, but I could be wrong.
My hunch is that if I can figure out which bits from the original cid's product serial number correspond to developer bootloader access then I may be able to modify the SamDunk code to allow for unlocking AT&T bootloaders. Or provide some method of calculating a dev bootloader cid from an original.
Has anyone else looked into this, and is this worth pursuing?
edit: looking further through SamDunk code. It appears that there is a dev signature associated with the cid (?) that gets written to aboot. Not sure if this is different between phones... If so then experimenting with only the cid may be futile.
product serial numbers are different for the first 12 bits then bits 25-32. I could post a link to my git if anyone is interested in experimenting with their cids
Click to expand...
Click to collapse
I wouldn't mind taking a look.
NavSad said:
I wouldn't mind taking a look.
Click to expand...
Click to collapse
Thanks man, I appreciate all the help I can get.
I read further into the Verizon S5 bootloader unlock thread and it appears that only changing the cid may not work. If I remember correctly (looked at it yesterday) the cid is hashed/compared to the aboot somehow to determine whether its a developer edition or not. If we could get a regular cid/aboot and compare it to the verizon regular cid/aboot, then cross compare to the verizon dev edition cid/aboot then we may have a shot at possibly re-creating a at&t dev edition cid/aboot
_ibis said:
Thanks man, I appreciate all the help I can get.
I read further into the Verizon S5 bootloader unlock thread and it appears that only changing the cid may not work. If I remember correctly (looked at it yesterday) the cid is hashed/compared to the aboot somehow to determine whether its a developer edition or not. If we could get a regular cid/aboot and compare it to the verizon regular cid/aboot, then cross compare to the verizon dev edition cid/aboot then we may have a shot at possibly re-creating a at&t dev edition cid/aboot
Click to expand...
Click to collapse
If the bootloader uses SHA1 it may be easier.
Meanwhile us CID 11s over here just watching you guys from the distance..lol
AptLogic said:
Meanwhile us CID 11s over here just watching you guys from the distance..lol
Click to expand...
Click to collapse
I'm CID 11 too.
NavSad said:
I'm CID 11 too.
Click to expand...
Click to collapse
Oh okay lol.. really wish we could unlock all of the S5 bootloaders instead of just CID 15... what if we try doing like MultiROM with the "no-hardboot" thing like they do on HTC devices? We wouldn't need to patch the Kernel so we'd be able to flash other ROMs.
I know we have Odin mode instead of fastboot and we can not do the "OEM Unlock" in the Developer Options as it does not show up in there. I found this thread (https://www.xda-developers.com/how-to-discover-hidden-fastboot-commands/) on how to discover hidden fastboot commands.
So I followed the instructions there to extract the aboot.img (bootloader) and then "read" the contents of that to see what fastboot commands are available. To my surprise, it has "oem unlock" listed and a few other oem options, see attached image. Although, back to the beginning of my post, we can not fastboot in.
I would assume we could unlock the bootloader via fastboot commands if we only had a way in for it. I am not that experienced with Odin but I think that is only to flash images. I spent most of this weekend searching for any way to alternately try to fastboot in or use Odin but came up with nothing feasible. I used ADB to reboot the phone into all modes and tried doing "fastboot devices" in all modes but it just came back with nothing.
I just wanted to post this in the case of being useful in our attempt to unlock the bootloader.
What do you mean by a way in ?
There is no way, that I know of, to put the s5 in fastboot mode. I was thinking that if there is a way to boot to fastboot, or at least have the phone listed as a fastboot device in ADB, we could possibly run the oem unlock command.
Ok that's what I thought u had meant .... I used to have a few HTC devices I believe was the my touch 4g I'm thinking about ...Anyway some of the roms I had to use ADB and fastboot to flash a kernal sometimes ADB wouldn't pick up device to communicate with fastboot someone had found that by installing PDA.net (I think this was name of app for Windows) it enabled ADB to see the device at any rate .... I no it's a long shot but something to look into if your bored sometime lol I'm not sure why or how it worked or if wouldn't help us at all but I no for a fact it worked on a HTC device so felt was worth mentioning
I'll have a look at that when I get a chance. Anything is worth mentioning as you never know what little piece completes the puzzle!
sorry guys, been out of it for the last two weeks. Projects got crazy but should be able to begin working on this again soon.
I'm fairly certain Thier is still a bounty on this .... I no I pledged 100 bux to whoever unlocks my bootloader and saves me from having to buy a new phone lol but been waiting damn near 4 years not gonna start holding my breath now lol
Towelroot gives kernel memory access, downgrade, use kexec.
This is the easiest way and only one that is guaranteed to work since all exploits have already been made.
Guicrith said:
Towelroot gives kernel memory access, downgrade, use kexec.
This is the easiest way and only one that is guaranteed to work since all exploits have already been made.
Click to expand...
Click to collapse
If, of course, we could get kexec to WORK. Any modification of the Kernel breaks the chain of trust and the phone goes into a bootloop.
We dont need to modify the kernel, TowelRoot would write kexec from a file(/system/userlandbootloader.img) into the kernel after boot, then the kernel would boot a new kernel from /system/oskernel.img (which is writable on rooted 4.4-5.0)
The only kernel being modified is the one running in ram and that is deleted and replaced every reboot so trust chain is never broken.
Guicrith said:
We dont need to modify the kernel, TowelRoot would write kexec from a file into the kernel after boot, then the kernel would boot a new kernel from /system/oskernel.img (which is writable on rooted 4.4-5.0)
The only kernel being mdifyed is the one running in ram and that is deleted and replaced every reboot so trust chain is never broken.
Click to expand...
Click to collapse
But for everything to work correctly we need to be able to hardboot to the new kernel, so we need to patch the existing one to support it.
Why?
If you have kernel access you can just set all values to there boot time default.(unless there is hardware locked values like the gameboy color bootloader)
Clear the mmu mappings.
memset((void*)0x00000000, 0x00, sizeof(systemram));
Now it is in a pre boot state.
If that does not work triggering a crash that does not reload the kernel from rom but hardboots the system may work too.
Guicrith said:
Why?
If you have kernel access you can just set all values to there boot time default.(unless there is hardware locked values like the gameboy color bootloader)
Clear the mmu mappings.
memset((void*)0x00000000, 0x00, sizeof(systemram));
Now it is in a pre boot state.
If that does not work triggering a crash that does not reload the kernel from rom but hardboots the system may work too.
Click to expand...
Click to collapse
If we can code this and get consistent successful results we'd basically have a workaround for most locked BL devices to boot a custom ROM.
Of course the only theoretical hurdle left would be to actually code something like this.
Hi there,
I'm currently trying to re-lock the bootloader of my Xperia XZ1C. I already flashed to stock firmware.
Like some people have issues to unlock the bootloader (https://forum.xda-developers.com/t/sony-xperia-xz1-sov36-bootloader-unlock-issuae-issue.4182675/), FlashTool fails the same way for me to re-lock.
As soon as I start BLU, the tool fails with ERROR-Cannot invoke "String.split(String)" because the return value of "java.util.Properties.getProperty(String)" is null.
fastboot oem lock does not work either (unknown command).
Is there any known way how to re-lock the bootloader?
Thanks in advance!
Reinstall fastboot ADB, install a newer version
[TOOL][Windows][Script]Get & Install Latest Official ADB & Fastboot Drivers
Most ADB-FASTBOOT installers are provided in UPXed .EXE-file format hence it's not transparent what they are internally doing unless you decompile it. So I decided to write the whole thing as a Windows CMD script thus everyone should can read...
forum.xda-developers.com
You cannot re-lock the XZ1c bootloader.
All of the guides for unlocking emphasize that pretty clearly.
f000bar said:
You cannot re-lock the XZ1c bootloader.
All of the guides for unlocking emphasize that pretty clearly.
Click to expand...
Click to collapse
Someone will probably find a way later….
Keno_I said:
Someone will probably find a way later….
Click to expand...
Click to collapse
No, they won't. The phone has been out for many years, and a large number of very smart people have tried.
And if they used an eFuze or something then it's definitely irreversible.
Don't get the person's hopes up with "maybe one day".
For all intents and purposes, the answer is no.
f000bar said:
No, they won't. The phone has been out for many years, and a large number of very smart people have tried.
And if they used an eFuze or something then it's definitely irreversible.
Don't get the person's hopes up with "maybe one day".
For all intents and purposes, the answer is no.
Click to expand...
Click to collapse
So if I started development on finding a way?
Then what shall you say then?
Keno_I said:
So if I started development on finding a way?
Then what shall you say then?
Click to expand...
Click to collapse
You're kidding, right? If you started _exploring_ whether there was a way, then until you solve the problem, it's still not possible until you actually do it.
Your attempts don't change that, though we could potentially say "you can't right now, but some folks are working on trying."
if I tell you I'm trying to build a time machine, does that mean time travel is possible? Of course not. That only changes when it's successful.