Hi to all,
In my current blog: http://rocking.blog.com/ I've been making some posts about the research I'm conducting on the HTC Universal. Of particular interested is the listing of a few datasheets related to the GSM/WCDMA hardware on the device.
Comments are welcome,
Ricardo
EDIT: Corrected some typos
New Data
Been hacking away at the Uni, particularly in the Radio chips.
I've managed to compile the following info, please comment it, prove me wrong...
Known facts:
1 - The Samsung chip is a 32MB+32MB NAND + SDRAM combination. It stores the Radio firmware in the NAND and the SDRAM is used for execution of the Nucleus OS and qualcomm extensions of the GSM + WCDMA radio.
2 - The NAND memory is mapped in 0x60000000, at least in the bootloader mapping. However, this mapping only covers 0x1000000 bytes (16MB).
Questions:
1 - Where are the other 16 MB of NAND memory mapped?
2 - Is the bootloader memory mapping equal to the OS memory mapping?
3 - What's the radio bootloader password?
4 - Was HTC drunk when they designed the Universal?
Please comment on the above statements and questions. (You can skip number 4 of course :lol: )
Bye to all and happy hacking!
Ricardo
Related
hi all, i have a little problem unlocking my XDA
first of all my PocketPC is a TSM400 and it is mysteriously identic to XDA. I think is the same model with a different name cause distributor company (telefonica Spain). I have a 3.18.10 ESP ROM version (08/15/03) and when i try to unlock it i got a "error getting unlock code"
any idea?
should i update the rom?
will i have any incompatibility problem?
thanks!
If indeed it is the same pda I would suggest installing xda developers special edition rom 1.2 AFTER you have backed up your existing rom using sd method. This should unlock your pda automatically on first boot after burning the new rom.
cruisin-thru said:
If indeed it is the same pda I would suggest installing xda developers special edition rom 1.2 AFTER you have backed up your existing rom using sd method. This should unlock your pda automatically on first boot after burning the new rom.
Click to expand...
Click to collapse
can you please help me also unlocking movistar tsm 400?
cruisin-thru said:
If indeed it is the same pda I would suggest installing xda developers special edition rom 1.2 AFTER you have backed up your existing rom using sd method. This should unlock your pda automatically on first boot after burning the new rom.
Click to expand...
Click to collapse
I'm sorry to be the bearer of bad news here, but that statement keeps getting thrown around yet its a false statement.
Its not the ROM that is stopping the Unlock, its the Radio stack. as i found out yesterday.
After i had upgraded to the special edition, it still returned a "Error getting Code" message, it was only when i upgraded my Radio stack to 6.24 was i able to unlock the phone.
But then, because i now had the wrong radio stack, i failed to get a signal until i had downgraded back to 4.21, Only then was i able to place a call and get SMS through.
Indeed the Phone does look exactly like a XDA,
So first thing for people with a tsm 400 to do is find out what hardware versions they are on.
Could i ask that both peachy_212 and elessar pick there PDA up and do this
Click Start on the today screen
Navigate to settings at the bottom of the drop down list
tap the SYSTEMS tab along the bottom row of tabs
And then device information
You should have
ROM version
ROM date
Radio version
Protocol version
Then click the next tab over (Hardware)
If it is a XDA it should say something along these lines
CPU: ARM SA1110
Speed: 206mhz
RAM: 64mb
FLashsize: 32MB
Flashchip type: 28f128
Databus: 32 bits
LCD :240x320 TFT
Colors: 4096
ALso what would help is the next tab over from HARDWARE, (Identity)
Give the model number and platform from this section, DO NOT GIVE OUT YOUR IMEI NUMBER ONLINE,
Could you reply with what version numbers and hardware info to confirm that it is indeed a XDA
Then maybe we can help
Hi all
I have recently bought a UK MDA Vario, and then I found this site. I have spent the whole weekend reading posts on this website and find it very interesting what we can actually do with our devices. Everyone here seems to have in-depth knowledge of this device and it's programming structure. This is my first HTC device and I have some very basic questions which I'm not sure if anyone here is bothered to answer (or point me a link where I can find the answers).
I can understand SIM-unlock, but...
(1) what is CID unlock (in fact what is "CID" and "SuperCID")?
(2) What is Bootloader?
(3) What is ROM? (is it equivalent to the "Windows OS" we install on PC?)
(4) What is Extended ROM, and what is usually placed in here as opposed to ROM?
(5) Can we just use any ROM on any variation of Wizard, and work?
(6) What is RAPI?
Thanks for your patience, guys.
Tones
Hi guys
So will you help out a beginner pls?
Thanks
Tones
toneslee: may I be so bold as to direct you towards the Hitchkikers Guide to HTC Phones, so to speak, the Wiki, top left of your browser or here: http://wiki.xda-developers.com
It won't answer all of your questions, but it'll help.
We're all newbies from a certain point of view, and a lot of gestalt knowledge goes into the Wiki. Have a look through there, have a hunt around on the board, and any questions or answers that need clarifying, elucidate here. We'll be glad to help as far as we can I'm sure
V
toneslee said:
I can understand SIM-unlock, but...
(1) what is CID unlock (in fact what is "CID" and "SuperCID")?
(2) What is Bootloader?
(3) What is ROM? (is it equivalent to the "Windows OS" we install on PC?)
(4) What is Extended ROM, and what is usually placed in here as opposed to ROM?
(5) Can we just use any ROM on any variation of Wizard, and work?
(6) What is RAPI?
Click to expand...
Click to collapse
Hey dude,
Welcome on the forums.
I will try to answer your questions.
(1) CID = Country ID.
CID unlock will unlock the country ID on your phone so you can install other roms and also other roms with different languages (e.g. if you have a Dutch MDA and want an English rom)
(2) Bootloader for our phone is like the BIOS on a pc
(3) ROM is like an image.
We have 3 different rom types.
* OS Rom - image that includes the Operation System of our phones
* Radio or GSM Rom - rom is for all phones features, GPRS etc
* Extended Rom - this rom includes additional application, customizations etc
(4) Check answer 3
(5) When your phone is CID or SuperCID unlocked you can install any kind of rom of any language or manufacturor
(6) This enables your PC to control the Wizard using USB ActiveSync connection
Maybe there are some others that can correct me or fill me in.
Thanks Panja. This was useful as I am a Newbie too.
Thanks, guys. Appreciate it very much.
Looks like it helped someone else already too... great.
Tones
My friend's Dopod 900 from Taiwan uses the CHT rom version. I'm looking for a method to dump it or otherwise save all three ROMs - radio, extended, and core - so I can test it with an English ROM (for some reason, perhaps hardware based, after playing music/video for a long while, the entire audio system no longer works). He doesn't want to void the warranty (too obviously).
Any suggestions on how to do this? Oh, and I can't read Chinese,... so any method that requires phone-based procedure will be a bit tough.
Any input will be greatly appreciated!
Hi,
I got this hTC Touch, a clone one, as it doesn't recognized by the touch identificator (I found a software that can identify the spl of the phone). I really want to do some wicked tweaks like the original elfin owner does, like flashing the OS, but I really can't do it because the spl is unknown.
Really, you can't differ it from the original ones just by the physical appearance. I realize it is a clone after I can't enter bootloader by camera+reset method. Then I realize (by reading the forum) that my device is a clone.
So, for those who knows, can I flash this phone OS?
If it is possible, how can I do it?
Here are some technical infos:
ROM Ver: 1.11.706.1.B En
CPU: Omap850
RAM: 128
ROM: 256
Any help or tips will be very appreciated,
Thx before,
best regard,
Xue
anyone?????
first off, i have never seen a clone phone but i hope i can be of any use.
I want to rule out the possibility of it actually being a real elfin, as its 128/256. Have you checked internally to see if it is a clone? I'm guessing here but i thi k a clone would be slightly different i terms of components? Have you tried hard reset combiations?
I'm just a little confused as the processor is the same as a genuine elf(in).
In settings, system, device information, what does it say?
Stu
Xue v.2 said:
Hi,
I got this hTC Touch, a clone one, as it doesn't recognized by the touch identificator (I found a software that can identify the spl of the phone). I really want to do some wicked tweaks like the original elfin owner does, like flashing the OS, but I really can't do it because the spl is unknown.
Really, you can't differ it from the original ones just by the physical appearance. I realize it is a clone after I can't enter bootloader by camera+reset method. Then I realize (by reading the forum) that my device is a clone.
So, for those who knows, can I flash this phone OS?
If it is possible, how can I do it?
Here are some technical infos:
ROM Ver: 1.11.706.1.B En
CPU: Omap850
RAM: 128
ROM: 256
Any help or tips will be very appreciated,
Thx before,
best regard,
Xue
Click to expand...
Click to collapse
I think it's no clone, because there aren't any clones with the same Processor,The same Look, The same specifics, those clones would differ with something of the Real HTC Touch, have you checked/examined every single information about your phone and the HTC Touch like how many Megapixel the HTC Touch and Your phone has etc.?
Try to sync this phone of yours with (Microsoft's) Active Sync 4.5 and then run the software which gathers the device info(phone must be 'fully' connected to your pc, without the Syncing you won't get no information about your phone.)
- Did you get a box when purchasing this phone?
- Did you bought this phone from a Reseller (for e.a online: Ebay) or from a genuine shop?
- Did you got a CD whit your phone, and what 'Sync software' was on it? Microsoft's Active Sync or something different?
I would like to hear more about this issue. PM or post a reply at this topic whenever you want or need to
I was wondering if it would be possible to take a BA Windows Mobile 6.5 rom and put it on to a Harrier/PPC-6600.
I'm sure this has been asked before, I just haven't found it.
I believe the only differences between the two devices are:
Harrier: BlueAngel:
64 MB ROM 96 MB ROM
No WiFi WiFi
CDMA GSM?
We could remove the WiFi module/software and then we wouldn't need the extra 32MB of ROM (hehe because I'm sure it would take 32MB ).
I have little programming experience (conversational in Flash, a few words in Python) but a fair knowledge of computers and I do have a Harrier so I could test it out(provided there's less than a 50% chance of bricking it) and help out to try to get it working if I had instructions.
Is this possible or should I just stick with WM 2003 SE?
If this question has been asked 3428930480328 times, then I apologize.
Thanks in advance .
It actually has been asked before
Next time you have questions, please post them in the Q&A section. Opening new threads is only for contributions to the forum (roms, kitchens, themes, etc).
To answer your question, no one has been able to port anything over 2003 to the Harrier. There are many major differences aside from the ones that you have already mentioned, which are substantial in the first place. Hope this answers your question.
It can be done you would just need to write a bootloader from scratch, one which can support wince 5.0.
What are the other major substantial differences?
A previous post from GnatGoSplat suggested that the following steps should make a GSM ROM work on a CDMA phone.
To make this work, you would have to:
1. Dump your WM5 ROM.
2. Separate dump into SYS and OEM packages.
3. Extract XIP.
4. Build new XIP with WM6.1 MSXIPKERNEL.
5. Build new IMGFS with new WM6.1 SYS folder.
6. G'Reloc the entire ROM.
7. BuildOS to create a dump.
8. Use Tadzio's tools to create a .bin, then to a .nb file.
9. Flash the .nb file.
This is sure to work, but isn't simple to do. If you're new to ROM cooking in general, you'll have a lot to learn before you can even attempt this. I've been cooking ROMs for 4-months and I still have a lot to learn.
Click to expand...
Click to collapse
I'd really like to get this to work. I have the time to donate and I'm a quick learner.
Are the steps shown above accurate in this context?
michael-knight said:
What are the other major substantial differences?
A previous post from GnatGoSplat suggested that the following steps should make a GSM ROM work on a CDMA phone.
I'd really like to get this to work. I have the time to donate and I'm a quick learner.
Are the steps shown above accurate in this context?
Click to expand...
Click to collapse
Here is the thing... WM5 was never ported to the Harrier, so going from WM2003, you need to do something far substantially different to what you described.
Again, it has not been done. I am not saying it is impossible, but no one has done it.
Update and some questions
After much research and screwing around lol, I attempted to extract a Harrier rom using xda3nbftool.exe . Unfortunately, using the password "0x20040521" gave me the "WARNING: this does not look like a nbf header, possible you provided the wrong password" error.
So, I compared it to a BlueAngel rom that WOULD extract using a hex editor to try and figure out what the difference was, and at the address 0x20040521 (I assumed that's what the "password" meant), there is no difference.
In fact, there are NO differences after 12MB in the file. That means AT LEAST 20MB of a Harrier ROM is IDENTICAL to that of a BlueAngel rom.
It's not like there's even 12 MB worth of differences - there's far less than that. I would guess around 5 or 6 worth. What I said was that 12MB into the file, there are none. In that 12MB, there are similarities still - I'm just too lazy atm to total it up
Anyway, that was just to prove how similar the Harrier is to the BlueAngel for some more support over here on the CDMA side of things (although that 20MB of similarity is probably just Windows Mobile 2003SE ).
My question is, why won't xda3nbftool.exe produce a usable result if the address it looks at is about 6.6 MB after the end of differences and start of 100% similarity?
Also, I have my own Harrier's rom dumped (using d2s, haven't done anything to it after that). How do I turn this into a nk.nbf file or split it into SYS and OEM? I've done much googling. The things I've tried so far have failed.
michael-knight said:
After much research and screwing around lol, I attempted to extract a Harrier rom using xda3nbftool.exe . Unfortunately, using the password "0x20040521" gave me the "WARNING: this does not look like a nbf header, possible you provided the wrong password" error.
So, I compared it to a BlueAngel rom that WOULD extract using a hex editor to try and figure out what the difference was, and at the address 0x20040521 (I assumed that's what the "password" meant), there is no difference.
In fact, there are NO differences after 12MB in the file. That means AT LEAST 20MB of a Harrier ROM is IDENTICAL to that of a BlueAngel rom.
It's not like there's even 12 MB worth of differences - there's far less than that. I would guess around 5 or 6 worth. What I said was that 12MB into the file, there are none. In that 12MB, there are similarities still - I'm just too lazy atm to total it up
Anyway, that was just to prove how similar the Harrier is to the BlueAngel for some more support over here on the CDMA side of things (although that 20MB of similarity is probably just Windows Mobile 2003SE ).
My question is, why won't xda3nbftool.exe produce a usable result if the address it looks at is about 6.6 MB after the end of differences and start of 100% similarity?
Also, I have my own Harrier's rom dumped (using d2s, haven't done anything to it after that). How do I turn this into a nk.nbf file or split it into SYS and OEM? I've done much googling. The things I've tried so far have failed.
Click to expand...
Click to collapse
Since it seems that you are really inclined into making this work... I guess I can try to point you were you can get more info since I don't know much about porting stuff myself
Check in the Himalaya section. There is a porting guide (I believe by Ather90), which goes into a lot of the stuff that you are asking about. Unfortunately for us, cooking nbf files is a lost art and very few people in this forum will be able to help you (Da_G probably being one of them)
michael-knight said:
I was wondering if it would be possible to take a BA Windows Mobile 6.5 rom and put it on to a Harrier/PPC-6600.
I'm sure this has been asked before, I just haven't found it.
I believe the only differences between the two devices are:
Harrier: BlueAngel:
64 MB ROM 96 MB ROM
No WiFi WiFi
CDMA GSM?
We could remove the WiFi module/software and then we wouldn't need the extra 32MB of ROM (hehe because I'm sure it would take 32MB ).
I have little programming experience (conversational in Flash, a few words in Python) but a fair knowledge of computers and I do have a Harrier so I could test it out(provided there's less than a 50% chance of bricking it) and help out to try to get it working if I had instructions.
Is this possible or should I just stick with WM 2003 SE?
If this question has been asked 3428930480328 times, then I apologize.
Thanks in advance .
Click to expand...
Click to collapse
Lots of us waiting for such thing. Good luck!
Sorry to bump the thread, but now my real world things have came to an end with exams being over and such.
I sent a private message at the beginning of this month to Ather90 and Da_G but neither of them have replied. If anyone has any suggestions or advice, please let me know.
michael-knight said:
Sorry to bump the thread, but now my real world things have came to an end with exams being over and such.
I sent a private message at the beginning of this month to Ather90 and Da_G but neither of them have replied. If anyone has any suggestions or advice, please let me know.
Click to expand...
Click to collapse
Da_G has been somewhat absent lately and (my mistake) Ather90 is now Ather. Try to send him a message and see if he replies.