if i change the rom to an i-mate jasjar or any other will it be unblocked?
No
why is that ?
I'm not an expert but Sometimes I wonder why is that, If we replace ech and every file of locked mda-pro with unlocked jasjar ?? then there should be no reason for a locked mda-pro.
can anyone explain inside science of locking & unlocking ?
I think it also depends on the definition of "blocked"
If the phone iteslf has had its IMEI blocked, then no amount of reprogramming/reflashing will unblock it.
If the phone has a simlock on it, then I believe this would be to do with something within the phone hardware itself.
Hi guys
That old chestnut again, locked and blocked are 2 completely different issues and unfortunately neither of these actually involves anything that is didrectly under the control of pocket windows.
There are 2 types of locking.
1) PUK locking (SIM Locking), this occurs if you incorrectly enter the SIM pin code 3 times in a row. If this happens you need to contact the network provider to get PUK unlock code, better still if you enter the PUK code incorrectly 5 times you will destroy the sim and need t get a new one.
2) Network Locking is a flag that specifies the LAIN of the mobile network that supplied the mobile phone and if this feature is enabled by the operator it will mean that only a SIM card that has the corect LAIN will work in that phone. I forget what LAIN stands for but basically it is used in the GSM international roaming world and therefore each operator has its own, the first few digits indciate the country then the last ones the specific network.
This can be disabled in 2 ways firstly by using and encrypted code specifically issued for your handset. Or secondly by trial and error by writing different values to the registers on the EPROM on the GSM unit itself. Eventually this will result in the phone unlocking itself. In order to do this the gsm engine needs to be removed from the handest and interfaced to a serial port. A 0 or a 1 is then sent to each register 1 ata time and the phone is then tested to see if it works. Depending on the size of the chip this takes a long time. However when you no the memeory location of the register this can then be done to any phone in a matter of minutes. this is basically the way modsyt of the unlocking systems are developed.
Finally IMEI blocking. This is done where the network has evidence that a crime has taken place either fraud commited on the handest, abusive phone calls or the unit has been stolen. If the network IMEI blocks it you have 2 options, 1 sell it in a diferent country ( Nigeria) or some chip sets contain the IMEI details on a flash chip. Again the registers are read over a serial interface and this can be rewritten. The first phones to support this IMEI in flash were the siemens TC35 gsm engines also the wavecom gsm modules support this. I am not really sure of any legitimate application for changing the IMEI of a mobile handest or even why this data is not writen in ROM but there you go.
I hope that helps to clear up issues relating to locking and blocking.
Regards
Charlie
thanks for such informative essay, we all are concerned about the network locking. I have noticed a tool to remove simlock from HTC wizard using same OS as HTC Universal. but in the above post its mentioned that OS has nothing to do with unlocking ..
But unloking tool of all old HTC devices running WM 2003 never took so long as in the case of Universal ? or may be quite possible that all good brains of our forum dont use Universal ?
Related
to all XDA developers (is their a change IMEI software USB) if yes where can i find it & if no is it going to be developed any soon? when?
I doubt the developers will be writing software for that particular use on the xda1, if you have a serial cable it will work on the xda as long as the radio stack is the early versions, it wont work on radio stack 4.21 for instance.
so where can i get the early(<4.20) Radio version coz i wanna use the
manipulator programme with my XDA2 device ?
????????????????
Chanaging IMEI is a way to get RID of those SPIES who pry into our personal info. Violations of our right to privicy....
Emil, can you expand on that statement please, the imei is the phones identity tag, if you have a prepay sim card your identity is unknown, if you have a post pay contract sim then your details are known and your phone is trackable by the sim details regardless of the imei/phone used.
i want to reset the timer to know how much i talked ,so where can i found that radio version
As far as I know, xda manipulator is for xda1 only.
IMEI-change and call-timer reset
No software exists to change IMEI or reset timers on Himalaya/XDA-II. Also no software does it to the Wallaby/XDA over USB, and The Manipulator, the program that does it to the Wallaby via the serial port only works with certain Radio Stack versions.
We have no legal or moral problems with IMEI-changing or timer reset, but it's a lot of hard work to write something which overwrites parts of people's radio software reliably. The last thing we want is 300 people wrecking their phones and blaming us. This issue has sort of scared us away from this type of modification.
(Unlocking is different since it only reads the ROM and then uses the 'official' mechanism of AT-commands in the phone for unlocking.)
No idea whether this topic will be revisited at some point, but don't hold your breath...
I can help you to change IMEI for XDA I or XDA II
cgigate
tell me how ....pls
cgigate said:
I can help you to change IMEI for XDA I or XDA II
Click to expand...
Click to collapse
Will you tell how it all works, and maybe even create a wiki page on it? We have itsme's and W4XY's works, bu we need many more people to publish the results their trips into the phone ROM and bootloader...
Peter,
Can you tell me how to read or find my IMEI number. I have a phone that was a display model and the lable on the back was removed so I can't get it there and the system identity shows a generic IMEI number (as I've found with all the updated 2003 ones).
Thanks,
David
moto1 said:
Can you tell me how to read or find my IMEI number. I have a phone that was a display model and the lable on the back was removed so I can't get it there and the system identity shows a generic IMEI number (as I've found with all the updated 2003 ones).
Click to expand...
Click to collapse
Try dialing *#06# on the phone. This works on all GSM phones (since it is in the GSM specification to be approved as one).
That still gives the generic IMEI number with an extra "01" at the end. It seems to be a glitch in the 2003 software because the IMEI numbers are available before you upgrade but not after. I thought I was missing something but the other units with the upgrade are giving the same generic number (350314010000009). Does anyone else come up with that IMEI #.(May be T-Mobile only!)
David
nope
I upgraded my rom lots of time and never lost my original IMEI number (which is written inside the case, under the battery)
It must be in the "T-Mobile" upgrade that changes the number in the system settings.
no solution till now????!!!!!
Never a nice thought some one is flicking thru your contacts and private photos.
No they can onlu IMEI block it to prevent it making calls, consider using the built in password options.
they can imei bar it but the orbit works without a sim in terms of browsing stuff so I guess so, unless you set up a handset pin as well as a sim pin
What happens if they put a different sim card in there before i tell O2?
Can you still search around on the device with Active Sync if there is a lock.
it will still imei bar the handset, I would guess so re the active sync q, bes thing is to put a handset pin in
i take there is a hack to unlock the IMEI after they have blocked it.
No there is no hack unless you phyically flash the phone to change the IMEI as i amware this is not possible.. well probably but more likly to completely f*** the phone up.
Now there is a small thing there is no INTERNATIONAL blacklist for IMEI i think the EU or atleast many EU countries are linked so you cant just go to France from UK and use a bared IMEI but i know it u go to like Thailand you can (gave my girlfriend a phone i had when she was on holiday and it worked that was bared here because i reported it stolen and then it turned up).
Anyway no-one on here will help you change an IMEI its to risky for all they know you may have stolen it. (this is not an acusation in ANYWAY) However there are those that will try this sort of technique.
Do any one know how a windows mobile sends the IMEI to the network?
Which function in the api ?
i'm sure it is in the low level api , kernel or may be the coredll.dll but i cannot find any clue on it , and i don't have any idea on where to start to trace that.
Any help or clue would be grateful
Is it really sent??
I'm by no means an expert on this subject -- but is it really sent over the network? In my case the US ATT network? I'm not so sure it is...
...if so, why do they have to always ask me for it?
...if so, why aren't they automatically charging me an extra $30/mo. for a PDA data plan which they insist is REQUIRED for PDAs to connect-even though we all KNOW that's a lie and an ATT rip-off scheme?
...if so, why am I able to call them and give them ANY NON ATT IMEI over the phone and they not dispute it?
...jus a few questions to answer your question.
I'm not an expert either, but I can tell you that they see it. I like to think of the IMEI number as your "ip address" or your phone's "username" for the network. It has to be sent for access purposes and it would be stupid not to log that type of server access. Else how else would you be restricted from using other Cellular towers.
Wrong.
Read up on IMSI's and TMSI's
In the Netherlands the police used an IMEI number to send text messages to a stolen cellphone, even thought they had changed the simcard the phone would show: " This phone is stolen please bring it to the police" every 5 minutes...
Though I'm not an expert on this topic, I thought that the Radio Firmware handled all communications with the Cellular network, including IMEI. One reason I am inclined to go with the Radio Firmware is this simple reason: If it was handled by WM, somebody could probably figure out how to spoof it through WM at one point or another, in the same way that MAC addresses can be spoofed.
And as I said, I'm no expert on this, so please, somebody correct me if I'm blatantly incorrect.
Oh, and w00t! 400th post!
IMEI is for sure transmitted to the network, since this is registered on the BTS every time your signal "auth" on it , and the server logs it and checks if your phone is on the "blacklist" and then reject connection if it is the case.
Check here
But i wonder, technically, where from it is sent, maybe from the Radio firmware like previously posted ?
I guess, since we have some tools to read & change the IMEI on others HTC, it could be done on every models (if i understood right, the IMEI part is somewhere on "read only" and we first need to unlock the CID to unlock this part of memory and then modify / alter it.)
The tools is found here :
IMEI Updater
But works only for iWizard and some other models.
But couldnt we hook the function that retrieves the imei and alter it on the fly? (from the software point of view?) or should i digg in the flash memory?
Or is it hardcoded on the SPL or the IPL? When and what function is used to send it on the network ?
Also for al the legal issues, i might add that an opensource OpenBTS Project is running , and it is in a research-oriented initiative.
So no post saying that i want to change stolen Imei etc.. this is not the case.
I'm a developer for one year now, and i'm interested in mobile security and research.
ix0u said:
IMEI is for sure transmitted to the network, since this is registered on the BTS every time your signal "auth" on it , and the server logs it and checks if your phone is on the "blacklist" and then reject connection if it is the case.
Check here
But i wonder, technically, where from it is sent, maybe from the Radio firmware like previously posted ?
I guess, since we have some tools to read & change the IMEI on others HTC, it could be done on every models (if i understood right, the IMEI part is somewhere on "read only" and we first need to unlock the CID to unlock this part of memory and then modify / alter it.)
Click to expand...
Click to collapse
I think you'd have to Security Unlock as well. And I'm certain that it's stored somewhere in protected flash memory, at least on the Qualcomm based devices, because there have been isolated reports of IMEI changes after using Olipro's Kaiser SIM/CID unlocker/changer.
It works by flashing a modified radio firmware which security unlocks the device (until a different radio is flashed), then a program is run in Windows Mobile which somehow changes SIM lock and CID information. If you're curious, those cases concerning IMEI changes as a result of this tool are here and here. And if you really want to know about this issue, a visit to the XDA IRC channel, or a polite PM to cmonex, Jockeyw2001, Olipro, or Pof could probably clear this up, as those are the people who really know these devices. Good luck
Thank you very much DaveTheTytnIIGuy, at least i have a lead now, on where to go and who to ask.
I heard that was released some IMEI generator with which you can unlock your phone on any network. As it has for Nokia phones.
Does anyone have experience with those related to LG GT540?
If there would be useful to put on the net.
Dont know if this is true , but somewhere i heard that not many android phones are actually locked to a network, they just have branding on them , and may have system apps.
But i havnt tried it out as everyone in my area is on the same network.
Well, I know it's a little phone is locked, but all of them will be more. Actually here is the word that if anyone knows and help those who have locked phones to network operators that have purchased the machine do the opposite. More specifically, to unlock and simply use any sim card.
Most Android phones are locked only at the software level. This is true for GT540 as well I guess. It's not usually locked but when it's locked, it's just software lock. Not an IMEI lock. You just have to root it and unlock the phone. Or, flash an unlocked KDZ.
IMEI locks are not used on phones generally. They are used only one stolen phones.
On the other hand, in some networks where SIM cards are not used, the phone is authenticated into network using IMEI/IMSI/MIN/ESN. When this is done, you don't need an IMEI generator, you will need the IMEI/IMSI/MIN/ESN of the phone/SIM tied to your account.
I am looking at purchasing a HTC HD2 from ebay. Unfortunately, it was from a "batch of phones that had left the suppliers locked" The supplier eventually offered a refund and he also, maybe inadvertently kept the phone as well. When he now puts in the SIM card the message reads --"Service provider is locked. Please input unlock code." Apparently you can have these unlocked, but one site states that "This service will NOT remove your phone’s security lock" Can somebody please explain to me what this means? Is it correct that you can only enter the unlock code 5 times and then it is permanently locked? Is there any way round this? It seems a little strange that the phone provider supplied a locked phone, then provided the unlock code, which for some reason didn't work? I would appreciate any advice. The emei number appears to check out as far as it is not blocked. I will pay for an "official" check, if it appears that I can get round the unlock problem. I could always approach the original supplier and request an unlock code, and hope that their unlock procedure works the second time round?
Thanks
Which carrier is this from?
Usually when you enter it wrong x number of times you now have to enter the "unfreeze" code, which you should be able to get from the phone provider. Most online unlocks also have the unfreeze code.
What country & network was it locked to ?
Most can be easily unlocked via codes matched to the IMEI
*Do make sure IMEI on sticker in battery area matches that of actual mainboard IMEI when you dial *#06# to view IMEI on screen
Have entered more than 5 myself & been on a time out wait for quite some time ...
Security lock is to do with firmware certificate checking & nothing to do with SIM lock ...
I get all my codes from http://www.pdamagician.com/unlocking.html but if you tried some code already without success I would ask them if they have another code not matching what already been tried.
Other option is getting it unlocked via cable & software & this method can unlock SIM, CID & Security as required but you need to find a local shop that supports it ...
Also worth noting you need to be on Windows Mobile ROM to fully support the code unlocking.
Thanks for the replies
Supplier was Virgin UK
Just to clarify:
"Service provider is locked. Please input unlock code."
• This is security lock and can be unlocked by using:
o code from original phone supplier (Different one in this case).
o code from 3rd party online supplier such as pdamagician.
o cable connection using specialist software at local shop.
IMEI sticker number matches mainboard
• This can only be checked after unlocking security on phone as above?
I presume by windows mobile rom, you mean not running on other operating system such as android? The phone has never been used, so it will be on windows and therefore not be a problem?
Are these phones still available new anywhere?
I can still buy them new here in Bangkok but getting harder to find.
Vodafone UK should be easily SIM unlocked by genuine HTC code & if for some odd reason not software & cable will for sure.
I would get likes of pdamagician to verify the code you have already tried as suspect a genuine HTC IMEI database code will be different .
bankok
Mister B said:
I can still buy them new here in Bangkok but getting harder to find.
Vodafone UK should be easily SIM unlocked by genuine HTC code & if for some odd reason not software & cable will for sure.
I would get likes of pdamagician to verify the code you have already tried as suspect a genuine HTC IMEI database code will be different .
Click to expand...
Click to collapse
I have a friend in Bankok. What do they cost now over there?
All the best
about 8,000Baht 100% new but varies on shop & availability as stock is low but demand is not high here.