Breaking this discussion off from the EVO root thread, as it's a separate beast entirely..
theillustratedlife said:
(Incidentally, if they would have given us engineering SPLs in the I/O phones, it probably would have delayed the root issue on general-release phones a while longer).
Click to expand...
Click to collapse
True, but truth be told, there's a separate ENG SPL, which would actually fix the NAND protection by default, if it would flash. But because it's an older release than what came on the phone, it won't let you flash it (even tried with a goldcard, and no go). This version matches the stock version, which means it can be flashed back and forth with no complaints.
Can you explain NAND protection a bit further, please? Are the changes being overwritten on startup, or are they being blocked before they occur? Is NAND protection being implemented at the firmware level?
Click to expand...
Click to collapse
Firmware, yes (aka radio). But it's actually the bootloader (aka hboot) that sends a command to the radio to say lock it or unlock it. There's even a linux API in the "mtd" driver to allow an ioctl() call to unlock a NAND ... IF it's supported (the source code we have shows that the msm_nand_unlock() code is missing, thus it's not supported). When booting into Android, hboot says "lock NAND", and when booting to recovery, it says "unlock". When it's locked, you get a "not enough memory" error when trying to do any writes to the /system partition (even after remounting it as read-write).
The fixes are ..
1) ENG hboot. I've tried unsuccessfully to flash just the hboot.img from the engineering RUU, using our custom recovery ... it goes through the motions like it's supposed to (writes hboot.img into a section of the nand, sets a flag in the bootloader, then reboots; then the bootloader finishes the flash and reboots again back to recovery), but it doesn't take effect .. seems as if it's doing some kind of version check and it fails that version check, so it rejects the hboot.img update.
2) reverse engineer the msm_nand_unlock() API by disassembling hboot and seeing what it does to lock/unlock the NAND, then try to do the same thing from Android. In theory, that would allow it to unlock the NAND from userspace.
I haven't given up on either of these options, I just haven't had the time necessary to devote to it yet.
Also from that thread:
theillustratedlife said:
Could you drop the ENG hboot into a hex editor and change the version & modification dates appropriately?
Click to expand...
Click to collapse
theillustratedlife said:
Could you drop the ENG hboot into a hex editor and change the version & modification dates appropriately?
Click to expand...
Click to collapse
I've gone over it in IDA for a couple hours now It may well be that simple, but it's not just the "0.79.0000" version part, since I did try changing that and it didn't help. But it could be a different version that's read from some other byte in the image. Like I said, still investigating.. :x
I just wanted to point out that a HTC Desire demo model was found to have S-OFF and had its NAND unlocked, while having the same SPL as normal locked Desires. The S-OFF was triggered by the SuperCID (1111111) I believe which is set somewhere in the radio and also in the 'misc' nand partition (but just changing the CID there had no effect).. not sure if this is helpful but I felt like mentioning it since I guess the NAND locking is similar on both devices. Also I may have gotten some details wrong here since I'm not really involved in mobile phone hackery, but would really love to have a completely unlocked phone
maejrep said:
When booting into Android, hboot says "lock NAND", and when booting to recovery, it says "unlock".
Click to expand...
Click to collapse
to clarify, when booting into the bootloader with the userdebug RUU PC36IMG.zip, hboot says unlock NAND and this only applies to /system and the location for hboot.img (SPL?) currently? /recovery remains locked.
you said you're able to flash the engineering hboot.img from recovery? to flash it, you're using the flash_image binary loaded by the EVO-recovery.zip?
i know this is explained above but not 100% clear on how the userdebug RUU PC36IMG.zip unlocks /system and the location for hboot.img ?
sorry if the questions are n00bish, still tryin to get up to speed and its hard w/o the actual phone!
joeykrim said:
to clarify, when booting into the bootloader with the userdebug RUU PC36IMG.zip, hboot says unlock NAND and this only applies to /system and the location for hboot.img (SPL?) currently? /recovery remains locked.
Click to expand...
Click to collapse
The "userdebug" part of it doesn't matter: even the stock ROM has its system partition unlocked *while in recovery*. But because the stock recovery has adb disabled, there's not much we can do with it, and because the stock recovery requires HTC-signed update.zip's only, we can't flash anything with it. So whenever the bootloader (hboot) starts loading recovery, as part of that, it tells the radio to unlock the system partition. We just happen to have a userdebug RUU that gives us adb & root while in recovery, thus we can leverage the unlocked /system partition where with the stock recovery we can't.
you said you're able to flash the engineering hboot.img from recovery? to flash it, you're using the flash_image binary loaded by the EVO-recovery.zip?
Click to expand...
Click to collapse
I'm able to *attempt* to flash it, via an update.zip, which has has update-script that says "flash hboot with hboot.img". It is *not* the standard flash_image, because you can't flash the bootloader from something that comes after the bootloader. The bootloader doesn't live in any of the mtd partitions that are accessible from linux kernel space. Basically how it flashes firmware (that includes both hboot and radio images) is it trashes the /cache mtd partition, and shoves the hboot.img (or radio.img) data into the section of NAND that should be the cache partition. Then it reboots. The radio/bootloader sees the special magic header in the cache partition, and understands that it has to take that data and flash it over its current hboot. That step is what is currently failing (with no log or explanation why, yet). Regardless of success or failure, it will reboot back to recovery, because the last step is that recovery has to reformat the /cache partition to make it usable again.
i know this is explained above but not 100% clear on how the userdebug RUU PC36IMG.zip unlocks /system and the location for hboot.img ?
Click to expand...
Click to collapse
The userdebug RUU does not unlock /system. /system is unlocked automatically by the radio and bootloader any time you enter recovery: whether it is on a stock ROM or a userdebug ROM. We simply can't use that to our advantage when using the stock (locked down) recovery, because that recovery only gives us access to certain things. In that sense, it works similar to how /system used to work on older Android devices: Android used to have full access to the /system partition, but couldn't be utilized until it was unlocked by having access to something else (e.g., "root" access). Back then, once you became root, you had the keys to the kingdom: you could delete apps, add apps, reconfigure the system, flash a new recovery image, etc ... and at that point, root could never be taken away from you, because you would just have a rooted recovery image that would let you take over the next system image.
Now that /system is completely locked while not booted in recovery (and "recovery" partition isn't writable, period), having root access means less, because you can't write to /system from Android (or to recovery while in recovery). If we find a way to unlock the NAND, we'll essentially be able to regain those keys to the kingdom. Flashing an engineering SPL would just be the easiest way (once we find out how to make it accept the image), definitely not the only way.
Thread bump, I was sad it got buried as you can see here...
http://forum.xda-developers.com/showthread.php?p=6705148#post6705148
dumb question here, but if the flash hboot hboot.img isn't working, wouldn't that imply that there is something left over from the original/stock hboot.img that simply isn't being overwritten? wouldn't was isn't being overwritten be the bit telling everything else to lock up the house later? can that be determined, and either overwritten with an empty bit, or a 'leave the door open' code?
just throwing things out there, because i have no idea what i'm talking about
How does the Qik update work? It comes preinstalled in the system partition, but there's a Market update available for it.
It looks like there's an APK in both app folders:
Code:
#in /system/app
-rw-r--r-- root root 815870 2010-04-28 22:51 Sprint_Qik.apk
#in /data/app
-rw-r--r-- system system 4514646 2010-06-04 15:24 com.qikffc.android.apk
Is the new APK telling Launcher to ignore the old APK? I tried looking in com.qikffc.android.apk/AndroidManifest.xml, but it seems to be encoded in something other than text/xml.
I was hopeful that this would be a clue to defeating NAND protection from userland, but the presense of Sprint_Qik makes me think they've left /system alone and tweaked something on /data to hide the old build.
maejrep said:
1) ENG hboot. I've tried unsuccessfully to flash just the hboot.img from the engineering RUU, using our custom recovery...
Click to expand...
Click to collapse
Are you able to get just the custom recovery onto any ROM without breaking it?
Usermode root with nand access would be great, but right now I'm looking for a custom recovery mode on an official ROM at minimal.
theillustratedlife said:
Is the new APK telling Launcher to ignore the old APK?
Click to expand...
Click to collapse
Pretty much that's how it works.
Someone PLEASE sticky this, I personally find this very important that a solution be found!
Neotelos_com said:
Someone PLEASE sticky this, I personally find this very important that a solution be found!
Click to expand...
Click to collapse
1+ This is a must.
+1 as well this definitely should be #1 priority at the moment once we unlock nand where golden
I also agree, this thread needs to be sticky.
Is this accurate (for the EVO? For Android devices in general?):
Code:
mtd0: 00040000 00020000 "misc"
mtd1: 00500000 00020000 "recovery"
mtd2: 00280000 00020000 "boot"
mtd3: 04380000 00020000 "system"
mtd4: 04380000 00020000 "cache"
mtd5: 04ac0000 00020000 "userdata"
I'm still working out the details of how the Android system works, but what I'm getting lost on is how current root status happens. Using toast/maejrep's method, we're pushing a custom Recovery.img--which is either flashed by the script, or flashed automatically by Android upon shut down.
(This is assuming that Android always flashes a copy of Recovery.img from the /system partition as a safeguard, ensuring upon reboot things are as expected.)
We then have full access to Boot, Recovery, and System (via Recovery). Right now we're flashing a custom Boot.img (with custom Kernel) as well as a custom System, correct? What happens to the Recovery that we're currently in after a reboot that we lose it?
I don't understand is why Recovery isn't sticking. Does the system try to re-flash Recovery.img from /System upon every reboot, and our accessible Recovery is being replaced by the default Recovery.img simply because we've overlooked it?
Additionally, assuming we have access to Recovery, we should have full access to Boot and System (as we do now), so we'd be able to flash custom Boot/Kernel, OS/ROM/System, and stick with a solid Recovery image to handle flashing in the future.
Where are we/I getting tripped up? I don't understand why Recovery isn't sticking? And if Recovery does stick, isn't that all we truly need (given the adb/ENG build) to fully unlock the EVO?
The Evo's system is actually #4
I don't know much about kitchens, etc per say but I do know about filesystems and modding.
I am right now trying to get one step further with a stock ROM that includes system changes and a custom recovery. I can't make any promises but ask for you to wish me luck!
This will be the next best thing to user-mode NAND access.
Post has been stickied.
Neotelos_com said:
Someone PLEASE sticky this, I personally find this very important that a solution be found!
Click to expand...
Click to collapse
indeed
shep211 said:
1+ This is a must.
Click to expand...
Click to collapse
accent on MUST
bcnice20 said:
+1 as well this definitely should be #1 priority at the moment once we unlock nand where golden
Click to expand...
Click to collapse
Time to start warming up the new flashing machine and get used to not sleeping for nights at a time again...........
Neotelos_com said:
I don't know much about kitchens, etc per say but I do know about filesystems and modding.
I am right now trying to get one step further with a stock ROM that includes system changes and a custom recovery. I can't make any promises but ask for you to wish me luck!
This will be the next best thing to user-mode NAND access.
Click to expand...
Click to collapse
GO NANDROID SUCCES. seriously though crossies here.
Stericson said:
Post has been stickied.
Click to expand...
Click to collapse
Score....
Would it be possible to bootloader unlock the same way they did with the Nexus? windows-fastboot oem unlock?
Related
[GUIDE] Root & recovery WITHOUT oem unlock & wipe (2.3.2 & older, plus now 2.3)
UPDATE #2 - Fitchman has reported successful root and rom flash without unlocking the bootloader by using Ginger Break. Full details in this post: http://forum.xda-developers.com/showpost.php?p=13236136&postcount=135
UPDATE - IMPORTANT: This method does not work with Android 2.3.3. Search the forum or this post in this thread for a way to update to 2.3.3 and root without unlocking if you haven't updated yet.
Alternatively, use this method on 2.3.2 and lower, then use titanium to back up everything, store it on your laptop (along with all your sdcard's data), then do the oem unlock step first and then continue from there with the rest of the guide.
Not my original idea, but a consolidation of a discussion between inakipaz and shrivelfig and myself in another thread and being posted here for easier finding by future root-seekers.
Shrivelfig's tested the method to re-root a previously rooted pone with a re-locked bootloader, and inakipaz has done it on a phone that's never had the bootloader unlocked.
The advantage here is that those who chose not to root when they first got the phone won't lose any app data or sdcard data like the methods that have you unlock the bootloader do. The disadvantage is your bootloader remains locked, which may prevent you flashing certain things in the future.
edit: see ravidavi's posts below; he's shown you can even flash custom roms that are clockwork compatible while having a locked bootloader with this method.
Download these two files:
clockwork recovery v3.0.0.5 or clockwork recovery v3.0.0.5 mirror if above not working
su-2.3.6.1-ef-signed.zip
Koush's blog for the latest clockwork updates (find Nexus S in the list).
Also, if you don't already have the necessary android sdk and drivers on your computer, get them from here: http://developer.android.com/sdk/index.html and install them. Some Windows users report better luck just installing pdanet. There's a decent guide for Windows users on installing the sdk here.
Place the recovery file on your laptop where you can access it while using the sdk fastboot commands.
Place the su zip one in the top level folder of your sdcard.
Put your phone in fastboot mode (power off, then hold volume up and power key at the same time until the phone boots to a white screen).
Use fastboot to boot the phone into the clockwork recovery:
Code:
fastboot boot recovery-clockwork-3.0.0.5-crespo.img
If you're not sure how to get fastboot working on your computer, follow the excellent instructions that Allgamer gives in this GUIDE, but don't do the oem unlock command!
Once in clockwork, flash the su file to the phone by following these steps below.
To navigate in the clockwork recovery, you use the volume keys to scroll up/down through the menus, and the on/off button to select what's highlighted.
(note: some report success without these first 3 steps, others don't get a succesful root without, I recommend doing them)
select mounts and storage.
select mount /system
select go back
select install ZIP from sdcard
select choose zip from sdcard
select su-version#-signed.zip file you downloaded earlier
select yes - install su-version#-signed.zip
confirm it says "Install from sdcard complete"
select go back
select reboot
After the phone reboots, you should be rooted, with a locked bootloader, and none of your data erased.
That said, never hurts to have a backup of your precious data on the sdcard that you can copy over to the computer.
This method doesn't install busybox, so go to the Market and download/install busybox directly, or get Titanium Backup and check it's "problems?" button and let it install busybox for you. There's also an app called root checker that supposedly verifies you have a working root on your phone.
Once you have a successful root installed, I'd suggest getting back into clockwork recovery and running a nandroid back up from clockwork's backs and restore menu. Then copy that file from your sdcard (in the /clockwork/backups folder) to your laptop for safe-keeping and an easy full system restore to a known working config.
Usual disclaimers about I'm not responsible for damage to your phone or loss of data apply. Use any rooting method at your own risk.
Thanks and all the real credit go to inakipaz, shrivelfig and allgamer, and of course to koush, and ChainsDD for the superuser apk.
Worked perfectly. I used fastboot from my Mac (outlined in the stickied Mac Root thread). Root checker verifies that I have root.
And by the way, my phone and I are both root/ROM cherry. First android phone, first time rooter. Will work up the guts to flash a ROM soon, but of course there's no chance of doing THAT without unlocking the bootloader.
Thanks to all involved in this!
yeah! good work!
Srsly. Awsom.
Someone sticky this....
Question: When you do the fastboot boot command, does that overwrite the stock recovery with Clockwork? Or is it just booting into the recovery img without actually flashing it?
I would think this method also gives you a way to back up before unlocking the bootloader.
1) fastboot boot into Clockwork as described here
2) Full nandroid backup from Clockwork
3) Mount "SD" from Clockwork over USB, copy everything to computer (since it wipes everything)
4) Go back and unlock the bootloader as usual, resulting in a full wipe
5) Flash Clockwork Recovery again through whichever method
6) Mount "SD" from Clockwork over USB, copy the backup back to phone
7) Restore nandroid
And now you've unlocked the bootloader without amnesia =)
ravidavi said:
And by the way, my phone and I are both root/ROM cherry. First android phone, first time rooter. Will work up the guts to flash a ROM soon, but of course there's no chance of doing THAT without unlocking the bootloader.
Thanks to all involved in this!
Click to expand...
Click to collapse
Are you sure you need to unlock the bootloader to flash a ROM? Now that you have root, try installing ROM Manager from the Market, and see if it lets you flash custom recovery with bootloader still locked. If so, then yes you can install a ROM!
Also, the fact that you're able to boot into Clockwork using "fastboot boot" - that also means you can install a ROM .zip file right from there.
cmstlist said:
Question: When you do the fastboot boot command, does that overwrite the stock recovery with Clockwork? Or is it just booting into the recovery img without actually flashing it?
Click to expand...
Click to collapse
"fastboot boot" only launches the recovery no unlock needed. "fastboot flash" flash the recovery
cmstlist said:
Are you sure you need to unlock the bootloader to flash a ROM? Now that you have root, try installing ROM Manager from the Market, and see if it lets you flash custom recovery with bootloader still locked. If so, then yes you can install a ROM!.
Click to expand...
Click to collapse
It worked! Here's the process I used, starting from a completely unmodded Nexus S.
1: Use the method detailed here to gain root access without unlocking the bootloader.
2: Using a root-enabled file explorer (I used Super Manager), rename install-recovery.sh (in /etc) to install-recovery.sh.old . You'll need to remount as r/w to do this. NOTE: You don't *have* to do this step, but if you don't, then you can only use clockwork once after which it will be erased on reboot.
3: Using ROM Manager, install Clockwork Recovery.
4: Pleasure yourself, because your bootloader is still locked and nothing was erased.
I have yet to try actually flashing a custom ROM. Does this mean that it can also be done without unlocking bootloader?
Well damn, whaddaya know. I just flashed MoDaCo r10 without unlocking the bootloader, and without losing any personal data on /sdcard.
I figure someone at XDA should like this.
Pretty much followed distortedloop's advice. Starting from a fully stock Nexus S with Android 2.3.2 (GRH78C):
* Root using the method on this thread.
* Rename install-recovery.su to install-recovery-old.su. (in /bin)
* Install Clockwork Recovery from ROM Manager.
* Download whatever ROM you want (compatible with Clockwork), rename to update.zip, and copy to sdcard.
* Reboot into Clockwork.
* Wipe cache, reset to factory (IF REQUIRED BY NEW ROM). This was my first install of MoDaCo, and that requires it. This step does NOT erase your personal files on sdcard, just all android-related files.
* Install update.zip from Clockwork.
* Continue self-pleasuring ... you now have a custom rom without touching your bootloader or wiping your personal sdcard data.
Maybe it's just because I'm a noob here, but it seems to me that this is a BIG deal. All root/ROM installation methods that I've seen so far have required an unlocked bootloader. This seems to be the first time a Nexus S has been unlocked and custom-ROM'd without unlocking the bootloader and wiping the entire /sdcard.
Ravi
Yeah, it's pretty clear that the unlock the bootloader step isn't necessary for most of what we want to do. Just a habit from earlier devices, perhaps?
What's really odd is now we have to wonder what's the purpose of the oem unlock erasing your sdcard? Speculation was that it was a security feature to keep people from accessing your data if they stole your phone; they couldn't flash something on the phone to get access, but clearly they can. Fastboot into a custom recovery and you own the phone.
Perhaps this is a security hole Google will try to fix some day?
At any rate, I wish we'd discovered this sooner, it would have saved several people some grief in having to lose saved games (Angry Birds!) when they finally decided to root.
distortedloop said:
Yeah, it's pretty clear that the unlock the bootloader step isn't necessary for most of what we want to do. Just a habit from earlier devices, perhaps?
...
At any rate, I wish we'd discovered this sooner, it would have saved several people some grief in having to lose saved games (Angry Birds!) when they finally decided to root.
Click to expand...
Click to collapse
You say "for most of what we want to do." Could you think of a case where you would need to unlock it now? It's now shown to be unnecessary for rooting and installing custom recovery/ROM.
Is there any way to get the word out? This thread isn't stickied, and all the stickied threads on rooting & custom ROMs currently assert that you have to unlock the bootloader.
Ravi
ravidavi said:
You say "for most of what we want to do." Could you think of a case where you would need to unlock it now? It's now shown to be unnecessary for rooting and installing custom recovery/ROM.
Click to expand...
Click to collapse
I'm thinking that something like Superboot might need to have the bootloader unlocked, since it replaces the boot image, right? But I'm not sure.
ravidavi said:
Is there any way to get the word out? This thread isn't stickied, and all the stickied threads on rooting & custom ROMs currently assert that you have to unlock the bootloader.
Ravi
Click to expand...
Click to collapse
There's only a page and a half of posts in the development section right now, so it's not likely to disappear any time soon, but you could ask a mod (theimpaler747 is ours) via PM to sticky it. I thought about asking myself, but seemed a bit tacky to ask for my own thread.
Meanwhile, I'd been linking people to various posts I'd made in other threads suggesting this might work, but once inakipaz and shrivelfig confirmed it, I'm just now pointing people here. I just hope people see this before wiping their phones unnecessarily.
Really, the other guides should just be updated to skip the oem unlock step. That's really the only different thing we're doing here.
i'm just waiting for more people "newbies" to confirm this actually works for them, before making it a sticky
In theory if you really really screw up your phone, you might need fastboot flash in order to recover it. But if fastboot also lets you boot into an img recovery... then you still have a recovery route that doesn't require unlocking.
Sent from my Nexus One using XDA App
I know it's a noob question and all since all you're doing is flashing a custom recovery but will you still be able to get OTA updates after doing this as well?
Sent from my Nexus S using XDA App
qreffie said:
I know it's a noob question and all since all you're doing is flashing a custom recovery but will you still be able to get OTA updates after doing this as well?
Sent from my Nexus S using XDA App
Click to expand...
Click to collapse
yes because you still have the original recovery installed
distortedloop said:
Perhaps this is a security hole Google will try to fix some day?
Click to expand...
Click to collapse
This would be my guess.
But how? Is it possible to plug this with just a software update? Time will show, I guess.
This (security hole) should also make it possible to do perfect out-of-the-box OS backups. And restores. The problem is that nobody's going to do a backup without playing with their shiny new toy first.
shrivelfig said:
This would be my guess.
But how? Is it possible to plug this with just a software update? Time will show, I guess.
This (security hole) should also make it possible to do perfect out-of-the-box OS backups. And restores. The problem is that nobody's going to do a backup without playing with their shiny new toy first.
Click to expand...
Click to collapse
I can confirm that the Nexus One does not allow this "fastboot boot" on a locked bootloader. Maybe this was just an oversight?
It is entirely possible to plug this with a software update: Samsung/Google could issue a signed update that includes a bootloader upgrade. This has been done many times by HTC for example.
I can confirm that this method works, without unlocking the BL or erasing the SD part.
This is pretty cool. I wish I new about this before I unlocked the bootloader days after I received my phone. I too wonder if this was intentional or an oversite. Google did want this phone to be for developers, but like other's said, this is also a bit of a security hole. The wiping of the sd card on unlock would protect the person if the phone was stolen, like if there was confidential corporate stuff on there. Even if you password protect your phone, someone could fastboot clockwork, mount the sd card and retrieve all the information that was on there.
cmstlist said:
It is entirely possible to plug this with a software update: Samsung/Google could issue a signed update that includes a bootloader upgrade. This has been done many times by HTC for example.
Click to expand...
Click to collapse
It's also been done by Samsung with some versions of the Galaxy S line (some of the "leaked" roms, and even one official kies push (IIRC) changed the bootloader, causing people the ability to use 3 button mode for Odin access, and causing others to lose it.
I have htc legend rooted
and my HBOOT 0.43.0001
what does it mean?and what is it s-on\s-off?
The HTC Legend, when rooted using the usual methods doesn't really have access to the System partition.
In order to have access to this, you have to have a "S-OFF" or "Security-Off" Phone.
S-on means that there is the default protection that prevents you to write to /system and /recovery partitions. If you want more information you can visit alpharev site: http://alpharev.nl
What are the benefits?
You can alter the files from the protected partitions as if they were on a sdcard for ex. No more "read only" rights, and so on.
Sent from my Legend using XDA App
Meocene said:
What are the benefits?
Click to expand...
Click to collapse
Rapier said:
You can alter the files from the protected partitions as if they were on a sdcard for ex. No more "read only" rights, and so on.
Sent from my Legend using XDA App
Click to expand...
Click to collapse
With great power, comes great responsibility. It's a great tool (I'm S-OFF, myself) but just be careful.
I understand what turning the security off enables.
But what are the benefits?
Personally, I haven't found any benefits to being S-OFF.
I've found that using the Clockwork Recovery doesn't work sometimes and it's handy to have a PC handy just in case...
With s-off you can edit files in the /system partition without the need of switching to recovery, but i don't think that it is a functionality needed by many people.
If you have s-off you can also flash a recovery, therefore you won't need anymore to use fake-flash for booting in clockworkmod.
On some rooting guides for phones like the DHD it says you need to be S-OFF to flash a custom ROM. How come we've been doing this on our S-ON Legends? I don't understand how being S-OFF is any different than S-ON for a Legend user?
I've probably got the wrong end of the stick here...
EDIT: Something to do with ROMs having to be signed by HTC, but none of the custom roms for Legend have to be used on an S-OFF phone despite not being signed by HTC?
S-OFF unlocks the bootloader, you can install basically anything on any partition on the phone. This lets us install a custom recovery in the recovery partition. It also allows to boot custom kernels without flashing them (I believe)
Rooting with S-ON just allows you to boot a custom ROM with root access and no read/write capabilities in the /system partition (unless you have aufs)
S-OFF unlocks the bootloader, you can install basically anything on any partition on the phone. This lets us install a custom recovery in the recovery partition. It also allows to boot custom kernels without flashing them (I believe)
Rooting with S-ON just allows you to boot a custom ROM with root access and no read/write capabilities in the /system partition (unless you have aufs)
Click to expand...
Click to collapse
You can flash custom Kernels without being S-OFF. Done it myself many, many times. You don't need to be S-OFF to flash kernels.
S-ON as you said, gives read/write access to the /system partition while the phone is running. Unless you're looking at theming the phone yourself, or you want to access the /system and /recovery partitions it's not really required.
As I mentioned previously, I can get into recovery via Clockwork, but it's spotty, and I don't really like the idea of flashing a new ROM if I'm not near a PC that can drop me into Recovery. Rambo, I am not!
S-on means that there is the default protection that prevents you to write to /system and /recovery partitions. If you want more information you can visit alpharev site: http://alpharev.nl
Click to expand...
Click to collapse
Hats off to entropicamente for posting the above - it's THE best place to go. I would warn that if you're a Bell Legend user, the download there will not work. There's a download on this forum for the .iso to S-OFF your phone.
Ultimately, with the number of "What benefits does this give me?" questions, it should probably be avoided for now.
entropicamente said:
With s-off you can edit files in the /system partition without the need of switching to recovery, but i don't think that it is a functionality needed by many people.
If you have s-off you can also flash a recovery, therefore you won't need anymore to use fake-flash for booting in clockworkmod.
Click to expand...
Click to collapse
probably wrong, but i don't think i am using fake flash...
my legend's s-on, but to get to clockworkmod i just boot in through rom manager...
(guessing someone's about to tell me that that is fake flash...)
EDIT: missed marclh1992's post.
so in other words i'd be able to replace the stock htc recovery (accessed holding back+power) with clockworkmod, for example?
Yes, you can install clockwork mod into your recovery partition if you are S-OFF.
Sent from my S-OFF Bell Canada HTC Legend.
would I flash the CWM recovery image with fastboot? Where can I find the .img. I can only find the CWM recovery as a zip
joggerman said:
would I flash the CWM recovery image with fastboot? Where can I find the .img. I can only find the CWM recovery as a zip
Click to expand...
Click to collapse
Look in the development section. There is a thread called "Recovery 3" .. there you will find the .img file..
Sent from my Legend using XDA App
many thanks
is this why the busybox installer from the market cant do its work on installing busybox? i'm s-on tho....
does having superuser mean you phone is S-OFF ?
vip333 said:
does having superuser mean you phone is S-OFF ?
Click to expand...
Click to collapse
No, superuser just lets you "log in" to the root user account. S-OFF allows you to write to any part of the phone essentially. Among other things.
Rooted with the "check this out even if" thread. Worked fine, found out that gfree doesn't root, but that visionary is what actually roots you when using it for teh second time after gfree turns radio security off. (had su denied in terminal a few times after gfree until I ran visionary and rebooted twice- it finally took)
So a big thanks to everyone.
The question is- at the end of the above thread, it says 0.85 bootloader is not necessary to flash a rom (i'm on royal ginger now so i know that), but that it would help avoid bricks in the future. Meanwhile, on the CM wiki for MT4G, it goes thru the abd rooting method, and it says that bootloader is not recommended.
Now, which is it? I don't want one of these
http://forum.xda-developers.com/showthread.php?t=1028615
where I read that there's people who flash one rom a single time like royalginger 1.6, then want to goto CM7.02 or vice versa, and that's all it takes to get in some boot loop. Now it might be that they're not wiping everything they should wipe, or wipe once instead of twice (which shouldnt be necessary), but it still makes you wonder.
Should I flash the 085 bootloader? Running fine on RG1.6, but may try CM 7.02 or RG2.0 when it's out of testing...
Thanks
acsi007 said:
The question is- at the end of the above thread, it says 0.85 bootloader is not necessary to flash a rom (i'm on royal ginger now so i know that), but that it would help avoid bricks in the future. Meanwhile, on the CM wiki for MT4G, it goes thru the abd rooting method, and it says that bootloader is not recommended
Click to expand...
Click to collapse
The engineering bootloader is not required, but some of us do recommend it. IF you should have something go south you can flash recovery images, sections of the ROM, erase sections of the ROM, clear stuff. It helps if you should run into a problem. Their have been a few threads that people would of bricked their devices if they didn't have it.
The final choice is up to you. But if it were my phone i'd do it. If you are worried about the code you have to punch in to unlock it, just double and triple check it.
hmm... what is it specifically that i cant do if i don't flash the engineering bootloader?
my partial answer to my own question is that i cant use fastboot commands thru adb, right? but i dont fully know what the heck fastboot is anyway.
also, what about the pdimg15 thing? is that not possible to flash back to stock with pdimg15 if i dont have the 085 bootloader?
anything else i cant do without H085?
acsi007 said:
hmm... what is it specifically that i cant do if i don't flash the engineering bootloader?
Click to expand...
Click to collapse
You cannot flash specific sections of the ROM if something should go south. You cannot flash recovery images via the HBoot, and you cannot flash splash images.
acsi007 said:
my partial answer to my own question is that i cant use fastboot commands thru adb, right? but i dont fully know what the heck fastboot is anyway.
Click to expand...
Click to collapse
fastboot = hBoot = Engineering Screen.
Basically it what allows you to flash items via the Engineering screen. You cannot mount sections of the ROMs, nor can you clear stuff out if you should so choose.
acsi007 said:
also, what about the pdimg15 thing? is that not possible to flash back to stock with pdimg15 if i dont have the 085 bootloader?
Click to expand...
Click to collapse
You can flash the PD15IMG via either recovery image. but it appears that if you use the 3.0.0.5, 3.0.0.6, or the 3.0.2.4 recovery image while trying to flash the PD15IMG (via the HBoot) it will brick your device. So that is not always a fail safe method.
basically the .85 HBoot a BIG tool to help you not brick your device.
thanks so far.. ok, im getting convinced. here's my reference for an eventuality where i'd need to rescue myself from some boot loop and reflash stock
http://forum.xda-developers.com/showthread.php?t=924923
so, in continuing to try to understand recoveries and boot screens here, i saw that after step three in the above thread, it says
"Some times at the end it will boot into fastboot rather then hboot. If this happens just scroll to bootloader and boot into it."
but then you wrote "fastboot = hBoot = Engineering Screen."
so why does the guide say "rather"? (indcating "does not equal")
second, you wrote
"You can flash the PD15IMG via either recovery image. but it appears that if you use the 3.0.0.5, 3.0.0.6, or the 3.0.2.4 recovery image while trying to flash the PD15IMG (via the HBoot) it will brick your device. So that is not always a fail safe method."
"either recovery image" -- you're referring to Clockwork Mod recovery and hboot?
And if you've seen that 3005 - 3024 may brick a PD15IMG flash, then what-- you dont go through Clockwork mod screen at all, you boot into hboot instead?
thanks for slogging thru this so i can get to my "aha!" moment....
acsi007 said:
thanks so far.. ok, im getting convinced. here's my reference for an eventuality where i'd need to rescue myself from some boot loop and reflash stock
http://forum.xda-developers.com/showthread.php?t=924923
so, in continuing to try to understand recoveries and boot screens here, i saw that after step three in the above thread, it says
"Some times at the end it will boot into fastboot rather then hboot. If this happens just scroll to bootloader and boot into it."
but then you wrote "fastboot = hBoot = Engineering Screen."
so why does the guide say "rather"? (indcating "does not equal")
Click to expand...
Click to collapse
when we are talking about booting into Recovery, or the Engineering screen. Fastboot, hBoot, and Engineering screen are all pretty much one in the same. Just like some people call softdrinks, "pop", "soda", or "coke". It's terminology. the reason for the "Some times at the end it will boot into fastboot rather then hboot. If this happens just scroll to bootloader and boot into it." Is even though are in a "bootloader" screen the phone must pick up and recognize that you want to use fastboot. so sometimes, not typical though, you must select the "fastboot option".
acsi007 said:
second, you wrote
"You can flash the PD15IMG via either recovery image. but it appears that if you use the 3.0.0.5, 3.0.0.6, or the 3.0.2.4 recovery image while trying to flash the PD15IMG (via the HBoot) it will brick your device. So that is not always a fail safe method."
"either recovery image" -- you're referring to Clockwork Mod recovery and hboot?
Click to expand...
Click to collapse
Correct there have been several threads popping up that are pointing to people have bricked their devices by flashing the PD15IMG in the Engineering screen but they are using the wrong recovery image. It always said something to the degree of "fail -PU". One guy was able to fix his by flashing the 2.5 recovery image from the Engineering screen then flashing the PD15IMG.
acsi007 said:
And if you've seen that 3005 - 3024 may brick a PD15IMG flash, then what-- you dont go through Clockwork mod screen at all, you boot into hboot instead?
thanks for slogging thru this so i can get to my "aha!" moment....
Click to expand...
Click to collapse
Yes to flash the PD15IMG you need to be in the Engineering Screen. but from reading that other thread you need the 2.5 recovery image to do it.
neidlinger said:
Yes to flash the PD15IMG you need to be in the Engineering Screen. but from reading that other thread you need the 2.5 recovery image to do it.
Click to expand...
Click to collapse
Wow- so I have to get rid of 3024 and flash cwm2545 (or whatever that exact number is) to use the pd15img that's so important to regaining control over a hypothetical borked flash?
acsi007 said:
Wow- so I have to get rid of 3024 and flash cwm2545 (or whatever that exact number is) to use the pd15img that's so important to regaining control over a hypothetical borked flash?
Click to expand...
Click to collapse
i think we are on two different wave lengths.
one of the first Clockwork recoverys that came out where for 2.2 style ROMs, where store information in an EXT3 format. When Google released 2.3 we needed a new recovery image to flash the EXT4 design that the 2.3 ROMs bring. 3.0.0.5 will only handle 2.2 ROMs 3.0.0.6 and 3.0.2.4 will do both.
The problem lies in the fact that EXT3 and EXT4 ROMs store and handle information differently.
using the recovery image while trying to load the PD15IMG will cause the load to fail.
Now if you have the engineering screen loaded you can manually load the 2.5.1.4 recovery image via the Engineering screen then flash the PD15IMG and all should be good.
But this is only if you need to revert back to 100% stock.
we're not on 2 wavelengths, i'm just talking like an inebriated baby on no sleep!
thanks for the patience you display toward everyone, all the while having a guide which spells all this stuff out...
so the file system rules, and since 2.3's obvious big upgrade was the F/S, it borked previous recoveries.
so i'm on CWM3024, the latest, which i installed via rommanager, and it flashed it, and i nandroid backed up.
so im set for ext3 and ext4 incl pd15img, (which is ext3). right?
also, flashing pd15img- that reverts the bootloader from 085 to 086 again?
Um...neidlinger, fastboot and hboot are two totally different things. Keep in mind, I am not picking on you...
Appreciate your enthusiasm, but you are wrong a lot.
kmdub said:
Um...neidlinger, fastboot and hboot are two totally different things. Keep in mind, I am not picking on you...
Appreciate your enthusiasm, but you are wrong a lot.
Click to expand...
Click to collapse
then i'm out....
Didn't see this in General so thought it would be worth adding, especially since there have been many threads lately with new users wanting to root their phone and then getting scared of the guides.
Now there is also the option to go the official way to unlock the bootloader.
http://htcdev.com/bootloader/
noob here with a question... rooting is the same as unlocked bootloader??
coldsun15 said:
noob here with a question... rooting is the same as unlocked bootloader??
Click to expand...
Click to collapse
Not quite. It can probably explained more accurately but the gist of it is this:
An unlocked bootloader is what allows you to flash custom roms to your phone.
Root access simply grants you the rights to mess with your phones rom whichever way you want.
thomas_wlc said:
Not quite. It can probably explained more accurately but the gist of it is this:
An unlocked bootloader is what allows you to flash custom roms to your phone.
Root access simply grants you the rights to mess with your phones rom whichever way you want.
Click to expand...
Click to collapse
so, basically whats this means is, now i dont need to root and s-off and stuff to be able to put CM7 (for example)?
coldsun15 said:
so, basically whats this means is, now i dont need to root and s-off and stuff to be able to put CM7 (for example)?
Click to expand...
Click to collapse
I thinks that's pretty much it, once you have unlocked your bootloader you'll be able to flash any custom rom you like. Though it'll probably a bit tricky on the first go since you don't have a custom recovery yet, so I believe you'd have to flash some pc10img.
Still it's commonly to believed to be the better choice to stick with the more exhausting solutions posted around here, since HTC will register your phone if you use their tool. At least for the time being they claim that by using their way, your warranty will be void.
I've unlocked my desire z through the htcdev.com website.
Bootloader is unlocked, S-on..
But I can't get a rom installed, it gave me an error while trying to update from the recovery mode (apply update zip) using a stock rom with root.
Akward..
So now I've unlocked my bootloader, but still can't change my rom..
Anyone know how to do it after you've unlocked the bootloader?
flash custom recovery first, from there flash the rom
if you're s-on, bootloader is still locked....
artov said:
flash custom recovery first, from there flash the rom
Click to expand...
Click to collapse
I'm working on it
Gaining temp root using this guide worked.
http://forum.xda-developers.com/showthread.php?t=1178912
But when I press start clockwordmod, it says that my phone is not rooted..
While I press "flashcockwork" clockword mod recovery, I get an error.
än error occurred while attempting to run privileged commands!
I'm doing something wrong..
pretty annoying
I get unlock my bootloader today, and YES there is S-ON, but on the top is written in hboot menu big letters UNLOCKED (How you thinks, htcdev joke?).
I've installed clockworkmod using fastboot:
Code:
fastboot flash recovery clockwork_mod_for_vision.img
Then put off battery and turn on phone with volume down + power, I pressed 'recovery' menu option. Clockworkmod runs correctly. Then tried last stable CyanogenMod 7.1.0, flash was done without errors, I wiped out what's need (cache, data). Next I tried run phone, but freezes at splash (green htc letters on white background).
I tried also miui mod, but Ive got only MIUI splash screen nothing else.
Then I restored my htc from backup (done before flashing using clockworkmod) and Im still on the stock htc android 2.3.3.
Regards,
Mariusz
p.s Sorry for my poor english.
how can I install CM7 or other roms after unlocking the bootloader
Hi,
I also unlocked using the official method of unlocking the bootloader. How can I get root and install CM7 now? Even to install clockwordmod its asking me root the phone.
Can someone help me out here?
Thanks...
RSK
rskainth82 said:
Hi,
I also unlocked using the official method of unlocking the bootloader. How can I get root and install CM7 now? Even to install clockwordmod its asking me root the phone.
Can someone help me out here?
Thanks...
RSK
Click to expand...
Click to collapse
1. boot to fastboot mode, flash a custom recovery (recommand ClockWorkMod), power down the phone.
2. put your downloaded update_cm7.xxx.zip into sdcard, boot phone into recovery
3. choose in the recovery, first "wipe data", then "install update from sdcard", choose the zip file you just put in.
4. choose "reboot system"
that's all to go.
pentie said:
1. boot to fastboot mode, flash a custom recovery (recommand ClockWorkMod), power down the phone.
2. put your downloaded update_cm7.xxx.zip into sdcard, boot phone into recovery
3. choose in the recovery, first "wipe data", then "install update from sdcard", choose the zip file you just put in.
4. choose "reboot system"
that's all to go.
Click to expand...
Click to collapse
I did it, but CM7 doesnt boot.
rskainth82 said:
Hi,
I also unlocked using the official method of unlocking the bootloader. How can I get root and install CM7 now? Even to install clockwordmod its asking me root the phone.
Can someone help me out here?
Thanks...
RSK
Click to expand...
Click to collapse
flak999 said:
I did it, but CM7 doesnt boot.
Click to expand...
Click to collapse
Booting problem is mostly kernel related, do you have logcat output? (run "adb logcat" and boot the phone)
I encountered with the situation (w. another phone) that the recovery can't flush the boot partition during the recovery installation, I have to extract the boot.img file from the zip and flash it manually in the fastboot mode (fastboot flash boot boot.img)
EDIT:
That was a EVO3D with UNLOCKED HBOOT, I believe you're having the same situation, try my method or may others make out a better perfect solution ? (not my own phone, I just helped with its owner, no time to dig the details)
pentie said:
I encountered with the situation (w. another phone) that the recovery can't flush the boot partition during the recovery installation, I have to extract the boot.img file from the zip and flash it manually in the fastboot mode (fastboot flash boot boot.img)
EDIT:
That was a EVO3D with UNLOCKED HBOOT, I believe you're having the same situation, try my method or may others make out a better perfect solution ? (not my own phone, I just helped with its owner, no time to dig the details)
Click to expand...
Click to collapse
Thanks men thats worked for me. First flash the boot.img from CM7.0.1 then run recovery and run update_cm7.0.1.zip. After reboot everything run corectly.
Once more thanks!
flak999 said:
Thanks men thats worked for me. First flash the boot.img from CM7.0.1 then run recovery and run update_cm7.0.1.zip. After reboot everything run corectly.
Once more thanks!
Click to expand...
Click to collapse
now I confirmed the UNBLOCKED HBOOT somehow blocks the CWM to flash boot.img
My Phone have a S-OFF HBOOT and i was considering flash it to the UNLOCK the last night, now it seems not worth the try ~
pentie said:
I encountered with the situation (w. another phone) that the recovery can't flush the boot partition during the recovery installation, I have to extract the boot.img file from the zip and flash it manually in the fastboot mode (fastboot flash boot boot.img)
Click to expand...
Click to collapse
My friend has an officially unlocked Desire Z as well and I gave him these instructions to try it out, he has the same boot problem (stuck at splash screen). Maybe this information should either be stickied or added to a faq until there is a real solution to the problem (unlike this workaround), updated cwm or something like that.
Anyway thanks for sharing this information.
HTC bootloader unlock tool is quite restrictive. It still leaves you S-ON, so you won't be able to flash a new hboot or radios.
I recommend avoiding it and using the current well-proven methods from the XDA Wiki.
Sent from my Desire Z running CM7.
Its working now...
Steps I followed:
1. flash recovery using fastboot
2. Do a nandroid backup using recovery
3. flash boot.img using fastboot
4. reboot into recovery
5. wipe data/cache
5. install update for CM7, and gapps
Also make sure before doing any of these steps you have copied CM7 and gapps update onto sdcard.
Thanks everyone for helping out.
I am experimenting with this myself and I don't seem to be having the same issues flashing a boot.img from an update.zip in ClockworkMod recovery with the official HTC unlocked bootloader that others are having. Maybe it is the version of the recovery that is the issue? Which version is everyone trying to use? I am using the 3.xxxx version that is linked from the wiki. I have had other problems with the 5.xxx version and tend to stick with the older version for that reason anyways.
1. Unlocking bootloader via htcdev.com (selecting All Other Supported Models)
2. Flashing recovery via fastboot (./fastboot flash recovery cwm-4.0.1.4-supersonic.img)
3. Reboot recovery and flash latest su.
4. Profit.
PROOF:
Code:
[email protected] ~/evo_s-off $ ./fastboot oem get_identifier_token
< waiting for device >
... INFO
INFO< Please cut following message >
INFO<<<< Identifier Token Start >>>>
===========bla-bla-bla=============
---checking my e-mail for Unlock_code.bin---
[email protected] ~/evo_s-off $ ./fastboot flash unlocktoken Unlock_code.bin
sending 'unlocktoken' (0 KB)... OKAY
writing 'unlocktoken'... INFOunlock token check successfully
OKAY
[email protected] ~/evo_s-off $ ./fastboot flash recovery cwm-4.0.1.4-supersonic.img
sending 'recovery' (3074 KB)... OKAY
writing 'recovery'... OKAY
this is very strange. nobody interested in unlocking bootloader?
there is no official info, but works fine for me.
I'm one of the ones on the newest ota. This helps out a lot, thank you
I already have root, but I am rooting someone else's phone that has new hboot. Thanks!
Sent from my PC36100 using Tapatalk
people with unlocked bootloaders please leave comments here.
Total noob mistake.
OK i ended up updating my evo to the new 4.67.651.3 update. big mistake
I ended up stumbling across this post. (thx wardriva)
I was able to unlock the bootloader and use the ADB method mentioned in this thread to flash recovery.
after looking around I came across brad560's thread and flashed the deodex'ed rom with no problems.
so far everything is working. I also kept looking around and came across the Collection Project (thx Tommytomatoe) and flashed the hot spot hack by SOS. so far its working.
still looking to see if someone has found a workaround with the S-OFF or if revolutionary will support it.
Thx to all the DEV's.
wardriva said:
this is very strange. nobody interested in unlocking bootloader?
Click to expand...
Click to collapse
It's not that, it's the rooted version and stock de-odex/odex are already on the forum. Just waiting for the full rls of the RUU, rule of thumb from a great one(haus) "never update OVER THE AIR"(OTA)
coldroy said:
still looking to see if someone has found a workaround with the S-OFF or if revolutionary will support it.
Click to expand...
Click to collapse
you don't need S-OFF with unlocked bootloader. you can flash any rom you want with any kernel you wish. i just checked.
Tekn010933 said:
It's not that, it's the rooted version and stock de-odex/odex are already on the forum. Just waiting for the full rls of the RUU, rule of thumb from a great one(haus) "never update OVER THE AIR"(OTA)
Click to expand...
Click to collapse
what are you talking about? the latest OTA let us unlock bootloader.
wardriva said:
what are you talking about? the latest OTA let us unlock bootloader.
Click to expand...
Click to collapse
my fault, apologies reading to fast and totally thinking rooting instead unlocking??lol!
hmmm. From the little bit I had read on Evo 3d forum, I thought that even with unlocked bootloader, s-on means no flashing of kernels? Or maybe it's different on 3d cuz it uses EMMC ? Does a custom kernel remain after reboot?
Would love clarification from anyone who knows better than I. Thanks.
Also, this comes just in time for evos EOL status lol. Coincidence ?
Sent from my PC36100 using xda premium
Can you still write to the system or uninstall bloatware with the unlocked bootloader (which is still S-ON)?
To answer some people's questions unlocking with the HTC tool allows you to write to boot(kernel), recovery, and system. This means you can flash custom recovery and ROMs to your hearts content. You will still require official HTC signed updates to change: bootloader, radio, nv, pri, wimax, etc because technically you are still S-ON.
Here is the FAQ from HTC on unlocking the bootloader: http://htcdev.com/bootloader/faq
Why is my security still on (S-On) after I have unlocked my bootloader?
Your device is shipped with Security on (S-ON) to protect your system software configuration (such as the bootloader, radio, boot, recovery, system and others). After you have unlocked the bootloader, however, you will have lifted the restrictions on boot, recovery and system. This means you can customize boot, recovery and system images on your phone as you desire. You can easily see that you have successfully unlocked the bootloader by looking at the top of the screen when entering the bootloader screen. Security is left on to protect things like the radio, and SIM lock.
Click to expand...
Click to collapse
shortydoggg said:
Can you still write to the system or uninstall bloatware with the unlocked bootloader (which is still S-ON)?
Click to expand...
Click to collapse
Just curious about the new bootloader, because based on past bootloaders I've had,
If you are rooted, but still S-ON, you can delete any bloatware (system apps) that you want, but after rebooting the phone it all returns. Why, because there is a backup of how your partitions were on the phone that cannot all be flashed unless you are S-OFF. When you're S-ON, any changes you made to the original partitions, (especially recovery and system if system is done inside the operating system) will be voided the next time you reboot the phone. That is also why you would need to connect your phone to your computer every time you needed to flash a custom ROM (if this is still the case with the new bootloader), because the backup (stock Recovery) is always restored on reboot.
You can change the system partition outside of the operating system by recovery, however; which is the reason why you can still flash custom ROMs (if the new bootloader behaves the same as the older ones).
I'm just curious if anyone with the new (unlocked) bootloader with S-ON can confirm this.
shortydoggg said:
Just curious about the new bootloader, because based on past bootloaders I've had,
If you are rooted, but still S-ON, you can delete any bloatware (system apps) that you want, but after rebooting the phone it all returns. Why, because there is a backup of how your partitions were on the phone that cannot all be flashed unless you are S-OFF. When you're S-ON, any changes you made to the original partitions, (especially recovery and system if system is done inside the operating system) will be voided the next time you reboot the phone. That is also why you would need to connect your phone to your computer every time you needed to flash a custom ROM (if this is still the case with the new bootloader), because the backup (stock Recovery) is always restored on reboot.
You can change the system partition outside of the operating system by recovery, however; which is the reason why you can still flash custom ROMs (if the new bootloader behaves the same as the older ones).
I'm just curious if anyone with the new (unlocked) bootloader with S-ON can confirm this.
Click to expand...
Click to collapse
S-ON + Locked means that all partitions(other than data / sdcard) are write protected. The only way to write to the partitions is with an official OTA or RUU signed by HTC. The reason why "deleted" items return after reboot is because the deletion never actually occurred on the partition itself. It was temporary because the write was blocked by the security.
S-ON + Unlocked means that HTC removed the write protection from: boot, recovery, and system.
For HTC's official FAQ see my post immediately before yours.
illogos said:
To answer some people's questions unlocking with the HTC tool allows you to write to boot(kernel), recovery, and system. This means you can flash custom recovery and ROMs to your hearts content. You will still require official HTC signed updates to change: bootloader, radio, nv, pri, wimax, etc because technically you are still S-ON.
Here is the FAQ from HTC on unlocking the bootloader: http://htcdev.com/bootloader/faq
Click to expand...
Click to collapse
Or get a stock(4.67-Android 2.3.5) ROM that has -Signature Verification disabled which will allow you to update the radios and such.
Is how it use to be done
.Elite_The_King. said:
Or get a stock(4.67-Android 2.3.5) ROM that has -Signature Verification disabled which will allow you to update the radios and such.
Is how it use to be done
Click to expand...
Click to collapse
thanks Cap. but I was not rooted before OTA. and after OTA there is no other way to root or flash custom ROM.
WIP Guide for achieving S-OFF after unlocking Bootloader with HTCDev.com
[GUIDE][WIP] How to achieve S-OFF after unlocking 2.18 HBOOT with HTCDev.com - No More Watermark! )
Still working on the details, but a shell of the instructions is there .
Tekn010933 said:
It's not that, it's the rooted version and stock de-odex/odex are already on the forum. Just waiting for the full rls of the RUU, rule of thumb from a great one(haus) "never update OVER THE AIR"(OTA)
Click to expand...
Click to collapse
DISCLAIMER: I'm a noob in this root world.....and enjoying the freedom to use my phone as I choose.
With that said, if you do not recommend updating OTA, then how would a person do such? I'm asking for my friends who are run stock on their phones.