Related
This has been in progress for a while. If you follow the G2 forums, then you'll know that there have been big problems with G2 phones that have been unlocked via unlock codes, with those unlocked phones then not being able to find a network at all.
It looks like the guys on #G2ROOT have cracked S-OFF for radio. This is *not* the same as the current S-OFF that we have from HBOOT. Apparently it should help to prevent semi-bricking via incorrect flashing of older ROMs.
The article in the Wiki explains all. Documentation about the procedures should be coming soon. We will of course have to make sure it's fine on the DZ too :
http://forum.xda-developers.com/wik...Subsidy_Unlock.2C_SuperCID.2C_and_Radio_S-OFF
nice gives all those "bricked" g2's hope
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
DanWilson said:
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
Click to expand...
Click to collapse
I imagine it'll still be possible to reverse it. From a scan of the IRC logs (though of course I might have missed important stuff), it looks like you just need to write the correct data to the right area of a partition to get the radio S-OFF. So surely you can un-do that by writing the previous data ?
Documentation on this is now up, see http://forum.xda-developers.com/showthread.php?t=855764
Bear in mind that the instructions are for the G2 right now, so if you try this out on a DZ there's a high chance of a permanent brick ! But hopefully someone will sort out a verified method for the DZ soon
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Lennyuk said:
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Click to expand...
Click to collapse
But when an easier way to do it comes along (which is being worked on, I believe), a full S-OFF will be a lot safer, because then it won't be so easy to brick your phone by simply flashing an old RUU.
steviewevie said:
But when an easier way to do it comes along (which is being worked on, I believe), a full S-OFF will be a lot safer, because then it won't be so easy to brick your phone by simply flashing an old RUU.
Click to expand...
Click to collapse
people should not be flashing an old RUU anyway!
anyone who is silly enough to do that gets a brick for a reason.
Always either flash the latest ruu, or restore a nandroid of stock and flash an ota it offers, these are the safest ways.
You will get more bricks from people doing radio s-off than the s-off + ruu method gives.
Lennyuk said:
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Click to expand...
Click to collapse
You're an ass-talker. You talk through your ass, blow hot air, and have no idea what you're talking about.
1) it is SAFER,
2) it is EASIER to come back from,
3) it is SAFER.
Why is it safer? Because it does NOT require writing the hboot or radio! You can blow p7 out and android will still boot, which means that you have the opportunity to fix it if something goes wrong.
A bad flash of the radio or hboot and you're dead.
For those who might not have seen it yet, there's now a fully documented procedure on how to do this to your DZ (and yes, it's been tested on the DZ too).
As has been said, this is a safer method to get S-OFF (letting you flash custom ROMs) than the previous method of putting on an engineering hboot.
See http://forum.xda-developers.com/showthread.php?t=857390
DanWilson said:
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
Click to expand...
Click to collapse
all i do for warrenty with modded phones is feed 12-20 volts ( from a wall adapter) into the battery contacts and tost the main board and bring it back as dead they send me a new one no questions asked cause the phone is dead...even did this with a htc ppc6800 that i smashed the screen in and thay warrenteyed it no prob....this is on bell in canada....
666
I was following your discussion on bricking because of flashing ruus but for some reason it doesn't apply to me. I had an Asian WWE 1.34.707.5 (shipped with my phone) then I flashed it with Asian WWE 1.34.707.3 RUU and it didn't brick my phone.
My sister-in-law got a Bell Desire Z and she may want my assistance with rooting and S-OFF.
I see that the key instruction to install ENG HBOOT is:
dd if=/sdcard/hbooteng.img of=/dev/block/mmcblk0p18
I'm guessing, then, if I wanted to back up the stock HBOOT first, I could do the following?
dd if=/dev/block/mmcblk0p18 of=/sdcard/hbootstock.img
And then if we later needed to restore stock HBOOT from the backup:
dd if=/sdcard/hbootstock.img of=/dev/block/mmcblk0p18
Did I get the syntax right? I wouldn't want to brick her phone
Yes, thats the way to do it. I also backed up all other 30 partitions just in case
Not sure about the restore though. I mean: It's the right commands and everything, but I'm not sure if it will work. Don't see why not though.
dicer42 said:
Yes, thats the way to do it. I also backed up all other 30 partitions just in case
Not sure about the restore though. I mean: It's the right commands and everything, but I'm not sure if it will work. Don't see why not though.
Click to expand...
Click to collapse
Actually now that I've read about nightmarish situations where G2 owners tried to flash back using PC10IMG.zip after perm root and S-OFF, but the first thing it did was replace stock HBOOT, which subsequently locked them out of the rest of the phone. Yikes. I guess you really have to know what you're doing!
cmstlist said:
Actually now that I've read about nightmarish situations where G2 owners tried to flash back using PC10IMG.zip after perm root and S-OFF, but the first thing it did was replace stock HBOOT, which subsequently locked them out of the rest of the phone. Yikes. I guess you really have to know what you're doing!
Click to expand...
Click to collapse
That problem will happen ONLY in the case you are flashing a PC10img.zip different from your original version, or if you are flashing an older version...
That will not happen if you get pc10img.zip from your accurate current version or a newer firmware version
Ok I got my G2 when it first came out. Used the old rage method to get S-OFF and perma root. Now i'm reading people say that they have "real" S-OFF and real permaroot. Do I have to do the "gfree" method now or is my phone good as it is?
I understand that with gfree you can unlock your SIM and you can switch between S-OFF and S-ON.. I'd like to have those functions. How should I go about it? Do I do a factory reset to go back to stock and unroot and then use gfree method or is there a simpler way to do it?
Here's what I have right now:
Stock rom, I NEVER installed any OTA's.
I have Baconbits.
My baseband is: 12.22.60.09bU_26.02.01.15_M2
Kernel: 2.6.32.21-cyanogenmod [email protected]#1
Build #: 1.19.531.1 CL255798 release-keys
Thanks for all the help.
Since you have root and a stock rom installed, just run gfree -- that is ALL you need to do. The advantage, aside from unlocking the radio, is that with the proper s-off, there is some new security for the radio... for unbricking and for being able to withstand accidental OTA updates. A true radio s-off can take an OTA update containing BOTH an SPL and a Radio, and yet s-off remains.
dhkr234 said:
Since you have root and a stock rom installed, just run gfree -- that is ALL you need to do. The advantage, aside from unlocking the radio, is that with the proper s-off, there is some new security for the radio... for unbricking and for being able to withstand accidental OTA updates. A true radio s-off can take an OTA update containing BOTH an SPL and a Radio, and yet s-off remains.
Click to expand...
Click to collapse
I'm in the same boat as the OP. How do i go about just running gfree?
sent from my V I S I O N.
Well I'm rooted with the old method as well but because I I cant flash cwm 3.x with the gree method. You need the eng hboot so ill stick with the old method until clockwork makes it work with the gfree method.
Sent from my gSpot2
PatrickHuey said:
I'm in the same boat as the OP. How do i go about just running gfree?
sent from my V I S I O N.
Click to expand...
Click to collapse
See the Wiki for details. Assuming you are running a kernel where gfree works (again, see the Wiki on this), you just need a root shell on your phone, copy gfree to your phone (e.g. via adb push), then run gfree with the appropriate options, e.g. "./gfree -f".
Sent from my HTC Desire Z
elracing21 said:
Well I'm rooted with the old method as well but because I I cant flash cwm 3.x with the gree method. You need the eng hboot so ill stick with the old method until clockwork makes it work with the gfree method.
Sent from my gSpot2
Click to expand...
Click to collapse
Using gfree does not get rid of the engineering hboot (or modify your existing hboot in anyway), so it's safe to do. And even if this was not the case, you can still flash the CWM3 recovery without the engineering hboot, only you'll have to use a different method than fastboot.
dhkr234 said:
Since you have root and a stock rom installed, just run gfree -- that is ALL you need to do. The advantage, aside from unlocking the radio, is that with the proper s-off, there is some new security for the radio... for unbricking and for being able to withstand accidental OTA updates. A true radio s-off can take an OTA update containing BOTH an SPL and a Radio, and yet s-off remains.
Click to expand...
Click to collapse
thanks for responding. so this will work even though i dont have a stock kernel?
also, as far as OTA's go, you mean that if after i run gfree i will be able to apply the OTA without it unrooting my phone?
thank you
konoplya said:
thanks for responding. so this will work even though i dont have a stock kernel?
also, as far as OTA's go, you mean that if after i run gfree i will be able to apply the OTA without it unrooting my phone?
Click to expand...
Click to collapse
Not sure about Baconbits, check the Wiki for the list of kernels that are known not to work with gfree.
If you apply the OTA after unlocking with gfree, you will still lose root but you won't lose the S-OFF and other stuff from gfree.
Sent from my HTC Desire Z
steviewevie said:
Not sure about Baconbits, check the Wiki for the list of kernels that are known not to work with gfree.
If you apply the OTA after unlocking with gfree, you will still lose root but you won't lose the S-OFF and other stuff from gfree.
Sent from my HTC Desire Z
Click to expand...
Click to collapse
ok, i see. so if i loose root would i just have to run gfree again after I install OTA to gain root back?
konoplya said:
ok, i see. so if i loose root would i just have to run gfree again after I install OTA to gain root back?
Click to expand...
Click to collapse
Not just gfree on its own, but you will need to go through the steps of getting temp root then perm root, which does use gfree as part of it. It's all in the Wiki.
konoplya said:
ok, i see. so if i loose root would i just have to run gfree again after I install OTA to gain root back?
Click to expand...
Click to collapse
gfree does NOT root your phone. It UNLOCKS RADIO SECURITY -- permanently. You only run it ONCE, you NEVER have to run it again... EVER.
With UNLOCKED RADIO SECURITY, gaining root is TRIVIAL.
What gets root is RAGE or PSNEUTER.
dhkr234 said:
gfree does NOT root your phone. It UNLOCKS RADIO SECURITY -- permanently. You only run it ONCE, you NEVER have to run it again... EVER.
With UNLOCKED RADIO SECURITY, gaining root is TRIVIAL.
What gets root is RAGE or PSNEUTER.
Click to expand...
Click to collapse
Yeah but gfree is often used as part of the rooting process, so I can see why people associate gfree with rooting.
gfree might be run more than once on a phone as part of the process to lock in root, i.e. to defeat the NAND write protection. Even though it's only needed once to unlock the radio etc, you might run it other times if you need to root a stock ROM and updates to that ROM.
gfree can be used to unlock radio security, but it has other options too. Sorry but I think your reply might confuse more people than it helps.
x
Help me please! I tried to find my answer, but i'm not sure.
Can be possible use the update.zip without any modification? Or i need change the hboot?
Thank you!
Janaboy
I'm perm rooted! but I lost the ota update cause I was simi-brick how can I get the OTA update? do I have to to a factory reset?
You should get the OTA right away after restarting the phone, I know I did after going back to stock on just Saturday of this week. The first time I connected to the network it said an update was available and it was the OTA.
that hasnt happen and it need to hurry up!! lol
So do a Factory reset?
hiya guys, im kinda in the same boat. Just got the g2 with build 1.22.531.8 and perma rooted it with visionary/rage method. I want to get supercid, sim unlock with gfree. can someone post or direct me to instructions on how to do so? thanks for helping a noob.
aok680 said:
hiya guys, im kinda in the same boat. Just got the g2 with build 1.22.531.8 and perma rooted it with visionary/rage method. I want to get supercid, sim unlock with gfree. can someone post or direct me to instructions on how to do so? thanks for helping a noob.
Click to expand...
Click to collapse
http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Unlock_the_Phone.2C_Set_SuperCID.2C_and_Turn_Radio_S-OFF
PermROOT said:
Hello Phateless do you remember me? lol I am always on diff name so ya.
But yes PD15IMG.zip is not the golden solution to everything. It all depends on how you originally rooted your MT4G as VISIONary+ (TempROOT) and root.sh (PermROOT). In that case your S=OFF security off flag is dependent on the eng hboot which was pushed to /dev/block/mmcblk0p18 during PermROOT.
Now since its not true security off once you have newer radio. You try to run PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M) after the first update which is stock hboot you would be locked due to it changing S=ON thus on next step it will fail due to the image being older than originally on which is currently flashed which would be the radio. In this case your in a point where you shouldn't be as you can be locked out and no way to reroot. which I am working on finding. This also goes for gfree radio s=off.
If you do want to go back download PD15IMG.zip (stock radio 26.03.02.26_M) and then flash it once that is done then you can revert back to stock rom/radio using standard PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M). Keep in mind unless the new PD15IMG.zip is out you can't revert it back if your locked out due to source being outdated than current image.
Click to expand...
Click to collapse
--------------------------
Found this post here in THE Bible. Trying to understand exactly what it means.
What is he saying here?
Can someone put this into noob terms please?
THANK!!!
I am not sure how to explain it furthermore as when I posted that it was clear to everyone, but ill try to simplify.
The original stock rom that came with our device was 2.2.1S and later we had GB2.3.X port and we mostly switched. Then came the radio rom which I hope I don't need to explain what the image does. So the standard stock radio that came with our device was 26.03.02.26_M. So later on as Panache came out we had leak to other radios which user could flash, thus changing it from stock radio to leaked radio. I hope it make sense up to there.
Now keep in mind we have 2 type of root meth as one is via TempROOT/PermROOT as I explained before via VISIONary+ which just push the eng_hboot and gives the illusion of S=OFF but the true security is not off as that is only done if you do the other rooting meth which is PermaROOT which disables the radio security completely.
Now the problem few users faced was when they flashed the leaked radio and they wanted to revert back to stock rom/radio via PD15IMG.zip for our MT4G (IDD15000). The installation would fail only for folks who had root via PermROOT as they never had true S=OFF thus once the eng_hboot is replaced with stock bootloader the security is disabled thus user can't complete the second part of the process which would be flashing the radio. So only solution was that they first revert back to stock radio or wait for newer radio because the source of the image inside PD15IMG.zip was older than the radio.img that was already flashed inside user's MT4G.
I hope it explains if not well IDK how to explain any better man :O
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
At this point it wont affect you as thats obsolete due to TMoUS releasing newer stock rom/radio for our MT4G few months ago as Panache radio leak is older than the current stock rom/radio. As its GB2.3.4S which comes with the newest radio which is newer than any radio you flash. So the source of the PD15IMG.zip if you have the newest one then it will always be newer or equal to the radio.img already in device and it means in simple term it will flash the 2nd part. I hope it make sense as it should not affect anyone now. Even if it does all they have to do is run the current new PD15IMG.zip and it will fix the issue which user faced few months back.
nguyendqh said:
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
Click to expand...
Click to collapse
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
So rooted via Visionary R14 and being on Virtuous Unity (newest update)
I should be able to flash PD15IMG.zip from this link here: http://forum.xda-developers.com/showthread.php?t=863899
and have no problems yeah?
Sorry for all the questions. But yeah I'm only half to 75% following what you're saying.
I'm not advanced yet. =(
Thanks for the help again though.
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
nicholasb said:
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
Click to expand...
Click to collapse
I did not use the gfree method.
AggNA said:
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
Click to expand...
Click to collapse
Thanks for all the help bro. I really really appreciate it.
Love all the help that the XDA community provides.
this guy definitely knows what he's talking about, provided help for me in the past
I looked all over the place and cant find anything like my situation!
Ok so i called t-mobile and they are sending me a replacement because of the bad screen on my phone. All in all i used a method from CM7 to root my phone. I dont remember what method it was. I remember that i had to downgrade my phone and then root from there.
I am trying to get S-on because i already flashed the PD15IMG and it didnt give me the s-on. it just keeps saying s-off. do i have to have s-on for the excahnge? i already have the phone with the stock rom without root.
PLEASE HELP! thanks!!!!
If you used gfree you can run the script again restore S-ON if you still have the part7 backup files. If you don't have them, there is a thread around here somewhere that has the files with instructions to hex-edit your IMEI.
If you used root.sh, then you simply need to run unroot.sh
Edit: I came to the conclusion that if you looked and couldn't manage to find the gfree thread stickied at the top of the dev section that you would never find the thread about hex-editing part7backup. So here: http://forum.xda-developers.com/showthread.php?t=1195630
estallings15 said:
If you used gfree you can run the script again restore S-ON if you still have the part7 backup files. If you don't have them, there is a thread around here somewhere that has the files with instructions to hex-edit your IMEI.
If you used root.sh, then you simply need to run unroot.sh
Sent from my Glacier using XDA
Click to expand...
Click to collapse
I dont think i used gfree because i used adb and my computer to root it
http://wiki.cyanogenmod.com/wiki/HTC_Glacier:_Full_Update_Guide
THIS IS WHAT I USED!
:sigh: The last set of steps had you use ADB to push gfree to the phone. So yes, you used gfree.
Go to the dev section and look at the gfree guide stickied there. It has steps to unroot and 5000 people asking questions when they run into snags during the process. Read until your eyes bleed, then read some more.
estallings15 said:
:sigh: The last set of steps had you use ADB to push gfree to the phone. So yes, you used gfree.
Go to the dev section and look at the gfree guide stickied there. It has steps to unroot and 5000 people asking questions when they run into snags during the process. Read until your eyes bleed, then read some more.
Click to expand...
Click to collapse
thank you so much man !!!
i dont understand it! please help?
Please help
okay i have tried everything i could think of and i still cant figure this out!
the problem is that i flashed the PD15IMG via hboot and it put everything back to stock. now the problem is that S is still off and i need s-on to send it back for a replacement. i have tried re rooting the phone from the guide i posted above but i have had no success CAN ANYONE PLEASE HELP!?
i have the stock rom that is GB but without root or anything i cant even get temp root! please help me!
If your on gingerbread (2.3) you'll have to downgrade back to 2.2.1 before you can run gfree to turn
S-on.
After turning S-on reflash a stock pd15.img and you'll be back to stock.
For more info read the rooting guide in the sticky section. I think its the one by grankin01. Its the one that says check this out even if your rooted.
Sent from my Glacier using XDA