Gfree S=OFF worked great for me. I'm looking at updating my radio but want to make sure I won't lose true S=OFF. In other words, are the changes that Gfree makes to the radio image itself or to an area outside the radio image?
No. Radio S=OFF means radio security disabled thus allowing you to flash radio rom and system rom. You can flash all radios you want just make sure its not corrupted and its for our MT4G or you will hard-brick the device.
gfree S=OFF survives radio flashes
Did more looking through the gfree thread and eventually found the answer.
The original gfree poster did the experiment and it kept S=OFF. He couldn't guarantee a future radio wouldn't kill it but the devs should notice it pretty quick.
Related
This has been in progress for a while. If you follow the G2 forums, then you'll know that there have been big problems with G2 phones that have been unlocked via unlock codes, with those unlocked phones then not being able to find a network at all.
It looks like the guys on #G2ROOT have cracked S-OFF for radio. This is *not* the same as the current S-OFF that we have from HBOOT. Apparently it should help to prevent semi-bricking via incorrect flashing of older ROMs.
The article in the Wiki explains all. Documentation about the procedures should be coming soon. We will of course have to make sure it's fine on the DZ too :
http://forum.xda-developers.com/wik...Subsidy_Unlock.2C_SuperCID.2C_and_Radio_S-OFF
nice gives all those "bricked" g2's hope
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
DanWilson said:
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
Click to expand...
Click to collapse
I imagine it'll still be possible to reverse it. From a scan of the IRC logs (though of course I might have missed important stuff), it looks like you just need to write the correct data to the right area of a partition to get the radio S-OFF. So surely you can un-do that by writing the previous data ?
Documentation on this is now up, see http://forum.xda-developers.com/showthread.php?t=855764
Bear in mind that the instructions are for the G2 right now, so if you try this out on a DZ there's a high chance of a permanent brick ! But hopefully someone will sort out a verified method for the DZ soon
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Lennyuk said:
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Click to expand...
Click to collapse
But when an easier way to do it comes along (which is being worked on, I believe), a full S-OFF will be a lot safer, because then it won't be so easy to brick your phone by simply flashing an old RUU.
steviewevie said:
But when an easier way to do it comes along (which is being worked on, I believe), a full S-OFF will be a lot safer, because then it won't be so easy to brick your phone by simply flashing an old RUU.
Click to expand...
Click to collapse
people should not be flashing an old RUU anyway!
anyone who is silly enough to do that gets a brick for a reason.
Always either flash the latest ruu, or restore a nandroid of stock and flash an ota it offers, these are the safest ways.
You will get more bricks from people doing radio s-off than the s-off + ruu method gives.
Lennyuk said:
I would not advise people do this form of S-OFF unless they really need to anyway, its harder to come back from (if you did semi-brick) and holds more risks.
Click to expand...
Click to collapse
You're an ass-talker. You talk through your ass, blow hot air, and have no idea what you're talking about.
1) it is SAFER,
2) it is EASIER to come back from,
3) it is SAFER.
Why is it safer? Because it does NOT require writing the hboot or radio! You can blow p7 out and android will still boot, which means that you have the opportunity to fix it if something goes wrong.
A bad flash of the radio or hboot and you're dead.
For those who might not have seen it yet, there's now a fully documented procedure on how to do this to your DZ (and yes, it's been tested on the DZ too).
As has been said, this is a safer method to get S-OFF (letting you flash custom ROMs) than the previous method of putting on an engineering hboot.
See http://forum.xda-developers.com/showthread.php?t=857390
DanWilson said:
Radio S-OFF is permanent S-OFF?
So no more warranty? Damn.
I'll stick to the stock ROM for a while with root, then HBOOT S-OFF, but never radio S-OFF.
I like warranty. Never know when you'll need it.
Click to expand...
Click to collapse
all i do for warrenty with modded phones is feed 12-20 volts ( from a wall adapter) into the battery contacts and tost the main board and bring it back as dead they send me a new one no questions asked cause the phone is dead...even did this with a htc ppc6800 that i smashed the screen in and thay warrenteyed it no prob....this is on bell in canada....
666
I was following your discussion on bricking because of flashing ruus but for some reason it doesn't apply to me. I had an Asian WWE 1.34.707.5 (shipped with my phone) then I flashed it with Asian WWE 1.34.707.3 RUU and it didn't brick my phone.
Hi, to change dhd radio, I must root the smartphone or there is another possibilty.....thanks
Hello Mate
You need to be Eng S-Off To Access Fastboot Commands And Also Radio S-Off To Allow Installation Of A New Radio. Anyone With A Greater Knowledge Than I May Well Correct Me On This.
See these two threads in the Dev forum:
http://forum.xda-developers.com/showthread.php?t=877295
http://forum.xda-developers.com/showthread.php?t=896597
this should provide you with the information you need.
Be careful though, flashing always comes with a risk and I would recommend you browse through some of the howto's / guides in the DHD forum to understand what will / can happen.
Marshall1975 said:
Hello Mate
You need to be Eng S-Off To Access Fastboot Commands And Also Radio S-Off To Allow Installation Of A New Radio. Anyone With A Greater Knowledge Than I May Well Correct Me On This.
Click to expand...
Click to collapse
You need fastboot access to flash a radio. You need engineering hboot s-off to access fastboot.
Radio s-off is not required to flash a radio with a higher version number than your current one.
Radio s-off IS required to flash a radio image which is older than your current one.
I would highly recommend you get radio s-off as you cannot get it after you have flashed a new radio, only before. Radio s-off can be a life saver especially if you do something stupid like accept an OTA which breaks root.
I'm having trouble with getting a stable Data connection after doing the permanent root with gfree.
Now, I want to keep my sim unlock/S=Off/root, but I want to convert back to the 0.86.0000 Hboot.
Is this possible?
How can I do it?
Do custom roms require the engineering SPL?
Essenar said:
I'm having trouble with getting a stable Data connection after doing the permanent root with gfree.
Now, I want to keep my sim unlock/S=Off/root, but I want to convert back to the 0.86.0000 Hboot.
Is this possible?
How can I do it?
Do custom roms require the engineering SPL?
Click to expand...
Click to collapse
If you just do the VISIONary.apk and the root.sh script you can keep root with the Stock Engineering. Once you flash the engineering screen i do not know how to revert back. But i'm sure someone does.
PermROOT said:
Hello Phateless do you remember me? lol I am always on diff name so ya.
But yes PD15IMG.zip is not the golden solution to everything. It all depends on how you originally rooted your MT4G as VISIONary+ (TempROOT) and root.sh (PermROOT). In that case your S=OFF security off flag is dependent on the eng hboot which was pushed to /dev/block/mmcblk0p18 during PermROOT.
Now since its not true security off once you have newer radio. You try to run PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M) after the first update which is stock hboot you would be locked due to it changing S=ON thus on next step it will fail due to the image being older than originally on which is currently flashed which would be the radio. In this case your in a point where you shouldn't be as you can be locked out and no way to reroot. which I am working on finding. This also goes for gfree radio s=off.
If you do want to go back download PD15IMG.zip (stock radio 26.03.02.26_M) and then flash it once that is done then you can revert back to stock rom/radio using standard PD15IMG.zip (Sense 2.2.1 Rom/Radio 26.03.02.26_M). Keep in mind unless the new PD15IMG.zip is out you can't revert it back if your locked out due to source being outdated than current image.
Click to expand...
Click to collapse
--------------------------
Found this post here in THE Bible. Trying to understand exactly what it means.
What is he saying here?
Can someone put this into noob terms please?
THANK!!!
I am not sure how to explain it furthermore as when I posted that it was clear to everyone, but ill try to simplify.
The original stock rom that came with our device was 2.2.1S and later we had GB2.3.X port and we mostly switched. Then came the radio rom which I hope I don't need to explain what the image does. So the standard stock radio that came with our device was 26.03.02.26_M. So later on as Panache came out we had leak to other radios which user could flash, thus changing it from stock radio to leaked radio. I hope it make sense up to there.
Now keep in mind we have 2 type of root meth as one is via TempROOT/PermROOT as I explained before via VISIONary+ which just push the eng_hboot and gives the illusion of S=OFF but the true security is not off as that is only done if you do the other rooting meth which is PermaROOT which disables the radio security completely.
Now the problem few users faced was when they flashed the leaked radio and they wanted to revert back to stock rom/radio via PD15IMG.zip for our MT4G (IDD15000). The installation would fail only for folks who had root via PermROOT as they never had true S=OFF thus once the eng_hboot is replaced with stock bootloader the security is disabled thus user can't complete the second part of the process which would be flashing the radio. So only solution was that they first revert back to stock radio or wait for newer radio because the source of the image inside PD15IMG.zip was older than the radio.img that was already flashed inside user's MT4G.
I hope it explains if not well IDK how to explain any better man :O
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
At this point it wont affect you as thats obsolete due to TMoUS releasing newer stock rom/radio for our MT4G few months ago as Panache radio leak is older than the current stock rom/radio. As its GB2.3.4S which comes with the newest radio which is newer than any radio you flash. So the source of the PD15IMG.zip if you have the newest one then it will always be newer or equal to the radio.img already in device and it means in simple term it will flash the 2nd part. I hope it make sense as it should not affect anyone now. Even if it does all they have to do is run the current new PD15IMG.zip and it will fix the issue which user faced few months back.
nguyendqh said:
So if I'm understanding this all correctly, how I find out if this will affect me?
Where and what information should I provide you in order to find out if this will happen to me as well.
I'm getting ready to send my phone in for an exchange and was looking to flash PD15IMG.zip before doing this when I came across this post.
I rooted my phone with Visionary R14 and Terminal Emulator.
What other info do you need? Please let me know. Thank you.
Click to expand...
Click to collapse
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
So rooted via Visionary R14 and being on Virtuous Unity (newest update)
I should be able to flash PD15IMG.zip from this link here: http://forum.xda-developers.com/showthread.php?t=863899
and have no problems yeah?
Sorry for all the questions. But yeah I'm only half to 75% following what you're saying.
I'm not advanced yet. =(
Thanks for the help again though.
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
nicholasb said:
If this is all about going back for an exchange, i recently did just this. Please see my post on the topic: http://forum.xda-developers.com/showthread.php?t=1241740
If all you did was the temproot/permaroot method via visionary+, and not the gfree method (gfree is actual s=off), then I believe some of the steps may be different. Specifically, you may be able to skip the whole bit about turning s=on again.
So which is it?
Click to expand...
Click to collapse
I did not use the gfree method.
AggNA said:
Keep in mind PD15IMG.zip is the default system file for our device which is checked on the bootloader as our device ID is PD15000 thus getting the PD15IMG name. So PD15IMG.zip can be multi files as we have 2 of them 1 is 2.2.1 and newest one is 2.3.4 just look in the dev section you will find the newest PD15IMG.
http://forum.xda-developers.com/showthread.php?t=1059347
NEW-PD15IMG: PD15IMG_Glacier_Gingerbread_S_TMOUS_2.19.531.1_Radio_12.58.60.25_26.11.04.03_M_release_200756_signed
Click to expand...
Click to collapse
Thanks for all the help bro. I really really appreciate it.
Love all the help that the XDA community provides.
this guy definitely knows what he's talking about, provided help for me in the past
Hey Everyone,
I've bricked a phone beyond recovery once. It sucks. What happened? I didn't check md5's and ruined everything. That phone is long gone, and history now. I've learned my lessons.
Anyway, I noticed something that might remove a risky step from phone modification. I needed to root my OTA gingerbread DZ from Bell, which required a Gold Card.
Besides backing up and restoring the sd card contents, it's a pretty painless process to make a Gold Card for your phone.
After downgrading with the Gold Card, I asked myself "hey, I just flashed a PC10IMG.zip that wouldn't have passed the security checks...why can't I flash back my Bell radio via PC10IMG.zip now too, even though I have the stock hboot?"
The answer, I did. It worked
Summary: If you have a Gold Card, you should be able to flash any PC10IMG.zip that isn't corrupted, even on stock hboot.
Anyway, I know flashing a radio is also risky, but hey, if you don't need to flash eng hboot, you have seriously avoided doing probably the most dangerous modification to your phone.
Funny thing is that I've never heard of this and my searches brought up nothing. Maybe I'm just bad at searching.
Any thoughts on this that I may not be addressing?
Cheers!
NOTE: proceed with caution! I am not responsible for the bricking of your phone. Please let this discussion unfold a bit before assuming everything is safe!
After running gfree, it gives you Super-cid, which means you don't have to use a goldcard.
You can flash radio's on ship hboot as well, by using PC10IMG, and flashing it through hboot.
Goldcards are only neccessary when downgrading roms when trying to root.
Also, having an eng hboot is recommended, because you have a lot more control over the phone than normal, if you were to really break anything, but could still get to hboot, then the phone will be recoverable.
-Nipqer
Nipqer said:
After running gfree, it gives you Super-cid, which means you don't have to use a goldcard.
You can flash radio's on ship hboot as well, by using PC10IMG, and flashing it through hboot.
Goldcards are only neccessary when downgrading roms when trying to root.
Also, having an eng hboot is recommended, because you have a lot more control over the phone than normal, if you were to really break anything, but could still get to hboot, then the phone will be recoverable.
-Nipqer
Click to expand...
Click to collapse
Aah, thank you. I thought it was required to have the eng hboot to flash radios. I knew there must be a reason why this isn't a big deal lol.
Sent from my Nexus 6 through tears in rain.