Related
So I had an idea today...I'm sure the geniuses that have gotten the Dx and D2 this far have already tried it; but I cannot find any information on it. What if we tried the good old fashioned trick of cold booting:
Google princeton cold boot. I cannot paste links.
I am going to make my best efforts to try this, but I know there are many people that are far better than I. I will let you know of my results, if I ever achieve any.
I think this is an interesting idea, and have read a lot about this being done on laptops... would be interested to see if this works for the android system...
It would only work if the keys are stored in RAM tho... and I think the keys are hard coded into a chip (thought I heard this somewhere...could be 100% wrong)
Anyways...would be interested to see some of the devs try this...
No idea if this would work but if this could be pulled off it would be a pretty epic hack
This looks to rely on the ability to run custom OS/Software. Since our current hacks involve loading *after* the kernel, I doubt this would work.
Kinda like a chicken before the egg problem.
It requires custom rims on another host. Realistically all you need is for the princeton program to read the ram from a different partition. Im sure it can be modified to mount the phone and read the ram from there.
Kinda as an acknowledgement/off-shoot of what zaphod has said...
What if a second init process could be kicked off to hijack the boot process kinda like what koush did..
If the ram could be dumped quick enough... Would this work? I'm not a dev, but do a lot of sys admin work and understand many of the concepts for kernels, and boot processes...
Just trying to help throw out ideas and get the creative juices florin for those who can develop.
Ps, zaphod, thnx for all ur contributions on this forum, many of ur posts have helped me.a TON
Just Chiming In
That's kind of what unrevoked did:
I know we have completely different phones, but this is basically how they cracked HTC:
They found out that in the booting of the phone, during the init, adb would start, but then immediately get killed off by HTC's init. what they did then was found out that if they inserted an SD card into the phone at the precisely exact time (between when ADB started and got killed off by MOTO) so that it would be read right before ADB was killed by MOTO, it would hang MOTO's init, so they had full adb access during the init process, which allowed them to run the phones STOCK recovery alongside ADB. Firstly it allowed them to get root, then once they got root what they basicall did was kick off a LEGIT system update through the phones recovery and then SWAP it for a payload right in between when the phone finished the key checks and started writing the new system....
I know that we have two different things going on here.... but if they did this, I'm sure we could pull something like swapping kernels during load.....
MAN I wish Unrevoked got and tried to crack the X, but they focus on HTC phones.
Any way to send this idea the devs' way without looking pushy? I think from a technical stand-point this is a worthwhile idea to look into...or at least give some thought to it...
thinking about it further
After thinking about this more I think the answer has to lay in this exploit. We are right in stating that the key is actually burnt into a chip somewhere. However, we must remember that there is some key generation going on during the bootloader phase. Thus: at some point the correct key is stored in memory as the phone correctly boots. If the phone boots, the key is laying someplace in memory. It's just a matter of finding it.
I haven't had time to play with this yet, hopefully I will have some time this week or weekend. I am very confident that this will work, it's just a matter of figuring out how to get the program that reads the memory to look at my phone, not my computer.
lilott8 said:
After thinking about this more I think the answer has to lay in this exploit. We are right in stating that the key is actually burnt into a chip somewhere. However, we must remember that there is some key generation going on during the bootloader phase. Thus: at some point the correct key is stored in memory as the phone correctly boots. If the phone boots, the key is laying someplace in memory. It's just a matter of finding it.
I haven't had time to play with this yet, hopefully I will have some time this week or weekend. I am very confident that this will work, it's just a matter of figuring out how to get the program that reads the memory to look at my phone, not my computer.
Click to expand...
Click to collapse
Liliott,
I'm really glad you are looking into this. I've read about this hack for pc's and think there may actually be something to this. I feel like if we could have something that hijacked the boot process real similar to Koush's recovery then if someone could write a program that would dump NVRAM (I think this is the equivalent to the phone RAM) this would work. With this said, I believe that the devs originally working on cracking the bootloader were able to get NVRAM into "engineering mode" (don't remember the exact terminology off the top of my head)....but I still am thinking this idea should definitely be given more credit and looked into.
I would love to help, but I don't have any dev experience, so I'm somewhat at a loss there....Thanks for pursuing this!
The key you need (presumably an RSA key) wont be stored anywhere on the phone at all.
What happens is that Motorola produce new software for the phone and sign it with their private key (that only Motorola have). This is then sent to the phone. (OTA or whatever they do) The phone verifies the signature using a public key burned into the ROM of the phone (i.e. you cant change it without physically modifying the hardware somehow)
The best hope to break the bootloader on this phone is to reverse engineer it and look for an explot, as has been done on Moto phones in the past (various Motorola MOTOMAGX linux phones have been cracked open this way)
jfwfreo said:
The key you need (presumably an RSA key) wont be stored anywhere on the phone at all.
What happens is that Motorola produce new software for the phone and sign it with their private key (that only Motorola have). This is then sent to the phone. (OTA or whatever they do) The phone verifies the signature using a public key burned into the ROM of the phone (i.e. you cant change it without physically modifying the hardware somehow)
The best hope to break the bootloader on this phone is to reverse engineer it and look for an explot, as has been done on Moto phones in the past (various Motorola MOTOMAGX linux phones have been cracked open this way)
Click to expand...
Click to collapse
Question:
Ok, I know that this will pretty much fall flat, but I have to ask. The Milestone, and OG Droid are pretty much the same phone. Do they have the same boot loader, just unlocked? If so is it the same as the X? The reason I'm asking is it might be easier to crack the Droid since it's already unlocked?
It might be like looking at the lock from inside out trying to figure out how it opens, vs trying to open the lock by looking at it from the outside.
Also, does the MOTO use "goldkeys" like HTC did at one point in time, or have they moved on from that?
On another point, MOTO changed their keys from 2.1 to 2.2, and the phone accepted them. That tells me that it's possible. How much time that will take, I don't know.
Finally, is there any way to "intercept" the process like unrevoked did? I mean if we could get adb working while recovery is working, we could start the recovery process using a legit OTA, and overwrite the zip through adb AFTER verification and before the actual copying. That shouldn't set off the fuse, right?
ideas?
dreamersipaq said:
Question:
Ok, I know that this will pretty much fall flat, but I have to ask. The Milestone, and OG Droid are pretty much the same phone. Do they have the same boot loader, just unlocked? If so is it the same as the X? The reason I'm asking is it might be easier to crack the Droid since it's already unlocked?
It might be like looking at the lock from inside out trying to figure out how it opens, vs trying to open the lock by looking at it from the outside.
Also, does the MOTO use "goldkeys" like HTC did at one point in time, or have they moved on from that?
On another point, MOTO changed their keys from 2.1 to 2.2, and the phone accepted them. That tells me that it's possible. How much time that will take, I don't know.
Finally, is there any way to "intercept" the process like unrevoked did? I mean if we could get adb working while recovery is working, we could start the recovery process using a legit OTA, and overwrite the zip through adb AFTER verification and before the actual copying. That shouldn't set off the fuse, right?
ideas?
Click to expand...
Click to collapse
The Milestone has a locked bootloader, and hasn't been cracked for a year.
Sent from Eris with Froyo
TheSonicEmerald said:
The Milestone has a locked bootloader, and hasn't been cracked for a year.
Sent from Eris with Froyo
Click to expand...
Click to collapse
I really am not trying to sound (too) rude when I say this, but
Did you even READ my whole post?
Yes, the Milestone is locked, but the Droid (the Milestone's US twin) is not.
*Golf clap*
Gotta love it when people reply to a post without even reading a few sentances of the post they are directly replying to. It is understood that the Milestone's bootloader is locked, he was questioning how close the hardware and programming were between the OD (Original Droid) and Milestone aside from the lock being activated in the Milestone. It is the general consensus that the same lock and efuse functions exist in the OD but they are not activated. If this is true then it might be beneficial to see if any of the developers out there with a spare OD test to see if they can figure out how to activate the lock on an OD and then potentially have a better understanding of what might be involved with de-activating it.
Thanks!!!
JinxtPhoto said:
*Golf clap*
Gotta love it when people reply to a post without even reading a few sentances of the post they are directly replying to. It is understood that the Milestone's bootloader is locked, he was questioning how close the hardware and programming were between the OD (Original Droid) and Milestone aside from the lock being activated in the Milestone. It is the general consensus that the same lock and efuse functions exist in the OD but they are not activated. If this is true then it might be beneficial to see if any of the developers out there with a spare OD test to see if they can figure out how to activate the lock on an OD and then potentially have a better understanding of what might be involved with de-activating it.
Click to expand...
Click to collapse
rant
*Bow*
I'm glad that there are still people out there that have a reading comprehension above that of a wet mop. I won't insult them and say they have a low IQ though
I hate it when you take the time to put something that you though about up and someone comes along, reads the first sentence, and (without making any effort to finish the paragraph or REALLY think about what the person is trying to say) spew up crap equivalent to that of the "First" post on blog comment boards.....
/rant
Any haxzors? is this liable, possible, waste of time?
*please don't reply with "waste of time". give us some reasoning, otherwise your post does not help us at all*
The reason it might now
The reason why it actually might not fail is this:
When the system boots, it runs it magic RSA/PGP/AES encryption. It then takes that and compares that to its bootloader routine that it loads. Where does it store the bootloader encryption result to compare to the system boot key? If you guessed memory you would be correct. Now if it stays in memory we will have the golden ticket. If Motorola is smart, and wipe that part of the memory upon OS boot, then it's a matter of timing. If we can get that key, we can, potentially, intercept the bootloader, present the key that we stole and boot our own bootloader/cooked rom.
I think there is quite a bit of potential here.
*Clapping continued...*
I'm glad to see more people finally chiming in on this topic. Call me naive...but when it comes to the dev communities, it seems like "where there's a will...there's a way"
They had made decent progress on cracking this (kinda...) maybe this idea is one that should be looked into (probably said this like 5x in this thread now...oh well)
Thank you to dreamerispaq and Jinxt, appreciate you guys throwing some comments in here
did the release of the 2.2 SBF help at all? If there was a kernel change from 2.1 to 2.2, wouldn't a method be inside of the SBF? Is there any way to hijack the SBF to allow installation of a custom Kernel and ROM?
Shouldn't there basically be an entire phone image inside of the SBF file? If so, would it be possible to alter pieces of that to create some kind of exploit, or use RSD Lite itself and altered SBF's to load up custom kernels and ROMS?
I'm just chucking stones blindly here, I know this is way above my skill level, but I can't help thinking that a full SBF should help similar to the way you can pull the system image from an HTC RUU.
giventofly17 said:
did the release of the 2.2 SBF help at all? If there was a kernel change from 2.1 to 2.2, wouldn't a method be inside of the SBF? Is there any way to hijack the SBF to allow installation of a custom Kernel and ROM?
Shouldn't there basically be an entire phone image inside of the SBF file? If so, would it be possible to alter pieces of that to create some kind of exploit, or use RSD Lite itself and altered SBF's to load up custom kernels and ROMS?
I'm just chucking stones blindly here, I know this is way above my skill level, but I can't help thinking that a full SBF should help similar to the way you can pull the system image from an HTC RUU.
Click to expand...
Click to collapse
Unfortunately, I don't think so. The issue is that both sets of keys are probably hashed and encrypted.... so even if we pulled out the private key out of the SBF that motorolla used, we'd have to brute force it to decrypt it. If, let's say they were smart and used something like RSA as stated above, it'd take a super computer a couple of decades to crack it.
A brute force attack is not going to be helpful here I'm afraid. I'ts going to be more of a lets look at the code, and see if we can find a flaw somewhere in moto's coding that we can use to our advantage.
That's why I recommended looking at the OD. If it shares the same bootloaded, it's already uncloked. Maybe we could take it, reverse engineer it, and look at the calls it makes, where it looks for files, what order it loads things in, etc.... THIS would be more beneficial IMHO.
[PROBLEM SOLVED]
Ive been flashing back and forth to different builds trying which is better. I made sure I took the cautions not to flash builds that would brick my phone. There were 4 times that I soft bricked my phone but I was able to revive it. However, my little game has come to an end with this last one. The fault was this guide: http://forum.xda-developers.com/showthread.php?t=817186.
Little did I know, by doing a repartition and not loading anything to the NAND resulted in the bootloader not being installed. (Devices like this should have a ROM programmed to recover from these errors, think Gigabyte) Upon reset, the phone went out and didn't turn back on. ODIN reports success. Now the phone cannot turn back on, no matter what battery pull method I use, I get nothing on the screen. So much for fail-safe protocols Samsung has implemented, if there are even any. Poorly engineered!
EDIT:Thanks for all your suggestions guys. So yes this phone was definitely bricked beyond any software repair. I was going to JTAG it but I figured there MUST to be some hardware bootloader implemented. I went ahead and did the USB JIG and surprise, it booted from the hardware bootloader. I used ODIN to flash JFD and it works now. So my guess is samsung did implement a fail safe, which is the USB trick and forces the phone to boot from hardware. If that is true, this phone is brick proof, provided that all electronics still work.
EDIT 2: I am wrong about the bootloader being hardware. Some say it is flashable, so it is possible you can get a real TRUE brick and must need JTAG to revive it. Fortunately for me, I was able to use the USB JIG method to get it back up and running. Too bad, a new phone would've been nice.
Not poorly engineered, just poorly made user input.
Yes true, but samsung should have taken into account accidents like this will happen then they dont have control over who administers their update. People have bricked their phones by doing the factory update. When I design systems like these, I always make sure there is a fail safe backup that the user cannot modify. I am sure samsung has one and maybe they just dont let us access it.
I sometimes encounter the same error message but I never repartition. Luckily, i never clicked on it in Odin.
But you have to realize that most of those bricks are because people modified their phones from factory (ie. Voodoo and OCLF). Odin, a program used by internal Samsung engineers, was never meant for the public and shouldn't be used unless you know how to use it.
I agree, there should be an absolute fail safe if worse comes to worse, but the point I am making here is Samsung isn't wrong in this case.
When you violate warranties and experiment you tacitly accept responsibility for your actions. To not do so is not an act of rebellious ire...it is an act of denial.
Manufacturers do not, nor can not prepare for all scenarios because the possible number of scenario's to cover are legion. I don't see it as realistic especially for them to prepare for brick scenario's created by using a leaked internal engineering tool that the community has figured out largely through trial and error either. OTA and Mini Kies bricks they are responsible for, for obvious reasons, and Samsung and T-Mobile have taken responsibility for these scenarios because they are ones of their making.
XDA is not a place where people file warranty complaints (though some do complain). It is a place where people experiment, hack, and customize smartphones. Though some manufacturers do a better job than others at getting out of our way here (Samsung hasn't done so bad here relative to say Motorola), I don't think any of them particularly "care" about such community efforts in any meaningful sense. And why should they?
By modifying our devices aren't we quite clearly saying we're taking matters into our own hands? You have to balance your strong desire to tinker with the reality of where responsibilities lie.
These phones are some of the most difficult Android phones to brick. Anecdotally and statistically shown to be. Not impossible of course, but quite difficult. I feel for your bad experience but at least consider shouldering some of the blame.
Thank god i am too scared to use odin. The deepest i go is clockwork recovery, but good luck with your paperweight.
Too bad the SGS is so light, it wouldnt make a good paperweight, or even a brick.
but seriously, the warranty is there to protect users which this happens to, assuming it wasnt voided by hacking the phone. Are you asking samsung to take into account that you would hack the phone and provide a way back after you have a bad hack and probably make themselves liable by providing that way back in case it does not work properly?
I want to be clear that I am not blaming samsung for this but I thought samsung could have done a better job. Ill admit, this phone was the first phone that impressed me in years and as an engineer, I am hardly ever impressed; other engineers will get my point. I wish they had some soft of fail safe mechanism. For us who like to tweak things, I get we get what we deserve. But what about those who dont like to tweak and still brick their phones? i.e. those who use Kies Mini and still brick. I still have warranty on the phone and I'll try to take it up with Tmobile, hope they don know much about flashing. BTW, I tried using the other program but no go. All the drivers were installed, rebooted computer...nothing. I think it is because I have W7 64 and not 32?
Have you tried the jig method of getting into dl mode?
engineer14 said:
Thank god i am too scared to use odin. The deepest i go is clockwork recovery, but good luck with your paperweight.
Too bad the SGS is so light, it wouldnt make a good paperweight, or even a brick.
but seriously, the warranty is there to protect users which this happens to, assuming it wasnt voided by hacking the phone. Are you asking samsung to take into account that you would hack the phone and provide a way back after you have a bad hack and probably make themselves liable by providing that way back in case it does not work properly?
Click to expand...
Click to collapse
Keep on flashing, and eventually Odin will probably save your butt
Don't be scared of it, it works great. And it is safe to use.
========================================
I'm really sorry about your phone man, I didn't know that you had to NAND before re-partition, thank god I've never checked that but I might have in the future had you not shared this with us, so thanks a lot!
I guess your loss is everyone elses gain
No I havent tried the Jig method. The thread says that I need to have at least the samsung screen, so some kind of activity. This phone is just off, nothing comes on, no buttons, no screen...just dead. I think when I followed that guide, it told be to repartition and then reboot with the "PDA" field empty. So the phone rebooted when it finished formatting without installing anything. Now the NAND is at a "blank" state and I do not have any bootloader on there. Anyone know of a method to install a bootloader without the phone turning on?
I might be a little too far out of my element here but I think I found a guide to remove the sdcard and format it via pc one time when I was in a similar situation. I am at work currently and I also cannot remember if I have the link saved.
Maybe some phone expert in your city may help you to install the bootlaoder. I think it's called jtagging, I'm not sure though.
Sent from my SGH-T959 using XDA App
trdexalbee said:
I want to be clear that I am not blaming samsung for this but I thought samsung could have done a better job. Ill admit, this phone was the first phone that impressed me in years and as an engineer, I am hardly ever impressed; other engineers will get my point. I wish they had some soft of fail safe mechanism. For us who like to tweak things, I get we get what we deserve. But what about those who dont like to tweak and still brick their phones? i.e. those who use Kies Mini and still brick. I still have warranty on the phone and I'll try to take it up with Tmobile, hope they don know much about flashing. BTW, I tried using the other program but no go. All the drivers were installed, rebooted computer...nothing. I think it is because I have W7 64 and not 32?
Click to expand...
Click to collapse
Just call Tmobile and tell then that you were upgrading to froyo 2.2 using Kies mini and it froze...
I had a black screen once. I was flashing in odin and knocked the cable loose. I think I had to remove the battery, open odin, plug the usb cable in, then install the battery and possibly hold a key down on the phone. I believe the download screen then came up. Otherwise the phone would not respond nor would any lights come on
trdexalbee said:
I want to be clear that I am not blaming samsung for this but I thought samsung could have done a better job. Ill admit, this phone was the first phone that impressed me in years and as an engineer, I am hardly ever impressed; other engineers will get my point. I wish they had some soft of fail safe mechanism. For us who like to tweak things, I get we get what we deserve. But what about those who dont like to tweak and still brick their phones? i.e. those who use Kies Mini and still brick. I still have warranty on the phone and I'll try to take it up with Tmobile, hope they don know much about flashing. BTW, I tried using the other program but no go. All the drivers were installed, rebooted computer...nothing. I think it is because I have W7 64 and not 32?
Click to expand...
Click to collapse
Depending on which drivers you installed (and there seem to be quite a few floating around) you might need to disable Driver Signature Checking in 64bit Windows OS's if the drivers are not signed. The easiest way I've found to do this is with EasyBCD . Install it, run it, click Advanced Options and enable loading of unsigned drivers. Do this before loading a potentially unsigned driver and you're good to go.
Just a tip, and my lengthy diatribe on responsibility was more to stem the potential tide of trolling such a thread is likely to generate than dump on you. I know what it's like to brick things. I've been bricking stuff for 30 years lol.
masterotaku said:
Depending on which drivers you installed (and there seem to be quite a few floating around) you might need to disable Driver Signature Checking in 64bit Windows OS's if the drivers are not signed. The easiest way I've found to do this is with EasyBCD . Install it, run it, click Advanced Options and enable loading of unsigned drivers. Do this before loading a potentially unsigned driver and you're good to go.
Just a tip, and my lengthy diatribe on responsibility was more to stem the potential tide of trolling such a thread is likely to generate than dump on you. I know what it's like to brick things. I've been bricking stuff for 30 years lol.
Click to expand...
Click to collapse
To disable driver signing, you ONLY need to run a single command and then reboot. And this applies to both Windows 7 and Vista.
Also to the OP.
You say you have no bootloader, but can't find ANYWHERE in this thread that says you were attempting to flash a bootloader. In fact, you can **** up partitioning, and your bootloader is still in tact. Been there, done that.
Do this. Plug the phone in, and leave it charging for about 30 minutes. Pull the phone off, hold the volume buttons, and plug the phone into a computer. See what happens. I had a ****ty situation end up happening to me, that I couldn't get the phone on for about 30 minutes. I had already even called T-Mobile for a replacement.
Thanks for all your suggestions guys. So yes this phone was definitely bricked beyond any software repair. I was going to JTAG it but I figured there MUST to be some hardware bootloader implemented. I went ahead and did the USB JIG and surprise, it booted from the hardware bootloader. I used ODIN to flash JFD and it works now. So my guess is samsung did implement a fail safe, which is the USB trick and forces the phone to boot from hardware. If that is true, this phone is brick proof, provided that all electronics still work.
trdexalbee said:
Thanks for all your suggestions guys. So yes this phone was definitely bricked beyond any software repair. I was going to JTAG it but I figured there MUST to be some hardware bootloader implemented. I went ahead and did the USB JIG and surprise, it booted from the hardware bootloader. I used ODIN to flash JFD and it works now. So my guess is samsung did implement a fail safe, which is the USB trick and forces the phone to boot from hardware. If that is true, this phone is brick proof, provided that all electronics still work.
Click to expand...
Click to collapse
This "hardware" bootloader as you are calling it, is the exact bootloader that you can flash and TRULY brick your device. It is NOT a failsafe in the way in which you are referring. Please, please don't call it this. There are plenty of users on this forum that are clueless. The jig method, is a hardware jump point that Samsung has built in to allow you to get to download mode situations where the button method does not work.
As I mentioned earlier, you didn't flash a bootloader. Nor did you full on brick your device. Glad your device is back to normal now though.
my apologies then, it would be easier if samsung gave us the schematics, but that would never happen. So when we use odin to flash, we are not flashing the bootloader as well? Is the bootloader located on another ROM that is not easily accessible? I guess ROM would be the incorrect term since you stated you can "flash" the bootloader.
[ABANDONED] My worries have been aliviated by the people posting here that T-Mobile did not check for an unlocked bootloader. That's enough for me to close the issue. If someone does need to find the answer to this question, feel free to pursue it otherwise I consider this [CLOSED]
-----edit above-----
I've already searched for this EXTENSIVELY and need more help. I have a similar problem to this thread (which wasn't resolved), but didn't want to revive a dead thread from Dec '10 to ask this.
First and most important question is: WILL I NEED TO DO THIS?> Will T-Mobile check for the unlocked bootloader on a broken-screen phone and will they notice my MIUI rom? (I'm REALLY worried about this because rooting my phone does void the warranty, but honestly I didn't break it. The screen just stopped working. Really worried = the search for a solution).
Is HTC warranty a better option? (I'm actually the second owner and the original owner is going to try to do the replacement)
I've realized that I can use Android Screencast to see what the phone is showing, and touch input still works on my phone (though Android Screencast isn't letting me use my computer mouse/keyboard to use my phone). This is only available on a rom/backup with USB debugging enabled, and shows CWM Recovery (using the latest version).
Can someone please help me go through all the steps needed to restore everything to stock? I am cursed by this issue and realize that someone would need to take over an hour to figure all this out.
>>I know I'm asking for a lot, but this is a great community to be involved in and I've searched all over for help before posting.<<
__________________
P.S. I've also looked at [Guide] Remove permanent root, and I need to know what extra steps I will need to know with a broken screen. CWM 3.0+ presents a problem for stock rom, and I need one with USB debugging enabled already.
Also, fyi I used the Rage/Gfree latest version available as of Jan 24 (when I rooted). I did not flash the Engineering HBoot, which would probably help.
What i found was they dont care about the software. confirmed twice. Apparently it is a known defect in the phone that the screen stops working, they will admit it now. We have done 2 warranty replacements and the first one at the time of the post, they tried to charge me for breaking the screen (we did a better business bur Complaint) and got refunded. The second time they didnt even question it and we werent even charged.
So no they dont care, dont worry about it.
I just so happen to have the exact problem as you, i stepped on my phone leavng the screen internally broken put the touch screen still worked. I was running CM7 and i called them and just sent it in with no problems. there not there to look at the software and are not going to take the time to replace screens on all the phones they get in first to see if there rooted or not. If you cant tell its rooted by looking at the screen (i mean it is broken) then theres no way they will. Just send it in and you'll get it in about weeks time
I had this problem and submitted it to warrenty, anyway. They asked me three questions, is the screen cracked. Is there any external damage, and any water damage. All were no's, so they replaced the phone without ever checking for root.
Thanks for all the responses. All three of you have reassured me to the point that I'm not going to worry about it either. While I appreciate that T-Mobile is not going to charge me for rooting my device (which I should be able to do), I am annoyed that as a secondary owner I do not get warranty support and need to have the original owner take care of it.
daboma said:
Thanks for all the responses. All three of you have reassured me to the point that I'm not going to worry about it either. While I appreciate that T-Mobile is not going to charge me for rooting my device (which I should be able to do), I am annoyed that as a secondary owner I do not get warranty support and need to have the original owner take care of it.
Click to expand...
Click to collapse
Actually no, even if you are a second owner u can still get it replaced. I am also a second owner but I know a way to get it replaced. Pm me
Sent from my HTC Vision using Tapatalk
i have the unlock code from att but i was like "nah i don't need the instruction emailed to me...youtube bro" little did i know...is there a way to do it without a non carrier sim?
I don't think...
zetsui said:
i have the unlock code from att but i was like "nah i don't need the instruction emailed to me...youtube bro" little did i know...is there a way to do it without a non carrier sim?
Click to expand...
Click to collapse
Just by coincidence I've been researching around lately to unlock my Motorola Bravo phone so that I can use it on any network I wish. I have already "rooted" it, which I remember was quite easy (I think what most people complain about is the amount of time it can take and the number of steps that can be involved), but, as you most likely know, rooting and unlocking are completely separate, independent functions on the phone. I searched Google, a bunch of message boards like this one here (this has always been my favorite...lots of extremely intelligent people), even some torrent files, but despite hours of searching, I unfortunately couldn't find any way to unlock the phone without just paying for the code. Yes, you can get it free from your carrier, but my account has been cancelled for months and I no longer have that option. Luckily paying for the code is very cheap and should cost you less dollars than the number of digits on your hands...if not keep looking b/c you're getting ripped off.
Theoretically, that is if my theory of how the phone functions is correct, there should be a way. I mean, if unlocking is done purely through software, there's gotta be a way to crack that part of the software and trick the phone into thinking the correct unlock code has been entered. I know the whole IMEI number to unlock code generation process uses an encrypted algorithm to work, so I don't know how difficult or impossible that would be, but that's one way I can think of doing it. Another way I thought of that seems like it should work, although I haven't heard anyone that has done this specifically say that it also unlocked their phone, is to totally wipe the phone and reflash it with a generic/unbranded version of Android. Would either of these options work anyone?
You might, MIGHT, be able to use the Defy Soft Sim Unlock, but its for a different baseband than what we use (not in /system/etc/motorola, but in /dev/block/mmcblk1p14 -- actual radio partition). I attempted to flash the Defy radio.img, but I ended up having to flash the sbf so don't flash the baseband zip on that page. Go to Defy General and go to the Stickied Wiki or Beginner's Guide and it'll have all the info you need on this.
'
While I'm hopeful for you, I doubt it will work but its worth trying. You can also try motofan.ru and see if they can provide an unlock code for your Bravo (its free). Its a 50\50 chance that they can or can't.
Your only other option is forking over the $$$ and buying the code. Don't try to randomly guess it -- you only have 10 tries and once you use them all you're (possibly) screwed.
Hey Friends,
My S7 E had a problem with the charging port and I sent it in for an exchange device today.
Previsouly I had Nougat installed so the device was KNOX Void and Rooted.
I read that If you want to ensure that noone can restore the Data from the Device (Online Banking records, passwords, images) you have to encrypt the device and then do a factory reset.
Unfortunately encryption did not work on Nougat (it would show the encryption icon and then reboot)
SO I basically flashed the Stock Firmware of the Provider (4 Parts) with Odin and hoped that I can find the encryption option in the Security Settings Menu but it wasn't there. I could only encrypt the SD card.
My question: Was the device encrypted as soon as flashed the stock firmware or was encryption simply unavailible on the stock rom?
I did multiple factory resets and also Installed an app to "delete empty space" which should overwrite any data that might hide in the free space.
I am worried that whoever gets the device next might be able to restore my banking data, images and e-mails.
What's your take on this?
Best,
Thomas .N from Germany
Any ideas ?
Please help
Judging by the things you did, your personal data should be safe. I can't prove it, I can't tell more but I can tell you the technicians aren't hesitant to peek into your files. All I can say is this. Anyway.
Your files can still be restored but at this point that would cost more energy and time than it is probably worth it.
nitrousĀ² said:
Judging by the things you did, your personal data should be safe. I can't prove it, I can't tell more but I can tell you the technicians aren't hesitant to peek into your files. All I can say is this. Anyway.
Your files can still be restored but at this point that would cost more energy and time than it is probably worth it.
Click to expand...
Click to collapse
Thanks for the post. I am just worried about my online banking information that was stored on the phone.
Now that I have the new phone i reverse engineered the process.
I put Nougat on the phone, loaded some information, documents, pictures etc on the phone and restored it to the carriers Stock rom.
Then I rooted the phone and tried some file restoration tools to see if I can find any data. Turns out blank. Can't even find one file with diskdigger or others.
I guess that restoring the phone to stock rom encrypted it by default again which should mean that I am safe.
Don't worry, they won't attempt to recover any files. Your porn is safe.
CuBz90 said:
Don't worry, they won't attempt to recover any files. Your porn is safe.
Click to expand...
Click to collapse
No, that part they can have. I am worried that whoever gets the phone next might try to recover my personal data but maybe this is far fetched.
I stand corrected on my last post, I was able to recover some data so apparently encrypting the device and wiping is not as safe as some might think.
exxi said:
Thanks for the post. I am just worried about my online banking information that was stored on the phone.
Now that I have the new phone i reverse engineered the process.
I put Nougat on the phone, loaded some information, documents, pictures etc on the phone and restored it to the carriers Stock rom.
Then I rooted the phone and tried some file restoration tools to see if I can find any data. Turns out blank. Can't even find one file with diskdigger or others.
I guess that restoring the phone to stock rom encrypted it by default again which should mean that I am safe.
Click to expand...
Click to collapse
You know what I'm more interested in? You are from Germany, right? How did you get a repair under warranty with triggered KNOX? I'm also from Germany and from past experience Samsung's repair partners (W-Support, DAT Repair usw.) are the biggest douchebags imaginable. They never did care why I sent in a device. As soon as thy saw KNOX being triggered, they simply denied any repair under warranty even if completely unrelated to KNOX or software issues.
exxi said:
No, that part they can have. I am worried that whoever gets the phone next might try to recover my personal data but maybe this is far fetched.
I stand corrected on my last post, I was able to recover some data so apparently encrypting the device and wiping is not as safe as some might think.
Click to expand...
Click to collapse
Yes, but unless you're someone very very very important and the guys at the repair shop know that, none of them will even care to go that far to recover data from your device.
nitrousĀ² said:
You know what I'm more interested in? You are from Germany, right? How did you get a repair under warranty with triggered KNOX? I'm also from Germany and from past experience Samsung's repair partners (W-Support, DAT Repair usw.) are the biggest douchebags imaginable. They never did care why I sent in a device. As soon as thy saw KNOX being triggered, they simply denied any repair under warranty even if completely unrelated to KNOX or software issues.
Yes, but unless you're someone very very very important and the guys at the repair shop know that, none of them will even care to go that far to recover data from your device.
Click to expand...
Click to collapse
To answer you question in regards to warranty: It depends on your carrier as well as the nature of your subscription. In my case it's a company subscription which allows for quick swap at a location of your chosing. Basically they come to your company with a refurb and hand it over to you in exchange for your old (broken) device. At this point no questions are asked. I don't know what is going to happen as soon as they check the device at the service center. I've done similar swaps with KNOX tripped devices in the past with different carries. My feeling is that corporate customers get more "leniency" when it comes to device repairs.. go figure.