Related
Today I spotted this blog item http://blog.htc.com/2012/04/your-phone-your-thoughts-tell-us-what-you-think/ I think we should start post our concerns about not being able to gain a proper unlock.
(1) fastboot boot awesomeRecovery.img (this works because fastboot then boots recovery on the boot/temporary partition. So the you're not actually in recovery mode
(2) Offmode (this works because again you're again not technically in recovery mode. It uses the recovery ramdisk, kernel, and binaries but its still not technically recovery.
On that note I've seen suggestions that it's possibly a recovery issue with cwm and twrp. Unfortunately it doesn't appear to be the case. If it were then in CWM u wouldn't have usb when u fastboot boot the recovery or in offmode (fair assumption since both these options use the same kernel, ramdisk and binaries as recovery?). Can it be fix? Not that i know of. It looks to me like a total radio or bootloader lockout from using USB in recovery. Which means on a radio or bootloader level USB is disabled in recovery mode.
On that note I think we should raise the point to HTC that this locking down of the device does not suite our needs.Key points of fail would be as follows.
(1) Can NOT flash the boot partition from recovery. I've personally contacted HTC on this numerous times and they seem to just not care. Responding with "It's a security issue" and so forth. I would love to know how this is a security issue of any sort. Every other Android device has this ability except HTC devices since they started the HTC unlock ordeal. It's utter fail IMHO and HTC should listen to our needs .
(2) Can NOT flash recovery or boot partitions from system. This issue is NOT a deal breaker and isn't so bad when it comes down to the nitty gritty. But since the issue above exists, flashing with applications like htc dumlock and such were our only options. These work around apps cant be used to flash now because of the lockpout from system and it wouldn't be such an issue if HTC didnt lock us out in recovery from flashing boot.
(3) Can NOT flash P*IMG.zips in hboot/bootloader anymore. For the unlocked device running a custom firmware this is a must. Specially when radio updates and such are needed from the OEM. We seen a big use of this on the Sensation when HTC updated the device from Gingerbread to Ice Cream Sandwich. The update required new hboots, radios, and partitioning to actually use. So in that instead of having to flash a RUU Which didn't exist the only choice was to flash a custom P*IMG.zip that included all the radios and images need to run the builds. At this point we can't update those image/partitions without flashing an RUU. This makes no since and doesn't seem to do anything but make things more difficult on the unlocker to customize and modify their device.
(4) If all the conditions above HAVE to exist. Then why not give us documentation or utilities to flash fimware.zips from recovery like HTC does? When HTC was the proud Nexus device there was full support and documentation available on how to flash firmware on their devices. This made anyone choosing an HTC device blessed with knowing that their device was not only open and unlocked, but when flashing firmware that it was being flashed correctly to Google and HTC's standards. This code has now been moved out of recovery since right before the move to edify scripting and moved to vendor/htc/ (not arguing this choice as thats where it belongs from a maintaining point of view). But the problem is that vendor/htc is proprietary now. Which means Documentation and support for flashing firmware correctly is not available and left to developers of recoveries for the community to figure out. One would think if HTC was standing behind us that they would step up and give us a PROPER/OPEN/REAL unlock, or if they cant for the lame excuse of security concerns, then give us the documentation and utilities to flash the boot and firmware partitions properly. I mean really... what is there to lose there?
(5) WHAT WAS THE POINT OF HTC UNLOCK? It was to reach out and accept us as a community. It was to keep us from having to exploit their firmware and look for holes to gain control of a device we rightfully own. WHAT DID HTC UNLOCK DO? It unlocked the devices at first and with each new revision of the unlock it gets more locked down and harder for us to use it as intended. WHAT DOES THAT LEAD TO? It leads to us hoping someone will take the time out of their life and exploit HTC's firmware so we can have access and control of our devices. I mean, it's bad when u have people poking a device with a paperclip to get a device unlocked to avoid a official unlock.
Bottom line; I'm personally fed up with HTC's unlock. It's absolute crap! It does not serve the purpose it was intended and only makes things harder then they were before. As a devoted HTC customer it has me questioning if my next device will be an HTC. With all the other options that would allow me to spend less time trying to gain proper access to my device and more time actually having fun with it, why choose HTC? Everyone else is shying away for these same issues. Everyone with an HTC unlocked device waits for someone to exploit HTC's firmware and give them a proper unlock. Why not just choose a device without the locked down/unlock instead? IDK but HTC needs to step up and listen to us. Every HTC forum with an HTC Unlock is screaming for these issues to be fixed.
My call to HTC is to fix these issue and/or give us proper documentation on flashing firmware to our devices via custom recoveries. The boot flashing lockout is dumb, pointless, and in NO WAY a security threat AT ALL and is nothing more then a CRAP RESPONSE to something that they sould be working to correct, instead of ignoring. In the end its hurting HTC's relations with developers and is ultimately doing the opposite of what it's original intent.
HTC, PLEASE READ AND LISTEN!!!11ONEone
To everyone else, SPREAD THE WORD!!!ONEone
This is the future of HTC unlock and each new device it gets worse. Maybe HTC will listen and address these issues, then again maybe we will just need to find another OEM that supports us and does listen
Click to expand...
Click to collapse
From this thread : http://forum.xda-developers.com/showpost.php?p=25407373&postcount=19
I have posted the same in Facebook Page and Tweeted it. I think we should be more aggressive.
what about groubal?
Posted anyway :s
"There has been overwhelmingly customer feedback that people want access to open bootloaders on HTC phones. I want you to know that we've listened. Today, I'm confirming we will no longer be locking the bootloaders on our devices. Thanks for your passion, support and patience," Peter Chou, CEO of HTC
Please S-Off your devices as promised, your unlock is not a true unlock and it is still heavily restricted. We can't flash official RUUs in this weak htc-dev unlocked state! Please fulfil your promise!
You have some valid points, but you do realise us tinkerers aren't htc's only customers right? Most businessmen now use smartphones like the one X and they certainly do not fiddle with their phones, nor do they accept that their phone comes with serious security flaws potentially opening their device up to strangers or corporate espionage. This point, however, could be used both for and against this fact. For example, if HTC officially provided S-OFF via htcdev then they could avoid people developing exploits for their device while also causing the device to be factory reset when it is applied. The downside of this is their products could get a reputation for being unstable or whatever (people seeing my device for example, and getting the idea that all one X's are on the verge of exploding)
That doesn't seem to be an issue for Google or Samsung, so I don't think its a really valid point.
Rekoil said:
You have some valid points, but you do realise us tinkerers aren't htc's only customers right? Most businessmen now use smartphones like the one X and they certainly do not fiddle with their phones, nor do they accept that their phone comes with serious security flaws potentially opening their device up to strangers or corporate espionage. This point, however, could be used both for and against this fact. For example, if HTC officially provided S-OFF via htcdev then they could avoid people developing exploits for their device while also causing the device to be factory reset when it is applied. The downside of this is their products could get a reputation for being unstable or whatever (people seeing my device for example, and getting the idea that all one X's are on the verge of exploding)
Click to expand...
Click to collapse
I understand mate .. That's why the S-OFF should be optional. I personally working in a co-operate enviorment most of the them won't go for Android since our enterprise applcation doesn't work well (Like deployment of software apps etc.) most of them prefer Blackberry for Windows based phone. That's why Windows 8 phone comes with secure boot and large scale application deployment with same tools used in Windows so they can convert the remaining BB users to Windows. Android has a long way to get attention from enterprise users. For now think it's an entertainment OS. Sony went a long way in this case they allow complete unlock even help FreeXperiaTeam with development of CM. Sooner or later our devs will find a way to S-OFF why not HTC offer it proactively and creative a good will against devs like Sony did.
S-off on any HTC phone do not I repeat do not open any other security issue ie a business would not leave such possibility open some business develop there own software for phones etc and still do they was doing it with the old pda phones and HTC pda phones with HTC to stop locking there phones allows this option again to a business.
A business wouldn't leave a device open as they would lock them there selfs via encryption etc so people arguing over its opening security holes is an invalid point other devices are open ie Samsung etc so why not HTC all other HTC that have been exploited to allow the same hasn't broken any security regarding networks or the ability to change serials etc as this info is on a write once chip and can not be over written like some other devices in past
The reply from HTC ceo has just made my day it's great news I just hope it true to the word
And believe it or not there loads of corporate business are using android devices to its full existent well here in the uk they are as its such a powerful operating system and not just for entertainment I speak from experience I use my phone for business and use a lot of business apps etc so my phone is not just for entertainment purposes etc
Everyone's concern over security is a fair statement but not valid reason not to unlock and am glad to hear HTC agree now.
Sent from my HTC One X using xda app-developers app
@dryan433: Dude, what are you talking about? Have you ever heard about something called punctuation or capital letters?
Sent from my HTC One X using xda app-developers app
I don't have the experience to know if this is possible, which is why I ask because I'm curious. I post here because I want devs to see it, and think "that could work" or "idiot"
As we know the defy bootloader will probably never be unlocked, now I was thinking would it not be possible to somehow isolate the bootloader from a rom, and run some kind of virtual one in a seperate partition to run a fully custom kernel? It's probably crazy but I'm dying to know what people think, don't be too hard on me I have no coding experience :/ however all opinions are welcome I think anything is possible
Sent from the real world by hacking into the matrix
I don't want that this will become another dead Bootloader-Hacking-Thread but I want to give you an answer with the facts:
1) There currently is no known way to execute code before booting the kernel because everything is well protected though signing code.
2) The only way to boot a kernel after kernel-boot are tools like kexec or 2ndboot. But a phone's RIL is a heavy stone on that way because it's not that easy to reinitialize this part of hardware and without RIL a phone is useless. The main-developers canceled this project due to this reason.
Other "non-phone"-devices with locked bootloader (like Sony's google-tv) are using this method without problems.
3) You can use kexec/2ndboot to load a full bootloader instead of an kernel only, too. But because we don't have the source we would have to reverse engineer it to disable the signature check of the kernel otherwise you would load another useless protected bootloader This was also an project but I don't think it's still alive...
Additional note: You can't directly flash a modified bootloader because our chipset has built-in OMAP3-security features. This means the CPU will only boot signed Code from NAND.
You can find many helpful information about this topic on this page:
http://and-developers.com/partitions:cdt#cdt_table_of_droid_x
Thanks that clarifies things quite a bit, however I mean loading not just a second kernel but a WHOLE bootloader that would handle the phones entire functions independently, or is it completely hardwired so its impossible for something to override it? (Sorry if you have already answered in the above). Another thing, has noone tried to compile custom fixed sbf? Maybe the bootloader could be replaced that way? In software almost anything done can be undone in some way, although perhaps this is the rare case where it isn't
Sent from the real world by hacking into the matrix
I edited my post to have everything at one place.
I hope this answers your questions.
The bootloader is like the bios in a pc (actually is part of the bios), it's what initializes the device and loads the rest of the code. to load it again or another one you had to reinitialize the device. the issue with the RIL is that when reset or restarted it "panics" and resets the whole device (I think, read it somewhere).
also the second unlocked bootloader that you want to load does not exist anyway.
it's better to just help the developers with bug reports and testing than daydream.
sorry mate!
m11kkaa said:
I edited my post to have everything at one place.
I hope this answers your questions.
Click to expand...
Click to collapse
So its all been tried before, damn! XD at least the devs here have done a fine job of making good roms even with this limitation, guess I will do my research before I buy my next phone as I love playing with roms, the more custom, the better
Sent from the real world by hacking into the matrix
I would like to know how many forum members would be willing to donate funds to any developer willing to seriously work at creating a recovery program and maybe one rom for the Xyboard 10.1 4G/LTE device.
I realize the bootloader is still locked, but devs have managed to bypass the bootloader on other devices using some very creative thinking. The bootloader on my Droid Razr is still locked, but we have Safestrap, CWM
There is also a member i saw that would be willing to donate a xyboard for testing.
I would be willing to donate $100 towards this project.
We need to show the manufacturers that our platform is truely OPEN SOURCE?
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
nchantmnt said:
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
Click to expand...
Click to collapse
welcome! hey again.
fair amount of views, not many investors.
surprised, it's verizon's main tablet that has 4g (besides the galaxy tab 10.1 which i heard is discontinued).
patience.
I would get in on this. I have actually been trying to figure out Hash's safestrap to see how it is replicated for different devices.
Sent from my Droid3 using xda app-developers app
I know it can be done...it's just a matter of interest. Is some dev interested in spending time to figure it out.
we have recovery for many, many devices whose bootloaders are locked.
SafeStrap would be great....or TWRP.
So far, we have $150 available for anyone who creates a recovery. Come 'n git it, devs!
why not create a simmilar thread at xoomforums.com... guess the most of interested useres aren't reading much @ XDA since atm there is no development going on for this device.
if you do so, just be sure to link to each other thread, list the users & amount and sync those two threads in their first post like:
"chumboy (xda/xoomforums) - 100$
nchantmnt (xda/xoomforums ) - 50
.....
hopefully many many more
_____
total funds until 28th of Sept - 150$
ill try and see if i can get some users @ androild-hilfe.de to join in
maybe u know of some other forums as well
cheers
25 from me if the recovery will working for international xoom2 too.
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
I hope you have rootaccess
luxxx123 said:
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
-and yes we have root
I hope you have rootaccess
Click to expand...
Click to collapse
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
nchantmnt said:
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
Click to expand...
Click to collapse
The 2nd init should not be a problem. Internal storage is /mnt/sdcard/ external drive can be loaded on /mnt/usbdisk_1.0/
The bootloader is locked, Motorola has not released this yet. However, I did decode a file that had the agreement for unlocking the bootloader so this leads me to believe it will happen in the future.
My knowledge of bootstrapping is limited as well but I do know that if Motorola's system catches anything of another system trying to run, it will reject it and either bootloop or reboot. The secret is in the boot stage not interacting with factory boot at all.
wow...you guys are talking way over my head. i understand somewhat, but at this time, i can't contribute anything but funding.
and emotional support !!!
let me know what a non-coder like myself can do to help you.
so far, we have $175 available to dev who creates recovery.
Devs,
Just want to make sure you dev's are working on the Xyboard 10.1" with LTE connectivity and not just the wifi only device.
It's the Xyboard MZ617 7444.
Realy guys i don´t want your money
On my phone we got a CWM recovery via hijacking battery_charger.
That means when your phone is of and connect it to any kind of power supply it normaly starts this huge battery loading animation.
We simlinked this battery_charger script to a folder that excutes the CWM.
So everytime i shutdown the phone and connect it to powersupply i´ll enter CWM.
I´m quite sure this will work on your tablet, too.
I just can help you with this kind. When your aim is to get a real 2nd Init i can´t help you,
because there my knowledge ends too.
But for beginning i think it would be nice to have any kind of custom recovery, or?
To beginn i realy need the init scripts guys. Open your filebrowser and go to internal storage root, there they should be.
Sorry was abroad for some days
Yes, any kind of custom recovery would be nice. Here you go with the init.
Any information on how you are going to do this would be nice so we can alter this to our needs (thinking about some bootloader to choose weather to load cwm or automatic just charge after some seconds would be nice)
What are the limits of this way? Guess we will not be able to flash kernels, right?
First off, sorry for double-posting
having read myself enough into 2nd init i guess there will be no way to get this running on our xoom2/xyboard models, as the devices need to be running some froyo-kernel to get this working. Maybe even a tweaked gingerbread-kernel can be used for 2nd init, but it should not be possible with honeycomb or even ics. So i guess our best bet is to concentrate on the option luxxx123 is going to give us.
Wow...interest seems to be picking up! That's great.
the Xyboard is really a pretty good tablet.
What you guys are discussing is slightly over my head so i'll just lurk and help when i can.
The kernel version is 3.0.8 Does froyo go into the 3's? I thought it stopped at 2.6.
Sent from my Droid3 using xda app-developers app
Youre right... Froyo stopped at 2.6 but if i recall it correctly the hijack of 2nd init doesnt work with newer kernel versions. But i would be glad if i was wrong here
Gesendet von meinem XOOM 2 mit Tapatalk 2
I tried pulling the 2nd init and hijack from my Droid 3 which has Hash's Safestrap. I customized a few things for my Xyboard and put the files in place but it put it into a bootloop. You just may be right.
Sent from my Droid3 using xda app-developers app
I'll save you guy some trouble, boostrap and safestrap won't work, bootstrap hijack method will not work, bootstrap is open source and you can find all the stuff on github by koush, safe strap by hashofcode will not work, it utilizes the same hijack binaries of bootstrap, this is also open source on his github,
Both can be built from the source, with the recovery files build from cm9 or cm7 .
I have built the recovery and the bootstrap they simply do not work.
That said i have gotten rid of my two (I even at one point offered to send one of mine to a known developer, not one took me up on the offer that's why I learned how to do it myself.
Now someone here brought up a way that peaked my interest, syslinking the charge while battery off script to a custom script to boot into a custom recovery' (cwm or twrp) this seems like the most likely at this could be done.
Someone with some time could find the script in question and post it I'm sure myself or someone else could get something going.
Sent from my Nexus 7 using Tapatalk 2
Since Project Treble isn't coming officially, isn't it possible to just partition the phone manually using an unlocked bootloader, custom recovery, and other such tools, to then make the phone repartitioned in a way that supports Treble?
I'm not a developer but repartitioning the phone would be very tricky as it might also brick your device. OnePlus said this in their post about Trebble. This is assuming you do it via an OTA update, plugging in the phone to a computer might decrease the risk of bricking.
Again, I'm not a developer and don't have a lot of experience so someone else more experienced might pitch in and give their thoughts about this.
I had the same idea of manually installing project treble, I would really love to know if it's possible
I think our biggest hope is that LineageOS will maybe support it. But one thing is sure. If you stay on OOS even if you repartition your phone will not use treble as the OS will not even try to do that. It will work the same regardless of the extra partition.
Are the lineageOS developers working on supporting project treble ?
I may be wrong, but as far as I know, this is not really possible.
Getting project treble on your phone would imply that your firmware and OEM framework is compatible with this.
To give you an analogy, consider a PC running some version of Windows (since that's easier to explain). When a new version of windows is available, you don't have to upgrade firmware for your motherboard, your hard drive, sound card etc. This is because windows (or you yourself) will install the drivers necessary to communicate with your hardware.
This is possible because all OEMs subscribe to a certain contract.
Currently, Android ties in heavily to the device firmware, as the OEMs have to update their framework with each new iteration of Android. This is because until now, there was no exact contract defined for OEMs to subscribe to.
HAL and Treble are a step in the right direction to change this, but this cannot happen unless the OEMs rewrite the device framework to adhere to this new model or if someone invests their own time into doing so, if that is even possible.
Im not an Android developer, so I'm not right in all the points I've mentioned, but I've tried to clarify to the best of my own understanding.
Does anybody have any information about how to modify the HBOOT image, or installing an entirely different boot image (e.g. Das U-Boot) onto this device? Or on any device? I've searched various forums for posts regarding HBOOT but not finding any regarding this.
I recently found my G2 (and G1!) buried in storage. I'd forgotten how much I enjoyed using them, especially the G2. I did the root thing, installing TWRP and a KitKat-based ROM, but it is terribly slow, not least of which for its reported 384M usable RAM.
I like to think I've got a pretty good idea as to how Android devices (generally) boot up, and was thinking I've got a fair amount of practice under my belt building my own Linux kernels, and how I'd really like a Raspberry Pi (or variant), but this device already has everything I'd need for a "SBC"-style device.
If I could slap Das U-Boot on there, I think it'd be pretty easy to (try to) boot a Linux kernel and shell and then figure out laboriously what to do for hardware drivers. (For that matter, what's the G2's capability re: USB OTG?) If it's a matter of making actual changes to HBOOT to tell it to load something other than Android (or kernel followed by Android), I'd be fine with researching that and then doing the laborious building an optimized kernel and drivers.
I could also be talking out my ass and have not, in fact, really understood the Android booting process. But I need a project and it would be really cool if I could work on this, I just don't really know where to look beyond what I've read. I did read one sequence where somebody reported on how they actually did a dual-boot Debian/Android setup (literal dual-boot, not a Debian chroot, which involved him modding the boot image for his LG Optimus). I haven't had time to follow through with it to be sure I can apply any of his findings to HBOOT, but I suppose that might be the best place to start.
One other thing -- if I modify HBOOT and break something, is that a brick, or can I arbitrarily swap out boot images even if they don't work? Or, more directly, will I have a means to re-burn the original image even if I were to completely wipe it? Will fastboot or adb recognize the device and be able to communicate with its filesystem? Not that I'm worried too much about bricking it, but it'd be nice to minimize that chance before I just bite the bullet and try another boot image and cross my fingers.
Hi @dwkindig,
You don't need to install a bootloader other than HBOOT to install non-Android software. For instance, I have recently ported postmarketOS to the HTC Desire Z. So if you need a project to work on, check it out. There are a lot of things you could help out with .