This is a copy of a post I made on the general/unlocking board. Posting here in case people are looking only at this forum:


I have just bought a Sofbank X03HT. It is locked up tight. I travel a lot and have SIMs for the places I go most so I want to unlock the SIM. I'd also like to unlock the applications so I can make reg edits as the mood strikes me.

But, none of the tools and/or tricks I have found on here or other sites works. I suspect the issue is with the certification. Have tried the AllowCertificateInstall but it doesn't seem to help. Also tried SurrealNetworksAppUnlock.cab. Again, no joy. Tried SDA Unlocker and the XDA (PDA) tools and tricks. Nada.

Here is what I've got:
Softbank Mobile (Japan)
X03HT (an HTC S730)
Windows Mobile 6 Standard
CE OS 5.2.1947
ROM version 1.71.761.1

Have you tried the deive security manager(maybe not this name)?
A tool in Microsoft Visual Studio 2008 (pro version)
Sorry, I only have chinease version

http://forum.xda-developers.com/attachment.php?attachmentid=93323&stc=1&d=1213705058

You can download it at
http://www.microsoft.com/downloads/details.aspx?familyid=83C3A1EC-ED72-4A79-8961-25635DB0192B&displaylang=en

for free 90days trial.
and it allowed you to adjust your handset security settings freely.

I have tried to my Vox, if i set to high level security, i can not run any apps without cert.

Still can not
We need a softbank cert.

http://forum.xda-developers.com/attachment.php?attachmentid=94037&stc=1&d=1213946690

Any ideas, anyone? I'm having the exact problem.

i have the same problem too....please help me...

i have the same problem too....please help me...

I think you must tried to confirm it to Jockyw2001, since only he who knows..:)

Don't confuse the various "unlock" for the Windows Mobile devices! There are 3 of them and to get rid of some you may need the others removed in advance, depending on the method.


Application Lock: Execution of applications or many other activities is secured on the windows mobile platform. There is a dedicated security model that distinguishes activities (what is done) and roles (who can do it). The assignment of roles to such activities is called policy. These policies are stored in the registry of the operating system and are only in place when the OS is up and running. Look up MSDN for mobile security policy to learn more.
It is common that many users who want to execute special applications want to have their devices "application unlocked".
CID Lock: This ties the ROM of an operator to the device it is loaded. This way the operators make sure that users are not buying a subsidized phone and replace the ROM on them with non customized ones. This lock is treated in the SPL (Secondary Program Loader) and checks on data that are stored encrypted in the ROM outside the normal flash areas. Other ROMs (the OS in them) may not be as restrictive set up on the application lock if you really were after this (I doubt is). Loading any ROM can be achieved by either

Super-CID the phone: This allows the onboard SPL to pass the CID check and continue with the ROM flashing process.

You either replace the operator CID with the Super CID in the encrpyted block by special tools that can calculate the CID and write to the encrypted block (itsutils). To run these tools, the device must be properly application unlocked. Several frameworks have been created to guide this activity, but more recent devices cannot be cracked this way any more to my understanding.
Or you can have a device be temporarily have the "Super CID rights by inserting a "GoldCard" into the device. This is a normal memory card which has a device specific key written to the bootsector of the card. The bootsector written to the card is specific to the HW serial number of the memory card. The only tool I know that can write this is "PSAS" from http://psas.revskills.de. You need to have a working application unlocked Windows Mobile device for that as also here itsutils are used for some parts of the job.


Replace the SPL

either temporarily (jumpSPL, HARET) by loading the code for upgrade in the RAM
or permanently by flashing the SPL to the device. This requires one temporary use to have it done permanently, of course.




SIM lock. This is most commonly know "lock" as it links the device usage to the SIM card of an operator. I am not aware of the reference that this linkage is done (but I suspect IMSI + parts of the MSISDN), but the final place to store that is done again in an encrypted area of the ROM that is outside any normal flash region, so it cannot be removed with any ROM update. Also here several services exist from people that know how to deal with encrypted data. A well known user is jockyw2001 for that, but there also exist commercial services that do that for reasonable prices on older devices. I made good experience with http://www.imei-check.co.uk/ who are very responsive and as I understood their service will both SIM unlock and Super-CID your device (at least for Tornado).

Be warned: messing with the encrypted block in an unqualified way (for CID or SIM unlock) may leave your device useless for telephony use. Inserting a SIM in the device will return the message "data crashes, please contact your service center" when you try to get radio access.

Don't confuse the various "unlock" for the Windows Mobile devices! There are 3 of them and to get rid of some you may need the others removed in advance, depending on the method.


Application Lock: Execution of applications or many other activities is secured on the windows mobile platform. There is a dedicated security model that distinguishes activities (what is done) and roles (who can do it). The assignment of roles to such activities is called policy. These policies are stored in the registry of the operating system and are only in place when the OS is up and running. Look up MSDN for mobile security policy to learn more.
It is common that many users who want to execute special applications want to have their devices "application unlocked".
CID Lock: This ties the ROM of an operator to the device it is loaded. This way the operators make sure that users are not buying a subsidized phone and replace the ROM on them with non customized ones. This lock is treated in the SPL (Secondary Program Loader) and checks on data that are stored encrypted in the ROM outside the normal flash areas. Other ROMs (the OS in them) may not be as restrictive set up on the application lock if you really were after this (I doubt is). Loading any ROM can be achieved by either

Super-CID the phone: This allows the onboard SPL to pass the CID check and continue with the ROM flashing process.

You either replace the operator CID with the Super CID in the encrpyted block by special tools that can calculate the CID and write to the encrypted block (itsutils). To run these tools, the device must be properly application unlocked. Several frameworks have been created to guide this activity, but more recent devices cannot be cracked this way any more to my understanding.
Or you can have a device be temporarily have the "Super CID rights by inserting a "GoldCard" into the device. This is a normal memory card which has a device specific key written to the bootsector of the card. The bootsector written to the card is specific to the HW serial number of the memory card. The only tool I know that can write this is "PSAS" from http://psas.revskills.de. You need to have a working application unlocked Windows Mobile device for that as also here itsutils are used for some parts of the job.


Replace the SPL

either temporarily (jumpSPL, HARET) by loading the code for upgrade in the RAM
or permanently by flashing the SPL to the device. This requires one temporary use to have it done permanently, of course.




SIM lock. This is most commonly know "lock" as it links the device usage to the SIM card of an operator. I am not aware of the reference that this linkage is done (but I suspect IMSI + parts of the MSISDN), but the final place to store that is done again in an encrypted area of the ROM that is outside any normal flash region, so it cannot be removed with any ROM update. Also here several services exist from people that know how to deal with encrypted data. A well known user is jockyw2001 for that, but there also exist commercial services that do that for reasonable prices on older devices. I made good experience with http://www.imei-check.co.uk/ who are very responsive and as I understood their service will both SIM unlock and Super-CID your device (at least for Tornado).

Be warned: messing with the encrypted block in an unqualified way (for CID or SIM unlock) may leave your device useless for telephony use. Inserting a SIM in the device will return the message "data crashes, please contact your service center" when you try to get radio access.
ok...
Tell me.. if i don't have a SHIP ROM, then what i must do??
How to unbrick my device -> Monet??