Post Reply

[HOW TO] Idiot proof your s-off device

28th February 2014, 10:22 PM   |  #1  
cschmitt's Avatar
OP Senior Member
Thanks Meter: 1,757
 
1,500 posts
Join Date:Joined: Feb 2012
It occurred to me that there have been a number of 'I went s-on and relocked my bootloader, etc.' posts that have ended badly-- no RUU to flash, unable to return to stock or a working rom.

Now I'm not saying these folks are idiots, more likely just unfortunate mistakes. I myself am prone to the occasional derp.

That got me thinking about how to protect an s-off device from an accidental 'fastboot oem writesecureflag 3' that would leave me crying.

Basically, 4 things:

1. Find an RUU and tuck it away. For me, with an AT&T One, its 1.29.1540.16 from htc1guru. Why this RUU? Well it has a very old hboot 1.44.0000 (pre June, 2013) that is easy to s-off with revone, and can be unlocked via HTC Dev. Also, they are very easy to come by on sites like HTC Dev, htc1guru, etc.

2. Change CID to match what the RUU expects:
Code:
fastboot oem writecid BS_US001
The CID doesn't really matter for anything else, unless you plan on taking an OTA directly.

3. Make sure MID matches what the RUU expects as well: PN0712000 (which matches my AT&T device already.) If not then change it to match with the eng hboot (I won't go into that here, but if you've changed it once already then you're familiar with the process.)

4. Lastly, and most important: flash the hboot and change the firmware main version so that it matches what the 'rescue RUU' is expecting. For me, that's hboot 1.44.000 and 1.29.1540.16 so I created the attached 'firmware_reset_1.29.1540.16.zip' that can be flashed via:
Code:
fastboot oem rebootRUU
fastboot flash zip firmware_reset_1.29.1540.16.zip
and it does nothing more than flash hboot 1.44.0000 and the android-info.txt resets the mainver to 1.29.1540.16 in the process.

This last step is important because with s-on you cannot RUU a downgrade hboot or mainver, so having hboot 1.44.0000 and mainver 1.29.1540.16 will allow the 'rescue RUU' to do it's thing.


So now we're all set. If things go south at some point and I need to get back to a known good, I can flash the RUU exe (even if s-on and locked), then unlock via HTC Dev, flash a custom recovery, root, and go.
Attached Files
File Type: zip firmware_reset_1.29.1540.16.zip - [Click for QR Code] (486.0 KB, 29 views)
Last edited by cschmitt; 28th February 2014 at 10:25 PM.
The Following User Says Thank You to cschmitt For This Useful Post: [ View ]
1st March 2014, 02:24 AM   |  #2  
n1234d's Avatar
Senior Member
Flag Mumbai
Thanks Meter: 195
 
684 posts
Join Date:Joined: Aug 2013
More
[HOW TO] Idiot proof your s-off device
Quote:
Originally Posted by cschmitt

It occurred to me that there have been a number of 'I went s-on and relocked my bootloader, etc.' posts that have ended badly-- no RUU to flash, unable to return to stock or a working rom.

Now I'm not saying these folks are idiots, more likely just unfortunate mistakes. I myself am prone to the occasional derp.

That got me thinking about how to protect an s-off device from an accidental 'fastboot oem writesecureflag 3' that would leave me crying.

Basically, 4 things:

1. Find an RUU and tuck it away. For me, with an AT&T One, its 1.29.1540.16 from htc1guru. Why this RUU? Well it has a very old hboot 1.44.0000 (pre June, 2013) that is easy to s-off with revone, and can be unlocked via HTC Dev. Also, they are very easy to come by on sites like HTC Dev, htc1guru, etc.

2. Change CID to match what the RUU expects:

Code:
fastboot oem writecid BS_US001
The CID doesn't really matter for anything else, unless you plan on taking an OTA directly.

3. Make sure MID matches what the RUU expects as well: PN0712000 (which matches my AT&T device already.) If not then change it to match with the eng hboot (I won't go into that here, but if you've changed it once already then you're familiar with the process.)

4. Lastly, and most important: flash the hboot and change the firmware main version so that it matches what the 'rescue RUU' is expecting. For me, that's hboot 1.44.000 and 1.29.1540.16 so I created the attached 'firmware_reset_1.29.1540.16.zip' that can be flashed via:
Code:
fastboot oem rebootRUU
fastboot flash zip firmware_reset_1.29.1540.16.zip
and it does nothing more than flash hboot 1.44.0000 and the android-info.txt resets the mainver to 1.29.1540.16 in the process.

This last step is important because with s-on you cannot RUU a downgrade hboot or mainver, so having hboot 1.44.0000 and mainver 1.29.1540.16 will allow the 'rescue RUU' to do it's thing.


So now we're all set. If things go south at some point and I need to get back to a known good, I can flash the RUU exe (even if s-on and locked), then unlock via HTC Dev, flash a custom recovery, root, and go.

This is nice, but then people say "I want to go back to stock for warranty" and mess up the order of steps, and mess up their phones as a result..
Secondly, that is a very old bootloader, and it won't work with us people who have windows 8.1. Then you'll have to go around explaining to everyone how to recover from a partial flash of their RUU.
Also, changing MID isn't dangerous any longer. There's a method if doing it without flashing the eng bootloader.
Thirdly, if you're gonna modify the mainver inside android-info, it's gonna get unsigned, even an hboot outside of an RUU will be unsigned, so it isn't gonna work with s-on..

Also, the CID does matter for other stuff except OTAs/RUUs, it provides localised languages in system and keyboard, as well as the lyrics content changes (although here it's beneficial to have a US CID)
Just think these points over..
I'd say the best way to idiot proof it would be never to go s-on, so although they can mess stuff bad with s-off, at least it's recoverable. For Canadian users, while going back to stock, flash the oldest ruu you find, and then first set your bootloader status to "locked", flash the RUU, and only then go back s-on, take OTAs After you go s-on, I've heard that the command doesn't work well with phones having bootloader 1.55 and onwards.

(Edit) misunderstood your point about flashing the bootloader/changing the mainver,
but even if you do it while s-off, that'd still be, well, not ideal..

Sent from my iPod touch using Tapatalk
Last edited by n1234d; 1st March 2014 at 02:29 AM.
1st March 2014, 03:22 AM   |  #3  
cschmitt's Avatar
OP Senior Member
Thanks Meter: 1,757
 
1,500 posts
Join Date:Joined: Feb 2012
I'm certain it's not a solution that's perfect for everyone, really a starting point to be tailored to your specific device, region, and available ruu.

The whole going back to stock is something I'd rarely do, but wanted to have a plan if needed.

Absolutely agree that staying s-off is the best bet.

Do appreciate your comments.
Last edited by cschmitt; 1st March 2014 at 03:24 AM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Top Threads in One General by ThreadRank