5,605,311 Members 38,587 Now Online
XDA Developers Android and Mobile Development Forum

[DEV][THE S-OFF CAMPAIGN] We need electrical engineers & experts in JTAG, OpenOCD!

Tip us?
 
*se-nsei.
Old
(Last edited by *se-nsei.; 16th June 2012 at 10:59 PM.)
#1  
*se-nsei.'s Avatar
Senior Member - OP
Thanks Meter 498
Posts: 921
Join Date: Sep 2011
Location: London
Prompt [DEV][THE S-OFF CAMPAIGN] We need electrical engineers & experts in JTAG, OpenOCD!



DEVELOPERS!


THIS CAMPAIGN IS STILL GOING!

Please try to read the latest posts in this thread if you would like to help!


---

S-OFF is still needed! Don't get happy with your HTC unlocked bootloaders, you have no more warranty! You still can't resizie your system partitions! You still can't flash the hboot, and many other things! You can get your warranty back, if we crack S-OFF!!

Progress so far:

Quote:
Originally Posted by no.human.being View Post
Well I basically did a lot of of low-level (mostly hardware) stuff to the phone recently, not so much actual development. I found out how to configure OpenOCD (don't know whether the configuration is any good, since lots of values are more "good guesses" than actual knowledge but at least it's a starting point). I found how to get the board to boot without being attached to the Lithium cell which is not important for getting JTAG access (because this works as long as the board has power supply, being booted is not neccessary for JTAG to work) but will later be needed for tracing through the boot code, since the phone won't boot without what it thinks is a Lithium cell. However, I didn't get the debugger running yet. I suspect that the processor's logic level might be too low for the JTAG equipment. I don't really have an idea how to work around that yet, I might need to build a circuit that boosts the processor's JTAG signal to the appropriate voltage level (a so-called "level-shifter").

Apart from that munjeni and Antagonist42 also seem to make progress, but I must admit that I wasn't really able to keep track of all the things that they were doing recently. So basically we're now down at the actual physical layer and messing around with the electrical stuff that's going on on the phone's board and trying to find a way of actually talking to the processor to get the on-chip debugging working.

The far goal will be getting a patched HBOOT that has signature verification removed loaded into the device's memory via JTAG, then flash a patched HBOOT image via Fastboot. If this works it will be the first S-OFF GSM WFS that's neither shipped S-OFF nor turned S-OFF via xtc-clip, but this might still be a long long way.
SAMSUNG GALAXY NEXUS 16GB | 4.4.2 CM 11 NIGHTLIES
The Following 62 Users Say Thank You to *se-nsei. For This Useful Post: [ Click to Expand ]
 
nadmail
Old
#2  
Member
Thanks Meter 10
Posts: 69
Join Date: Nov 2011
Excellent OP. Can you add the A510a as well?
 
TrissyGE
Old
#3  
TrissyGE's Avatar
Senior Member
Thanks Meter 48
Posts: 224
Join Date: Oct 2011
Location: Langenfeld
Quote:
Originally Posted by nadmail View Post
Excellent OP. Can you add the A510a as well?
What´s the difference between A510e and A510a? I know the A510c is the cdma version
 
Wolf Pup
Old
(Last edited by Wolf Pup; 23rd December 2011 at 04:51 PM.) Reason: BECAUSE I LIKE DUCKS!
#4  
Wolf Pup's Avatar
Senior Member
Thanks Meter 289
Posts: 3,717
Join Date: Jan 2011
Location: I live in the TARDIS

 
DONATE TO ME
Quote:
Originally Posted by *se-nsei. View Post

There are two Wildfire S's:

1. CDMA - A510c
2. the neglected device most of us own - A510e

The CDMA version has been cracked and so has the Virgin model (hasn't got a SIM card slot). People have come very close but always fail and no one knows why.

Hmmmmm. So CDMA and Virgin (Slotless). This concludes that S-OFF is related to your phones network functionality. Perhaps, changing the network mode to CDMA might give us the ability to S-OFF our phones. Perhaps someone with an XTC-Clip could reverse-engineer it. Maybe JTAG.
Devices:
 

SGS3 Intl (Current Device)
HTC WFS (Stolen)
HTC TyTn (WM6)

Fun Stuff:
 

I have a TARDIS. All my messages are sent from my TARDIS. I also have a Sonic Screwdriver.
I'm a Doctor Who addict.
I like Minecraft
Quote:
Originally Posted by conantroutman View Post
You people make me sick......

If you wish, please drop me an internet. Thanks.
The Following 3 Users Say Thank You to Wolf Pup For This Useful Post: [ Click to Expand ]
 
breaky9973
Old
#5  
Member
Thanks Meter 6
Posts: 47
Join Date: Dec 2011
Quote:
Originally Posted by nadmail View Post
Excellent OP. Can you add the A510a as well?
And the A510b also (the same as the A510e but has HSDPA 850 instead of HSDPA 900)
The Following User Says Thank You to breaky9973 For This Useful Post: [ Click to Expand ]
 
ash_01
Old
#6  
Junior Member
Thanks Meter 2
Posts: 22
Join Date: Jul 2011
Location: mumbai
Can one of the moderators(or if someone who knows any moderator ask them to)PLEASE PLEASE PLEASE post this on Xda-Portal.
Hopefully that will attract more experienced developers and a faster development time.
And while we are at it we can also ask or BEG Team Revolutionary to start their WFS project again to help us out.
 
aparici
Old
#7  
aparici's Avatar
Senior Member
Thanks Meter 9
Posts: 152
Join Date: Oct 2010
Location: Castellon
Quote:
Originally Posted by ash_01 View Post
Can one of the moderators(or if someone who knows any moderator ask them to)PLEASE PLEASE PLEASE post this on Xda-Portal.
Hopefully that will attract more experienced developers and a faster development time.
And while we are at it we can also ask or BEG Team Revolutionary to start their WFS project again to help us out.
Yes, someone has to send this post to revolutionary, but please don't spam him or they with leave our wildfire s without s-off.
 
qiuness
Old
#8  
qiuness's Avatar
Senior Member
Thanks Meter 3
Posts: 260
Join Date: Jul 2007
Location: Brasov

 
DONATE TO ME
good idea!
Rooted LG G2
If i helped don't mind to hit thanks!
 
*se-nsei.
Old
#9  
*se-nsei.'s Avatar
Senior Member - OP
Thanks Meter 498
Posts: 921
Join Date: Sep 2011
Location: London
Remember to submit this to the portal! Contacting revolutionary is also a good idea.

Quote:
Originally Posted by nadmail View Post
Excellent OP. Can you add the A510a as well?
Quote:
Originally Posted by breaky9973 View Post
And the A510b also (the same as the A510e but has HSDPA 850 instead of HSDPA 900)
Done. Hope more devs will see this.
SAMSUNG GALAXY NEXUS 16GB | 4.4.2 CM 11 NIGHTLIES
 
infected85
Old
#10  
Member
Thanks Meter 19
Posts: 95
Join Date: Jul 2011
Location: Skopje
Done. I hope they will put it on the portal and that this will help us get more attention from the devs and revolutionary.

Tags
bootloader, campaign, dev, exploit, hboot, htc, kernel, radio, s-off, secu-flag, wildfire s
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes