So, I guess I have to say something here. Sorry for my late reply but I've been the last two days in travel with very limited internet connection (I couldn't even see the modaco thread on the subject).
As arc said before, the method used to patch a radio was first developed by mamaich and itsme, at the time imei-check only unlocked HTC universal by physically sending the device to them. After buzz_lightyear published the free HTC universal unlocker, imei-check probably copied this method and started selling the universal unlocker without needing to physically send them the device.
Hermes uses a radio chip very similar to universal, so imei-check applied this method to hermes radio too. The patch used in the free Hermes Unlocker I published was taken from imei-check unlocker and I have never hidden this fact, I studied the hermes imei-check unlocker and published my results in this forum, you can still read the "reverse engineering thread" here
. The main difference between their unlocker and the free one I published is that they hot patch the radio and I flash an already patched radio.
Free Hermes unlocker v1 & v2 needed an SPL-1.04 in hermes, because it was possible to directly access the radio via 'rtask' command, this prevented users with SPL > 1.04 to unlock their devices using the free unlocker, but in the reversing thread I had published the files which allowed to downgrade the bootloader using the so called "SoftSPL or RAM bootloader" from imei-check unlocker, these files where removed about 32 hours after I published them because I received a PM from Florin Mandache claiming this was IMEI-check copyrights stuff. Some people had already downloaded this and there was people posting a file called "downgrade_SPL.rar" which contained this imei-check method to downgrade the SPL, I (and other moderators from XDA-Developers) removed all the attachments and links to this file people was posting while there was no alternative method to downgrade the bootloader. Then, Des came with SSPL
, which allowed to load a patched bootloader in RAM and jump into it (the same way HaRET does with the Linux kernel since 2003, imei-check started in 2004) and I published Free Hermes Unlocker v3 which included Des SSPL to flash unsigned code and didn't need to downgrade the bootloader.
All the devices using the Qualcomm MSM6275 share the same radio code, so Hermes, Trinity, Breeze, Athena and Treo 750 unlockers are basically the same as Hermes unlocker. I published the Hermes & Trinity ones, because I have this devices, and SSPL was available to flash unsigned code on them. Olipro published the Athena unlocker which also uses the patched radio, but it does not need SSPL as the SPL is written to DOC (Disc-On-Chip) using itsme's pdocwrite, so it does not need "RAM bootloader". stepw and me also published an alternative method to RAM bootloader valid to Trinity devices, with source code available, which takes advantage of an stack overflow flaw
present in Trinity's bootloader.
Then machinagod, esteve and me modified haret code, we placed the patched bootloader in ram using psetmem (from itsme, itsutils) and then jumped into its address using the modified HaRET. This modified HaRET version is used in CID unlockers from Artemis, Elf, Excalibur, Vox, Herald, Titan and Wizard G4.
Then esteve and me coded JumpSPL
, which is basically a stripped-down version of HaRET that allows placing the SPL in RAM and jump into it, the source code is also available and has nothing from imei-check, besides if you want they where the first to implement this method, but even without looking at his unlocker anyone would think of this method --as HaRET author did in 2003-- to run custom code (or a patched SPL, it doesn't matter) on a WinCE device.
After the release of JumpSPL, we can load patched bootloaders on ANY device, so Olipro took JumpSPL and used it to flash the patched radio from hermes (with the imei-check patch) in Treo750 and published a free SIM unlocker for Treo.
Regarding donations, I have spent lot way more money in HTC devices than I have earned via donations. For the curious I've made approximately $1700 since I started using donation buttons, not all of the donations coming from the Hermes unlocker, I have also helped countless people to unbrick their devices, released free tools to flash HTC devices from Linux, create splash screens, CID unlock other devices, etc... none of those tools contain anything from imei-check. I do this as a hobby and my real life job has nothing to do with PDA phones or HTC devices.
Regarding the use of Florin's birthday in hermes unlocker, of course I know you can unlock using any code, see comment #18 in this thread
, dated January 2007 where I say "allow to SIM unlock it using any MSL code
". But I thought leaving his birthday there was cool
I don't know if imei-check has the solution to SIM unlock Kaiser or not, I have released a CID unlocker for the Kaiser, and I am researching on a method to SIM unlock it, not because I want to make money out of it, because I see it as a personal challenge and I am curious about how the Qualcomm 7200 works. I don't know if I will be able to provide a solution to unlock Kaiser or not, I am not saying that I am better than imei-check, I admire their work even I don't like their way of doing a business out of it.
The main difference between Florin Mandache from imei-check and me is that if we both invented a machine to produce bread by spontaneous generation, I will allow to clone the machine to end with the hunger in the third world, and he will just sell the bread.
Finally, these are the emails that Florin and me exchanged the last two days:
To: unlocksupport at imei-check
Date: Mon, 8 Oct 2007 21:40:14 +0200
I'm sad to see what you have put in here:
I think we've always been able to talk friendly as adults. I've always
removed your copyrighted material as soon as you've requested it and
replied to your requests fast.
This time is me kindly requesting you to remove the contents of this
page. I'm sorry for the troubles I might have caused you, it was not
BTW, congratulations on the kaiser SIM unlock.
Reply from imei-check:
From: unlocksupport at imei-check
Subject: RE: kaiserunlock.php
Date: Mon, 8 Oct 2007 21:00:31 +0100 (BST)
If you want this removed please add the missing credits (imei-check for
invention of RAM-BOOT-LOADER) to all your posts and readme files and
also to say clear in ALL unlockers (also from your gang,ATHENA and P750)
that it is based on the stolen RADIO patch from IMEI-CHECK.CO.UK.
Also we can't understand how you can seen that page when the page is
not published yet (live on the main page).
BTW: Removing YOUR copyright violations is not a favour from you... It
was a favour from us not to take legal steps against you immediately.
Reply from me:
To: [email protected]
Date: Tue, 9 Oct 2007 16:13:30 +0200
Sorry for the late reply, I'm on travel and don't have much time those days.
> If you want this removed please add the missing credits (imei-check for invention of
> RAM-BOOT-LOADER) to all your posts and readme files and also to say clear in ALL
> unlockers (also from your gang,ATHENA and P750) that it is based on the stolen RADIO
> patch from IMEI-CHECK.CO.UK.
I can modify my posts and readme files for the hermes & trinity
unlockers for the radio, but regarding the "ram bootloader", I don't
think that's your invention... my unlockers use Des SSPL and AFAIK
HaRET (which as you should know is basically the same idea, but using
a Linux kernel instead of a bootloader) exists since early 2003.
Regarding Olipro's posts & readme's, is up to him if he wants to edit
them or not, i can't do nothing about it.
> Also we can't understand how you can seen that page when the page is not published
> yet (live on the main page).
At the time I wrote you I received 2 PM from different persons, now
I've received 6 or 7, and some links to a "modaco" page which no
longer exists (I have no idea what was in there).
> BTW: Removing YOUR copyright violations is not a favour from you... It was a favour from
> us not to take legal steps against you immediately.
Thanks then, I really appreciate that.
PS: I can't understand why you have done this now in such a personal
attack to me, if you wanted credit in the hermes & trinity unlockers
you could just PM me and request it, you know from other times we've
exchanged PMs that I am a person open to dialogue.
Please remove all references directed to me in your webserver and I
will add the proper credit to imei-check radio patch in hermes &
trinity unlockers. And I hope we can end it here, without any more
waste of time for you and for me.
> IMEI-CHECK Team
That's my side of the story, now judge yourselves.