[Q] Updating unlocked Vox

Search This thread
By:
Advanced…
tobbbie

tobbbie

Senior Member
Jan 5, 2007
1,452
252
Stuttgart
I could make a gold card for you, but I would need that card-ID. Possibly there are other methods to get that - or even write that to the card.

In revskills is also another (new for me) option which I had never exploited "Get CID using ADB". No clue how that works, probably a workaround for the missing WinMo device.

Strange that native Windows OS cannot retrieve that Card ID.

---------- Post added at 09:24 PM ---------- Previous post was at 09:16 PM ----------

ADB will not work - it seems to be the "Android Debug Bridge", so the Andriod option for what the ITSUtils do on the Windows Mobile side. No option for you...

---------- Post added at 09:50 PM ---------- Previous post was at 09:24 PM ----------

After some more googling it really seems impossible to retrieve the SD Card-ID via native means on the PC. There are some posting code that should work for readers attached directly to the PCI bus but that does not work via USB.

So back to start with Gold Card: you need a WinMo device.


Lets us try to debug the Modaco method in more detail:

The first cab should allow certificate installation, what does it say when you install that one?

Do you know hot get the registry data from your device? Could you post the path:
HKLM\Security\Policies\Policies\*
 
  • Like
Reactions: col320ce
tobbbie

tobbbie

Senior Member
Jan 5, 2007
1,452
252
Stuttgart
Two more items:

Windows Security Model (mentions Orange to be special...): http://technet.microsoft.com/en-us/library/cc512651.aspx

Orange supplied certificates from a security SW vendor:
http://de.sophos.com/support/knowledgebase/article/108111.html
I checked if the cab loads on smartphone, but the _setup.xml mentions "PocketPC" as platform, so it does not. I changed that string to "Smartphone" and put that to another cab which installs ok on my smartphone.

Try on yours and see if that opens the door for further getting security restrictions lifted.
 

Attachments

  • 108111-m2m_cert_installer-smartphone.cab
    2.3 KB · Views: 36
C

col320ce

Member
Dec 20, 2011
29
0
Lets us try to debug the Modaco method in more detail:

The first cab should allow certificate installation, what does it say when you install that one?

Do you know hot get the registry data from your device? Could you post the path:
HKLM\Security\Policies\Policies\*
Click to expand...
Click to collapse

Prep cab installed (after reset):
-<wap-provisioningdoc>
-<characteristic
type="SecurityPolicy">
<parm
name="4119"
value="144"/>
</characteristic>
</wap-provisioningdoc>

There are no other messages.

Registry Data:
Not sure if I have done this correctly but see attached screen shot.

Unfortunantly the cab file did not seem to unlock much. It ran ok but I re-did many of the things I have tried without change.
 

Attachments

  • reg-info.jpg
    reg-info.jpg
    80.8 KB · Views: 29
tobbbie

tobbbie

Senior Member
Jan 5, 2007
1,452
252
Stuttgart
The registry does not show signs of unlock. The value names are the hex of the policy in the cab, so the 4119 that should be changed to 144 is 1017(h) but that has still 128 as value - so no change done.
The key to remote access is the first policy - this should go to 1.

I think it is not worth to further follow unlocking the Orange locked OS policies. The Gold Card method will for sure work as it replaces the OS - so the only path to follow.
 
C

col320ce

Member
Dec 20, 2011
29
0
I may have got my wires crossed and missled you. The registry data above was only after the PREP.cab file

I have included a screenshot of the registry after the:
MoDaCo_Fix_Pack_0.5 cab
RemoveSecurity cab
and finally the cab you posted from the Security SW Vendor.

Not sure if this changes anything ...

Ignor this ... they are all the same I think.
 

Attachments

  • after-MoDaCo_Fix_Pack_0.5.jpg
    after-MoDaCo_Fix_Pack_0.5.jpg
    55.6 KB · Views: 25
  • after-remove-security.jpg
    after-remove-security.jpg
    82.7 KB · Views: 21
  • after-certificates-from-a-s.jpg
    after-certificates-from-a-s.jpg
    84.8 KB · Views: 18
Last edited:
tobbbie

tobbbie

Senior Member
Jan 5, 2007
1,452
252
Stuttgart
The sequence should be this:

  1. install the security SW Vendor cab. This should install additional certificates that allow better admin of the device.
    No matter when you installed that - further actions come only after this.
    Registry will not change here - only certificates that grant access to relevant signed applications.
  2. After this the security config manager from MS should work.
  3. You may also try the HTC Unlock, but I doubt this works right away.
Modaco or other scripts are not signed and will not work until above is done.
 
You must log in or register to reply here.

Similar threads

J
  • Sticky
Vox Update SPL (USPL) 1.16
Replies
171
Views
188K
M
mironio
J
  • Locked
  • Sticky
Vox S710 Sim Unlock
Replies
292
Views
143K
I
indtram
fireburned
[16 Feb 2009] WM6.1 CLEAN v1.4 / CUSTOM v1.0 ROMs (STABLE) for Vox
Replies
1K
Views
214K
andeld
andeld
Dr. Martin Gonzo
Windows mobile 6.1 v1.0b for Vox
Replies
521
Views
138K
Z
zhongjiezhe
fireburned
[15 Sep 2009] [WWE] WM6.5 CLEAN / CUSTOM v3.1 ROMs (STABLE) for Vox
Replies
434
Views
147K
M
Mrkblo

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    tobbbie
    tobbbie
    col320ce said:
    I've tried a few ROMs and not working straight from ROM. It gets to 3% or so and resets the phone and the application says there is a corrupt file.
    Click to expand...
    Click to collapse
    This is normal if the CID (Carrier ID) Check fails - you would be able to upload only Orange ROMs.
    col320ce said:
    When I use "SDA_ApplicationUnlock" I get a message "Phone is not unlockable".
    Click to expand...
    Click to collapse
    This means that the remote access (via PC) to alter data on the device is not allowed per relevant security policy (the RAPI policy). You need to change that from the device itself using a tool that has signed privileges to do this. The only tool which can do it is a signed registry editor. Luckily some guys have wrapped the editor into a macro script which can even be installed via an installation procedure from the PC. I had prepared a tool-kit for my Hurricane Kitchen that includes some more steps that do not work on the Vox. You can however take the tools in the "Prepare Security..." folder also on the Vox. You find the package here. As you have already SDA Unlock, install (run the .exe on the PC) and execute HTC Unlock on the device (from Start -> Accessories). This will alter the RAPI Policy that you can execute SDA Unlock later.
    col320ce said:
    Any ideas? Is it safe to do a factory reset or could I lose the unlocked status?
    Click to expand...
    Click to collapse
    Hard Rest will put the OS in the default state, so if you had HTC Unlock and SDA Unlock remove the application unlock (have you read my other post I recommended to read?), the SIM Unlock will not change - this is permanent. You would have to repeat the application unlock however as the default OS setting is that application execution is "locked" to signed applications.
    View
    1
    tobbbie
    tobbbie
    It seems that the Orange guys have taken special care to make your life hard here. Reason for the observed behavior:

    Usually the HTC certificates are installed on the HTC devices and any HTC signed application should so run on the device. As you see it does not - it seems that their devices have excluded the HTC default certificates :-(
    But we should find a way to get that cracked open...

    Microsoft has a security configuration manager tool: http://www.microsoft.com/download/en/details.aspx?id=998 which can handle security policies via the RAPI interface. It may be that it will not work for the same reason as SDA Unlock, but is worth a try. Install that on the PC and execute there when the device is on and connected via AS. When you see that the tool has recognized the connected device and received the security Config, then select Menu->Device->Add Development Certificates. Then select on the left side "Security Off" configuration and then push the "Provision" button. Hope that works.

    There is still one more option (Gold Card) - but this is a little more complicated. Two ways to flash then, not sure if both work, but flashing via micro-SD will for sure.
    View
    1
    tobbbie
    tobbbie
    Sigh...

    ok, let us then try the Gold Card Method, you need:


    1. a micro sd card, any size (small is welcome), no SDHC (so not >= 4GB). It should be fresh formatted with FAT32
    2. download revskills from http://psas.revskills.de/?q=node/6 and install on pc
    3. run it on pc
    4. connect device via AS, insert formatted SD card
    5. in revskills go to menu -> calculators... -> Gold Card
    6. Select Device Key: Vox
    7. Push "Get CID from WinCE..."
    8. Wait for Serial to change (device will prompt to allow itsutils to run) <- this may be a problem!
    9. Push "Write Goldcard....to WinceSD"
    10. done
    Leave the card in the device and start your intended update with any Stock ROM other than Orange, e.g. S710 from HTC. The Gold Card will grant SuperCID during SPL phase but still needs a valid signed ROM, hence cooked ROMs will not work here.


    If step 8.) does not work, you can use also use any other device for that as well.


    Good Luck!

    P.S.: what happened to your other device?!
    View
    1
    tobbbie
    tobbbie
    Why did you not drop THIS one?!

    To make a Gold Card you need a WinMo device that can execute the itsutils and have the sd card inserted. It can be ANY WinMo device and it can be any version of OS (WM5 and up for sure, not sure about WM2k3 but also this should work).

    Maybe you should try some Orange ROMs and see if there are some where the Modaco procedure works ok. I have one "ORANGE_1.35.61.1_4.1.13.60_03.18.90_Ship_phones_software.exe" which I could upload if this is not the one you have already.

    ---------- Post added at 11:51 AM ---------- Previous post was at 11:43 AM ----------

    The Orange one comes from here:
    http://www2.orange.co.uk/servlet/Sa...=Phone&pagename=Business&t=SMEDeviceDownloads
    View
    1
    tobbbie
    tobbbie
    This is a locked situation here. Orange Security settings on the old OS is preventing steps to open the door for updates. I doubt that older OS would be easier to handle - and I don't know of any that could straight away be flashed.

    Just the sketch the routes you could go (and have went already some), there are 3 ways to get another OS loaded via the SPL:

    1. Get a SuperCID to the device - this will allow any SW update via the original SPL. Not sure if this can be done on the Vox and how. I had one of my Tornado treated by imei-check.uk and they have done the SuperCID with the SIM Unlock. Ask them if this would happen with the E650 as well - costs you 10 GBP. Just like SIM-unlock, the SuperCID is permanent and survives any ROM update.
    2. Get the Gold Card key activated while flashing - you need an application unlocked WinMo device though. Just for a short time, lend it from anyone who has one (really no matter if smartphone, with touchscreen or buy the cheapest on ebay - however you may have more luck with 1.). Let us see how dead is your dropped device:
      • when connecting the charger or PC connected USB, is the charge LED getting on?
      • when switching on (with charged battery) is the LED getting on?
      • Is the LCD white or not lighted at all?
      • open/close the SIM slot (there is a little switch inside) and retry.
      • Are there physical damages like cracked housing, ripped cables, detached USB socket or broken LCD?
      • It is hard to believe that you cannot get any life out of the main PBA just having dropped the device. You may well get it to a state where it could be used to write the Goldcard. You will need to dis-assemble it however if cables would need re-attachment.
    3. Get the old OS application unlocked and load the new OS via patched temporary SPL (jumpSPL). Why not asking Orange for a solution to that problem? Tell them that you cannot load unsigned applications and that you want that restriction removed. They should be able to provide you with a signed cab-file that will do the needed changes - to get you going for the rest of the path.
    View

New posts