[HOW-TO] (S-OFF REQUIRED!) Downgrade to HBOOT 1.44

andybones · Sep 17, 2013

lluke04 said:
Please bare with me... I don't understand what you are say. Is the file Sonic posted HBOOT 1.44 good or bad and should I should I not flash it? I don't want to mess with anything I don't have to. I must have misread his post earlier. I thought he said to be on the safe side flash 1.44.

EDIT:

Originally Posted by Sonic2756 View Post
Eh. Apparently you can't S-ON with even a older stock bootloader. Which is probably good because apparently the phone would have refused to boot with S-ON and 1.44 flashed. Either way I would leave 1.44 flashed as a just in case. Especially since it's not an easy fix if something S-OFF related goes wrong.

Certainly wasn't implying Sonic doesn't know what he is doing..
I was implying that the people that don't understand what this is, be careful.
flashing an hboot there is always risk of brick..
but with S-OFF there is always a risk with brick really, that's what makes S-OFF so desirable, you can do with the phone as you please.

If Sonic says that that hboot is safer, then that is the route I would go.
He is a very smart man and very glad we have him!
otherwise this forum would be deaddd
thanks again Sonic!
now the waiting game to get the phone back

---------- Post added at 09:24 AM ---------- Previous post was at 09:09 AM ----------

Sonic2756 said:
fastboot oem writesecureflag 1 works.
fastboot oem writesecureflag 3 fails due to hboot check.

I'm not sure if revone offers the ability to turn S-ON actually, I'll keep looking into it after my homework is done.

looking at the revone site, I am sure you already tried this but
"Reverting to S-ON (updated)

* ./revone -l
* fastboot oem writesecureflag 3"

have you tried the first command?
./revone -l
or do you do the first command, then the fastboot oem writesecureflag 3?

deli pastrami · Sep 17, 2013

Ugh...another incoming nub question as I am also confused.
Are these the correct steps to take?

1)get phone s-off from sonic
2)flash this 1.44 ruu
3)htc dev unlock
4)revone su
5)recovery
6)install rom

sorry for the noob question

also what does this mean "Edit: You're going to have to edit the android-info.txt to match your device info."

isdnmatt · Sep 17, 2013

S-ONing a device with an unsigned HBOOT will brick the device no question. That's why secureflag 3 is failing, it checks the signature on the HBOOT before changing the flag.

If you look at the revision of revone, they used to allow you to use revone to S-ON, but it bypassed the signature checks so they removed it.

The same security against random S-ON can be achieved by flashing a hex edited 1.54 HBOOT. As soon as anything in the HBOOT is changed from factory, it will no longer pass signature checks and will deny the secure flag change.

andybones · Sep 17, 2013

isdnmatt said:
S-ONing a device with an unsigned HBOOT will brick the device no question. That's why secureflag 3 is failing, it checks the signature on the HBOOT before changing the flag.

If you look at the revision of revone, they used to allow you to use revone to S-ON, but it bypassed the signature checks so they removed it.

The same security against random S-ON can be achieved by flashing a hex edited 1.54 HBOOT. As soon as anything in the HBOOT is changed from factory, it will no longer pass signature checks and will deny the secure flag change.

thank you for this, I knew this, but totally slipped my mind!
this is great info!
esp once/if ENG hboots come for us or the regawMOD customizer.

lluke04 · Sep 17, 2013

andybones said:
Certainly wasn't implying Sonic doesn't know what he is doing..
I was implying that the people that don't understand what this is, be careful.
flashing an hboot there is always risk of brick..
but with S-OFF there is always a risk with brick really, that's what makes S-OFF so desirable, you can do with the phone as you please.

If Sonic says that that hboot is safer, then that is the route I would go.
He is a very smart man and very glad we have him!
otherwise this forum would be deaddd
thanks again Sonic!
now the waiting game to get the phone back

---------- Post added at 09:24 AM ---------- Previous post was at 09:09 AM ----------

looking at the revone site, I am sure you already tried this but
"Reverting to S-ON (updated)

* ./revone -l
* fastboot oem writesecureflag 3"

have you tried the first command?
./revone -l
or do you do the first command, then the fastboot oem writesecureflag 3?

Thanks you sir!

---------- Post added at 11:33 AM ---------- Previous post was at 11:29 AM ----------

isdnmatt said:
S-ONing a device with an unsigned HBOOT will brick the device no question. That's why secureflag 3 is failing, it checks the signature on the HBOOT before changing the flag.

If you look at the revision of revone, they used to allow you to use revone to S-ON, but it bypassed the signature checks so they removed it.

The same security against random S-ON can be achieved by flashing a hex edited 1.54 HBOOT. As soon as anything in the HBOOT is changed from factory, it will no longer pass signature checks and will deny the secure flag change.

How do you flash a hex edited 1.54 HBOOT? I understand the concept which is great, cause we don't want the random S-On... I just didn't get the part about hex edited 1.54 HBOOT.

Thanks for everyone's help!

isdnmatt · Sep 17, 2013

lluke04 said:
Thanks you sir!

---------- Post added at 11:33 AM ---------- Previous post was at 11:29 AM ----------

How do you flash a hex edited 1.54 HBOOT? I understand the concept which is great, cause we don't want the random S-On... I just didn't get the part about hex edited 1.54 HBOOT.

Thanks for everyone's help!

Someone has to make one first, should happen pretty quickly once people start getting their phones back. Mine should show up tomorrow hopefully and I'll start taking a look.

lluke04 · Sep 17, 2013

isdnmatt said:
Someone has to make one first, should happen pretty quickly once people start getting their phones back. Mine should show up tomorrow hopefully and I'll start taking a look.

Thanks!

Pete450 · Sep 17, 2013

Sorry, I'm a little confused, can someone please confirm what I am understanding:
Flashing a downgraded or hex edited hboot will prevent from accidentally going s-on, thus, preventing accidental brick?

Edit: Isn't it easier to brick while s-off, because you can flash anything to the device, even if its wrong?

isdnmatt · Sep 17, 2013

peteschlabar said:
Sorry, I'm a little confused, can someone please confirm what I am understanding:
Flashing a downgraded or hex edited hboot will prevent from accidentally going s-on, thus, preventing accidental brick?

Edit: Isn't it easier to brick while s-off, because you can flash anything to the device, even if its wrong?

You can flash whatever you want (including things that will brick it) with S-OFF. You just can't turn S-ON with unsigned HBOOT (because that would brick it only for security reasons) because it now checks the signature before changing the secure flag.

msisaac · Sep 17, 2013

Seems that there is confusion about exactly what hboot 1.44 provides. Hopefully I'm understanding this correctly as I don't want to give people bad information...

If you S-OFF your phone, then downgrade HBOOT to 1.44 from 1.54, this will effectively prevent Verizon or yourself from accidentally or purposely S-ONing the phone again. The phone will refuse to S-ON because the signature check on hboot 1.44 will fail. So the phone will essentially be permanently stuck in S-OFF, which is a good thing if you want to remain S-OFF. If that's not correct, then please someone with more knowledge of these things please correct me so that everyone can understand.

This won't prevent you from bricking your device from bad flashes. In fact, it's just the opposite. With S-OFF, the chances of you bricking your phone are HIGHER because there are no more security checks preventing bad flashes.

Other than preventing S-ON, does 1.44 provide any other benefits or have any shortcomings over the 1.54 hboot?

isdnmatt · Sep 17, 2013

msisaac said:
Seems that there is confusion about exactly what hboot 1.44 provides. Hopefully I'm understanding this correctly as I don't want to give people bad information...

If you S-OFF your phone, then downgrade HBOOT to 1.44 from 1.54, this will effectively prevent Verizon or yourself from accidentally or purposely S-ONing the phone again. The phone will refuse to S-ON because the signature check on hboot 1.44 will fail. So the phone will essentially be permanently stuck in S-OFF, which is a good thing if you want to remain S-OFF. If that's not correct, then please someone with more knowledge of these things please correct me so that everyone can understand.

This won't prevent you from bricking your device from bad flashes. In fact, it's just the opposite. With S-OFF, the chances of you bricking your phone are HIGHER because there are no more security checks preventing bad flashes.

Other than preventing S-ON, does 1.44 provide any other benefits or have any shortcomings over the 1.54 hboot?

Yes. Well explained.

With regards to benefits or shortcomings, we really don't know yet since not many people are using it and we don't exactly have patch notes for HBOOTs.

Sonic2756 · Sep 17, 2013

msisaac said:
Seems that there is confusion about exactly what hboot 1.44 provides. Hopefully I'm understanding this correctly as I don't want to give people bad information...

If you S-OFF your phone, then downgrade HBOOT to 1.44 from 1.54, this will effectively prevent Verizon or yourself from accidentally or purposely S-ONing the phone again. The phone will refuse to S-ON because the signature check on hboot 1.44 will fail. So the phone will essentially be permanently stuck in S-OFF, which is a good thing if you want to remain S-OFF. If that's not correct, then please someone with more knowledge of these things please correct me so that everyone can understand.

This won't prevent you from bricking your device from bad flashes. In fact, it's just the opposite. With S-OFF, the chances of you bricking your phone are HIGHER because there are no more security checks preventing bad flashes.

Other than preventing S-ON, does 1.44 provide any other benefits or have any shortcomings over the 1.54 hboot?

You can use revone for lock/unlock and to remove tampered.

Sent from my M7 using XDA Premium 4 mobile app

Zwitterion · Sep 17, 2013

Thanks, but there is still an ambiguity in what is written below that I would like cleared up. When you say the chances of bricking your phone is higher because of the possibility of a bad flash, are you saying so because S-Off gives folks the chance to flash anything to anywhere OR that the lack of security checks means that something otherwise safely flashed (i.e. a ROM through recovery) is now more dangerous because of the deactivation of built-in security checks? In other words, is there any difference in danger of flashing something with S-OFF that could otherwise be successfully flashed when only having an unlocked bootloader?

I want to flash ROMs like I did with my Galaxy Nexus. I have no interest in flashing radios, splashscreens or tampering with sensitive partitions. My reason for getting S-OFF is that it is currently the only way to get an unlocked bootloader. But I will not have this done if makes otherwise safe flashing, dangerous.

Any clarity would be appreciated.

msisaac said:
This won't prevent you from bricking your device from bad flashes. In fact, it's just the opposite. With S-OFF, the chances of you bricking your phone are HIGHER because there are no more security checks preventing bad flashes.

scotty1223 · Sep 18, 2013

Sonic2756 said:
fastboot oem writesecureflag 1 works.
fastboot oem writesecureflag 3 fails due to hboot check.

I'm not sure if revone offers the ability to turn S-ON actually, I'll keep looking into it after my homework is done.

Were you using revone,or just fastboot commands? What was the exact error you recieved?

scotty1223 · Sep 18, 2013

godhamba said:
Thanks, but there is still an ambiguity in what is written below that I would like cleared up. When you say the chances of bricking your phone is higher because of the possibility of a bad flash, are you saying so because S-Off gives folks the chance to flash anything to anywhere OR that the lack of security checks means that something otherwise safely flashed (i.e. a ROM through recovery) is now more dangerous because of the deactivation of built-in security checks? In other words, is there any difference in danger of flashing something with S-OFF that could otherwise be successfully flashed when only having an unlocked bootloader?

I want to flash ROMs like I did with my Galaxy Nexus. I have no interest in flashing radios, splashscreens or tampering with sensitive partitions. My reason for getting S-OFF is that it is currently the only way to get an unlocked bootloader. But I will not have this done if makes otherwise safe flashing, dangerous.

Any clarity would be appreciated.

its being said that the risk is higher with s off,becasue the phone will let you flash a critical partition with an unsigned file. i.e.,a corrupt or damaged,incomplete fbootloader or radio file will brick the device. if you dont flash anything other than roms in recovery,you are fine. flash away.

just use caution if you flash ANYTHING via the bootloader: know what youre flashing and why,and check the integrity of your download with an md5 summer.

Pete450 · Sep 18, 2013

scotty1223 said:
...
just use caution if you flash ANYTHING via the bootloader: know what youre flashing and why,and check the integrity of your download with an md5 summer.

This is a very important step that must not be skipped for any reason, unless you enjoy expensive paper weights.

andybones · Sep 18, 2013

so technically since my phone will be coming back with the tampered flag, if I cared enough to remove it, I would flash this hboot, then use the revone code to remove the tampered, then I could technically flash back to our stock hboot and stock CID?

isdnmatt · Sep 18, 2013

andybones said:
so technically since my phone will be coming back with the tampered flag, if I cared enough to remove it, I would flash this hboot, then use the revone code to remove the tampered, then I could technically flash back to our stock hboot and stock CID?

Yes. Assuming that HBOOT is susceptible of course. Not enough of us have our phones to play!

scotty1223 · Sep 18, 2013

andybones said:
so technically since my phone will be coming back with the tampered flag, if I cared enough to remove it, I would flash this hboot, then use the revone code to remove the tampered, then I could technically flash back to our stock hboot and stock CID?

That is correct. Just make sure you're careful with your hboot file

Sent from my HTC One X using Tapatalk 2

andybones · Sep 18, 2013

isdnmatt said:
Yes. Assuming that HBOOT is susceptible of course. Not enough of us have our phones to play!

scotty1223 said:
That is correct. Just make sure you're careful with your hboot file

Sent from my HTC One X using Tapatalk 2

perfect, thank you guys very much.
I don't think I will be doing it, all I care about in that screen is it saying S-OFF, tampered doesn't phase me personally.

I still think it'd be cool to have this for our phone.
It was a lot of fun playing with it on the Inc4
http://xdaforums.com/showthread.php?t=1786498

[HOW-TO] (S-OFF REQUIRED!) Downgrade to HBOOT 1.44

Retired Forum Moderator / Inactive RD

Senior Member

Senior Member

Retired Forum Moderator / Inactive RD

Member

Senior Member

Member

Senior Member

Senior Member

Member

Senior Member

Senior Member

Senior Member

Inactive Recognized Contributor

Inactive Recognized Contributor

Senior Member

Retired Forum Moderator / Inactive RD

Senior Member

Inactive Recognized Contributor

Retired Forum Moderator / Inactive RD

Similar threads

Top Liked Posts