Welcome to the club.Same here man..
[WARNING] Don't Hard Brick Your Atrix! Look Here.
- Thread starter kennethpenn
- Start date
-
- Tags
- tag2
Hi,while my method will *probably* not work
i have just returned from walmart with a soldering iron and some cheapo micro-usb chargers
i am going to start working on making a Factory Cable that will allow me to access the phone from a computer WITHOUT the battery.
if i can get this to work, we'll never have to worry about hard-bricking again, just obtaining factory cables
wish me luck
Have you diagram of the factory cable? Can you share it?
Ok, here is useful information: http://newworld2.net/pdls/olyphotos/FAC_CAB.jpg
Guide for a 3-in-1 cable:
1. Solder rigid copper wires on PIN 1, 4 and 5.
2. Drill 3 holes in your USB to MicroUSB adapter for making the rigid wires to pass through.
3. Connect PIN4 to PIN1 (externally
) for FACTORY CABLE or PIN4 to PIN5 for OTG CABLE (for USB HUBs and USBHost functionalities). Don't connect anything for normal USB cable for USBSync/ADB etc.Nvflash - Yes it exists on our devices, yes it can be accessed , yes you need a Dev. cable to do so. Yes using it theoretically we could re flash our devices with unsecured images , yes with it I could make our devices free , How ever this all being said there is a problem currently, and that is that its is signed with a sbk value, this value is unknown to us it is a AES key and is in this format 0x00000000 00000000 00000000 00000000. With out knowing the value of this key anything anyone wants to tell you about nvflash is complete and entire BS!! You can not even read from the device, any command that is sent via nvflash will return an error and than disable the connection to the device in order to prevent a brute force attack.
It has to be more complicated than that. Both the Droid and Milestone run the OMAP 3430 chipset and you can't just flash the Droid bootloader onto a Milestone.
Actually, you can just flash the Droid bootloader onto a Milestone. A number of developers tried exactly that about a year ago and found incompatibility issues with them, apparently due to the CDMA/GSM differences because part of the baseband radio code was in the bootloader. Their phones weren't completely bricked, they just had to use RSDLite to reflash a Milestone bootloader to get it working happily again.
With that said, it is a little more complicated with the Tegra2. I'm registered with NVIDIA's Tegra2 dev zone and have been going through the SDK for a good part of this evening.
Flashing is done using a tool called "nvflash" which takes a command line parameter of "sbk" (Secure Boot Key) example value "0x00000000 00000000 00000000 00000000"
Another interesting bit I've found while searching through hundreds of files is a function called "NvDdkAesClearSecureBootKey" with a description of the following:
* Overwrite Secure Boot Key (SBK) in AES key slot with zeroes.
After this operation has been completed, the SBK value will no longer be accessible for any operations until after the system is rebooted. Read access to the AES key slot containing the SBK is always disabled.
So basically, the system is designed never to allow users to read the AES key, however there seems to be an override to reset it to the default value (possibly just temporarily – but hopefully that's all that's needed to rewrite the bootloader.)
What would be really nice to know is what "system information" nvflash spits out when run on an Atrix.
On a ViewSonic G-Tab we see something like this:
System Information:
* chip name: t20
* chip id: 0x20 major: 1 minor: 3
* chip sku: 0x8
* chip uid: 0x171440094240f357
* macrovision: disabled
* hdcp: enabled
* sbk burned: false
* dk burned: false
* boot device: nand
* operating mode: 3
* device config strap: 0
* device config fuse: 0
* sdram config strap: 0
Note the "sbk burned: false" which is because there's no secure boot key set on the ViewSonic.
I think we just have to wait and see if the SBK is set on the international version of the Atrix, and if it is then we'll need to explore the reset method I mentioned above.
So, honestly, probably there is no possibility to recovery e.g. my atrix.
Last edited:
Unfortunately I bricked my phone having PUDDING.HERE IS THE SCOOPER POOPER from your official forum troll. You will brick if you flash back to previous SBFs. You will not brick if you flash back to previous SBFs that have PUDDING built in. All your phones are belong to pudding so get used to that.
PS- you should just be using fastboot to flash stuff now anyhow
Made myself "factory cable" ..
I am bricked also.....so made myself a cable and i found the files for nvflash..but i cannot find anymore instruction or guidance online. anyone that can advise me as to where or what to do from here would be greatly appreciated..
BTW: i found and installed the APX device drivers and my comp acknowledges the device i assume as an nvidia usb somethin somethin..now I need some kind of recovery files or...?
I am bricked also.....so made myself a cable and i found the files for nvflash..but i cannot find anymore instruction or guidance online. anyone that can advise me as to where or what to do from here would be greatly appreciated..
BTW: i found and installed the APX device drivers and my comp acknowledges the device i assume as an nvidia usb somethin somethin..now I need some kind of recovery files or...?
Last edited:
Is there any way for you to get to fastboot with your factory cable?? If so, that's step in the right direction and would try the oem unlock command again.Hi,
Have you diagram of the factory cable? Can you share it?
Ok, here is useful information: http://newworld2.net/pdls/olyphotos/FAC_CAB.jpg
Guide for a 3-in-1 cable:
1. Solder rigid copper wires on PIN 1, 4 and 5.
2. Drill 3 holes in your USB to MicroUSB adapter for making the rigid wires to pass through.
3. Connect PIN4 to PIN1 (externally
Nvflash - Yes it exists on our devices, yes it can be accessed , yes you need a Dev. cable to do so. Yes using it theoretically we could re flash our devices with unsecured images , yes with it I could make our devices free , How ever this all being said there is a problem currently, and that is that its is signed with a sbk value, this value is unknown to us it is a AES key and is in this format 0x00000000 00000000 00000000 00000000. With out knowing the value of this key anything anyone wants to tell you about nvflash is complete and entire BS!! You can not even read from the device, any command that is sent via nvflash will return an error and than disable the connection to the device in order to prevent a brute force attack.
So, honestly, probably there is no possibility to recovery e.g. my atrix.
i havent been able to get fastboot going with my "factory cable"..
yes..had just installed the factory sbf and started having fc issues so tried to go back to 1.83.
So I'm on 2.2.2 right now. I havent gotten any notification for any OTA updates to 2.3.4. However, I would like to get 2.3.4 on my Atrix. Is it safe for me to flash the 2.3.4 that was listed on the 1st page (briefmobile link). After I flash that one, I can still go back to 1.8.3 (or any older sbf's) in case anything happens, and I would be fine?
I just want to be safe and I'm still kinda new to all this. Thank you all for your inputs.
Also I havent done anything to my 2.2.2 besides just being rooted.
I still have to unlock the bootloader and everything.
I just want to be safe and I'm still kinda new to all this. Thank you all for your inputs.
Also I havent done anything to my 2.2.2 besides just being rooted.
I still have to unlock the bootloader and everything.
No you can't go back to 1.83 via sbf if you update the stock version. The briefmobile version is a modified one which allows you to still flash older SBFs but I believe you have to be bootloader unlocked to use the briefmobile on.
I have an unlocked bootloader, and now Kenneth's 2.3.4 Beta# 4. It sees, to be safe, or until further discoveries, that I'm on a Kenneth-approved only ROM update path from now on. No future OTA updates, reverting back to past stock images, or trying alternate ROM's. Seems too risky. Luckily, the latest GingerBlur 4.5 Beta is excellent, and stable IME.
It's a shame Motorola pulled the bootloader unlock from 2.3.4 updates. Having released it and yanked it really puts casual ROM tinkerers at risk of hard bricks.
Once we have a bit more data, perhaps someone can create a 'Safe ROM's and methods for unlocked 2.3.4 users' thread.
It's a shame Motorola pulled the bootloader unlock from 2.3.4 updates. Having released it and yanked it really puts casual ROM tinkerers at risk of hard bricks.
Once we have a bit more data, perhaps someone can create a 'Safe ROM's and methods for unlocked 2.3.4 users' thread.
Just another story to tell :
I was updating and rooting my phone since 1.26 then on 1.83 I did the pudding and unlocked my phone .. then I went to HKTK 2.3.4 with a huge list of bugs ( fingerprint, entertainment center, musicblur just to mention some...) and from there to the Kenneth Briefmobile link gingerbread beta 4.5 through CWM smoothly and easy... I really not confident enough for Any rollback of versions but more than this I can't see why should I do that cause there's no OTA update so far and this version is completelly useful for me... Am I missing something?
Sent from my MB860 using XDA App
Not exactely. The problem is that most of as do not have access to fastboot. After connected battery for a while the green diode is on and that's it.
The problem that people had was flashing a SBF that didn't have the unlocked bootloader in it. I confirmed this with 3 people on IRC who had nearly bricked. If you flash an SBF without the unlocked bootloader you may get foobar. That being said flashing the full sbf directly is not the smart thing to do now that we have access to fastboot and CWM.
Do you think fastboot could be used to flash the old BL Fixing the RSD issue with the original SBFs.
fastboot cannot flash the BL. if you can boot in to fastboot you can probably boot in to RSD with VolUP during boot... If you need a SBF with unlocked BL there is one at the top of [PUDDING] op right under the shiny red text that you should probably also read.
Little confusion on my part, if you flashed via your AT&T Gingerbread for Atrix 4G
Beta 4.5 link (briefmobile) you're free to teeter between older builds. Is that correct?
My impression is that the "official" moto-server build is where trouble began. I know you mention "How can I avoid this brick" I guess I'm just looking for confirmation prior to reverting back to an old build...attempting to leave any of my own assumptions out of it. Thank you.
Beta 4.5 link (briefmobile) you're free to teeter between older builds. Is that correct?
My impression is that the "official" moto-server build is where trouble began. I know you mention "How can I avoid this brick" I guess I'm just looking for confirmation prior to reverting back to an old build...attempting to leave any of my own assumptions out of it. Thank you.
I am not sure about that because:
I was on stock 1.83 then I RSD pudding to unlock BL and tested HWTK when I was finish I RSD to full 1.57 (no brick)
Then I loss "unlock" tag at boot right so RSD pudding gain "unlock" tag at boot again then I played for a while with faux, evail and kholk OC Kernels
Then when I saw GB OTA, I RSD again full 1.83 so I can start fresh GB, I applied update.zip (GB OTA) from stock android recovery and I noticed AP20 bl update
From GB OTA I tested the following:
I RSD pudding with out soft or hard brick twice
I noticed new stock android recovery (E3)
I applied OTA GB again over and I lost "unlock" tag at boot (I noticed you lost the "unlock" tag at second reboot after applied GB OTA
I did the re applied GB OTA update.zip twice no soft brick or hard brick
Now running GB OTA with out any problem just waiting a OC stable kernel to tested
So from my experience from GB OTA :
1. You can safe RSD pudding without soft brick or hard brick
2. Can you please confirm if pudding is made from a future SBF than 1.83? I think the answer is YES
3. What will happen if you build a SBF same as pudding but now with 1.83 or 1.57 parts (CG) just to downgrade the BL?
4. If you noticed all my downgrades SBF by a RSD was using Full SBF 's 1.26/1.57 (from 1.83 unlock/pudding BL)
Sent from my MB860 using XDA App
I was on stock 1.83 then I RSD pudding to unlock BL and tested HWTK when I was finish I RSD to full 1.57 (no brick)
Then I loss "unlock" tag at boot right so RSD pudding gain "unlock" tag at boot again then I played for a while with faux, evail and kholk OC Kernels
Then when I saw GB OTA, I RSD again full 1.83 so I can start fresh GB, I applied update.zip (GB OTA) from stock android recovery and I noticed AP20 bl update
From GB OTA I tested the following:
I RSD pudding with out soft or hard brick twice
I noticed new stock android recovery (E3)
I applied OTA GB again over and I lost "unlock" tag at boot (I noticed you lost the "unlock" tag at second reboot after applied GB OTA
I did the re applied GB OTA update.zip twice no soft brick or hard brick
Now running GB OTA with out any problem just waiting a OC stable kernel to tested
So from my experience from GB OTA :
1. You can safe RSD pudding without soft brick or hard brick
2. Can you please confirm if pudding is made from a future SBF than 1.83? I think the answer is YES
3. What will happen if you build a SBF same as pudding but now with 1.83 or 1.57 parts (CG) just to downgrade the BL?
4. If you noticed all my downgrades SBF by a RSD was using Full SBF 's 1.26/1.57 (from 1.83 unlock/pudding BL)
Sent from my MB860 using XDA App
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone