1.Does we have any free unlock?
2.Can i edit rom by myself?
3.What program can extract&repack "Boot.img" and "boot.img.cert" ?
4.What program can repack or edit "*.xap" file ?
sorry for my bad English.
1. Custom ROMs come fully-unlocked, meaning that you can run any app, can install an arbitrary number of apps, all apps run with full permissions, and you can run native apps (required for things like Opera or BlueTooth File Transfer). They also come pre-configured with an app that will install XAP files you open in the phone's browser or email attachments (like my XapHandler app, but a built-in native app).
2. Yes, ROMs are very editable. This isn't my area of expertise, but there are plenty of resources for "chefs" (people who "cook up" ROMs) including guides and tool downloads. It's generally recommended to start from an existing custom ROM that is close to what you want.
3. I don't know for sure. It may depend on what kind of phone you're making custom ROMs for (HtcRIE is for HTC phones only, I think?) but I'm sure somebody has posted similar questions before so some searching may tell you what you need to know. As for certs, they're probably in a standard format for a cryptographic certificate (Windows can open them, although usually not edit them; there's a tool that ships with Visual Studio that can create them though).
4. .XAP files are just ZIP archives. You can open and edit and re-pack them with pretty much any tool that understands the ZIP format (I like 7-Zip, but there's many options). Marketplace (or in-ROM) XAPs may have a signature embedded in them too that isn't part of the archive contents, but I'm not sure how that works. A custom ROM probably wouldn't care.
Your English is a lot better than my Thai; you did just fine.
GoodDayToDie said:
1. Custom ROMs come fully-unlocked, meaning that you can run any app, can install an arbitrary number of apps, all apps run with full permissions, and you can run native apps (required for things like Opera or BlueTooth File Transfer). They also come pre-configured with an app that will install XAP files you open in the phone's browser or email attachments (like my XapHandler app, but a built-in native app).
2. Yes, ROMs are very editable. This isn't my area of expertise, but there are plenty of resources for "chefs" (people who "cook up" ROMs) including guides and tool downloads. It's generally recommended to start from an existing custom ROM that is close to what you want.
3. I don't know for sure. It may depend on what kind of phone you're making custom ROMs for (HtcRIE is for HTC phones only, I think?) but I'm sure somebody has posted similar questions before so some searching may tell you what you need to know. As for certs, they're probably in a standard format for a cryptographic certificate (Windows can open them, although usually not edit them; there's a tool that ships with Visual Studio that can create them though).
4. .XAP files are just ZIP archives. You can open and edit and re-pack them with pretty much any tool that understands the ZIP format (I like 7-Zip, but there's many options). Marketplace (or in-ROM) XAPs may have a signature embedded in them too that isn't part of the archive contents, but I'm not sure how that works. A custom ROM probably wouldn't care.
Your English is a lot better than my Thai; you did just fine.
Click to expand...
Click to collapse
OK Thanks.
I have original firmware of lumia 900.
and I extract "RM808_12w08_4_prod_attus.esco" by winrar.
After I extract I got two file name "boot.img" and "boot.img.cert".
I can't find any program can edit them. Dose you have any program to edit them.
Ah... for a Lumia 900, I don't think it's possible to unlock the bootloader right now, so you wouldn't be able to install a modified ROM anyhow. Sorry; I though you were talking about one of the phones that is already supported for custom ROMs.
I don't have a Nokia, nor do I have any experience with hacking on them. There's a lot of buzz around unlocking the Lumia 710 and 800, but so far as I know nobody has managed the 900 yet. You should start with the thread about the unlock for the 800 (it's on the Lumia 800 part of the forum) and maybe see if there's anything similar being worked on for the 900. Also, if that ROM image isn't posted on XDA-Devs yet, I'm sure lots of people in the Lumia forums would like to see it, and some of them will be able to work with you much more than I can.
GoodDayToDie said:
Ah... for a Lumia 900, I don't think it's possible to unlock the bootloader right now, so you wouldn't be able to install a modified ROM anyhow. Sorry; I though you were talking about one of the phones that is already supported for custom ROMs.
I don't have a Nokia, nor do I have any experience with hacking on them. There's a lot of buzz around unlocking the Lumia 710 and 800, but so far as I know nobody has managed the 900 yet. You should start with the thread about the unlock for the 800 (it's on the Lumia 800 part of the forum) and maybe see if there's anything similar being worked on for the 900. Also, if that ROM image isn't posted on XDA-Devs yet, I'm sure lots of people in the Lumia forums would like to see it, and some of them will be able to work with you much more than I can.
Click to expand...
Click to collapse
Ok Thank for answer.
OSBuilder is pretty much the only thing you need to edit/cook ROM's nowadays. It will dump that ROM you have. However since, like GDTD said, the Lumia 900 has a locked bootloader so it will do you no good. The best you can do right now with the 900 is dev unlock your phone.
Related
Is there instructions on creating a post-flash (or hard reset) install script? I'd like to have it run the cingular WAP cab, and maybe a couple others. I think I've been all over, but haven't seen anything...
Thanks!
Also - does anyone have a package or cab for camera 3.3???
Hi Matt... there are a couple of options...
First off, you could go the route that Faria does in his kitchen - effectively an Extended ROM folder under Windows. When the ROM install has finished and you've done the screen align, it runs the Extended ROM contents - just like the customisations you get in most operator ROMs. The advantage of doing it from a subfolder under Windows is that it works for G4 users as well as G3.
The other alternative is to actually flash your Extended ROM (this is what I've done, as mine is G3).
With the right files in Windows and Windows\Startup (CheckAutoRun.exe and CheckAutoRun.lnk respectively) and the registry entries set up for the appropriate location (I can tell you what these need to be), it will run no problem.
Is this what you're looking for? Faria also has a nice couple of utils that run during customisation and let you choose which operator's settings (GPRS and MMS) you wish to install. I guess these just run the appropriate CAB file based on your choice.
I am happy to help you set this up if it would be of assistance, having spent the last couple of days trying to get all this stuff up and running.
JoelC said:
Hi Matt... there are a couple of options...
First off, you could go the route that Faria does in his kitchen - effectively an Extended ROM folder under Windows. When the ROM install has finished and you've done the screen align, it runs the Extended ROM contents - just like the customisations you get in most operator ROMs. The advantage of doing it from a subfolder under Windows is that it works for G4 users as well as G3.
The other alternative is to actually flash your Extended ROM (this is what I've done, as mine is G3).
With the right files in Windows and Windows\Startup (CheckAutoRun.exe and CheckAutoRun.lnk respectively) and the registry entries set up for the appropriate location (I can tell you what these need to be), it will run no problem.
Is this what you're looking for? Faria also has a nice couple of utils that run during customisation and let you choose which operator's settings (GPRS and MMS) you wish to install. I guess these just run the appropriate CAB file based on your choice.
I am happy to help you set this up if it would be of assistance, having spent the last couple of days trying to get all this stuff up and running.
Click to expand...
Click to collapse
It sounds like your first point is what I was looking for - but up till now I've avoided adding / manipulating the extended rom to prevent issues related to it's use. I guess I'll have to cross that bridge sooner than later!
Is there a "howto" anywhere on it? I'd like to add the option for users to select post installation packages to run, in a nice and "foolproof" way - such as themes, WAP cabs, or whatever. Kinda like "drop your post install cabs in this folder" and it'll go ahead and add them during the rom build, then execute the install after flashing.
Thanks!
mattk_r said:
It sounds like your first point is what I was looking for - but up till now I've avoided adding / manipulating the extended rom to prevent issues related to it's use. I guess I'll have to cross that bridge sooner than later!
Is there a "howto" anywhere on it? I'd like to add the option for users to select post installation packages to run, in a nice and "foolproof" way - such as themes, WAP cabs, or whatever. Kinda like "drop your post install cabs in this folder" and it'll go ahead and add them during the rom build, then execute the install after flashing.
Thanks!
Click to expand...
Click to collapse
search lol i'll try and dig it up for you since i should probably do the same thing
try this of course editing it to where you want it to point:
Code:
[HKEY_LOCAL_MACHINE\Comm]
"AutoRunCFG"="\\Extended_ROM\\config.txt"
"AutoRun"="\\Extended_ROM\\autorun.exe"
notyourdaddy said:
search lol i'll try and dig it up for you since i should probably do the same thing
try this of course editing it to where you want it to point:
Code:
[HKEY_LOCAL_MACHINE\Comm]
"AutoRunCFG"="\\Extended_ROM\\config.txt"
"AutoRun"="\\Extended_ROM\\autorun.exe"
Click to expand...
Click to collapse
I just found this link that has an extended rom in it. It makes a lot of sense, especially the txt file that directs the installation and then initiates a reset. Getting warmer!
http://forum.xda-developers.com/showthread.php?t=309922
So here's what I'm thinking - just initial thoughts:
Have a folder with the base applications that are used every time like AutoRun.exe.
The user places the cab(s) in the "add files to ext rom" folder.
They run an exe that reads the directory file contents, verifies file type, copies the files to the extended rom folder, and displays the list. I'd write it in VB, since I'm most comfortable with file system operations in that language...
They change the list based on the order they want them installed using up and down arrows to sort priority.
The click OK, and it creates the config.txt file, including all necessary commands such as reset and whatnot.
That way when they build, it's all good to go.
Any thoughts?
Slightly off topic but does anyone have a .CAB for TomTom6 (or know how to edit/make one) that doesn't require user input during the installation?
I am not looking for a hacked version of TomTom, just how to prevent it asking me where to install. .CABs that run from the Extended ROM can't ask for user input or it will crash the extended ROM installation as we know; I just don't know how to edit the ttn.cab to stop it asking.
Thanks
Andy
Hi Matt,
It does sound like the first option is the best - it's also the only way to get G4 compatibility. I think your idea to write a VB app is a good one - let the user choose which CABs to install to ExtRom, but I think u need to be very clear what you want to achieve. As this `ExtRom` is not actually in the proper extended Rom, but just a folder under Windows, you gain nothing really by installing programs from here, best just keeping it for operator specific settings and such.
The other issue with extended Rom installations, of any type, is that the config file must run to completion. if you put in cab files that require user input, the install will fail (at least from a proper extRom, maybe ok in this scenario, I don't know); likewise cabs that require or initiate a soft reset will cause an ExtRom install to crash. So, this sorts of limits what cabs can be used. mine puts in personal reg settings; no operator settings as I use wifi not gprs or mms.
Also - and I hope I'm not out of line here, or misunderstanding you - Faria has something that does exactly what u need in his fake ExtRom... u cld always ask him nicely for use of it, or r u looking forward to the coding?
My only other thought is the extra support burden a complex fake extrom scenario would generate, especially if ppl don't understand its purpose and stick stuff in that causes problems...
I hope this has made some sense - past my bedtime and I'm knackered LOL. Just my 2 cents, y'know?
Good work and all the best
JoelC said:
Hi Matt,
It does sound like the first option is the best - it's also the only way to get G4 compatibility. I think your idea to write a VB app is a good one - let the user choose which CABs to install to ExtRom, but I think u need to be very clear what you want to achieve. As this `ExtRom` is not actually in the proper extended Rom, but just a folder under Windows, you gain nothing really by installing programs from here, best just keeping it for operator specific settings and such.
The other issue with extended Rom installations, of any type, is that the config file must run to completion. if you put in cab files that require user input, the install will fail (at least from a proper extRom, maybe ok in this scenario, I don't know); likewise cabs that require or initiate a soft reset will cause an ExtRom install to crash. So, this sorts of limits what cabs can be used. mine puts in personal reg settings; no operator settings as I use wifi not gprs or mms.
Also - and I hope I'm not out of line here, or misunderstanding you - Faria has something that does exactly what u need in his fake ExtRom... u cld always ask him nicely for use of it, or r u looking forward to the coding?
My only other thought is the extra support burden a complex fake extrom scenario would generate, especially if ppl don't understand its purpose and stick stuff in that causes problems...
I hope this has made some sense - past my bedtime and I'm knackered LOL. Just my 2 cents, y'know?
Good work and all the best
Click to expand...
Click to collapse
That's really good info, because I'm climbing the learning curve as fast as I can here to get a good grasp on what the extended rom is, as well as how to use it. I appreciate the conditional warnings... better to know ahead of time than find out following a problem.
I'd rather use the true extended rom (as I understand it anyway), so I don't loose any additional space for the BuildOS programs. That is, assuming the extended rom is a seperate memory location than the base...
In another thread, someone is going to post that tool. I'm really interested in how it works.
If I can get all the concepts together, I hope to get a solid tool that will improve functionality in the ROM, without adding complexity or trouble... and I greatly appreciate the help!
Interesting thread...guys, you just gave me some new ideas.
Before that...there's one thing that's bothering me...
Can we use ExtendedRom on a G4 or not...lol I thought not, until me an Boto made a clean one from a G4 ExtRom and when Boto flashed it it worked , and he has a G4. Why we always say that we don't use an Extended Rom for G4 users ?
Normaly, a G4 should/would brick when flashing IPL/SPL not Extended Rom, am I right ?
We are shrinking the OS space to integrate features of the ExtendedRom in order to all people use it but is it that true ?
Ok, now back to my idea .. I want that in my next rom to include an extended rom, of course and make it that way so when you first start your PDA, it will act like when installing windows on the PC , asking you which apps or what options you want to use. I think i can manage to do that...still the question remains ...will G4 users be able to use it ?
Sorry for the delay writing back... I've been over in the G4 subforum trying to find out if they can flash Extended Rom. Some ppl have reported success using Faria's tutorial. Hopefully this is the case - what u said about IPL/SPL flashing is right, this seems to be a real problem, but if u can flash a radio-only Rom, why not Extended Rom?
What did u and Boto flash onto his G4? Blank Extrom or a cooked one?
Perhaps what we need is a guinea pig to try this out for us...!
JoelC said:
Sorry for the delay writing back... I've been over in the G4 subforum trying to find out if they can flash Extended Rom. Some ppl have reported success using Faria's tutorial. Hopefully this is the case - what u said about IPL/SPL flashing is right, this seems to be a real problem, but if u can flash a radio-only Rom, why not Extended Rom?
What did u and Boto flash onto his G4? Blank Extrom or a cooked one?
Perhaps what we need is a guinea pig to try this out for us...!
Click to expand...
Click to collapse
I took the Ext Rom from the Wizard Love Rom and i edited the config.txt and deleted cabs ...that's it
Well, if it flashed OK... sounds like it might be usable after all But tell me, is Boto's G4 CID locked or unlocked? It's all very uncertain, but some of the G4 posts lead me to believe this may make a difference
ADB100 said:
Slightly off topic but does anyone have a .CAB for TomTom6 (or know how to edit/make one) that doesn't require user input during the installation?
I am not looking for a hacked version of TomTom, just how to prevent it asking me where to install. .CABs that run from the Extended ROM can't ask for user input or it will crash the extended ROM installation as we know; I just don't know how to edit the ttn.cab to stop it asking.
Thanks
Andy
Click to expand...
Click to collapse
All I did for TomTom is install as normal and then copy the Navigator directory and My Documents\TomTomto my storage card where the maps, postcodes etc. are located. After any ROM upgrade all I need to do is create a shortcut in the start menu pointing at \Storage Card\Navigator\TomTom Navigator.exe No user input needed other than to pair the bluetooth gps and define a serial port.Hope this helps, it has worked for me after every change in ROM which has been quite a lot recently.
wizzzard said:
All I did for TomTom is install as normal and then copy the Navigator directory and My Documents\TomTomto my storage card where the maps, postcodes etc. are located. After any ROM upgrade all I need to do is create a shortcut in the start menu pointing at \Storage Card\Navigator\TomTom Navigator.exe No user input needed other than to pair the bluetooth gps and define a serial port.Hope this helps, it has worked for me after every change in ROM which has been quite a lot recently.
Click to expand...
Click to collapse
Thanks for that but it isn't what I was really after.... I am just trying to automate everything. I have flashed my ROM that many times recently and going through the install of TomTom each time is a bit of a pain. I have got a couple of .CABs in the Extended ROM OK and these work fine, I just thought it would be nice if I could get TomTom in there as well.
Andy
I didn't want this to turn into a "how-to" thread, but I'm still scratching for hard info on the extended rom, and as many questions out there, it might be a good one to clarify some details...
As I understand it now, there's two forms of "extended ROM":
1. The true extended rom "similar to the radio ROM"
There is some "trigger" that runs the contents of the extended rom, such as AutoRun.exe?
2. The 'psuedo' extended rom that is basically a post install script to run cabs.
The contents of the folder under windows are run from a trigger that resides in the startup folder - similar to a runonce in Windows on first boot?
Does this sound close?
Also, where does the 'true' extended rom reside? Does it use the portion of memory reserved for the OS, or is there another portion just for it? (so if by adding applications to the extended rom, your available storage memory will remain unchanged - less the installed application?)
I'm presuming then by the 'psuedo' extended rom, that it does consume ROM space, but simplifies post-flash cab installations - assuming you follow the rules...
From what I see, by using the 'psuedo' ER, you waste space by keeping the installation files in addition to the installed application files.
If I'm wasting space and time by asking these questions and you know of a good extended rom tutorial, please direct me to it. I have spend some time tonight searching, but a definitive guide still eludes me... Thanks!
Sorry, coming into this thread late, but you have seen this thread, right?
http://forum.xda-developers.com/showthread.php?p=968417
While it may not directly answer some of the questions, the tools and info in the tutorial may shed some light on this subject (or give you a direction to start digging further).
mfrazzz said:
Sorry, coming into this thread late, but you have seen this thread, right?
http://forum.xda-developers.com/showthread.php?p=968417
While it may not directly answer some of the questions, the tools and info in the tutorial may shed some light on this subject (or give you a direction to start digging further).
Click to expand...
Click to collapse
OMG, I'm getting senile... I came across this months ago, but at that point didn't know what I was looking at... and didn't see it just now in any stickies... thanks man.
mattk_r said:
OMG, I'm getting senile... I came across this months ago, but at that point didn't know what I was looking at... and didn't see it just now in any stickies... thanks man.
Click to expand...
Click to collapse
Yeah, never figured out why that one was never made a sticky. I just know to go look at Faria's sig and it (and a few other good links) are in there
Question about ROM flashes.
I'm actually an IT professional in the work related field, so any basics need not be explained. I am still new to Windows Mobile devices and would like to know what this means for my phone.
The way I view a "ROM" is as a firmware, or static programming on a chip. Maybe even a CMOS imprint. In this field, such things are semi-permanent at a component level. For instance, you don't download a .cab file to upgrade your bios (as many "ROMS" seem to come in .cab files), you boot your system on a floppy and run an application that flashes your CMOS with the new image.
What would we assume the "ROM" is on Windows mobile phones? Is it a chip hidden inside of the phone, separate from the primary memory? Is it simply considered all that is in the \windows directory? I don't see why .cab files can flash the ROM.
This leads me to the question, if you do a hard-reset, I assume there's secondary memory on the phone with the \windows folder and all the factory defaults. The memory must serve no other purpose other than to harbor these defaults in the need of a hard-reset. Does flashing your "ROM" also apply changes to this chip containing the default OS image?
Hi, here a short description:
ROM:
The ROM is quite similar to a computers harddisk AND RAM (All-In-One), but the OS has to and additional software can be integrated via flashing and is therefor fixed. All data you flash will stay in the ROM after a Hard-Reset.
Some ROMs also contain a Bootloader-ROM and/or a Radio-ROM
Bootloader-ROM:
This is quite similar to a computer's BIOS
Radio-ROM:
The firmware to your PDA's built-in connection devices (e.g. GSM, Bluetooth, WLAN,...)
Hard-Reset:
A Hard-Reset is similar to a comlete reinstallation. Some computer vendors add a recovery CD/DVD to their products. On a Windows Mobile Device the Recovery-disc is integrated in the ROM and will be automatically installed during a hard reset.
And to complete this one ;-)...
Soft-Reset:
A Soft-Reset is similar to a cold restart of your computer. By the way, there's no possibility to "shutdown" Windows Mobile like you are used to with Windows XP or Vista.
Oh, and you cannot install a ROM using a cab-file. Cab-files are "executables" to install additional software. They can only be installed on the device. ROM's have to be installed from a connected computer (There's also a resolution to install a ROM from a Storage Card, but i am not used to it and cannot give you more information about this. But you'll find it, searching in the forum).
jon_k said:
Question about ROM flashes.
I'm actually an IT professional in the work related field, so any basics need not be explained. I am still new to Windows Mobile devices and would like to know what this means for my phone.
Click to expand...
Click to collapse
Me Too.
jon_k said:
The way I view a "ROM" is as a firmware, or static programming on a chip. Maybe even a CMOS imprint. In this field, such things are semi-permanent at a component level. For instance, you don't download a .cab file to upgrade your bios (as many "ROMS" seem to come in .cab files), you boot your system on a floppy and run an application that flashes your CMOS with the new image.
Click to expand...
Click to collapse
Yes, it is firmware on the chip, but like a BIOS, it exists after the phone is off, the battery removed, etc. The stuff in the cab files that you install doesn't. Well, let me retract that. The stuff in the cabs and your data stays there after a soft reset, and removing the battery (at least for a short while, YMMV), but my experience has not been that the data stays there after the battery is out for a while (again, YMMV).
jon_k said:
What would we assume the "ROM" is on Windows mobile phones? Is it a chip hidden inside of the phone, separate from the primary memory? Is it simply considered all that is in the \windows directory? I don't see why .cab files can flash the ROM.
Click to expand...
Click to collapse
Yes, it is a chip. Most of the time, they don't use discreet transistors for these time of things. They are prohibitively large and expensive to solder together to make the memory, not to mention power hungry.
To answer your second question, if you peruse the various ROMs here, you will see the following:
Base operating system: This is a common denominator. This is Windows CE/ Mobile edition, WM6, whatever you want to call it.
Additional CABs: This is the flavor the chef uses in his/her kitchen to make the ROM do what appeals to them (and their audience). These can techniclaly be split out and individually installed if the cook puts them as a cab file that you copy to the phone and install from that file downloaded.
jon_k said:
This leads me to the question, if you do a hard-reset, I assume there's secondary memory on the phone with the \windows folder and all the factory defaults. The memory must serve no other purpose other than to harbor these defaults in the need of a hard-reset. Does flashing your "ROM" also apply changes to this chip containing the default OS image?
Click to expand...
Click to collapse
What will happen when you hard reset is the ROM that was flashed to the phone will be as it was when you first burned it to the phone. Here's an example: You buy the Kaiser marketed as an AT&T Tilt on 1/1/08, use if for 6 months, and on 7/1/08, you hard reset it. It will be the same as when you turned it on for the first time.
Another case: You buy the phone on 1/1/08, and download a ROM from Dutty, or whomever, and you carefully follow the noob instructions (like I did), and flash it on 1/2/08. You do a hard reset on 7/1/08, and now the phone is the same as when it was last upgraded, so it will be the 1/2/08 version that it goes to.
Clear?
Hope this helps, and if there are others that want to correct me, please do so.
Fairly good explanations.
It makes a bit more sense now.
I'll post my new understanding of the control structure and functionality based on everyones post above. If you want to confirm, deny, or alter any of my perceived facts I'd appreciate it! I just like to know a basic understanding of the device functions internally so I can be educated when tinkering with things.
The radio ROM = ROM that controls the radio. Contains frequency ranges/broadcast tweaks for different locales, probably if tweaked can also allow illegal higher wattage transmission power. Some interesting (and surely FCC illegal) hacks are probably available here.
The device ROM - the upper level functions of the phone. Probably has support for the type of WIFI and bluetooth adapter you have. Has to have compatibility to interface with the radio ROM for phone functionality to be supported. Also is what interfaces with the GPS radio, probably the phone, links the keyboard to the OS, etc. Probably handles API between radio ROM and Windows mobile?
The Windows Mobile OS, which is the operating system itself. It communicates with the ROM, and is limited by what the ROM is limited by. Any .cab's or software retrieved here will enhance the OS, nothing more. A hard reset will bring the OS back to it's original state. (Though ROM upgrades remain.) Any cabs installed or changes to \windows in general made will be lost during a hard reset. It restores all content under \windows to it's default state.
Sounds about right with my new understanding. I think for now I'll avoid flashing the ROM. I'm pretty content with modifying the Windows registry hive since it can easily be restored with a hard reset if I bork up a registry key. Unlike the registry, a ROM if a member here misses something (I doubt they're working with much device documentation) a small coding mistake by them could ruin the phone.
Maybe I'll be more prone to start flashing ROM's if there's a way to extract the current ROM for my phone. Perhaps I can update the ROM through ATT or HTC, and use a packet sniffer to sniff the location (likely http URL) of the ROM file.
One further question though,
Until several minutes ago I thought the ROM simply contained device drivers, etc. Stumbled upon this post however.
rkorzuch said:
Tool worked perfect on my AT&T Tilt. Just installed the HTC ROM. Much nicer than the AT&T ROM.
Click to expand...
Click to collapse
I'm now assuming the ROM contains the OS that is flashed on to the internal storage card as well, with it's own custom branding on the OS, own default application set, etc. As well as it's normal functioning with device communication etc. Is this safe to say this is how it works?
jon_k said:
One further question though,
Until several minutes ago I thought the ROM simply contained device drivers, etc. Stumbled upon this post however.
I'm now assuming the ROM contains the OS that is flashed on to the internal storage card as well, with it's own custom branding on the OS, own default application set, etc. As well as it's normal functioning with device communication etc. Is this safe to say this is how it works?
Click to expand...
Click to collapse
Yes jon_k,
The ROM contains the WM OS. That is what the cooks are changing primarily (more specifically, most of them change/add/delete the bundled apps that come as part of the shipped OSes). Most now are also expanding the RAM/storage portion of the ROM to allow for more usable storage. More and more cooks are also ripping out some of the MS bloat .
You should do a hard reset and then force a soft reset before it does the device customization part. You will end up with a Tilt with none of the AT&T bloat (game demos and such). If you don't like it, hard reset again and let it finish.
If you get real adventurous you can install HardSPL and one of the cooked ROMs (or the HTC one).
i was just trying to get a grasp on how to flash bootloaders on android devices. I have got a grasp with how to do it on old WinMo HTC devices, but there seems to be a lot more information regarding the various Android handsets. So here is the rundown of what I have found so far:
General Android: it appears that almost all android phones have the ability to flash from an SD card (by putting an update.zip on it). Can this reflash the bootloader? i don't see a reason why not (the bootloader should be in memory when the updater is running, so the flash should be writable) but having said that, i know on the old HTC devices that I have used, it wasn't possible (you had to load a softSPL or a diagnostic SPL to then run the flashing). Also, would anyone by any chance have a good understanding of what is in the update.zip? i see it referenced a lot, but as far as i can tell, it looks like it is just packages and directories and stuff to copy. Most of the posts I have seen regarding flashing also try replacing the recovery image, and then booting into recovery and telling it to recover. Does this work for bootloaders or just ROMs?
HTC: this appears to be the same as the old WinMo 6 devices I have used. You can use the RUU utility, supply it with an nbh file, and there are no problems. Outside of the Incredible S it would also appear that they don't have any kind of signing or anything to worry about. As such, you can see the SPL in cleartext and is in cleartext on the phone (I am guessing anyways). One question I do have is I have the ancient NBHGen used for the Kaiser (also worked for Hermes, Trinity, etc.), will that work with say the HTC Hero (or insert modern phone here)?
Samsung: Samsungs SBL as far as I can tell is equivalent to the HTC SPL (much the same as the HTC IPL = Samsung PBL). I have actually seen an apk that supposedly updated the SBL for Samsung. Like HTC, it also appears that they leave everything in clear text. If i am not mistaken, Odin is the tool of choice for reflashing on Samsung devices (any good tutorials out there for it and its file formats? i haven't actually looked too hard at that yet)
Motorola: I dont wish to stir up any anger (especially since most of what I read is on the Droid X), but Motorola is the one that is the hardest to find real info on. Motorola, on their more popular phones, appears to have made a habit of adding aggressive anti-tampering to their premier phones (at least after the original droid). I don't believe that their SPL equivalents have been cracked, but I also can't find a straight answer about whether their bootloaders are signed or encrypted (or both). They are two different things, but have been largely used interchangeably on most forums. They also have eFuse protection. I have looked at a few of the SBF files in a hex editor, and they don't appear to be ARM assembly. That said, I wouldn't believe that it is encrypted as there is cleartext within it. This leaves a couple of options. either the data moved is encrypted and it copies over encrypted data that gets decrypted at boot time (that seems like a massive waste of CPU cycles, but i wouldn't put it past them to do something like that). Or it could mean it gets decrypted by whatever loads it onto the phone. And lastly, it could just be x86 assembly (which i wouldn't recognize by looking at it). The last one seems to be the best fitting, but it doesn't answer whether or not it is encrypted on the phone. Since I haven't found an SBF file that contains just a bootloader, i haven't really had the chance to examine it. I also have not sen a way to flash a new SPL to a device (even a more open one like the original droid, which i believe is still locked, just not signed/encrypted).
file formats: this is also kind of confusing. I mentioned the update.zip above, but i have also seen people referencing ,bin and .img and all kinds of other files. If i am not mistaken, a bin and img file are the same with a different extension. Straight up binary, though i believe that the img files are supposed to be partition images. Is that accurate? and are SBF files executable? i swear i saw somewhere that people were running them, though it could just be my imagination...
I know there is a lot there a lot of information there, but I just wanted to check and make sure it is accurate, so I don't sound like a noob to my boss when I present it.
Many thanks!
Is there a FULL unlock for WP7 2nd gen devices? I just got the Focus S and LOVE IT! But I kind of miss some of the freedom of android. I used WindowsBreak to interop unlock it, but I want to install a custom ROM on it so I can have access to DH Marketplace and such... If anyone has any info that'd be great
Many, although not all, of the benefits of full-unlock are already available by using WP7 Root Tools. For example, I can use DS Marketplace, Bazaar, install XAP files from IE or email, and access the full filesystem and registry.
Yeah but most apps from alternative markets usually don't work because they require a higher level of privileges. So for total control like themes and such you'd need a full unlock right?
Nope! After you install the app that needs elevated permissions, go into root tools, swipe to the long list of apps, and push the slider next to the app you want to give rights to. If you don't already have root tools/bazaar, download them to your PC (xap files, that is) and use the package deployment tool to get them on your device.
You can find that easily by hitting start and typing deployment in the windows start menu.
I don't think you understand what I'm talking about, I'm referring to things such as opera mobile and the likes. Those need an unlocked ROM
Opera wasn't mentioned specifically. Every app I've tried off of bazaar has worked so far on my quantum. Sorry I couldn't be of more help!
So far as I know, Opera and BT File Transfer are the only homebrew apps published for WP7 right now that need more unlock than WP7 Root Tools can provide.
Good day,
I am new to the forum so please forgive me if this is not the right place to ask.
I have been reading through some of the threads on the forum and is curious to know if there is a way to load custom kernel libraries or device drivers onto the phone.
If there is a way, is there a correct procedure? For example to load a custom device driver / kernel library, do I also have to have an entry in the registry? Does the dll file have to be in /Windows?
Thanks in advance.
Good questions. There's been only a little research on this so far. I can tell you waht I've found, though:
For a stock ROM, nobody has managed it yet, but it might be possible. You'll need to have your DLL signed, and the certificate added to the Code Integrity store on the phone (just mailing yourself the .cer is insufficient! That will put it in the wrong store). You'll probalby want the DLL to be in \Windows, although I'm not sure it's needed. You almost certainly will need to add registry entries; the current drivers seem to have them.
Good day,
thanks for your reply. And thanks for all the good research you have done.
So at the moment, the software approach is not working but for custom roms, is it possible to include custom device drivers / kernel libraries in them?
Thank you.
mousefish321 said:
Good day,
thanks for your reply. And thanks for all the good research you have done.
So at the moment, the software approach is not working but for custom roms, is it possible to include custom device drivers / kernel libraries in them?
Thank you.
Click to expand...
Click to collapse
Well, it's possible. The HD2 Multitouch driver is an example that its somehow possible. Should be the same for the other devices (espacially HTC first gens)...
But don't know what you're getting at? Why would you need a custom driver?
Good day,
well, I just think that having a driver that acts like HTCUtility would make things convenient.
As for file operations, besides the application that Heathcliff has created (WP7RootTool), are there other applications that can do write operations to the /Windows folder?
What are the things that needs to be done before we can write to that folder?
Thank you.
Any app with Elevated or TCB privileges can write to \Windows, I think. Using HtcRoot project or WP7 Root Tools works (both elevate apps to TCB permissions, though using different methods). Also, using an OEM driver, such as HtcProvisionDrv or HtcFileUtility, works (although those two particular drivers were crippled in the 4.x firmware).
Good day,
thanks for the information. I tried the HtcRoot tool and it works. Thanks for the tool and the source that allows me to know how it works.
Can I assume that I would be able to have write access to the Certificate and Code Integrity store also?
I am also curious as to the workings of HTCFileUtility. A quick search on this turns up little information on its workings.
Furthermore, is there a guide to inserting custom certificates to the root Certificate and Code Integrity store? I have tried downloading the Certificates.zip file in http://forum.xda-developers.com/showthread.php?t=1236027 and test rom files in http://forum.xda-developers.com/showthread.php?t=1248799 hoping that they will shed some light but is unable to download them.
Any help is appreciated. Thank you.
Yes, installing your own cert into Code Integrity is possible (in several ways, actually, but I did it using HtcRoot just as an exercise). The certificates are actually stored in the registry, so any tool that can write to HKLM can add them. I believe that WP7 Root Tools will also let you choose the store for adding a certificate if you "open" the cert from the Root Tools filebrowser.
Although I don't know exactly how HtcFileUtility works, here's the basics. It's a software driver that exposes an interface - probably an IOCTL - which apps can use to perform filesystem operations. Since it runs with TCB permissions (it's probably kernel mode, though I haven't actually checked, but it's definitely in TCB) it can perform any operation that the filesystem supports. Of course, that doesn't mean that it exposes all those operations through the IOCTL... but it exposes enough of them for a pretty solid filebrowser implementation (that's how TouchXplorer and Advanced Explorer worked, although they used an OEM COM DLL that called into the driver rather than doing the IOCTL themselves).
The new version of it has very limited operations permitted; it will only list files in a few folders and so forth. It does still "work" within those limitations - Connection Setup, for example, uses it to check the folder that we use for interop-unlock on HTC - but it isn't useful for a general-purpose browser anymore.
It would be great to even figure out how to roll back the OEM drivers to earlier versions. For example, I've got WP7 Root Tools installed on my HD7, but I don't want to install HTC updates because they'll break my drivers such that if something ever goes wrong I won't be able to re-install Root Tools, or if a new hack is found (or developed; I'm working on some stuff with HtcRoot still) I won't be able to run it on my phone. Being able to use the advantages of the new firmware (Internet Sharing, compass in managed apps, hopefully an end to the damn music player freezing between songs...) while still having hackable OEM drivers would be reallllly nice...
Good day,
thanks for the information.
I noticed in the HTCRoot project thread where you mentioned that "It is not a true handle (no handle table, no handle data) but everything that checks for tokens also checks for this const value, and appears to pretty much skip all remaining permissions checks if it finds it".
Would you mind sharing some of the function names so that I could take a look at the code where the checking occurs?
Thanks.