[Q] Verify Current Verizon Root and Loopback Kernel - Verizon Samsung Galaxy S III

I'm going to get a new phone in a couple weeks. I have Verizon as a carrier, and I want one I can root and throw on a loopback supporting kernel to run Linux as a VM. I'd just like to verify with others that the Verizon S3s from the store now don't have any current factory or OTA update that might be done that will thwart my plans. Is there anything to look out for?

None of the current updates prevent the debugrootfs for root or prevent the leaked aboot from being used. So any phone you get right now should be fine for modification.

jlspartz said:
Is there anything to look out for?
Click to expand...
Click to collapse
At this moment, the only thing to worry about is backing up your IMEI after unlocking your bootloader but prior to flashing anything in recovery. After you do this, you're all set.
Sent from my SCH-I535 using xda app-developers app

Related

[Q] With an unlocked bootloader, ANY VZW GS3 Rom SHOULD work right?

Okay, so here is the question...
Now that the bootloader is unlocked, we should in theory be able to install any rom that required kexec without kexec, right?
I ask because I would love to reload paranoidandroid rom, but the last thing I need is a brick.
Other than that, I assume its just normal installation of a ROM similar to when I was on an unlocked HTC phone, correct?
The Rom will install fine, but the kernel has to be modified to work without kexec
Kexec roms will still run fine as long as you keep the kexec recovery. Normal roms work too. There is no need to change your recovery or wait for roms to be updated if you unlocked.
Okay thanks to both of you.
I simply do not want to install kexec, knowing that there wouldnt be a reason for it in the future once the developers out there get the roms working without it.
The risk of losing my IMEI is just too much for me, as I rely on my phone for work, and swapping phones and running in circles to get things fixed is too great a risk to take.
stevenjcampbell said:
Okay thanks to both of you.
I simply do not want to install kexec, knowing that there wouldnt be a reason for it in the future once the developers out there get the roms working without it.
The risk of losing my IMEI is just too much for me, as I rely on my phone for work, and swapping phones and running in circles to get things fixed is too great a risk to take.
Click to expand...
Click to collapse
Kexec has nothing to do with IMEI loss. Users of ATT, Tmobile, Sprint, and Verizon have lost IMEI. Verizon is the only one with kexec so clearly that isn't the problem.
con247 said:
Kexec has nothing to do with IMEI loss. Users of ATT, Tmobile, Sprint, and Verizon have lost IMEI. Verizon is the only one with kexec so clearly that isn't the problem.
Click to expand...
Click to collapse
pardon my ignorance, i am sorry.
Before I came to the S3 from a moto x2 and HTC incredible 2 I simply never heard of IMEI issues.
Well, not entirely true... i had a few iPhone's on att which became bricks after a while that had IMEI error codes, they were practically forever unfixable, and apple would just swap them.
i will have to learn about IMEI a little more before i ask further dumb questions.
what you should do is make sure the op in a thred stated that their rom is unlocked and open recovery-compatible. than you may flash without kexec. i for one use twrp to flash cm10 just as an insult to verizon lol.
Stryker1297 said:
what you should do is make sure the op in a thred stated that their rom is unlocked and open recovery-compatible. than you may flash without kexec. i for one use twrp to flash cm10 just as an insult to verizon lol.
Click to expand...
Click to collapse
So close to putting a nice dent into my data and just grabbing cm10 over 4g...
What I really want is paranoid android rom though.
Either way, seems I need to back up my IMEI regardless and can always restore if the process goes wrong.
Sent from my SCH-I535 using xda app-developers app

To root or not

I just got an S3 from an upgrade. Should I root it (this isnt my first android phone i know what I will be getting into) with the jelly bean update on the rise? If I do root when the update comes out will it matter if I am rooted/ bootloader unlocked, or will the update just erase all the root.
Back when I had my Droid Bionic it DID matter if we where rooted when an update rolled around.
If is the same old story. If you root, you can customize to your heart's content and have access to new things sooner. However, you void your warranty and can't take OTAs if you root. I wouldn't chance waiting to do it later of you are going to do it, chances are Verizon will close the exploit that is currently used and you may never get the access that you have the opportunity to have right now.
Sent from my SCH-I535 using xda premium
What are your needs? This is really a question only you can answer.
Sent from my Galaxy Nexus using Tapatalk 2
If you found your way to XDA, then ROOT, ROOT, ROOT!!!!
All i used root for on my Bionic was to block ads and acess to more of the phones files. The bootlader was still locked so that is all we could do. On my Droid Eris I changed cpu speeds a ton of files. So I am debating.
Is there a way to get back to stock similar to FXZ?
Root. It adds so much more fun to owning the phone, and the variety in ROM's are great for the S3.
You can root and leave it at that to block ads and use wireless hotspot. Two main reasons I root initially. Then I get bored and go the custom roms route.
Sent from my Nexus 7 using xda app-developers app
waffleb051 said:
I just got an S3 from an upgrade. Should I root it (this isnt my first android phone i know what I will be getting into) with the jelly bean update on the rise? If I do root when the update comes out will it matter if I am rooted/ bootloader unlocked, or will the update just erase all the root.
Back when I had my Droid Bionic it DID matter if we where rooted when an update rolled around.
Click to expand...
Click to collapse
Why not? this is an easy decision, root it and play with it, for some reason you don't like it, you can go back to factory stock easily. By the way root will not void warranty, unlock will, but you can alway relock or unroot. So there you have it. It's safe, easy and reverable. Go for it!
If you rooted, you still can take the OTA upgrade no problem, just download and install Voodoo OTA root keeper, save root, take the OTA then restore root (take 1min to do so). Now if you unlock, you won't able to take OTA, however the main reason why you unlocked is you want to run custom rom, so if you are using custom rom then you don't care about OTA. Once the new OTA comes out, you just wait a bit and developers here will create a custom rom for the new release OTA.
get
jellywiz and it's great! It is completely stock. AND ALL of the apps like media hub work. I tired cm 10 and didn't like it. I lost so much like the swipe hand across the screen for screen shot, video while texting, mediahub, nfl mobile here is the link http://forum.xda-developers.com/showthread.php?t=1853337
Battery was about 90% of stock which I think is great.
buhohitr said:
Why not? this is an easy decision, root it and play with it, for some reason you don't like it, you can go back to factory stock easily. By the way root will not void warranty, unlock will, but you can alway relock or unroot. So there you have it. It's safe, easy and reverable. Go for it!
If you rooted, you still can take the OTA upgrade no problem, just download and install Voodoo OTA root keeper, save root, take the OTA then restore root (take 1min to do so). Now if you unlock, you won't able to take OTA, however the main reason why you unlocked is you want to run custom rom, so if you are using custom rom then you don't care about OTA. Once the new OTA comes out, you just wait a bit and developers here will create a custom rom for the new release OTA.
Click to expand...
Click to collapse
Thats what I wanted to know, if it is easy to return to stock. Ill root when i get back to my dorms. I forgot my cord and im in class
If for wifi tether alone rooting is always worth it as far as I am concerned. That is one of the best features out there, then again I guess you may be able to do that for free anyway after that fcc thing
I forgot about that is the official google tether apk in the play store yet?
You can delete failbook, that is REASON enough to root.
Google has a tethering apk? Where is it?
binkies said:
If for wifi tether alone rooting is always worth it as far as I am concerned. That is one of the best features out there, then again I guess you may be able to do that for free anyway after that fcc thing
Click to expand...
Click to collapse
You already can for free I've been doing since I got Verizon in Aug
Sent from my SCH-I535 using xda premium
jonapunk said:
You already can for free I've been doing since I got Verizon in Aug
Click to expand...
Click to collapse
Only people on shared data plans can do it for free
Just use FoxFi or pdaNET... Both work and are free 99!
Sent From The Galaxy via ICS
waffleb051 said:
I just got an S3 from an upgrade. Should I root it (this isnt my first android phone i know what I will be getting into) with the jelly bean update on the rise? If I do root when the update comes out will it matter if I am rooted/ bootloader unlocked, or will the update just erase all the root.
Back when I had my Droid Bionic it DID matter if we where rooted when an update rolled around.
Click to expand...
Click to collapse
Root, then download the rooted OTA. I love to tinker with my phone all day
Sent from my SCH-I535 using xda premium
I've rooted and unrooted my phone a few times for specific needs, but will not unlock the bootloader until the weird IMEI issue is clearly found (and made avoidable).
So, will just wait for the official JellyBean OTA update.
- ooofest
ooofest said:
I've rooted and unrooted my phone a few times for specific needs, but will not unlock the bootloader until the weird IMEI issue is clearly found (and made avoidable).
So, will just wait for the official JellyBean OTA update.
- ooofest
Click to expand...
Click to collapse
There're 2 Verizon stock Jelly Bean leaks, I'm running it and so forth pretty smooth. This is pure stock, you're going to lose root if you flash them.
buhohitr said:
There're 2 Verizon stock Jelly Bean leaks, I'm running it and so forth pretty smooth. This is pure stock, you're going to lose root if you flash them.
Click to expand...
Click to collapse
True, but I'm banking on a forthcoming method to obtain root after the OTA hits. Maybe somehow backlevel to a stock ICS build and root from there, etc. Or, maybe I'll never get root back after the OTA hits. Guess we'll see.
- ooofest

Small carrier, model/build version, flashing decision issues

Just got an upgrade from my carrier (a small local carrier) and I chose the s3. Came from some Motorola peice of fail. I'm looking to root and flash an insecure bootloader but I have encountered a confusing conflict. Having a Verizon model phone with a us cellular build of android loaded. And yes I'm certain it is a Verizon model phone (google schi535mbb if you don't believe me) with us cellular stock rom loaded (with some tweeks like 4g disabled). Rom and software model say the following R530 & d2usc. Bootloader is I535VRALE6 baseband I535VRLF2. This as far as I can tell was acomplished by a company called ultimobile. Which customizes devices to function on small mobile carriers. If anybody has any ideas or suggestions on what I might try, please let me know. I just don't want to screw something up and have a brick, just coming from a device that was all but brickable.
Sent from my SCH-I535 using xda premium
Lrs121 said:
Just got an upgrade from my carrier (a small local carrier) and I chose the s3. Came from some Motorola peice of fail. I'm looking to root and flash an insecure bootloader but I have encountered a confusing conflict. Having a Verizon model phone with a us cellular build of android loaded. And yes I'm certain it is a Verizon model phone (google schi535mbb if you don't believe me) with us cellular stock rom loaded (with some tweeks like 4g disabled). Rom and software model say the following R530 & d2usc. Bootloader is I535VRALE6 baseband I535VRLF2. This as far as I can tell was acomplished by a company called ultimobile. Which customizes devices to function on small mobile carriers. If anybody has any ideas or suggestions on what I might try, please let me know. I just don't want to screw something up and have a brick, just coming from a device that was all but brickable.
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
Interesting. From the sound of it it may just be software blocked. Verizon root and unlock should work. The trick is gonna be finding software that will work with that carrier. If it is using straight UC Cellular may be able to run what those guys are running. If it is that small carrier that controls access then that would be the problem. Without a backup of the stock rom don't know how you would get it running again. According to the numbers it is a Verizon S3 running Us Cellular. Good luck.
prdog1 said:
Interesting. From the sound of it it may just be software blocked. Verizon root and unlock should work. The trick is gonna be finding software that will work with that carrier. If it is using straight UC Cellular may be able to run what those guys are running. If it is that small carrier that controls access then that would be the problem. Without a backup of the stock rom don't know how you would get it running again. According to the numbers it is a Verizon S3 running Us Cellular. Good luck.
Click to expand...
Click to collapse
The recovery that's on it right now has built in options for nvbackup. From what I've read that is the radio, imei, and other files used to connect to the network. I was gonna make several backups of everything as soon as I gained root control. The real problem comes down to when I go to throw cm on here. Figuring out which vzw or usc will cooperate with the carrier files.
Sent from my SCH-I535 using xda premium
Lrs121 said:
The recovery that's on it right now has built in options for nvbackup. From what I've read that is the radio, imei, and other files used to connect to the network. I was gonna make several backups of everything as soon as I gained root control. The real problem comes down to when I go to throw cm on here. Figuring out which vzw or usc will cooperate with the carrier files.
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
Make a nandroid backup and maybe post to see what your running as?
Sent from my SCH-I535 using Tapatalk 2
Addiso said:
Make a nandroid backup and maybe post to see what your running as?
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
Was definitely gonna make a nandroid, but as for 'post to see what I'm running as' what do you mean?
Sent from my SCH-I535 using xda premium
Lrs121 said:
Was definitely gonna make a nandroid, but as for 'post to see what I'm running as' what do you mean?
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
Maybe the build.prop?
Edit: Attach it via Pastebin!
SlimSnoopOS said:
Maybe the build.prop?
Edit: Attach it via Pastebin!
Click to expand...
Click to collapse
Here ya go. Have fun http://pastebin.com/eUj5z2VT
Sent from my SCH-I535 using xda premium
Lrs121 said:
Here ya go. Have fun http://pastebin.com/eUj5z2VT
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
Looks like us cellular under the ultimobile ID?
Sent from my SCH-I535 using Tapatalk 2
Addiso said:
Looks like us cellular under the ultimobile ID?
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
It's weird though right? I'm not sure how to go about suggesting how to flash roms. I have to side with prdog1 and say it's a VZW GSIII running USC. I really can't suggest a good way to proceed since it's hard to tell what you would use to revert back to stock in case of emergences.
Anyone familiar with Team US Cellular? Any input from there?
Addiso said:
Looks like us cellular under the ultimobile ID?
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
thats what i saw too. the difficult thing to figure out is if to use the verizon unlock and root or the us cellular model. it is most definately a verizon model of phone just loaded up with us cell software. ive flashed verizon a based rom over a locked down motorola peice of fail, but that couldnt touch the kernel, base band, or anything but the system with out it requiring a complete reflash to stock. i dont exactly have that option if every thing screws up in the process of gaining root. id have to take it into the store and wait till they can reflash it there.
Lrs121 said:
thats what i saw too. the difficult thing to figure out is if to use the verizon unlock and root or the us cellular model. it is most definately a verizon model of phone just loaded up with us cell software. ive flashed verizon a based rom over a locked down motorola peice of fail, but that couldnt touch the kernel, base band, or anything but the system with out it requiring a complete reflash to stock. i dont exactly have that option if every thing screws up in the process of gaining root. id have to take it into the store and wait till they can reflash it there.
Click to expand...
Click to collapse
I'm fairly certain you should use the unified toolkit to root and maybe unroot. In your build.prop, I noticed it reads on the fifth line:
ro.build.version.incremental=R530UVXALK5
Click to expand...
Click to collapse
and the toolkit supports LK5 build for the d2usc. I think they're both locked down the same but on Team US Cellular's website that's what I'm seeing some people have used too. Idk about your specific case using another carrier but a d2usc GSIII but I'm thinking that's a start. Idk about returning to stock though.
Edit: Gonna add this, this means there is an Odin flashable of LK5 available somewhere.
Edit x2: POW!
SlimSnoopOS said:
I'm fairly certain you should use the unified toolkit to root and maybe unroot. In your build.prop, I noticed it reads on the fifth line:
and the toolkit supports LK5 build for the d2usc. I think they're both locked down the same but on Team US Cellular's website that's what I'm seeing some people have used too. Idk about your specific case using another carrier but a d2usc GSIII but I'm thinking that's a start. Idk about returning to stock though.
Edit: Gonna add this, this means there is an Odin flashable of LK5 available somewhere.
Edit x2: POW!
Click to expand...
Click to collapse
really i need to gain fastboot access to the phone. there are some files i need to check and i need to pull the special recovery that came with the phone. if i can do that i should be able to pull what i need from the phone to be able to return to stock. im also gonna perform an nvback up, a qpst backup and the synergy back up. but first things first i need fastboot access to the phone. i know how to get into recovery and download mode but for the life of me i cant figure out how to get to a fastboot compliant mode. from there i can figure how im gonna proceed to root.
edit: what i see in download mode
odin mode
Product name: sch--i535
custom binary download: yes (1 counts)
current binary: custom
system status: custom
Qualcom secureboot: enable
Lrs121 said:
really i need to gain fastboot access to the phone. there are some files i need to check and i need to pull the special recovery that came with the phone. if i can do that i should be able to pull what i need from the phone to be able to return to stock. im also gonna perform an nvback up, a qpst backup and the synergy back up. but first things first i need fastboot access to the phone. i know how to get into recovery and download mode but for the life of me i cant figure out how to get to a fastboot compliant mode. from there i can figure how im gonna proceed to root.
edit: what i see in download mode
odin mode
Product name: sch--i535
custom binary download: yes (1 counts)
current binary: custom
system status: custom
Qualcom secureboot: enable
Click to expand...
Click to collapse
Here's a left field suggestion, could you call this UltiMobile company and ask about what they used?
SlimSnoopOS said:
Here's a left field suggestion, could you call this UltiMobile company and ask about what they used?
Click to expand...
Click to collapse
havent done that yet. its on a list of things to do the problem is that everywhere they put information out they say to contact the carrier not them for everything. i may just have to wait till the phone isnt so new at my carrier and let the IT department play around with it for a while. i can then get information from them.
Lrs121 said:
havent done that yet. its on a list of things to do the problem is that everywhere they put information out they say to contact the carrier not them for everything. i may just have to wait till the phone isnt so new at my carrier and let the IT department play around with it for a while. i can then get information from them.
Click to expand...
Click to collapse
That's real tricky but sounds like your best option. At least you're rooted and unlocked with the VRALE6 bootloader and can debloat. Out of curiosity, what recovery are you using that has all these options?
As an aside, this table tells you where the recovery partition is. I've heard of people using dd commands to pull whatever partition they want to their sdcard but idk how viable an option this is in terms of pushing a recovery to that partition. I'm not recommending you try it either.
SlimSnoopOS said:
That's real tricky but sounds like your best option. At least you're rooted and unlocked with the VRALE6 bootloader and can debloat. Out of curiosity, what recovery are you using that has all these options?
As an aside, this table tells you where the recovery partition is. I've heard of people using dd commands to pull whatever partition they want to their sdcard but idk how viable an option this is in terms of pushing a recovery to that partition. I'm not recommending you try it either.
Click to expand...
Click to collapse
The vrale6 is unlocked? If so then why does it say that the qualcom secure boot is enabled. And I haven't rooted just yet but am working on it. Its a recovery built by ultimobile.
Sent from my Nexus 7 using XDA Premium HD app
Lrs121 said:
The vrale6 is unlocked? If so then why does it say that the qualcom secure boot is enabled. And I haven't rooted just yet but am working on it. Its a recovery built by ultimobile.
Sent from my Nexus 7 using XDA Premium HD app
Click to expand...
Click to collapse
Yes indeed. VRALE6 is the prerelease bootloader that was leaked which EVERY d2vzw (d2usc I suppose too) uses in order to allow flashing of roms/kernels. It's a little weird to explain but basically everyone's Download Mode reads almost the same. Mine reads "custom binary: Samsung Official" though and I'm rooted/unlocked. Idk the technical or even the proper way to explain it but the unlocked VRALE6 bootloader has no bearing on what Download mode says. Although your custom binary should be at 0 if/when you do warranty exchanges.
SlimSnoopOS said:
Yes indeed. VRALE6 is the prerelease bootloader that was leaked which EVERY d2vzw (d2usc I suppose too) uses in order to allow flashing of roms/kernels. It's a little weird to explain but basically everyone's Download Mode reads almost the same. Mine reads "custom binary: Samsung Official" though and I'm rooted/unlocked. Idk the technical or even the proper way to explain it but the unlocked VRALE6 bootloader has no bearing on what Download mode says. Although your custom binary should be at 0 if/when you do warranty exchanges.
Click to expand...
Click to collapse
Ah makes sense now it just doesn't do a hash/encryption check. I've dealt with a lot of bootloader stuff with my old phone. the phone came like that with the count at 1. Was like that before I tried anything. Probably was triggered when the d2usc stock was flashed onto it. Which probably means I should stick with d2usc builds to ensure compatibility with connecting with my carrier.
Sent from my Nexus 7 using XDA Premium HD app

[Q] Just throwing this idea out there

I should start by saying I am by no means experienced with unlocking bootloaders or hacking firmware, so if this is a completely noob idea then forgive me but I thought I might as well see if I could help. Anyways, on to my idea; as we all know, the 4.3 bootloader is locked for good. So what if one was to corrupt the bootloader, like brick it on purpose to a point where the bootloader doesn't recognize any update being pushed, and then unbrick the phone with an older unlockable bootloader. Am I losing my mind due to having the locked 4.3 or is this plausible?
And while I have a thread open, could someone explain a few questions I have about knox? If knox is what is causing the bootloader to be locked and there's ways to disable knox, then wouldn't disabling knox make the bootloader unlockable?
ericcue said:
I should start by saying I am by no means experienced with unlocking bootloaders or hacking firmware, so if this is a completely noob idea then forgive me but I thought I might as well see if I could help. Anyways, on to my idea; as we all know, the 4.3 bootloader is locked for good. So what if one was to corrupt the bootloader, like brick it on purpose to a point where the bootloader doesn't recognize any update being pushed, and then unbrick the phone with an older unlockable bootloader. Am I losing my mind due to having the locked 4.3 or is this plausible?
And while I have a thread open, could someone explain a few questions I have about knox? If knox is what is causing the bootloader to be locked and there's ways to disable knox, then wouldn't disabling knox make the bootloader unlockable?
Click to expand...
Click to collapse
This won't work.
The new update changes the keys on the entire bootloader, it's impossible to corrupt the bootloader to a point of failure because the entire thing is hard coded into the board itself. The processor is specifically able recognize the vrucml1 bootchain, and it won't boot without it, unless someone finds a way to bypass that entire mechanism (which I would consider nearly impossible.
Knox is not causing the bootloader to be locked. Verizon patched our work around for unlocking the bootloader and pushed it. Knox is simply a non reversible flash counter for rooting your device. It's coded in the bootloader and system apps to detect this.
Sent from my SCH-I535 using Tapatalk 2
Ah I see. I guess I had trouble understanding that an OTA could completely and irreversibly lock a bootloader. There's got to be some kind of exploit for this at some point right? I'm not sure I can handle this 4.3 nonsense anymore!
And thanks for the knox explanation, I used to hate sprint for the things they did (like booting me for roaming) and now verizon is starting to tick me off.
ericcue said:
Ah I see. I guess I had trouble understanding that an OTA could completely and irreversibly lock a bootloader. There's got to be some kind of exploit for this at some point right? I'm not sure I can handle this 4.3 nonsense anymore!
And thanks for the knox explanation, I used to hate sprint for the things they did (like booting me for roaming) and now verizon is starting to tick me off.
Click to expand...
Click to collapse
There is probably no chance for an exploit to completely unlock a bootloader.
Hardware hacking is almost impossible because of the type of encryption it takes to make the processor and bootchain recognize each other. It's sensitive, and you need to match the numbers specifically to perform a boot. Everyone is familiar with an md5 code, this is a fairly simple algorithm, and we all know that the slightest change in a bad download will generate a completely different md5 sum. In this case, the algorithm is much more complex, and pretty much impossible to match and trick the phone into booting an incorrect bootloader. This is why straight up hacking a bootloader an impossible feat, so we mostly make work arounds.
All our unlocked bootloader was is a very early aboot block. The bootchain trusts the aboot file, and the aboot file trusts anything you put in the recovery and system partitions. Since the new bootchain requires a signed aboot file for ML1, it makes this exploit insignificant and the aboot file doesn't trust anything else you stick in the recovery or system partition.
Loki was another exploit that was patched. Kexec is an example of a work around, and so is safestrap, but these types of workarounds won't unlock the bootloader and allow aosp Rom flashing.
Sent from my SCH-I535 using Tapatalk 2
BadUsername said:
There is probably no chance for an exploit to completely unlock a bootloader.
Hardware hacking is almost impossible because of the type of encryption it takes to make the processor and bootchain recognize each other. It's sensitive, and you need to match the numbers specifically to perform a boot. Everyone is familiar with an md5 code, this is a fairly simple algorithm, and we all know that the slightest change in a bad download will generate a completely different md5 sum. In this case, the algorithm is much more complex, and pretty much impossible to match and trick the phone into booting an incorrect bootloader. This is why straight up hacking a bootloader an impossible feat, so we mostly make work arounds.
All our unlocked bootloader was is a very early aboot block. The bootchain trusts the aboot file, and the aboot file trusts anything you put in the recovery and system partitions. Since the new bootchain requires a signed aboot file for ML1, it makes this exploit insignificant and the aboot file doesn't trust anything else you stick in the recovery or system partition.
Loki was another exploit that was patched. Kexec is an example of a work around, and so is safestrap, but these types of workarounds won't unlock the bootloader and allow aosp Rom flashing.
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
You are a bundle of endless info. Thank you for breaking it down like this!
Edit: I have been curious for awhile about the technical aspect of everything you detailed.
That was amazing lol thanks for clearing all that up. Now I guess the race is on to find safestrap compatible roms. I'm running wicked sensations right now through safestrap and it seems pretty good but I was looking for a rom that could force 4g
SlimSnoopOS said:
You are a bundle of endless info. Thank you for breaking it down like this!
Edit: I have been curious for awhile about the technical aspect of everything you detailed.
Click to expand...
Click to collapse
I wish I knew more coding details, like what this stuff specifically looks like, but it's interesting researching all this material.
These are the kinds of questions I like, they really make you think about what's happening. I wish more users posted questions like these. One day someone might post something that might actually work. It's good creative thinking.
Sent from my SCH-I535 using Tapatalk 2
Kexec will allow flashing of aosp roms in addition to safe strap.
Sent from my SCH-I535 using Tapatalk
Dadud said:
Kexec will allow flashing of aosp roms in addition to safe strap.
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
Kexec might be able to, but it depends of that exploit has been patched or not, that kernel mechanism can also be shut down to disallow booting of a 2nd kernel. If the modules are written a certain way you're stuck with that initial boot.
Safestrap can't, it relies on a stock kernel to run, so unless someone makes an aosp rom to run with a 4.3 touchwiz kernel it won't work.
Sent from my SCH-I535 using Tapatalk 2
How did hashcode get cm 10.2 on the droid 3 using kexec and safe strap?
Sent from my SCH-I535 using Tapatalk
I love this thread so much. Thanks BadUsername and everyone else! So why exactly can't we use Kexec?
YevOmega said:
I love this thread so much. Thanks BadUsername and everyone else! So why exactly can't we use Kexec?
Click to expand...
Click to collapse
Getting kexec functionality isn't the easiest process. The holes that allowed kexec on 4.0.4 may have been patched due to the new Linux 3.0 kernel updated in newer versions.
Some developer would have to work on finding that loophole and enabling a second kernel to run.
Hashcode was able to do this on Motorola devices by rewriting the kernel modules to run differently. The way he did it wouldn't work for us anyway because they used OMAP devices. We have a qualcom processor, the loophole he used to enable kexec is completely different then what we would need to enable.
Additionally, it may not even be possible to enable kexec. The whole idea of a locked bootloader is to prevent this from happening. Loopholes constantly get patched, making enabling these types of workarounds increasingly more difficult.
Eventually the loophole that allows safestrap to even run will likely get patched. It's just the nature of making phones increasingly more difficult to root and unlock.
I hope someone has the time and passion to work on kexec, but I wouldn't necessarily count on it. There's likely a reason why it was never implemented on the s4.
Sent from my SCH-I535 using Tapatalk 2
BadUsername said:
Getting kexec functionality isn't the easiest process. The holes that allowed kexec on 4.0.4 may have been patched due to the new Linux 3.0 kernel updated in newer versions.
Some developer would have to work on finding that loophole and enabling a second kernel to run.
Hashcode was able to do this on Motorola devices by rewriting the kernel modules to run differently. The way he did it wouldn't work for us anyway because they used OMAP devices. We have a qualcom processor, the loophole he used to enable kexec is completely different then what we would need to enable.
Additionally, it may not even be possible to enable kexec. The whole idea of a locked bootloader is to prevent this from happening. Loopholes constantly get patched, making enabling these types of workarounds increasingly more difficult.
Eventually the loophole that allows safestrap to even run will likely get patched. It's just the nature of making phones increasingly more difficult to root and unlock.
I hope someone has the time and passion to work on kexec, but I wouldn't necessarily count on it. There's likely a reason why it was never implemented on the s4.
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
*Sigh*
YevOmega said:
*Sigh*
Click to expand...
Click to collapse
It's not the worst thing. In my opinion this phone runs really well on touchwiz roms anyway. Give some time for more roms to come out. Tkrom, cleanrom and jellybeans will all be spectacular when they come out.
Sent from my SCH-I535 using Tapatalk 2
BadUsername said:
It's not the worst thing. In my opinion this phone runs really well on touchwiz roms anyway. Give some time for more roms to come out. Tkrom, cleanrom and jellybeans will all be spectacular when they come out.
Sent from my SCH-I535 using Tapatalk 2
Click to expand...
Click to collapse
I totally agree with you. With root and a different launcher, I'm doing fine right now. Really wanted that new quick settings on Paranoid though.
Sent from my SCH-I535 using Tapatalk
Anyone else think that the information that BadUsername posted should be made a sticky?
Should have just rooted when you first got the phone haha
Sent from my SCH-I535 using xda app-developers app
XdrummerXboy said:
Should have just rooted when you first got the phone haha
Click to expand...
Click to collapse
You can gain root access on 4.3, but still can't unlock the bootloader.
The 4.3 OTA has truly downgraded the performance of my phone, so I'm not holding out much hope that 4.3 safestrapped ROMs will do much else - Samsung has rather let me down with this update (even outside of working with Verizon to lock the darn thing down much more tightly).
I used to say that custom ROMs were not needed, because the stock OS ran so well. Since the 4.3 OTA, it feels slower than when it first came with 4.0.4 (?) and has some of the old WiFi and Bluetooth issues back, again. On both of our Galaxy S III phones, btw. Not quite so fun, anymore.
- ooofest
ooofest said:
You can gain root access on 4.3, but still can't unlock the bootloader.
The 4.3 OTA has truly downgraded the performance of my phone, so I'm not holding out much hope that 4.3 safestrapped ROMs will do much else - Samsung has rather let me down with this update (even outside of working with Verizon to lock the darn thing down much more tightly).
I used to say that custom ROMs were not needed, because the stock OS ran so well. Since the 4.3 OTA, it feels slower than when it first came with 4.0.4 (?) and has some of the old WiFi and Bluetooth issues back, again. On both of our Galaxy S III phones, btw. Not quite so fun, anymore.
- ooofest
Click to expand...
Click to collapse
Oh, I didn't catch that. Thanks for the info. And ooofest, were you over at overclockers.uk? I thought I recognized that name from there, maybe it was only here though.
I've honestly lost track of the rooting requirements for this phone after I rooted. Best decision I've made with this phone! But I was nervous to do so...
I agree, it wasn't too terrible when it had 4.0.4, but compared to Cyanogenmod there's no comparison on which is smoother!
Sent from my SCH-I535 using xda app-developers app
XdrummerXboy said:
Oh, I didn't catch that. Thanks for the info. And ooofest, were you over at overclockers.uk?
Click to expand...
Click to collapse
Not that I recall, sorry. I used to be more active here and about, but then decided to go back into stock for 2013 and ramp up the rooting, unlocking, optimization, etc. in 2014.
It would always be ready to re-root and unlock, yes?
Well, never say "always."
XdrummerXboy said:
I agree, it wasn't too terrible when it had 4.0.4, but compared to Cyanogenmod there's no comparison on which is smoother!
Click to expand...
Click to collapse
Indeed.
- ooofest

[Q] Question about NE1 bootrom lock issue

I have an sch-i535 Galaxy S3 Verizon phone. I'm not using it on a network anymore and just want to use a custom rom. Is there ANY way to wipe, replace, do something with the locked bootloader since I'm not using the phone as a phone?
oneway2k said:
I have an sch-i535 Galaxy S3 Verizon phone. I'm not using it on a network anymore and just want to use a custom rom. Is there ANY way to wipe, replace, do something with the locked bootloader since I'm not using the phone as a phone?
Click to expand...
Click to collapse
Your out of luck. Locked bootloader means no way to return to a previous version on Android. Even if its not being used as a phone it's basically stuck there. There are jtag services out there to revert back to 4.1.2 but I've heard a lot of mixed thoughts on those
Sent from my N5
ShapesBlue said:
Your out of luck. Locked bootloader means no way to return to a previous version on Android. Even if its not being used as a phone it's basically stuck there. There are jtag services out there to revert back to 4.1.2 but I've heard a lot of mixed thoughts on those
Sent from my N5
Click to expand...
Click to collapse
Since I'm not too concerned about breaking this phone, can someone point me to info on the procedure for using JTAG to go back to 4.1.2? I have found some advertisements but no how-to.
oneway2k said:
Since I'm not too concerned about breaking this phone, can someone point me to info on the procedure for using JTAG to go back to 4.1.2? I have found some advertisements but no how-to.
Click to expand...
Click to collapse
I'd suggest mobile tech videos. There is a thread on xda about them but there are mixed reviews
Sent from my N5
http://forum.xda-developers.com/showthread.php?t=1734949
Moved to Q&A.
If you decide not to go the jtag route you could:
1) install SafeStrap
2) flash SuperliteROM into stock slot
3) flash XPosed and the modules that would make SLR look and act as you like.
This is what I have done with the i535 I picked up that was on NE1.

Categories

Resources