Related
Are there any downsides to downgrading to bootloader v1.04?
Does v1.06 have anything extra that v1.04 doesn't?
I have an X01HT (v1.06)
Is it possible that future ROM upgrades could be tied to the bootloader version?
Thanks
tle said:
Are there any downsides to downgrading to bootloader v1.04?
Click to expand...
Click to collapse
Bootloader 1.06 enforces CID checking, bootloader 1.04 doesn't.
Bootloader 1.06 doesn't have 'rtask' command, bootloader 1.04 does.
rtask command allows you to do some "interesting" things, for example enter radio bootloader, and GSM AT command interface, where you can type AT commands to the phone from bootloader. Read the wiki Hermes bootloader page for more info.
tle said:
Does v1.06 have anything extra that v1.04 doesn't? I have an X01HT (v1.06)
Click to expand...
Click to collapse
No, it has less things... rtask command removed
The "extra" thing is that your CID is checked when flashing a ROM, so you can't flash ROMs that are made for other Hermes devices such as HTC TyTN or Cingular 8525 on your X01HT.
tle said:
Is it possible that future ROM upgrades could be tied to the bootloader version?
Click to expand...
Click to collapse
it is possible, but unlikely to happen, shouldn't worry you too much now.
Thanks for the quick reply, pof.
I guess that if a ROM were to be tied to bootloader v1.06 then someone would have to make a bootloader only upgrade... Do you foresee and potential issues there. (excluding copyright issues?
Thanks
tle said:
I guess that if a ROM were to be tied to bootloader v1.06 then someone would have to make a bootloader only upgrade... Do you foresee and potential issues there. (excluding copyright issues?
Click to expand...
Click to collapse
No issues at all, and no "bootloader only upgrade" needed... if you are on 1.04 you just have to flash any ROM containing bootloader 1.06 to have bootloader 1.06 on your device. Then you could do the 'tied-to-1.06' upgrade.
But at the moment 1.06 and 1.04 are very similar, the only difference I've noticed is 'rtask' command and CID checking. rtask command also allows you to go radio bootloader and flash the 'extracted radio rom upgrades' (using rwdata), so you can't do a radio-only upgrade in 1.06 at the moment.
Anyway... I am investigating the way to provide an alternative method to go from 1.06 to 1.04 without copyright issues (as with the previous method from imei-check). Now I can jump from WinCE to IPL at physical address 0x0000000 and then the IPL reads the SPL from flash and executes it correctly.
The next step is to load the nb file for SPL 1.04 and place it in RAM at 0x3000000, and instead of jumping to IPL jump to SPL when this is done it will be possible to downgrade the bootlodaer for those of you on 1.06
Sounds like you are close to a solution. I read in a another thread that you said you are not a WINCE programmer, but you seems like you have a good grasp of low level programming. Best of luck!
I'm getting a lot of help from some friends, i wouldn't have reached this without their help, and I like to learn new things
What we're doing is modifying gnuharet to remove the linux-loading part and add very few changes in the ARM9 assembly part, if you're interested see the file src/wince/asmstuff.S.
pof said:
rtask command allows you to do some "interesting" things, for example enter radio bootloader, and GSM AT command interface, where you can type AT commands to the phone from bootloader.
Click to expand...
Click to collapse
I guess it should be possible to do in wince by directly calling a rilgsm ioctl
(should work on universal, the equivalent code runs the phone in Linux).
devspecific code=54
http://wiki.xda-developers.com/index.php?pagename=rilgsm.dll
cr2, yes it is possible... this is what my unlocker does to do the [email protected] commands and uses almost the same code as buzz used on the universal.
EDIT: I read you too fast, I'm using RIL_DevSpecific commands to send the [email protected], but didn't read the code=54. Have to try this, thanks for pointing it out!
Help Needed!
Hi pof,
I (stupid guy!) upgraded from ME_DT_WWE_1182553_106_10303_Ship to Cingular 1.34.502.1 (1.06) and now I cannot downgrade (using for example Cingular_1.30.502.1 (1.04)...why?
I tried every unlocking process, every step you write here, but no way! Always ID ERROR (294)...whyyy????
I cannot understand...I think a downgrade to 1.04 could save me...
Please, help me...
Yes, downgrade will help you. Just downgrade to a full rom matching the CID on your device, or wait until a free solution to downgrade bootloader.
pof said:
Yes, downgrade will help you. Just downgrade to a full rom matching the CID on your device, or wait until a free solution to downgrade bootloader.
Click to expand...
Click to collapse
Just to be sure: I flashed my Dutch TyTn (QTEK_E11) to Cing 1.34 WWE (CWS_001).
Now my CID still is QTEK_E11 or is it changed to CWS_001?
If is still is QTEK_E11 then I can go back to the Dutch HTC 1.18.254.2, can I?
And from there I can SuperCID my device?
After having updated a HTC TyTN (german version) with bootloader 1.04 and CID "QTEK_102" with a new rom HTC (english) 1.18.416.1 07/22/06 with bootloader 1.06 and CID "QTEK_001" I ckecked my "new" CID with mtty and the command "info 2". The program tells me that I have now the CID "QTEK_102" like on the old german rom although I flashed a new enlish one. Now I am not able to flash any other version even if I try to flash the same update again! I am quite confused, because I thought the CID is depending on the rom that I flashed last?! How can I now go back to bootloader 1.04? I would need the same CID for that but there is no rom with CID "QTEK_002" and bootloader 1.04 available as far as I know??? Sorry for this newbie question, but I couldn't find any hint elsewhere....
Okay, I solved the problem by following the thread of hookhook (http://forum.xda-developers.com/showthread.php?t=284401). THANX!
Although all the information can be found on the forum and in the HTC Hermes Wiki there are always many posts with questions about upgrading and unlocking. I hope this will make it a bit clearer for you:
Bootloader
The bootloader is the place where you can change the low-level software parameters and some hardware parameters of the Hermes, change and read the ROM and provides information about it.
The bootloader is invoked by pressing down both the POWER button and SIDE OK together and using the stylus at the same time to press the RESET button at the bottom.
The bootloader version is shown for a short amount of time when booting the device. You'll see "SPL-1.0X"
Versions
1.04
There is a bug in bootloader 1.04 wich allows you to flash any ROM without a CID check. You have to be in bootloader mode to use this bug.
It's possible to upgrade the RadioROM. You can even flash a patched RadioROM wich is needed to unlock your device.
1.06
The bug from version 1.04 is fixed. Without downgrading to a Shipped ROM with bootloader 1.04 that matches your CID it's not possible to flash a ROM with a different CID.
The RadioROM can't be upgraded. You have to downgrade to bootloader 1.04 to unlock your device.
1.09
You can't downgrade to bootloader 1.04 by flashing a Shipped ROM. However imei-check.co.uk is able to downgrade the bootloader.
There was a solution posted on this forum, but it was stolen from imei-check and was removed. If you are not willing to pay you have to wait until another solution is developed.
The RadioROM can't be upgraded. You have to downgrade to bootloader 1.04 to unlock your device.
CID
The CID your device has varies from operater to operater. It should garantee that only upgrades from a single operater can be installed (to ensure the device is branded etc.)
You can make your device SuperCID wich is some kind of "root-mode". Then you will be able to flash every ROM without thinking about bootloader versions and CIDs.
To find out wich CID your device has use the command "info 2" in bootloader. Read Hermes_BootLoader to know how to use the bootloader.
Preparations
Before you upgrade your ROM (wich will also upgrade your bootloader) you should make your device SuperCID.
Especially if you either upgrade to bootloader 1.06 and there's no Shipped ROM Upgrade with bootloader 1.04 available that matches your CID or upgrade to bootloader 1.09
Unlock / Make your device SuperCID
Use pof's SIM Unlock v2a. This will flash a patched RadioROM that is needed for the unlocking process. Unlock v2a makes your device SuperCID and removes the SIM-Lock.
You need bootloader version 1.04!
The process of flashing the RadioROM and use the unlocker is explained here
There is one restriction: At the moment it's not possible to unlock X01HT devices wich where bought after 12/1/2006 and have bootloader version 1.09 and RadioROM version 1.14.0.10! Please be patient.
Radio version can be checked from Start->Settings->System->Device Information:Radio Version.
Downgrade Bootloader
If you have bootloader version 1.06 and there is a Shipped ROM Upgrade with bootloader version 1.04 available that matches your CID you can flash it to downgrade your bootloader.
Otherwise - you are on bootloader 1.09 or there is no Shipped ROM Upgrade available - you have to use imei-check.co.uk or wait until another (free) solution is developed.
For the method imei-check uses to downgrade the bootloader a working operating system is required.
Upgrade the ROM
If you flash a ROM the first time you should read Upgrade For Beginners and the Upgrade FAQ if you have further questions.
Available Upgrades are listed here
Upgrade RadioROM
There are also Extracted RadioROMs available. You need bootloader 1.04 to flash these!
good summary sn00x. you should post this on the wiki as well.
tthank u very much for the information. it is a bit clearer for me now
Excellent summary for the beginner! Vielen Dank!
Please also read Quentin-'s Hermes Upgrading Guide for a detailed description of the upgrade process and information about ExtendedROM cooking.
it should be posted in the wiki
cristal clear now.... I had posted a question in another thread and read a lot of forums without success. Now I know for sure that have to wait... any ideas on how much time.. thanks for all the help!!!
Super CID
When one upgrades a Radio ROM is it necessary to go back and make the device Super CID again, or is it sticky.
The reason for this question is that I down graded to bl 1.04, made my device Super CID as it was never simlocked, and then upgraded my Radio to 1.27. My device returned a QTEK code, so I just ran Super CID again. It now again displays Super CID.
Is that the way it works?
Thanks for your posting - it certainly has taught me a lot!
@basilrsa: To make SuperCID sticky you need to run Herm_Unlock_v2a.exe on your phone while it has the patched radio that shows SuperCID. Otherwise it is lost after radio upgrades.
Thanks again pof
pof said:
@basilrsa: To make SuperCID sticky you need to run Herm_Unlock_v2a.exe on your phone while it has the patched radio that shows SuperCID. Otherwise it is lost after radio upgrades.
Click to expand...
Click to collapse
Thanks pof for that information. That's what I figured out so I reflashed the patched radio,reran Herm_Unlock_v2a.exe and then flashed the 1.27 radio.
Just to be sure I reran the Herm_Unlock_v2a.exe.
I guess that should be OK
Has this been put into the wiki? Someone please do the honours and report back with a roger wilco.
V
bl1.04
Gentlemen,
Quentin wrote:
"Even with the Super CID hack you cannot install a different radio
if your ROM installed BootLoader 1.06 or greater."
If my current machine state is
1. "Sticky" superCID has been accomplished.
2. Task 32 verifies the device is in superCID mode.
3. Bootloader page displays 1.04
does it stay that way for good regardless of what I flash? If I flash a rom which carries bl1.09 what is the bootloader version going to read on the device at the completion of the flash process?
If I make this simple and go buy a IMEI-check unlock to superCID my bl1.09 system will the bootloader page change to read bl1.04 and will it stay that way regardless of what I flash?
Is bl1.04 going to stay put with subsiquent rom loads?
Thanks
pof said:
@basilrsa: To make SuperCID sticky you need to run Herm_Unlock_v2a.exe on your phone while it has the patched radio that shows SuperCID. Otherwise it is lost after radio upgrades.
Click to expand...
Click to collapse
Hi, I am quite new with all this things. I just upgraded my radio to 1.27.00.00, does it mean, that my phone is CID locked again (I unlocked it together with SIM unlock).
How do I find oud, whther the phone is SuperCID or not. Thnax a lot
zzzp said:
Hi, I am quite new with all this things. I just upgraded my radio to 1.27.00.00, does it mean, that my phone is CID locked again (I unlocked it together with SIM unlock).
How do I find oud, whther the phone is SuperCID or not. Thnax a lot
Click to expand...
Click to collapse
Read the WIKI first... it tells you to issue 'info 2' command in bootloader.
http://wiki.xda-developers.com/index.php?pagename=Hermes_Upgrades
Seriously, if you've CID unlocked and radio flashed your Hermes without reading this far you're probably going to brick your phone sometime soon, so it'll pay to do some more reading before you play too much more.
1.04 vs 1.06 vs 1.09
I've been "burning eyelashes" for the last few days, my Firefox tabs seems like a huge cargo train
One thing i never could understand of all the readings i've made is about the functional advantages on the various bootloaders . Let me explain:
I know 1.04 is the only one that allows radio-only flashes but let's forget all flashing. Let's concentrate on everyday's use.
Does anyone know if 1.06 and 1.09 will make the PDA run better? I mean, if there's a newer ROM that brings bug corrections and new features so i guess that's the same for bootloaders. In this line of thinking 1.09 should do something better than 1.04. If so what is it?
Why i'm making this question? It's because everyone wants to have the best software version for himself uses, so i don't understand why people improve on ROM's, ExtROM and radios but keep a lower version of the bootloader after flashing. Aren't they missing something using 1.04 instead of 1.09?
I have my TyTN only for a week now and i'm looking forward to do things right by reading all that i need to know. So far this is the question that i haven't seen answered.
Cheers everyone,
Evandro
Well...I'm no expert but I'd imagine that you're venturing down the wrong path. I would venture a guess that many of the bootloader revisions have been made solely to enforce increased security or to attempt to prevent hacking or modding of the underlying OS and Radio ROMs.
That was a really great summary and guide. Unfortunately from all the threads and Wikis I have been reading I feel like alot has been changing very fast and I don't fully understand. This guide was great, and I was wondering if the author or anyone else (there are a bunch of guys on here who really know what they are doing) could write an updated (mabey even more detailed/technical) version. I know how to do all the flashing and stuff, but I'm not so confident I know how it's all working, especially the more recent stuff. Mabey including how stuff like the SSPL, hard SPL, mtty, KITL, nbh/nbs, and other more technical methods being used now other than the standard RUUs.
I know almost all of this info is in the forums and the wikis, but it's a little rough to grasp it all when not together. I hope this doesn't upset anyone, I just figured Quentin was gracious enough to do it once mabey he or someone else would want to do it again. If it's too much to ask then just ignore my request. I have been reading the forums for a few months now and think you guys are doing amazing work. You have improved in weeks what it takes MS to build in years and you do it much better. Thank to all and sorry again if I offended anyone by asking this (just really scared to brick my really expensive phone ...lol)
Thanks
Bootloader 1.09 ... no problem!
sn00x said:
Bootloader
Versions
1.04
There is a bug in bootloader 1.04 wich allows you to flash any ROM without a CID check. You have to be in bootloader mode to use this bug.
It's possible to upgrade the RadioROM. You can even flash a patched RadioROM wich is needed to unlock your device.
[*]1.06
The bug from version 1.04 is fixed. Without downgrading to a Shipped ROM with bootloader 1.04 that matches your CID it's not possible to flash a ROM with a different CID.
The RadioROM can't be upgraded. You have to downgrade to bootloader 1.04 to unlock your device.
[*]1.09
You can't downgrade to bootloader 1.04 by flashing a Shipped ROM. However imei-check.co.uk is able to downgrade the bootloader.
There was a solution posted on this forum, but it was stolen from imei-check and was removed. If you are not willing to pay you have to wait until another solution is developed.
The RadioROM can't be upgraded. You have to downgrade to bootloader 1.04 to unlock your device.
Click to expand...
Click to collapse
I think first pages should be updated since the issue regarding 1.09 has been resolved here by the great pof:
http://pof.eslack.org/hermes-unlocker/
http://forum.xda-developers.com/showthread.php?t=293665
Regards
good job..
I just check my X01HT to see the CID code and this is what I read "HTCS0000HTCEUSB". Does this mean that the unit is unlocked already and any rom should work? Thanks
Probably it will be "00000000" (8 zeros instead of 4) which is a SuperCID. If you want to be 100% sure you won't loose SuperCID status, flash something with bootloader 1.04 the first time to make sure it is kept after the upgrade.
Thank you for the help. I am going to use Cingular and I am think about their first version here on the site.
I had read many post here these few days and got so confuse.
I read in some post that reply from you and get this message,
please correct me if I am wrong.
If I buy a X01HT with 1.09 bootloader now,
Is it possible to downgrade to 1.04 use HERMES Bootloader 1.01 MFG?
After I downgrade to 1.04 then I can use your SIM UNLOCK v2a program
to SIM UNLOCK and CID UNLOCK. Also I can upgrade the radio and
ExtendedROMs to other language. Am I got the right message or wrong?
Thank You for answer my question!!
Mike
hokkeung said:
Hi pof,
I had read many post here these few days and got so confuse.
I read in some post that reply from you and get this message,
please correct me if I am wrong.
If I buy a X01HT with 1.09 bootloader now,
Is it possible to downgrade to 1.04 use HERMES Bootloader 1.01 MFG?
After I downgrade to 1.04 then I can use your SIM UNLOCK v2a program
to SIM UNLOCK and CID UNLOCK. Also I can upgrade the radio and
ExtendedROMs to other language. Am I got the right message or wrong?
Thank You for answer my question!!
Mike
Click to expand...
Click to collapse
you can down to 1.04, but u can't get supercid, so u can't get Bootloader 1.01 MFG, and u can't flash other radio or OS.
i think.
If you want to discuss with one member only, please PM that person. If not, don't start thread with "To <member>:" You're only hurting yourself since doing this can limit the hits (people will ignore because title doesn't include them).
answer to your question: no, MFG solution is only available for SuperCID devices.
Sleuth255:
Thanks for your advance, coz Im new here.
So what is SuperCID? How I can know my mobile have SuperCID or not?
If not, how can I change to SuperCID?
Thanks!
"The CID is a string that identifies carrier and language of your device, it is contained also on ROM upgrade files and is used to check that you're flashing your device with the right ROM."
So SuperCID allows things from a different carrier to be flashed to your device without needing your specific vendor updates.
Connect to your device in bootloader mode through mtty.exe and issue the 'info 2' command. Do not copy and paste commands into mtty.
Links:
CID Info and other info.
Bootloader info and usage.
Hermes Wiki (95% of questions are answered in here)
Your method can work on bootloader 1.09?
If yes, after I change to mobile to SuperCID, then I can downgrade to 1.04,
right? And then I can upgrade the Rom, radio also?
I'm pretty sure that there's no SuperCID solution yet for your phone. I know you can unlock with the IMEI-check unlocker and I believe that takes you back to BL1.04, but you can't get to SuperCID since pof's custom radio won't flash on yours due to the radio bootloader yours has. Here's a link to a thread on this:
http://forum.xda-developers.com/showthread.php?t=290228
You can make x01ht post dec-2nd SuperCID by paying imei-check unlocker. This will downgrade your bootloader to 1.04 too. After that you can flash 1.01 MFG if you want, and also unlock your ExtROM. To flash other radio you'll need to upgrade the bootloader to 1.09 again and use a radio in NBH format (shipped 1.27 for example). Your radio bootloader can't be downgraded and you can't flash extracted radio roms. That's all
To be simple, Post Dec X01HT can only be unlocked & superCID by IMEI-CHECK (NO FREE METHOD at the moment), better pay if you need the phone function.......
Ahhh... so the new IMEI-check unlocker also does SuperCID. Damn.... How'd they get their custom radio flashed I wonder? That's good news for users of this phone!
You said I can't update the Extracted Radio ROM, that mean I need to download this file "RUU_Hermes_TMD-TMA_Radiopatch_1.27.00.00_107_GER.exe", right? Is it the post 2nd-Dec X01HT problem, even I downgrade to B/L 1.04, I still can't upgrade the Extracted Radio ROM? One more thing, how can I upgrade to B/L 1.09 again?
Thanks
Anyone can help?
Thanks!
hokkeung said:
I need to download this file "RUU_Hermes_TMD-TMA_Radiopatch_1.27.00.00_107_GER.exe", right?
Click to expand...
Click to collapse
Yes.
hokkeung said:
Is it the post 2nd-Dec X01HT problem, even I downgrade to B/L 1.04, I still can't upgrade the Extracted Radio ROM? One more thing, how can I upgrade to B/L 1.09 again?
Click to expand...
Click to collapse
Yes, it's forced by radio bootloader 0108, you can upgrade to SPL-1.09 to flash radios in NBH, read more here:
http://forum.xda-developers.com/showthread.php?t=290228&p=1117426
Unlock CID
HELP!!! dont want to send phone to service centre. Spl 1.01 mfg which is cid locked which means i cant upgrade bootloader to spl1.04 to flash a OS rom plus active sync does not connect whilst in bootload which most of the cid unlocking tools out there require a active sync connection. any way to cid unlock?