Jump to content

Unlocking The Orange Monte Carlo


Guest lordjubblydave

Recommended Posts

they will when nobody buys the phone because of there stupid 3 month policy and making it hard to unlock, i mean are orange seriously thick as s***.... do they really think the OSF done so well because orange are that good of a network lol i think 75% of sales were unlocked and gone from orange forever. laugh.gif

Edited by tillaz
Link to comment
Share on other sites

Guest ultrak3wl

Why do they make it so difficult? Don't they understand how business works... I say "Here's my money" and they say "Thank you Sir here's your phone."

But no, they are too busy designing useless bloatware, fiddling around with operator locking, meh don't get me started

Link to comment
Share on other sites

Guest tilal6991

Just a progress update on what I've discovered so far:

  • The lock, unfortunately, is in the nvitems
  • Even more unfortunately, overwriting a locked nvitems with an unlocked nvitems doesn't unlock the phone
  • However, fortunately the algorithm to calculate the unlock code is in the system itself - in a file called qcnvitems.odex, However I'm not a java programmer so, although I get the gist of the code, I can't make enough sense of it to make an unlock algorithm. Here is the relevant code:

.method public getLockCode()Ljava/lang/String;
.registers 4
.annotation system Ldalvik/annotation/Throws;
value = {
Ljava/io/IOException;
}
.end annotation

.prologue
.line 765
const-string v1, "getLockCode()"

const/4 v2, 0x0

new-array v2, v2, [Ljava/lang/Object;

invoke-static {v1, v2}, Ljava/lang/String;->format(Ljava/lang/String;[Ljava/lang/Object;)Ljava/lang/String;

move-result-object v1

invoke-static {v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->vLog(Ljava/lang/String;)V

.line 767
new-instance v0, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;

const/16 v1, 0x52

invoke-direct {p0, v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->doNvRead(I)[B

move-result-object v1

invoke-direct {v0, v1}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;-><init>([B)V

.line 768
.local v0, o:Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;
invoke-virtual {v0}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;->toDebugString()Ljava/lang/String;

move-result-object v1

invoke-static {v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->vLog(Ljava/lang/String;)V

.line 770
invoke-virtual {v0}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;->getLockCode()Ljava/lang/String;

move-result-object v1

return-object v1
.end method[/code]

So if any of you reading are Java programmers - please help!!!

Link to comment
Share on other sites

Guest tilal6991

A slight amendment on the above point - I'm not 100% whether flashing nvitems over OMC unlocks it as I only checked with a pre-production Skate so this might have changed. Anyone with an unlocked Skate - please reply!!! It's desperate!!

Link to comment
Share on other sites

Just a progress update on what I've discovered so far:

  • The lock, unfortunately, is in the nvitems
  • Even more unfortunately, overwriting a locked nvitems with an unlocked nvitems doesn't unlock the phone
  • However, fortunately the algorithm to calculate the unlock code is in the system itself - in a file called qcnvitems.odex, However I'm not a java programmer so, although I get the gist of the code, I can't make enough sense of it to make an unlock algorithm. Here is the relevant code:

.method public getLockCode()Ljava/lang/String;

    .registers 4

    .annotation system Ldalvik/annotation/Throws;

        value = {

            Ljava/io/IOException;

        }

    .end annotation


    .prologue

    .line 765

    const-string v1, "getLockCode()"


    const/4 v2, 0x0


    new-array v2, v2, [Ljava/lang/Object;


    invoke-static {v1, v2}, Ljava/lang/String;->format(Ljava/lang/String;[Ljava/lang/Object;)Ljava/lang/String;


    move-result-object v1


    invoke-static {v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->vLog(Ljava/lang/String;)V


    .line 767

    new-instance v0, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;


    const/16 v1, 0x52


    invoke-direct {p0, v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->doNvRead(I)[B


    move-result-object v1


    invoke-direct {v0, v1}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;-><init>([B)V


    .line 768

    .local v0, o:Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;

    invoke-virtual {v0}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;->toDebugString()Ljava/lang/String;


    move-result-object v1


    invoke-static {v1}, Lcom/android/qualcomm/qcnvitems/QcNvItems;->vLog(Ljava/lang/String;)V


    .line 770

    invoke-virtual {v0}, Lcom/android/qualcomm/qcnvitems/QcNvItemTypes$NvLockCodeType;->getLockCode()Ljava/lang/String;


    move-result-object v1


    return-object v1

.end method

So if any of you reading are Java programmers - please help!!!

This has been posted before but noone has followed up on it afaik, the code above will not reveal the algorithm for the lock code, however it may reveal the actual lock code if you call it and display the result. There is an example of dynamically loading and calling a class from a file in the Dalvik test suite that is part of the SDK, so a bit of hacking to call the code above by someone who has a Skate may provide what is needed to unlock the device.

Edited by rjm2k
Link to comment
Share on other sites

Guest whatcolour

This has been posted before but noone has followed up on it afaik, the code above will not reveal the algorithm for the lock code, however it may reveal the actual lock code if you call it and display the result. There is an example of dynamically loading and calling a class from a file in the Dalvik test suite that is part of the SDK, so a bit of hacking to call the code above by someone who has a Skate may provide what is needed to unlock the device.

Yes, the code was extracted a while ago. Your theory is however quite interesting, getting the unlock code by simply calling a function that's built into the actual rom?

Link to comment
Share on other sites

they will when nobody buys the phone because of there stupid 3 month policy, i mean are orange seriously thick as s***.... do they really think the OSF done so well because orange are that good of a network lol i think %75 of sales were unlocked and gone from orange forever.

Why do so many people not understand that the likes of Orange make their money from people using their network and not from selling heavily subsidised phones?

Do you really expect them to sell you a subsidised phone so you can immediately use it on a competitor's network?

My OMC cost me 110 pounds less than the unlocked version. I'm prepared to put up with Orange for a while for that kind of discount.

Link to comment
Share on other sites

Guest tilal6991

This has been posted before but noone has followed up on it afaik, the code above will not reveal the algorithm for the lock code, however it may reveal the actual lock code if you call it and display the result. There is an example of dynamically loading and calling a class from a file in the Dalvik test suite that is part of the SDK, so a bit of hacking to call the code above by someone who has a Skate may provide what is needed to unlock the device.

Brilliant idea. Would it be possible to call the function from an android app?

Link to comment
Share on other sites

Why do so many people not understand that the likes of Orange make their money from people using their network and not from selling heavily subsidised phones?

My OMC cost me 110 pounds less than the unlocked version. I'm prepared to put up with Orange for a while for that kind of discount.

yea, so orange dont loose money when mass amounts of handsets do not sell because of various reasons like the above.....

some how i dont think they get the orange branded phones for free, nether do i think they do not profit from them .

Do you really expect them to sell you a subsidised phone so you can immediately use it on a competitor's network?

My OMC cost me 110 pounds less than the unlocked version. I'm prepared to put up with Orange for a while for that kind of discount.

no but i expect to be able to atleast pay £20 for an unlock code when ever i like & not have to wait 3 month to unlock something i own out right.

Edited by tillaz
Link to comment
Share on other sites

yea, so orange dont loose money when mass amounts of handsets do not sell because of various reasons like the above.....

I'm happy with my OMC and the price I paid for it. I'm sure there are thousands of other customers in the same position. It will be even better if/when I unlock it.

some how i dont think they get the orange branded phones for free, nether do i think they do not profit from them .

No one suggested they get them for free. But if they make a profit on them it's a very small one. There will be some phones where they make a loss on the hardware sale, but I don't know if the OMC is one of them.

It's the way business works, and not just for mobile phones.

For example Sony lose money when they sell PS3 consoles because they know they'll make the money from the sale of games. Some printer manufacturers lose money on the sale of the printer because they know they'll make it back from ink cartridge sales. Supermarkets will sell some things at below cost priced to lure you in, then make the money back when you buy other things.

no but i expect to be able to atleast pay £20 for an unlock code when ever i like & not have to wait 3 month to unlock something i own out right.

You own a phone that's locked to Orange. If you wanted one that's unlocked, that's what you should have bought.

Link to comment
Share on other sites

In a German Forum a User was in orange Shop in austria. He told that the Monte Carlo is locked. He ask for an unlockcode and the man from.shop Put the imei in Computer and seconds later He had the unlockcode. But the User dont buy the Monte Carlo...

Link to comment
Share on other sites

Guest tilal6991
In a German Forum a User was in orange Shop in austria. He told that the Monte Carlo is locked. He ask for an unlockcode and the man from.shop Put the imei in Computer and seconds later He had the unlockcode. But the User dont buy the Monte Carlo...

Where did he put the iemi in?

Link to comment
Share on other sites

It's the way business works, and not just for mobile phones.

For example Sony lose money when they sell PS3 consoles because they know they'll make the money from the sale of games. Some printer manufacturers lose money on the sale of the printer because they know they'll make it back from ink cartridge sales. Supermarkets will sell some things at below cost priced to lure you in, then make the money back when you buy other things.

sony sells the ps3 for near double the price it cost to produce, same with xbox and most other electrical goods just look at the iphone 4 you realy think it cost £500 to produce? more like 250 to 300. and for console games they are owned by the publisher of the game like EA / ACTIVISION / ROCSTAR not sony or microsoft so they actually get far less profit than the publisher, unless they are the publisher.

my point being that i think a very lot of no orange customers want to buy the OMC but will not because no unlock, and sales will be affected.

Edited by tillaz
Link to comment
Share on other sites

sony sells the ps3 for near double the price it cost to produce, same with xbox and most other electrical goods just look at the iphone 4 you realy think it cost £500 to produce? more like 250 to 300. and for console games they are owned by the publisher of the game like EA / ACTIVISION / ROCSTAR not sony or microsoft so they actually get far less profit than the publisher, unless they are the publisher.

my point being that i think a very lot of no orange customers want to buy the OMC but will not because no unlock, and sales will be affected.

Theres no way Orange want anyone to unlock a monte carlo or the san fransisco for that matter they make money on calls not on the phone.If they give you the unlock they don't make money on calls.

Link to comment
Share on other sites

Theres no way Orange want anyone to unlock a monte carlo or the san fransisco for that matter they make money on calls not on the phone.If they give you the unlock they don't make money on calls.

i really cant see orange making zero profit on all there handsets, and even if they dont they will still loss money if the handsets do not sell, for instance look at the OSF you can buy if from more places than just orange... like argos / tesco amazon ect & all for the same price as orange or cheaper..... so that would mean argos & other retailers all make no profit? because there not going to get money from calls ect

Edited by tillaz
Link to comment
Share on other sites

Guest Paul Shirley

sony sells the ps3 for near double the price it cost to produce, same with xbox and most other electrical goods just look at the iphone 4 you realy think it cost £500 to produce?

You certainly pay much more than a PS3 costs to make. To a retailer, not Sony. Sony's wholesale price is much closer to cost and Sony's own PR claimed they were due to switch into making a profit on the console hardware last year - till Microsoft forced another price war and scuppered that. Sony really do make most of the profit on quite excessive game licence fees.

The iPhone price is rather different because you do buy it direct from Apple and they do indeed make a hefty profit on top of their app store 30%. That's Apple for you, highway robbers.

Your subsidised phone really is subsidised and it really is a loss leader to get your long term call revenue. They may not be taking a actual loss on Monte Carlo sales but they are forfeiting most or all profit on the hardware sales. And they really don't care if that stops box breakers buying them, because even the most optimistic expected profit margin will be less than a couple of months use of the Orange network.

Has you not noticed it's now cheaper to buy one of these phones locally than import cheap China phones? That's how tight the profit margins really are, even cloners in China can't undercut them.

Link to comment
Share on other sites

Has you not noticed it's now cheaper to buy one of these phones locally than import cheap China phones? That's how tight the profit margins really are, even cloners in China can't undercut them.

Thanx to the great state of the economy and the conlib cut back love affair we are all mostly poor and cant even afford chinese prices...look at the riots, school teachers and civil servants looting shops and kids looting biscuits and drinks...

...same as the last time the conlibs broke labour with Thatcher and Owen...

who knows maybe we*ll be forced to work in UK sweat shops making ZTE phones for the chinese or have our benefits cut...

Edited by dadashi
Link to comment
Share on other sites

Your subsidised phone really is subsidised and it really is a loss leader to get your long term call revenue. They may not be taking a actual loss on Monte Carlo sales but they are forfeiting most or all profit on the hardware sales. And they really don't care if that stops box breakers buying them, because even the most optimistic expected profit margin will be less than a couple of months use of the Orange network.

Has you not noticed it's now cheaper to buy one of these phones locally than import cheap China phones? That's how tight the profit margins really are, even cloners in China can't undercut them.

ok so how can tesco sell the orange san fran for cheaper than orange....

why would other retailers sell orange branded phones if there is so little profit from the handsets, they cant benefit from top ups....

Link to comment
Share on other sites

Guest tilal6991

Just an update on how unlocking is going.

I can't seem to access the qcnvitems directly. So later today what I'm going to try is to print the lock code which the phone stores in its memory to Adb logcat.

Link to comment
Share on other sites

If I remember correctly, retailers get a bonus from networks if you're still a customer after so long, and that's the basis of the "cashback" deals offered by some. I guess that's how Tesco could undercut prices.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.