• Announcements

    • Reminder - MoDaCo position on illegal content   07/30/15

      ILLEGAL CONTENT I'd like to just reaffirm MoDaCo's position regarding piracy and illegal content in the light of some recent questions / postings. Posts will be censored by myself or my moderation team if the contain or link to: Illegal / pirated / cracked software or sites that host such softwareNintendo emulators / ROMs or sites hosting them (in light of Nintendo's legal stance)CUSTOM ROMS You may discuss and post links to custom device ROMs on MoDaCo, provided the following rules are adhered to: ROMs must not contain any illegal 3rd party software (this includes trial versions included without permission)ROMs must give full credit to the original authorISSUES If you have any issues with this policy, please contact PaulOBrien directly via PM.
    • Reminder: Selling items on the forum directly is not allowed   07/30/15

      Please note that selling items on the forum directly is not allowed by the forum rules. There is a forum for eBay auctions whereby you can list the items on eBay and link to them there. This is the ONLY forum for this type of activity. You may also advertise links to the eBay forum in your signature. Please note that selling directly in contravention of these rules will result in a warning / suspension / ban.

The San Diego hacking topic - root progress etc.

1679 posts in this topic

Posted

OK folks, so here's a round up of my findings on hacking the San Diego so far (with a view to getting root and perhaps ICS).

If you have anything to add, please post below!

Updated By Ricky Wyatt 31/07/2012

  • We have now found the intel MEDFIELD flasher and drivers but cant be used untill we find the right GT Flag
  • The flasher and drivers can be found here http://www.mediafire...67cezkql2z4j4jc
  • We can now flash the Xolo x900 Gingerbread 2.3..7 so debranding San Diego found here http://www.modaco.co...ireless-screen/
  • We still cant get root
  • We Found out that the chinese intel K800 uses a different boot.bin radio.bin recovery and modem

    Not so grim reading.... :mellow:

    ----------------------------------------------------------------------------------------------------------------------------

    • Bootloader can be accessed via 'adb reboot bootloader', which is then accessible using 'fastboot -i 0x8087' and the appropriate command
    • Recovery can be accessed via 'adb reboot recovery'
    • Powering on with volume down and power held also works for the above
    • Recovery will only flash valid signed zips
    • ADB is not available in recovery
    • There seem to be different signatures for Intel's own devices, the Lava devices and the San Diego
    • Test builds of Gingerbread and ICS are signed with test keys and will not flash on retail recovery images
    • We have a build of ICS - but we can't flash it for the above reason
    • 'fastboot boot' does not work on the device - it seems to push but does not boot
    • 'fastboot flash' appears to complete - I flashed a recovery image - but it bricked the device
    • Fastboot flash of the boot image is untested for obvious reasons
    • We have access to engineering test Gingerbread and ICS images for research
    • The boot and recovery binaries can be extracted by trimming to the second gzip header and using cpio
    • As of yet we have found no usable vulnerabilities in init files
    • As of yet we have no usable kernel exploits
    • Turning the device on with the camera button pressed seems to access a special mode (displaying 'MEDFIELD' in USB settings), maybe for Intel's own flash tools? (a-la-nvflash)
    • The software update client can be launched with 'adb shell am start -n com.softwareupdate/com.softwareupdate.SoftwareUpdateSettings'
    • The software update client can be configured to use the test server with 'adb shell am start -n com.softwareupdate/com.softwareupdate.ServerSetActivity'
    • Grim reading... :(

7

Share this post


Link to post
Share on other sites

Posted

Hmmm ... not a lot of good news here ... but I still believe in it !

0

Share this post


Link to post
Share on other sites

Posted

Pretty much nothing else to add, apart from this seems to be one of the only areas looking into this subject, I have made post on other forums xda, rootz with no response

The community as a whole seem to be ignoring it :(

Good job flashing the recovery I wasn't quite there with the flash and like you say boot doesnt really work, possibly because of some sort of low level signing

0

Share this post


Link to post
Share on other sites

Posted

Doesn't look great for now...such a shame but in sure someone will find a little something...

0

Share this post


Link to post
Share on other sites

Posted

Added:

  • The software update client can be launched with 'adb shell am start -n com.softwareupdate/com.softwareupdate.SoftwareUpdateSettings'
  • The software update client can be configured to use the test server with 'adb shell am start -n com.softwareupdate/com.softwareupdate.ServerSetActivity'

P

0

Share this post


Link to post
Share on other sites

Posted

I've approached Orange PR for an official line on 'is the bootloader locked'?

P

0

Share this post


Link to post
Share on other sites

Posted (edited)

Perhaps it is worth reaching out to Intel and/or Orange highlighting the issues that their lockdown creates and how it could drive off a lot of people? It is worth a punt, especially given how successful the dev community, including Paul, were in persuading HTC to change their policy after the backlash they received.

Edited by fraxos
0

Share this post


Link to post
Share on other sites

Posted

But it fails to update

0

Share this post


Link to post
Share on other sites

Posted (edited)

hello did you try to contact Eric Adams is one of Intel engineer behind the development of san diego can be it can help, because orange they are not very cooperative

Edited by darkvicious
0

Share this post


Link to post
Share on other sites

Posted

Perhaps it is worth reaching out to Intel and/or Orange highlighting the issues that their lockdown creates and how it could drive off a lot of people? It is worth a punt, especially given how successful the dev community, including Paul, were in persuading HTC to change their policy after the backlash they received.

The PR team have confirmed they are getting an official response for me, so let's see where this goes with them first!

P

0

Share this post


Link to post
Share on other sites

Posted

Oh dear, I don't want to get rid of this phone :/

0

Share this post


Link to post
Share on other sites

Posted

Likewise, great potential, if we can realise it! :(

P

0

Share this post


Link to post
Share on other sites

Posted

Likewise, great potential, if we can realise it! :(

P

I buy my phones as bits of hardware, rather than a hardware/software combo. I've been having great fun with the 10 photo exposure bracketing (really shows off the speed!), and the phone just feels so nice in the hand!

0

Share this post


Link to post
Share on other sites

Posted

The PR team have confirmed they are getting an official response for me, so let's see where this goes with them first!

P

Fingers crossed they come back with the right answer although this being Orange I doubt it...

0

Share this post


Link to post
Share on other sites

Posted

I'm so thankful you have one Paul.

Can't believe you're the only kernel dev who likes a challenge. Hidden micro SD slot, potential for overclocking, new processor etc Surely that should ecite others

0

Share this post


Link to post
Share on other sites

Posted

I'm so thankful you have one Paul.

Can't believe you're the only kernel dev who likes a challenge. Hidden micro SD slot, potential for overclocking, new processor etc Surely that should ecite others

Sadly that doesn't seem the case :(

0

Share this post


Link to post
Share on other sites

Posted

Perhaps the hidden MicroSD slot is a way for flashing, if I remember right that was the way the OrangeSPV was hacked.

2

Share this post


Link to post
Share on other sites

Posted

Perhaps the hidden MicroSD slot is a way for flashing, if I remember right that was the way the OrangeSPV was hacked.

Nice thinking!

0

Share this post


Link to post
Share on other sites

Posted (edited)

Added:

  • The software update client can be launched with 'adb shell am start -n com.softwareupdate/com.softwareupdate.SoftwareUpdateSettings'
  • The software update client can be configured to use the test server with 'adb shell am start -n com.softwareupdate/com.softwareupdate.ServerSetActivity'

P

So when you do this, do you get teh option to check for update? I have just checked for an update and it said there wasnt one but i could download the current system

Have you took a look at the package? I'm downloading it now, but maybe we could use this as our stock image, downloading from 50.18.182.85 as user-120112191046.zip

Edited by spences10
0

Share this post


Link to post
Share on other sites

Posted

So when you do this, do you get teh option to check for update? I have just checked for an update and it said there wasnt one but i could download the current system

Have you took a look at the package? I'm downloading it now, but maybe we could use this as our stock image, downloading from 50.18.182.85

It's an extremely old package that doesn't flash.

P

0

Share this post


Link to post
Share on other sites

Posted

Intel badly need some developer support for x86 Android, and what do we get? Locked down phones running Gingerbread.

From everything I've read it sounds like a decent phone, the price is right, but they've dropped the ball on the software side.

Hardware wise this could be THE phone for hacking right now; a fast CPU, NFC, state-of-the-art image processor, HDMI, good screen, lots of RAM, and potentially very interesting x86 Linux/Android software (Intel has done a lot of Linux work).

Anyway, good luck to those of you working to prize it open.

1

Share this post


Link to post
Share on other sites

Posted

It's an extremely old package that doesn't flash.

P

bawls :(

0

Share this post


Link to post
Share on other sites

Posted

Hmmm, the first post is grim reading. I was going to buy one of these last week, but something told me to hold off, and I'm glad I did.

I also found that they use an obscure format for the boot / recovery / fastboot images which are probably created by some obscure proprietary Intel tool, so that'll cause problems I imagine. I might be wrong though.

0

Share this post


Link to post
Share on other sites

Posted

I did a 'fastboot erase userdata' today - it worked and I was able to boot OK. Not that useful, but just FYI. :)

P

0

Share this post


Link to post
Share on other sites

Posted

'fastboot flash userdata' fails, same for cache.

'writing 'userdata'... FAILED (remote: flash command failed)' :(

P

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

MoDaCo is part of the MoDaCo.network, © Paul O'Brien 2002-2015. MoDaCo uses IntelliTxt technology.