Guest dmk679 Posted March 24, 2009 Report Share Posted March 24, 2009 Did you take pictures of the dismantled i910? Link to comment Share on other sites More sharing options...
Guest aceofrazgriz Posted March 24, 2009 Report Share Posted March 24, 2009 (edited) Did you take pictures of the dismantled i910? no cam to do so B) may look for a better screwdriver and a cam to use tomorrow as i have a short work day again. i have somewhat shakey hands, so i'm reluctant to dismantle everything, but if i do find a better screwdriver to use i'll get a bit more and get some pics. i'l describe what i saw different from the service manual for the i910: on page 38, the GPS connecter is not there, but something else is, a small clip with a tiny round piece of metal, no outgoing connector. also no hourglass shaped piece of metal to the right. and on page 42, box 2, i saw no GPS FBPC or Wire. there is no speaker on the back there also, to the right of the camera, like there is on the i910. Edited March 24, 2009 by aceofrazgriz Link to comment Share on other sites More sharing options...
Guest donsolo Posted March 24, 2009 Report Share Posted March 24, 2009 I have nothing other than my thanks to contribute here, but I will add this has been an interesting thread to follow and I hope you guys manage to figure this out. Link to comment Share on other sites More sharing options...
Guest Enraged Ninja Posted March 24, 2009 Report Share Posted March 24, 2009 im with donsolo, Thanks to everyone working on this! Link to comment Share on other sites More sharing options...
Guest nickmdp Posted March 24, 2009 Report Share Posted March 24, 2009 (edited) no cam to do so B) may look for a better screwdriver and a cam to use tomorrow as i have a short work day again. i have somewhat shakey hands, so i'm reluctant to dismantle everything, but if i do find a better screwdriver to use i'll get a bit more and get some pics. i'l describe what i saw different from the service manual for the i910: on page 38, the GPS connecter is not there, but something else is, a small clip with a tiny round piece of metal, no outgoing connector. also no hourglass shaped piece of metal to the right. and on page 42, box 2, i saw no GPS FBPC or Wire. there is no speaker on the back there also, to the right of the camera, like there is on the i910. Well, whether or not the hardware is the same, we know the i910 has a built-in GPS module somewhere, or else VZNav would not work, and verizon would not have made the statement to enable the GPS. Attached is the sample windows mobile gps that is included with microsoft's SDK for it. Although I cannot get it to come up with any data, I was hoping that somebody else might be able to do so. I couldn't even get any signal using GPStest, so maybe somebody who did get it to work could give it a shot. It uses the GPSAPI calls to get the GPS data, so I don't expect much out of it. Let me know what results you guys get, I normally get just a blank white screen. If anyone would like the source code for it, e-mail me. Edit: On occasion, it will display all 0's for the data, and the QualComm GpsOne Card Version 0.0 Also, the source code is available in VSC++ and VSC#in case you were thinking about taking a look at itMobileGPS.exe Edited March 25, 2009 by nickmdp Link to comment Share on other sites More sharing options...
Guest J. Brad Harris Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) Well, whether or not the hardware is the same, we know the i910 has a built-in GPS module somewhere, or else VZNav would not work, and verizon would not have made the statement to enable the GPS. Attached is the sample windows mobile gps that is included with microsoft's SDK for it. Although I cannot get it to come up with any data, I was hoping that somebody else might be able to do so. I couldn't even get any signal using GPStest, so maybe somebody who did get it to work could give it a shot. It uses the GPSAPI calls to get the GPS data, so I don't expect much out of it. Let me know what results you guys get, I normally get just a blank white screen. If anyone would like the source code for it, e-mail me. I get the chip identification: Qualcomm GpsOne Card, version 0.0 On, On Thats it. I've got the WM6 SDK here, and I see in the GPS.cs that it is calling gpsapi.dll. The gpsapi.dll on my device is 3KB. I cannot copy this off to another location to look at it. Maybe I need training on WM6 system files. Does any other phone have the Qualcomm GpsOne chip that isn't locked down? If so, can I get all the gps files from the windows folder on that device? Thanks, Brad Edit: @nickmpd: The code is in C#, not C++. Edited March 25, 2009 by J. Brad Harris Link to comment Share on other sites More sharing options...
Guest nickmdp Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) I get the chip identification: Qualcomm GpsOne Card, version 0.0 On, On Thats it. I've got the WM6 SDK here, and I see in the GPS.cs that it is calling gpsapi.dll. The gpsapi.dll on my device is 3KB. I cannot copy this off to another location to look at it. Maybe I need training on WM6 system files. Does any other phone have the Qualcomm GpsOne chip that isn't locked down? If so, can I get all the gps files from the windows folder on that device? Thanks, Brad Edit: @nickmpd: The code is in C#, not C++. The code you are talking about is in the Samples/PocketPC/CS/GPS folder, whereas the file I posted was compiled from the Samples/Common/CPP/gps folder. After taking a quick look at that code, it may be a better starting point though. Does that code result in the same program or a different one? Edit: What I am hoping, is that if we replace the calls to gpsapi.dll for the parsed gps data to the calls that request the legacy raw data instead, that it would hopefully work correctly. I would say that the sample you have would almost certainly be easier to start from. Let me know what you think. Edited March 25, 2009 by nickmdp Link to comment Share on other sites More sharing options...
Guest J. Brad Harris Posted March 25, 2009 Report Share Posted March 25, 2009 The code you are talking about is in the Samples/PocketPC/CS/GPS folder, whereas the file I posted was compiled from the Samples/Common/CPP/gps folder. After taking a quick look at that code, it may be a better starting point though. Does that code result in the same program or a different one? Ah...thanks for the correction. They both result in the same program. Link to comment Share on other sites More sharing options...
Guest CFitz Posted March 25, 2009 Report Share Posted March 25, 2009 good info i'll have to take a look. btw: for fun (and because someone mentioned it) i just finished dismantling my i910 using an i900 service manual, couldn't find one for the i910. While i couldn't get the last screw out for the main PCB i did notice some large differences including the fact that the connection for the GPS in the i910 is completely different from that in the i900. While no, i couldn't confirm if the chip was there... bastard screw... you'd think after all the nonsense with people talking to sammy and vzw that they woulda spoke up that it wasn't there. but there was something visible where the GPS chip is on the i900 when i slightly lifted the PCB and look under. just some food for thought on the difference of connection for the i910 vs the i900. now the fun begins, putting it back together. Just a thought, could the solution to this be something with the hardware? For example, some simple steps that could be taken to make the i910 hardware (gps related) more closely resemble the i900 hardware, thus allowing an easier software path to the GPS? Link to comment Share on other sites More sharing options...
Guest aceofrazgriz Posted March 25, 2009 Report Share Posted March 25, 2009 Just a thought, could the solution to this be something with the hardware? For example, some simple steps that could be taken to make the i910 hardware (gps related) more closely resemble the i900 hardware, thus allowing an easier software path to the GPS? you can't really do anything with the hardware. its not something most people feel comfortable even looking at and wouldn't be a viable solution as it requires modifying the device. for the most part, the hardware is almost exactly the same, minus a few differences such as the radio for example. unless you meant things like drivers for the hardware, which i believe i900 drivers n such have been tried on the i910 without much avail. Link to comment Share on other sites More sharing options...
Guest thedarkone Posted March 25, 2009 Report Share Posted March 25, 2009 Hmmm.... Just found something out.... I have been working on this phone now for a while. Really wanted it, to use it on Metro. Main reason being the camera, and gps. Obviously we are all waiting for the GPS and I cannot help at all as I am truly not a guru or anything. But I did happen to find out something very interesting.... This is an exact copy of a post I made on another forum.... So enjoy. Doubt this will help with GPS but is interesting for internet.... who knows maybe somehow this might help? I have some VERY VERY VERY VERY interesting news So I went to get my phone flashed today at a local mall which went off without a hitch. FWIW the mall is in San Jose. Well... the guy who has internet working is in Hayward CA about 1 hour away. So the guy who flashed my phone knows the guy who made the crack. He also knows the guy who actually wrote the software to do it. He is apparently really good with software and coding. He moved because he had a business he has to run.... long story short... IT IS LEGIT! And the guy doing it now is not even that amazing, but he does really get it working. So I am about 99.99% sure this is not a hoax. He gave me the guys name and number, and showed me some phones he had hacked for him (the owners personal HTC and some others). Sooooo.... WTF why don't we have this working? The guy is charging right now, so I don't think he will volunteer the info to the community. So what could we all do? If I got my phone tweaked... could we "reverse engineer" it? Wow hope this sparks some lively discussion.... : ) Cmon I know there is someone smart enough here to do it!!! Link to comment Share on other sites More sharing options...
Guest aceofrazgriz Posted March 25, 2009 Report Share Posted March 25, 2009 Hmmm.... Just found something out.... I have been working on this phone now for a while. Really wanted it, to use it on Metro. Main reason being the camera, and gps. Obviously we are all waiting for the GPS and I cannot help at all as I am truly not a guru or anything. But I did happen to find out something very interesting.... This is an exact copy of a post I made on another forum.... So enjoy. Doubt this will help with GPS but is interesting for internet.... who knows maybe somehow this might help? I have some VERY VERY VERY VERY interesting news So I went to get my phone flashed today at a local mall which went off without a hitch. FWIW the mall is in San Jose. Well... the guy who has internet working is in Hayward CA about 1 hour away. So the guy who flashed my phone knows the guy who made the crack. He also knows the guy who actually wrote the software to do it. He is apparently really good with software and coding. He moved because he had a business he has to run.... long story short... IT IS LEGIT! And the guy doing it now is not even that amazing, but he does really get it working. So I am about 99.99% sure this is not a hoax. He gave me the guys name and number, and showed me some phones he had hacked for him (the owners personal HTC and some others). Sooooo.... WTF why don't we have this working? The guy is charging right now, so I don't think he will volunteer the info to the community. So what could we all do? If I got my phone tweaked... could we "reverse engineer" it? Wow hope this sparks some lively discussion.... : ) Cmon I know there is someone smart enough here to do it!!! phone is just unlocked, its not the most amazing thing... and really doesn't help our GPS problem as there is nothing mentioned about it. technically, the phone can be modified to work any any carrier supporting its radio technology, just like buying an "unlocked" GSM phone. a good find if you would like that phone on that specific carrier, but not much help to us here. Link to comment Share on other sites More sharing options...
Guest thedarkone Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) phone is just unlocked, its not the most amazing thing... and really doesn't help our GPS problem as there is nothing mentioned about it. technically, the phone can be modified to work any any carrier supporting its radio technology, just like buying an "unlocked" GSM phone. a good find if you would like that phone on that specific carrier, but not much help to us here. The i910 is not that simple.... When flashed noone has been able up until this week to get the internet to work at all. Similar issues to GPS if you look around. It took an actual custom piece of software just to program it. And not just on the phone, but a custom installer as well from what I understand. So this is an achievement much more in line with unlocking GPS, the person may be working on GPS as well... I will try and find out. But maybe to some it is no big deal at all.... as I said its mostly FWIW *****EDIT**** BTW this is the CDMA version.... hence it is not that simple. Edited March 25, 2009 by thedarkone Link to comment Share on other sites More sharing options...
Guest natedawg1013 Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) I get the chip identification: Qualcomm GpsOne Card, version 0.0 On, On Thats it. I've got the WM6 SDK here, and I see in the GPS.cs that it is calling gpsapi.dll. The gpsapi.dll on my device is 3KB. I cannot copy this off to another location to look at it. Maybe I need training on WM6 system files. Does any other phone have the Qualcomm GpsOne chip that isn't locked down? If so, can I get all the gps files from the windows folder on that device? Thanks, Brad Edit: @nickmpd: The code is in C#, not C++. hi! you would need a full rom dump to access files in the windows folder. Luckily, I just made one a few days ago foor this exact purpose! gpsapi.dll is included in my i910 gps files posted 2 pages back, post 893. I have some others to add to it, but I am posting from my phone at school, so I can't get to them now. I'll post thenew files I and othrr members on this forum have found once I get home. Please ignore any typos, i'm posting from my phone, actually my omnia! Thanks --nate Edited March 25, 2009 by natedawg1013 Link to comment Share on other sites More sharing options...
Guest syrguy1969 Posted March 25, 2009 Report Share Posted March 25, 2009 I wonder what this may mean for the future of GPS: DOW JONES NEWSWIRES ITT Corp. (ITT) filed suit against several wireless phone companies, including a partnership involving Verizon Wireless, alleging the companies infringed upon a global positioning system patent. The company said Verizon Wireless, a joint venture between Verizon Communications Inc. (VZ) and Vodafone Group PLC (VOD), continues to infringe on the patent by selling cellphones adapted to operate with assisted GPS technology and by providing services including support for GPS. ITT said it has notified Verizon Wireless of the patent. The company also said Verizon Wireless has induced other companies to violate the patent by encouraging them to sell GPS phones and provide a cellular network that supports GPS operations. Other defendants in the patent-infringement case include LG Electronics Inc. (066570.SE); Motorola Inc. (MOT); Kyocera Corp. (KYO); Qualcomm Inc. (QCOM); and Nokia Corp. (NOK). ITT settled patent-infringement claims several years ago against other wireless companies in disputes concerning assisted GPS technology. The company is demanding a permanent injunction against the defendants to prevent them from infringing on the patent further, except where needed to support 911 calls. Verizon Wireless declined to comment, while a Motorola spokesman said, "We do not think we're in the wrong and we'll defend ourselves vigorously." The rest couldn't be reached for comment. ITT's shares were recently up 13 cents at $39.29, while Verizon lost 3 cents to $30.48. -By Kerry E. Grace, Dow Jones Newswires; 201-938-5089; [email protected] Link to comment Share on other sites More sharing options...
Guest krelvinaz Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) Little if any effect. The suit is over a patent that they say covers the use of AGPS in Cell Phones. You can use GPS in a Cell phone without the Assisted part, just takes longer to acquire a fix to the satellites. They sued basically everybody on this so even assuming that the patent is valid and they are successful in litigation, it will take years for this to settle out. Don't expect any changes for a couple years if ever. This is not really related to the topic at hand though. If the GPS is unlocked, you could use it even if they turned off the Assisted part in fact, there are other posts for the i900 where they are turning off the Assisted part of the GPS. Edited March 25, 2009 by krelvinaz Link to comment Share on other sites More sharing options...
Guest dmk679 Posted March 25, 2009 Report Share Posted March 25, 2009 (edited) I have been trying to access a service menu, debug menu or test menu to access gps options on the i910. On some devices you can access the service menu and disengage gps security etc. PLEASE - IF YOU HAVE NO IDEA WHAT YOU ARE DOING DO NOT USE THESE CODES (granted I dont know much of what I am doing but please heed the warning --- if you turn your phone into a brick, do not blame me) Found these codes from this modaco thread **772 -MEID- Use Code 000000 (may be others) **33284 -Call Monitor- Use Code 000000 (may be others) #43574357* - Extended Device info *#745* - Debug info collector (\Logs) *#9900# - another debug collector (\Logs) For more fun and games you can run dialparser.dll (included in attachment also) through IDA to see more codes - not sure how to get all of them to work on the phone though. Anyone? Other code related URLS for your edification pdaphonehome i760 codes pdaphonehome i730 codes I have also included an attachment which includes some exe's from the ROM dump that are of interest. Also have included the oemgps.dll from the i770 - appears to have similar structure to the oemgpsone.dll from the i910 but there are notable differences when comparing in windiff. I still need to run oemgps.dll through IDA to compare some of the major functions, like oGPSSETDEVICEPARAM. Here is the file list of the attached rar: DebugMode.exe (from i910)SMA.exe (from i910)TestMode.exe (from i910)oemgps.dll (from i770 - similar to oemgps.dll; folks over at PPCGeeks have changed the name of this file to oemgpsone.dll and have succesfully run GPSTEST to obtain valid coordinates on the i770) dialparser.dll (from i910; run through IDA to get additional phone codes - but we need to know how to activate the codes, registry additions required?) Have fun - I spent a long night finding this info and running progs through IDAi910tools.rar Edited March 26, 2009 by dmk679 Link to comment Share on other sites More sharing options...
Guest aceofrazgriz Posted March 25, 2009 Report Share Posted March 25, 2009 alright guys, picked up a smaller screwdriver... still no luck, that screw is tight as hell, and i stipped it a bit yesterday i guess B) but here are the pics, reference them with the notes i posted above and notice the differences to where the i900 service manual references GPS wires and the like. Crappy cam, old Fiju Finepix 3MP lol, but best i could do. Again, theres differences, but we do obviously know there is a GPS chipset in there. I'm assuming due to the radio difference there was a different layout for the PCBs so everything could still fit easily. Link to comment Share on other sites More sharing options...
Guest WoZZeR999 Posted March 26, 2009 Report Share Posted March 26, 2009 I have been trying to access a service menu, debug menu or test menu to access gps options on the i910. On some devices you can access the service menu and disengage gps security etc. PLEASE - IF YOU HAVE NO IDEA WHAT YOU ARE DOING DO NOT USE THESE CODES (granted I dont know much of what I am doing but please heed the warning --- if you turn your phone into a brick, do not blame me) Found these codes from this modaco thread **772 -MEID- Use Code 000000 (may be others) **33284 -Call Monitor- Use Code 000000 (may be others) #43574357* - Extended Device info *#745* - Debug info collector (\Logs) *#9900# - another debug collector (\Logs) For more fun and games you can run dialparser.dll (included in attachment also) through IDA to see more codes - not sure how to get all of them to work on the phone though. Anyone? Other code related URLS for your edification pdaphonehome i760 codes pdaphonehome i730 codes I have also included an attachment which includes some exe's from the ROM dump that are of interest. Also have included the oemgps.dll from the i770 - appears to have similar structure to the oemgpsone.dll from the i910 but there are notable differences when comparing in windiff. I still need to run oemgps.dll through IDA to compare some of the major functions, like oGPSSETDEVICEPARAM. Here is the file list of the attached rar: DebugMode.exe (from i910)SMA.exe (from i910)TestMode.exe (from i910)oemgps.dll (from i770 - similar to oemgps.dll; folks over at PPCGeeks have changed the name of this file to oemgpsone.dll and have succesfully run GPSTEST to obtain valid coordinates on the i770)dialparser.dll (from i910; run through IDA to get additional phone codes - but we need to know how to activate the codes, registry additions required?) Have fun - I spent a long night finding this info and running progs through IDA Yeah, I tried to run through the different codes, and there is a Hidden_Menu function. It looks like it may be locked through the ESN and some registry configs. I tried to hex edit it to set both to enable, but I still couldn't get them to run. I'm not 100% sure that they are all codes, some may be piggyback codes, or some may be number-Send codes, I didn't get too involved with it. I may try to go through with rcmd and run debug with some parm's to see if I can get it to show anything. Link to comment Share on other sites More sharing options...
Guest JDawg183 Posted March 26, 2009 Report Share Posted March 26, 2009 Just an interesting sidenote. When I was poking around in my registry, I found two items called "marketplace" one of which had an exe for the value, could this be a setup for when they release "Marketplace" to buy apps off of? I can not actually find it on the phone other than the registry, but that is interesting I think. At any rate, thank you very much guys for all your hard work. You guys are awesome. Wish I had some programming experience and could contribute more. But I am just learning all this stuff and you guys are very informative. I put out a thread on XDA to try to get one of those guys to help but so far no bites B) oh well, thanks again. Link to comment Share on other sites More sharing options...
Guest nickmdp Posted March 26, 2009 Report Share Posted March 26, 2009 So I take it nobody has gotten anything to happen with that program thus far... Oh well, I wasn't expecting much out of it, but if anyone has any luck with it, let me know. What I'm working on now is trying to read the data straight off of the COM ports from the GPS, and if I somehow manage to do that, then I fell like it might be possible to simulate the internal GPS to make it appear to be an external GPS. I hope to get something out to everyone this weekend that can test the basis of my idea. Link to comment Share on other sites More sharing options...
Guest JDawg183 Posted March 26, 2009 Report Share Posted March 26, 2009 What I'm working on now is trying to read the data straight off of the COM ports from the GPS, and if I somehow manage to do that, then I fell like it might be possible to simulate the internal GPS to make it appear to be an external GPS. I hope to get something out to everyone this weekend that can test the basis of my idea. Thats exactly what we need. New ideas. I dont think anyone has thought to try to trick the phone into thinking the gps was external! You sir, are a thinker B) Good Job!! Link to comment Share on other sites More sharing options...
Guest BamDastard Posted March 26, 2009 Report Share Posted March 26, 2009 That is probably one of the better ideas that I have read in this thread. Has anyone else looked into this??? I have been following this since the beginning of February and have not seen any mention of this in this thread anywhere. Link to comment Share on other sites More sharing options...
Guest WoZZeR999 Posted March 26, 2009 Report Share Posted March 26, 2009 From what I read from skywings research, if the GPS firmware has the encryption, then you would be getting encrypted data. In best case, you would have to figure out how to decrypt it. At worst case, you would have to send a challenge ID first (which you would have to figure out how it was calculated), get the returned data (and make sure that it is valid), and decrypt the GPS data based off of the challenge ID. If you can create a program that first reads the GPS data, and logs it to a file every x seconds we might be able to get somewhere with it. You can also set windows to use the gpsONE port drivers as well I believe. In HKLM\System\CurrentControlSet\GPS Intermediate Driver\Drivers\, you should be able to set CurrentDriver to GPSOnePort to have windows use the Port data as it's GPS driver. I'm not 100% sure about how that works though. Link to comment Share on other sites More sharing options...
Guest dmk679 Posted March 26, 2009 Report Share Posted March 26, 2009 From what I read from skywings research, if the GPS firmware has the encryption, then you would be getting encrypted data. In best case, you would have to figure out how to decrypt it. At worst case, you would have to send a challenge ID first (which you would have to figure out how it was calculated), get the returned data (and make sure that it is valid), and decrypt the GPS data based off of the challenge ID. If you can create a program that first reads the GPS data, and logs it to a file every x seconds we might be able to get somewhere with it. You can also set windows to use the gpsONE port drivers as well I believe. In HKLM\System\CurrentControlSet\GPS Intermediate Driver\Drivers\, you should be able to set CurrentDriver to GPSOnePort to have windows use the Port data as it's GPS driver. I'm not 100% sure about how that works though. Yes - based on skywings work the data is encrypted when leaving the gps radio. It wont hurt giving it a shot though. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now