• 5,732,192
    REGISTERED
  • 43,536
    ONLINE NOW

Posts Tagged: unbrickable

unbrickable

XDA Elite Recognized Developer AdamOutler is a hardware wizard. He can tear apart devices with ease. He can even use some Level 20 spell to turn a phone into a development board, a device that you cannot brick. If it does become “bricked,” you just hook the device up again and reflash kernel and everything.

In today’s episode, after quickly tearing down the Samsung Captivate, he continues by showing how to achieve the right amount of voodoo to get the phone into the proper mode. He then shows you how to manipulate the development board phone on your computer, how to flash XDA Elite Recognized Developer Rebellos’s firmware, and start playing with the device. Check out this video.

READ ON »

2yljqeo

You’ve no doubt seen the UnBrickable Mod pop up on various Samsung devices in the past. For those unfamiliar, the basic premise of XDA Recognized Developer AdamOutler‘s work is to essentially make a standard consumer device function as if it were a development board. By doing this, one is able to then communicate with the system-on-a-chip directly. And because this involves talking to WORM memory, there is nothing that you could do via software to prevent this from working.

Now, thanks to Adam’s efforts, UnBrickable has been ported to the Nexus S. And just as in its other iterations, the end result is essentially the KIT-S5PC110 development board. Why is this important? Simple. Once in this mode, the “development board” essentially waits for software to run, long before firmware is loaded. This makes it possible to load literally anything onto the device, provided that it is compatible with the Hummingbird SoC and we use the appropriate custom bootloader.

In the words of the developer:

I’m not kidding when I say UnBrickable. Modifying the OM pins means you can boot from USB, UART or MMC. This makes the phone quite UNBRICKABLE. There is nothing you can do software wise to prevent the device from booting into this mode. We are communicating with the unrewritable, efused IROM on the processor. It’s the thing that makes the system on a chip into a “system on a chip”.I am here now to tell you how to turn your Nexus S into a KIT-S5PC110 development board. The KIT-S5PC110 development board is the platform used to develop our phones. There are some differences between this mod and the official development platform. The S5PC110 has a removable internal SDCard and no touchscreen.

Why would you want to do this? When you plug in the battery and connect it to the computer in “off” mode, it will become an S5PC110 board awaiting download of a program to run. This occurs long before anything like software or firmware enters the processor. This is the IROM of the device awaiting commands or a power on signal.

Because it is accepting a memory flash, anything may be put onto the device to perform a boot sequence….. Apple iOS (iPhone4 has the same processor) WP7 (mango supports this processor).

This will be a replacement for JTAG once we are able to make some firmware. I was not working with a fully operational unit when I developed this modification so I was not able to test everything… However, it did go into Fastboot and Recovery mode from a hard brick

Hardware modifications are never for the faint of heart, but those interested in giving this a shot, or at least seeing what UnBrickable is about, can get started in the modification thread.

Advertisment
Interview

Finally we got to the third and final part of this interesting interview:
If you missed previous parts, you can find them in here for Pt. 1, and here for Pt. 2

orb3000: What would you recommend to anyone interested in entering the
high-level hardware mod world?

AdamOutler: I would recommend getting a hold of some tools and hardware, get
on google and do it!

I’d choose the standard $60 Radio Shack temperature controlled soldering
iron, some breadboards, leds, 1kohm resistors, and a microcontroller. Any
open-hardware development board will teach you how to work with inputs and
outputs. One of my favorite development boards is the Arduino series. Some people may say, “hey, Arduino is not real hardware development, it’s too easy…BlaBlaBla… Whatever, they’re cheap and
work well. let me ask you, if you’re trying to prototype or learn
something, should it be easy or convoluted?. I’ve managed to make several
devices which solve real-world problems using my Arduinos including EMF
detection for locating a source of interference at work and UART processing
for developing Unbrickable Mod.

To really get into digital communications, you’ll want some additional tools
like the Bus Pirate. The Bus Pirate is a universal serial interface used to
communicate with just about anything at low speeds. It’s open-hardware and
known as The Hacker’s Multi-tool.

For troubleshooting and circuit identification, you’ll want something like
the Logic Sniffer. It can record digital highs and lows then display them on your desktop screen where you can run filters and detect logical patterns.

While I’m at it… I don’t think I can hammer this point enough; Use
Open-Hardware.
With Open-Hardware(like OMAP44xx) you can get all the information you need.
With proprietary hardware (like Qualcrapp processors) you have nothing to
work with.

orb3000: Why is your adamoutler.com main site generally down?

AdamOutler: My main webserver is a Texas Instruments EvalBot.
This is a Texas Instruments Development Board with an ARMv3 processor. Its
form-factor is designed to roll around the floor, bounce off walls, turn 90
degrees and keep going. For some reason it came with an Ethernet port, so I
re purposed the device to serve web pages. It does not do a very good job
and it locks up all the time. I could probably use a real web-server instead
of a development board on wheels.

orb3000: Finally, please tell us a bit of the Adam outside the hardware world, what do you do for a living? What is your current device?

AdamOutler: Heh, the funny thing is that what I do for a living is in the
hardware world… I’m an electronics tech. I have been working in
electronics for 13 years. In 1999, I joined the Army as a Radar Repairer
and my job was to keep multi-million dollar Artillery, Rocket and Missile
Radars operational at all costs. I changed jobs to be a Biomedical
Equipment Technician after working with Radars in Iraq.

I’m currently in the Civil Service, but I’m still performing Inspection, PM,
calibration, and rebuilding medical equipment (like infusion pumps, x-rays
and ultrasounds) in a hospital as my daily job. Being a biomed and keeping
things in-line with regulations is a stark contrast to modifying radars.
When I’m at work, non-manufacturer authorized modifications can kill
someone. When I get home and work on mobile devices, I can kinda “let
loose”. The worst that can happen with mobile devices is it breaks. At
work, I could face much worse. :)

My current daily phone is an Infuse 4G. My current Dev phone is a Samsung Captivate. My current development tablet is Nook Tablet.

orb3000: Thanks a lot for your time, any final comments you want to make?

AdamOutler: Yes. Since this will be on the XDA Portal and many
manufacturers will see this..

I believe Google chose OMAP4460 because it is the only truly open-hardware
processor available. Open-Hardware means device manufacturers can be
self-sufficient and modders can get the information they need.
Closed-Hardware means it has a relatively short life-cycle.

Samsung: Your Exynos 4210 processor without datasheets is now obsolete
because you chose to keep 1/2 of the datasheets private. I don’t know of a
single person who, with any sort of planning, would say “hey, I want that
processor because of ${Maintainability, Ease of use, Cost Effectiveness}”
All of these qualities are missing when you lock down your datasheets.

Qualcomm: Is there any benefeit to using a Qualcomm processor? Can you
prove it? As far as I can tell, they’re the Celerons of the ARM world.
About the only benefeit to using a Qualcomm processor is integral call
processor. However if the device manufacturers actually cared about the
device and its ability to work through upgrades they would never use
Qualcomm. Here’s a factoid, Qualcomm does not even let the manufacturers
have access to bootloaders. You do realize that the only reason people are
using your chips in their devices is because they think you might know
something they can learn from right?

NVidia: Sure TEGRA extensions are great, but we can’t program them into the
latest versions of Android without knowledge of how they work. You’ve closed
your hardware and thereby stifled development.

Texas Instruments: Good Job! Other processor manufacturers take note. Texas
Instruments is on the rise in the ARM industry because of decisions made by
all other processor manufacturers. We need more Open-Hardware to work with.

BTW… If anyone has access to Samsung Exynos 4210 Chapter 19, entitled
“Boot Sequence” or similar, I need it. The manual I have stops at Chapter
18.

Thats a lot of knowledge!. Hope you all have enjoyed the interview, if so please share it, want someone to be interviewed? Let us know!
Thanks for reading.

Interview

Welcome to the second part of the interview with Recognized Developer AdamOutler:
Here you can find the first part in case you missed it.

orb3000: We know you have the longest bash script ever written, what is made for exactly?

AdamOutler: Mythical Librarian was a
project I created over the course of 6 months. At the time, my daughter was
3, could not read and liked TV Shows like Dora the Explorer, Sesame Street
and others. I found a way to make it so she could point to the show she
wanted to watch, with proper naming convention, XBMC could assign pictures
to each episode and she could select which TV Show she wanted to watch. The
idea behind this project was to automate the process of recording a video,
looking up the season and episode numbers, then renaming. Sounds simple
right?

I began with BASHSEXX(Bash SeasonXX, EpisodeXX). It evolved to support
MythTV’s database and was renamed MythSEXX. Eventually it got a small
following, people started reporting bugs, the script was supporting a large
number of functions and databases and was “thinking” on its own, so it was
renamed mythicalLibrarian.

Long story short, it takes a recording, references an online database,
parses, creates a local textual database, looks TVShows up based on
SeriesID, Original Airdate, Show Title and Episode Title, utilizes standard
and fuzzy logic, grades its performance, makes decisions if its going to
redo the lookup at a later time, maintains filesystem symlinks and manages
metadata. It talks to GNOME desktop, XBMC and MythTV. mythicalLibrarian
generates RSS feeds upon each action via Apache web server.
mythicalLibrarian also has the ability to update itself from the latest SVN
or Stable version.

The end result is the user can use XBMC as a better front-end for MythTV.
XBMC uses mythicalLibrarian to get information which downloads cover-art,
fan-art, episode-art, and displays detailed information about the episode,
while MythTV handles disk-space issues and recording.

I believe it’s main portion is now the longest BASH script in existence.

orb3000: Regarding your current projects such as Unsecure boot on the Nook Tablet, running Ubuntu on Nook tablet, Exynos4120 UnBrickable Mod, what is the actual status and what users can expect from those amazing tools?

AdamOutler: While I did put in a lot of research into Unsecure Boot on the
Nook Tablet and even prototyped Nook Tablet ModChips, XDA Junior Member
Bauwks came up with a total software solution. This solution is now the
defacto standard used in all custom Nook Table booting including Ubuntu.

As for Ubuntu booting, there is considerable work going into a Nook Tablet
3.0 Kernel. This is required for proper operation of Ubuntu. The older 2.6
kernel will boot Ubuntu just fine, but there are problems which cannot be
corrected without proper underlying datastructures. The Ubuntu Recovery
system I came up with works well and will recover a dead Nook Tablet from
any known cause of bricking. I will continue this project as soon as I get my hands on a 3.0 kernel.

The Exynos4210 UnBrickable Mod is complete. We are now researching firmware
solutions. I have worked with Rebellos via Internet and it would appear
that the most logical solution would be to simply send it to him. He will
attempt to write new bootloaders and make GS2 UnBrickable Mod a reality.
Believe me, I want this badly as I receive several PMs per week asking about
the status of GS2 UBM.

orb3000: You have opened a thread called Do you want to help out
developers? Got a broken device?
How the project is going, and what would
you like to ask/advice the donors?. We would like to take this opportunity
to remind everyone participating to help us to keep thread clean.

AdamOutler: A broken device may be something most people throw away.
However, to myself and others, they are research tools.
I stated devices in which I am interested at the top of the thread. Many members have posted
other devices which they are willing to part with. I would like to
encourage other developers and hardware hackers to take advantage of this
and use it as a resource for their projects.

Expect the third and last part soon. Thanks for reading.

Interview

Finally we are back on the XDA Interview series! For those of you too new to XDA, you may find the previous ones in this links: Interview With XDA Developer pof, Interview with User Experience Admin svetius, Interview with XDA forum Admin mikechannon, etc.

This time we will talk with XDA Recognized Developer AdamOutler. It´s hard to find where to start when you have the pleasure to interview such a versatile Developer with so many active projects.

orb3000: Hi Adam, thanks for taking this time to talk. I will start asking how do you started to work in Unbrickable Mod?

AdamOutler: When I switched from iPhone to Android, I had a feeling of
immense freedom. I could do anything I want with an Android! So I did…
I did something and bricked my phone within about 1 hour of owning it.

I searched for ways to recover bricks and JTAG was the only option for my
device. It required soldering 8 tiny wires and purchasing a very expensive
box. I felt that was unacceptable and there should be another way to reload
firmware so I began research and was pulled into the thread Lets save some
bricks
. After locating the hardware modification, I called it UnBrickable Mod because I
knew it had potential to make a device totally UnBrickable.

Cool factoid: The B in UnBrickable is always capitalized because it bypasses
Auto-Correct on Android devices.

orb3000: How Unbrickable Mod works?, can you explain us what is all about?

AdamOutler: That is a very broad question… UnBrickable Mod is a hardware
modification which enables USB upload of bootloaders. I think everyone
wants the reassurance that no matter what they flash on their device it can
be recovered. All CORTEX A8 processors have the ability to boot from USB.
Most modern devices support this and at the same time, most manufacturers
tend to lock this ability down. While UnBrickable Mod is technically a
hardware hack/exploit, it functions to increase device maintainability and
thereby increases device value. Personally, I view UnBrickable Mod as the
way devices should come from the factory.

Here’s a video which explains most of it.

(Note to readers, ignore this paragraph if you’re not a geek) While most
devices have a default failover mode to boot from USB, this is ineffective
if the device locks up on a bootloader. Each device has its own unique boot
mode. Most GalaxyS1 devices use a boot code of 0×9(OneNAND>UART>USB). By
modifying the value from 0×9 to 0×29(UART>USB>OneNAND), the device will
reverse its boot order and thereby cause the device to swap its boot mode
from the default boot first from OneNAND to booting first from UART, then
USB, then OneNAND. It’s not always the same value we’re searching for
though.. Each device has its own unique configuration and processor. A
booting code of 0×9 on a Hummingbird processor does not mean the same on any
other processor, nor is it guaranteed that the boot modes can be swapped,
also memory locations are different per processor.

For example, I’ve just finished locating the modification required on the
Exynos4120 GalaxyS2. As far as I can tell, it will not be possible to
simply swap the boot modes. On the Exynos4120, a temporary connection must
be made in order to make the device attempt to boot from an alternate source
and failover into the USB mode. I chose a switch to make this temporary
connection. See XDA-TV GalaxyS2 Unboxing for more.

orb3000: For a regular user sometimes so many tools is kind of confusing, please tell us about the supporting software like UnBrickable Resurrector, ModeDetect, and Heimdall One-Click?

AdamOutler: These tools each serve different purposes. Lets start with
Heimdall One-Click

1

Heimdall One-Click is a cross-platform, all-dependencies-included, single
executable file, firmware packaging and distribution tool. It is superior
to the Windows-only Odin3. Its purpose is to allow users on Linux, Windows
and Mac to use the exact same file to flash firmware onto their device. The
advantages of using Heimdall One-Click over Odin3:
*Utilzing a much safer flashing method
*Allowing those with Windows, Mac and Linux to flash your firmware
*Increasing user-awareness of what is being flashed
*Packing your firmware into a much easier to use One-Click
*Supporting the work of other Open-Source developers

Heimdall One-Click is based on Heimdall by Benjamin Dobell. Heimdall is
actually safer to use than Odin, and Heimdall One-Click adds 6 points of
safety to standard flashing with Odin. I’ve also created a tool to make
Heimdall One-Clicks from Heimdall Tar.GZ packages.

2

The UnBrickable Resurrector is the firmware/software component to
UnBrickable Mod.

3

The UnBrickable Resurrector will tell you when you’ve connected a device
which has been properly modified. It also can recognize several other modes
like ADB, Media Player, Mass Storage and many others. By connecting an
UnBrickable Modded device and clicking the “Download Mode” button, you’re
activating a process of uploading customized bootloaders directly into
specific memory locations where they are executed and perform initialization
tasks designed to put your device into Download Mode or Fastboot Mode. The
Resurrector was created as a team effort by Rebellos and Myself.

I designed the high-level Java app and hardware mod while he designed the
HIBL(Hummingbird Interceptor BootLoader) and modified SBL.

ModeDetect was discontinued. It has been replaced and absorbed by the
UnBrickable Resurrector.

Basically, we’ve got Heimdall One-Click which makes loading software easy
and the UnBrickable Resurrector which gets you to the point where you can
load software. The reason for having them be totally separate entities:
Not everyone needs or can use the Resurrector and not everyone needs or can
use Heimdall One-Click. Although they work together to form a total
recovery system, they are separate in that developers may not need a full
300meg firmware flash to put their device into download mode and test a
kernel, and people flashing firmware would be confused by inoperative
buttons and extra status icons.

In short, UnBrickable Resurrector supports several devices and provides
hard-brick recovery to a soft-bricked state. Heimdall One-Click provides
soft-brick recovery to an operational state.

This brings me to my work-in-progress… Why don’t we have any
cross-platform tools which work with every single Android device out there?

CASUAL (Cross-platform ADB Scripting, Unified Android Loader), like the Unbrickable resurrector, will support several devices. Since it only requires 6 commands, it is intended to be an easy-to-learn, Cross-Platform, light-weight scripting language for deploying binaries over ADB with a Graphical User Interface. If you’re a developer who wants to deploy a new root script over ADB, put out a kernel for multiple devices or install applications via adb, CASUAL will be your
application of choice. It works on Linux, Windows and Mac. A basic script can be created by simply putting all of your binaries into a zip file then typing in a few adb commands without the word “adb” and replace file
references with $ZIPFILEfilename.ext. For example:
[code]
Shell mkdir /data/tmp
push $ZIPFILEzergRush /data/tmp
shell /data/temp/zergRush
remount
push $ZIPFILEzergRush /system/bin
[/code]

The end-user of a CASUAL application will not see the script. They will see
a GUI. User will simply plug in their Android Debug Bridge enabled device,
select the operation from a drop-down box, then click the big button. It
will also provide a great way to easily root an Android Virtual Device from
Linux as well. CASUAL will support every single Operating System and every
single Android Device.

Here we end the first part of the interview, stay tuned for the following two parts.
Thanks for reading.

Advertisement

XDA TV: Most Recent Video

Buy/Sell on Swappa

  • Nexus 5 (Unlocked) buy | sell
  • Galaxy Note 3 (T-Mobile) buy | sell
  • HTC One M7 (Verizon) buy | sell
  • Galaxy S 5 (Unlocked) buy | sell
  • Nexus 7 2013 buy | sell
  • Swappa is the official marketplace of XDA