has anyone figured out a way to jtag dump the samsung hypervisor in the trustzone? would be interesting to see if there is a way to circumvent the e-fuse protection mechanism via jumping over the routine in the hypervisor.
Related
So many Wallet users, including myself, have had issues where Google wallet will prompt an error that says The secure element has stopped working. Is this something that can be potentially fixed through a software update?
Sent from my Galaxy Nexus using Tapatalk 2
No, it's a hardware issue. You have no hope.
Fried.
LoveNFC said:
No, it's a hardware issue. You have no hope.
Click to expand...
Click to collapse
Isn't the NFC chip inside the battery though? I talked to a Samsung Tech today and he said NFC issues should be able to be fixed with a new battery. I'm not sure if it'll work for sure though. Thoughts?
aturyan said:
Isn't the NFC chip inside the battery though? I talked to a Samsung Tech today and he said NFC issues should be able to be fixed with a new battery. I'm not sure if it'll work for sure though. Thoughts?
Click to expand...
Click to collapse
The nfc antenna is inside of the battery from my understanding. The rest is probably in the phone.
It won't fix it, but there was a report of how to prevent it:
http://www.engadget.com/2012/05/29/google-wallet-factory-reset-problem/
http://androidcommunity.com/more-google-wallet-problems-phone-reset-bricks-service-20120529/
http://phandroid.com/2012/05/28/and...allet-a-factory-reset-could-break-it-forever/
The Secure Element is the part that stops responding, and it is part of the phone. The element needs to either be replaced by taking apart your phone and replacing the motherboard or you need to be able to hack into the Secure Element and reset it. The problem is, the Secure Element is of course "Secure" and doesn't allow tampering (hence why Credit Card Credentials and Google Wallet are secured by it). Devs probably don't want to touch it, as if they hack into it, Google Wallet will receive heavy backlash in the media/public use. Some devs may still want to hack the secure element for the purpose of Card Emulation, something that can't be done as of yet until Google opens up the Secure Element to third parties.
My Galaxy Nexus got run over by a car, and the screen was damaged pretty bad. I understand that it can't be repaired and that I'll be lucky to get anything off of it, but I'm hoping since the boards inside weren't damaged much that a data recovery company might be able to pull off my data. The reason for my question is that when I spoke to them they asked me and I didn't know the answer so I'd like to get a clear understanding from someone who knows.
Does the Galaxy Nexus have a flash memory controller or does it have an uncontrolled MTD chip? Judging from the fact that it's got a couple ext4 partitions (according to this post http://forum.xda-developers.com/showthread.php?t=1469490 ) I would guess it's a controlled chip but I just want to make sure.
Also does the fact that it's under "/dev/block/mmcblk0" mean that it uses an MultiMedia Card controller?
Finally if it is a controlled device that means that if the controller is damaged the data is irretrievable right? Is the controller part of the Samsung multi-memory chip or is it separate on the board?
When I get back to them I want to give them as much information as I can so answers to any or all of these questions would be greatly appreciated.
P.S. If anyone knows of a good data recovery service in Canada that they could recommend I'd greatly appreciate it. I understand it won't be cheap but all of the ones I've seen are ridiculous (like $300 dollars to undelete files on a windows OS which you can do with free software in 10 minutes)
I'm soon going to get either the Samsung S5, HTC One M8 or Sony Xperia Z2, and one of the first things I want to do is install Cyanogenmod. I recently discovered the Samsung Knox counter and that led me to do a bit of research into what sort of similar security Sony and HTC have. It seems that all of them have some way of permanently tracking an unlocked bootloader and voiding the warrantee, so no way around that. However, I wondered how much it actually mattered, and to what extent each of the companies will repair/replace hardware after unlocking. From what I've read, HTC can be pretty rigid, but Samsung and Sony not so much. Has anyone had any experience with this that could give me some insight?
Hi,
I've performed a Lg G3 hard brick recovery, locked bootloader with a missing / corrupted OS. I did the same again with Pixel 2 XL. I probably will make the same goof again the future. Thought I would share a possible solution when Pixel 2 XL warranty expires...
So the Lg G3, had specific pins (I think all Qualcomm phones have these, on second thought) and there exists a basic check in it's boot process, if a certain pin is grounded it goes into another state. see here:
1) https://www.reddit.com/r/LGG3/comments/41wbo3/how_to_unhardbrick_your_lg_g3_jtag/
2) https://forum.xda-developers.com/sp...very-guide-t3132359/post61280085#post61280085
Now, I was looking at the PCB of the Pixel 2 XL, found here: https://d3nevzfk7ii3be.cloudfront.net/igi/pMrI5NRA5LCj1TBI.huge
One can clearly see similar pins under the shielding besides the snapdragon chip. Now, I don't know the specific pin to ground, nor do I have the software .rar file that can be used to handshake and flash individual .img files. But the possibility exists.
If anyone else here can shed light or assist to this cause. That would be great, thankfully we should all be under Google's warranty but when that expires this might be the ony possibility for repair in the future, short of exchanging the central pcb.
EDL mode is all nice to have but only if you have the signed .elf firehose programmer for this specific device. Otherwise you will not be able to flash anything... unless you manage to hack the primary bootloader of course So until this programmer leaks (doubtful) from LG we're out of luck.
As a side note, it's funny how Xiaomi provides this programmer for many of their devices but Google refuses to do so.
Certain carriers send their hardware out with bootloaders that you cannot unlock, ever. I'm thinking of AT&T and Verizon. But here's the thing now; there has got to be some point where we reach an "unless". "Unless" is a powerful thing; sometimes it can even bring back truffula trees from extinction.
I'm saying, what if I decided I was going to show my phone who's boss, and there's no if's, and's, or but's about it? I'm saying, before the hardware was made into an AT&T or Verizon phone, it was a blank slate, wasn't it? What is it really that makes their bootloaders impossible to unlock? "Because they made them that way" is not a reason. What did they do, specifically, in order to make them that way? And if money were no object, could we undo it?
I'm saying, if we take the phone apart completely, unglue the MMC, and write to it directly, could we then make it dance for us? Expensive shmexpensive: could we do it? Could we replace the bootloader with one that would be unlockable? If that wouldn't do it, what would?
Give me the answer where money is no object. Let's get purely hypothetical. Let's replace chips if we have to. Let's take it to the realm of Atari v. Nintendo and reverse engineer the programming if we have to. Let's do a little Weird Science. Sky's the limit. What would it take?
Mmm, the problem is not the MMC, the problem is the SoC.
The chip is flashed with the public key of OEM and fuses are blown to enable SecureBoot.
Now, if you can get some virgin chips out of Qualcomm...
Ok, I'm only speaking about Qualcomm now.
Some other manufacturers may not be so secure.