Android
- Best guide to create a goldcard
Incidentally, it's really quite interesting how the security on HTC phones is configured. As you know anyone can access the bootloader menus, and thus the RECOVERY console. What you might not know is that during recovery, even via USB, a check is performed on the SD card (which is absent causes this check to fail) to verify some cryptographic hash that apparently all Qualcomm / HTC phones use.
There are even tools available for calculating these hashes and so on. The Custom ID (CID) is stored at the very beginning of the SD card, just before the partition table. Apparently not all SD cards support changing the data in that area (presumably cheap ones don't implement the low addresses as I presume they're usually not useful).
The CID is calculated from the SD card's attributes in some mysterious way. When your phone is booted and the SD card is mounted the Android kernel calculated the CID and it's available in the /sys file-system. So you need to be able to read this somehow (i.e. Android SDK + USB debugging mode, or the Console App).
Once you have the CID you need to translate it into a format suitable for the SD card. I've no idea what that involves apart; you can paste the CID into a website and be emailed a new SD header image file.
Anyways, once you have a suitably cooked card (a “gold card”) you can place an update.zip in the root of it's FAT32 partition, enter the bootloader and then RECOVERY screen and flash it in - so long as it's an official update intended for your phone!
One of the benefits of rooting the phone, I've read, is that you can also flash in unsigned images, i.e. non-official ones.
While reading all these guides I found that the tools which come with the Android SDK have some undocumented features. For instance the “fastboot” tools (which allows you to boot custom kernels over USB and so on) has an “oem” command that is completely undocumented. The only use I've seen for it is to reboot the phone into a mode that allows firmware upgrades to be sent via USB: fastboot oem rebootRUU
Thought you might find some of this interesting. I'm going to reconfigure my phone (it was wiped by my reflashing) and play with some root apps.
