Active Topics

 



Notices


Reply
Thread Tools
MSameer's Avatar
Posts: 596 | Thanked: 1,729 times | Joined on Feb 2008 @ Helsinki
#21
I do not know how to use windows flasher but you need to do 2 things:
1) Enable rd mode (There should be a flasher switch to do that)
2) set serial console rd flag.

And you need to connect the phone via USB in addition to the jig.

jig is for serial console.
USB is for flashing.
__________________
We need a coffee machine that doesn't ask for coffee beans every 10 hours
 

The Following 2 Users Say Thank You to MSameer For This Useful Post:
Posts: 908 | Thanked: 2,947 times | Joined on Oct 2014
#22
use putty, set connection to serial (with correct serial port number, baud rate in settings) and you should ser kernel and bootloader messages in window
 

The Following 2 Users Say Thank You to nieldk For This Useful Post:
Posts: 944 | Thanked: 800 times | Joined on Aug 2011
#23
Originally Posted by nieldk View Post
use putty, set connection to serial (with correct serial port number, baud rate in settings) and you should ser kernel and bootloader messages in window
Do i need to plug rs232 and usb to see the device in serial with Putty?

If i see bootloader msg and kernel how to remove lockscreen (security code)?
Is there any method to kill lockscreen password? without jig.
https://m.youtube.com/watch?v=Quv9iD75JJM
is it possible to do this method if it's at startup?
 

The Following User Says Thank You to n950 For This Useful Post:
joerg_rw's Avatar
Posts: 2,178 | Thanked: 12,215 times | Joined on Mar 2010 @ SOL 3
#24
N9 has OMAP which has a ROM-BOOT that checks for a 'magic char' during boot, on a number of interfaces (depending on some config pins of SoC). So you need flasher attached to one of the interfaces (serial, USB...) and started *before* you power up the OMAP device.

HTH
/j
__________________
Maemo Community Council member [2012-10, 2013-05, 2013-11, 2014-06 terms]
Hildon Foundation Council inaugural member.
MCe.V. foundation member

EX Hildon Foundation approved
Maemo Administration Coordinator (stepped down due to bullying 2014-04-05)
aka "techstaff" - the guys who keep your infra running - Devotion to Duty http://xkcd.com/705/

IRC(freenode): DocScrutinizer*
First USB hostmode fanatic, father of H-E-N
 

The Following 3 Users Say Thank You to joerg_rw For This Useful Post:
Posts: 944 | Thanked: 800 times | Joined on Aug 2011
#25
Putty work
I have connected only the RS232 --> USB.
But now how to remove password at startup?
Any help?
With Putty i can't enter command line why?

Thank you
Attached Images
  
 

The Following User Says Thank You to n950 For This Useful Post:
Posts: 944 | Thanked: 800 times | Joined on Aug 2011
#26
Originally Posted by nieldk View Post
use putty, set connection to serial (with correct serial port number, baud rate in settings) and you should ser kernel and bootloader messages in window
I have seen kernel and bootloader but where can i find password at startup or remove lockscreen password?
Can you explain me please?
 

The Following User Says Thank You to n950 For This Useful Post:
joerg_rw's Avatar
Posts: 2,178 | Thanked: 12,215 times | Joined on Mar 2010 @ SOL 3
#27
for password see how N900 device lockcode works (e.g. in http://talk.maemo.org/showthread.php?p=524522) - the problem is the lockcode function is part of the OS running, and I'd guess on N9(50) your best bet is to reflash the complete device to unlock an unknown lockcode. That's been the intended effect it been implemented for: protect your data when you lose device. So recovery path is: delete all data aka 'reflash'

{edit] while in N900 the lockcode (hash) is stored in NAND, in N9 iirc this is slightly different as in: you can't (write?) access the lockcode in openmode, as the storage location gets 'sealed' when the bootloader decides to enter 'openmode' and run an unsigned kernel.
[edit2] basically I guess your situation is identical to this http://talk.maemo.org/showthread.php?p=603825
[edit3] afaik it was possible on N900 to set "locked: no" flag by mere flashing of rootfs in maybe up to PR1.2. However I'm sure they fixed that by adding a sort of flag to MyDocs as well, so you had to reflash both, in probably PR1.3.
Sorry I lost interest in N9 / Harmattan when it became clear that user don't own their device since Nokia doesn't hand out the keys for that security stuff
__________________
Maemo Community Council member [2012-10, 2013-05, 2013-11, 2014-06 terms]
Hildon Foundation Council inaugural member.
MCe.V. foundation member

EX Hildon Foundation approved
Maemo Administration Coordinator (stepped down due to bullying 2014-04-05)
aka "techstaff" - the guys who keep your infra running - Devotion to Duty http://xkcd.com/705/

IRC(freenode): DocScrutinizer*
First USB hostmode fanatic, father of H-E-N

Last edited by joerg_rw; 2017-03-03 at 14:44.
 

The Following 2 Users Say Thank You to joerg_rw For This Useful Post:
Posts: 944 | Thanked: 800 times | Joined on Aug 2011
#28
Originally Posted by joerg_rw View Post
for password see how N900 device lockcode works (e.g. in http://talk.maemo.org/showthread.php?p=524522) - the problem is the lockcode function is part of the OS running, and I'd guess on N9(50) your best bet is to reflash the complete device to unlock an unknown lockcode. That's been the intended effect it been implemented for: protect your data when you lose device. So recovery path is: delete all data aka 'reflash'

{edit] while in N900 the lockcode (hash) is stored in NAND, in N9 iirc this is slightly different as in: you can't (write?) access the lockcode in openmode, as the storage location gets 'sealed' when the bootloader decides to enter 'openmode' and run an unsigned kernel.
[edit2] basically I guess your situation is identical to this http://talk.maemo.org/showthread.php?p=603825
[edit3] afaik it was possible on N900 to set "locked: no" flag by mere flashing of rootfs in maybe up to PR1.2. However I'm sure they fixed that by adding a sort of flag to MyDocs as well, so you had to reflash both, in probably PR1.3.
Sorry I lost interest in N9 / Harmattan when it became clear that user don't own their device since Nokia doesn't hand out the keys for that security stuff
The problem is i am training with this device. But it's not the device i want to bypass lockscreen.
The one i really want to bypass security code will arrive soon. It's N950 armored prototype with Beta OS. I don't want to flash the device. It's a jewel.
So how to find pass or remove security code?
Try to explain me step by step please.
 

The Following User Says Thank You to n950 For This Useful Post:
joerg_rw's Avatar
Posts: 2,178 | Thanked: 12,215 times | Joined on Mar 2010 @ SOL 3
#29
I'm really not competent since I never looked into details how Harmattan (closed blob lockscreen) works, but I'd suspect your only option _is_ reflashing. You should try to find the same version/revision-number of flash image as you got on your N950, so you don't 'upgrade', since Harmattan blocks downgrade. This means you can't flash an older than recently flashed image, and when you flash a newer image, you're one step closer to "dead end", Maybe http://maemo.cloud-7.de/950/myimages/ helps with that (OCF = One Click Flasher).
[edit] the whole purpose of device security lockcode and lockscreen is that you *cannot* bypass it (depending on manuffacturer's policy maybe except by a full reflash so the user data would stay private). If you could bypass (and access user private data) it would mean that the security folks in Nokia sw development did a poor job. The only other alternative to a) flashing and to b) hoping for an exploit that allows cracking the code (which I'm not aware of any for Harmattan, but see above about my competence) is: c) build some setup that tests all 99999 possible lockcodes.

Compare the infamous recent case US authorities against Apple, to unlock an iPhone. Actually Apple also wouldn't really have a way to do that, just like Nokia wouldn't (or rather: isn't supposed to) have a way to unlock N9(50) while preserving user data (let alone that there are known attack vectors independant of OS to access the user data via exploit / rooting of the modem radio firmware stack, but those are not working on N9(50) unlike on basically all more modern smartphones)
__________________
Maemo Community Council member [2012-10, 2013-05, 2013-11, 2014-06 terms]
Hildon Foundation Council inaugural member.
MCe.V. foundation member

EX Hildon Foundation approved
Maemo Administration Coordinator (stepped down due to bullying 2014-04-05)
aka "techstaff" - the guys who keep your infra running - Devotion to Duty http://xkcd.com/705/

IRC(freenode): DocScrutinizer*
First USB hostmode fanatic, father of H-E-N

Last edited by joerg_rw; 2017-03-03 at 15:34.
 

The Following 2 Users Say Thank You to joerg_rw For This Useful Post:
Posts: 944 | Thanked: 800 times | Joined on Aug 2011
#30
Originally Posted by joerg_rw View Post
I'm really not competent since I never looked into details how Harmattan works, but I'd suspect your only option _is_ reflashing. You should try to find the same version/revision-number of flash image as you got on your N950, so you don't 'upgrade', since Harmattan blocks downgrade. This means you can't flash an older than recently flashed image, and when you flash a newer image, you're one step closer to "dead end", Maybe http://maemo.cloud-7.de/950/myimages/ helps with that (OCF = One Click Flasher).
It's impossible to find beta OS like i will have on internet because it's unique. like between Maemo and Meego.
Thanks for your help i hope i will find solution to kill lockscreen pass.
perhaps like on youtube video i posted no?
 

The Following User Says Thank You to n950 For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 15:01.