Bricking your S-Gold

Unlike the s5l8900 with its DFU restore, it is possible to put the S-Gold radio CPU into a permanent “brick” status. It is (so far as we can tell) impossible to recover from this bricked S-Gold mode. Your cellphone and Edge and WiFi can be lost forever.

The checkblank routine in the S-Gold bootrom checks the locations A0000030,A000A5A0,A0015C58,A0017370 for empty (FFFFFFFF) before it will accept a new bootloader. Geohot's hardware unlock from August 2007 tricks the bootrom into checking alternate locations higher up in baseband space for the empty status. If both the bootloader code is somehow rendered inoperable and the baseband space isn't empty in the A17 alternate locations, your S-Gold bootrom cannot be tricked into accepting a different (working) bootloader, even using geohot's A17 hack. If your bootloader is inoperable, so is your baseband firmware. This is a permanent brick mode that can be caused by bad or malicious software.

So, be careful about what programs you launch on your iPhone.

sgold_bootrom/brick.txt · Last modified: 2008/02/14 09:27 (external edit)
 
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki