This thread was created as a central location for the most up to date and relevant information around the EVO 3D Development Scene.
Yes, if you are new to the DEV scene or are about to ask a question a very n00b question like "
when/where is root?", "
how do I...a bootloader?", "
does my EVO turn into a jet and take me to x, y, or z?"...then you should be reading this. It's ok, we were all Noobs once. You can always check this more than once since I will try to update it with additional issues/solutions that your fellow members post as they become available.
Temp Root Status:ROOT3D! FOR DEV TESTING
Full Root Status:In Progress
Where can I get Fre3vo, the Temp Root Solution for the EVO 3D?
Fre3vo, from TheRootofallEVO
xHausx has provided a nice little Windows ADB package in Zip form for starters.
WARNING: The automated process can be a little messy at the moment, so it might be best to follow the manual instructions on the Root of All EVO page above for now. Ultimately, this is intended for DEV's to ticker with until a full blow stable solution is made available.
xHausx 3DROOT v4 -
3DROOT-4.zip
Fr3vo Known Issues
Quote:
REMEMBER: This is a TEMP ROOT for developers to tinker
Facts:
Your root shell stays in ADB
You can remount system to get rw
After a while (unknown amount of time) we lost system rw
When we lost system rw it reverts back any changes to system
This means if you pushed su to /system/xbin it's now gone (So superuser apps don't work)
|
On 06.30.2011 a little after 20:30 CST, A and members of #TeamWin took to the IRC channel to reveal the findings of there root venture for the HTC EVO 3D. The filtered transcript of the IRC channel can be found
HERE. The following are some highlights from that meeting.
What is the status of Full Root?
Currently Temp, Looking for Perm. Elaborated in a later question.
Quote:
|
19:58 <@AGRabren> Currently, we're looking for a way to make root sticky.
|
How will the root process work?
Quote:
20:00 <@AGRabren> It involves using adb and some software installed on the phone itself.
20:01 <@AGRabren> Can this exploit be reversed? Because we're only talking temp-root, it is reverted on reboot.
20:01 <@AGRabren> When we get to perm root, that will also be reversable.
20:08 <@AGRabren> Any platform that supports adb will work.
20:08 <@AGRabren> Unless someone knows of an adb client for android. 
20:21 <@AGRabren> If I reboot, what happens: Well, right now, it's temp root and it's gone. We're hoping by this weekend to have it sticky, and running Titanium Backup
20:21 <@AGRabren> Any changes to /system at this time will definitely revert.
20:22 <@joshua_> It's very possible that it could be packed up in a one-click root-on-boot, like the original unrevoked.
|
What about S-OFF?
Quote:
20:10 <@AGRabren> Short of "where are we at for s-off".
20:10 <@joshua_> Sure. This device is eMMC, and also has a signed bootloaer. This means that S-OFF is a ways further out than just soft root.
20:11 <@joshua_> I can answer from my experience working closely with the AlphaRev X team that S-OFF on Sensation is goign to be harder than previous devices we've worked with.
20:11 <@joshua_> I think EVO 3D is very similar to Sensation, so I suspect the same to be true there.
20:11 <@joshua_> Someone asked me what eMMC is: Older phones (EVO 4G) are based on NAND flash; eMMC is a different type of flash.
20:12 <@joshua_> eMMC has different types of write protection that we haven't worked with before.
20:12 <@AGRabren> And we plan to work together to solve some of these issues. 
20:14 <@joshua_> (We've all been working pretty closely on this, including scotty.)
20:14 <@AGRabren> you think this particular exploit will eventually lead to s-off, or is it too early to tell?
20:14 <@AGRabren> (Sending this one to joshua_
20:15 <@joshua_> agrabren, the AlphaRevX exploit requires userspace root, and that was one of the big things holding it back on gbread
20:22 <@AGRabren> Joshua: whats the difference between unlocked and s-off?
20:22 <@joshua_> S-OFF, unlocked, etc are fuzzy terms, especially now that we are on eMMC.
20:23 <@joshua_> S-OFF used to refer to a specific configuration in which the radio told hboot that it was "OK" to flash anything it wanted, essentially.
20:23 <@joshua_> (It also would refer to an ENG hboot.)
20:23 <@joshua_> On eMMC, that state no longer exists.
20:24 <@joshua_> unlocked is not really a term that applies to CDMA phones; in general, it refers to the ability to put a SIM card from a differnet carrier into your phone. the "NAND lock", or write protection, or anything like that does apply, and refers to being able to write /system
20:24 <@joshua_> (I think that's needed for Cyanogen.)
|
What's up with the OTAs, can we take them?
Quote:
|
20:23 <@AGRabren> OTA: Risky. Until we crack the nand lock and get S-OFF, it's possible for HTC to make things different or harder with a new HBOOT.
|
So how did the team find the exploit, what CAN you tell us?
Quote:
19:41 <@AGRabren> It utilizes a hole we found in the software on the EVO 3D.
19:41 <@AGRabren> The reason we're being so secretive about the hole is because we don't want forced OTAs to close it.
19:41 <@AGRabren> It's a serious security vulnerability, beyond the scope of getting root.
19:42 <@AGRabren> As for the "violent" nature of it, we found a hole and tossed in a grenade.
19:42 <@AGRabren> Blew my phone to shit.
19:42 <@AGRabren> But in blowing it to shit, we confirmed that we had, in fact, found a way in that we could exploit.
19:43 <@AGRabren> After a factory reset of the device (I managed to get Android to only mount /data as ro. Let me tell you, this *will* fuck you up)
19:43 <@AGRabren> We stepped back into the hole with flashlights.
19:44 <@AGRabren> After a lot of snooping around inside the guts, I found a way to get adbd to run as root.
19:47 <@AGRabren> Is this specific to android or could it be used on generic linux os's? We can't answer this question at this time.
19:47 <@AGRabren> The reason we can't answer is we really want everyone to be able to take advantage of the hole, instead of it being patched.
20:00 <@AGRabren> We are making no comments on whether this is a ROM or Kernel exploit.
20:28 <@joshua_> agrabren, By the way, traditionally, unrevoked's policy is to report to vendors holes that appear to be 'intentional' (see skyagent), but to package and protect vulnerabilities like that the best we can.
20:29 <@AGRabren> This was a non-intentional hole.
20:29 <@joshua_> Yeah. Traditionally, unrevoked just packs and protects that sort of thing until someone finally reverses them.
20:30 <@joshua_> We'd love to be able to do the responsible disclosure thing, but this is an arms race...
20:30 <@zule> htc created the arms race, we just fight fair
20:30 <@joshua_> (on the 'really bad' things, we do indeed do responsible disclosure insstead)
19:58 <@joshua_> ruckus asked what happens if HTC opens it up before we get a chance to release. Obviously we'll see how their strategy works and decide then
19:58 <@AGRabren> If HTC opens up the device, they open up the device.
|
Are there any MalWare concerns with this exploit?
Quote:
20:26 <@joshua_> Yes.
20:27 <@AGRabren> Yes. Any security hole that gives a user elevated permissions is a malware concern.
|
What devices does this work on?
Quote:
19:44 <@AGRabren> What devices will this work on? Well, the EVO 3D. We believe it will work on the Sensation 4G.
19:49 <@AGRabren> It should apply to some other devices, but there will be work on a device-by-device basis.
19:49 <@AGRabren> We don't know exactly how similar the devices are in the software, so we don't know if the internal offsets are different.
20:07 <@AGRabren> Sensation 4G: We believe it will work there. I need a person in North Austin willing to help with this, since I don't have one.
20:07 <@AGRabren> Otherwise, it will happen after the EVO 3D one comes out.
|
Is it safe?
Quote:
19:51 <@AGRabren> We are using a smart algorithm for protecting the devices from things going wrong. It only exploits if everything checks out.
20:01 <@AGRabren> Can this exploit be reversed? Because we're only talking temp-root, it is reverted on reboot.
20:01 <@AGRabren> When we get to perm root, that will also be reversable.
|
Can I be a WINNER by WINNING with #TeamWin?
Quote:
20:16 <@AGRabren> Eyeballer: Please field the often question: Can we be beta testers, how do we join #teamwin?
20:16 <@eyeballer> agrabren: seems to be the question of the day =P
20:17 <@joshua_> Someone asked whether you can flash the ENG hboot with temp root: everyone will be investigating that in the days to come.
20:18 <@eyeballer> #teamwin was formed back when shinzul and toastcfh were working on reverse engineering wimax from sense to aosp .. since then we've built up a pretty comprehensive group of people with a range of talents.. at this time we're pretty close and closed..
20:18 <@eyeballer> we believe in close controlled testing and then wipe public release so we'll probably follow a similar method here
|
Other Questions
Quote:
20:09 <@joshua_> will it be published: That's up to agrabren; looks like he intends to publish, yes.
20:09 <@joshua_> different versions of hardware: I don't know for sure, but it's usually too early by now.
20:09 <@joshua_> hboot: This is soft root and does not require hboot yet.
20:19 <@joshua_> dragonfyre13 asked a good question: should other people working on developing exploits continue? The answer is 'absolutely' -- we will need them some day (well, hopefully not, but...).
20:19 <@AGRabren> As for continuing looking for holes: You're welcome to, but this has no real damage to anything else on the phone.
20:20 <@joshua_> Someone suggested trying to trade the exploit with HTC: that's called extortion, and is bad for the community as a whole. Everyone obviously would love to work with HTC to build a platform to develop on, but bargaining with exploits is not how to do it.
20:27 <@eyeballer> oblivion2k> will we lose radio, wimax, hboot, etc with this root method?
20:27 <@eyeballer> with just temp root, no
20:28 <@eyeballer> unless you try to mess with those things yourself
|
THANK YOU FOR YOUR PATIENCE!
Rooting/ROM FAQs
I just got my EVO 3D! I want to root it, but superoneclick or gingerbreak isn't working!! Why?
ALL PREVIOUS EXPLOITS found to root older HTC Android devices have been fixed with our shiny new EVO 3D, so you must you the TEMP root solution listed above. This also means that the rooting process must be repeated after each reboot, thus the name "Temp".
How do I flash a ROM on my EVO 3D?
You can't. The majority of us, including you, DONT HAVE S-OFF AND/OR PERM ROOT, WE CANT FLASH ROMS RIGHT NOW.
We have ROMS/RUUs here in these threads though. Why would they make them available if no one has Root?
Some of our members here have an S-OFF device, meaning that their BootLoaders are UNLOCKED and they have FULL ROOT to their devices, so they can flash these ROMS, and love the phone like we want to. They got these devices either because they received test units, or they were just really, REALLY lucky.
I want S-OFF too! How do I S-OFF my EVO 3D??
Currently we can't. There are honestly a handful of people on the forums who have S-OFF, and they only have it because their devices came shipped with S-OFF. HTC has stated that they will provide us with an update at some point that will give us S-OFF, but we have no ETA. So unless one of our brilliant DEVs on this site cracks our BootLoader before HTC sends out the update, you will be playing the waiting game like the rest of us. When it does get cracked or if HTC sends out the update, this forum will be updated or explode, whichever comes first.
If you didn't know it already, we are in the SAME boat as our friends with the HTC Sensation. Both are very similar in nature. If they get Root/BootLoader access, chances are will will soon, and vice-versa.
Where can I follow the progress being made towards Perm Rooting the EVO 3D?
You can watch the on going discussion in the threads below. Please try not to post unless you have something USEFUL to contribute. A lower post count makes this work space easier to follow for YOU and the DEV Team.
[WIP][S-OFF] Got Root?
[GUIDE] Fre3vo / Fre3dom Official Thread
I think I might have S-OFF. How do i check?
Ensure the device is completely powered off, the best way is to pull the battery and replace it. Boot into the BootLoader to check it by holding the volume key down+pressing the power button when the device is fully powered off. Don't let go of the volume key until you boot into the white screen that you've probably never seen before. Look at the top line it will MORE THAN LIKELY have “S-ON”. You’re not alone, 99.99 percent of us are S-ON as well.
I hold the volume down+the power button but it doesn't boot into it!!!! help!!!
Pull the battery out before you do it OR to make things ALOT easier, before turning your EVO 3D off go into Settings ?Power? and uncheck the FastBoot option. Now when you turn the device off, it will fully power down instead of just going into a "sleep" mode. Try it again!
My EVO 3D keeps saying that there is an OTA (Over the Air Update) available, should I apply it?
Currently, the best recommendation is NO. In most cases, the OTA updates do work to fix legitimate problems with your phone or the phones software. At the same time, if HTC wanted to fix a potential exploit that the team might use to gain access to the BootLoader or Root, they push out the “fix” in this manner.
OTA Version Numbers/Changes
This is not a FULL list of changes, just the change log
provided by Sprint.
Current Version: 1.13.651.7
R: 6/24/2011
This update fixes issue of calendar entries in certain formats force closing during edits
V: 1.11.651.3
R: 6/24/2011
Initial Release
OMFG, I applied the OTA update, I DIDN’T KNOW!!!!
Calm the F**K down! We haven’t even achieved Root with the stock BootLoader yet. It’s going to take some time before anyone is going to know the ramifications of any of the OTA updates. If prompted for one in the future, leave it be. I’ll try to update this article as time progresses and let you know what’s changed.
EVO 3D Hardware FAQs
Where can I get the Windows USB Drivers for my EVO 3D?
If you havent installed HTC Sync, the core Windows USB drivers are available on the HTC Dev site
HERE. You will not need to install HTC Sync.
HTC Android USB Driver for Microsoft PC
USB_driver_20101122_release.zip
Just got my new EVO 3D but its really hot!!! Is it defective?!
No it's not defective, its just hot. These batteries can heat up from time to time, ESPECIALLY on your first few charges, but it won't happen much anymore after. My battery was extremely hot from just charging it for the first time with the phone turned off, so I’m speaking from experience and from other users as well.
EVO 3D Softhack/FAQ
Getting Your MSL
A risky but functional way to get your MSL has been described in detail
HERE. An alternative YMMV way is to simply contact Sprint, tell them your phone was not activated at the store because the systems were down or because of a factory reset, etc. They will proceed to walk you through the programming. Of all the information they give you there is really only one sequence you need pay attention. The first step will be to dial a ## 6 digit number sequence # (ex: ##123456#), this 6 digit number is your MSL. SAVE THIS NUMBER, IT IS UNIQUE TO YOUR PHONE HARDWARE AND WILL NOT CHANGE.
Increase your WWAN/WAN Connection Speed/Efficiency
A slight variation of the thread
HERE this guide will guide you through removing the Poxy put in place by Sprint. Removing this proxy removes at least one or more hops in between you and your connection destination, possibly increasing your WAN connection speed via 2G/3G/4G and Wi-Fi. As always, use at your own risk. You will need your MSL code for this to work.
Removing the Sprint Proxy
1. With MSL in hand, go to the Phone app and dial ##3282#
2. Click Edit Mode
3. Your "Password" is your Phone's MSL, enter it here.
4. Click Advanced
5. Scroll down to RTSP/HTTP Setting
6. Change RTSP proxy IP to 0.0.0.0 or You can leave this blank if you like
7. Change RTSP proxy Port to 0 (Zero)
8. HTTP proxy IP to 0.0.0.0 or You could leave this blank if you like
9. HTTP proxy port to 0 (Zero)
10.Once complete, back out to the home screen and enjoy Downloads and a .20- .60 mbps increase in 3G speeds!
It may not hurt to verify the settings are in place by following steps 1 through 5 again, if you're OCD.
Improve CDMA Call Sound Quality via a Codec Change.
A few instances of this Codec change have popped up on XDA, PPCG, and even androidforums. For this reason, I'm unable to give credit to the original source. I have gathered as much data into one place around the subject. There are a few important things to note. This adjustment changes the Codec used to compress the voices of you and your caller across the Cell Network using EVRC-B which is an updated revision to the current CDMA standard EVRC. It has been noted in a
few places, that making this change CAN effect your ability to make outbound calls in some roaming situations, including over Network extenders like the AirRave. As always, YMMV and I STRONGLY recommend that you both test this change in your normal use environments as well as keep a general idea of these instructions handy in the event you need to revert to the default settings in an emergency. As always, YOU and YOU ALONE are FULLY responsible for changes to any handset in which these and any modifications are made.
1. With MSL in hand, go to the Phone app and dial ##3282#
2. Click Edit Mode
3. Your "Password" is your Phone's MSL, enter it here.
4. Click Advanced
5. Scroll down the list and note the entries for EVRC-B, Home Orig, and Roam Orig.
6. Change EVRC-B to "Enable"
7. Change Home Orig and Roam Orig to "EVRC-B"
8. Hit Menu, and select "Commit Modifications"
9. Your phone will prompt you to click ok to restart or it will restart automatically.
To reverse the changes, repeat all of the above steps except change the following.
6. Change EVRC-B to "Disable"
7. Change Home Orig and Roam Orig to "EVRC"
Click to learn more about
EVRC and
EVRC-B
Wired USB Tethering, What Works?
Currently, the following Apps in the market place have been verified by our members.
EasyTether Lite
PDANet
Any more questions? Search, SEARCH, F**King SEARCH.
If you truly cannot find your answer, then Please Ask here.
DO NOT Create another thread in the DEV section, you will only be making matters worse. This thread is a workspace for the DEV/Test Teams to work towards making your EVO 3D experience as fun as it can be. Myself or any other members of the community will try to answer them and add them to this post. Hope this helps people.
DO NOT Ask for an ETA on Root, etc!!
Remember, S E A R C H !
USEFUL Resources
Contents of the EVO 3D Stock microSD Card
NetFlix APK
HTC Flashlight
HTC Battery Widget
YouTube 3D Downloads
If you'd like to see something added to this list, please PM me. Thanks!
Special Thanks go to Shaquiel Harris for his
Sensation FAQ!