Root Looking for a little input...

[pacedrum69]

Im newly rooted, running EE 3.0 , and I would like to change my lock screen..... how would I go about doing so, with these instructions?? Im a noob....obviously
Instructions:

1. Do a NAND backup first!!! I am not responsible for you bricking your phone.
2. Download this script --> Vanilla_Lockscreen_Wallpaper_Windows.zip (there is also a Linux one)
3. Download Lockscreen_With_Background.zip down below instead (Had to modify the original script; lots of bad stuff happened

)
4. Extract the files to a folder
5. Add your 320x480 wallpaper (.JPG or .PNG) to the Wallpaper folder
6. Plug in your phone to your computer
7. Execute the START-SCRIPT batch file
8. The phone will reboot when it is finished

AND...how do I perform a NAND backup??

 

[erisuser1]

AND...how do I perform a NAND backup??

1) Power the phone off.

2) Press (and keep holding down) Vol-Up + End/Power simultaneously until the screen comes on.

You should see a screen like this:

3) Scroll down with the trackball and select menu item # 3 (Backup/Restore). You "select" by pressing the trackball.

Next you should see this menu

4) Since the option you want is "Nand backup", you already have it highlighted. Click the trackball to select.

The phone will respond by asking you to confirm this operation:

5) And with another click of the trackball it will begin:

This will take a little bit of time - eventually the phone will tell you that the backup is successful. You can back up in the menu at that time by using the Vol-down button.


All of the menu items in Amon_RA's recovery (except the "Reboot system now" item) require a confirmation click with the trackball. This means you can go exploring in those menus without much risk of doing anything bad. Once you have made a good backup, feel free to click on the various menus to see what options are available; if you get to a spot where it asks you to "confirm" with a trackball press, just back out of it by using the Vol-down button.

Good Luck

eu1

 

[pacedrum69]

1) Power the phone off.

2) Press (and keep holding down) Vol-Up + End/Power simultaneously until the screen comes on.

You should see a screen like this:

3) Scroll down with the trackball and select menu item # 3 (Backup/Restore). You "select" by pressing the trackball.

Next you should see this menu

4) Since the option you want is "Nand backup", you already have it highlighted. Click the trackball to select.

The phone will respond by asking you to confirm this operation:

5) And with another click of the trackball it will begin:

This will take a little bit of time - eventually the phone will tell you that the backup is successful. You can back up in the menu at that time by using the Vol-down button.


All of the menu items in Amon_RA's recovery (except the "Reboot system now" item) require a confirmation click with the trackball. This means you can go exploring in those menus without much risk of doing anything bad. Once you have made a good backup, feel free to click on the various menus to see what options are available; if you get to a spot where it asks you to "confirm" with a trackball press, just back out of it by using the Vol-down button.

Good Luck

eu1

Will it restore everything?? like contacts, apps , and settings?? If I flash a new ROM, play w it, and dont like it, will this restore Evil Eris??? Along with everything I asked before?? Im such a noob...lol

 

[andrizoid]

Will it restore everything?? like contacts, apps , and settings?? If I flash a new ROM, play w it, and dont like it, will this restore Evil Eris??? Along with everything I asked before?? Im such a noob...lol

yes. it even restores your texts

 

[pacedrum69]

yes. it even restores your texts

i just tried to flash Aloysius snow...and it aborted...anyone have a good file for that ROM that can be downloaded to Eris??

 

[erisuser1]

i just tried to flash Aloysius snow...and it aborted...anyone have a good file for that ROM that can be downloaded to Eris??

Check the md5sum signature of the file against what the dev publishes - twice.

Do it first when you finish downloading the file to your PC from the Internet, and then after you have transferred it to the SD card on your phone. You can also look at the complete file size (in bytes) to see if the file is the right size.

Then, go and find out what "Safely eject hardware" does on a PC, and how you are supposed to be doing that. My guess is that you are corrupting the file being transferred to the SD card because you are disconnecting (or rebooting) your phone improperly before the (large) ROM files have been completely written to the SD card from the PC.


If a dev doesn't publish MD5 signatures, you shouldn't be using ROMs from that dev; it's a sign of sloppiness.


eu1

 

[Busphan]

erisuser1, where exactly can I find the MD5 signatures for the ROMs? Will it be on xda ROM links?

 

[doogald]

erisuser1, where exactly can I find the MD5 signatures for the ROMs? Will it be on xda ROM links?

You can get a lot of the ROMs (plus the MD5 hashes) from grdlock's site; just explore around.

HTC Droid Eris ROM Site

 

[erisuser1]

You can get a lot of the ROMs (plus the MD5 hashes) from grdlock's site; just explore around.

HTC Droid Eris ROM Site

Usually the dev who publishes the ROM will indicate the MD5 checksum value in their announcement post, typically right next to the download link they provide. As I said, if they don't do that, they are not looking out for your best interests.

There is one other alternative that allows you you check that a dev ROM file (or update.zip-style overlay) is not truncated or corrupted: using the Java tool "jarsigner". (A lot of Windows users install Java to support the Android SDK... so they could install drivers... ugh)

jarsigner -verify romfile.zip

This does not apply to HTC "PB00IMG.ZIP" files - they are signed a different way. It does apply to anything that you might install with the Amon_RA recovery, though.

Having mentioned this alternative, I'll also note that it is always preferable to use the md5sum of the ROM file that the dev mentions, rather than this ("jarsigner -verify") method, if that is possible. The reason is that all the devs are using the same "private" key to sign their ROMs, and that "private" key is available for download by anyone from the internet - it's not really "private" any more. So, the jarsigner -verify method only verifies (for those ROMs) that the file is intact, not authenticity. Anyone can cobble together a ROM, and sign it with that key... that's why devs should publish the MD5 signatures of their ROMs.

Phew, that's probably more than you wanted to read.

eu1

 

[scary alien]

snip...

Having mentioned this alternative, I'll also note that it is always preferable to use the md5sum of the ROM file that the dev mentions, rather than this ("jarsigner -verify") method, if that is possible. The reason is that all the devs are using the same "private" key to sign their ROMs, and that "private" key is available for download by anyone from the internet - it's not really "private" any more. So, the jarsigner -verify method only verifies (for those ROMs) that the file is intact, not authenticity. Anyone can cobble together a ROM, and sign it with that key... that's why devs should publish the MD5 signatures of their ROMs.

Phew, that's probably more than you wanted to read.

eu1

erisuser1,

I came across a reference to this article today whilst espousing the benefits of using MD5 sums to verify ROMs (per your recent, well-founded research on the bogus root ROM that referenced in a no-longer-to-be-named website). Anyway, I thought you might find this interesting:

http://www.win.tue.nl/hashclash/SoftIntCodeSign/

Additionally, there is a thread over at xda discussing ROM signatures and how they might be "examined" to help-out the 2.1 leakers:

How Does HTC Sign Their Roms - xda-developers

There's been no activity on this xda thread since the end of March, but I don't think the tact discussed in the first article was mentioned (of course, I no way of knowing how hard or possible this effort might be). Anyway, given your apparent technical acumen, I thought you might at least be interested in the first article). Thanks again for all of your valuable contributions.

 

[erisuser1]

erisuser1,

I came across a reference to this article today whilst espousing the benefits of using MD5 sums to verify ROMs (per your recent, well-founded research on the bogus root ROM that referenced in a no-longer-to-be-named website). Anyway, I thought you might find this interesting:

http://www.win.tue.nl/hashclash/SoftIntCodeSign/

Interesting article. Note the author's comment:

"This implies that both colliding files have to be specially prepared by the attacker, before they are published on a download site or presented for signing by a code signing scheme. Existing files with a known hash that have not been prepared in this way are not vulnerable"

Additionally, there is a thread over at xda discussing ROM signatures and how they might be "examined" to help-out the 2.1 leakers:

How Does HTC Sign Their Roms - xda-developers

There's been no activity on this xda thread since the end of March, but I don't think the tact discussed in the first article was mentioned (of course, I no way of knowing how hard or possible this effort might be). Anyway, given your apparent technical acumen, I thought you might at least be interested in the first article). Thanks again for all of your valuable contributions.

Yah, I saw that thread before; thank goodness composerdude eventually shut his yap. Perfect example of "a little bit of knowledge can be a dangerous thing".

eu1

 

[doogald]

Now that you post that I recall hearing about MD5, but I heard about it regarding SSL certificates. Any SSL cert signed with an MD5 hash should be questioned, going forward.

Perhaps it's probably a better idea for people to use a different hashing algorithm, like SHA-1. However, there is plenty of evidence that the root ROM and its hash are safe, though I would say that, as a preventive going forward, maybe people should be checking for file size as well as the MD5.

Saying that, the SHA1 has for the Eris root image I have is f7a16781423faed1267fda7fc2b47632f36e6846

 

[scary alien]

Now that you post that I recall hearing about MD5, but I heard about it regarding SSL certificates. Any SSL cert signed with an MD5 hash should be questioned, going forward.

Perhaps it's probably a better idea for people to use a different hashing algorithm, like SHA-1. However, there is plenty of evidence that the root ROM and its hash are safe, though I would say that, as a preventive going forward, maybe people should be checking for file size as well as the MD5.

Saying that, the SHA1 has for the Eris root image I have is f7a16781423faed1267fda7fc2b47632f36e6846

What utility are you using to calculate the SHA1 sum?

 

[doogald]

What utility are you using to calculate the SHA1 sum?

On a mac, it's basically the same as calculating an md5 hash:

openssl sha1 filename

I am sure that there are Windows utilities that can do the same, but Microsoft makes one that can calculate both md5 and sha1 hashes (though it is a 2004 file, so I don't know if it would work on Vista/7):

Availability and description of the File Checksum Integrity Verifier utility

using this syntax:

fciv -sha1 filename

 

[scary alien]

On a mac, it's basically the same as calculating an md5 hash:

openssl sha1 filename

I am sure that there are Windows utilities that can do the same, but Microsoft makes one that can calculate both md5 and sha1 hashes (though it is a 2004 file, so I don't know if it would work on Vista/7):

Availability and description of the File Checksum Integrity Verifier utility

using this syntax:

fciv -sha1 filename

doogald, thank you very much! I downloaded and installed it. Here's the output running against the root ROM that I used (fingers-crossed ):

//
// File Checksum Integrity Verifier version 2.05.
//
f7a16781423faed1267fda7fc2b47632f36e6846

and here's the checksum that you reported in the post before last:

f7a16781423faed1267fda7fc2b47632f36e6846

They look the same to me (yay! ). Thanks again...I'm going to add this to my toolkit! (maybe others will too). Cheers!