Root Porting ClockWorkMod to the Kyocera Rise

[dibblebill]

So I was working with my rise seeing if for when we got cwm working, I could make a cm rom. I tried to see if I could switch out files from my phone with cm9 files. Tried switching out frameworkres.apk and while doing that root explorer crashed. Now, I'm not sure if I have access with adb. I made a backup of the file. Is their any way I can get it back on. I am advanced with adb, but don't really know how to use fastboot. I can't get past my bootanimation. Please help. Anything is greatly appreciated. Thank uyou

Only thing to do if it's bootlooped is pretty much get a new one.

 

[mel4787]

I heard you can put a second bootloader on top of this one if so then can we build a scripter file to bypass the original loader and have it go to the secondary bootloader and make it the primary bootloader and delete the Kyocera bootloader

 

[TechDad378]

Reading through this topic seems to me some things are repeated and some things are missing. I will try to clear everything up to avoid any confusion and possibly help someone...

In the case of Kyocera and VM providing a key...
Kyocera has a small portion of mobile phones. They rely on companies like VM to sell their products. After speaking to both of them I was able to determine the key will not be given out by either company.

Kyocera makes their devices with specific coding for Cell Providers. The code allows a mobile device sold by one company to remain on that companies network. VM believes if they provide us the code to access the bootloader some people will take the phone to another mobile provider. For that reason VM will not allow this to be done.

Kyocera cannot provide this info because the key is stored on the cell providers servers (VM). The key identifies what phone belongs to their network.

Now Kyocera did provide the source code to the Rise which means with the right mods to the Rise they will possibly provide coding on how to access the key. This is no guarantee though.

While trying to reverse engineer the source code, their is a section describing the key process. It states whenever the key is erased the source code reboots the phone into the default state before any changes.

In other words when you apply any change and the phone resets automatically to the logo and starts up again, you have altered the key, hence triggers a panic mode in the device.

On the other hand when you apply change and the phone reboots into a bootloop or blackscreen, you have altered the key to the point the phone cannot automatically repair it with a restart. And causes the infamous "brick".

While searching through the source code I came to an assumption. It seems the key is stored in the kernel and the memory. Through out the boot process and regular use of the phone, the key is checked between the two locations. If one location does not match the other the phone will reboot.

The reason Xposed-Mods works for this phone is because the changes are stored in the memory block and never alter the key. But if you clear your cache with something like Titanium Back-up you will notice the Xposed Mods disappear and you will have to add the changes again. This verifies the changes do not alter the key at all.

The xposed mods make similar changes to custom roms people built, so far now this is the best option.

If someone can come up with a rom which uses the memory block it may work to a certain extent.

In a nutshell unless someone cracks the key there is not much you can do.

Many methods out there for cracking keys wont work. But since the phone is a decent cheap phone many people don't get it unless they want to start programming phones or they are on a budget. Everyone shoots for the Galaxies which is why there are some many mods for those.

In a business aspect why make changes to a phone that not many people use? It becomes a waste of time to most programmers but not to most beginners or those who like challenges. It seems like a lost cause at times but good to know that some people continue the journey.

Just wanted to give some insight on this issue so everyone can focus in the right direction.

TD378

 

[mel4787]

One problem these are CDMA phones and not gem phones. You would have to use something like CDMA workshop to change something like that. Its theoretically impossible to do that I've checked thoroughly and you can't. Also the boot loader just unlocks the security to load custom things. It can't be unlocked to change services it just isn't possible withoutsomething like CDMA workshop. That's a no go. Many developers know that and only build specifically for that phone. In order for that is to have a gsm phone with a sim card. That is impossible with a CDMA phone.

 

[kman9637]

well, i dont know about you guys, but i've given up. i got a nexus 5 so I can do whatever I like i still have the rise,so if there's something you'd like to try that's a little tricky, just send me a message.
EDIT: risky not tricky

 

[mel4787]

I have an idea. It may be a long shot but since we have nothing else, is there a way to load cwm within a memory block. Since memory is the only option we have that's the best option we know. And also it may be possible to set permissions with the recovery since it could be that that's hindering us. This may be an option but its a long shot for it to work

 

[db2]

If there is no hardware security/lock, in theory getting CWM to load would let a new bootloader and rom get flashed at once. I think.

I also think the Rise is not worth the effort though.

 

[ronii]

Again the elite is almost the exact same thing I onlymuse the rise for the keyboard

 

[cooldudezach]

If there is no hardware security/lock, in theory getting CWM to load would let a new bootloader and rom get flashed at once. I think.

I also think the Rise is not worth the effort though.

The bootloader could also probably be flashed via dd, unless it's protected?

 

[dibblebill]

The bootloader could also probably be flashed via dd, unless it's protected?

Possibly

 

[mel4787]

The bootloader could also probably be flashed via dd, unless it's protected?

Well only one way to find out. Flash a bootloader to the rise but it needs to be compatable with these devices or brick central. Its time to compile a bootloader of our own that this device can still read. ik there's a way. There was another phone that you had to flash a bootloader with and it was unlocked. Hopefully with a properly compiled bootloader this can work

 

[Chris_]

Hey what if used "clean master" an app that will let you uninstall preinstalled apps as long as you have root to uninstall Android system that way it could only load into the boatloader. Sorry if this is a waste but I am a noon but tell me what you think.

 

[EarlyMon]

Hey what if used "clean master" an app that will let you uninstall preinstalled apps as long as you have root to uninstall Android system that way it could only load into the boatloader. Sorry if this is a waste but I am a noon but tell me what you think.

Welcome to the forums!

Best idea is to sort of think of the bootloader like you would the BIOS on a PC.

It's not a BIOS, but it has a similar relationship.

If you remove the the entire Android system, that would be like removing Windows on your PC.

Just as the BIOS would remain, unaffected, so would your bootloader.

It's not something that you can get to at the app or system level.

That's not going to work. Sorry.

As for a custom recovery, like CWM, that's another story, but still doesn't require removing Android.

 

[mel4787]

Hmm since no one has any other options the only way is to compile a brand new bootloader for this phone. Its the only other option we have for it to be unlocked. The recovery isn't the problem like others said. Its the bootloaders security that prevents that. So if we compile a bootloader this may solve a problem for us. Only question is how to compile a bootloader for this phone

 

[db2]

It was determined, I think, that the security existed in both the bootloader and the ROM, and either can ruin your day with a bootloop. They both check up on you.

 

[mel4787]

Well that actually helped out a lot. Since the bootloader and the rom both have the security that means we have to build a rom completely from scratch without the security in it. Same goes for the bootloader. Since kyocera don't want to help this is one way of going at it. The security in the rom and the bootloader is the problem but who says if we flash a rom and a new bootloader to access the full phone. What would happen if we built a rom and bootloader from scratch and flash it? What would happen? A bootloop or the phone booting fully? I wonder.

 

[EarlyMon]

How are you planning on flashing a new bootloader? I rather think that is protected as well.

 

[dibblebill]

Well that actually helped out a lot. Since the bootloader and the rom both have the security that means we have to build a rom completely from scratch without the security in it. Same goes for the bootloader. Since kyocera don't want to help this is one way of going at it. The security in the rom and the bootloader is the problem but who says if we flash a rom and a new bootloader to access the full phone. What would happen if we built a rom and bootloader from scratch and flash it? What would happen? A bootloop or the phone booting fully? I wonder.

Feel free to download the Android source code and begin making it, then. I see you suggesting that "we" build an Android distribution for this device frequently, maybe if you get it started and throw up a Github people will contribute.

 

[mel4787]

I wasnt going for android distribution. I was merely seeing what can be done to this phone for cwm to be flashed on these phones. Scratch the other methods of this how does the phone check for the integrity of the phone? And what processes does the phone go through to check the stability of the phone?

 

[mel4787]

I figured out why cwm isn't booting on our devices. It seems like the file is under the protection of the system. I used root browser to see why it wasn't booting. Come to find out it was still under system while the other files were under root. Some of the bloocks in there are under system as well. Until we.can get root access to the recovery file we won't be able to flash cwm to these phones. We have to find a way to root the files that aren't rooted. Until that happens no cwm to these phones. Cwm was perfectly built and all but even a properly built cwm won't be flashable until the file block is root. Blocks 15 16 17 18 are not root. Until we can ger certain files root cwm is a no go

 

[ronii]

We dont have a properly fuctioning root there are lots of broken fuctions

 

[mel4787]

Trust me I know. But why is the root broken? Isn't there a way to get a properly functioning root on this device? Since the blocks aren't root accessable what else can we use? I think the bootloader is unlocked but the security within the phone prevents.us from using cwm. What other exploit is there to get those blocks root accessable?

 

[ronii]

I gave up on the vm kyocera phones the optimus elite is just as good and its got a pretty swinging dev community btw im on rhe f3 nd i love it except for the lack of development

 

[mel4787]

ik. i switched to the zte and samsung line. and they have cwm on them im happy with them completely.
plus i did some things with the vm phones myself its true we cant flash much to them but hey we know what can be done and what cant. also how does the phones gain root to those blocks i mentioned from other android 4.0 phones that deal with the block system

 

[cooldudezach]

I will state this again as I've stated before. The reason that CWM will not boot is because the bootloader is locked down. It is not as simple as replacing it. That would take months if not years of work to get a working bootloader replacement. Trust me on this, I know what I'm talking about. I have actually gone through the bootloader code, and it's not fun.

Remember, the Sprint and Public Mobile Rise had a loophole in the bootloader that allowed the images to be booted temporarily. If it was as simple as just 'gaining ownership' that would be great. However, if you actually took the time to back up what you are saying, you'd see how wrong you are.

If you want to test out that the cwm images are actually being written properly, all you need to do is use md5sum. Follow the instructions to flash the cwm image using dd, and then use md5sum on the partition and the original file, and you will see that they are the same. If you use md5sum on the partition before you write it, they will be different. This will be persistent across reboots. Also, if you were to do this, and not put your stock recovery image back, you would no longer have access to recovery since the bootloader is preventing the cwm from booting because it fails the security check.

On the issue of not having full root, what are you not able to do? I know for a fact that I was able to everything I ever wanted. Of course, I actually spent quite a bit of time finding the Superuser.apk and su binary that worked best for the phone