This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/baseband-devel@lists.osmocom.org/.
Michael Spacefalcon msokolov at ivan.Harhan.ORGRusty Dekema <rdekema at gmail.com> wrote: > Although I would still like to eventually get a C139 working (mainly > for its 850 MHz support), Given your interest in the 850 MHz band, I gather that you must be somewhere in North America. Anywhere near Southern California perchance? > I obtained a C118 yesterday and it works > with osmocom-bb like a charm, right out of the box. (It also has at > least some support for the PCS1900 band, which was a pleasant > surprise.) Is it "official" PCS1900 support, or are you seeing some of the received RF energy in the PCS band (in a very strong signal area, presumably) seep through the imperfect 1800 MHz SAW filter with the antenna switch set to DCS? > Now, back to the C139. If anyone has any further suggestions, please > let me know. If all else fails, I reason that one should be able to disassemble the phone, desolder the flash chip, reprogram it with a known good boot- loader using a standalone device programmer, then solder it back onto the board. But I'm guessing that flash chip is probably a micro-BGA (IIRC it's a flash+pSRAM MCP), so it wouldn't be a home soldering job, but rather something to be sent to a professional lab. If you fancy going down that road, I would suggest talking to Technotronix in Anaheim, California - ask for Gopal, and tell him you were referred by Michael S. from Harhan. > The phone never sends a PROMPT1 for reasons discovered later and > described above. Yup, a definite indicator that the bootloader our tools need to talk to has been removed in the firmware version in your phone, just like in Tracfone's version. > Yes, it's definitely 1.9.24 both on the sticker and the #02# screen. Thanks for the info about the #02# screen, I didn't know about that one before. > When I run the mot931c program, follow the directions, and click > Unlock, I get the output: "Error 2" followed by "Phone not found". Of > note, if I unplug the phone from the computer and do the same, I get > only the "Phone not found" message. Then again, the title of the > mot931c application is "Tracfone mobile unlock 1.0 by Lawer," After I made my previous post, I did run that mot931c program under wine with the Tracfone connected, and it did reflash that phone with a bootloader that is compatible with osmocom-bb/DMTool/fc-loadtool etc. Unfortunately I failed to capture the bytes exchanged between the Weendoze program and the phone - trying to run wine under strace was a little too much for me. So now I need to get another Tracfone C139 from ebay, and be more careful this time.. I'm thinking about hacking the Linux kernel driver for the USB-serial chip in my cable (the PL-something) and making it log the Rx/Tx activity into a RAM buffer which I would then read out - an incredibly ugly hack, but one that would be more within the range of my skills, as compared to instrumenting wine... > and mine is not a Tracfone. Would you mind telling us which branding it is? It seems that Cingular units have bootloaders that work out of box, for Tracfones there is another method that has been proven to work, so what other brandings are out there? > > It should be noted that the new bootloader is very limited (no charging, no > > loading of the regular phone os). It appears that what this tool does (at least on Tracfones with V8.8.17 firmware) is it erases and rewrites the first 64 KiB sector of the flash. The new bits written into this sector appear to be contained as a 65536-byte payload within the mot931c.exe binary; and it looks like whoever wrote this tool replaced the first 8192 bytes with a "good" C139/140 bootloader, while leaving the remaining 56 KiB unchanged from V8.8.17 firmware. So the phone ought to retain its firmware unchanged, but gain the ability to break into the bootloader like we are used to doing. But apparently the firmware checksums itself, as doing a normal boot (w/o serial download) results in a message on the LCD (with the backlight off, so hard to read) about the firmware being corrupted or something to that effect. > The DLTool/"DM Tool" software in this package does not seem to be able > to "see" or communicate with the phone. Which is not surprising at all, as this tool (appears to be Compal's official flasher) connects to the phone in the same manner as osmocon -m c140xor, so one doesn't work, neither will the other. > Perhaps this is not surprising, since the > mot931c tool was not able to "unlock" whatever it was supposed to > unlock on this phone. See above - that mot931c tool doesn't really "unlock" anything, it simply rewrites sector 0 of the flash with a "good" bootloader. VLR, SF