Pimping the Samsung Galaxy S I-896 (Rogers): Gaining Root Access, Updating Android, Unlocking, and Fixing the GPS. [2]

Warning: The following involves major interventions into the operating system of your computing device. If things go wrong, you may end up destroying your device, voiding your warranty, and who knows what else. If you cannot afford to destroy your device, stop now.

These notes are intended for my own use and they are not intended as a recommendation for others as to any course of action. I also make no warranties as to the effectiveness or currency of these steps. These are personal notes that worked for me when they were used on my device. I can’t guarantee them under any other circumstances and can’t help you if you end up with a different result.

Always backup before trying to hack anything.

Be especially careful with these notes: I’m mixing various sources and working from memory at times

A little while ago, I bought a Samsung Galaxy S. I’ve used smart phones for years, beginning with the old Palm Treo and more recently a Nokia E71. But there has been a revolution in smart devices in the last year or two with tablet-like cell phones and I found I wasn’t getting the kind of connectivity and interoperability I needed from the Nokia. So an Android machine it is. I’m a Rogers subscriber (though counting the days until Canada’s wireless market becomes competitive and I can leave them), so the Galaxy S looked like my best best. Because this is Canada, the Galaxy S available to me is considerably less useful or good than those available to others around the world. Although I paid full price for it to avoid extending my subscription (I am really looking forward to the day I can dump Rogers), it came locked to work solely with a Rogers SIM card. And it ran an old 1.x version of Android—probably to prevent Skype from working. And it was just generally slow and clunky. Since wireless apps is a field I’m beginning to move into, I needed to figure out a way of bringing the phone up to something close to international standards: and particularly an up-to-date operating system and faster speeds. Since Samsung in their wisdom decided that users wanting to update the Linux-based Android OS on their Galaxy should be required to use the Windows-only app Kies, this also required me to find some way of doing over the air updates—something that requires root access. The result of this work is a much better phone. My pimped Galaxy S is faster, more flexible, and able to work with any 3G SIM card—something that is going to save me roaming charges. There is a lot of material on how to make the changes I made, but it is spread around and my final technique involved using bits and pieces of various guides. Here are the steps I took. If you decide to follow my notes on this please pay attention to the warnings above: these steps may permanently disable your device and neither I nor anybody else will be able to help you. Caveat hacker. If you are interested in following this up yourself, the most useful sites I found were

Root your phone

The first step is to root your phone (unless you are Australian, in which case you should probably say something less obscene like “acquire super user permissions”). A super user is a user who has permissions to make significant changes the operation of the device (hence the warnings above), including installing programmes, altering core settings, and, if you are careless erasing everything from its hard drive. There is a lot on the web about “rooting” Android phones. But the process seems to be relatively simple now—or at least it was for me. There are two pieces of software out there that will do this for you: RyanZA’s z4mod/z4root and the SuperOneClickRoot 1.7. A brief discussion of the SuperOneClickRoot 1.7 method with appropriate links can be found on this very useful resource page. The z4mod method is discussed on this equally useful blog entry. For whatever reason, I wasn’t able to get the SuperOneClick method to work for me. The z4mod version on the other hand worked well. Note: Both these programmes work by using an exploit in the Android system. This is potentially quite scary, especially if somebody tampers with the software that does it.


  1. I backed up everything I could think of to my SD Card (everything is available in the market, and all of them work more or less the same way and automatically):
    1. APNs (intenet protocol info) using “APN Backup and Restore” (Android Market)
    2. SMS back up using “SMS Backup and Restore” (Android Market)
    3. Call Logs Backup and Restore (Android Market)
    4. general app backup using Astro (Android Market)
Acquire Root Access.
  1. Following the excellent instructions hereI rooted my phone.
    1. I signed up at XDA Developers, which is required to download the programme (note, Z4mod, like most programmes that involve rooting, are no longer available in the Android market)
    2. I went to the z4mod app page and downloaded the app.
    3. Copied the app onto my sdcard
    4. Used Astro to open it.
    5. Followed all the instructions, rebooting as required: note that z4mod takes a scary amount of time to work (3-4 minutes) and it looks like it has seized control of your phone. But in the end it seems to do the job.
    6. As mentioned above, I didn’t seem able to get the SuperOneClick1.7 method to work. I could install the software but nothing seemed to happen—it hung up at a chmod command, suggesting it wasn’t working. Although given how long z4mod took, I was maybe just too impatient.

Update Android

The next step was to update the Operating System. For this I needed ROM Manager (Available from the Market). A lot of my process here came from http://forum.xda-developers.com/wiki/index.php?title=Samsung_Galaxy_S/SGH-I896.
  1. Get the appropriate ROM file and save it to your SD card. I used a version of the official Samsung release that was ported to ClockWorkMod from here
  2. Fire-up ROM Manager, go to settings, and then select at the top of the screen “Flash ClorkworkMod Recovery.” You will be asked to identify your phone. Select “Galaxy S Captivate.” (Basic instructions on how to use ClockWorkMod are available here
  3. After you’ve Selected the “Flash ClockWorkMod Recovery” and returned to the options screen select the second option, “Reboot into Recovery”
  4. At this point the phone reboots. When it does, you will be given a series of options. Navigating with the volume buttons and selecting with the power button, scroll to the option that asks you to reboot from a selected zip file.
  5. Go to SD Card and find the .zip file you downloaded. You will be given a list of options most of which are no. Select the one that isn’t no.
  6. Your phone will reboot again. This time select the reboot option “from update.zip.” It then gives you some garbage and then reboots. It goes quickly through the Rogers screen but takes almost forever at the second Galaxy S screen. But when you are done it is a Froyo phone.

Use lagfix to eliminate the slowness

See this Doing this doubled my phone’s benchmark scores and considerably speeded up its operation.
  1. Get Quadrant Standard (a benchmarking program) from the market and run the tests.
  2. Get RyanSA’s OneClickLagFix and run the various tests and fixes.
  3. C’est tout.

Unlock the phone

For this step, I used a combination of the instructions found here, here, here, and the commands found in the scripts unlock1.bat and unlock2.bat
  1. Get and install AndroidSDK following the instructions found here. Note that these are a little old:
    1. Download the relevant archive and expand it
    2. If you run DDMS immediately, you will get an error. As the file “adb-has-moved” that comes with newer versions of AndroidSDK indicates, well, adb has moved. Follow the instructions on how to install the Android SDKPlatform-tools.
      1. (if I remember correctly, you do this by double clicking on “android” and selecting everything in the window that comes up)
    3. After it loads, setup the correct UDEV rules gksudo gedit /etc/udev/rules.d/90-android.rules and include the following line: SUBSYSTEM=="usb", ATTRS{idVendor}=="XXXX", MODE="0666" where XXXX is the hex ID for your hardware vendor. Samsung is 04e8. You can find this number by plugging your device into a USB port and running sudo lsusb: the hex number and name should be listed. You can also look here
    4. Plug in your phone but don’t set it to mass storage (or anything else). Under Froyo, I’m not sure if you need USB debugging on, though I left it on.
    5. restart the udev service gksudo service udev restart
    6. also kill and restart the adb server as sudo (if you don’t do this, you end up with garbage in both adb and ddms: sudo adb kill-server && sudo adb start-server
    7. You should now be able to see your phone if you run DDMS (a graphic interface that good for if you want to do things like capture screen shots and which as a GUI file manager) or if you run adb instructions from the command line (good for file manipulation). You can check if adb recognises your phone by running sudo adb devices. An important thing is to remember the sudo: adb won’t throw an error if you forget, but you’ll get garbage everywhere.
  2. Now you need to start working with the actual locking files. These are in /efsin your phone. The key file is going to be nv_data.bin; all the other files in that directory are built on boot. All of the following commands can be done inside a terminal on your phone or using adb commands. I’ll be mixing them up, but there’s no reason you can’t do them all on one system or the other.
    1. Start the superuser in your terminal: su.
    2. When you get the su prompt (#) navigate to the /efs directory and check that the files are there and you can see them: ls /efs.
    3. Make a backup of this entire directory on your sdcard: mkdir /sdcard/efs_backup
    4. copy the contents of /efs to this backup folder: busybox cp -d -r /efs /sdcard/efs_backup (busybox was installed with RyanZV’s lagfix tools)
  3. Now you need to convert the original nv_data.bin file
    1. From your computer:
      1. adb shell su -c "chmod 777 /efs/nv_data.bin" //change permissions so you can manipulate the file
      2. adb pull /efs/nv_data.bin // get the file to your local drive
    2. Upload the file to the unlocking site
    3. Save the file you get back to your local computer.
    4. Open an adb shell on your local computer: adb shell
    5. Remove all the nv* files in your /efs directory
      1. su
      2. rm /efs/nv*
      3. rm /efs/.nv*
    6. Exit the adb shell and “push” the new nv_data file from your local system to the phone: adb push nv_data.bin /efs
    7. Change the permissions again and reboot.
      1. adb shell
      2. su
      3. chmod 755 /efs/nv_data.bin
      4. chown radio.radio /efs/nv_data.bin
      5. reboot
    8. After reboot, check that all is o.k.:
      1. adb shell
      2. su
      3. ls -l -a /efs
      4. You should see file names similar to what you had originally
    9. Make a backup of the new /efs files
      1. adb shell
      2. su
      3. mkdir /sdcard/efs_good
      4. cp -d -r /efs /sdcard/efs_good
    10. Rebooot and recover
      1. reboot recovery

Fix the GPS

The Samsung Galaxy S has a well known problem accessing GPS satellites. This is a particular issue with the Navigation app, where the system can hang. A fix has existed for a while using LBSTEST, but for whatever reason the number required to access LBSTEST doesn’t work in Froyo. Fortunately the answer is found here and here In sum: •Step 1 — Open menu > settings > Location & Security. Uncheck the box next to “Use Wireless Networks” •Step 2 —dial the following number in your phone application: *#*#3214789650#*#* •Step 3 — In the LBSTestMode menu, press “Application Settings” and change “Operation Mode” to MS Based •Step 4 — In the LBSTestMode menu, find “SUPL/CP Settings” and change the SERVER & PORT to supl.google.com and port 7276 (DO NOT use www. in front of supl !) •Step 5 — Reboot your phone—I did this through terminal, but turning it on and off might be o.k. •Step 6 — Open menu > settings > Location & Security. Check the box next to “Use Wireless Networks” Everything should be working great now.

Get every new post delivered to your Inbox

Join other followers: