Saturday, October 11, 2014

Firmware hunting

The first thing that I need to do is to figure out what wireless chip that it is using. Just like there are many flavors of RK3188 devices, there are also many different components used within the same model. This can actually get quite annoying. 

One way to find out what firmware it is using is crack open the case. Which is actually quite easy. 



Unfortunately, someone painted the wireless chip over. There does not appear to be a way to tell what chip it is using. The soldering is also kind of messy. I don't understand the Android stick economy very well, I suspect the one I got is a counterfeit or using some counterfeit component. I get what I paid for.

There is a whole community dedicated to these Android sticks. Naturally, I turn to the community for help. But I didn't really get any useful response. However, there is a wealth of information in the archive.

Without figuring out what wireless chip it use, I decided to try flashing some custom firmwares. But first, I need to learn how to make a backup.

The backup instruction is actually simple. The trick is really getting the tool to recognize the stick. 2 things are needed. The first is to make the stick recognized as an USB device. This is done by pushing the reset/back button using a paper clip while connecting the micro USB cable and remain for 3 sec or so. The next thing is to install the right driver. This is actually quite simple as the driver is already included with the tool.

(Later, I felt lucky that I didn't bought a different type of MK809III / CX919 which has trouble connecting to PC)

Backup was quite simple. It is basically dumping the flash into images. After backing up, I tried burning custom firmwares. 

I tried a couple of firmwares for 2 popular chipsets. AP6210 and MTK. Both boots up fine but no Wi-Fi. This indicates mine is not using either chipsets. After trying the AP6210 firmware, I restore back to my stock firmware to confirm both Wi-Fi and BT works. Then I flashed the MTK version and flash back my stock firmware. This is the time I realized the stick won't boot!

Since I definitely had restored successfully, I was wondering why. I flash back the AP6210 and it boots up. I believe the reason I had trouble was because of the bootloader. The MTK firmware I tried is Android 4.2 whereas my stock and AP6210 firmware are both 4.4. Fortunately, the custom firmwares come bundled with bootloader so all I have to do is to flash another 4.4 bootloader and I am back to where I started.

Still not able to figure out what my chip is, I decided to poke around. It seems that in order to find out the chip. I need to identify the driver. And in order to identify the driver, I need to run dmesg and in order to run dmesg, I need to have root privilege.

I don't know much about rooting. I poked around and found 2 tools. One is called VROOT and the other is called KingoRoot. I decided to try the KingoRoot. Both of these tools appear to be identifying the device and download its custom rooting instruction from their server. Their blackbox operation makes me uncomfortable. So the activity are all done inside a disposable virtual machine. 

But then I had a lot of trouble letting the tool recognize my stick. While the flash tool had no trouble identifying my stick. KingoRoot refuses to proceed. After some more poking, it seems I really need to connect when the stick is up and running. And I must install the complete USB driver from RockChip. 

After installing the right driver (ADB?), KingRoot proceed without issue. And the stick indeed boots up rooted.

Using dmesg, I identified my wireless chip as Realtek 8723bs. Turns out it is also quite common. However, there does not appear to be a custom 4.4 firmware for it.

(I found out later that had I know what wireless chip it uses, I don't really need to root it as I will use custom firmware eventually)


No comments:

Post a Comment