Has anyone tried to downgrade the BL4.6 or BL3.9 to a lower bootloader version, e.g. BL3.8 that is in the 1.0 ramdisk (BOOT03.08_M3S1.fls)?

If not, this would be an interesting thing to try:

1. Downgrade your BL (4.6 or 3.9) to BL3.8 with geohot's hardware method. The new nor file that you need for this can be extracted from the BOOT03.08_M3S1.fls file in the 1.0 ramdisk. It covers 0x10BA4 - 0x264B0 in that file. Since geohots file needs to be 0x20000 bytes long, pad the end of your file with 0x00s.

2. Follow geohots H/W BL downgrade instructions with this nor file for BL3.8

3. Check your BL version with bbupdater. It should say BL3.8

4. Now try to see if you can upgrade your BL3.8 back to BL3.9 by executing bbupdater -l BOOT03.09_M3S2.fls (fully software, no hardware upgrade needed here)

If this works it would be interesting to see how the software bootloader upgrade with the bbupdater -l command works exactly.

If this can be hacked (by hacking either the bbupdater file or the BL.fls file) to work on BL4.6 by spoofing it to think it is upgrading to lets say BL4.7 (while in actuality this would be the BL3.9 fls file), then we would have a software BL downgrade.

Maybe anyone has looked into how bbupdater works for BL updates....

Unfortunately I don't have spare phone to experiment with so maybe someone can run the above test.

PmgR

at 1st glance at the title i thoug i was in for some noob saying, why not try this.... and just be a waste of my time, sounds to me you know what your talking aboout... good idea from my point. lets keep this updated?

i'll try to spoof and sniff as soon as i get home around 8 hours
could be even nicer to find a way to "kill" the stupid lock! must be one
you could be up to something unless someone already tried that
someone said genius?