Lately I have read many posts with wrong assumptions about S-OFF. I am writing this post in General to clear up to many of you what S-OFF is and isn't.
To start off, S-OFF has nothing to do with your phone being rooted. I've seen people post that S-OFF means a "full" root, or "permanent" root. Those terms aren't even correct, root is just another user on the linux system, and you either have access to it or you don't. Rooting your phone and what that entails is out of the scope of this writeup.
When your device is shipped, your bootloader will show the flag S-ON. This stands for Security-On. What this security does is protect the NAND partitions (ie: the boot partition, the recovery partition, the radio, the system partition...) from being permanently modified at all. Basically, all changes made to these partitions while the phone is running is not permanent, and will be reset upon a reboot. Also, while your phone is S-ON, all firmware zips (ie: PJ75IMG.zip) must be digitally signed by HTC in order to be flashed through the bootloader.
When your device is set to S-OFF, the security is turned off. This allows you to modify any partition on the device, and changes will not be reset upon a reboot. Also, the signature checking of the firmware zips (ie: PJ75IMG.zip) is disabled, allowing users to flash unsigned firmware zips containing the separate images of the partitions. S-OFF gives the user great power over the device, but also comes with much responsibility to be careful.
I have seen many posts stating the term "S-OFF root". As I stated earlier, S-OFF and root are completely different things. When you have S-OFF in the bootloader, you then can flash a package containing Superuser.apk and the su binary, which in turn will give you root in the file system when the device is booted. Again, S-OFF does not mean you have root. You can have S-OFF set (if there was an S-OFF exploit released) on the stock phone running the stock unchanged ROM, and not have root in the file system because you haven't pushed/flashed the Superuser.apk and su binaries on your phone yet.
I have also seen many posts about people not "trusting" the bootloader unlock at HTCdev. Yes, we all know that it does not set the bootloader to S-OFF, but it does unlock the partitions that are needed to flash a custom recovery, and through that flash a custom ROM. This is probably the most trustworthy way to "unlock" the bootloader. Any S-OFF method released here in the future will most likely be a hack to make it work. Imagine if HTC gave out the radio S-OFF unlock. That would mean ANYONE (specifically people who are very flash happy) could find a random radio firmware zip which.. oops.. isn't for the correct device, flash it through the S-OFF bootloader, and brick their device. Releasing the limited unlocking was very smart by HTC, and will definitely save many phones from ending up in the graveyard.
Now I am not saying I do not want S-OFF haha. As a developer, S-OFF is well needed and is extremely useful. It's definitely being worked on. But for the average flasher, (of ROMs, not human parts
) radio S-OFF is not needed.
Hope this clears up confusion about what S-ON and S-OFF is. I will add to this as I feel necessary, and to clear up some of my sentences (Sometimes I start typing before I finish thinking of what I'm going to type).
To start off, S-OFF has nothing to do with your phone being rooted. I've seen people post that S-OFF means a "full" root, or "permanent" root. Those terms aren't even correct, root is just another user on the linux system, and you either have access to it or you don't. Rooting your phone and what that entails is out of the scope of this writeup.
When your device is shipped, your bootloader will show the flag S-ON. This stands for Security-On. What this security does is protect the NAND partitions (ie: the boot partition, the recovery partition, the radio, the system partition...) from being permanently modified at all. Basically, all changes made to these partitions while the phone is running is not permanent, and will be reset upon a reboot. Also, while your phone is S-ON, all firmware zips (ie: PJ75IMG.zip) must be digitally signed by HTC in order to be flashed through the bootloader.
When your device is set to S-OFF, the security is turned off. This allows you to modify any partition on the device, and changes will not be reset upon a reboot. Also, the signature checking of the firmware zips (ie: PJ75IMG.zip) is disabled, allowing users to flash unsigned firmware zips containing the separate images of the partitions. S-OFF gives the user great power over the device, but also comes with much responsibility to be careful.
I have seen many posts stating the term "S-OFF root". As I stated earlier, S-OFF and root are completely different things. When you have S-OFF in the bootloader, you then can flash a package containing Superuser.apk and the su binary, which in turn will give you root in the file system when the device is booted. Again, S-OFF does not mean you have root. You can have S-OFF set (if there was an S-OFF exploit released) on the stock phone running the stock unchanged ROM, and not have root in the file system because you haven't pushed/flashed the Superuser.apk and su binaries on your phone yet.
I have also seen many posts about people not "trusting" the bootloader unlock at HTCdev. Yes, we all know that it does not set the bootloader to S-OFF, but it does unlock the partitions that are needed to flash a custom recovery, and through that flash a custom ROM. This is probably the most trustworthy way to "unlock" the bootloader. Any S-OFF method released here in the future will most likely be a hack to make it work. Imagine if HTC gave out the radio S-OFF unlock. That would mean ANYONE (specifically people who are very flash happy) could find a random radio firmware zip which.. oops.. isn't for the correct device, flash it through the S-OFF bootloader, and brick their device. Releasing the limited unlocking was very smart by HTC, and will definitely save many phones from ending up in the graveyard.
Now I am not saying I do not want S-OFF haha. As a developer, S-OFF is well needed and is extremely useful. It's definitely being worked on. But for the average flasher, (of ROMs, not human parts
) radio S-OFF is not needed.Hope this clears up confusion about what S-ON and S-OFF is. I will add to this as I feel necessary, and to clear up some of my sentences (Sometimes I start typing before I finish thinking of what I'm going to type).
Last edited:
