Over in this topic we figured out that SBF Codec (the tool most folks use to try to make their own bootloader image SBF files) doesn't create the file correctly when it only has a single code group in it. This topic is going to be sort of a walk through of hacking that bad output to figure out how to make it good. As far as hacking endeavors go, we've got a lot of advantages. We have an SBF that works (the one I made -- monster-mc1rebuild.sbf) and one that doesn't work (the one that SBF Codec made -- monster.sbf). Both files are attached as zips. We also have the very helpful error log from RSD Lite when it tried to flash the bad SBF file: Code: 02:14:09, September 08, 2010 Line: 587 ERROR: Flash failure: Interface AP-OS: Error verifying Code Group 42 checksums. File: 0x7C87, Phone: 0x18BB (Error Code: 31), Detailed Error Details: Direction of the Error=No Direction, Command Value=4000000, Code Group Number=42 The log tells us what the SBF said the checksum would be and what it actually found the checksum to be when it looked at what got written to the phone. This is important information. Since we can't change how SBF Codec works, we are going to work through figuring out what's different, and coming up with a repeatable process to fix SBF Codec's output. Note: This is a hacking tutorial in progress. If you already know how to do this, please don't pop in here, post spoilers and ruin the fun for those who are working through this sort of thing for the first time. In the next post I'm going to cover the first step and we'll see where we go from there. Critical Note: DO NOT ATTEMPT TO FLASH THE SBF INSIDE MONSTER.ZIP TO YOUR PHONE. I NAMED IT ENDING IN ".BAD" TO FURTHER DISCOURAGE IT, BUT IF YOU DO FLASH IT IN, YOU WON'T LIKE THE RESULT.