Of Samsung devices and CSCs

Update: OneUI 4 and Android 12

As expected, Samsung updated the S21 (and other devices) to Android 12. Also as expected, these updates brought automatic firmware switching for the carrier models on carrier firmware. I consider this to be a partial victory, because now it no longer means that you device is soft locked to whatever carrier it was bought from.
However, I call it partial because this solution…kinda sucks, honestly. If you’re a person who switches SIM cards frequently (as I do, the S21 is kinda my “test” phone), every time the firmware switches the carrier bloatware is installed again. And I don’t just mean the carriers’ account management apps. I mean ALL the bloatware. The “games”, the value-adds, etc. It all comes along for the ride with every switch, and Verizon is one of the worst in this regard.
Sadly, for those of us who did like the old times and flashed the unlocked firmware, we’re still kinda “stuck.” But since carrier switching exists on the carrier firmware, there is fortunately an out. Kind of. When the unlocked firmware is flashed on Android 12, the CSC of the previous firmware is retained. 
So what you can do now is actually grab the same OS build on the carrier side, flash it over your current install without losing data (for those keeping along with ODIN at home, you use HOME_CSC instead of CSC_OYM when flashing, this retains data and do NOT flash the userdata partition if one exists) let the phone reboot, reconfigure itself for the proper carrier (when you stick the desired SIM in), and then reflash the unlocked OS build back onto the phone (again, HOME_CSC not CSC_OYM, or you’ll lose data) and the CSC will “stick” so long as you don’t put the original carrier’s SIM card back into the phone. 
What a mess. But it’s better than Android 11’s process was.
What kills me further is that auto firmware switching for “converted” unlocked models worked perfectly fine in OneUI betas 1 and 2, only for Samsung to take it away again in betas 3, 4, and the final release. Jerks.
That said, the original piece is below:

I never thought the ultimate obstacle to unlocking my phone would be…Samsung themselves.

I’ve had a fair number of Samsung devices over the years, starting from the original Galaxy S. For a long while it was always such that you had to be careful what device you bought because phones had it set in hardware what network bands they supported. So if you bought a Verizon Galaxy S5, it would barely work on T-Mobile, if at all.

Starting in 2014 on the iPhone side at least, the iPhones 5s and 5c were the first to be fully cross compatible with all carriers in the US. It didn’t matter if you bought it on Sprint and took it to T-Mobile, the iPhone was smart enough to know what network you were on and reconfigure itself appropriately. (Which ended 3 years later with the iPhone 7. You had the Qualcomm models that supported CDMA, and the Intel models which didn’t. The iPhone didn’t go back to being universal until the iPhone XS/XR in 2018.)

Samsung jumped on this bandwagon in an interesting way with the Galaxy S7 in 2016: All Galaxy S7 models sold in the US were the very same under the hood, and supported everything every carrier needed. The band configuration was controlled by the currently running firmware. So if you were to install the Verizon firmware onto a T-Mobile S7, the T-Mobile S7 would suddenly gain CDMA support and the LTE bands for Verizon’s network.

Of course, you couldn’t just walk into the proverbial Mordor here; you’d need a patched copy of ODIN (which is the flashing utility Samsung apparently uses) that patches out the firmware check, as stock ODIN will check to make sure you’re installing the proper carrier firmware onto the phone.

Going back to carrier firmwares, the Galaxy S7 is when Samsung decided to start selling unlocked and untouched phones direct to consumers (also via Best Buy, too) and these phones had their own firmware that was completely carrier neutral and lacked carrier bloatware and “customization”. So it was possible to install the unlocked firmware to your S7 and have a phone that for all intents and purposes came straight from Samsung. And if you had your carrier SIM-unlock your phone, it came with the advantages of being a completely universal phone, too.

Now, I’m sure Samsung saw this, and knows a good thing when it sees it, so with the Galaxy S8, automatic firmware switching was added in a later update. (I’m going to call this AFS from here on out.) 

What happens is when you have a phone you bought from T-Mobile running T-Mobile firmware and you get them to unlock the phone and you place an AT&T SIM into it, the phone will reboot, act like it’s wiping your data (it isn’t) and when it’s finished your phone will act exactly like an AT&T phone. Boot screen, carrier apps, carrier network icons, the works. This is a really good idea! And of course, you still had the unlocked firmware.

Samsung kept this up, though much to my chagrin it was always in an update released months after the fact, not ever launched with the phones. Maybe at carrier behest? 

With the history lesson done, let’s finally get into why I’m spilling pixels in this post.

Samsung Shuts The Door

Remember how we talked about the unlocked firmware and how it enabled the phone to become truly universal, allowing you to bounce between carriers with nary a bad thought? This is due to a little thing called Country Specific Codes, or CSCs. 

Your phone has one of these burned into the deep recesses of the firmware that generally can’t be changed. However, when you flashed the unlocked firmware onto a carrier device it would actually ignore the CSC the phone shipped with and allow it to autoswitch CSCs at will. (Or just use XAA, which is the universal US unbranded CSC.)

The CSC determines what network configuration the phone is going to use. Unlocked firmwares (and once the phone is supported, AFS) allow changing of this on the fly as a different SIM is inserted. This is actually what happens when the phone reboots to apply a configuration.

Up until the later firmwares of the Galaxy S10 and S20 (and the Notes) even if AFS wasn’t yet supported it was still easy to change your CSC yourself via ODIN and flashing the proper firmware, or just going unlocked and letting the firmware’s CSC take over (and handle the switching). But with Android 11, Samsung seems to have shut this down.

Now whenever you flash an unlocked firmware onto an S10/20/21 on Android 11, the phone remains locked to the CSC the phone shipped with. In this case, that means T-Mobile for my S21 even though the device is network unlocked. The firmware no longer overrides the device’s embedded CSC.

This is quite problematic as until this either gets fixed or Samsung starts supporting AFS on the S21, people with S21s cannot take their phones to other carriers, even if paid off and unlocked. Sure, it’ll “work”, but using my S21 as an example here, because it can’t load any configuration other than T-Mobile’s, AT&T 5G won’t ever work. I’m also missing band 30 for LTE, as T-Mobile’s CSC doesn’t have it enabled at all.

Exceptionally annoying. And disappointing. It’s like we’re back in the dark ages where you had to be really careful what variant of a phone you were buying because AT&T’s Galaxy phone wouldn’t work on T-Mobile.

C’mon, Samsung.