difference between SIM unlock and rooting phone

[from] http://android.stackexchange.com/questions/40092/why-cant-all-rooted-phones-be-unlocked

Most phones have separate AP (application processor) and BP (baseband processor AKA modem AKA radio). "Rooting" results in gaining control over the AP. The carrier "subsidy" lock is residing in BP. Most custom ROMs just include stock (i.e. still locked) BP image as a binary BLOB. Since the BP code is proprietary and never gets released to public.

大部分手机有两个分开的处理器：AP(应用处理器)和BP（基带处理器）；rooting的结果只是获取到AP的完全控制权限，而运营商的subsidy lock（也称sim lock\network lock等）是属于BP处理器的；大部分的自定义ROM只是把BP Image部分(我想，重原版ROM中整个提取出来)以二进制文件形式（非破解的）添加，（而没有对BP Image部分进行破解）；因BP代码部分是私有的且不会公布给公众的，(不像Android内核代码和系统代码)。

[from]http://en.wikipedia.org/wiki/SIM_lock

A SIM lock, simlock, network lock or subsidy lock is a capability built into mobile phones by mobile phone manufacturers. Network providers use this capability to restrict the use of these phones to specific countries and network providers. Generally, phones can be locked to accept only SIM cards with certain International Mobile Subscriber Identities (IMSIs); IMSIs may be restricted by:

• Mobile country code (MCC; e.g., will only work with SIM issued in one country)
• Mobile network code (MNC; e.g., AT&T Mobility, T-Mobile, Vodafone, Bell Mobility etc.)
• Mobile subscriber identification number (MSIN; i.e., only one SIM can be used with the phone)

SIM lock也称network lock、subsidy lock等，是由手机制造商置入手机中的一种能力，网络提供商用它限制手机对特定的国家或网络提供商开放；一般来说，既可以锁定手机只识别特定国家的sim卡或特定运营商的sim卡(如移动、联通、电信等)，通过对其进行如下限制：

• MCC(国家码，限制手机只能识别指定国家的SIM卡)
• MNC（网络码，限制手机只能识别指定运营商的网络，即只能使用指定网络运营商的SIM卡；如只识别电信卡或网通卡）
• MSIN（手机卡的唯一识别码，限制手机只能识别指定SIM卡，很多内置SIM的合约机属于此种，它只识别内置的那个SIM卡。）

Unlocking technology

A handset can be unlocked by entering a code provided by the network operator. Alternative mechanisms include software running on the handset or a computer attached to the handset, hardware devices that connect to the handset or over-the-air by the carrier.

The unlock code is verified by the handset and is generated by the network provider, typically by an algorithm such as a one way hash or trapdoor function. The algorithms used in many handsets are based on the IMEI number and the MCC code and have been reverse-engineered, stolen or leaked. Most handsets can be unlocked using software that generates an unlock code from an IMEI number and country and operator details using the algorithm specific to the handset. Other manufacturers have taken a more cautious approach, and embed a random number in the handset's firmware that is only retained by the network on whose behalf the lock was applied. These handsets can still be unlocked, but need to be connected to special unlocking hardware that will rewrite the part of its firmware where the lock status is kept, and often even recover a phone that is bricked or completely damaged in the software sense. However, modern handsets(smartphones) can be unlocked solely by software means, with no requirement for special unlocking hardware. Certain such Android-based devices can be "soft-unlocked" by rooting and making changes to the firmware. It is a "soft-unlock" in the sense that it is removed after any upgrade or change in the firmware of the phone, or even a factory reset. The locations where the unlock code or SIM Lock status is stored differs from device to device, and is protected by software means, which could be bypassed by rooting.

手机设备的sim解锁可以通过输入sim unlock code进行解锁，可由网络运营商提供。其他的解锁机制:通过运行在手机设备(或连接到手机设备的PC)内的软件解锁,通过连接到手机(或通过OTA方式连接的)的硬件设备解锁。

解锁码由网络运营商提供、并由手机验证通过后解锁手机，其一般使用hash或trapdoor算法；其加锁算法是基于IMEI和MCC码的，且很多已经被逆向破解、窃取或泄露；故很多手机可以通过你提供的IMEI码、国家和运营商信息，并结合针对特定手机的的算法进行解锁。一些手机制造商采用特殊方式即在锁定算法中加入随机数增加复杂性，依然可以被解锁，不过需要特殊的硬件设备对其中一部分进行重写；当然，也可以不需要解锁硬件而通过软件进行解锁。......