Discovery: The first tricks were improvisational. Users discovered that putting an Honor phone into certain modes — fastboot, recovery, or Qualcomm emergency download — exposed interfaces that the stock UI had deliberately concealed. With a laptop and patience, technicians could use serial terminals, ADB commands, and specially crafted payloads to query and rewrite authentication flags. Each successful bypass taught another: which models were vulnerable, which firmware revisions closed the hole, and which combination of vendor tools could reflash the right segments. In hacker workshops and online communities, the knowledge spread like a map: annotated images of PCB test points, bootlog snippets, and carefully timestamped changelogs of patches.