Hi there - I just bought myself a motorola defy , and though I'm still convinced that it was a good decision (Even after reading about all the problems with motorola-android support and getting custom roms running)
As far as I have understood - it is not possible to load kernels on to motorola smartphones (save the Droid) which haven't been signed by motorola due to the special bootloader, that is only capable of loading signed kernels.
I was only able to find some information on pc bootloaders in wikipedia
(http)://en.wikipedia.org/wiki/Booting#Boot_loader.
The bootloader is a software component it self that resides in the first sector of the flash memory.
My Question:
If the bootloader is on flash memory just as the actual kernel that is to be loaded - why isn't it possible to overwrite the motorola bootloader with an open-source variant?
Obviously it is not possible, or it would have been done already right?
Thanks in advance.
Regi.
Hello,
I have this old motorola razr xt910 that still works just fine. LineageOS now has a rom for it so of cause I want to see if it's better then the older cyanogenmod. But back in the days of the razr, we ran safestrap because the bootloader was locked and motorola didn't release an unlock for my region or not at all. Lineage wiki page states to unlock the razr by official means or a third party. This got my thinking, if the bootloader is encrypted with an unknown key, how can third party software unlock it? There is no way I believe a simple local laptop can brute force it, so what else can such software do? So from a PC point of view, I would simply delete the partition and make a new. Now I know very little about android, so this might be blatantly obvious to others but why not just delete the bootloader partition and flash the one we want?
Thanks
No one has any answers or comments?
That sounds kind of simalar to the question I was asking basiccly there are locks in place that will brick a device if you replace bootloader files because of crc checks elsewhere.
Hi guys,
Newbie here. I've never tinkered with any of my old Nexus phones, but just recently upgraded to the Pixel 2 on Verizon.
According to this thread, I should be able to unlock the bootloader since my build number is OPM1.171019.011 (Android version 8.1.0, December 5th 2017) correct?
I don't know if I want/need to root since I've always been content with stock android. However...
1. Should I unlock the bootloader now, just in case I change my mind in the future?
2. Once I run the first update, I lose the ability to unlock the Verizon bootloader forever right?
3. Can I freely lock and unlock the Verizon bootloader any time afterwards?
4. Will I only receive OTA updates automatically when the bootloader is locked?
Thanks!
SEE BELOW
rickyoo said:
Hi guys,
Newbie here. I've never tinkered with any of my old Nexus phones, but just recently upgraded to the Pixel 2 on Verizon.
According to this thread, I should be able to unlock the bootloader since my build number is OPM1.171019.011 (Android version 8.1.0, December 5th 2017) correct?
I don't know if I want/need to root since I've always been content with stock android. However...
1. Should I unlock the bootloader now, just in case I change my mind in the future? It's entirely up to you, but I would. This would allow you to have the super user flexibility later, even if you decide not to root right now. Also allows you the peace of mind for you to apply the latest android updates, as you will not be able to unlock the bootloader with the patched updates.
2. Once I run the first update, I lose the ability to unlock the Verizon bootloader forever right? YES! NO SOUP FOR YOU!
3. Can I freely lock and unlock the Verizon bootloader any time afterwards? You may lock it again, but beware of the caveats. You will want to be entirely on stock with no modifications. If you have made modifications, and without any way to unlcock the bootloader again, you could end up bricking your device (bootlooping)
You will not be able to unlock the device...see above. NO SOUP FOR YOU!
So just because you can unlock it, doesn't mean that you will forever have the ability to go back and forth. Once it's patched, you lose.... This doesn't apply to the Google versions...just big red
4. Will I only receive OTA updates automatically when the bootloader is locked? technically speacking Bootloader will not effect the ability for updates to be installed. However ROOT'ing your device after your bootloader is unlocked will. So... Here is the link for how to apply updates with and unlocked bootloader https://forum.xda-developers.com/pixel-2/how-to/guide-updating-pixel-2-to-factory-image-t3761154
Thanks!
Click to expand...
Click to collapse
Does this mean that my Verizon Pixel 2, on the current public release of Android 9, cannot enable the "OEM Unlocking" setting in the Developer settings? and therefore I cannot unlock my bootloader?
wo0ts said:
Does this mean that my Verizon Pixel 2, on the current public release of Android 9, cannot enable the "OEM Unlocking" setting in the Developer settings? and therefore I cannot unlock my bootloader?
Click to expand...
Click to collapse
Uhhhh.... correct. See the OP. The command was patched
I believe this article outlines how to unlock after patch
https://alephsecurity.com/2018/01/22/qualcomm-edl-2/
This article outlines how to read all partitions as well as change the dev info partitions. Can someone make a guide to help me use this to allow for oem unlocking?
alecthenice said:
https://alephsecurity.com/2018/01/22/qualcomm-edl-2/
This article outlines how to read all partitions as well as change the dev info partitions. Can someone make a guide to help me use this to allow for oem unlocking?
Click to expand...
Click to collapse
Sure...
1. Build a programmer
2. Develop an exploit to take advantage of a CVE
3. Develop the necessary encrypted signature key to write to the partition
4. Document everything rinse and repeat
In other words there simply no guides out there
BestBuy is selling *NEW* (Verizon) Pixel 2 XLs for $399 at the moment and i was thinking about picking 1 up until a SD855 device I like comes out.
Does the (Verizon) OG PIXEL Rule still apply to the Pixel 2 XL (VZW) that if you 1st boot the device with my TMO SIM, removing the pre-installed VZW SIM, it will register as an UNLOCKED Google Edition Version so I can Unlock the BL as I could with the OG Pixel XL?
I know this is an old thread but I see that there is a GITHUB for this firehorse project.
GitHub - alephsecurity/firehorse: Research & Exploitation framework for Qualcomm EDL Firehose programmers
Research & Exploitation framework for Qualcomm EDL Firehose programmers - GitHub - alephsecurity/firehorse: Research & Exploitation framework for Qualcomm EDL Firehose programmers
github.com
They have target payloads for similar processors, I wonder if someone better at programming would be able to get it working. Banana Hackers has a good repo of EDL files too which might be used as a cross reference perhaps? https://edl.bananahackers.net/
Cprager said:
I know this is an old thread but I see that there is a GITHUB for this firehorse project.
GitHub - alephsecurity/firehorse: Research & Exploitation framework for Qualcomm EDL Firehose programmers
Research & Exploitation framework for Qualcomm EDL Firehose programmers - GitHub - alephsecurity/firehorse: Research & Exploitation framework for Qualcomm EDL Firehose programmers
github.com
They have target payloads for similar processors, I wonder if someone better at programming would be able to get it working. Banana Hackers has a good repo of EDL files too which might be used as a cross reference perhaps? https://edl.bananahackers.net/
Click to expand...
Click to collapse
It's entirely possible. QPST is generally used to flash binary images to the NAND devices, and this functions at the hardware level, so it's entirely possible this could flash an unlocked bootloader.
Upto this point, what I understand is that the OEMs hold keys that they use to sign the binaries as trusted such that only what they sign will be accepted and rest others will be rejected. Well, some devices I see can simply unlock using fastboot flashing unlock command when OEM Unlocking option is turned on in developers mode, however, some devices such as the ones from Xiaomi require their own special software to unlock the bootloader which they say is to prevent attackers from stealing the phone data. Well, one can easily flash firmware from Xiaomi without unlocking the bootloader. How do they do that? Does their proprietay software use some kind of keys that sign the firmware files? If so, do you know if it would be possible to replace the keys they use to sign.
Android's user data at any time can get stolen by hackers: here it doesn't matter whether device's bootloader is locked or unlocked.
Most of the Android devices comes to the market with a locked bootloader. Locking the bootloader is actually a kind of encryption of the Android system files. OEMs / carriers do so to keep the OS unaltered by the users. And this for good reasons, IMO. One have to respect
that their devices will be restricted to running software ROMs provided only by them.
To re-flash a phone's Stock ROM phone's bootloader must not be unlocked, because the OS is the original one , means not altered in any way by user.
I am NOT referring to devices that just have unlocked bootloaders. I am talking about smartphones that do not verify the first stage bootloader, so the bootloader, in theory, could be customized.
Chinese smartphones feel like they would be more like to have this, the OnePlus 2 (and the previous generation, I think) being one such example (it's called a vulnerability, but I think it was a design decision by Oppo), and I suspect that is wear I should be looking for such a phone. Does anyone know of any such phone that is less than 5 years old?
AFAIK since Android 4.x dm-verity / AVB is a feature of any phone's Linux kernel what gets launched by the phone's 1st-stage bootloader.
xXx yYy said:
AFAIK since Android 4.x dm-verity / AVB is a feature of any phone's Linux kernel what gets launched by the phone's 1st-stage bootloader.
Click to expand...
Click to collapse
AVB is not a feature of the Linux kernel.
I am aware of the AVB requirement, but there are bound to be phones out there which don't have it.