Related
T-Mobile sneaks "rootkit" into G2 phones - reinstalls locked-down OS after root
Not that there haven't been preventative measures before, but it looks like the G2 will be "unrootable" to start. Might be something to consider before jumping in with the G2. Very sad as this phone looks like a winner in all other ways.
Here is the original article on BoingBoing.
Hmmm... I'd be interested to know where the original OS ROM is stored, as that would take up a lot of space...
If it's true, then we next find how it "decides" it's rooted, and look at fooling that. If not, look at changing the image to be flashed with a custom ROM or dummy one.
Still failing that, perhaps looking into what calls this chip, and if boot process could be made to skip this.
Something seems strange about this, though I've not researched it properly yet... anyone seen it reported on other sources yet?
pulser_g2 said:
anyone seen it reported on other sources yet?
Click to expand...
Click to collapse
http://gizmodo.com/5656921/t+mobiles-g2-rootkit-will-reinstall-stock-android-after-a-jailbreak
Masterâ„¢ said:
http://gizmodo.com/5656921/t+mobiles-g2-rootkit-will-reinstall-stock-android-after-a-jailbreak
Click to expand...
Click to collapse
Thanks, that links back to XDA, so I had a quick read of the latest... I was considering buying the G2/whatever it's called, but I have now changed my mind.
Yes folks, I just made a purchasing decision based on some silly little security chip, and I encourage others to do likewise. I am sure the security will be broken on it, at which point (if it's a permanent root/custom flash) I would re-consider my position, but as it stands, I refuse to buy it.
I have no idea who decided this was needed, but I certainly will not be buying from them in future. If it's T-Mobile, I will switch network (despite the fact they're a good network in the UK), if HTC I will look to other manufacturers.
[/rant
It's not that much different to what Motorola is doing with the Droid X, Droid 2 and Milestone, where if it detects any meddling it will brick the phone.
But in the long term, it's OUR phones, we can do whatever we please. Trust me it will be bypassed, if a lock can be made by a human, it can be BROKEN by a human. Look at the Desire for example.
They should do what they did with the N1, if the user unlocks the bootloader, and meddles with it until they bugger the phone, and they try sending it back for warranty, it's the users fault.
Just_s said:
Not that there haven't been preventative measures before, but it looks like the G2 will be "unrootable" to start. Might be something to consider before jumping in with the G2. Very sad as this phone looks like a winner in all other ways.
Here is the original article on BoingBoing.
Click to expand...
Click to collapse
Explain to me how write protection == rootkit. In fact, it's quite the opposite - a rootkit (of sorts) allows us to exploit our way into a rootshell and install su to /system/bin/. This is nothing more than clever write-protection in the mmc.
And as usual, HTC is late on delivering the kernel source so we can really see what's up...
pulser_g2 said:
Yes folks, I just made a purchasing decision based on some silly little security chip, and I encourage others to do likewise. I am sure the security will be broken on it, at which point (if it's a permanent root/custom flash) I would re-consider my position, but as it stands, I refuse to buy it.
I have no idea who decided this was needed, but I certainly will not be buying from them in future. If it's T-Mobile, I will switch network (despite the fact they're a good network in the UK), if HTC I will look to other manufacturers.
[/rant
Click to expand...
Click to collapse
Why would HTC look to other carriers?
I ranted about this back in the WinMo days, but XDA is essentially picking up the slack for manufacturer/carrier actions. You said so yourself; you're not considering the G2 for a purchase anymore....until XDA or another dev forum finds a way around the security measure. And you will not buy from them...so long as HTC doesn't work with the carrier anymore, but if sales remain the same, they'll have no reason to stop.
So manufacturers/carriers don't need to change the way they implement security measures, they just need to keep making desirable phones and so long as others pick up the slack, they'll be able to capture the sales of the userbase that likes rooting their phones. This is going to continue being the case -- Android manufacturers will create phones and users will buy the phones on the promise that forums like XDA will make it better.
For real change to occur, sales have to be greatly affected.
Looks like the anti-root movement is beginning to snowball into a full fledged avalanche. I currently have a Droid X and it seems its locked bootloader has cause many devs to give up. Sure we have root and a few roms and themes to get rid of bloatware, but it isn't as great as a full unlock, not to mention lack of a true SBF for OTA 2.2 users.
HTC was going to be my next choice after I got bored with my X in about a year or so (more like 6 months). But it seems now that they've developed this tech for the G2, I'm sure all other carriers will want it on all future HTC devices. As soon a Samsung steps it up and creates their own locked bootloader, we'll all be SOL. What's left? Dell? Sony Ericsson?
Seems like all carriers will only be selling phones with locked bootloaders. I thought HTC was on our side, but the G2 is proof of the contrary. We need a manufacturer that embraces devs. With the recent bootloader unlocking failures seen with the Droid X and the difficulty seen with the Milestone, does anyone here think the development community can overcome the bootloader challenge?
HTC response to G2 complaint
emailed HTC to voice my displeasure. rather than ignoring my email, they felt compelled to reply with some low level, non-commital, and utterly moronic dribble especially in light of t-mobile already having released its lame-o statement. i also find it rather questionable that google had any part in this. too bad that HTC is following the Motorola model of duping folks into thinking they bought a device when all that money actually just buys time-limited, pre-defined functionality.
Without root Android wont be the same, looks like I'll be going back to Winders if this is the direction they are going to take it. They are taking all the fun out of it.
Have they made an official stament about not letting people install apps from the sd card? Are they so cynical to claim that they're doing this for our benefit and preventing apps from damaging our phones?
They did in their FAQ section of thier site.
Sent via psychic transmittion.
that is so you don't install a tethering app...Ma Bell needs her extra $20 a month.
It's ATT, they are the biggest bunch of fail for a variety of reasons, so removing side loading apps goes along with that.
It is like their disapproval of flashing and rooting. But you can kind of see their point, there does seem to be a over abundance of complete morons in the world. Just look how many people brick their brand new phones every week by diving into unlocking and flashing custom roms without studying or reading or understanding at all.
These people then all blame AT$T and try to get new phones under warranty. Believe me, I hate AT$T more than anyone they are down there at the bottom of the food chain with lawyers and insurance companies, but I can kind of see their point. Besides,isn't it more of a google thing than an AT$T thing ?
That's not even getting into the illegal sharing of pay for apps.
denco7 said:
It is like their disapproval of flashing and rooting. But you can kind of see their point, there does seem to be a over abundance of complete morons in the world. Just look how many people brick their brand new phones every week by diving into unlocking and flashing custom roms without studying or reading or understanding at all.
These people then all blame AT$T and try to get new phones under warranty. Believe me, I hate AT$T more than anyone they are down there at the bottom of the food chain with lawyers and insurance companies, but I can kind of see their point. Besides,isn't it more of a google thing than an AT$T thing ?
That's not even getting into the illegal sharing of pay for apps.
Click to expand...
Click to collapse
a google thing? at&t is the only company that blocks sideloading apps , locked bootloaders is another thing
Their official position on this is that they want to preserve the integrity of the user experience. In other words, they don't want to deal with customers having problems from apps that are not approved for the Market.
Do I buy this line? I think there is a slight validity to the claim, but it is ridiculous. What non techie user is going to do that anyway? Maybe 1% of customers?
It is most likely that they want you to use their premium apps from their filtered version of the Market. Google is also to blame here, they should not allow carriers to customize the available apps in the Market to begin with.
naplesbill said:
Google is also to blame here, they should not allow carriers to customize the available apps in the Market to begin with.
Click to expand...
Click to collapse
+ 1000 Google should do something about it, android should open for users not carriers and theirs stupid bloatware and restrictions
Unfortunately " open source" means open to everyone to use and modify, including AT$T. It is up to the consumer to make the choice on who is doing it right.
And AT$T isn't the only one that blocks " non market " apps for " security reasons, "
Well, it is some thing that can be solved.... I know people say you shouldn't have to root your phone to get the most out if it, and I some what agree. But every problem that has been stated with the Inspire, and with AT&T can be solved. Custom ROMS, rooting, the side load wonder machine. Just do your home work and every thing will work.
If the recent set of malware riddled packages isn't enough reason to think AT&T may be right about this then maybe the fact that for at least the majority of basic users it really doesn't matter to them one way or the other. As long as they can get Angry Birds or some other game on their phone and can read their emails and play on the web they don't care. For those who really want more, they know how to get there.
And just because you and I may not call AT&T if we install a virus doesn't mean the 90% of the rest of the users wouldn't and blame AT&T for letting their phone get infected. AT&T has to decide which side of the problem they want to fall, and taking the safe route and saying only approved market applications allowed makes a lot of sense.
I find that this sort of lock down sort of floats back and forth between AT&T and Verizon. For a while Verizon only allowed Verizon packages on feature phones. You couldn't even do certain bluetooth things that were built into the phone because Verizon had locked them down. Now Verizon seems much more open but AT&T is putting restrictions.
AT&T is my third cell phone company and has been the best overall I have been with. Sure they have their moments and issues but at least my phone works at my house and on all the streets around my house unlike Verizon.
And yes I have rooted my phone because I wanted to install non-market applications. By the way I hear AT&T is planning to lighten the burden here at some point in some way. Not sure how but they are telling corporations that have their own Android applications that they plan to have some means to allow this in 2011. I can only hope it isn't just a certification of in house markets but we shall see.
hi i know this is kinda irrelevant but did the law passed last year really prevent ppl from making unlocking software like redsn0w, yellowsn0w, pwnage for the iphone 5s?
i dont see any available and the last update was like 3 years ago. is the iphone no longer unlockable except for the paid online services for 100-200 dollars?
thanks!
yinxzon said:
hi i know this is kinda irrelevant but did the law passed last year really prevent ppl from making unlocking software like redsn0w, yellowsn0w, pwnage for the iphone 5s?
i dont see any available and the last update was like 3 years ago. is the iphone no longer unlockable except for the paid online services for 100-200 dollars?
thanks!
Click to expand...
Click to collapse
1) Software unlocked stopped working after the first couple of basebands on the iPhone 4. The baseband is basically too tightly locked for those types of hacks.
2) AFAIK it is not illegal to unlock a device.
3) This site is for Android an Windows Phone, not iOS. We don't do iOS here at all. You might check out another iPhone site for more info.
i know its android forum, i hate everything aapl so i dont wanna register there.
i think its a law:
http://www.cultofmac.com/213144/unl...king-is-still-safe-what-it-all-means-for-you/
but i didnt think that would stop anyone. i guess ur reasoning for complicated basebands makes sense.
there is just so many imei unlocks for a lot of money and if its cheap who knows if it would work..
thanks
yinxzon said:
i know its android forum, i hate everything aapl so i dont wanna register there.
i think its a law:
http://www.cultofmac.com/213144/unl...king-is-still-safe-what-it-all-means-for-you/
but i didnt think that would stop anyone. i guess ur reasoning for complicated basebands makes sense.
there is just so many imei unlocks for a lot of money and if its cheap who knows if it would work..
thanks
Click to expand...
Click to collapse
According to that article, the law would go into effect in 9 days from today, and it's not illegal to go thru the carriers.
Software unlocks are not going to happen, other than using a SIM interposer, like R-Sim etc..
I don't know if using a SIM interposer would be illegal though, since technically you are not unlocking the phone or modifying the hardware in any way, you are only changing the way the signal goes from the SIM card to the phone, so technically you might be safe.
Practically, I don't see anyone actually getting prosecuted for "unlocking their iPhone" anyways.
But the only way right now is the a SIM interposer (check compatibility of the model and iOS version) or go thru carrier, or pay a premium price for 3rd party.
But yeah, since this forum does not cover or support iOS you're better off finding a forum that actually supports it.
yeah i understand, just fyi that article write jan 26 2013 not 14.
like this: http://iphone-unlocker-pro.com/?gclid=CI_y86zthbwCFaTm7AodOzUAUQ or http://www.officialiphoneunlock.co.uk/unlock-iphone/ATT-USA/
You would probably be able to find a lot more information over here:
http://forum.iphone-developers.com/
:good:
Android is supposed to be open, customizable and free, vs iOS. That's why I'm making the switch (plus I couldn't stand the screen size of iPhone).
But now I realize Samsung is behaving like Apple:
- Knox highly discourages (prevents) rooting, just like Apple tries to prevent jailbreaks
- Firmware can't be downgraded, just like on iOS too
Part 1 is still acceptable under the pretext of corporate security, especially since end users generally have no issues getting warranty even with Knox tripped.
But part 2 is simply inconceivable IMO. No downgrading is just ridiculous. It's way worse than part 1 because at least users can choose to void warranty and ignore Knox, but part 2 is maintaining an iron control.
That is the really stupid bit. I have been upgrading, downgrading when I wanted to since the galaxy s days and now this not being able to downgrade really ppppppeeee me off. Didn't care about Knox and tripped it.... But...?... Let's set what's out there come September when my contract runs out
Sent from my SM-N9005 using Tapatalk
When I read threads on how which firmware versions are rootable (without tripping knox) and which aren't, they remind me of apple blogs posting about which iOS versions are jailbreak safe.
Can't believe I'm still gonna buy a note 3!
fterh said:
When I read threads on how which firmware versions are rootable (without tripping knox) and which aren't, they remind me of apple blogs posting about which iOS versions are jailbreak safe.
Can't believe I'm still gonna buy a note 3!
Click to expand...
Click to collapse
I get it. The hardware is still a good value, but I'll probably look elsewhere in the future.
These companies get too big and start to dictate what the user wants instead of listening... And when they are sitting pretty on top they tend to stop developing new innovations because "They are the best" and then the item tends to stagnate with VERY little actual developement thrown in. Anything new is a kneejerk reaction to the next up and comer for king of the heap....
They will still say it is for the best of the user but in reality its because they're too damn lazy to work. Then comes the copyright everything attitudeand the litigation and more effort is spent suing others for copyright einfingement than making the latest and greatest, what was Apple"s big thing a while back, oh yeah, lets make it white....
Works well for them and most users who have a hard time working out which end to speak in but not for those who actually want to own, use and control what their device actually does....
Take a lil bit, bit by bit til theres nothing less
Sent from my SM-N9005 using XDA Premium 4 mobile app
It's not just Samsung others are going the same route, LG for instance says it got something similar to KNOX in the pipeline, HTC makes it difficult as possible to root their phones, Sony is also going to follow a similar path to Samsung & LG as they all want the corp market to buy their smartphones and feel safe, sod the general consumer that not interested in any of this.
The option in the near future if you want to tinker without tripping something or blowing an efuse is to buy a Nexus.
Its also because of the data breach that chinese and NSA are doing. They want our phones and its data to be safe. Not like modified system files with backdoors and trojans. So its for our own safety. Yes u can always change the layouts, launchers and other stuff. But changing kernel and rooting devices to use system procedures. These are just for developers and those who actually know abt stuff. Not for the common man.
Sent from my GT-N7000 using xda app-developers app
Because Samsung need sale by millions on US like Apple but must be very Secured:
Quote from another post:
...The Knox Bootloader that is the first from a new type of bootloaders, block and not permit many things.
To understand what is the Knox and is bootloader and kernel read this:
https://www.samsungknox.com/en/overview/technical-details See also the video How to Use on it...
On the first attachment we see at left the usual Android, at right we see the Android whit the Samsung Security System Knox in white and the usual until now in blue. Whit this System people can have like two phones on one. A personal whit his own appl and a second secured to work on Enterprises and Governments and others.
The Knox Bootloader protect the secured part and not permit the flashing by Odin some files that it consider not secured like the oldest bootloaders. Then the Knox Warranty Void: 0x0 is first of all the Security System Knox secured. 0x1 is not secured.
For example I quote this from that doc/link:
Samsung KNOX offers a multi-faceted security solution rooted in the tamper-resistant device hardware, through the Linux kernel and Android operating system. The first line of defense against malicious attacks, Samsung KNOX is currently approved to run on US Department of Defense networks. (If flag 0x0, my opinion).
fterh said:
Android is supposed to be open, customizable and free, vs iOS.
Click to expand...
Click to collapse
And there's your problem.
Android is open, customizable, and free - at source code level. However, individual implementations (such as Samsung's Touchwiz) have so such requirement to be so.
People like us, who like to hack around with our phones, are not the market that Samsung is aiming for. The vast, vast majority of Samsung Android users are never going to root their phone, manually upgrade/downgrade their firmware via Odin, or install custom ROMs. These users are *never* going to even thing about tripping Knox, let alone do anything that might trip it.
To be fair, Samsung are not alone in this - pretty much all major phone vendors are doing similar. Someone works out how to get S-OFF on the HTC One, and HTC release a patch to prevent it.
Going forward, I see a time coming where if you want to have complete control over your device, you will have to buy a developer edition.
Regards,
Dave
Really? Another thread to whine about Knox?
Sent from my SM-N9005 using XDA Premium 4 mobile app
ultramag69 said:
These companies get too big and start to dictate what the user wants instead of listening... And when they are sitting pretty on top they tend to stop developing new innovations because "They are the best" and then the item tends to stagnate with VERY little actual developement thrown in. Anything new is a kneejerk reaction to the next up and comer for king of the heap....
They will still say it is for the best of the user but in reality its because they're too damn lazy to work. Then comes the copyright everything attitudeand the litigation and more effort is spent suing others for copyright einfingement than making the latest and greatest, what was Apple"s big thing a while back, oh yeah, lets make it white....
Works well for them and most users who have a hard time working out which end to speak in but not for those who actually want to own, use and control what their device actually does....
Click to expand...
Click to collapse
This post basically nails all the reasons in one fell swoop..
And then they are forcing to use original accessories which is really really stupid of Samsung.
Question: Why is Samsung acting like Apple?
Answer: Because Apple is the most successful company in the world.
Do you really need another reason?
aydc said:
Question: Why is Samsung acting like Apple?
Answer: Because Apple is the most successful company in the world.
Do you really need another reason?
Click to expand...
Click to collapse
C'mon!!
OK. I've had rooted and hacked everyphohe I've had.. Since Nokia monocromatic days, Sony Ericsson devices and now android... I've used almost every custom ROM.. Applied hundreds of modifications, etc, etc... Trust me. Its funny how ppl complain about software and this Knox thing... Android continues to be on top of iOS for many many reasons... Many many reasons!!
I personally like to root .. Of course but with power comes disorder.. Yes maybe cosmetic custom is one of the reasons for rooting..and its fun. But as it comes with plenty of features so it comes with problems never experienced on stock.. Like freezes, restarts,etc, etc.. U know what am talking about.. Most of us have chosen the Gnote 3 for its innumerable capacities over almost every device on the market. It is a beast. No doubt. For me I haven't seen yet any modification or feature that make me wanna root my note.. It is a beast as it is now. Am not running KK.. Uh uh.. I'll wait for a more completed version... I have more than 15 years using cellphones and customizing them.. And now it seems that companies are getting to know what customers need in their devices .. That's why rooting will no longer be necessary.. Why don't you sit and think about this? I've root my Sgs2 and could have the multi window feature when it came out.. And the list goes and goes.. Arent you able to see we are going to another place now with stock phones?? Actually CM will have its on device sponsored by Google itself !!! See for example the multiple features of the moto x ... It is like R2D2 haha.. Personally I'm happy with the nowadays devices..let s see what's next...
Sent from my SM-N9005 using xda app-developers app
At least Samsung will not shut down your phone and force update, like Crapple does, on Samsung at least you can disable updates. And blame other users as well for this lockdowns: how many people brick their phones when modding and then at least try to claim warranty repairs or exchange? I don't have to look far, my good friend rooted his Note3 and this made his Gear stop working. Couldn't fix it, so he took it to service center and strangely enough they did fix it for free (he may have unrooted first, I don't know), by bringing all to stock and he is a hacker, perfectly capable of figuring it out, just didn't want to bother I guess. And yes, because Crapple is so successful, many companies will follow suit, so blame all Crapple users as well. If Crapple was a total failure, no one would imitate them.
pete4k said:
At least Samsung will not shut down your phone and force update, like Crapple does, on Samsung at least you can disable updates. And blame other users as well for this lockdowns: how many people brick their phones when modding and then at least try to claim warranty repairs or exchange? I don't have to look far, my good friend rooted his Note3 and this made his Gear stop working. Couldn't fix it, so he took it to service center and strangely enough they did fix it for free (he may have unrooted first, I don't know), by bringing all to stock and he is a hacker, perfectly capable of figuring it out, just didn't want to bother I guess. And yes, because Crapple is so successful, many companies will follow suit, so blame all Crapple users as well. If Crapple was a total failure, no one would imitate them.
Click to expand...
Click to collapse
Soon change in a few years. You'll see Samsung become more and more like Apple in time.
Samsung used to be just another Korean electronics company, like what LG is today. Then they started copying Apple. The more they copied Apple, the more successful they became. It's this simple. Believe it. If you do what successful people do, you become successful. Just because you don't like something doesn't mean it doesn't work.
aydc said:
Samsung used to be just another Korean electronics company, like what LG is today. Then they started copying Apple. The more they copied Apple, the more successful they became. It's this simple. Believe it. If you do what successful people do, you become successful. Just because you don't like something doesn't mean it doesn't work.
Click to expand...
Click to collapse
Just like the sales of apple is now falling I believe it will also happen to samsung.
Another thing not related to your comment since they've stopped allot people from rooting and developing due to the warranty issues. Development is Damn slow now. Like they did with gokhanmoral (think thats how you spell it all credits to him) with the s2 they had cherry picked from his kernel tree to implement into the stock to make stock run even smoother. Now there's only really one kernel in development for the international model compared to what previous phones had where there were quite a range.
What's the point of having really high end specs if you can't really exploit them? and sticking to something which much lower and play 'safe'.
Sent from my SM-N9005 using xda app-developers app
This is the most BS I've yet seen from a beta program. Complete and utter BS.
Even Apple (even goddamn Apple) do not limit their beta programs on regions, but with Samsung, you need an actual SIM card from another country, if you want in. I mean, we all know how to switch CSC when needed, all fine and dandy, but an actual region SIM is necessary.
OnePlus allows free entrance to their beta programs (coming from OP3), don't know about Nokia or XiaoMi or other OEMs, but I suppose they don't pull that s#%t either, because flashing beta builds requires a little bit of technical knowledge in the first place. No way a customer will "accidentally" enter the damn program, if that's Samsung's BS excuse for not letting it worldwide.
So... does any of you know the actual reason, from within Samsung themselves, why is the Oreo Beta program region locked?
Got sick of waiting (and couldn't find a UK SIM where I live) and smashed the knox counter already, but I would still like to know "why".
Get prepared for people to flame you . I don't get it either half the people in the program just complain about stuff not working going in knowing beta means it's flaws in the software. We use to help each other on xda now it's just making people feel dumb for asking questions. Good luck getting a answer . By the way I am apart of Apple beta program for my iPhone 10 and it was open for anyone that wanted to try it. Seems like samsung should of went that route considering how long they take to update there devices. About time my s8 plus get Oreo I will probably have the s9, so to me it really don't matter at this point weather this phone get Oreo or not I had my year of fun with it.
Sent from my [device_name] using XDA-Developers Legacy app
sirobelec said:
This is the most BS I've yet seen from a beta program. Complete and utter BS.
Even Apple (even goddamn Apple) do not limit their beta programs on regions, but with Samsung, you need an actual SIM card from another country, if you want in. I mean, we all know how to switch CSC when needed, all fine and dandy, but an actual region SIM is necessary.
OnePlus allows free entrance to their beta programs (coming from OP3), don't know about Nokia or XiaoMi or other OEMs, but I suppose they don't pull that s#%t either, because flashing beta builds requires a little bit of technical knowledge in the first place. No way a customer will "accidentally" enter the damn program, if that's Samsung's BS excuse for not letting it worldwide.
So... does any of you know the actual reason, from within Samsung themselves, why is the Oreo Beta program region locked?
Got sick of waiting (and couldn't find a UK SIM where I live) and smashed the knox counter already, but I would still like to know "why".
Click to expand...
Click to collapse
One thing you are leaving out when it come to those other OEMS is that they are only sold in a few countries. Samsung is worldwide and just because something works for one region doesnt mean it will work in all regions. Heck Bixby couldnt even do voice in English for the longest time.
Also you have to look at the amount of people hitting the servers all at once. Sure they could push it all out at once and then have their server crash. Not to mention a team of developers for each region. This way you can deal with one at a time with the same team.
To be honest I wouldnt be to worried about it. Updates are becoming far less useful these days.