Hello,
I have this old motorola razr xt910 that still works just fine. LineageOS now has a rom for it so of cause I want to see if it's better then the older cyanogenmod. But back in the days of the razr, we ran safestrap because the bootloader was locked and motorola didn't release an unlock for my region or not at all. Lineage wiki page states to unlock the razr by official means or a third party. This got my thinking, if the bootloader is encrypted with an unknown key, how can third party software unlock it? There is no way I believe a simple local laptop can brute force it, so what else can such software do? So from a PC point of view, I would simply delete the partition and make a new. Now I know very little about android, so this might be blatantly obvious to others but why not just delete the bootloader partition and flash the one we want?
Thanks
No one has any answers or comments?
That sounds kind of simalar to the question I was asking basiccly there are locks in place that will brick a device if you replace bootloader files because of crc checks elsewhere.
Related
So, my understanding is this. If we unlock the bootloader so as to gain root access then the Xoom states to us that we will lose our warranty. That bites, but is expected. But if we decide to re lock the bootloader, it is my understanding that it, being the warranty is still void.
My first question is this. How will motorola know that we had unlocked the bootloader after re locking it? Is there a virtual trip in the system that creates a file that makes the statment that the unit had been unlocked? If so can we figure out where that file is located?
Now I could see a problem in finding the file in question if it does exist. But we would have to have a bootloader that is backed up from a Xoom that has never been unlocked. To compare the files. And that is assuming that that file resides in the the unlocked bootloader and not somewhere els on the system.
So, how can we backup the factory bootloader before unlocking it? Also, how do we make a backup image of the entire factory OS before root access is granted?
The reason I ask is because the steps and the image that is provided by Motorola for the OS may be tainted in some way also, so as to let them know that it is not the real original OEM installed OS.
Also, I have done a search, and came up with noquestions or answers to any of these questions. If the questions and answers are out there. I do apologize for asking again.
I doubt if they can tell the difference once it it relocked. You should replace the boot.img with the locked factory default file as well as the other original images (System) which is only available for the 3G model. Once you root the boot.img is replaced with a modified version which can easily be found out. Owners of the Wifi only Xoom will have to wait.
I'm sorry but I have googled and searched here trying to get a clear answer, but I think it comes down to my lack of understanding.
What is the difference between the bootloader being locked vs unlocked and what does that mean for the development? I currently have the Acer Iconia and love it, but if there will be more/better development on the transformer I may switch.
I also want to try and figure this out as I have a Droid X and use the bootstrapper to load ROMS but again I do not have the understanding I think I need for this subject matter.
Thanks all for your work and contributions. XDA has taught me alot and I am trying to further my understanding so please forgive me if this is the wrong forum to ask this in.
Well i downloaded the latest update from asus and applied it to my tablet. I now can't use CWM on my SD, i could before.
There's three types out there right now:
Unlocked bootloader: You can flash whatever you want
Locked bootloader: It verifies a signature before flashing. Usually the signature check isn't all that hard to really defeat (the Thunderbolt's was defeated in somewhere around a day, IIRC).
The Droid X bootloader, on the other hand, is Encrypted, in addition to being Locked. This is the reason that you have to bootstrap custom roms, and can't just install them directly. Motorola is the only one that's using an Encrypted Bootloader, AFAIK.
Well i can help with the unlocking, I just need to know what to do.
KitsuneKnight said:
Motorola is the only one that's using an Encrypted Bootloader, AFAIK.
Click to expand...
Click to collapse
Nop, Sony Ericsson also encrypt their bootloader in all 2010 Xperia Series
Noob question I know but I've tried reading up on the subject as much as I can - I still don't fully understand what exactly the locked loader does to this phone (aside from making it more difficult to root) and would really appreciate a brief explanation.
As I understand now the phone can be rooted, ROMs can be loaded (but they have to be specific to the VZW S3 right?), and full recovery options as well. Basically wondering what the disadvantages are and if they're more significant than just a little more work to root/mod the phone? Much thanks!
It prevents root access, you know jail breaking. You can't control your rom. You use the one provided to you by Verizon with all their bloatware. You can't change what software was delivered to you.
Sent from my SAMSUNG-SGH-I727 using xda app-developers app
It prevents changing boot.img
Sent from my SCH-I535 using xda app-developers app
saucyzest said:
Noob question I know but I've tried reading up on the subject as much as I can - I still don't fully understand what exactly the locked loader does to this phone (aside from making it more difficult to root) and would really appreciate a brief explanation.
As I understand now the phone can be rooted, ROMs can be loaded (but they have to be specific to the VZW S3 right?), and full recovery options as well. Basically wondering what the disadvantages are and if they're more significant than just a little more work to root/mod the phone? Much thanks!
Click to expand...
Click to collapse
A locked bootloader is ultimately intended to prevent you from potentially costing the carrier $money$ by:
Bricking your phone and then playing dumb when you return it for an exchange. (people on xda opening admit to this kind of fraud. kinda sad. you brick it you keep it!, or buy another)
Modifying your phone and then blaming bugs on the carrier. A support vampire.
Assuring content providers they've made exclusive deals with that their content is "secure".
Great Question!
If your phone was a Windows 7 computer....
If you rooted it, you'd have an account with Administrator access.
As for the bootloader... Suppose you wanted to upgrade to Windows 8, even though it hasn't been authorized by your ISP, on this Windows 7 computer with a locked bootloader.
You cant, c:\windows is locked. If you change anything in that directory, your Windows 7 computer will start, but only to display "Invalid System Software Installed! Please shutdown and return this computer to your ISP's store for assistance."
What we have on Verizon, is a phone with admin rights (rooted), where we can't re-install the software needed to boot a different operating system.
If you're interested in more detail on how the hardware prevents the bootloader from being cracked, and what the attack vectors are, you might be interested in the presentation linked from this post http://forum.xda-developers.com/showthread.php?t=1766638
(And yes I know that c:\windows isn't actually the boot partition on windows. Just trying to make it easier for the OP to understand.)
jmacko said:
Great Question!
If your phone was a Windows 7 computer....
If you rooted it, you'd have an account with Administrator access.
As for the bootloader... Suppose you wanted to upgrade to Windows 8, even though it hasn't been authorized by your ISP, on this Windows 7 computer with a locked bootloader.
You cant, c:\windows is locked. If you change anything in that directory, your Windows 7 computer will start, but only to display "Invalid System Software Installed! Please shutdown and return this computer to your ISP's store for assistance."
What we have on Verizon, is a phone with admin rights (rooted), where we can't re-install the software needed to boot a different operating system.
If you're interested in more detail on how the hardware prevents the bootloader from being cracked, and what the attack vectors are, you might be interested in the presentation linked from this post http://forum.xda-developers.com/showthread.php?t=1766638
(And yes I know that c:\windows isn't actually the boot partition on windows. Just trying to make it easier for the OP to understand.)
Click to expand...
Click to collapse
Thank you for this explanation, I found it helpful to hear such an analogy.
jmacko said:
Great Question!
If your phone was a Windows 7 computer....
If you rooted it, you'd have an account with Administrator access.
As for the bootloader... Suppose you wanted to upgrade to Windows 8, even though it hasn't been authorized by your ISP, on this Windows 7 computer with a locked bootloader.
You cant, c:\windows is locked. If you change anything in that directory, your Windows 7 computer will start, but only to display "Invalid System Software Installed! Please shutdown and return this computer to your ISP's store for assistance."
What we have on Verizon, is a phone with admin rights (rooted), where we can't re-install the software needed to boot a different operating system.
If you're interested in more detail on how the hardware prevents the bootloader from being cracked, and what the attack vectors are, you might be interested in the presentation linked from this post http://forum.xda-developers.com/showthread.php?t=1766638
(And yes I know that c:\windows isn't actually the boot partition on windows. Just trying to make it easier for the OP to understand.)
Click to expand...
Click to collapse
Thanks that really helped. So in the example of Jelly Bean -sounds like we need to wait for Verizon to release a version of it? Do all custom ROMs as well have to be based off of the VZW file that checks ok with the bootloader?
I'm really only concerned with Jelly Bean (knowing how long VZW takes to release stuff) and that wifi nag screen, I want to punch someone in the nose every time i see it...I will check out that presentation over lunch, would love to learn all about the details.
interesting and helpful topic.. however.. i thought i understood the locked bootloader situation on my droid bionic i could flash any rom i wanted to in conjunction with bootstrap wich i believe to be a bootloader by pass based recovery but no kernals were able to be flashed that is what i understood to be a locked b.l was not overclocking or custom kernals maybe i was wrong this whole time..
Bfitz26 said:
interesting and helpful topic.. however.. i thought i understood the locked bootloader situation on my droid bionic i could flash any rom i wanted to in conjunction with bootstrap wich i believe to be a bootloader by pass based recovery but no kernals were able to be flashed that is what i understood to be a locked b.l was not overclocking or custom kernals maybe i was wrong this whole time..
Click to expand...
Click to collapse
Weird this is how i understood it as well. I'm coming from the Droid X2 and thanks do DK we had cm9 up and running with ICS but the bootloader was locked down. I took it that bootstrap is a recovery tool that works in a way of when your phone is off and you plug it in you boot up to the bootloader. This would allow you to re-flash a rom if your current one was corrupt.
So in my mind you can run different roms and different android versions its just harder to get them on the phone. But from what i've seen you cant flash a new kernal if the bootloader is locked.
Maybe i miss understood this if so i really would like to know fully how this works
On the verizon gs3 the locked bootloader is keeping us from flashing a custom kernel thru odin...we can root and flash a custom rom / recovery but it has to utilize the stock kernel currently. Our bootloader debacle is nothing like moto devices and I wish folks would stop comparing the 2!
droidstyle said:
On the verizon gs3 the locked bootloader is keeping us from flashing a custom kernel thru odin...we can root and flash a custom rom / recovery but it has to utilize the stock kernel currently. Our bootloader debacle is nothing like moto devices and I wish folks would stop comparing the 2!
Click to expand...
Click to collapse
Exactly, what a locked bootloader will allow you to do will vary on different phones and firmwares. I've known some which would not even allow you to flash a recovery.
Sent from my SAMSUNG-SGH-I747 using xda premium
I really hope we get the bootloader unlocked would love to see cm on this phone with some of invisblek's great kernels. btw will I be able to even usrge "set cpu" to overclock and under clock with verizon stock kernal or can this be done with tweaks in the build.prop file, forgive me if this sounds stupid its been a while and I am a samsung's odin first time user.
Sadly this is the outcome of Americans NOT buying a device without a subsidy from the carrier.
Kind of like whining about NOT getting the best Porterhouse steak when buying with food stamps......
I would love to see an end to carrier subsidies.
~~~Sent from the 23rd century, thru a Samsung Onehunglow powered by Walmart brand Higgs Boson particles. (Aisle 27)~~~
I am disappointed in samsung they start to look like Apple can not my apps to my sd card write that they have locked that 2
Just curious if anyone knows if this might work for the Photon Q eventually.
http://forum.xda-developers.com/showthread.php?t=2225022
We don't need that, Photon Q BL is normally unlockable officially.
Yeah, but WOULD it work if we wanted to unlock that way?
Just curious.
It would - but your warranty would still be void (because if they are actually checking it, they will use the phone's fastboot).
Yes.
The result is the same, no matter if you use the official or the unofficial way.
The qfuse is blown > the bootloader is unlocked > the moto warranty is void.
No difference.
Thanks. That's all I was wondering.
I could see where someone would prefer to use an unofficial method. Seems like Moto wants a lot of info for "permission" to mod a phone. So, maybe someone would want to unlock, but not go through registering all of that with Moto.
Warranty, swarranty. Not too concerned about that personally. My experience with warranty is that they will find a reason not to honor the warranty anyway.
kabaldan said:
Yes.
The result is the same, no matter if you use the official or the unofficial way.
The qfuse is blown > the bootloader is unlocked > the moto warranty is void.
No difference.
Click to expand...
Click to collapse
Just wondering, what exactly is the "qfuse" ? I am deducing that it is a file that tells if the Q's boot loader has been unlocked, but does it determine that fact regardless of if it's unlocked officially or unofficially? And, if done so unofficially, would re-locking the boot loader change the "qfuse" and dupe the Motorola team from determining if the boot loader has ever been unlocked? Thanks!
Moto Q stock with Arrrghhh's kernel v.0.10
galacticservant said:
Just wondering, what exactly is the "qfuse" ? I am deducing that it is a file that tells if the Q's boot loader has been unlocked, but does it determine that fact regardless of if it's unlocked officially or unofficially? And, if done so unofficially, would re-locking the boot loader change the "qfuse" and dupe the Motorola team from determining if the boot loader has ever been unlocked? Thanks!
Moto Q stock with Arrrghhh's kernel v.0.10
Click to expand...
Click to collapse
Here's some info I found:
"There are two kinds of electronic fuses: Qfuses and efuses. efuses are programmable, usually by software once and by JTAG multiple times. However, Qfuses are WORM according to the information I have, which means iff the Milestone has a security Qfuse, and it is blown, then this cannot be reversed. There is usually no software programming to the Qfuses available, it is blown once during manufacturing/initial programming."
Source
Has anyone actually tested this on the photon Q and can say beyond a shadow of a doubt? I am guessing I am not the ony person who really wishes they could unlock the bootloader but can't because moto said no when they tried the official way, but I worry that trying an untested method for another phone has a chance to brick.
Every Photon Q is unlockable the official way, even from CSpire. You have a typo somewhere.
Hey guys,
I've been playing around with the firmware on my Moto G and I didn't understand some things related to bootloader/partition table version and I hope someone more knowledgeable can explain me some things, in a more technical way if possible. Links to documentation are also appreciated!
So, apparently you have to keep an eye on bootloader, partition table, and OS versions so they match. You also cannot easily downgrade bootloader versions.
Also, I saw that you can brick your device if you try to flash 5.0.1 ota, then go back to 4.4.2 and flash 4.4.4 ota because of mismatched bootloader versions and will have to wait for official motorola 5.0.1 images.
My first question is why does this happen? If I get stuck on a particular bootloader version (in this case 5.0.1 GPE, right?) why can't I just boot the corresponding OS, why does the device brick (is it incompatible bootloader and partition table, so the bootloader can't find stage 2)?
Second question, apparently you CAN downgrade the bootloader versions, but have to follow some specific steps and use specific files. Why is that? What checks does the devices makes when upgrading bootloaders and what kind of files allow me to downgrade while passing those checks?
Third, why can't you boot older android versions with newer bootloaders? Doesn't the bootloader just initialize some devices and loads the kernel, can't you modify and older kernel to boot with the new bootloader or chainload and older kernel from a newer one? Also why does the boot processes change so frequently when it should be something very stable?
Fourth, what is the rationale behind not allowing you to freely switch bootloader versions?
Well, thats it. Sorry for the long post and thanks to anyone that can help me . Maybe I should post this in android development instead?
I follow .
I believe on Nexus hardware changing Bootloader is an easier process as those devices are deliberately Developer friendly. Motorola are open enough to allow unlocking, but as you have discovered, flashing an older Bootloader is a messy and dangerous process. Perhaps if enough people petitioned for a change, things might be different.
The Bootloader and Kernel are interrelated and that is why newer Bootloader versions break compatibility with previous iterations of Android (each with a unique Kernel.)
It's possible Kernel DEVs could offer a solution, but I suspect the reality is so few people care. The majority of users will get OTA Updates and never go back.
Uh, bump?
Anyone can tell me if there is a more appropriate place to ask question like these?
I hope it will give you some reference in these topics.
http://elinux.org/Android_Booting
http://androidforums.com/threads/android-partitions-kernels-explained.278898/
aryal.subasha said:
I hope it will give you some reference in these topics.
http://elinux.org/Android_Booting
http://androidforums.com/threads/android-partitions-kernels-explained.278898/
Click to expand...
Click to collapse
Thanks, but I already found those in Google and they aren't very useful. Too superficial and both focus on what happens AFTER the kernel is loaded, I'm interested more in the bootloader, how it verifies the signatures, etc.
Anyone?