• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root **Official** Droid X encrypted bootloader and efuse thread

just4747 said:
What you said is correct. I don't know what sic is getting at or what problem he has with me....I never said this shows or proves anything, I am just showing the contact I am trying to make since we haven't heard much news on this yet, and other phones have been hacked (or had more progress) before the phones have even been released. Now, if Cyanogen ever tells whether he is working on it or not on his Twitter, that is a lot more important..

And there is something closer to "proof" that the boot loader is in fact encrypted, through that Twitter guy, Stephen Bird (mrweeeedbirdman) on Twitter
Now I don't know who he is but I'm sure he's somewhat telling the truth about it being encrypted.
Click to expand...

I don't have anything against you. But it is my opinion that too much non-information is just as bad (perhaps even worse) as too little real information. All those types of posts do it confuse about 80% of the people. It certainly doesn't add any definitive information one way or another. That is why I posted and why it was directed at OTHER people and not you.

I also think it was silly that people are thanking you as if there was any information in that post - it leads me to believe they might fall into the 80% I was talking about. I don't mean to offend anyone with that statement, it's just how I feel, and I say that only to fully explain my motivation for my "questionable" post.

I mean you asked if they would work on rooting/custom ROMs for the X and they responded "Eventually" - like that surprises anyone or comes as front page news. The fact that there were no further reponses to your questions actually speaks volumes - they don't have anything yet!

PS - I don't think capitalizing one word isn't yelling. It was meant to convey emphasis. Capitalizing an entire post (or major sections of a post) would probably be considered to be yelling....
 
just4747 said:
Birdman just Tweeted this, so hopefully we'll have something soon:


ok guys, thanks to vzw's screw up im finally getting a REAL RETAIL droidx system dump tonight....this is the moment of truth...
Click to expand...
this is fu**ing awesome... fingers crossed!!! Pardon my French but I'm excited!
 
Kwest12, as someone who believes in the spirit of open source, flashing custom roms and all that good stuff, it's great that you've taken the initiative to get the word out about this issue and maintain a lively and relatively good-humored thread. Thanks.
 
Birdman Tweeted:


993 files pulled. 0 files skipped. <<< this is excellent news...
oh, FYI current dumps only have 415ish files....:D

^What importance does that last bit have?
 
Birdman Tweeted:


993 files pulled. 0 files skipped. <<< this is excellent news...
oh, FYI current dumps only have 415ish files....:D

its a TON of files. And this is really nothing for rooting...well maybe...we will see.
 
Interesting. Now I'm starting to get curious about what people mean by "encrypted bootloader". Obviously it contains byte code, otherwise the OMAP wouldn't do anything when you turn it on. Now, there are full disk encryption methods, but with a stored password (since you aren't providing one at power-on), this is obfuscation at best and kinda pointless. My guess is that the bootloader simply verifies the hash and cryptographic signature of images before flashing them, which is generally a good idea. It could do that every boot and give you the bird and refuse to boot if it doesn't match, but, IIRC, phones often use YAFFS, which is sorta rewritable, and would change the hash every time the phone booted.

Now, that brings us to what it prevents. It sounds to this newbie like all that would hinder is using the boot loader to rewrite the flash. But there should be other ways to do that, given root access, and at least a few of these approaches should work. (NB: I don't actually have a smartphone yet, so I'm speaking from my experience with other devices.)

  1. You could obviously use JTAG, which lets you do just about anything, but it's way too involved for the average user to attempt.
  2. You could flash from a rooted Linux using mtd or similar, which seems like the best bet.
  3. You could overwrite the existing root much like upgrading desktop Linux.
  4. You could modify the bootscript to chroot to the SD card and install whatever you want there.
  5. You could run a new kernel in userland.
  6. You could read the bootloader, extract the key, and see if it's of a crackable type (e.g. factoring a short RSA key with a distributed cluster of volunteers), which is likely given that it's an embedded device.
  7. You could generate a hash collision with a custom ROM, and the bootloader would be none-the-wiser.
  8. You could replace the key with your own by rewriting those sectors in the flash.
  9. You could just reflash the bootloader with an open source one (e.g. based on the Pandora's, which uses a similar OMAP SOC and also runs Linux).
In theory, since we have physical access to the hardware, there is no way to completely lock us out. DRM is annoying and complicated, but offers zero cryptographic protection.
 
@sic0048,
I understand where you're coming from with the whole "too much info" thing and I agree on some level.
I use the thank you button to thank people, not to add to their e-wang. I think it should be pretty apparent why I would have thanked him for taking the time to contact cyanogen and then share that with us.
As I took it, your post had a negative and urgent tone, so when one word was capitalized, I interpreted it as yelling.
I understand where you're coming from with everything you're saying, but please remember that moderators are moderators, and members are members: if you have a problem, please don't try to take care of it in the way you did, instead, just notify a moderator... they're good at what they do.

just4747 said:
Birdman Tweeted:


993 files pulled. 0 files skipped. <<< this is excellent news...
oh, FYI current dumps only have 415ish files....:D

^What importance does that last bit have?
Click to expand...

Wish I was smart enough to know what this actually means for us. It sounds good, but I'm gonna keep my hopes in check till we hear more. Still, thanks for the update!
 
izomiac said:
Interesting. Now I'm starting to get curious about what people mean by "encrypted bootloader". Obviously it contains byte code, otherwise the OMAP wouldn't do anything when you turn it on. Now, there are full disk encryption methods, but with a stored password (since you aren't providing one at power-on), this is obfuscation at best and kinda pointless. My guess is that the bootloader simply verifies the hash and cryptographic signature of images before flashing them, which is generally a good idea. It could do that every boot and give you the bird and refuse to boot if it doesn't match, but, IIRC, phones often use YAFFS, which is sorta rewritable, and would change the hash every time the phone booted.

Now, that brings us to what it prevents. It sounds to this newbie like all that would hinder is using the boot loader to rewrite the flash. But there should be other ways to do that, given root access, and at least a few of these approaches should work. (NB: I don't actually have a smartphone yet, so I'm speaking from my experience with other devices.)

  1. You could obviously use JTAG, which lets you do just about anything, but it's way too involved for the average user to attempt.
  2. You could flash from a rooted Linux using mtd or similar, which seems like the best bet.
  3. You could overwrite the existing root much like upgrading desktop Linux.
  4. You could modify the bootscript to chroot to the SD card and install whatever you want there.
  5. You could run a new kernel in userland.
  6. You could read the bootloader, extract the key, and see if it's of a crackable type (e.g. factoring a short RSA key with a distributed cluster of volunteers), which is likely given that it's an embedded device.
  7. You could generate a hash collision with a custom ROM, and the bootloader would be none-the-wiser.
  8. You could replace the key with your own by rewriting those sectors in the flash.
  9. You could just reflash the bootloader with an open source one (e.g. based on the Pandora's, which uses a similar OMAP SOC and also runs Linux).
In theory, since we have physical access to the hardware, there is no way to completely lock us out. DRM is annoying and complicated, but offers zero cryptographic protection.
Click to expand...

well we keep looking back in what we have done in the past when it came to unlocking computers and phones, if we can have full access to any operating system on any computer, hack into the very security tight xbox 360, and continue to find new ways of bypassing the most secured software with our hackers always a half of step behind the companys only to take a giant leap ahead of them. whether it is someone who worked on the phone or a very skilled hacker we will make a breakthrough and i will give it a month
 
Miker said:
Kwest12, as someone who believes in the spirit of open source, flashing custom roms and all that good stuff, it's great that you've taken the initiative to get the word out about this issue and maintain a lively and relatively good-humored thread. Thanks.
Click to expand...

I appreciate that Miker. Thanks and welcome to AFs!



@izomiac
Your post is impressively undecipherable (by me at least) lol. I'm going to update the OP with this just in case we can catch the eye of anyone smart enough to actually understand anything you just said. While I most certainly do appreciate your effort, I'm not sure how much of a response to that type of thing you'll get here (hopefully someone will respond though).

I'd like to suggest that you join the super geniuses over at XDA developers and run your thoughts by them. As far as I have heard, they're the main source of Android hacking (please correct me if I'm wrong folks), and could probably use this type of input. Again, thanks for your input!

EDIT: Hell of a first post! Welcome to AFs!
 
Piiman said:
There is no proof that removing "fluff", especially if it isn't even running, make it faster. I think that is just a dream and the thing is super fast anyways. What will I get if they make it 6x as opposed to 5x faster? One less 1/2 eye blink while I wait for an app to open? Serious I think some people are just Obsessed about speed thing. Most of these speed improvements aren't even noticeable without an app to benchmark them. I've loaded stock ROMs that other are claiming "this thing flies!!" I load it up and like "wow dude it's the same :(" None have been any faster to my eyes than the one that came on it.

Anyways Fluff can be removed with root. :)

So I'm not in any worry to load any buggy stripped down ROMS that take feature away I like. Now if someone comes up with a true super improvement ROM I may reconsider but until then I'm go with root and the ROM Moto put on it.
Click to expand...

Honestly, I don't know you but I can easily tell that you have no idea what you are talking about. Seems to me that you're just trying to justify and or relieve your concerns by making things up.....

The development teams work hard on their projects, and their devotion is clear in many of these roms. If you can sit here and tell me that custom roms offer no improvement and the devs are just wasting there time to change the cooked in launchers ... you really don't have any experience in this topic.
 
dirkbonn said:
The guy asked a question. He made a statement that he wasn't a techie and that was why he was asking. AJ took the time to post "If you're not a techie, you don't need to know". It might have been more prudent to take that same time and just answer his question. Nobody is born a techie. But maybe if he knew what root means he might become a techie.

How would AJ have liked it if when he was in school, he asked a teacher what is geometry? And her answer was, "If you're not going to be a mathematician, you don't need to know." How did that teacher know AJ wasn't going to become one and rewrite Einstein's Theory of Relativity?

Everyone, do any of you every remember you mothers or grandmothers telling you, "If you can't say something nice, don't say anything at all."?

If we all ask questions and get good answers, we all collectively become smarter..... and that can't be a bad thing.

Now I didn't write this post to start an argument or heated discussion, I just thought it might be my .02 of relevancy. Then again, AJ might think I should take my mothers advice and, If I can't say something nice, don't say anything. Haha!


Anyway, I remain, Patiently/Impatiently waiting for the release of the Droid X!
Click to expand...

Good point but if were looking at it that way I would say something more like this. I don't really know anything about math but what is Geometry? If you don't know math then you don't need to worry about Geometry, or that is how I took it. I thought he was just telling the TC that if he wasn't techie than he wouldn't need to worry about rooting.

I can see how it could have been mistook in a different way but he has already responded that it wasn't meant to be that way.

Anyways back on topic, I think it has already been answered at least more than I can say. kwest12 posted a couple of good links to follow.
 
Wolfedude88 said:
Good point but if were looking at it that way I would say something more like this. I don't really know anything about math but what is Geometry? If you don't know math then you don't need to worry about Geometry, or that is how I took it. I thought he was just telling the TC that if he wasn't techie than he wouldn't need to worry about rooting.

I can see how it could have been mistook in a different way but he has already responded that it wasn't meant to be that way.

Anyways back on topic, I think it has already been answered at least more than I can say. kwest12 posted a couple of good links to follow.
Click to expand...

Yes wolfy, that's true. I was at work when composing that reply and was called away in the middle of composing it, and didn't get back to completeing it 'til some time later. Then in the imterim AJ posted his reply that he didn't mean it that way, and I believe him. So, in the end I hope we're all good, because i'm sure we all ultimately want the same thing. A Droid X that works as it was intended, has no bugs or problems and makes everyone we show it to say, "Oh wow, you got one of the Droid X's? Cool!!!"

I remain, Patiently/Impatiently waiting for the Droid X!
 
dudes!!
get the phone. use it. you`re on this thread u already have interest.
get it try it, see if you like it.
no? u dont like it? sell it on ebay and wait for something different.
 
Lots of good info in the last page here guys. And I agree kwest. I'm really glad you got something like this out in the open and making people aware. I only hope the previous shenanigans haven't detracted at all from this thread.

@izomiac one of the best first posts I've seen in a while. Well done and welcome to the forums!
 
paul89 said:
That is one devs opinion, yes he could be right, and he could be wrong! It may never be rooted, or it might take only a week or it could be 6 months!
Click to expand...

Totally agree!

I really don't understand why there is such emphasis on this - ie waiting on every tiny little tweak and trying to gleen some timetable out of it.

The best advice remains the same: Buy the phone if it meets your needs in stock form. Wait to buy the phone if your needs require the phone to be rooted until it is rooted. Wait to buy the phone until it has the ability to load custom ROMs if your needs require the ability to load custom ROMs.

This likely isn't going to happen overnight!
 
sic0048 said:
Totally agree!

I really don't understand why there is such emphasis on this - ie waiting on every tiny little tweak and trying to gleen some timetable out of it.

The best advice remains the same: Buy the phone if it meets your needs in stock form. Wait to buy the phone if your needs require the phone to be rooted until it is rooted. Wait to buy the phone until it has the ability to load custom ROMs if your needs require the ability to load custom ROMs.

This likely isn't going to happen overnight!
Click to expand...

Or ever... You are going to wait a LONG time for this.
 
I am still gonna buy the phone on the 15th, and after a few months if it hasnt been rooted yet then I will move on to the next best phone from verizon.
 
You must log in or register to reply here.
Back
Top Bottom