Slashdot Mirror

← Back to Stories (view on slashdot.org)

Motorola's Sholes Bootloader Unlocked

Posted by ryuzaki0 on from the not-the-doctor-with-the-homophonic-name dept.

teh31337one writes "Motorola's locked bootloader for their Sholes-family devices (Droid OG, Milestone, DroidX, Droid 2 etc, not Atrix 4G) has finally been cracked. @nenolod explains on his website: The Motorola Sholes platform uses a trusted bootloader environment. Signatures are stored as part of the CDT stored on the NAND flash. mbmloader verifies the signature on mbm before passing control. mbm verifies all other signatures before allowing the device to boot. There is a vulnerability in the way that Motorola generated the signatures on the sections stored in the CDT. This vulnerability is very simple. Like on the PlayStation 3, Motorola forgot to add a random value to the signature in order to mask the private key. This allowed the private key and initialization vector to be cracked. This comes at the time when HTC are also stepping up their attempts at locking down their phones . The recently released LTE flagship — ThunderBolt is their most locked-down phone to date ... They made signed images, a signed kernel, and a signed recovery. They also locked the memory."

9 of 283 comments (clear)

  1. Sorry, but no by Nuno+Sa · · Score: 5, Insightful

    Even with the cracked bootloader, the company's attitude is not good, so I won't buy a phone from them.

    1. Re:Sorry, but no by teh31337one · · Score: 4, Informative

      Even with the cracked bootloader, the company's attitude is not good, so I won't buy a phone from them.

      Speaking of which:

      December 20th, 2010 — Motorola notified of keystore vulnerability. No response received from Motorola.

      February 20th, 2011 — Motorola notified again of keystore vulnerability. No response received from Motorola.

      February 27th, 2011 — Motorola notified that keystore vulnerability will be disclosed to public on March 20th. No response received from Motorola.

      March 20th, 2011 — Keystore signature generation vulnerability publically disclosed including private key leak. Response received from Motorola legal.(C&D)

  2. Sorry, but my New Year's resolution... by Anonymous Coward · · Score: 5, Insightful

    ... as a programmer is to spend less time trying to hack, tweak, or otherwise add value to platforms owned by companies who want to strip away my rights as a user to modify and operate those platforms as I see fit.

    1. Re:Sorry, but my New Year's resolution... by GNUALMAFUERTE · · Score: 5, Funny

      Blackberry? That's the phone that comes with a trackball, right? I heard their next model will run IBM DOS 5.0 with DOS Shell, and it'll remove the trackball in favor of a 3-button rs232 ball mouse. The DB-25 connector will increase the form factor a little bit, but damn, I'm so buying that phone.

      --
      WTF am I doing replying to an AC at 5 A.M on a Friday night?
    2. Re:Sorry, but my New Year's resolution... by thegarbz · · Score: 4, Insightful

      Most of the people I know have Android or an iPhone, and they're all in search of charging outlets by early afternoon. Just can't see going back to that 90s-like level of utility, myself...

      With great power comes great battery drain. Utility is defined as being of practical use. In the 90s I had a phone that I could use to make a call and send some SMS. You want that? You got that. Buy yourself an Android phone, deactivate bluetooth, wifi and GPS. Turn off all bands associated with data transfer. Dim your screens to barely readable levels, and only ever turn on the display for the purpose to make a call. You'll find your battery will last close to 4 days. You'll also find you wasted a big portion of your devices capabilities.

      In terms of practical use the utility of the mobile phone has never been higher. While I was overseas I was able to click a button on my phone to turn it into a mobile access point so I could get my laptop on the internet. Yeah it chewed through battery but having that ability alone made it all worth while. While walking around Prague I was never once lost due to the GPS functionality. I was able to quickly look up public transport timetables and even book international train tickets. While sitting on the train I had a library of music available to me, and when the Japanese earthquake hit I found out about it while I was on public transport far away from a laptop or TV.

      The world is at my fingertips now, THAT is the utility of the modern phone, and you know what happens at the end of the day? I plug it in. Either to the wall, the car, or a common USB socket. My phone has never gone flat.

      As for lockdown... my phone was not locked to any provider out of the box. My phone was rooted in a matter of minutes. My phone has a custom kernel on it provided by the hobbyist hackers over at xda-developers. Neither of this added anything that the manufacturer didn't already provide, but instead simply bypassed my stupid carrier's slackness in providing updates. In fact the only thing I have so far found even slightly wrong on my phone is that I can't connect my Wiimote to it due to a bluetooth issue.

      Buy a Nexus S or one of the Samsung Galaxy variants.

  3. Wrong way, go back by axx · · Score: 4, Insightful

    Sorry, but we shouldn't have to fight teeth and nails to get proper access to devices we buy and own.

    Being locked out of our own legally purchased devices is NOT normal.

    Kind of like buying a computer and not being able to do what you want with it.

    Wait, what is this OSX upgrade you tell me about? Sounds great, and only 29.99!

    --
    No wit here.
  4. Re:I'm not that technically knowledgeable*... by Tukz · · Score: 4, Informative

    Android itself is relativity open, however, the vendors (Motorola, HTC, SE, etc) can lock it down if they want.
    Only 2 phones use Android in it's base form, everyone else use vendor modified versions.

    --
    - Don't do what I do, it's probably not healthy nor safe. -
  5. Re:Why do they do it? by bemymonkey · · Score: 4, Insightful

    In theory:

    1. To appease the carriers. The less control end users have over how they use their device, the better. This allows carriers to charge out the ass for things like tethering...

    2. Planned obsolescence. If every user could upgrade their device to the next version of Android easily, you'd get (*gasp*) people only buying a new phone every 4 years instead of every one or two...

    3. To minimize support costs - there's always a few idiots out there that'll brick their phones and then try to RMA them. Of course, switching to PC type OS upgrade/installation system would eliminate that problem right away.

  6. Wrong about HTC by AliasMarlowe · · Score: 4, Interesting
    From TFS:

    This comes at the time when HTC are also stepping up their attempts at locking down their phones . The recently released LTE flagship — ThunderBolt is their most locked-down phone to date.

    The submitter should know that the HTC Thunderbolt is just a customized variant of the HTC Desire HD provided for Verizon. Locking it up is almost certainly a Verizon-demanded attribute, and not an initiative from HTC. The Desire HD is unlocked in most of the world, and I doubt if a locked version can be obtained in countries with a more enlightened phone system.

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire