Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Unlocks Galaxy S4 Bootloader For AT&T, Verizon Phones

Posted by Soulskill on from the achievement-unlocked dept.

Trailrunner7 writes "Those of you who like to tinker and jailbreak Android phones should take notice of some new research conducted on Samsung Galaxy S4 Android devices shipped by AT&T and Verizon. Both devicemakers ship the Galaxy S4 smartphones with a locked-down bootloader that prevents users from uploading custom kernels or from making modifications to software on the phone. Azimuth Security researcher Dan Rosenberg has found a vulnerability in the manner in which the devices do cryptographic checks of boot image signatures and was able to exploit the flaw and upload his own unsigned kernel to the device."

9 of 75 comments (clear)

  1. not a true unlock by LiENUS · · Score: 5, Informative

    Unfortunately this is not a bootloader unlock, it allows you to load unsigned kernels and recovery images but the bootloader must be exploited each time you install a new image. Further it's easily fixed and the next OTA from at&t/vzw is expected to patch it.

    1. Re:not a true unlock by VortexCortex · · Score: 5, Interesting

      It's morel like if you forgot to lock your back door so your neighbor slips in it once or twice, you notice lock the back door and its back to secure.

      Yeah, it's like that, but also: Then the neighbor slips in your window instead. So, you lock that. Then you notice them crawling in right through the damn wall?! Oh, that's right you live in a Swiss Cheese Shanty. Bah, but who cares, you'll be moving out soon -- You're building a whole new home, and it's going to be Sweet! Most Secure System Ever. No ones ever tried to tunnel their way into a Funnelcake Fortress before!

      Meanwhile the list of your previous homes includes Calamari Castle, Macaroni Mansion, and a Doughnut Domicile, so it doesn't seem like the future bodes well for your boot-locking strategies.... Oh! What about a Footwear Flat? I know an old lady looking to part with one on the cheap, roof's a bit 'leaky' though...

    2. Re:not a true unlock by 228e2 · · Score: 5, Funny

      Well, I followed your analogy, but now im hungry . . . .

      --
      Since when does being a Socialist mean 'someone who has a different opinion than me'?
    3. Re:not a true unlock by AmiMoJo · · Score: 5, Insightful

      A smart person doesn't buy a carrier locked phone in the first place.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. Real News: Galaxy S4 not easily unlocked yet! by crow · · Score: 5, Insightful

    The real news to me is that the Galaxy S4 is not already easily unlocked. I would have assumed that with the S3 being easily unlocked that the S4 would be similar.

    I would think the best strategy for the phone companies and the handset makers would be to make it just difficult enough that most people wouldn't bother, but easy enough that people who really care wouldn't avoid the phones.

    1. Re:Real News: Galaxy S4 not easily unlocked yet! by crow · · Score: 5, Insightful

      Actually, it costs $237 to make one, so the price to consumers in a competitive market would probably be about $400 now while it's the latest and greatest thing, or $300 in six to twelve months. And of course, there should be a competitive market for financing for those who want to pay for it in installments.

    2. Re:Real News: Galaxy S4 not easily unlocked yet! by the_B0fh · · Score: 5, Insightful

      You are shitting me right? Talk about self indulgent pricks. If you want an unlocked S4, go buy it from Google's Play Store. Only $650 or so.

      The reason cell companies have $200 S4 is because they're fronting the money for it, and they want to make it back up (plus a nice multiplier, obviously) over the next 2 years. That is why your data plans are also so expensive, because they know once they've locked you in, you can't move for 2 years.

      And in 2 years, they front another $400 for you, so that you can get the S6 for $200. And they continue to milk you.

      But make no mistake about it - the S4 does *NOT* cost $150, and only a fucking moron thinks it does.

  3. AT&T and Verizon are not "devicemakers" by EmagGeek · · Score: 5, Informative

    Samsung is the device maker.

  4. How hard is it? by Anonymous Coward · · Score: 5, Interesting

    When the phone powers up, there is usually a watchdog circuit that holds a pin low (ground) for a short time, usually 50-100ms, then it allows the pin to rise, and that pin then allows firmware to be loaded which starts the bootloader process (or is the bootloader process). Usually you can short that pin, and after the amount of time required to load the OS, the firmware can be updated (reflash the chip with new bootloader/os). I realise finding the pin and reflashing the chip can be a bit of a job, but its not impossible (I've used techniques like this to unbrick/reflash bootloaders in routers and other devices, and likewise upload new firmware).