Motorola's Sholes Bootloader Unlocked 283
teh31337one writes "Motorola's locked bootloader for their Sholes-family devices (Droid OG, Milestone, DroidX, Droid 2 etc, not Atrix 4G) has finally been cracked. @nenolod explains on his website: The Motorola Sholes platform uses a trusted bootloader environment. Signatures are stored as part of the CDT stored on the NAND flash. mbmloader verifies the signature on mbm before passing control. mbm verifies all other signatures before allowing the device to boot. There is a vulnerability in the way that Motorola generated the signatures on the sections stored in the CDT. This vulnerability is very simple. Like on the PlayStation 3, Motorola forgot to add a random value to the signature in order to mask the private key. This allowed the private key and initialization vector to be cracked. This comes at the time when HTC are also stepping up their attempts at locking down their phones . The recently released LTE flagship — ThunderBolt is their most locked-down phone to date ... They made signed images, a signed kernel, and a signed recovery. They also locked the memory."
Re:Getting worse? (Score:4, Informative)
Fake (Score:2, Informative)
According to the Guys from #milestone-modding (nadlabak, xvilka,...) the keys and the Story is a fake/hoax.
Does nobody check this before releasing News?
Re:Sorry, but my New Year's resolution... (Score:2, Informative)
My Droid is plugged in every 2-4 days depending on usage.
Re:I'm not that technically knowledgeable*... (Score:5, Informative)
Android itself is relativity open, however, the vendors (Motorola, HTC, SE, etc) can lock it down if they want.
Only 2 phones use Android in it's base form, everyone else use vendor modified versions.
Re:I'm not that technically knowledgeable*... (Score:4, Informative)
A guess as to what "Open" refers to in this context: Android is open source. iOS is not... Basically, anyone can put Android on their device.
Unfortunately, this doesn't mean that the manufacturers of mainstream Anroid devices can't lock them down so the people that buy them can't put on their own versions of self-baked Android. It's not Android's fault, but it damn well is Android's problem :(
Re:Why the hell? (Score:3, Informative)
As an observation, it should be noted that NOTHING of what they've done up to this point has honestly prevented anything like spewing packets on their network. The malware that got onto the phones through the app stores managed this all on it's own very nicely- and saying that this is a good reason for Apple's walled garden approach, is wrong as well as they had their malware incidents too.
Protecting their network isn't the reason.
Re:Sorry, but no (Score:5, Informative)
Even with the cracked bootloader, the company's attitude is not good, so I won't buy a phone from them.
Speaking of which:
December 20th, 2010 — Motorola notified of keystore vulnerability. No response received from Motorola.
February 20th, 2011 — Motorola notified again of keystore vulnerability. No response received from Motorola.
February 27th, 2011 — Motorola notified that keystore vulnerability will be disclosed to public on March 20th. No response received from Motorola.
March 20th, 2011 — Keystore signature generation vulnerability publically disclosed including private key leak. Response received from Motorola legal.(C&D)
Re:Sorry, but no (Score:4, Informative)
N900 is a 3 year old phone. call me when Nokia makes a modern version.... of which they will not because they are now a all Microsoft shop. Nokia's dead man, the body just hasn't stopped moving.
Re:Sorry, but no (Score:4, Informative)