June 15, 2014 By: Will Verduzco
If you’ve ever owned an iOS device or a Sony PlayStation 3, you’ve more than likely heard the name George Hotz. Otherwise known as XDA Recognized Developer geohot, this New Jersey-based hacker gained notoriety for his work in jailbreaking and otherwise hacking the aforementioned devices. Now, using a recently discovered Linux kernel vulnerability, geohot has managed to root the Verizon Samsung Galaxy S 5.
The root exploit itself is built around Linux kernel CVE-2014-3153, which was recently discovered by hacker Pinkie Pie, and it involves an issue in the Futex subsystem that in turn allows for privilege escalation. Although expressly released for the Verizon Galaxy S5, the root exploit will realistically be compatible with practically every device with an unpatched kernel–which at this point should be nearly every device not running a recent nightly build of a custom ROM with a patched kernel. As such, it has also already been tested and found to work with the AT&T Galaxy S5, Nexus 5, Galaxy S4 Active, and AT&T and Verizon variants of the Note 3.
If you’ve got a Verizon Galaxy S5 or any other previously unrooted device and you want to get in on the root action, head over to the original thread and give towelroot a try. And if you need some background music while you root your device, head over to Geohot’s SoundCloud to listen to a song released 10 days ago advertizing Towelroot.
[Many thanks to XDA Developer Admin Pulser_G2 for the heads up and information!]
June 6, 2013 By: Pulser_G2
The UK newspaper The Guardian has revealed today that US CDMA telecommunications provider Verizon is secretly collecting and disclosing the telephone records of a huge number of subscribers (likely in the order of tens of millions of Americans) to USA’s National Security Agency (NSA), often cynically referred to as “Never Say Anything.” This classified, top secret court order, whose classification does not expire until April 2038, compels Verizon to provide, and continue to provide on an ongoing basis:
[...] an electronic copy of the following tangible things:
All call detail records or “telephony metadata” created by Verizon for communications
(i) between the United States and abroad; or
(ii) wholly within the United States, including local telephone calls
As if to somewhat diminish this, the order goes on to state it does not require Verizon to provide details of calls that start and end outside of the United States. This is little comfort, however, for any subscriber using the Verizon network, as the order goes on to detail the definition of the metadata requested. This includes the source and end-point telephone numbers, the IMSI and IMEI numbers, and the trunk identifier, among other things. The significance of this is that the presence of both the IMEI and IMSI numbers mean that Verizon is being forced to disclose information that identifies individual devices and handsets in use (the IMEI permits identification of the handset model in use, as well as the individual phone).
Quite why such top-secret blanket surveillance is required is obviously the top question right now. And while the NSA claims this is the equivalent to looking at a traditional letter’s envelope, it seems a somewhat tenuous link since letters do not contain an unchangeable identifier on them (IMEI) that can be tied back to you at the point of purchase.
While the NSA’s aims specifically exclude it from carrying out “spying” or surveillance on non-foreign targets, this is somewhat concerning, no?
Source: The Guardian
May 13, 2013 By: Conan Troutman
There has been a bit of a back and forth between the development community and Verizon lately, specifically relating to the Samsung Galaxy Note 2. It is perhaps best summed up by XDA Elite Recognized Developer AdamOutler:
“Well, this has been quite the saga thus far…
Us: Suck It Verizon (exploit)
them: Suck it XDA-Developers (OTA patch)
Us: Back Atcha Verizon (exploit)
them: Stop it XDA (OTA Patch)
Us: No You! (exploit)”
The combination of Adam’s CASUAL deployment system and Recognized Developer Ralekdev‘s exploits themselves has been continually providing Verizon Note 2 owners with the ability to free their device through each OTA. The pair have once again managed to undo the restrictions put in place by the latest update, and they have released that exploit to the public. Be aware that this is only for those who are running a completely stock ROM. If you are not stock and have already installed a custom recovery, this will cause you issues.
This exploit lifts the restrictions put in place by Verizon that prevent the device from running unauthorized software. Be warned that it will leave you unable to accept their OTA updates. However, you will now have a much friendlier bootloader, and who doesn’t want that?
For those of you who are running a stock ROM and looking to unlock their device, the usual rules apply. Windows(7/8)/Mac/Linux users can all make use of this cross platform tool, which will take you through the process quickly and easily. Make sure you have Java installed beforehand and you’re all set. As always, be prepared to take a log if you run into any issues, and make sure to have a thorough read through the development thread before starting the process.
Owners of the Verizon variant of the Samsung Galaxy Note 10.1 tablet will no longer feel left out, thanks to the unlock package that XDA Elite Recognized Developer AdamOutler posted late Friday night. Although he takes issue with the word ‘unlock,’ preferring to call it a ‘jailbreak’ because that term is exempted by the DMCA.
The process couldn’t be easier thanks to Adam’s CASUAL software. I’m sure you’ve heard of it before since it’s been features on XDA TV and several Portal posts. The software provides a GUI for scripts that use the Android Developer Bridge (ADB) and it works on Linux, Mac, and Windows. The power of CASUAL is well represented in this procedure. Adam’s demo video shows that clicking the Do It button and following the prompts is all it really takes. From there, the script performs an IROM unlock using exploits discovered by Lee Harrison (Recognized Developer Ralekdev).
Get your hands on the unlock package by heading over to the original thread. While you’re there, heed Adam’s warning about flashing once you unlock your Note. The exploit used leaves it vulnerable to being bricked if you flash a file not meant for this specific hardware.
We all know that Verizon seems to have some kind of fear of unlocked bootloaders, as is evident on their Samsung Galaxy S III and Galaxy Tab 2. We also know that XDA’s developers and device owners alike have a hatred of locked bootloaders, so there has to be some give at one point or another. And on this occasion, it’s a win for the developers and in turn, device owners.
XDA Forum Member id_ram managed to get his hands on a ‘prototype’ Verizon Galaxy Tab 2, which turned out to have an insecure bootloader. XDA Senior Member MrHyde03 then worked with id_ram to pull the required image files from the device and carried out further testing on his own device. If successful, he would have an unlocked Galaxy Tab 2. If unsuccessful, he would have a dead Galaxy Tab 2. Luckily for him, the former scenario played out, and the result of this can be found in the bootloader unlocking thread.
In order to unlock your bootloader, all you need to do is root your device, flash the insecure bootloader image, and enter a few simple commands using adb or a terminal window.
August 29, 2012 By: jerdog
Since the unveiling of the original Nexus device, Google has made it a point to state that owning a Nexus device means you’ll be on the fast track to new OS updates. However, this has not been the case for owners of the CDMA variants of the Galaxy Nexus.
At Google I/O 2012, the GSM Galaxy Nexus received Jelly Bean. Around that time, the bookies and odds makers in Vegas began taking bets on when the CDMA versions would be as lucky. It’s been three months now, and neither the Sprint nor Verizon Galaxy Nexus have been updated. But maybe that is changing.
As of last night, reports began coming in about an update notice that began appearing for certain Verizon Galaxy Nexus owners. After investigation, XDA Senior Member oldblue910 determined that it is test build JRO03O, and requires a lengthy process to be able to apply the update, which requires you to first return to the IMM76Q update, flash to IMM76K, and finally apply the JRO03O update. You will need to be unrooted and stock in order to apply the update, but if you are so inclined feel free to download the update directly from Google’s servers.
February 11, 2012 By: Ian Stacy
The Motorola Droid Bionic has been updated to 5.9.902 via an over the air update that started this week. 5.9.902 brings a host of new features, improvements and fixes. You can view the full changelog from Verizon here. Some of the more notable improvements include fixes for black screen lockups, dock lockups, idle resets and improvements to the camera and several system apps.
While some users maintained root after the update, XDA users began reporting in this thread that the update did, in fact, disable root access. Those that used the ’43V3R Root’ method have reported success preserving root after updating. All current root methods have been unsuccessful in rooting .902 after the update.
Is there any hope for those who already applied the update? Forum members have confirmed that it is possible to downgrade to .893 with RSD Lite, so take solace in the fact that you can flash to stock and start over. If you haven’t updated yet, XDA Senior Member tuckmobile has created a step by step guide to rooting, applying the permanent root script and updating to 5.9.902. You can check out his full guide here or just the instructions to apply the update here.
February 3, 2012 By: Ian Stacy
If you have a phone with an NFC chip and aren’t using Google Wallet, now’s your chance. Check out this thread for reports of working NFC payment locations.
How many carriers does it take to screw up a lightbulb? One, if the lightbulb represents a good idea, but the other carriers are certain to join in, anyway. Google’s Nexus family is that good idea.
According to 9to5Google, Verizon will block Google Wallet on the Samsung Galaxy Nexus in favor of its own product, Isis–a competing payment app, collaboratively created with AT&T and T-Mobile. Google Wallet won’t come installed on the Android Market on Verizon. (But note, Verizon said they are not blocking Google Wallet. It’s simply “not supported.” On Google’s own phone.) To repeat myself, the latest Nexus phone, Google’s yearly zenith of innovation, will sport bloatware.
Amidst the tidal stench of phones crusted over with all the crap carriers and manufacturers stick on them, the Nexus line is a fresh, relieving breeze. Or was. I don’t know what Google was thinking, agreeing to smudge their own idealism and the Nexus’ purity. In fact, I don’t know what Verizon was thinking. There will be other phones. Plenty of them. It won’t be long until those phones out-perform the Galaxy Nexus. Why this phone? Why right now?
It takes a special sort of consumer to buy a Nexus. These people are looking specifically for the Google experience. They want pure, unadulterated Android. I don’t care whether Google Wallet sucks. It’s part of the Google experience. I don’t care if your alternative is way better. It’s not part of the Google experience. So, for this special sort of consumer, where’s the incentive to buy the Samsung Galaxy Nexus, now?
While I doubt this will be a huge factor in sales, I think Verizon is shooting itself in the lower extremities. Let’s hope that AT&T and T-Mobile, the other founders of Isis, aren’t so self-absorbed and impatient that they completely ignore the whole point of the Nexus family. Stay tuned for the fourth Nexus phone in 2012, where Google makes sure the Nexus brand is absolutely meaningless, featuring Android Jellybean, a trial version of Asphalt 7 and locked bootloader.
Please let us know how you feel in the comments.
I was thinking about the HTC Rezound today. I do that sometimes–sit down and let my thoughts wander. I thought about its three-way fight within Verizon against the Samsung Galaxy Nexus and Motorola Droid RAZR, and how it will fare this Christmas season. I also thought about TrevE’s work on HTC’s astounding Carrier IQ screw-up. And I came up with a target market based on privacy and security to whom no manufacturer has managed to sell phones yet: the hopeless-paranoid.
See, on one extreme, there’s the non-paranoid. These people either think they have everything under control or don’t care if they have control. They’re the ones who buy crappy phones on contract. They have no interest in phones, it’s just something they use and could easily afford at the moment.
At the opposite extreme, there’s the empowered-paranoid. These are developers and other early adopters who use independent development. They constantly seek the best phones either because it shouldn’t have the flaws of crappier phones, or because, if it does have problems, they can do something about it and not feel like they’re wasting time developing for sub-par hardware.
If we imagine a square to give a two-dimensional range to my envisioned market, in another corner are the paranoid-curious. These people don’t worry too much, but their brains pump out thoughts often enough that they can at least spare a few to consider the advice of developers and early adopters. That means worrying about privacy and security to some degree. They buy higher-end phones because the empowered-paranoid–who are, again, developers and early adopters–encourage it.
Then there’s the hopeless-paranoid. These people have all the security and privacy concerns of developers, yet feel they have no way to correct it. Which phones do they buy? They don’t. The only thing they know to do when they’re worried about their privacy is to avoid the thing that makes them worry. They aren’t worried about specific security issues–they don’t actually know enough to worry like that. They’re worried about everything. They say things like, “I don’t want people to be able to call me no matter where I am.” We’ve all heard lines like that, and we all know it’s silly. If you don’t want to talk to people at a certain time, turn off your phone. No, they’re worried about more than being so accessible.
Now, you may be asking, is there actually any reason to be paranoid? I guess that depends. I reread some of the articles egzthunder1 wrote covering all TrevE’s amazing work exposing the dirty little secrets of HTC and the carriers. And while he focuses on HTC phones, make no mistake that other manufacturers are doing the same.
So yes, I think paranoia is justified. And thank goodness for all the developers that work so hard to strip Carrier IQ and their ilk from ROMs. To a certain extent, thank goodness for the manufacturers and carriers that openly support development by not locking down devices. To the carriers and manufacturers who try to keep us from developing their devices, let me introduce you to the above four target markets. I suggest you change your minds. To HTC specifically, we see how developer-friendly you’re trying to be, but we see your devotion to carriers like Verizon more. You need to decide that Peter Chou lied and bootloaders will not be unlocked, or you need to stand up for yourselves.
There is a point to all this. As I said, I was thinking about the HTC Rezound, announced last week. And since it’s on Verizon, its bootloaders will probably be locked. That’s a clear move to prevent development. So do something for me: pretend the bootloader can’t be unlocked through exploits. We can’t get S-Off, we can’t get root, no custom bootloader, no custom kernels or custom ROMs. To put it simply, developers can’t develop. All that paranoia and nothing can be done about it.
Which of those four groups of people does that sound like? That’s right. The hopeless-paranoid. The people who don’t buy phones. Except, in this case, they don’t buy your phones. The only difference is, developers influence the buying habits of that large group of paranoid-curious people. The HTC Rezound? Great specs. Too bad the bootloader won’t be unlocked. And doubly too-bad, HTC, that you made the Rezound exclusively for Verizon, the US carrier certain to get the Samsung Galaxy Nexus.
Merry Christmas, HTC. Perhaps you’ll remember us in your New Years resolutions.
October 24, 2011 By: azrienoch
Verizon Wireless breaks the law if the bootloaders are locked on some phones. By the end of this article, you’ll know why.
As I was recording my show for XDA TV this week, I had a moment. You can see it for yourself. I was recapping my article about Motorola and Verizon not unlocking the bootloader for the Droid RAZR. The line I delivered was, “The international version of the Droid RAZR will be shipping with an unlocked bootloader. Now, this could be that Motorola wants to compete with the Galaxy Nexus…” That’s when I had my moment, and added, “which is funny because that’s also going on Verizon.”
In that moment, I realized that Motorola must be lying. Why can some devices and manufacturers unlock their bootloaders, and not others? But I was wrong. (Congratulations, Motorola, on your newfound sense of freedom!) The Galaxy Nexus is special for two reasons. First, it’s Google’s phone. Second, it’s likely that the Galaxy Nexus’ LTE radio uses Block C frequencies.
Not many people know what the C Block is. I didn’t either. Andrew Krug of AndroidActivists told me about it, and we spent the night poring over research. Verizon has the largest 4G network because they bought it in 2008. At the time, the 700 MHz radio frequencies brought you your favorite broadcast television shows. When television switched from analog to digital, they became your 4G networks.
When the Federal Communications Commission announced the auction to sell the 700 MHz band, they broke it into five different “blocks”, each with different regulations according to how widespread they are. This created a Goldilocks sort of situation. Block D has the largest area, but comes with more clauses than malls have during the Christmas season. Plus, you’re supposed to be a public service agency. Blocks A, B, and E are small potatoes. But Block C was just right. Few regulations, lots of breadth.
It was so good, in fact, that the FCC tacked on a few more regulations, encouraged by Google. Unless Block C sold for less than $4.6 billion, it comes with an open access provision. Google pledged $4.6 billion to ensure Block C comes with the open access provision. The open access provision requires Verizon to “not deny, limit, or restrict the ability of their customers to use the devices and applications of their choice on the licensee’s C Block network.” It goes on to say, “The potential for excessive bandwidth demand alone shall not constitute grounds for denying, limiting or restricting access to the network.” Verizon bought Block C and tried to have the provisions removed. They failed. The provisions are still there, Verizon has the Block C license. That means if a device uses the Block C frequencies, Verizon cannot insist what apps or firmware it runs. It also means they can’t limit data plans for those devices. Which is odd, because I remember Verizon dropping unlimited data plans back in July 2011.
So the question is, do any devices use Block C frequencies? Yes. Some are called Hotspots. Others are called the HTC Thunderbolt. There may be more, those are simply the two I know about and confirmed. The Hotspots are a non-issue. They comply with FCC regulations as far as I’m aware. The HTC Thunderbolt, on the other hand, does not. In the list of rules and exceptions for the Block C license, it says this:
Handset locking prohibited. No licensee may disable features on handsets it provides to customers, to the extent such features are compliant with the licensee’s standards pursuant to paragraph (b) of this section, nor configure handsets it provides to prohibit use of such handsets on other providers’ networks.
In case you’re wondering, Paragraph (b) is what I previously quoted from the FCC’s open access provisions document. Last I checked, HTCdev does not offer a bootloader unlocking solution for the HTC Thunderbolt. Is this HTC’s fault? No. Their website states, “HTC is committed to assisting customers in unlocking bootloaders for HTC devices. However, certain models may not be unlockable due to operator restrictions.” And having personally met the HTCdev team, I believe them.
That leaves Verizon. Good ol’ Verizon. Breaking the law since May, at the latest. If you owned a Thunderbolt, please file a complaint with the FCC. Select Wireless Telephone > Billing, Service, Privacy, Number Portability and other issues > Online Form. Fill out your information, scroll down, fill out 1 and 2, skip 3 and 4. Then in 5, tell the FCC that your phone’s bootloader was sold to you locked and still is, even though it uses Block C (reag) frequencies.
Don’t worry. The FCC said they’re committed to enforcing the open access provision. We’ll see how fast Verizon turns things around. If you know of any other devices that use frequencies between 746 and 757 MHz, and also 776 to 787 MHz, please send a message to me or any Portal News Writer. Thanks.
UPDATE: David Ruddock over at Android Police was kind enough to further explain the situation. For those of you coming from his article, or who share his criticisms, this article is not erroneous or short-sighted. David’s article does an excellent job of sobering us to how difficult the struggle will be to get the FCC to move. The loophole Verizon will undoubtedly use to excuse their actions is in the phrase, “reasonable network management,” from paragraph (b)(1), though we don’t know that for sure because Verizon has never addressed the issue. But David’s points do not invalidate this article for two reasons:
1) David’s assessment of the standards by which “reasonable network management” is determined are fairly simple, and I say fairly accurate. Do the other major cellular providers use the same security and management standards? Yes. Okay, seems reasonable. But locking bootloaders is not “reasonable” by the same standard. Most carriers do not exact this method of network management. Therefore, not necessarily reasonable.
2) The issue of Verizon’s double-standard concerning bootloaders is entirely ignored, even though this article began with it, and is based on it. Verizon will supposedly defend locking bootloaders because rooting and flashing pose a threat to network security and management (which is debatable), and therefore reasonable to do. However, they do not require the bootloaders to be locked on all their devices. Samsung’s bootloaders are unlocked, including on phones like the Galaxy Nexus and the Samsung Droid Charge. Why not allow HTC, Motorola, LG, etc. to unlock their devices? This double-standard invalidates the “reasonable network management” defense.
These questions must be satisfied for Verizon to be within the law.
As you may already be aware of, Verizon announced that the Motorola Droid X will be receiving a little treat for its users. The Froyo update will start rolling out on 9/22 at Noon Eastern Time. The release will include the following enhancements:
These updates were expected and the enhancements are pretty standard across all Android phones running 2.2. Hopefully, this will lead to some more full rooting possibilities and exploits, Enjoy the Froyo!