jerdog · Jan 8, 2013 at 10:00 am

Unlock Bootloaders without Fastboot on Galaxy Nexus, Nexus 4, and 10

Bootloaders are like locks on a cookie jar: They’re just begging to be unlocked. When users on XDA see a locked bootloader, they immediately start looking for the accomplished developer who is working on hacking the device. It is for this reason that we like to hold Google Nexus devices as the gold standard for how manufacturers (and carriers) should approach their bootloaders, as well as firmware openness.

Nexus devices are easy to unlock: You go into fastboot mode, type ‘fastboot oem unlock’, and you’re done. Easy peasy. Of course, Google’s method involves an automatic wipe of your data, which functions as a pseudo-security measure. There of course is a way to get that data back after the wipe on the Galaxy Nexus, but what most users fail to think about is locking their bootloader again once they’ve gotten their ROM to where they want it to be. This opens up their device to all sorts of potential problems, especially those of the malicious kind.

Recently there has been talk about the Samsung Exynos 4 memory exploit, which leaves Exynos 4-based devices open to malicious attackers. With the fact that Samsung has never fixed the eMMC Brick Bug issue, which affects stock and non-stock Exynos 4 devices, you have the perfect storm of malicious attacker meets manufacturer negligence. Users can have their devices bricked and/or wiped in a matter of moments, and they would be none the wiser.

XDA Senior Member segv11 came across something in the Nexus bootloader, which is cause for concern for the Galaxy Nexus, Google Nexus 4 and Google Nexus 10. segv11 created a bootloader unlock, which does not follow the normal convention. Instead, it falls back on a process where you can keep your bootloader locked, and still keep a sense of security. He does this by simply changing a couple of bits in the /param partition, while keeping the bootloader locked for security reasons. XDA Elite Recognized Developer AdamOutler also released a similar process for the Galaxy Nexus back in April of 2012 which utilizes a brute-force method to unlock the bootloader by replacing the entire /param partition instead of just adjusting the bits.

This app highlights an issue with the way Google has chosen to lock the bootloader, especially when it’s easy to just change the aforementioned bit. What else is contained in there that can be hacked? What else is there that a malicious app, with root privileges, could potentially render your device a pricey brick? It’s for this very reason that we encourage users to be very careful before they mess around with their devices, and to make sure they read all of the instructions the developers put together beforehand.


_________
Want something on the XDA Portal? Send us a tip!
GermainZ · Mar 5, 2015 at 01:50 pm · no comments

HTC to Replace Swype with TouchPal

According to engadget (citing TouchPal as well as an internal source), HTC aims to replace Swype with TouchPal as the default input method in upcoming devices, including the new HTC One M9. The official TouchPal Twitter account also tweeted the engadget article about this, further confirming the move. What prompted this move? The CEO of CooTek, the company behind TouchPal, says it's because of their better contextual prediction and language support. If you actually look at the supported languages, you'll...

XDA NEWS
Emil Kako · Mar 5, 2015 at 12:10 pm · no comments

Do You Think the Apple Watch Will Be a Huge Success?

Many people are under the impression that once Apple finally launches its smartwatch, the market for wearables will suddenly become mainstream and be taken to the next level. Taking an idea that already exists and making it incredibly successful isn't something new to Apple, but does the Apple Watch have what it takes? The wearable hasn't even shipped yet, but has already won multiple awards and has been featured on numerous fashion magazine covers. Do you think the Apple Watch will be a huge success? Let us know your thoughts.

DISCUSS
Mario Tomás Serrafero · Mar 5, 2015 at 10:09 am · no comments

Huawei: A Giant the Western World Should Look Out For

The smartphone landscape is drastically changing its focus. What was once a North-America-centric monopoly of high-specification phones is now merely an afterimage of the past. The meat of the game is elsewhere now; emerging markets looking for good bang-for-buck are what OEMs are increasingly aiming towards, and in this new game the old players must adapt-or-die. Xiaomi has grown at one of the most notable rates in the industry, leading it to become the world's most valuable start-up; and its...

XDA NEWS
Share This