# Something to understand about VZW and their bootloaders



## douglasf01 (Mar 14, 2012)

I am the owner of a Samsung Galaxy S 3 through verizon and I am trying to make sense of something.

If Verizon and Samsung both state that unlocked devices are not supported on the verizon network, then why would samsung release a developers edition of the GS3 that just has a unlocked bootloader? On top of that if devices have unlocked bootloaders how is it devices such as the galaxy nexus can work without a glitch or other devices such as the samsung fascinate? I am lost.


----------



## ImaComputa (Sep 8, 2011)

Congrats, you just figured out that VZW logic doesn't make sense  They also let computers with air cards and whatever software you want yet some how those don't count I guess?


----------



## douglasf01 (Mar 14, 2012)

Well in all truth, what mobile carriers logic makes real sense? Verizon however takes the cake, to say that it will cause this phone to be unusable and unstable on the verizon network is a bit absurd. It just amazes me how I have had multiple phones through them and this is the first one that has a huge road block in front of it.


----------



## con247 (Nov 30, 2011)

Honestly I don't think factory unlocked boot loaders are a good thing. They are a security risk to the user. I think HTC dev style opt-in unlock is the way to go.

Sent from my Galaxy Nexus using Tapatalk 2


----------



## Devator22 (Dec 26, 2011)

When the droid x came out and met success, that told Verizon that people did not value unlocked boot loaders. And as long as phones with locked boot loaders outsell those with open ones, then Verizon will keep locking them down. Every time you buy a phone with a locked boot loader, you are telling Verizon that you are okay with it.

Sent from my Vanir'd G-nex via tapatalk


----------



## douglasf01 (Mar 14, 2012)

I understand security is something to consider with all devices across the board, but when you release devices to all carriers and then lock down a VZW device weather it be by samsungs doing or per verizons instructions its just stupid not to release a development tool set to unlock this after the fact for those who wish to develop for this phone. What was the mentality behind this? (i dont expect anyone to have the answer)


----------



## douglasf01 (Mar 14, 2012)

@devator22 though the general public may not value unlocked boot loaders, it is blatantly obvious there is a huge dev community for these phones and that is something to take in to consideration.


----------



## Devator22 (Dec 26, 2011)

douglasf01 said:


> @devator22 though the general public may not value unlocked boot loaders, it is blatantly obvious there is a huge dev community for these phones and that is something to take in to consideration.


If it was important, Verizon wouldn't be jerking us around. I see devs buying razrs and I see devs buying the sgs 3. These phones have locked boot loaders, and it was known before they came out. Motorola has been promising an unlock tool for months, and like starving dogs people snatch up any little morsel they can get. If it was truly something that was important, then people would not be rejoicing because their phones might be unlocked, but they would be saying hmm, maybe I will consider Motorola again. Time and time again, it has been shown that people will buy a phone with a locked boot loader even if they claim that to be an important factor. So, no, we don't have to be considered, because for the vast majority of us, the minority among consumers, we have proved that people would rather buy a phone they know is not what they want, and complain about it later, rather than stand up and take their business elsewhere. The Verizon sgs3 is the only Samsung phone in existence with a locked boot loader, but is still the best selling android phone to date. There is one account of someone returning it for this reason. Corporations might have to listen to 300,000 people, but you can't tell me they have to consider one person.

Tl;dr; we are the reason Verizon phones have locked boot loaders.
/rant

Sent from my Vanir'd G-nex via tapatalk


----------



## TechSavvy (Oct 7, 2011)

douglasf01 said:


> @devator22 though the general public may not value unlocked boot loaders, it is blatantly obvious there is a huge dev community for these phones and that is something to take in to consideration.


And as "huge" as you may think the dev community is, it only actually accounts for 0.5% of the sales. They are focused on the other 99.5% people who don't even give a f*ck what a bootloader is......unfortunately...... Its all about making sales, and not having to shell out extra devices for people bricking. I know, it sucks. But I doubt they change that anytime soon.


----------



## yarly (Jun 22, 2011)

douglasf01 said:


> I am the owner of a Samsung Galaxy S 3 through verizon and I am trying to make sense of something.
> 
> If Verizon and Samsung both state that unlocked devices are not supported on the verizon network, then why would samsung release a developers edition of the GS3 that just has a unlocked bootloader? On top of that if devices have unlocked bootloaders how is it devices such as the galaxy nexus can work without a glitch or other devices such as the samsung fascinate? I am lost.


They are not lying by saying what they said. They don't allow unlocked (by default when sold) devices on their network. However, they do allow devices that can be unlocked on their network. That's the difference. No device comes unlocked by default, not even the GSM Nexus devices. It's a security issue.

Verizon does do everything in their power to sell devices that cannot be unlocked though.


----------



## dvader (Jul 3, 2011)

con247 said:


> Honestly I don't think factory unlocked boot loaders are a good thing. They are a security risk to the user. I think HTC dev style opt-in unlock is the way to go.
> 
> Sent from my Galaxy Nexus using Tapatalk 2


I will disagree with you. android is open source and most all of the roms are viewed by MANY people, also sites like rootz screen developers before giving them the dev tag. it's not like someone is going to download some obscure rom and get malware. and honestly the bottom line is if you modify/hack your phone then YOU and YOU ALONE are responsible for what happens, you take that responsibility when you modify your phone.
I for one already have a mother and father, I don't need verizon telling me what i can and can't do with a product that i purchase.
if they are that concerned then make it so user can opt out of warranty rights if they modify their phone.. problem solved..
verizon is doing this just to piss us off..


----------



## fordtheriver (Jun 30, 2011)

dvader said:


> I will disagree with you. android is open source and most all of the roms are viewed by MANY people, also sites like rootz screen developers before giving them the dev tag. it's not like someone is going to download some obscure rom and get malware. and honestly the bottom line is if you modify/hack your phone then YOU and YOU ALONE are responsible for what happens, you take that responsibility when you modify your phone.
> I for one already have a mother and father, I don't need verizon telling me what i can and can't do with a product that i purchase.
> if they are that concerned then make it so user can opt out of warranty rights if they modify their phone.. problem solved..
> verizon is doing this just to piss us off..


As per the rules of biology, every mammal has a mother and a father.
As per the rules of business, it's about money.
Verizon is doing this because they have arcane ideas ingrained in their business practice. Unlocked phones mean less control. Less control means less ability to funnel the masses into:
paying for wifi tethering.
pushing bloatware (VZW Navigator...VZW tunes...etc) that made VZW LOTS of money five years ago but with the smartphone market you can get cheaper/free and better software that provides these features without going through VZW for it. [Sidenote, wtf is with Backup Assistant being literally melded into TouchWiz's System Settings?! Google does a great job of backing up and restoring my contacts and NO I do not want to pay monthly for backup storage space for photos (dropbox!). I had to tell the VZW rep to stop whatever she was doing once she mentioned Backup Assistant when she was "helping" me activate my phone by putting in the new slimmer sim card and turning it on]
block Google Wallet for a rival payment system VZW agreed to but has yet to push
a couple of other ways I can't think off the top of my head that having freedom withdraws their ability to milk as much money out of their customers as they can
Really, just follow the money. That's what it's about. We still buy the phones as Devator22 pointed out. Luckily we have talented devs who come up with ingenious ways around this crap (most of the time).
As long as we have a work around, there's nothing to be pissed about. Unless you want to rage against the machine "occupy" style, in which case, yes, they are doing it to personally piss us off.


----------



## con247 (Nov 30, 2011)

dvader said:


> I will disagree with you. android is open source and most all of the roms are viewed by MANY people, also sites like rootz screen developers before giving them the dev tag. it's not like someone is going to download some obscure rom and get malware. and honestly the bottom line is if you modify/hack your phone then YOU and YOU ALONE are responsible for what happens, you take that responsibility when you modify your phone.
> I for one already have a mother and father, I don't need verizon telling me what i can and can't do with a product that i purchase.
> if they are that concerned then make it so user can opt out of warranty rights if they modify their phone.. problem solved..
> verizon is doing this just to piss us off..


I am talking like a browser based attack (ie: jailbreakme.com on iphone) or an app based attack on a phone (without the user's knowlege) could do ALOT more damage with an unlocked bootloader than a locked bootloader. Therefore, if you unlock it yourself, you know what you are getting into.


----------



## fused2explode (Jan 6, 2012)

dvader said:


> I will disagree with you. android is open source and most all of the roms are viewed by MANY people, also sites like rootz screen developers before giving them the dev tag. it's not like someone is going to download some obscure rom and get malware. and honestly the bottom line is if you modify/hack your phone then YOU and YOU ALONE are responsible for what happens, you take that responsibility when you modify your phone.
> I for one already have a mother and father, I don't need verizon telling me what i can and can't do with a product that i purchase.
> if they are that concerned then make it so user can opt out of warranty rights if they modify their phone.. problem solved..
> verizon is doing this just to piss us off..


You realize you're disagreeing to his idea about HTC opt-in unlock right? Most devs would agree with this idea... matter of fact anyone who has ever signed an APK or a ROM zip with a test key or a private key would tell you the cons outweigh the pros of factory unlocked phones. He's suggesting an easy unlock solution for end users while not compromising the security of 90% of end users who don't have any idea what any of that means.


----------



## con247 (Nov 30, 2011)

fused2explode said:


> You realize you're disagreeing to his idea about HTC opt-in unlock right? Most devs would agree with this idea... matter of fact anyone who has ever signed an APK or a ROM zip with a test key or a private key would tell you the cons outweigh the pros of factory unlocked phones. He's suggesting an easy unlock solution for end users while not compromising the security of 90% of end users who don't have any idea what any of that means.


Exactly my point! I am glad I am not alone. Even Nexus-style unlock is fine. But it shouldn't be shipped unlocked. It could present huge security problems for companies if their employee's phone is stolen and you can easily install a custom recovery and dump all the files.


----------



## ImaComputa (Sep 8, 2011)

Devator22 said:


> If it was important, Verizon wouldn't be jerking us around. I see devs buying razrs and I see devs buying the sgs 3. These phones have locked boot loaders, and it was known before they came out. Motorola has been promising an unlock tool for months, and like starving dogs people snatch up any little morsel they can get. If it was truly something that was important, then people would not be rejoicing because their phones might be unlocked, but they would be saying hmm, maybe I will consider Motorola again. Time and time again, it has been shown that people will buy a phone with a locked boot loader even if they claim that to be an important factor. So, no, we don't have to be considered, because for the vast majority of us, the minority among consumers, we have proved that people would rather buy a phone they know is not what they want, and complain about it later, rather than stand up and take their business elsewhere. The Verizon sgs3 is the only Samsung phone in existence with a locked boot loader, but is still the best selling android phone to date. There is one account of someone returning it for this reason. Corporations might have to listen to 300,000 people, but you can't tell me they have to consider one person.
> 
> Tl;dr; we are the reason Verizon phones have locked boot loaders.
> /rant


Actually nobody knew the sg3 on vzw was locked and everybody figured Samsung, who has a history of open devices and left the other variants unlocked, wouldn't pull that but here we are.

Isn't the gnex one of the hardest phones to brick because of its openness? In regards to the security talk I thought the most vulnerable attack vector would be through root privileges on rooted devices. Malware wouldn't really need to change the kernel to do its damage, right?


----------



## dvader (Jul 3, 2011)

fused2explode said:


> You realize you're disagreeing to his idea about HTC opt-in unlock right? Most devs would agree with this idea... matter of fact anyone who has ever signed an APK or a ROM zip with a test key or a private key would tell you the cons outweigh the pros of factory unlocked phones. He's suggesting an easy unlock solution for end users while not compromising the security of 90% of end users who don't have any idea what any of that means.


I read it as *unlockable*
it was late......


----------



## Goose306 (Sep 12, 2011)

ImaComputa said:


> Actually nobody knew the sg3 on vzw was locked and everybody figured Samsung, who has a history of open devices and left the other variants unlocked, wouldn't pull that but here we are.
> 
> Isn't the gnex one of the hardest phones to brick because of its openness? In regards to the security talk I thought the most vulnerable attack vector would be through root privileges on rooted devices. Malware wouldn't really need to change the kernel to do its damage, right?


^^^ This. While Verizon has a history of locking devices, Samsung had no prior history to support something such as that happening. People ordered the phone because they DIDN'T expect that. Apparently you didn't check the S3 forums around launch day, as there was basically a metric buttload of nervous old Moto users (such as myself) who thought we'd just gotten one-overed; what with us basically being locked into the phone with the end of unlimited and locked bootloader. Thankfully it was bypassed pretty damn fast, even if it is hacky.

In regards to the security of locked devices versus unlocked devices as far as the phone itself not turning into a paperweight there is good things to be said about both sides but it depends on how locked it is. A lock like the d2vzw is a dangerous lock, IMO. It doesn't do full signature checks across all partitions so it DOES allow flashing of non-supported files (possibly even for files that are not for our device such as the International variant; which can change partitions, including for download mode!) but because its locked we can't do bootloader replacement which means we can flash bad files but then not save it. Fully open devices (when unlocked, of course) benefit from being nearly unbrickable if done right since you can basically replace all partitions and rewrite them as needed.

That being said, if ALL partitions are checked regarding hardware-level firmware and bootloaders in the chain; and the bootloader is protected from overwrite unless explicitly signed by factory code; then it is also nearly unbrickable. My best example would be the venerable DX. Everyone hates that encrypted bootloader, and Moto's crap, but the DX had that one extra step which was the eFuse. If one attempted to overwrite firmware with something that the signature check failed (either custom, or from a version that was outmoded and no longer supported, or a different device, etc) it would kick the eFuse and put the phone in bootloader for safety. Obnoxious, as you had to rely on factory leaks for SBFs and you had to SBF, but if you had the SBF needed, you ultimately couldn't brick it.

I tried my damndest to brick mine when I had it, running commands to write bootloaders to it, various kernels either signed or unsigned by Moto, custom SBF files I'd hacked into and patched together from different phones, everything, including overwriting the mbm signature check. Im-freaking-possible. So while it is a massive roadblock as far as development is concerned, there's also a certain level of safety that comes with it that feels cozy. But this is really device specific, and relies on lots of different factors, such as already having the factory SBF image, etc.


----------



## jlokos (Mar 7, 2012)

Goose306 said:


> ^^^ This. While Verizon has a history of locking devices, Samsung had no prior history to support something such as that happening. People ordered the phone because they DIDN'T expect that. Apparently you didn't check the S3 forums around launch day, as there was basically a metric buttload of nervous old Moto users (such as myself) who thought we'd just gotten one-overed; what with us basically being locked into the phone with the end of unlimited and locked bootloader. Thankfully it was bypassed pretty damn fast, even if it is hacky.
> 
> In regards to the security of locked devices versus unlocked devices as far as the phone itself not turning into a paperweight there is good things to be said about both sides but it depends on how locked it is. A lock like the d2vzw is a dangerous lock, IMO. It doesn't do full signature checks across all partitions so it DOES allow flashing of non-supported files (possibly even for files that are not for our device such as the International variant; which can change partitions, including for download mode!) but because its locked we can't do bootloader replacement which means we can flash bad files but then not save it. Fully open devices (when unlocked, of course) benefit from being nearly unbrickable if done right since you can basically replace all partitions and rewrite them as needed.
> 
> ...


the Verizon bootloader has been unlocked http://forum.xda-developers.com/show...php?p=30274025


----------



## Goose306 (Sep 12, 2011)

jlokos said:


> the Verizon bootloader has been unlocked http://forum.xda-dev....php?p=30274025


A hoy hoy what do we have here...


----------



## ImaComputa (Sep 8, 2011)

This thread is all moot now hahaha


----------

