# VZW bootloader been cracked? Is this confirmed?



## joemagistro (Dec 19, 2011)

https://github.com/CyanogenMod/android_device_samsung_d2vzw


----------



## skiwong20 (Sep 3, 2011)

Not yet..u are only looking at d2vzw source that CM team put to build cm with kexec, it has nothing to do with a unlocked bootloader


----------



## joemagistro (Dec 19, 2011)

damnnn


----------



## joemagistro (Dec 19, 2011)

i dunno tho dude.. Cyanogenmod does not officially support devices with locked bootloaders.... sooo thats gotta mean something... whether or not its made public yet...


----------



## skiwong20 (Sep 3, 2011)

Your wrong droid2 is officially supported...that's defently locked boot loader..not trying to b mean..sorry


----------



## Dream (Aug 22, 2011)

Has a phone with a locked bootloader/encrypted ever been fully unlocked?


----------



## bretth18 (Jun 13, 2011)

joemagistro said:


> i dunno tho dude.. Cyanogenmod does not officially support devices with locked bootloaders.... sooo thats gotta mean something... whether or not its made public yet...


Droid X was also officially supported.

Sent from my SCH-I535 using RootzWiki


----------



## JBirdVegas (Jun 11, 2011)

A professor found a mathematical vulnerability on the DroidX boot loader signature that allowed it to be reversed. Moto issued a nice pretty cease and desist the moment he posted it online. The vulnerability was related to not using a salt when making the key, and I'm sure has since been resolved.

...but without OEM mistakes like this it is unlikely we will ever crack another boot loader. The key size makes it a mathematical impossibility. MIT still has a distributed processing computer that has been attempting to brute force the key from some device but I don't think they have been successful


----------



## dvader (Jul 3, 2011)

JBirdVegas said:


> A professor found a mathematical vulnerability on the DroidX boot loader signature that allowed it to be reversed. Moto issued a nice pretty cease and desist the moment he posted it online. The vulnerability was related to not using a salt when making the key, and I'm sure has since been resolved.
> 
> ...but without OEM mistakes like this it is unlikely we will ever crack another boot loader. The key size makes it a mathematical impossibility. MIT still has a distributed processing computer that has been attempting to brute force the key from some device but I don't think they have been successful


Your not talking about that asshole nenlod (or whatever his name was?) that trolled everyone saying he cracked it but got a C&D?


----------



## JBirdVegas (Jun 11, 2011)

I don't remember who it was but I've seen the proof of concept math (not that I could spot incorrect doctorate level math).


----------



## pdubya (Sep 3, 2011)

I wish we/someone could put together something like [email protected] dedicated to cracking bootloaders. I'm sure there are thousands of people that would install a small program on their computers if they knew that processing power would go to the greater good of cracking bootloaders


----------



## sneakysolidbake (Jun 8, 2011)

The thing is, it hasn't been 100% determined how the security works as a whole. You have to give a computer instructions and unfortunately, "crack this bootloader" is not something that can be translated easily to an actual cracking method.

On a side note, I got sig'd!!! my life is now complete =D


----------



## PhantomGamers (Sep 27, 2011)

sneakysolidbake said:


> The thing is, it hasn't been 100% determined how the security works as a whole. You have to give a computer instructions and unfortunately, "crack this bootloader" is not something that can be translated easily to an actual cracking method.
> 
> On a side note, I got sig'd!!! my life is now complete =D


i think he means use computer power to assist in bruteforcing the key the bootloader is signed/encrypted with.
i'd be all for that but even with 100 computers it would take AGES.


----------



## pdubya (Sep 3, 2011)

It would be nice because there are always people willing to help in any way they can and this would be a way for the masses to help.


----------



## sneakysolidbake (Jun 8, 2011)

PhantomGamers said:


> i think he means use computer power to assist in bruteforcing the key the bootloader is signed/encrypted with.
> i'd be all for that but even with 100 computers it would take AGES.


Even that right there assumes too much about what we know about the security. When you bruteforce something, you have to test each possible solution. Can you think of a viable method of testing hundreds of thousands of keys in a timely manner? Correct me if I'm wrong but wouldn't that require flashing each potential bootloader sig and see if it boots? Maybe I have a fundamental misunderstanding of how this stuff works.


----------



## PhantomGamers (Sep 27, 2011)

sneakysolidbake said:


> Even that right there assumes too much about what we know about the security. When you bruteforce something, you have to test each possible solution. Can you think of a viable method of testing hundreds of thousands of keys in a timely manner? Correct me if I'm wrong but wouldn't that require flashing each potential bootloader sig and see if it boots? Maybe I have a fundamental misunderstanding of how this stuff works.


there might be an easier way...


----------



## sneakysolidbake (Jun 8, 2011)

PhantomGamers said:


> there might be an easier way...


Believe me, I'd be all for it, but it can't be that simple.


----------



## fused2explode (Jan 6, 2012)

PhantomGamers said:


> there might be an easier way...


Currently there is not, at least with the method you are talking about


----------



## Jaxidian (Jun 6, 2011)

JBirdVegas said:


> I don't remember who it was but I've seen the proof of concept math (not that I could spot incorrect doctorate level math).


*dvader* was correct. It was a guy trolling the community. I was part of the FreeMyMoto team who worked with that situation. He faked the C&D as well. He admitted to trolling everybody after ~36 hours or so. There was absolutely nothing useful in what that guy shared.

Also, the math he shared didn't work out. People were having problems with it almost immediately after he posted it.


----------



## JBirdVegas (Jun 11, 2011)

Too sad, I was unaware it was a scam. Sorry guys.


----------



## ImaComputa (Sep 8, 2011)

*SUPPOSEDLY *Verizon told a few people over at XDA that they are releasing a boot loader unlock. I know it's Verizon and all but a few people got the same answer from different reps so it might be a possibility.

Edit: NVM I didn't see the other thread on it.


----------

