# New VZW GS3 User/Dev as of tomorrow.



## NickxxSfk (Dec 20, 2011)

So if you don't know me I'm a former themselves/Dev over at the Thunderbolt forums. Now if we ever do get an unlocked bootloader. Ill start throwing out some AOSP Love for ya guys. But first I just would like to know what I'm working with here. I don't quite understand how the whole flashing ROMs and kernels with a locked bootloader works. I've always had completely unlocked devices or workarounds before it was even released. Anyone care to explain for me?

Sent from my ADR6400L using Tapatalk 2


----------



## theMichael (Aug 26, 2011)

What happened nick i thought u were stuck on the bolt for a while longer?


----------



## NickxxSfk (Dec 20, 2011)

I'm cheating and just opening a new line.

Sent from my ADR6400L using Tapatalk 2


----------



## theMichael (Aug 26, 2011)

dont know much about it myself but check out this link


----------



## lsdozer (Sep 22, 2011)

I have a bionic currently and am thinking about getting a Verizon SGS3. I dont exactly understand the whole Kexec thing, but with the bionic, which also has a locked bootloader, we simply use an app called Bootstrap, which installs CWM recovery and we are in. we can flash custom rom's but they use the stock kernel. Yes, I miss flashing kernels, but huge advancements in ROM design have come along and the phone is very responsive.

Also, verizon has been putting out several updates which have upgraded the kernel and radio, and the dev's take these updates and modify them creating roms from them, which are awesome.

Basically, what I am saying is that a locked bootloader doesn't equal a POS with no future!


----------



## TheBiles (Oct 20, 2011)

lsdozer said:


> I have a bionic currently and am thinking about getting a Verizon SGS3. I dont exactly understand the whole Kexec thing, but with the bionic, which also has a locked bootloader, we simply use an app called Bootstrap, which installs CWM recovery and we are in. we can flash custom rom's but they use the stock kernel. Yes, I miss flashing kernels, but huge advancements in ROM design have come along and the phone is very responsive.
> 
> Also, verizon has been putting out several updates which have upgraded the kernel and radio, and the dev's take these updates and modify them creating roms from them, which are awesome.
> 
> Basically, what I am saying is that a locked bootloader doesn't equal a POS with no future!


Yes it does. I had a Bionic, and that was that worst piece of shit Android phone that I that I had owned. An encrypted bootloader is death for an Android device.

Sent from my Galaxy S III


----------



## lsdozer (Sep 22, 2011)

TheBiles said:


> Yes it does. I had a Bionic, and that was that worst piece of shit Android phone that I that I had owned. An encrypted bootloader is death for an Android device.
> 
> Sent from my Galaxy S III


You are correct, sorta. It WAS a POS, until the last couple weeks. It actually has great 4g reception now, is very quick and responsive, and is running ICS. I know, its not jelly bean, but people are loving it.


----------



## joemagistro (Dec 19, 2011)

but at least you can change the kernels on the GS3'ss.. yes its more work then necessary, but its being doneee.... and supposibly CM has a way of being able to reboot your phone and having the kernel boot back up again simply just by restarting your phone.. i know its not cracked.. but there are at least workarounds


----------



## lsdozer (Sep 22, 2011)

joemagistro said:


> but at least you can change the kernels on the GS3'ss.. yes its more work then necessary, but its being doneee.... and supposibly CM has a way of being able to reboot your phone and having the kernel boot back up again simply just by restarting your phone.. i know its not cracked.. but there are at least workarounds


Agreed.


----------



## Forgetful (Jul 23, 2011)

Hey nice to see you around.

Sent from my SCH-I535 using Tapatalk 2


----------



## Goose306 (Sep 12, 2011)

If you want a proof of a good phone surviving and thriving with a locked BL I'd say to take the DX as an example. That phone is still going strong on 2+ years, and Angel is working on a JB port now, and it has/had probably 6+ different ICS ports on a phone which would normally not see anything beyond GB from the factory. Sure, there are quirks, but that phone is a solid. I was sad watching my sister take that phone, though of course the GSIII is a better phone in just about every regard 

Anyways, our locked/encrypted BL are different from other OEM versions. The encryption (while carrier requested) is done by the OEM so its different than say a Moto phone, or an HTC phone. Moto is well known in the security fields (just as much so or more than Blackberry) so when they are requested to lock a BL they don't futz around. Their encryption is for most all important parts of the phone, including the recovery partition, kernel, bootloader (mbm) and more. /system is not encrypted, BUT the SBF file has a full signature check on it (sorta like an ODIN tarbell) so if you go splitting it apart and attempting to mount /system in Linux and putting in su and binaries (like the VZW S3 workarond) it will fail recompile/flash due to bad header info. The security is also 2048-bit RSA (nobody knows what the GS3 is yet) but that's about the strongest, and it is "on-chip" rather than software the hardware itself is encrypted so there is no firmware "hack" to get around it fully (2nd-init and kexec and the like can somewhat, but it comes at a cost)

In regards to the GS3, the current state of encryption is quite a bit weaker than the Moto encryption (although there is rumors of an OTA that may be coming to finish locking it down). Not everything is known, like we don't know whether the security is on-chip or firmware side, and we don't know the strength of the security. We do know they left a huge gaping hole though by leaving the /system portion unencrypted (no signature check via ODIN flash) and leaving the recovery partition unencrypted when modified from user space. (Can't be done via ODIN flash, but can be done via ADB or apps now). What this means is we can boot from the recovery partition a custom kernel. Since we can fully boot it from the recovery partition we don't get the usual issues kexec ran into on the Moto phones - that is, everything works as intended, with one quibble. If one restarts the phone one has to go back into recovery and reinstall the kernel, as a standard reboot will boot the stock kernel. This has already been (for the most part) circumvented by Team Epic, as they have automated it so it will flash the kernel in recovery on a cold boot with no user interaction needed. It still has to be done, and makes the reboot process a bit longer, but other than that everything works as intended.

The last thing needed to get everything working on AOSP on the VZW GS3 is to get data working. This doesn't involve the BL or encryption though AFAIK, they just have to get the VZW RIL to play nice with the AOSP kernel and they will be good to go. As I said I believe there is probably an OTA coming to lock this thing down for good (I wouldn't be surprised if Sammy left the gaping hole from the factory as an "F U" to VZW) but for now if you have it rooted and the OTA updater frozen things are looking up for the VZW GS3. Moto encryption, this is not.


----------



## NickxxSfk (Dec 20, 2011)

Goose306 said:


> If you want a proof of a good phone surviving and thriving with a locked BL I'd say to take the DX as an example. That phone is still going strong on 2+ years, and Angel is working on a JB port now, and it has/had probably 6+ different ICS ports on a phone which would normally not see anything beyond GB from the factory. Sure, there are quirks, but that phone is a solid. I was sad watching my sister take that phone, though of course the GSIII is a better phone in just about every regard
> 
> Anyways, our locked/encrypted BL are different from other OEM versions. The encryption (while carrier requested) is done by the OEM so its different than say a Moto phone, or an HTC phone. Moto is well known in the security fields (just as much so or more than Blackberry) so when they are requested to lock a BL they don't futz around. Their encryption is for most all important parts of the phone, including the recovery partition, kernel, bootloader (mbm) and more. /system is not encrypted, BUT the SBF file has a full signature check on it (sorta like an ODIN tarbell) so if you go splitting it apart and attempting to mount /system in Linux and putting in su and binaries (like the VZW S3 workarond) it will fail recompile/flash due to bad header info. The security is also 2048-bit RSA (nobody knows what the GS3 is yet) but that's about the strongest, and it is "on-chip" rather than software the hardware itself is encrypted so there is no firmware "hack" to get around it fully (2nd-init and kexec and the like can somewhat, but it comes at a cost)
> 
> ...


 Thanks for an actual explanation! Im not familiar with locked phones. But this helped me understand it a lot better. So basically for now. If I get an OTA. Do NOT accept it. Ii still haven't rooted mine yet. But I will when i get the time to

Sent from my SCH-I535 using Tapatalk 2


----------



## srs731 (Jun 15, 2011)

Hey Nick, Good to see you...I actually gave my Mom my old Thunderbolt running your CM7! It gave me the best battery life/performance combo.

Offtopic---I was just doing a little reading this morning, We will not be able to re set our flash counter due to having a locked bootloader correct?


----------

