Endless Paradigm

Full Version: New Droid Security
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Quote:Motorola is cracking down hard on modders, who have previously enjoyed a huge amount of freedom with their Android devices. The Android equivalent of jailbreaking is called “rooting”, which gives the user administrative privileges, and allows them to install custom ROMs. This allows users to have full control over their device, and is in my opinion the best part of the Android experience.

Motorola has locked down the bootloader of the Droid X, stopping users from rooting their devices. They did the same thing on the Milestone, which proved to be a tough nut to crack. In addition to the locked bootloader, they have also introduced an “eFuse”. This essentially causes the phone to self-destruct if it detects a rooting attempt, and can only be fixed by Motorola.

Here is a full explanation from p3droid at My Droid World:

    The eFuse is coded with information that it either looks for or is passed to it from the bootloader. The bootloader is loaded with information it looks for when it begins the boot-up process. (I have seen the sbf file look for a certain bootloader when it begins so its safe to assume that this is the process).

    Once the the eFuse verifies that the information it is looking for or that has been passed through to it by the bootloader is correct then the boot process continues. What type of information is written to the bootloader? So far i’ve been able to verify that the firmware information (what wee call ROMS), the kernel information, and the bootloader version.

    If the eFuse failes to verify this information then the eFuse receives a command to “blow the fuse” or “trip the fuse”. This results in the booting process becoming corrupted and resulting in a permanent bricking of the Phone. This FailSafe is activated anytime the bootloader is tampered with or any of the above three parts of the phone has been tampered with.

    The eFuse is a rewrittable module and thus once it has been tripped it can be repaired but this procedure can only be done by Motorola. It requires hardware (I’m not sure what type) and the program (I’m not sure what Motorola is using) written in JTAG.

The Android community has some of the brightest developers in the mobile world, who have been able to root many different devices; but will the kill-switch on the Droid X prevent it from being hacked? Motorola sure hopes so, but has alienated a large chunk of their market in the process. Of course this is only one manufacture, and Google, the brain behind Android, encourages open-source software and freedom of choice.

With every firmware update, Apple attempts to block exploits that jailbreakers use to gain access to the device, but they have never done anything quite this extreme. Maybe it is because they know that jailbreaking is essential for the device to appeal to all market segments, or because they know that a full lockdown would cause an outrage.

What would happen to the jailbreak community if Apple introduced their own kill-switch? Would users switch to a more open platform, or stick with older devices? Would they accept a device that was locked down in a “walled garden”, or would they rebel?

Wee can only hope that Motorola is the exception, and other companies like Apple will not follow suit.

This is a tad depressing really. Would think Google wouldn't allow Moto to control the phone like this.

[Sauce]
hacked android phones?

i guess its up to the provider of the phone. (company that makes it) then again its abusing hardware rights.
Since you're hacking the software (which is made by Google) I don't think Motorola should have the right to do this.
I wonder if Apple will follow suit
What these companies need to think about is the majority of people that buy these devices usually hack them. If they block them from doing that, sales are gonna go down.
I would only take a phone like this if it cost me 20$
rooting should be available for any user ( its their property anyway )
this is why im glad nokia do a maemo line
that can't lock linux as its open source
eFuse being hacked by hackers in 3, 2, 1....
Motorola also said they design phones for users not for developing.  They suggested that if you want to play with custom rooms buy a nexus one, which was designed in the mindset for rom development.


Pages: 1 2
Reference URL's