Probably a stupid question.
#1
Posted 26 May 2014 - 04:41 AM
#2
Posted 26 May 2014 - 05:03 AM
Because there isn't an "unlocked bootloader" to flash.
- johnthehillbilly likes this
Non potest esse nisi unus
#3
Posted 26 May 2014 - 11:21 AM
#4
Posted 26 May 2014 - 11:24 AM
You don't seem to understand what I'm saying. When you unlocked your dev edition, you used an unlock code. That didn't flash some magic "unlocked bootloader". It changed an eFuse in the hardware that the bootloader checks when it's loaded to see if it should use the secure path or not. The unlock exploit found (and patched) a year ago blew the eFuse that tells the bootloader to use the unsecure path when it's loaded. That is the only difference.
- johnthehillbilly likes this
Non potest esse nisi unus
#5
Posted 26 May 2014 - 06:04 PM
#6
Posted 26 May 2014 - 06:13 PM
No, the bootloader is software. What you're failing to grasp is that the software on a dev edition Moto device is *EXACTLY* the same as the software on a consumer Moto device. The state of the hardware is what determines whether the bootloader loads in secure or unsecure mode. All partitions are obviously signed and can only have unsigned code flashed if the bootloader loads in unsecure mode. The TZ and GPT partitions can't be flashed on any device, unlocked or not. The trusted zone is what runs beneath the rest of the partitions and serves as a security layer between the hardware and the bootloader/kernel. The unlock exploit was in the trusted zone and allowed the code that blew the eFuse to render the device unlocked to be run as root. That hole was patched and therefore is no longer unlockable. And don't bother with the "well we'll find the signing keys then" nonsense. 128 bit encryption....it's quite well protected. Yes, it's a difficult problem to solve. Hell, root can't even be achieved on most 4.4.2 builds. Unless by some miracle a new security exploit is found in the TZ (and it's been looked at by the person who found the original exploit and found to be completely secure now) there is no hope of unlocking consumer Moto phones. I'm not getting into the discussion of stolen unlock codes being sold by "a guy in China". That's just ridiculous and should be stopped no matter how badly you want the phones unlocked.
- RikRong likes this
Non potest esse nisi unus
#7
Posted 27 May 2014 - 04:22 AM
I guess the old saying if you can't beat them hire them is what happened. When you said that were you talking about Dan because I wondered why he suddenly stopped.
#8
Posted 27 May 2014 - 04:49 AM
and it's been looked at by the person who found the original exploit and found to be completely secure now)
I guess the old saying if you can't beat them hire them is what happened. When you said that were you talking about Dan because I wondered why he suddenly stopped.
I'm not sure that he has "stopped".. More than likely though he's just not going to release his findings because well, it has become EXPECTED for him to do so by many in the community. I'm sure it is a huge PIA to find these holes but I'm pretty sure he also enjoys the challenge some.
Sent via Blacked out TapaTalk on my Eclipsed Dev X
#9
Posted 27 May 2014 - 04:51 AM
He stopped for a variety of reasons. It takes an enormous amount of time to find security flaws in software. And what people fail to understand is that it's a law of diminishing returns. You find a bug an exploit it, they patch it. The next one is harder to find and the cycle goes round and round until you're sitting at Android 4.4.3 and telling root application developers how they must specifically code their apps to allow root to still work. People expect and demand exploits. People don't take the time to learn how those exploits come into existence. All they know is they want an unlock and/or root and why hasn't someone done it yet. People like Dan who do that for a living have an advantage over those who are simply casting a line into the ocean and hoping for a fish. But there's two issues...the time it takes and the lack of appreciation the community has for the work involved. Which is how we got to where we are with root. Even JCase is now sick of the community and is not really motivated to work on the new devices. I can't says that I blame either of them.
Non potest esse nisi unus
#10
Posted 27 May 2014 - 04:52 AM
I'm not sure that he has "stopped".. More than likely though he's just not going to release his findings because well, it has become EXPECTED for him to do so by many in the community. I'm sure it is a huge PIA to find these holes but I'm pretty sure he also enjoys the challenge some.
Sent via Blacked out TapaTalk on my Eclipsed Dev X
Not when you do it for a living. It's a curiosity for a while, sure, but, once it becomes a time sucking chore that isn't appreciated......why bother?
Non potest esse nisi unus
#11
Posted 27 May 2014 - 02:59 PM
2 user(s) are reading this topic
0 members, 2 guests, 0 anonymous users