DroidForums.net is the original Verizon Android Forum! Registered Users do not see these ads. Please Register - It's Free!
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: maybe we can get the key

  1. Senior Droid
    RnD_Solo's Avatar
    Member #
    104987
    Join Date
    Aug 2010
    Posts
    170
    Phone
    Droid X
    #1

    maybe we can get the key

    Ok, so when verizon sends down 2.2....how does it work...doesnt it flash a new rom??? or is it just a bunch of files and OS type stuff?

    anyways, i was under the assumption that to load 2.2, then wouldnt they have to access the bootloader?? and if they need to access the bootloader, then wont have to send the key with it? and wouldnt it be in like the first part of the code?/


    anyways, i could be totally off base here, but ...w/e lol
  2.  
     
     
     
  3. Master Droid
    bitter's Avatar
    Member #
    28770
    Join Date
    Jan 2010
    Posts
    613
    Phone
    Samsung Galaxy Nexus LTE
    #2
    Dude, I didn't understand a word of what you just said.
  4. Rescue Squad
    Tallica's Avatar
    Member #
    48266
    Join Date
    Mar 2010
    Location
    Middleboro, MA
    Posts
    3,259
    Liked
    6 times
    Twitter
    Tallica21
    Phone
    GSIII-Rooted
    Premium Member
    #3
    Quote Originally Posted by RnD_Solo View Post
    Ok, so when verizon sends down 2.2....how does it work...doesnt it flash a new rom??? or is it just a bunch of files and OS type stuff?

    anyways, i was under the assumption that to load 2.2, then wouldnt they have to access the bootloader?? and if they need to access the bootloader, then wont have to send the key with it? and wouldnt it be in like the first part of the code?/


    anyways, i could be totally off base here, but ...w/e lol
    Logically that makes sense. they call the official update "signed" IF someone could resign a custom Rom it could work
  5. Droid Ninja
    Mustang02's Avatar
    Member #
    101037
    Join Date
    Aug 2010
    Location
    Cleveland Ohio
    Posts
    1,019
    Liked
    32 times
    Phone
    Droid Maxx
    #4
    Quote Originally Posted by bitter View Post
    Dude, I didn't understand a word of what you just said.
    I concur. WTF did I just read?
  6. Senior Droid
    xlivewire7x's Avatar
    Member #
    91418
    Join Date
    Jul 2010
    Location
    Lincoln University, PA
    Posts
    127
    Liked
    14 times
    Phone
    Droid X
    #5
    Yea it does seem logical but I really doubt it's that simple. I'm sure the code for the key is somewhere in there but I doubt they'd make it very easy to find. Who knows though, a lot of the Droid X hackers have been doing some pretty amazing stuff.
  7. Senior Droid
    RnD_Solo's Avatar
    Member #
    104987
    Join Date
    Aug 2010
    Posts
    170
    Phone
    Droid X
    #6
    well..it wouldnt hurt to look right?

    so basically we need a way to capture the file you download during the OTA update...which, im assuming, shouldnt be to hard with a rooted phone..

    but the trick i guess would be to stop the OTA update from automatically installing and resetting the phone before you had a chance to export it.

    or maybe we can get someone who does instore software updates for a verizon store to get us a copy...somehow.

    i really wish i better understood how all this worked. im trying to find a soft spot SOMEWHERE
  8. Senior Droid
    RnD_Solo's Avatar
    Member #
    104987
    Join Date
    Aug 2010
    Posts
    170
    Phone
    Droid X
    #7
    Quote Originally Posted by xlivewire7x View Post
    Yea it does seem logical but I really doubt it's that simple. I'm sure the code for the key is somewhere in there but I doubt they'd make it very easy to find. Who knows though, a lot of the Droid X hackers have been doing some pretty amazing stuff.

    honestly, i dont think 256 random characters in a string would be to hard to find..we wont know though unless we can see the file.
  9. Droid
    fwaggle's Avatar
    Member #
    102703
    Join Date
    Aug 2010
    Posts
    38
    Phone
    Droid X
    #8
    That's not how code signing works - likely the BIOS or something similar on the phone has the public key with which to verify the authenticity of the software. It's called a public key for a reason - it's of absolutely no benefit to you to acquire it.

    For the code-signing to work, they don't have to send the private key with the code... again, it's called a private key for a reason. It's kept somewhere, probably under pretty tight security at a motorola lab someplace.

    So no, unless Motorola really screwed the pooch, there will be nothing in the update data of any use to beating that pesky boot loader - certainly not the private key.
  10. Senior Droid
    RnD_Solo's Avatar
    Member #
    104987
    Join Date
    Aug 2010
    Posts
    170
    Phone
    Droid X
    #9
    Quote Originally Posted by fwaggle View Post
    That's not how code signing works - likely the BIOS or something similar on the phone has the public key with which to verify the authenticity of the software. It's called a public key for a reason - it's of absolutely no benefit to you to acquire it.

    For the code-signing to work, they don't have to send the private key with the code... again, it's called a private key for a reason. It's kept somewhere, probably under pretty tight security at a motorola lab someplace.

    So no, unless Motorola really screwed the pooch, there will be nothing in the update data of any use to beating that pesky boot loader - certainly not the private key.
    ok, so then how are they gonna unlock the bootloader so they can load the new rom???

    they have to unlock it somehow, we just need to copy whatever that somehow is


    edit..

    ok so i think i get what your saying..

    so is the so im assuming the ota update is gonna come down encytped as well?
    Last edited by RnD_Solo; 08-18-2010 at 11:11 PM.
  11. Droid
    fwaggle's Avatar
    Member #
    102703
    Join Date
    Aug 2010
    Posts
    38
    Phone
    Droid X
    #10
    Quote Originally Posted by RnD_Solo View Post
    ok, so then how are they gonna unlock the bootloader so they can load the new rom???

    they have to unlock it somehow, we just need to copy whatever that somehow is


    edit..

    ok so i think i get what your saying..

    so is the so im assuming the ota update is gonna come down encytped as well?
    I don't know if it'll come over the wire encrypted or not - but I believe it doesn't have to be. My understanding of the DroidX hardware is very limited, and my understanding of crypto is by no means exhaustive, but it's my understanding that code doesn't have to be encrypted to be signed.

    Basically what happens is you have a public and private key for code signing purposes (you can use the same thing for message authentication, it's my understanding that code signing is just a specific type of message authentication - message authentication basically just means a method of telling with a reasonable level of certainty that a message came from a specific person and hasn't been tampered with). The public key is derived from the private key in such a fashion that it's mathematically trivial to check that a message is also derived from the private key, but mathematically difficult to derive the private key from either the message or the public key.

    The public key is likely stored in some part of "real ROM" - that is actual read-only-memory as opposed to the bit we clobber when we want to put a new OS on - perhaps in the BIOS or something similar (heck it may even be literally "on-chip", given that there's much hooha about this whole "eFuse" thing), I honestly have no idea... I'm not familiar with the architecture of these phones at all. The boot process probably works something like the BIOS looks up the boot loader, confirms it's signed by Motorola, and then executes it. The boot loader then probably searches for the kernel and other things it needs to boot the OS, checking at least the kernel to see if it's signed as well.

    By using a digital signature instead of a hash (which I think is where you were thinking, that Motorola must have some OTA way of updating the hash that hackers could exploit to get the loader to accept their own kernels), all they have to do is push out another kernel that's also signed by the same key. The boot loader will happily accept any code that's signed in this way, and there's no privileged operation necessary on the phone. The privileged operation happens back in Moto's lab, the signing of the code with their private key - either you have the private key to sign your kernel or you don't.

    Cracking the key is practically impossible. Yes, if the key resides in the first few (relatively speaking, like there are a "few" stars in the sky!) tries you could get lucky... but like I posted on another forum, you'd have better odds of getting everyone together and each buying lottery tickets, and then if someone wins, using the money to bribe someone at Motorola to give you a copy of the key.

    Now of course that's not to say that there aren't ways to side-track the boot-loader, which I think is what the guys are tampering with (and may be how they did the custom recovery thing)... but anyway, like someone else posted on another android forum, at this point you'll have better chances working with the boot loader than against it.

    For all intents and purposes though, the OTA 2.2 update probably isn't going to be of any use to cracking the device wide-open, unless in the process of them doing the update they introduce a bug in the boot loader which can be leveraged to convince it to run an unsigned kernel. Again, I'm not familiar with the X's boot process, but I imagine they don't necessarily have to touch the boot loader - just push another kernel + android userland and call it a day.
Page 1 of 2 12 LastLast

Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Search tags for this page

droid does level 2 authentication
,
ipad 2 authentication key
,

ipad 2 reset authentication key

,

ipad reset authentication key

,
iphone 4 authentication key
,
reset authentication key ipad
,

reset authentication key ipad 2

,
verizon authentication key
,
verizon ipad reset authentication key
,

verizon iphone 4 authentication key

Click on a term to search our site for related topics.
Find us on Google+