1. You want that $100.00 in your pocket or an Amazon Fire TV don't you? Well here's the deal. With our new updated look we are in desperate need of an updated logo. The 'old' one has certainly served us well, but it's time. Find all the details here: bit.ly/1q0k6Wa
  2. DroidForums.net is currently undergoing a major software upgrade. If you are experiencing any problems logging in please: Contact Us

ALERT: Droid X FroYo OTA - new bootloader uses new signing keys

Discussion in 'Droid Labs' started by MotoCache1, Sep 22, 2010.

  1. MotoCache1
    Offline

    MotoCache1 Chief Droid Scientist

    Joined:
    Jun 30, 2010
    Messages:
    530
    Likes Received:
    1
    Trophy Points:
    0
    [I posted this earlier this morning but I put it in the wrong sub-forum. Someone was trying to clean that up and move it and it accidentally got destroyed. I'm re-creating it. I don't know if the other posts that were in it will be salvaged or not, but here's the OP.]

    I got brought in on this by someone who hit my Gtalk on my phone at 4:30a to let me know that the world was coming to an end -- more or less.

    In the last couple hours we've sorted out a lot and the deal is, in the new Droid X OTA it appears that they have replaced the entire HAB chain from the mbmloader (the loader for the boot loader) on forward. The keys that were used to sign the prior HAB components are no longer trusted by the new HAB components. What that means is that if you take the current OTA, and then subsequently use an SBF (or any other method) to replace a signed code group (which is just about every code group on a DX) that signature will not be valid and the boot process will halt when that CG is encountered. Since pretty much every SBF contains the "boot" and "recovery" code group, as well as the very-critical "CDT" code group, this means if you apply an SBF to your OTA'd phone (that is now running the 30.03 bootloader) your phone is toast. But not permanently.

    In the above scenario you will still be running the new mbmloader (GC63) and mbm (CG30), so as long as you put code groups back on that are signed with the new signatures, you'll be back in business. None of the prior SBF's are going to help you -- they are invalid as of this OTA.

    I'm sure Verizon is expecting this and has the 2.3.13 SBF standing by in the retail stores so they can flash you back to stock and get you working again (and give you the evil eye when you lie about how your phone got this way -- because I'm sure they have been warned about this happening in advance).

    That's all for now. Hopefully this helps avoid too much unnecessary confusion, so you can just concentrate on dealing with the necessary confusion.

    Oh, and to all the people who mocked when the idea of a hostile bootloader via OTA came up in the Droid 1 topic, well...
  2. Corinacakes
    Offline

    Corinacakes Super Moderator Theme Developer

    Joined:
    Nov 17, 2009
    Messages:
    5,031
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Maine
    I want to apologize to everyone that posted in this thread earlier. I screwed up and lost all of it. You guys can be mean if you want....I deserve it!!!! :icon_censored:
  3. jntdroid
    Online

    jntdroid Super Moderator Premium Member

    Joined:
    Nov 18, 2009
    Messages:
    6,435
    Likes Received:
    288
    Trophy Points:
    83
    Location:
    TX
    So, what we were a little worried they might do with the Droid 1 OTA, they did do with the Droid X OTA, essentially. Interesting... I wonder if they would ever dare to try this on the Droid 1 - though, who knows when the next OTA will be for ol' faithful.
  4. MotoCache1
    Offline

    MotoCache1 Chief Droid Scientist

    Joined:
    Jun 30, 2010
    Messages:
    530
    Likes Received:
    1
    Trophy Points:
    0
    Just some updated information. We've been doing continued testing and while the OTA does contain mbmloader and mbm, it appears that this lockdown may be occurring later than that in the boot cycle. We're not sure how just yet -- but we were able to reproduce the issue without updating the bootloader. More information as we have it.
  5. stevesimmons
    Offline

    stevesimmons New Member

    Joined:
    Aug 16, 2010
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    0
    I have the OTA zip file and I have not allowed it to install on my DX.

    Is it possible to modify the zip file so that it does not install the new boot loader, yet still get froyo and the other patches?
  6. furbearingmammal
    Offline

    furbearingmammal Super Moderator

    Joined:
    Jun 16, 2010
    Messages:
    10,354
    Likes Received:
    6
    Trophy Points:
    0
    Location:
    So far north in NY I smell maple syrup when the wi
    I'm going to go ahead and say no. If you're going to root, root now -- otherwise you'll have to wait to see what can be done later... and that's potentially NOTHING. If they come out with a rooted version of the update you'll be gold then. Otherwise... Keep in mind this is merely coming from an understanding of the corporate psychology, not any actual knowledge of the process involved. :)

    I'll lay a large bet that the D2 is right around the corner for the same thing.
  7. teddyearp
    Offline

    teddyearp New Member

    Joined:
    Jan 13, 2010
    Messages:
    1,800
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Randle, WA
    +1 ^^^ this.
  8. neturbo82
    Offline

    neturbo82 New Member

    Joined:
    Aug 28, 2010
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    0
  9. furbearingmammal
    Offline

    furbearingmammal Super Moderator

    Joined:
    Jun 16, 2010
    Messages:
    10,354
    Likes Received:
    6
    Trophy Points:
    0
    Location:
    So far north in NY I smell maple syrup when the wi
    I'm going to take a stab and say we'll have to wait for someone in a store who got it to leak it, and if Motorola and Verizon are as serious about stopping hacking as they've made themselves out to be, that file may never hit the stores.
  10. teddyearp
    Offline

    teddyearp New Member

    Joined:
    Jan 13, 2010
    Messages:
    1,800
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Randle, WA
    AFIK, all the leaks we've been getting come from WAY higher up the food chain than a lowly VZW store . . .;)
Search tags for this page

froyo bootloader