Update leaked 2.2 to official 2.2?

[pcm2a]

For those of us on unrooted leaked 2.2 roms, will we be able to manually place the update on the sd card and upgrade to it?

If not, will we need to restore back to 2.1 first?

Thanks

 

[MotoCache1]

ALERT: Droid X FroYo OTA - new bootloader uses new signing keys

I got brought in on this by someone who hit my Gtalk on my phone at 4:30a to let me know that the world was coming to an end -- more or less.

In the last couple hours we've sorted out a lot and the deal is, in the new Droid X OTA it appears that they have replaced the entire HAB chain from the mbmloader (the loader for the boot loader) on forward. The keys that were used to sign the prior HAB components are no longer trusted by the new HAB components. What that means is that if you take the current OTA, and then subsequently use an SBF (or any other method) to replace a signed code group (which is just about every code group on a DX) that signature will not be valid and the boot process will halt when that CG is encountered. Since pretty much every SBF contains the "boot" and "recovery" code group, as well as the very-critical "CDT" code group, this means if you apply an SBF to your OTA'd phone (that is now running the 30.03 bootloader) your phone is toast. But not permanently.

In the above scenario you will still be running the new mbmloader (GC63) and mbm (CG30), so as long as you put code groups back on that are signed with the new signatures, you'll be back in business. None of the prior SBF's are going to help you -- they are invalid as of this OTA.

I'm sure Verizon is expecting this and has the 2.3.13 SBF standing by in the retail stores so they can flash you back to stock and get you working again (and give you the evil eye when you lie about how your phone got this way -- because I'm sure they have been warned about this happening in advance).

That's all for now. Hopefully this helps avoid too much unnecessary confusion, so you can just concentrate on dealing with the necessary confusion.

Oh, and to all the people who mocked when the idea of a hostile bootloader via OTA came up in the Droid 1 topic, well...

 

[czerdrill]

Another example of why x users will never truly have a custom rom. Now they must wait for another sbf leak if they want a "custom" froyo. It sucks that motorola/verizon is doing this but that's how it is.

Doesn't this pretty much make the "custom" roms that are out there useless or are they not affected (provided you never upgrade to froyo...which is dumb).

 

[Ag3nt X]

Duh what did you think the hold up was on releasing this update only for this phone?

 

[MotoCache1]

I guess the moral of this story is, if you're going to use a phone that's not wide open, be sure to set it so it can't receive OTA and don't apply the OTA until the "early adopters" do.

 

[MotoCache1]

Some day we'll look back on this crap and laugh that they ever even bothered with these antics.

 

[czerdrill]

I guess the moral of this story is, if you're going to use a phone that's not wide open, be sure to set it so it can't receive OTA and don't apply the OTA until the "early adopters" do.

The second moral is that unfortunately devs will never defeat a locked bootloader no matter how awesome they think their "hacking" skills are haha

If someone does crack it (which no one ever will) moto will just ota different keys and you won't get gingerbread or any other kernel upgrade until you apply the ota...effectively making your previous work useless. And once the x reaches eol, your phone becomes obsolete more or less.

I love my d1 haha.

 

[czerdrill]

Some day we'll look back on this crap and laugh that they ever even bothered with these antics.

I agree. They feel they have to do this for whatever reason and it's funny and confusing why they're putting so much effort in such a trivial thing.

 

[Corinacakes]

I guess the moral of this story is, if you're going to use a phone that's not wide open, be sure to set it so it can't receive OTA and don't apply the OTA until the "early adopters" do.

The second moral is that unfortunately devs will never defeat a locked bootloader no matter how awesome they think their "hacking" skills are haha

If someone does crack it (which no one ever will) moto will just ota different keys and you won't get gingerbread or any other kernel upgrade until you apply the ota...effectively making your previous work useless. And once the x reaches eol, your phone becomes obsolete more or less.

I love my d1 haha.

Pessimist much?

pes·si·mism (p

s

-m

z

m)n.1. A tendency to stress the negative or unfavorable or to take the gloomiest possible view: "We have seen too much defeatism, too much pessimism, too much of a negative approach" (Margo Jones).

Dude! I should write your name down just to look you up when it IS unlocked (because it WILL be) just to come tell you HA! when it happens!

Think POSITIVE!!!! :icon_ banana:dancedroid:icon_ banana:dancedroiddancedroid:icon_ banana:dancedroid

 

[MotoCache1]

The second moral is that unfortunately devs will never defeat a locked bootloader no matter how awesome they think their "hacking" skills are haha

I used to agree with you on this.

If someone does crack it (which no one ever will) moto will just ota different keys and you won't get gingerbread or any other kernel upgrade until you apply the ota...effectively making your previous work useless. And once the x reaches eol, your phone becomes obsolete more or less.

Nah - if the HAB is disabled you can just take the gingerbread OTA, remove the parts you don't want (new bootloader, etc.) and stick it on your phone since your phone won't be checking signatures. No problemo.

I love my d1 haha.

I look forward to the day that you love your DX more.

 

[Freelancer]

I'm not too knowledgeable when it comes to Bootloaders and such, nor do I own an X but wasn't Apple ruled against this sort of thing in court after there was talk (not sure if they did it) about releasing updates that would brick a device.

Out of curiosity, could something like this fall under this category, or is changing the keys for the HAB something that is more a normal practice and likely wouldn't be considered "malicious code" that could brick a device (even if it is fixable)?

Cause I really don't like the idea of them doing this like this.

 

[czerdrill]

The second moral is that unfortunately devs will never defeat a locked bootloader no matter how awesome they think their "hacking" skills are haha

I used to agree with you on this.

If someone does crack it (which no one ever will) moto will just ota different keys and you won't get gingerbread or any other kernel upgrade until you apply the ota...effectively making your previous work useless. And once the x reaches eol, your phone becomes obsolete more or less.

Nah - if the HAB is disabled you can just take the gingerbread OTA, remove the parts you don't want (new bootloader, etc.) and stick it on your phone since your phone won't be checking signatures. No problemo.

I love my d1 haha.

I look forward to the day that you love your DX more.

If this is the case then who cares about bootloaders haha. That it's awesome news if it's true that you can just remove parts of the ota. So I don't get why people make a big deal about it. Ignore the locked bootloader and just remove parts. Is it simple to disable the HAB? Or does disabling it require cracking at least one bootloader version? If so...not gonna happen. Brute force is out of the question...and I might be a pessimist but also a realist. I highly doubt it'll be an obscure group of android "hackers" who crack encryption like that.

 

[faxxer]

I posted this is the other tthread but I will post it here as well. This probably wont work but its worth a shot.

http://koush.tandtgaming.com/motorola/droidx/MB810_MBM_27.01.zip

Has anyone tried using this sbf to go back to the old bootloader the use the 2.1 sbf again?

With a shot for those that are currently bricked

 

[pcm2a]

Unrooted, not rooted.

Where can we get the update file, I didn't see it posted as of last night.

 

[MotoCache1]

If this is the case then who cares about bootloaders haha. That it's awesome news if it's true that you can just remove parts of the ota. So I don't get why people make a big deal about it. Ignore the locked bootloader and just remove parts. Is it simple to disable the HAB? Or does disabling it require cracking at least one bootloader version? If so...not gonna happen. Brute force is out of the question...and I might be a pessimist but also a realist. I highly doubt it'll be an obscure group of android "hackers" who crack encryption like that.

Well, today it matters because you can't just edit the OTA and take out what you don't like because then stock recovery won't run it. You could try to run the edited one in post-boot recovery, but post-boot can't update the kernel, etc.

No, disabling the HAB is not simple. But I do think it has been done. You'll never crack the encryption, so you have to find ways to evade it.