Droid X

This one's still trickling in, but it appears that the keys needed to bypass the bootloader protection used by Motorola have been uncovered, with proof posted on Twitter.  This means developers should be able to build true custom .sbf files and sign them so that they can be flashed via the locked and encrypted bootloader on select Motorola devices.  And presumably, Motorola has its cease-and-desist macro at the ready. Holy shades of Sony v. Geohot, Batman, this is going to get interesting!

To you and I, these aren't of much use.  I'm sure the people that needed them are already hard at work, and soon we will see the benefits.  In the meantime, hit the source links to keep track of the progress.  [@nenolod; nenolod.net]

Update: Turns out this was all a hoax.  Nothing to see here folks.  Look here for details.


Reader comments

Key to Motorola's locked bootloaders found, posted on Twitter [update -- or not]


Moto can cease-and-desist all it wants, but they'll never win this lawsuit if it goes to court. Plus once it's out, it's out.

I don't know why its going to get interesting because its not illegal due to the Geohot v. Apple case... so it sucks for Motorola but ups to the devs...

Sorry if this is a dumb question but what can we expect from this? How will these "true custom roms" be better than the custom roms already out for motorola phones (Apex, Fission, Libery, etc...)? I'm running GummyJar 2.5 on my d2 and I love it so what am I missing? Gingerbread? Details please! #prepared to be called a newbie or whatever else ;)

NOOB!!! ;)

It gives devs more room to maneuver, plus it allows them to base ROMS on software that isn't from Moto (such as Cyanogenmod).

At least that's how I understand it.

The different roms out there are no longer tied to a single kernel. You can use a different/custom kernel for your rom.

Being able to replace the Kernel essentially means being able to replace the drivers in the device. If you look at the Galaxy S, for example, custom kernels did a huge lot like:

Ext4 Support for internal memory (faster, more reliable)
Amazing Sound quality thanks to oversampling and completely rewritten reference-drivers directly from the sound chip's producer
Notifications via the touchkey-backlights (Galaxy S has no Notification LED)
Optimised file system drivers, Kernel uses CPU-Features better - More battery life.
Support for completely "Samsung-Free" Roms such as Cyanogenmod or MIUI (Cyanogenmod 7 is currently beta and my daily driver - the performance increase is immense!). This also means that porting new Android Versions to the Device is MUCH easier (as you can replace the Kernel and don't have to work around a Kernel intended for a much older Version of Android.)

Hope that clears things up.

Pretty much this. There is also an MIUI for the SGS, though it's not as bug free as CM7 yet.

7e 21 a8 37 64 12 75 a3 47 13 54 42 12 48 58 12 71 a4 5e 41 a7 64 72 34 2a 6f e2 0a 97 8f <== sholes private key

97 6a 21 7a 67 41 37 9f 26 53 4a 61 7f 2a 86 ae ff 71 21 78 2e 61 4f 71 90 3e 00 27 fe 9b <== initialization vector

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <== nonce (e)

I only have a tiny little clue what those things mean.

This makes me laugh. All those commenting moto sucks HTC ftw because of locked boot loaders may now eat your words and back out of the room. Good job devs love the dedication and of course the win.

I'm an evo owner and could care less about who sucks and who doesn't but really? This is great for Moto owners now but probably a little late to the party. I mean the xoom is unlocked so I would think Moto might be going in this direction anyways. Hell, they might of leaked it themselves.

We're investigating this very interesting information. Thanks, @nenolod!
about 1 hour ago via Mixero
RT @nenolod: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <== nonce (e)
about 1 hour ago via Mixero
RT @nenolod: 97 6a 21 7a 67 41 37 9f 26 53 4a 61 7f 2a 86 ae ff 71 21 78 2e 61 4f 71 90 3e 00 27 fe 9b <== initialization vector
about 1 hour ago via Mixero
RT @nenolod: 7e 21 a8 37 64 12 75 a3 47 13 54 42 12 48 58 12 71 a4 5e 41 a7 64 72 34 2a 6f e2 0a 97 8f <== sholes private key
about 1 hour ago via Mixero

@AndroidCentral: You guys might want to post a link to FreeMyMoto.com since they will be taking over the project from now on :)

Excellent news. I really hope to try CM7 on my Droid X. I've heard so many of you talk about it that I'm curious to try it out.

2nd... I really don't want another HTC device (not that there is anything wrong with them, the dev community for them is 2nd to none). Just jealous of some moto droid (d, d2, dx) devices (I'm on Sprint).

I'm coming from a Dinc right now. April 16 is ne2, so torn between continuing to try and get them to move my date 3 weeks... But not so sure anymore...

This is great news! I might actually get the Droid Bionic if this means that its bootloader will be easily able to be unlocked. Or could Motorola make a new key for the Bionic?

That would be no problem for them at all, unfortunately. They'll probably just change the key in all future phones to a new one that hasn't been leaked. They're also already sending out Cease and Desist orders, so they don't take this very lightly. Assholes. Just keep the people alone who do so much to use the phone they payed for.

" ... they can be flashed via the locked and encrypted bootloader on select Motorola devices ..."

Whats the selected Motorola phones ?

is this key valid to work on all Motorola phones ?

by the way :

Did Motorola released the key intentionally as the comprise they are welling to take "like they said before ? or was it leaked ?

I guess cracking it isn't how they got it

I don't understand why Motorola is bothering to waste resources on some hacker, considering the majority of their consumers wouldn't even know or care about the bootloader being unlocked.

first this is only going to work on droid2 X milestone. not atrix or bionic. second moto was made aware of this problem in Dec. and never did anything. and was told march 20 he was going to release it told them.in Feb. they still didn't bother with it. I just hope DroidX gets added to the cm7 family finally. been to long

Neno has apprently known of this since december, why has he waited so long with posting keys if he has known how to get them for so long. Perhaps waiting on Motorola to fix the issue before people could possibly be able to break into their phones?

According to his site he mentiones that he already told motorola of the security vulnerability back in december. And yet here we are talking march... Why has he waited for so long if he has been able to extract the proper keys back in december????

My guess he probably asked for money to keep it quiet.. only reason I can think of for keeping quiet for so long and notifying Moto in the first place (and probably why legal from Moto is involved).

And I think that is bad. I mean if I had been him I would have leaked the keys and method the second I had found it and not just report it to Motorola :P.

Screw the money I could possibly get but wont get. But I would welcome all the support and the goodwill from the community and the public for actually helping them and not just being a "sellout" looking to score some quick money and help a phone company lock their phones even tighter and thus help them increase their profits due to their bad business practices

And yes I do consider locking a phone like Motorola does for extremely bad business practice, much for the same reason I am avoiding them and is getting the Galaxy S II instead of the Atrix for one.

There's a few reasons he might have done it this way:

1.) He just likes finding security holes and letting the companies know about them so they can be fixed and doesn't ask for payment.

2.) Same as #1 but wants some kind of payment.

3.) Fully intends on releasing it, but contacts them knowing he may not get a reply. The reason for this is because if anything ever goes to court after he has released the findings to the public, he has proof he contacted them on a few different occasions (even giving them the very date in his last message) and they never replied. In court, that would show that Motorola first knew in December 2010. Then was given the actual release date in February 2011 and still didn't reply to him. Proving that they knew what he was going to do and didn't do anything until he released it. In court that would make Motorola look bad.

Damn.. That means if I wanna murder someone, I can just tell the police a few times and document. If they don't respond I can do it without repercussion. Thanx for the info :D

No. However, it does show that Motorola did not indicate that they disaproved of his actions until after he took them. In something that isn't blatently illegal like murder, that could be big. In fact, considering it's legal to hack your phones, not sure why they are suing at all.

Notifying a company I can see as something good when its a security hole related to their website, webshop etc that can potentially damage the company and/or leak information abouts its customers.

Leaking information on how to "unlock a device that is intended NOT TO BE LOCKED" and how to obtain such information is not bad in my eyes. Motorola would not loose money from such a revalation other then perhaps people would keep their phones longer. With the current pratice Motorola has established they have clearly said that when they can make more money "forcing people to get a newer phone" then they will stop providing updates for their other phones in their product line.

On their own support site on facebook they specifically said that updates was provided on Motorolas assumption of what they would think would be a better/worse user experince aswell as finansial basis. Ie if they "think" an update will ruin the experience for their users then no update for the phone. If Motorola will not make money making a new update for a phone rather then releasing a new one?, then no new updates either.

If that is anything other then really bad and sucky business practice then I dont know what it is. If all other electronics "branches" suddenly turned into becoming like this then imagine the uproar.....

Responsible disclosure. If he'd released it right away, he'd probably be knee deep in the Moto legal team. Given that the law states that you should allow a "reasonable amount of time" before publicly disclosing such a vulnerability, he waited 3 months to make sure he was clear from the law.

lol ignore my former comment. I read the headline as in that the Atrix's bootloader was unlocked, but the Atrix is not sholes based :P

And why even obey that stupid cease and desist letter. Its not like what he is doing is illegal at any rate. And I mean Motorola made it pretty damned clear that they will stop posting updates for ANY of their phones when they can make more money forcing people to buy a new one regardless of what age your phone has....

This reminds me of the hot-headed PR guy that told Moto users to go elsewhere for custom ROMs. O' happy day! Will a full CyanogenMod build finally find its way to my DX!?!?!?!

Woooo thumbs up to the developers man these guys are geniuses at this stuff, tireless machines. Oh yea Moto, its time to realize something...these are OUR devices now!

Well this cease-and-desist order tells me everything I need to know about Moto. They are liars. They stated that they were working on a solution with the bootloaders and now it has been worked over they are whinning. They were never going to unlock the bootloader. They just hoped people would forget after the announcement of the Xoom's bootloader. F#*K MOTO!!!! I am very happy this has pulled through but my X will be the last Moto device I own. The only reason the Xoom bootloader is unlockable is because Google forced them to, IMHO.

How are they liars? They never said exactly what phones they were considering regarding possibly unlocking bootloaders. For all we know, they were only thinking about the possibility of unlocking bootloaders for upcoming phones, which would require people to buy new phones and drive more business their way.

Well to start with people were not bitching about the phones that have not been released having a locked bootloader. They are bitching about the ones we have already purchased. Look at the Atrix and watch the Bionic will be locked down. They were referring to the Xoom with the solution. As I said the Xoom's bootloader is unlockable but I feel like Google forced them to. If Moto's phones run Blur they will be locked down. Only if they manufacture a Nexus device will they unlock the bootloader. If they do start on their phones I will be very surprised. The YouTube response I feel was spot on with how Moto feels about the bootloader, but had to smooth things over due to the overwhelming bad press it got. I do see what you are saying but I took that response as unlocking the current devices.

I was literally thinking this morning it'd be cool if the key for Motorola's devices was found. So weird.

Motorola needs to just chill the hell out. This isn't like Sony, which will have ACTUAL damages from having the key leaked. People will ruin the online service, they will pirate software, etc. How does this hurt Motorola? I still don't think I've heard a real reason for locking the bootloader down in the first place. Normal people would never touch it, hackers know what they're doing, it's a win win all around.

Only thing I can think of is they want to artificially force people to upgrade hardware by restricting software upgrades.

Edit: Why did ac's robots think my post was spam at first? Makes no sense.

I agree with sloud3642 the only reason moto kept the bootloader unlocked was google putting pressure on them so moto could be the first honeycomb tab (except the nook). As far as the phones go I only ever bought 1 moto phone the droid2 and never want to buy another. Coming from the G1to the G2 now the droid2 id rather have the G2, maybe now that the bootloader is unlocked roms may get better but with my experience I will get an HTC phone over moto and samsung any day. As far as that cease and desist order goes, good luck just try to take this genius to court. Moto will lose the case just like apple and sony did with the ps3, and this man will walk away a legend. KUDOS to kicking moto in the teeth, keep p the good work devs,

Sanless's last paragraph said it perfectly. Force people to buy new products since we won't maintain our old ones.

Yup. I'm going to wait to get some more confirmation from the android bigs out there. Koush, being maybe the biggest.

Either this guy just made a serious name for himself (and I'll be looking for a donate button very soon), or he's just messing around or mistaken and we're still stuck with moto's crap.

Koush just tweeted that he doesn't think they're real, and I think that may be a bad sign. But I'll still hold out a little hope when considering Moto's draconian response, and that freemymoto and others have had some success. But we will not know until someone does something real. Scuttlebutt is that this works on the Milestone, not the X.

Please someone give me a reason to eat ^these words. PLEASE!

I don't see any mention of it on Koush's twitter. Maybe he deleted the post you saw? ***fingers crossed***

Believe you me, I want to be wrong!
Quote: Posted at @clockworkmod
"Hate to be a wet blanket, but I'm gonna call it now: these moto keys are as real as santa claus. I'd love to be proved wrong though."

I am pretty sure the bootloader has been unlocked for a while. They just haven't built the drivers for it, atleast last I heard

I absolutely love the 57 different references to nerd culture in this one article. :D :D :D

shame it turned out to be a hoax