Bootloaders: More than you ever wanted to know

We're all pleased as punch that HTC has decided to shake things up a bit and stop locking the bootloader on its Android devices.  Cheers to the manufacturer for listening to the vocal minority, and for realizing the value that this will bring to its brand.  We'll get the full details, as well as answers to questions like when this policy goes into effect, as soon as we can.  In the meantime, there's a lot of questions about exactly what all this bootloader noise means. 

We're going to try to answer those questions, in as non-geeky a way as possible.  Hit the break, and have a read.

Who even cares about bootloaders and hboots and flashing?

Very few people, once you put it in perspective.  The majority of the 400,000 Android devices activated every day are users who have no idea (or would ever care) what a bootloader is.  They are the young girl you see at the hairdresser, texting her friends.  Or the guy in the hardware store, checking his notes to buy bolts for something.  Or the hipster guy at Starbucks showing off his EVO 4G to anyone who will look.  Android is now mainstream, and the simple fact that you're here, wanting to learn more about this bootloader stuff, means you're a more advanced user than most.

This is why HTC, Motorola, and other companies lock their bootloaders, even though many of us object -- it affects their bottom line very little in the grand scheme of things.  But it also shows that companies like Sony Ericsson and HTC, which have reversed their policies and will offer a real bootloader unlocking solution, want to please all their customers.  Even the few, but very loud, who want a more hackable Android device.

The people who do care -- and often are loudly passionate about it -- are the guys and gals who want to have complete control over what software goes on their Android phones.  They are the coders, themers, developers and hackers who endlessly tinker and improve the system they were given, and turn it into something better.  Or worse.  Either way -- it's theirs.  You'll find those folks in huge numbers on the Internet, which makes us feel that we're in the majority of users, even though we're not.

Why would phone manufacturers or carriers want a locked bootloader?  What does it really do?

It provides security -- both financially to your carrier, and to the end user. 

When we say locked bootloader, what we mean (most of the time) is a disk image that checks the important parts of the phone as it boots up, looking for the proper signature.  Let's break that down, as simple as we can. 

When you turn on your Atrix 4G, or HTC Sensation, the bootloader gets things going, then passes off control to the boot image (the part of the disk that holds the start-up files for your phone).  The boot image loads the phone's kernel, then loads Android, following instructions found in those files.  You copy this boot image to a phone by flashing it to the phones internal system memory -- not the RAM or running memory, but the physical flash storage in the phone. That's why there's a potential for danger. Screw this up, and you could really screw up your phone, turning it into a "brick." Depending on how you're hacking into it, that might be more than a mere possibility. It varies from phone to phone.

If you have a locked bootloader, you can only flash boot images that have been digitally signed with a string of information direct from the manufacturer.  You can't build you own and flash it to the phone.  The recovery partition is the same way -- it's checked for the right signature, and if it doesn't have it, you can't write a new one to the flash memory.  This really only means one thing:

We can't load custom kernels or start-up files on phones with a locked bootloader.

Gaining root access is still possible, even probable.  Root is just a security breach on a running system, then copying files that make it easy to break that security whenever we want to.  Every Android phone I have ever owned was rooted, even if I never decided to fool with a custom boot image or any serious hackery.  I just wanted the easy access.

Back to the security part.  If all you can run on your phone (mostly) is software that has been approved by both the manufacturer and the carrier, it's easier for them to keep your phone secure and working as intended.  This would be the perfect solution, except that by the time they send out a security or bug fix, new issues have been found.  It's a never-ending cycle, and locking the phone down to approved software helps the carriers and manufacturers administer it.  Remember, not everyone who owns an Android phone is reading this, so they have no idea how to go about loading patches and fixes themselves.  The folks who made your phone have your best interests in mind, if only to help their bottom line when it comes to support. And they're supporting millions of phones -- not just yours.

And then there's the monetary damage we can do to the carriers.  Yes, real damages.  PRL hacks that enable 3G roaming on Verizon towers with your Virgin Mobile Optimus V cost Sprint money.  So does enabling HSPA + on the HTC Inspire, bypassing T-Mobile's data throttling, unauthorized wireless tethering, changing slot cycles, and removing Bing and taking away the traffic that was promised to Microsoft.  These policies seem unfriendly to us, but your cell carrier loses revenue every time you do any of it. 

So, they decide to try to stop it.

But the Thunderbolt has a locked bootloader, right?  They have custom ROMs and CyanogenMod is in the works.

Indeed, both are true.  The developers who cracked the Thunderbolt used a mix of skill and luck -- they were able to get their hands on an older, unsigned newer bootloader that they could flash, break into the system, and flash a recovery that could in turn flash unsigned images.  Very skillful, very lucky; we shouldn't count on that sort of thing happening too often.

Enough, I get it. Unlocked is good, but what exactly can I do with it?


The Droid X developers are an amazing, tenacious bunch of fellows.  They can't just flash ClockworkMod, and load kernels and ROMs, and they have to jump through hoops and do things the hard way.  But they've gotten some very cool stuff working anyway.  And the same thing would have happened with the Evo 3D, eventually.  In contrast, when the Nexus S 4G came out, it was rooted, kernels were built, and a customized recovery was made before the day was over, all because it was fully unlocked.

We don't know exactly how the bootloader unlock policy with HTC will work.  Personally, I hope it mimics Sony Ericsson's -- ship them locked, but offer a way for the tech savvy to unlock them that's supported by the manufacturer.  They could also appease the carriers by not allowing this on devices under contract, but all this is pure speculation.  I'm sure HTC will let us know more soon enough.

But when you get a new phone with an unlocked bootloader, the "hacker" type of development will come at a record pace.  Root, custom ROMs, ports of other device software -- all the things many of us love about Android.  And to top it off, unlocked bootloaders mean custom kernels -- overclocking, USB host, and all manner of other goodies that's pretty darn difficult to manage on phones with locked bootloaders, as well as an easy way to load it on your own phone.  And of course, it means MIUI and CyanogenMod, especially if they're HTC devices.

We're glad things happened the way they did, just like most of you are.  If you like to go the extra mile and hack at your phone, you should be able to do so with a new HTC device.  If you don't, you won't have to do a thing and enjoy the stability and have fun with your phone the way it was shipped to you.  Either way, hopefully we've answered most of your questions about locked bootloaders. 

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

  • Verizon Support's Twitter said a few hours ago you can't activate phones with non-locked bootloaders on Verizon.
    While HTC might not lock the bootloaders, I have a good feeling Verizon will.
  • They posted a couple of retractions a little while later.
  • That statement has since been retracted.!/VZWSupport/status/74160501885644800
  • When are you guys going to realize that the US is not the whole world?
    We need unlocked bootloaders in places like Israel, cause without Cyanogen mode rom we don't get right to left support and support for proper Hebrew fonts.
    You have no idea how many phones are imported from the UK and US to Israel/russia/arab countries and other countries. without an unlocked bootloader we cannot use these devices.
    That is why people here stopped purchasing HTC devices when they started locking them.
  • Your still a small fraction. I would be willing to argue that the number of people who go through the hassle of buying an imported device and then need to tweak it, can easily be incorporated in the the small percentage of overall users Jerry was referring to.
  • No we are not, the majority of devices in the countries I mentioned are imported ones, cause the stores themselves import them and unlock them to add hebrew support.
  • willing to bet its less than 1% of the 400,000 android devices activated daily.
  • Wow, what the fuck is wrong with you buddy? Whether or not these people are not part or less than the "1%" that doesn't make it any less important they get a phone that they want in their language, which is easier when they have an unlocked bootloader.
  • no need for expletives, I was making a point that we all think we're a larger group than we really are. Every manufacturer will always focus on its largest audience first. So yes, that makes you less important.
  • Only the manufacturer can lock the bootloader. The phone carrier can't do it. I also don't see how the carrier could even tell if an unlocked device was accessing their network.
  • carriers can put pressure on the manufactures to lock the bootloaders. Unless your on a completely stock ROM with a unlocked bootloader, they can tell if they look hard enough, just a check of the software version is often enough. But then what was the point in the first place?
  • While I have no idea if OEMs allows carriers to lock down bootloaders, if the carriers truly want us to have locked down phones, that is a problem for us. They will make a deal with OEMs of find another way to prevent us from fully accessing our phones hardware and/or software. While right now our fight is with the OeMs to ship unlocked phones rf make unlocking then a viable option, that fight can easily change to the carriers. After all, they are the ones who get screwed when someone doesn't follow directions and bricks their phone. I am happy to see more OEMs liwtening to their customers and trying to accommodate our small minority, but if the carriers jump into this bootloader mess I fear we will have a much harder time opening a dialogue with them, let alone get the to see our point. This is why I wish people would research a bit before they start hacking so they have a clue what they are doing, and not tether internet from their phone as their main home connection because they want to save a few bucks.
  • Jerry, I think you're being a little too easy on the carriers. Sure, a few hacks might cost them money due to roaming charges or overriding data throttling. But let's not forget that they're essentially forcing the customers hand. If, like you suggested, they offer unlocked bootloaders for off contract phones, they would lose a lot of money due to the fact that those customers only spent $500 up front on a phone and didn't secure $2000+ dollars from a contract. Why do I have to commit to $2k+ just for a phone? Why do I have to pay $100+ just to leave? Why am I forced to have 50-100mb of useless apps loaded on my phone? I get that you're trying to avoid the gray area, but let's not paint carriers out to be the victim because that NEVER really happens. If they are trying to do whatever is necessary to make money and I am trying to do whatever is necessary to save money, everything that happens in between is fair game.
  • Not to mention how the carriers force companies like HTC to take android's built in tethering function out in order to sell their pay service. This happens even when I am charged a non-optional premium because my phone is only available with the high end plans that claim uncapped and unlimited 3G and 4g. If I pay extra for unlimited and uncapped, there is no legit reason I should have to pay yet another $30 per month to forward that data to my laptop or tabet when I am on the road.
  • First and foremost, with the possible exception of Sprint devices, you can purchase any device on any carrier without signing an agreement (you don't even have to be a customer). You can do this on Sprint, but in my experience they are the one ones who will try and tell you it's impossible to do so. The reason you have to pay the ETF is that if you signed a contract, the carrier took a financial loss by giving you the phone at a discounted price. If you don't agree with that policy (and I don't either) don't sign a contract and never have to worry about an ETF again. Secondly, carriers have to offer support on your device if you sign a contract. Yes, they have that thing about rooting voiding your warranty, but a quick glance at the forums will show you that a ton of people think that "requirement" is optional and have ways of getting their way anyways. As Jerry pointed out, those who root are the extreme minority of users. And those who root and accept responsibility FOR rooting are a minority of that minority. Ask a tech how often they see a customer who ruined their phone by rooting try and get a "new free" one instead of doing.sbf because they didn't bother to learn. Carriers are NOT the victims here. Far from it. The bloatware and inhibited updates created thanks to them are wholly unacceptable. But there is always a reason for doing what they do. If rooting really "voided your warranty" and people who ruined their phones because of rooting would accept responsibility for it, carrier's wouldn't be so opposed to it. Every carrier (even Clear with WiMax) has either data caps or throttling for extreme use customers, so the "they're blocking it just to block tethering" argument doesn't really work anymore.
  • I am new to this so please excuse my ignorance. Is an unlocked bootloader the same as having a phone that will work on any carrier's network?
  • No. An unlocked BOOTLOADER is step 1 of rooting your phone. An unlocked PHONE(ex one that will work on any network) is different and doesn't void your warranty(the last time I checked.)
  • +1.... carriers are not victims at all. They do let us leave stores or online sites only paying a portion of the cost of the phone upfront but we pay what?? Quadruple back for that same phone by the time the contract ends. Also why is the droidx2 $450 retail, $200 on contract with an etf of $350? Carriers arnt losing money at all.
  • Losing money is not the same as making less money. I don't like it, or agree with it at all, but a lot of what we do means less dollars in their pockets. We can't deny, or ignore it.
  • IMO,Telecoms just haven't figured out how to properly charge for smartphone data.They were so used to older cellphone data(WAP) usage that when these super-smartphones came out they were taken back by their usage amounts and stress they put on their data networks.The iPhone on AT&T is the best example.On one hand they want as many people as possible with smartphone data plans but on the other the older "unlimited"(5GB) plans that worked 5yrs ago won't cut it now.
  • What an excellent write up!! Bravo.
  • I really like this article. I know a lot of us get frustrated with the amount of control the manufacturers and telcoms have on our phones. But as you pointed out, they are dealing with millions of phones and owners that have no idea how to fix their phone if something goes wrong. I like the idea of just giving the people who want the unlock to have access to it. Thanks for the write-up!
  • I feel so strongly that HTC cares more about their loyal customers than Samsung or Motorola does. This decision just reinforces that feeling so much more. Especially when I'm trying to help my boyfriend rom his droid X after he saw what I did to my HTC Evo Shift. Every time I have to SBF him back to stock I curse the name motorola, and thank god that I own an HTC.
  • My kind of girl! :)
  • Thank you Jerry for Bootloader 101!
  • Thanks Jerry
  • thank you Jerry for a brilliant piece i think it's important to remember that some of the hacks that the bigger groups do cyanogenmod and modaco for example are used by the manufacturers to fix some of their bugs if you cant hack the phone then you'll only have the manufacturers tech department working on maybe 50 bugs if the phone is open then you have so many more looking at the faults
  • Nice review/write up jerry.
  • Excellent writeup, Jerry. Informative, accurate, balanced. I am not sure I will ever want to flash a different firmware on any phone I have, but I like having the option available. It can be especially attractive if you have an old/"ancient" Android phone and want to make it current because the carrier/manufacturer will no longer send updates. That way it can be used as a decent PDA or backup device.
  • Very good point! I rooted my sisters Eris and it's running OMGB now and it is WAY faster than when it was dead on Eclair w/ Sense!
  • As others have said, an excellent synopsis of Bootloaders and the world they live in. I think Jerry was very fair concerning everybody's agenda within the Android community.It's easy(and often fair as with VZW's Bing deal w/MS) to demonize the Telecoms but they have valid points on certain issues like data tethering.
  • I agree with Jerry, I hope they don't come shipped unlocked but rather it is something that those who want it can do through software provided by HTC. That way those who know what it is and want it can do it. Otherwise just think how over flooded XDA will be with a bunch of people that have no clue what or why they did this to their phone, it's bad enough already... :P I personally just want to start seeing more Nexus (type) phones across all the carriers. I rooted for 2 reasons, remove the carrier bloatware and I wanted Vanilla Android and not HTC Sense (as pretty as it is).. I personally would be just as happy if HTC had announced that they'd provide a alternate official rom to DL and flash without sense, sadly I think I am even more a minority there as most of us here want to go crazy and tweak/mod/hack the crap out of our phones. :)
  • Very good post, Jerry.
  • Make a VZW Nexus and you got me.
  • +1
  • Hey now, I'm the guy in the hardware store getting bolts with a rooted EVO 4g
  • This Article is waaay too friendly to the carriers. How about the fact that they lock down bootloaders to force their crappy bloatware? My droid Inc2 has so much crapware on it, I want to scream sometimes. I would take it off, but oh wait. HTC locked it. How about the fact that the phone can be inaccessible even though I paid the FULL amount for it, off contract?
  • Two thumbs up as always Jerry. God..Android Central has really had some great pieces lately. Give Jerry a raise! :) He brings a great perspective to this site.
    Thanks again for the awesome read. Keep up the good work.
  • I would like to see a phone that if you rebooted the system into the recovery mode, you had the option from the factory of or . This way people that wanted a stock, unmodified system could have it without needing Hacks and Rooting. I think that there is a good percentage of people that root their phones to get RID of the junk, not to try and do anything special. If I could just put vanilla android on my phone rather then a Binged, Verizoned, Motorolaed, HTCed phone, I would love to. If I had the option of getting a Nexus on any carrier I would buy it in a heartbeat, but it just happens to be on a different carrier then I am on.
  • Oh, the poor carriers! They are the ones who must suffer our dabbling! The idea of balancing an article customers vs carriers is un-nerving to say the least.
    Good thing carriers are "keeping up" with consumers by screwing us every chance they get! Moto Atrix anyone?! Why not pay for what you don't get? (4g, not really 4g, but it doesn't matter, you don't get that anyway, it's not in your area or allowed by software! Thanks for the loot sucker!) I for one feel like I should piss extra money down my leg in the name of the poor carriers so I can access the same data I already pay for. They should get extra money (I pay over a hundred a month for a crappy signal and constantly dropped calls called via deathstar. Used to not be the case pre i-phone, home of the sheep...). Anyway, we in the US are paying WAY more than the rest of the world and now we are reading this drivel about how maybe these companies have a point? Spare me. Anyone who sacrifices freedom in the name of protection deserves neither. Check it, pretty sure your carrier gives you little of either. I would rather light my dog on fire than trust verizon, att, t-mobile, or sprint to do right by me and not slide a rate increase by me.
    And the manufacturers? We all know who the good ones are by now, and moto isn't on the list, og droid or not. While I have long been an HTC fan, it kind of pisses me off that they even played with the idea of locking things up. Gotta give props to samsung on that front for just doing the right thing in the first place, but ota's? Yeah right.
    We as consumers should demanding unlocked bootloaders, not begging for them. Do you need permission to load XP or windows 7 on your machine? Is it cool to watch flash? Is that up to you? Maybe Linux? Anyone? If I want a new fuel injector on my car I can install one. If my freezer gets shitty I can install a new coil. If my mower won't cut I can get a new blade. Don't need a warranty, I can just FIX what the manufacturer (or in the case of the mower myself :) messed up). They have proven undependable and are not consumer friendly. Planned obsolescence people. And you don't matter.
    TETHERING!- Code word for stealing more money from you. Wake up people. Ask someone from Europe what they pay per month. And tell these assholes, no more locking down what you already overpaid for. I have the keys to my house (clockwork with cm7), do you have yours?
  • I know that my Sammy has an unlocked bootloader and my tbolt doesn't. My Xoom has a relockabke one. To me it is the manufacturers but more the carrier. The carrier wants to make sure that you don't mess up the ecosystem. When they should just focus on profits and let us do what we will.
  • Mess up the ecosystem??!! Did i read right?! Since when the give a flying fudge about it. They only care about one ecosystem: their pockets, nothing else! Or why you think the goverment have to be watch-dogs over them all the time. I strongly agree that all phones should be secure for the "know-it-alls" that know shit and easily to unlock for us, the ones who know what the fuck we are doing.
  • Wireless Tethering should be free anyway, seems to me the 30.00 bucks a month from Sprint is more so Wifi use insurance. When we use our devices as a Hot Spots we are still using the the data we already pay for right? Cap the abusers leave the people with regular usage alone. These companies are already making billions off us.
  • If you are on a pay for use plan (meaning you pay per MB or GB) then I totally agree. You should be free to use your phone as you want as you pay for what you use. However, if you are on a fixed base plan or unlimited plan the carriers have a legit interest in only allowing you to use data 'on phone' since as soon as that phone becomes a hot spot average data use per subscriber goes through the roof and their pricing models break down. I would like to see all data plans move to a fair pay as you use model meaning that many people would pay less than they do today, some would pay the same, and a few would pay more. All depending on the amount of data consumed.
  • I know this article is 3 years old, but nevertheless, awesome article. The take away for me here (which was a derived one) was that:
    1. Locked bootloaders allow only signed ROMS to be flashed to the phone
    2. "Signed" is defined as matching the signature within the bootloader
    3. Bootloader is designed and loaded onto phone by manufacturer; therefore signature is "approved" by manufacturer
    4. Why not just flash another bootloader onto the phone? (One that is fully "unlocked")
    5. The realization that designing a bootloader is probably pretty difficult, and for all intents and purposes not possible to design (for whatever reason) by us, else it would have already happened. Feel free to critique and point out errors/flaws in my reasoning, for those that may stumble on this....
  • Aihv1I have not been able to root my galaxy S900H which I recently updated to Lollipop 5.0 manually through Odin. I had been running Kitkat 4.4.2 which was rooted before the upgrade. Please note that I had to upgrade the Modem and Bootloader before I could install Lollipop. Subsequently, I had been unable to root the phone by all methods I have tried (Odin via AutoRoot, Heimdall, SRS one Click, Skipsoft Android Toolkit, KingoRoot, and ADB). Thinking Lollipop was the problem, I downgraded to KitKat 4.4.2, and still, I was unable to root.
    Someone suggested the reason might be due to the updated BootLoader. Can this be true? If so, can I go back to my previous bootloader and still be able to run Lollipop?
  • I have a desire 626s it was cheap but have to admit one of the bestie had considering the cost one could only hope to fully root and customize it .....button having an huge problem unlocking my boot loader and getting past to root I hadn't come across .......bad thing is no computer to any advice would be much appreciated