New root exploit is increasingly unlikely - Xperia Z3 Compact General

Quite a few of us xda lurkers are itching to get root on our devices, but the DRM-debacle of the Sony phones has made many, including myself, hold off with unlocking the bootloader. Instead, we've put our hopes to new exploits that would allow root while keeping the bootloader locked, thus making it possible to keep all DRM functions in place, and also to restore the phone to factory conditions with the bootloader intact.
However, as Chainfire explains in the post below, the chances of any such exploit surfacing are slim. He says it's more important than ever to buy phones with unlocked bootloaders if we want to keep root.
Sadly, I'm afraid he's right and that the official bootloader unlock is the only way we'll be able to get root in the foreseeable future.
What do you guys think? Worth it or not?
Check out Chainfire's post on G+:
https://plus.google.com/113517319477420052449/posts/VxjfYJnZAXP

Fruktsallad said:
Quite a few of us xda lurkers are itching to get root on our devices, but the DRM-debacle of the Sony phones has made many, including myself, hold off with unlocking the bootloader. Instead, we've put our hopes to new exploits that would allow root while keeping the bootloader locked, thus making it possible to keep all DRM functions in place, and also to restore the phone to factory conditions with the bootloader intact.
However, as Chainfire explains in the post below, the chances of any such exploit surfacing are slim. He says it's more important than ever to buy phones with unlocked bootloaders if we want to keep root.
Sadly, I'm afraid he's right and that the official bootloader unlock is the only way we'll be able to get root in the foreseeable future.
What do you guys think? Worth it or not?
Check out Chainfire's post on G+:
https://plus.google.com/113517319477420052449/posts/VxjfYJnZAXP
Click to expand...
Click to collapse
Well it's @Chainfire talking, who are we to doubt him? I'm only waiting for a way to backup my TA-Partition (DRM keys), I wouldn't mind losing some features. Even tho I must agree that losing some camera quality is really annoying, but Android is pretty open source so I have no doubts that people will find something to reverse the algorithm loss or create their own.
And also when the occasion occurs that I need to send my device out for repair, that they don't refuse it due to an unlocked BL

I'm sure that's true in the long run, just not sure if it's true now.
It's economics. The security bugs are going to get fewer and further between, but they will arguably never be eradicated. You should expect it to take longer and longer to find new exploits, but I wouldn't bet a wooden nickel that there are no exploits left.
More likely, we will reach a point where the cost of finding an exploit is so great that they're no longer worth looking for to a critical mass of hackers.
On the bright side, the implementations get better all the time, and I see very little about my z3c that I would like to change if only I had root.
And I do think Sony should find a way to make the early rooters whole again. I feel terrible that so many people's $500 phones have been seriously degraded by a completely reversible software change.

Dsteppa said:
Well it's @Chainfire talking, who are we to doubt him? I'm only waiting for a way to backup my TA-Partition (DRM keys), I wouldn't mind losing some features. Even tho I must agree that losing some camera quality is really annoying, but Android is pretty open source so I have no doubts that people will find something to reverse the algorithm loss or create their own.
And also when the occasion occurs that I need to send my device out for repair, that they don't refuse it due to an unlocked BL
Click to expand...
Click to collapse
True, but as I'm sure you're aware, backing up the TA-partition requires said exploit to be found in order to get root. So I think it'll be a looong wait. [emoji20]

He still thinks root will be achievable in the early editions of Android L so I think it's safe to say root will arrive for this device under a locked bootloader, it will just take a bit longer than it has in the past to find an exploit.
Sent from my D5803 using XDA Free mobile app

This is really disheartening. It's kinda ironic that Sony, who in recent times has been raised in its support of the developer community of its phones, and even won XDA's OEM of the Year, has such a downer in its phones.

I know this doesn't work for everyone but I'm hopeful that the new AOSP L camera API will mean that AOSP custom roms have some native low light enhancement processing. Maybe...

Chances improve with new software so I t could happen with android L too.

pricey2009 said:
He still thinks root will be achievable in the early editions of Android L so I think it's safe to say root will arrive for this device under a locked bootloader, it will just take a bit longer than it has in the past to find an exploit.
Sent from my D5803 using XDA Free mobile app
Click to expand...
Click to collapse
Yup, but we're still looking at about five months wait considering Sony won't ship L until Q1 2015. Even then, there's no guarantee an exploit will be found.
Maybe I'm overly pessimistic about this. I do, however, have high hopes for the new camera API's regarding camera quality and post processing.
Personally, every day without root is a little painful, so I'll never last all those months. As soon as there are custom kernels available and a ROM like CM or PA, my locked bootloader goes bye-bye.

Chainfire is talking about the su daemon and problems running it (on Android L). He does not say anything about a root exploit. It seems you misunderstood his post.

zxz0O0 said:
Chainfire is talking about the su daemon and problems running it (on Android L). He does not say anything about a root exploit. It seems you misunderstood his post.
Click to expand...
Click to collapse
Let's hope Sony make or have made some little security mistakes.. To quote his post:
" Of course, this is all dependent on OEMs implementing everything exactly right. If a certain OEM doesn't protect one of their services correctly, then we can leverage that to launch the daemon without kernel modifications. While I'm fairly certain this will be the case for a bunch of devices and firmwares, especially the earlier L firmwares, this is not something you should expect or base decisions on."
Here's hoping they have missed something.
Sent from my GT-I9300 using XDA Free mobile app

pricey2009 said:
Let's hope Sony make or have made some little security mistakes.. To quote his post:
" Of course, this is all dependent on OEMs implementing everything exactly right. If a certain OEM doesn't protect one of their services correctly, then we can leverage that to launch the daemon without kernel modifications. While I'm fairly certain this will be the case for a bunch of devices and firmwares, especially the earlier L firmwares, this is not something you should expect or base decisions on."
Here's hoping they have missed something.
Sent from my GT-I9300 using XDA Free mobile app
Click to expand...
Click to collapse
Let's wait until January for the first android L release then :crying:

I've rooted two weeks ago and still enjoying the phone

zxz0O0 said:
Chainfire is talking about the su daemon and problems running it (on Android L). He does not say anything about a root exploit. It seems you misunderstood his post.
Click to expand...
Click to collapse
This.
The post was mainly aimed at Android L...

Google hired one of our very own (Towelroot) and iPhone's pioneering hacker so it's going to get tougher. I hope they hired him only for NSA purposes.

That move by sony is just stupid. if they wanted to protect their code, why not store it into the camera firmware (referring to the camera algorithms)?
Why do they have to kill Miracast?
Obviously that is the other side of the medal. investments on security = far less exploits available. we are gonna wait a while, but as a developer I really really miss Xposed. Each time I look at my G2 a little tear drops.
No way I'm gonna root loosing DRM keys. The camera is already weak (to be honest I would be used a word beginning in shi but let's be polite) so I'm not in any way gonna make it worse.

zxz0O0 said:
Chainfire is talking about the su daemon and problems running it (on Android L). He does not say anything about a root exploit. It seems you misunderstood his post.
Click to expand...
Click to collapse
Yes he does:
"As stated above, it seems for now that modifications to the kernel package are required to have root, we cannot attain it with only modifications to the system partition.
Combine that with a locked bootloader (and optionally dm-verity) and a device becomes nigh unrootable - exactly as intended by the security guys.
Exploit-based roots are already harder to do thanks to SELinux, and now because of the kernel requirements for persistent root, these exploits will need to be run at every boot. Exploits that make the system unstable (as many do) are thus out as well."
Then he goes on to say:
"Of course, this is all dependent on OEMs implementing everything exactly right. If a certain OEM doesn't protect one of their services correctly, then we can leverage that to launch the daemon without kernel modifications. While I'm fairly certain this will be the case for a bunch of devices and firmwares, especially the earlier L firmwares, this is not something you should expect or base decisions on. It is now thus more important than ever to buy unlocked devices if you want root.
It might also mean that every firmware update will require re-rooting, and OTA survival mode will be broken. For many (but far from all) devices we can probably automate patching the kernel package right in the SuperSU installer ZIP. We can try to keep it relatively easy, but updating stock firmwares while maintaining root is probably not going to work as easy and fast as it did until now."

zxz0O0 said:
Chainfire is talking about the su daemon and problems running it (on Android L). He does not say anything about a root exploit. It seems you misunderstood his post.
Click to expand...
Click to collapse
How can anything be a root exploit if it doesn't result in a functional su? I read Chainfire's post as Google making it impossible to elevate privileges from within Android, necessitating kernel level exploits which in turn will require unlocked bootloaders to install.
Once we get to where the bootloader has to be unlocked it's really not a root exploit anymore, is it?

michyprima said:
Why do they have to kill Miracast?
Click to expand...
Click to collapse
Because they don't want to support Miracast without HDCP. Remember that Sony is also a content provider. While that may be as annoying for a normal user as the degradation in camera quality, their approach actually still is developer friendly. Request a code - get full control over the device, at the cost of losing some functionality (software functionality). It's as simple as that. CM and other roms work perfectly fine on Xperia devices, and if you want to implement an equivalent camera algorithm, you're free to do so.

Iruwen said:
Because they don't want to support Miracast without HDCP. Remember that Sony is also a content provider. While that may be as annoying for a normal user as the degradation in camera quality, their approach actually still is developer friendly. Request a code - get full control over the device, at the cost of losing some functionality (software functionality). It's as simple as that. CM and other roms work perfectly fine on Xperia devices, and if you want to implement an equivalent camera algorithm, you're free to do so.
Click to expand...
Click to collapse
Can only agree to that. If you buy a Sony phone to act like a Sony phone (most people do!) then one should leave it as it has been delivered by Sony. If you can't agree to how it is, Sony gives you the option to unlock the BL and do whatever you want to do with the HW, but don't expect it to work/act as before. Personally, I have no issues with that at all.
On a different note, Linux/Android is comprised of x million lines of code. There're bugs in this code, there're bugs in the compiler, bugs in Java, bugs even in the Hardware etc. etc. There's no reason to believe (or fear) that Linux/Android would ever be perfect or non-vulnerable. Root will come, it's only a matter of effort and time...

Related

A-Ha! WHY 2.3.3 !

This article just appeared:
http://www.businessweek.com/magazine/content/11_15/b4223041200216.htm
http://www.engadget.com/2011/03/31/google-tightening-control-of-android-insisting-licensees-abide/
Basically it says Google is calling out it's OEM to stop gross customizations and reduce fragmentation of the Android OS
this is great. People posting obviously don't get it. They aren't locking down anything, just making it so that companies can't take advantage of the users and fail to release updates. The os will still be as customizable as ever
Yeah it will still be just as open. But if companies customise it too much they won't be able to use the Android name. Although withholding the source code is not very open source and will hurt small companies/devs.
Explains it well http://gizmodo.com/#!5787565/google-finally-fights-back-against-android-fragmentation
fiscidtox said:
this is great. People posting obviously don't get it. They aren't locking down anything, just making it so that companies can't take advantage of the users and fail to release updates. The os will still be as customizable as ever
Click to expand...
Click to collapse
Well, 2.3.3 DOES increase the security and remove most of the malware* that are used to root the phone. So some of the exploits WILL go away. Certainly in that sense, it is more locked down.
*It is malware aka trojans, that's used to root; mostly Latoor G and J. I have to put the rooting software into a directory that's not scanned by my AV/AS.

DRM keys, worth losing or not?

This post over at the recovery/kernel dev thread seems to suggest that locked bootloader root and recovery might actually be impossible to achieve on the Z3+, so I've started to consider unlocking, having previously been adamant about not doing it. Losing the DRM keys is what prevents me, though.
Does anyone have a full list of lost features that go with the keys? I'm aware of some camera stuff, the Bravia engine, and noise cancellation.
Also, some users have reported at least partial restoration of DRM functions (not keys!) on previous Z devices, is that/will that be possible on the 3+?
+1 . I am in the same boat as op!
Sent from my Xperia Z3+
What features are lost? Anyone?
For me its not worth it
Some potential problems are as follows:
Bravia engine stuff and all that
Camera software is degraded especially low-light(can't confirm if this was changed with the z3+)
Sound EQ thingies and NC stops working
Drm Keys
Updates and stuff are not accepted anymore(OTA, PCC)
not worth it. additional to hasona's post :
-Xperia Lounge feature (eg: free movie)
- Screen mirroring
etc.
Currently i can live without root.
Adguard, Helium, will do the necessary needs atm.
And Sony is "committed to the openness of Android" or somesuch. I didn't know purposeful limiting counts as being committed.
monx® said:
not worth it. additional to hasona's post :
-Xperia Lounge feature (eg: free movie)
- Screen mirroring
etc.
Currently i can live without root.
Adguard, Helium, will do the necessary needs atm.
Click to expand...
Click to collapse
Currently I can live without root too, only thing I'm missing being not rooted is that I can't edit mixerpath to make my headphones louder,but still can live without that (but it would be cool to have it )
Sent from my E6553 using XDA Free mobile app
[NUMINIT] said:
This post over at the recovery/kernel dev thread seems to suggest that locked bootloader root and recovery might actually be impossible to achieve on the Z3+, so I've started to consider unlocking, having previously been adamant about not doing it. Losing the DRM keys is what prevents me, though.
Click to expand...
Click to collapse
Everything is impossible? says who? this will take time at least 9-10 months or 1 year to achieve root. Awesome devs at XDA always come with new exploits. :d
Don't unlock till then.
chesterr said:
Everything is impossible? says who? this will take time at least 9-10 months or 1 year to achieve root. Awesome devs at XDA always come with new exploits. :d
Don't unlock till then.
Click to expand...
Click to collapse
Once the z5 is out and they find a away for that, the z4 is sure to follow, with the same method.
Sent from my Xperia Z3+/Z4.
I have no issue with loosing that functionality to gain root..
If blocked updates are an issue, you can just flash newest ftf to get back to unrooted.. but right now, there is no way to get DRM back.
Personally I bought this phone for the express purpose of rooting it so I just assumed I'd loose the DRM keys from day 1.
[NUMINIT] said:
And Sony is "committed to the openness of Android" or somesuch. I didn't know purposeful limiting counts as being committed.
Click to expand...
Click to collapse
I think you've gotten Sony's intentions wrong mate. At least there's the option of unlocking the bootloader, albeit by loosing some phone functions. Most other companies they'd lock the bootloader away forever if unlocking meant compromising on proprietary software, or unlock their bootloader and not develop any customised functions as they'd be compromised if the bootloader got unlocked. At least Sony have a way for us to unlock the bootloader and also keep their IP safe. It's a compromise, and one that I'm happy to take.
Sony are one of the few companies that release their source code for their phones to the public. As far as I'm aware, the only other manufacturers only do so when they make a Nexus device and Google force them.
serrin85 said:
Personally I bought this phone for the express purpose of rooting it so I just assumed I'd loose the DRM keys from day 1.
I think you've gotten Sony's intentions wrong mate. At least there's the option of unlocking the bootloader, albeit by loosing some phone functions. Most other companies they'd lock the bootloader away forever if unlocking meant compromising on proprietary software, or unlock their bootloader and not develop any customised functions as they'd be compromised if the bootloader got unlocked. At least Sony have a way for us to unlock the bootloader and also keep their IP safe. It's a compromise, and one that I'm happy to take.
Sony are one of the few companies that release their source code for their phones to the public. As far as I'm aware, the only other manufacturers only do so when they make a Nexus device and Google force them.
Click to expand...
Click to collapse
You're right, I worded that more harshly than necessary. I was just so pissed that I bought an expensive phone I can't fully own without losing functions I paid for.
I do think it's silly to protect their software like this, though. Who would risk a massive lawsuit by stealing the IP that gets blocked with unlocking the BL?
Anyway, since you've unlocked, have you personally noticed much difference in everyday use?
Not worth.
My Z3+ wen crazy after some updates from Google (I think just after time when Google changed their logo). I was getting ~40-60 alerts "Google Services can't start" just after reboot. And they were jumping from time to time all the time. My phone was unable to reach google services so it was impossible to retrieve any updates, impossible to install or remove anything. This means impossible backup SMS/Call logs too (I didn't have any apps installed). Yeah I had Sony Xperia Transfer app, but this app will not let you transfer data to any other phone except SONY. Thank you SONY.
Decided perform factory reset. BUT, factory reset button from menu didn't worked. It simply did nothing. Was thinking bring phone to service, but then I need remove my mail accounts (I'm keeping job data there and I probably would be fired and get some 5-number-USD fine if I'd disclosure that info). Removing accounts didn't worked too.
Tried perform factory reset via adb, but no success. Decided boot into boot loader as in my good old nexus 4 and perform factory reset from there. Found some link on web that SONY gives you unlock code gently and you can do that yourself. What could be better, I thought?! Yeah, I've rebooted my phone, reset it and was happy again.
But after few days I've noticed that when I try zoom with my camera just a little, it simply freezes or performs 1 frame / 3-5 seconds. If I try record something - similar **** is happening. Quality is terrible too comparing what I had before. And then I found out about DRM...
So now I have one of top expensive phones with one of worst cameras.
[NUMINIT] said:
You're right, I worded that more harshly than necessary. I was just so pissed that I bought an expensive phone I can't fully own without losing functions I paid for.
I do think it's silly to protect their software like this, though. Who would risk a massive lawsuit by stealing the IP that gets blocked with unlocking the BL?
Anyway, since you've unlocked, have you personally noticed much difference in everyday use?
Click to expand...
Click to collapse
Well people port google apps all the time. Granted, no one's been sued yet, but there is a real likelihood that people are going to try it.
I don't think Sony are that worried about joe blow modder, but one of two things:
1) As part of their contract with the third party who they've leased the license from requires them to secure it (which may mean locking the bootloader)
2) Samsung or some other manufacturer would steal their code.
I'm just speculating, but Sony aren't making life difficult for everybody (and themselves) just for ****s and giggles.
I haven't noticed much difference, but then i didn't spend much time with it unlocked. I doubt loosing the drm keys will make the camera laggy.
serrin85 said:
Well people port google apps all the time. Granted, no one's been sued yet, but there is a real likelihood that people are going to try it.
I don't think Sony are that worried about joe blow modder, but one of two things:
1) As part of their contract with the third party who they've leased the license from requires them to secure it (which may mean locking the bootloader)
2) Samsung or some other manufacturer would steal their code.
I'm just speculating, but Sony aren't making life difficult for everybody (and themselves) just for ****s and giggles.
I haven't noticed much difference, but then i didn't spend much time with it unlocked. I doubt loosing the drm keys will make the camera laggy.
Click to expand...
Click to collapse
Would it not be possible to just use a different camera app or will that be the same?
serrin85 said:
Well people port google apps all the time. Granted, no one's been sued yet, but there is a real likelihood that people are going to try it.
I don't think Sony are that worried about joe blow modder, but one of two things:
1) As part of their contract with the third party who they've leased the license from requires them to secure it (which may mean locking the bootloader)
2) Samsung or some other manufacturer would steal their code.
I'm just speculating, but Sony aren't making life difficult for everybody (and themselves) just for ****s and giggles.
I haven't noticed much difference, but then i didn't spend much time with it unlocked. I doubt loosing the drm keys will make the camera laggy.
Click to expand...
Click to collapse
The camera is laggy as hell as per 5.0.2 anyway, so that's not an issue. I'm more worried about low-light shots. Unlocking absolutely ruined then on my Yuga.
Plus there are things such as the Bravia engine and noise cancellation which I really like
Is anyone willing to test this one on his UB?
http://forum.xda-developers.com/cro...deodex-xperia-z5-themes-home-widgets-t3207016
cjm1979 said:
Would it not be possible to just use a different camera app or will that be the same?
Click to expand...
Click to collapse
You can use a different camera app, but the Sony magic mojo (noise filter etc) is only found in the stock app. That is to say unlocking the bootloader nerfs the stock camera app, the camera hardware itself is untouched.
serrin85 said:
You can use a different camera app, but the Sony magic mojo (noise filter etc) is only found in the stock app. That is to say unlocking the bootloader nerfs the stock camera app, the camera hardware itself is untouched.
Click to expand...
Click to collapse
So if we had a camera app that does equivalent post-processing Sony's apps we would not lose any picture quality? Does this also mean that any 3rd party app that accesses the camera does not take advantage of any DRM-licensed functionality, and they will work exactly the same way after unlocking the BL?
steveeJ said:
So if we had a camera app that does equivalent post-processing Sony's apps we would not lose any picture quality? Does this also mean that any 3rd party app that accesses the camera does not take advantage of any DRM-licensed functionality, and they will work exactly the same way after unlocking the BL?
Click to expand...
Click to collapse
So I use 'A Better Camera' for taking pictures, as the stock app overheates the device incredibly fast. But if the stock sony camera app is working it's much faster than a third party app. But this is is only my own opinion, don't know, if that's always the case and if this depends somehow on the DRM key stuff. (Locked BL, using the 28.0.A.7.24 FW)

Root possible?

I know its too early but what do you guys this about rooting/custom roms for venice?
BB ceo said (something along the lines) that they will only make an android device if it is secured enough. WOuld that mean a locked bootloader etc? Moreover, it is using a much more secure kernel (http://berryflow.com/2015/09/blackberrys-android-slider-using-hardened-linux-kernel/) and i've read that some beginner's tools (eg enabling developer's options, sideloading apps etc) are blocked.
So what do you guys think? As for me, I believe in this community and i know one way or another, we will be able to install our favourite custom roms/apps on venice. Although I dont know if it would happen 2 days after launch of 2 years after the device reaches the market!
Btw cant wait for the device! I hope blackberry becomes a force again after this phone. I'll buy it the day it's bootloader gets unlocked + root is acheived
Do you have a source on the Priv blocking sideloaded apps? That would be very unfortunate. Locked bootloader is a given but I would still like to be able to install my favorite apks.
I can't see things like developer options/USB debugging etc being outright blocked. That just seems like a great way to alienate the majority of the userbase that a device like this is targeted towards.
This is my main concern... I want this phone, badly. But after having a G4, having to wait for root and still not having any decent roms I won't get the Priv if it doesn't at least get root. It's stock-ish android so I can deal with lack of roms but no root, no sale.
Sent from my LG-H811 using Tapatalk
No idea why anyone here thinks they would do that. Even on BB10 devices installing apks is allowed - and they sure wouldn´t do otherwise on an Android device - that would be crazy.
and yes, bl will be locked and encrypted - root - well that will be something to wait for.
:good:
Bootloader WILL be locked, that's a no brainer. But locking out sideloading, developer options is not possible without TOTALLY killing interest and sales. Blackberry desperately needs Priv to succeed. This is their last chance to avoid becoming the next Nokia. So no, we will have at least sideloading available. Honestly, it doesn't matter if they lock out all these essential features, if they release at least the kernel source and device tree day-and-date with the phone. If you have these, we're better off building a CM 12 (or 13:fingers-crossed ROM for the Priv.
Zer0.exe said:
Do you have a source on the Priv blocking sideloaded apps? That would be very unfortunate. Locked bootloader is a given but I would still like to be able to install my favorite apks.
Click to expand...
Click to collapse
sorry I cant give you a source. I read this on reditt or a blog post
MSF Jarvis said:
Bootloader WILL be locked, that's a no brainer. But locking out sideloading, developer options is not possible without TOTALLY killing interest and sales. Blackberry desperately needs Priv to succeed. This is their last chance to avoid becoming the next Nokia. So no, we will have at least sideloading available. Honestly, it doesn't matter if they lock out all these essential features, if they release at least the kernel source and device tree day-and-date with the phone. If you have these, we're better off building a CM 12 (or 13:fingers-crossed ROM for the Priv.
Click to expand...
Click to collapse
hmm. So do you think it would be possible to unlock the bootloader or it can never be unlocked?
btw slightly offtopic, but is there any phone which has a completely locked bootloader (ie has never been unlocked)?
Welp a leaked pic about the security settings confirms developer options can be enabled, so sideloaded apps is probably a go to. False alarm, peeps!
Zer0.exe said:
Welp a leaked pic about the security settings confirms developer options can be enabled, so sideloaded apps is probably a go to. False alarm, peeps!
Click to expand...
Click to collapse
Link?
HyperM3 said:
Link?
Click to expand...
Click to collapse
http://n4bb.com/blackberry-priv-64-bit-4k-video-confirmed/
The beautiful glass weave is also shown off. I love it on my Z30.
pluto7443 said:
http://n4bb.com/blackberry-priv-64-bit-4k-video-confirmed/
The beautiful glass weave is also shown off. I love it on my Z30.
Click to expand...
Click to collapse
Thanks for that! I am really looking forward to this device. Im all or nothing on this with my Nexus 6 right now.
rollerdyke44 said:
hmm. So do you think it would be possible to unlock the bootloader or it can never be unlocked?
btw slightly offtopic, but is there any phone which has a completely locked bootloader (ie has never been unlocked)?
Click to expand...
Click to collapse
there must be some poor phone that didn't get a bootloader unlock, and I firmly believe the Priv is gonna join their ranks as soon as it gets released.
Sent from a Cool Phone stuck with crappy KingUser
rollerdyke44 said:
btw slightly offtopic, but is there any phone which has a completely locked bootloader (ie has never been unlocked)?
Click to expand...
Click to collapse
Look at the recent crop of AT&T and Verizon Samsung phones. Their bootloader are locked up tighter then...... Well we will just say their locked down [emoji1]
Sent from my Nexus 6 using Tapatalk
http://i-cdn.phonearena.com/images/...aked-hands-on-photos-plus-official-images.jpg In fact, this image outright confirms that you can sideload/ use developer options.
I wouldn't count on too much. The developer options could have easily been changed and some removed. As BB main selling point is security I expect this device to be one of the harder ones to crack.
As for the bootloader questions. Yes there have been a few that were uncrackable, a dirty hack to by pass has worked on some.
I imagine root is just a matter of time. Unless they lock the system partition, which other manufacturers have done in the past (Looking at you HTC). Even so, it has been done and s-on/off has been cracked before. Alternatives to locking include e-fuses, like in legacy motorola devices.
Bootloaders on the other hand, we're probably going to have to get some concrete evidence. It is most likely locked in my personal opinion.
This is all just speculation. Hopefully Blackberry can find a good balance.
htko89 said:
I imagine root is just a matter of time. Unless they lock the system partition, which other manufacturers have done in the past (Looking at you HTC). Even so, it has been done and s-on/off has been cracked before. Alternatives to locking include e-fuses, like in legacy motorola devices.
Bootloaders on the other hand, we're probably going to have to get some concrete evidence. It is most likely locked in my personal opinion.
This is all just speculation. Hopefully Blackberry can find a good balance.
Click to expand...
Click to collapse
The efuze us still used in many devices and if I know blackberry they will have it check against its servers for security. Once it detects root it will most likely disable the device. Or most of the functions that use BB servers. Remember everything is routed through Blackberrys servers in Canada so if their servers go do so does the device.
zelendel said:
Once it detects root it will most likely disable the device. Or most of the functions that use BB servers.
Click to expand...
Click to collapse
I would be completely fine with them locking out the BB services when root is discovered. But locking down the hardware would be overstepping their bounds. It's our hardware, not theirs. I know that doesn't mean they couldn't still do it, I just think it would be a jerk move.
It would be like if Microsoft bricked xbox machines that have been modded. They don't, they just ban you from XBox Live if they detect it. I think it should be the same approach.
Yes but even MS has locked the bootloader on Many of their 32 bit machines now. Also I have a link that you might want to read where is passed then modding our devices at all will become illegal.
https://www.eff.org/issues/tpp

Google confirms phones are rootable and unlockable bootloader

http://www.phonearena.com/news/The-Pixel-and-Pixel-XL-will-be-rootable-Google-confirms_id86575 for all the naysayers...google did not let us down
I did not doubt it but it is good that it is confirmed
Confused - That doesn't really make sense - While Google can (and thankfully will) make the bootloader unlockable, they don't make it rootable. They have never done that. Root is usually achieved when developers find exploits (that are unpatched by Google), and root using that.
For Google to say that the device will be rootable is like saying "we left some exploits unpatched", or "we will provide you a means of rooting" - I don't think either is true. (yes, I read the exact verbiage on the article - and saw what you are referring to)
The bootloader being unlockable is making it rootable.....that's the "exploit"....
Sent from my XT1096 using Tapatalk
tacosrdelicioso said:
The bootloader being unlockable is making it rootable.....that's the "exploit"....
Sent from my XT1096 using Tapatalk
Click to expand...
Click to collapse
Technically, no.
Regardless, glad Google confirmed that the bootloader will be unlockable (as we were expecting/hoping)
jj14 said:
Technically, no.
Regardless, glad Google confirmed that the bootloader will be unlockable (as we were expecting/hoping)
Click to expand...
Click to collapse
My point is it gets us 95% of the way there
Sent from my XT1096 using Tapatalk
The expliot is modifying the kernel. Google knows this as we do. In order to have a modified kernel you must have a unlocked bootloader. While only time will tell i believe the verizon version will never be rooted because of this new security,cause only unlocking the bootloader will allow it, hence what i believe google was getting at, sometimes people read too deep and miss whats on the surface
I think we are having a war of definitions here, so let me say a few things that I believe will clear things up:
In this context an exploit, by definition, means taking advantage of a feature in a given software or hardware platform. The word has a stigma associated with it that implies that this feature allows an unintentional effect, and that taking advantage of it gains something for the one who exploits it. E.G. a buffered array that doesn't properly safeguard writing past the allocated memory for that array would be an exploitable software feature. The exploit that takes advantage of such a feature is known as a buffer overflow exploit, which would allow an attacker to overwrite code or data at a known location in device memory, potentially allowing for arbitrary code to be executed in the context of whatever software exposes that feature.
So, an unlockable bootloader could be exploited to allow a custom kernel to run, but it would not really fit the context of "an exploit", because the feature is there to be used for that purpose. Nor, really would building a custom kernel be an exploit for the very same reason: the kernel source is provided so that it can be built and modified by anyone.
Fenny said:
I think we are having a war of definitions here, so let me say a few things that I believe will clear things up:
In this context an exploit, by definition, means taking advantage of a feature in a given software or hardware platform. The word has a stigma associated with it that implies that this feature allows an unintentional effect, and that taking advantage of it gains something for the one who exploits it. E.G. a buffered array that doesn't properly safeguard writing past the allocated memory for that array would be an exploitable software feature. The exploit that takes advantage of such a feature is known as a buffer overflow exploit, which would allow an attacker to overwrite code or data at a known location in device memory, potentially allowing for arbitrary code to be executed in the context of whatever software exposes that feature.
So, an unlockable bootloader could be exploited to allow a custom kernel to run, but it would not really fit the context of "an exploit", because the feature is there to be used for that purpose. Nor, really would building a custom kernel be an exploit for the very same reason: the kernel source is provided so that it can be built and modified by anyone.
Click to expand...
Click to collapse
Yeah what he said lol...thanks for the explantion i guess exploit is the wrong word cause it does have a negative implication
yes, even HTC devices that are unlocked and rootable is not SOFF, and you had to pay for it. Does anyone know if there is any such restriction that is "hidden"?
Is it really as "open" as the nexus devices?
Has there been any confirmation on whether or not source will be released...
Sent from my ONEPLUS A3000 using XDA-Developers mobile app

Vuneralable software should be removed from xda

Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Pixelxluser said:
Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Click to expand...
Click to collapse
What's the vulnerability?
Plain and simple the software needs removed.. doesn't that apply to the devs policy's which they agreed to here on xda not to publish anything which may be a threat to someone... So you know what should of happened is the devs should of removed the software right away. That never happened so I've lost all faith in theses devs and publishers of official software threads...
I ignore all posts where the word "of" is used instead of the correct "have" or at least the contraction ending in 've that sounds like of.
...should of happened
sliding_billy said:
I ignore all posts where the word "of" is used instead of the correct "have" or at least the contraction ending in 've that sounds like of.
...should of happened
Click to expand...
Click to collapse
I ignore all posts that don't make sense like the OP's and this thread.
Pixelxluser said:
Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Click to expand...
Click to collapse
First, there are no Oreo roms. Secondly, the devs who support our phones for free owe you nothing. Lastly, you need more than 12 posts to be taken seriously about anything around here. And, you can never post enough to attain the right to throw around accusations about the devs who, again, support our phone for free.
Pixelxluser said:
Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Click to expand...
Click to collapse
Tell us how you really feel!
Windows people ?
Sent from my Pixel using XDA-Developers Legacy app
Pixelxluser said:
Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Click to expand...
Click to collapse
If this is the case all root and bootloader exploits need removing also.
Any bootloader exploits or method of rooting without and unlocked bootloader is a SIGNIFICANTLY large security risk.
Sent from my Pixel using Tapatalk
Are we going to remove ALL the old ROMs from XDA? SHEESH.
In before the lock.
One thing I've found out over the years with hacking Android you eventually get tired of doing just hacking so you move onto security... Well that's the case with me anyways. Getting rid of vuneralable software is actually a good thing...
There's a reason why malware is successful with Android, and it's one that still hasn't been addressed: most phones are using old software and haven't been patched against it.
Google does a lot of work to make Android secure and keep it that way. It pays people to find security exploits, works with hardware vendors like Qualcomm or NVIDIA to fix them if needed, then writes a patch that can be injected into the existing version with no fuss. If you have a Pixel or Nexus or BlackBerry product, you'll then get these patches. If you have any other phone you roll the dice and hope the people who made it care enough.
Pixelxluser said:
One thing I've found out over the years with hacking Android you eventually get tired of doing just hacking so you move onto security... Well that's the case with me anyways. Getting rid of vuneralable software is actually a good thing...
There's a reason why malware is successful with Android, and it's one that still hasn't been addressed: most phones are using old software and haven't been patched against it.
Google does a lot of work to make Android secure and keep it that way. It pays people to find security exploits, works with hardware vendors like Qualcomm or NVIDIA to fix them if needed, then writes a patch that can be injected into the existing version with no fuss. If you have a Pixel or Nexus or BlackBerry product, you'll then get these patches. If you have any other phone you roll the dice and hope the people who made it care enough.
Click to expand...
Click to collapse
Nobody hacks individual phones. They hack companies and clouds.
****! Hey, can y'all hold it for just a moment? Need to run to the store real quick. I'm out of popcorn.
Seriously, though, just simply rooting your phone is a security risk. Also, from what i've seen, the majority of ROM users are smart about what they download. It's the general public that downloads mischevious apps that spread viruses. And as someone else mentioned, the malware and viruses don't target one person's phone. They are free floating and latch onto whatever moron downloads it. Your phone is not exactly the best place to download all your porn
But seriously, there are exploits with every security patch...it's the reason we get them every month, lol. Android is great and I love it but the OS itself is full of holes that malware developers consistently take advantage of.
Couldnt say this better myself..
Security is engineered into everything we do
Our goal is to make Android the safest computing platform in the world. That's why we invest in technologies and services that strengthen the security of devices, applications, and the global ecosystem.
It's also one reason Android is open source. Being open allows us to tap into a global network of security talent full of innovative ideas that help make Android safer every day. Security experts around the world can review our code, develop and deploy new security technology, and contribute to Android’s protections.
As the Android ecosystem evolves, we continue to invest in leading-edge security ideas. And we want to share our knowledge openly with you. Explore below to learn about the latest technologies and information that help secure Android.
Adrian Ludwig
Director of Android Security
Pixelxluser said:
Now it's clear there's a security problem with the official build of Oreo before Sept builds.. now all the Oreo roms and official roms have this vuneralablity... If you're gonna continue to publish them without replacing them with the sept security patch you may as well put a damn virus in you're roms cause that's basically what you're doing...
Click to expand...
Click to collapse
With some custom ROMs whether or not the have the Sept security patch is probably the least of your problems, if security is a concern of yours... you should be more concerned with things like;
- what keys are they using to sign their ROM (Apks included). Did they generate their own private signing keys and platform keys, or did they just use a devkeys or keys provided in the SDK?
- what changes have they made to aosp sources or not integrate (or revert) that could reduce security?
- have they messed with android's security or permissions model?
- have they included legacy code (like forward porting), that may have been dropped in the first place do to being insecure (legacy mediaserver without seccomp integration).
- have they modified selinux policies in ways that potentially could open up attack vectors.
- does the ROM have odexing enabled? The fact is, odexing while useful for booting/loading programs faster, also has the side benefit of making an apk harder to tamper with...
- have any changes that have been made been audited, or verified for correctness?
...and the list goes on. You are worried about a monthly security patch, with a handful or two of fixes for CVEs, yet make no mention of far bigger concerns that may be present in XYZ custom ROM.
Just saying.
contribute to Android’s protections. Is one thing which is lacking from what I see... I hope you understand that there are underaged people who don't know any better about what's best for them and come running off to try to be the cool kids by rooting or adding unsecured software on their phones.. rooting is so crazy to do now a days you're all really going to the extremes by bypassing security features just so you can have root... That's not the message the younger generation should be taught... They should be taught the importance of how security works not 50 ways to bypass it... There's not a feature out there which Google wouldn't consider adding officially but also Google doesn't go off and use unofficial code to pull features from it would look bad for their business..
And as long as there's a community of underaged people who do go off and root and install unsecured software you might wanna lead by example and provide them with the best security you can... A child with unsecured software is scary that someone would open up security holes for them to be a possible victim and the best you're actually willing to do is try to remove yourself from the responsibility of being responsible for it by saying if you install our software you are responsible for any damages. You can't just publish something then go out and say you take no responsibility when by law you're still responsible for any damages cause you never legally got you're software that way...
Since you're the ones distributing the software you're liable for damages if there was a defect in you're product which was distributed.. security flaws and security bypasses count as defects in a product..
Distributorship and Liability
Even though the distributor is not responsible for manufacturing a product, it can be held liable in the event of defects. Under strict product liability laws, the seller, distributor, and manufacturer of a defective product can be held liable if a person is injured due to the defect. Though manufacturers are typically most responsible since they created the product, the liability can also fall to those that distribute or sell the defective items.
This liability law prevents the plaintiff from the need to prove the chain of supply. In order for any entity in the line of distribution to prove it has no fault, it would need to show which entity is actually responsible for the defect
I suggest you stick with Windows dude
The only thing your posts are good for is making people spit their coffee with humour, and embarrassing yourself.
Sent from my Pixel using XDA-Developers Legacy app

Categories

Resources