109 replies to this topic

[p3droid]

So this post is a mix of hard information and a bit of conjecture on my part (guesses). But I thought I would share it with you guys anyways.

First, Motorola is using an old technology (introduced in 2004) in a new way. You can read here a quick write up on

Please Login HERE or Register HERE to see this link!

.

Now once information is written to a chip, that information is static but using an eFuse chip on the board Motorola is able to write information to it after it has been placed in use.

SO HOW DOES THIS EQUAL A HARDWARE LOCKED BOOTLOADER?

The eFuse is coded with information that it either looks for or is passed to it from the bootloader. The bootloader is loaded with information it looks for when it begins the boot-up process. (I have seen the sbf file look for a certain bootloader when it begins so its safe to assume that this is the process).

Once the the eFuse verifies that the information it is looking for or that has been passed through to it by the bootloader is correct then the boot process continues. What type of information is written to the bootloader? So far i've been able to verify that the firmware information (what we call ROMS), the kernel information, and the bootloader version.

If the eFuse failes to verify this information then the eFuse receives a command to "blow the fuse" or "trip the fuse". This results in the booting process becoming corrupted and resulting in a permanent bricking of the Phone. This FailSafe is activated anytime the bootloader is tampered with or any of the above three parts of the phone has been tampered with.

The eFuse is a rewrittable module and thus once it has been tripped it can be repaired but this procedure can only be done by Motorola. It requires hardware (I'm not sure what type) and the program (I'm not sure what Motorola is using) written in JTAG.

The normal process of using an sbf file to upgrade has also been made more difficult as they have been tagged and if not properly applied or not device/build/increment specefic then they will trip the eFuse.

As you can see this is indeed going to be a tough nut to crack.

A secondary question that i've been asked, is about the future devices. I can't speak to other future devices but I have been told that this method of protection has been applied to the Droid2.

[Sponsored Links]

• Back to top

[UserError]

Yikes -- talk about putting the hammer down!

"Tricking" this efuse with false information could get hairy as well. Moto/Verizon got serious, pretty quick.

[agreenbhm]

This is bullshit. I understand the device not coming rooted stock to appease the carriers but making a device brick when trying to mod is totally uncalled for. What are they protecting this device from? On video game consoles you can pirate games, and they want to prevent that, but on a phone? Wtf! This is totally unneccessary.

Sent from my Droid using Tapatalk

[hijackerjack]

agreenbhm said:

This is bullshit. I understand the device not coming rooted stock to appease the carriers but making a device brick when trying to mod is totally uncalled for. What are they protecting this device from? On video game consoles you can pirate games, and they want to prevent that, but on a phone? Wtf! This is totally unneccessary.

Sent from my Droid using Tapatalk

Whats ironic is that at one point during the Droid X Launch Event, Eric Schmidt even talked about hacking 2.2 from source onto the Droid X... Right after he announced the release of the 2.2 Source, he was like "Yes, and now you can use the Froyo source to hack 2.2 onto your droid x's"... or something around that....

[jlevy73]

HTC FTW!!!. Never liked Motorola and now I know why :)

[R1Lover]

Motorola just just some faith in the android marketplace.... most power users will not buy something like this... thus.. it's only the mainstream that will buy this phone.

p.s. off to play with my rooted incredible... lmao

[brian]

There's always away around things we won't know completely until we look more into it

[Johnly]

I am hanging on to my root-able, love-able droid, for at least another 6.

[agreenbhm]

Maybe Motorola did this since they knew that devs will still try to hack the phone, but they'll brick tons of phones in the process of figuring out how to finally get it to work. Plus all the non-devs who fail at following the instructions will brick their phones as well. Maybe they figured this is the best way to sell devices: by making them easy to break.

[olta777]

Johnly said:

I am hanging on to my root-able, love-able droid, for at least another 6.

I honestly have to agree with you here. Moto Droid has been the most pleasant, positive and easiest hacking/roming experience...and overclocked x2. :)

[dmclark83]

Honestly what is the point that motorola/verizon is trying to make? other than wireless tether for root I don't think there is any real negative effect from rooting...if I am missing something please give me another reason !!

Ps. I'm still gettin the phone. But sure am gonna miss my wonderful droid 1

[alquimista]

Looks like the bootloader is RSA2048 encrypted, same encryption on the Milestone. I think RSA encryption has been cracked by one person, who has yet to publish her methods, so cracking the encryption is highly unlikely. The efuse tech could be hacked/cracked, its been done before, but the encryption is the show stopper.

And I thought not having a hardware keyboard was the only thing I didn't like about the Droid X.

Oh well, maybe the device will flop and ... Ah screw it Motorola just lost my business for the forseeable future.

[hijackerjack]

Im so stuck now. Idk what the hell im supposed to do haha. I wanna be part of the Droid X community, but Motorola is pissing me off. Theyre doing this for the Droid 2 as well. For all we know, even the Droid Pro... f our lives.

[UserError]

I told a friend of mine a couple weeks back -- I have my Moto Droid 1 setup exactly how I want -- everything working perfect for me, and that it will take one badass phone for me to make a switch. I have the FRF57 Froyo still running -- and I don't see myself changing anything about this phone from how I have it setup right now -- unless something A TON better comes out.

So, for now, I'm happy :)

[p3droid]

alquimista said:

Looks like the bootloader is RSA2048 encrypted, same encryption on the Milestone. I think RSA encryption has been cracked by one person, who has yet to publish her methods, so cracking the encryption is highly unlikely. The efuse tech could be hacked/cracked, its been done before, but the encryption is the show stopper.

And I thought not having a hardware keyboard was the only thing I didn't like about the Droid X.

Oh well, maybe the device will flop and ... Ah screw it Motorola just lost my business for the forseeable future.

Are you basing your statement off of something other than a pure guess? The reason I ask is that the Milestone's bootloader is software encrypted, and I've stated here that the Droid X is Hardware protected. Therefore I'm assuming that your guessing but you are wrong in your assumption. That is, your assumption that someone will hack/crack the eFuse. This is not the same efuse that your xBox is running which i'm assuming your referring to. This eFuse is a different kind of beast all together.

So is it possible, sure anything is possible, but do i believe it will get done, NO.

[hijackerjack]

p3droid said:

So is it possible, sure anything is possible, but do i believe it will get done, NO.

Well. that made me sad hahahah. maybe we ought to get some super linux hacker mofo to join us and figure this out for us hahah. (not saying you arent a beast hah)

[javroch]

p3droid said:

Are you basing your statement off of something other than a pure guess? The reason I ask is that the Milestone's bootloader is software encrypted, and I've stated here that the Droid X is Hardware protected. Therefore I'm assuming that your guessing but you are wrong in your assumption. That is, your assumption that someone will hack/crack the eFuse. This is not the same efuse that your xBox is running which i'm assuming your referring to. This eFuse is a different kind of beast all together.

So is it possible, sure anything is possible, but do i believe it will get done, NO.

Are you saying that you don't believe this phone will be rooted at all? Or are you saying that you don't think we'll be able to flash ROMs to the device? As long as there's still a chance at root, I think I'd be happy. And from what I understand, that's still a possibility.

[jlevy73]

javroch said:

Are you saying that you don't believe this phone will be rooted at all? Or are you saying that you don't think we'll be able to flash ROMs to the device? As long as there's still a chance at root, I think I'd be happy. And from what I understand, that's still a possibility.

Gaining root is a possibility flashing roms does not look good atm.

[p3droid]

Josh, root is a maybe, but even I am steering clear of custom ROMS and Kernels for the DroidX. And i rooted my droid on December 8th 5am, which is the exact time the post was put up on AD.

[alquimista]

p3droid said:

Are you basing your statement off of something other than a pure guess? The reason I ask is that the Milestone's bootloader is software encrypted, and I've stated here that the Droid X is Hardware protected. Therefore I'm assuming that your guessing but you are wrong in your assumption. That is, your assumption that someone will hack/crack the eFuse. This is not the same efuse that your xBox is running which i'm assuming your referring to. This eFuse is a different kind of beast all together.

So is it possible, sure anything is possible, but do i believe it will get done, NO.

Slow down there tiger. I totally concur with your assesment. I was trying to impart that this is a double whammy of both hardware and software protection. Which makes it highly improbable to crack/hack. If the eFuse doesn't immediately brick the device for even attempting a hack, the bootloader encryption will still be there to thwart one's efforts. Its crazy secure in its unhackable...ness.

I did assume that the eFuse protection would be something on par with the PS3, which was cracked (as a proof of concept) with a complex man in the middle attack several years after its initial release. The crack isn't even usefull in the wild. IMHO, the xBox was a comparitively easy hack, but that is besides the point.

My point is essentially the same as yours. Nothing is impossible, only highly improbable. However, I'd bet dollars to pesos that there is a 99.999% probability that the Droid X will never ever have a custom kernel or rom. Basically, its so unlikely, its absurd.

Especially unlikely, cause there are other devices that are either completely open, or just plain easy to hack.

What sucks even more, is that its already set in stone. The devices are shipping. No amount of letter writing or boycotting can change the Droid X. And even if enough people did get together and effectively make the Droid X a fail in communities like ours, there are just too many end users that will buy the device weather it can be hacked or not. The foreseeable future of Motorola as a rom friendly device maker is bleak at best.

Its sad cause the original Droid is so awesome. Makes my digital heart break.

PS. To anyone who is wondering. The Droid X can and has been rooted, but root and custom roms aren't mutually inclusive. Root enables you to try and flash a custom rom, but the eFuse protected and RSA encrypted bootloader means that custom roms and kernels won't work and will even brick your device. Sorry.

Also sorry I did't spell check this.