Jump to content

Check us out:

- - - - -

TeamBlackHat and DroidBandUnlock: A Proposal


78 replies to this topic

#1 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 18 January 2011 - 11:21 AM

As users of the new Droid global devices may be aware, DroidBandUnlock has developed a solution for the US GSM band lockout on these phones allowing use with AT&T and T-Mobile SIMs. TBH was an early tester of this method and we have verified that it works as stated.

DBU has recently approached us with an offer to sell us this method. They have decided that they are not interested in offering the exploit as a mail in service because they don't have the resources to manage doing it that way due to time constraints and other logistical concerns. It was their intent from the beginning to make it a web based remote flashing service, but they have found the available tools don't meet their needs and have to write their own software tools to do it properly. They trust us, given our reputation in the community and our testing for them, to do it safely and securely and think users will be more willing to send us their phones to perform the procedures and we have the resources to provide feedback and support as well as the experience with necessary tools.

While we are very excited by the possibilities, we are also very aware of the potential problems and work involved with taking on something like this as a commercial endeavor.
This has always been a hobby for us as avid enthusiasts and any money generated by the TBH app has always been used strictly for phones for research and testing or the acquisition of new files. Now we are presented with an opportunity to help meet a demand for this in the community and potentially make some profit as well.

We need to consider this very carefully and develop a business model that makes sense given the workload, and decide if it seems worthwhile to become involved.
The cost is significant for a high value hack of this nature and the price for the end user will not be cheap by any means. The proposed price point would be approx. $100 with the user covering shipping. We can obviously not accept any liability for the devices themselves and would only be responsible for the hack itself functioning on the phone when we send it back.

We thought it would be a good idea to discuss the possibility here on MDW where we can do so freely and try to gauge the response and demand for such a service.

As it stands now, the exploit can be made to work easily and reliably only on the 2.4.29 release for the Droid 2 Global, but works with the Pro for both the 2.26.2 and 2.26.6 releases.

So, there it is folks! It is a very compelling opportunity and we are very eager to hear from the community regarding this. It's a sticky wicket as the Brits say, but we know there is a great demand for the service and want to explore the options before diving in with both feet.

We realize this will be a big problem for some in the community who feel everything should be made available for free to everyone. We at TBH are only too well aware of the costs involved in obtaining such valuable assets as SBF files and other files, so we understand the need to subsidize that access.

We ask, as always, that you keep the discussion civil and we want to hear peoples opinions on the matter honestly and fairly expressed.

Thanks for your interest and response!
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

Remove Advertisements Sponsored Links

    MyDroidWorld.com



#2 OFFLINE   kdkinc

    Junior Droid

  • Members
  • PipPipPip
  • 80 posts
  • Device:DroidX

Posted 18 January 2011 - 12:52 PM

A few quick questions..
What percentage of your current community would this really benefit ?
Expansion can always be costly not only in dollars but customer base. Will this have a adverse effect on waiting for updates and service on the currently serviced devices ??
With the future changes in framework,Rom,s, and LTE cut into the potential growth of this market ??

Thank You for all you do ...

#3 OFFLINE   drvink

    MDW Noob

  • Members
  • Pip
  • 4 posts
  • Device:Droid 2 Global

Posted 18 January 2011 - 12:57 PM

Why not handle it like mod chipping--allow people to freely get the tools needed to do it themselves (apart from e.g. custom hardware, which could be sold; though hopefully schematics and code would be freely available too), but for those who are feeling too squeamish to open up their phones or whatever is necessary to do this that can't be done in software alone, sell the service of doing the work for them?

#4 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 18 January 2011 - 01:20 PM

We have no idea what percentage of our current user base might benefit from this, that is what we are trying to find out.

Regarding our ability to continue providing files to the community as we have been doing, this should only increase our resources for that purpose.
As long as we have access to the files we will keep doing what we have always done.

The future of hacking for new devices is an open question and all our information indicates the challenges will be very significant to modifying and hacking them.
Motorola has consistently proven their commitment to security and making it increasingly difficult to safely and easily modify their phones and we have no reason to believe they will change tactics or policy in that regard.

Obviously, this does not bode well for us who enjoy playing around with our phones and making them work as we would like rather than as Motorola or Verizon sees fit.

We'll just keep on plugging away in the meantime and hope for the best! ;)

This exploit will have a limited period to remain valuable and we would like to both take advantage of that window and extend the lifespan of these devices by giving more people the chance to use them on US GSM carriers.

It's really up to those users to decide what it's worth to them to have that freedom of choice.
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#5 OFFLINE   p3droid

    Chief Of Staff

  • Administrators
  • 1,396 posts
  • Device:Motorola Droid

Posted 18 January 2011 - 02:26 PM

As Cell has said, this is an opportunity but not one that should undertaken lightly.

This is a real solution for those wishing to use their device on multiple carriers inside the United States. There is a shelf-life on this product so a decision must be reached quickly.

As always TBH will continue to work on behalf of the community in the many ways it currently does.

Posted Image
> Register at MDW | MDW Rules and Guidelines <
Click the Posted Image in a member's post to thank them for their post!


#6 OFFLINE   socomdark

    Droid

  • Members
  • 248 posts
  • Device:Droid X

Posted 18 January 2011 - 02:51 PM

I think the global and pro rooted community isn't that big it seems as compared to the other droids. Then again I don't get the requests you guys do for support for them so I may be wrong. But judging by lack of response to this thread, that's only going to a few hundred bucks compared to what seems to be a high sum for this procedure. You guys have the better view of this community so I can easily be wrong but I'm just calling like I see it

Sent from my DROIDX using Tapatalk

#7 OFFLINE   Almighty1

    Junior Droid

  • Members
  • PipPipPip
  • 41 posts
  • Device:Motorola DROID A855

Posted 18 January 2011 - 03:42 PM

From my viewpoint, the problem is that unless one can pay a one-time inititial fee and then when the user uses a new ROM or there is a upgrade in software, the fix is included within a certain length of time, then it wouldn't really be worthwhile as the Droid devices is more about openness and flexibility. I'm sure lots don't mind to pay the $100 one time if it's a permanent solution for the life of the physical phone but for all one knows, as soon as one pays the $100.00, Motorola somehow finds a way to reverse engineer the hack by OTA, then that $100.00 goes into the drain. And then assuming like some of us keeps changing ROMs on the phone, then there is a possibility, the phone needs to be sent in each time that happens so that's another $100 for each time that happens which can be more expensive than the phone itself in the long run. The other issue is that you can still run into liability issues from both the users and also from Motorola and/or Verizon Wireless as you're offering the hack for a monetary price so there are legal concerns too. I still use a Droid 1 on Verizon Wireless so while I have interest in the hack, I don't really have a need for it yet since the US GSM carriers are more for convenience but when it comes to reliability, nothing has beat Verizon Wireless yet and this is speaking as a user for the last 22 years.

Edited by Almighty1, 18 January 2011 - 03:44 PM.

Cheers,
Almighty1

#8 OFFLINE   compactmedia

    MDW Noob

  • Members
  • Pip
  • 2 posts
  • Device:Droid 2 Global

Posted 18 January 2011 - 03:57 PM

I am also concerned future updates breaking the band unlock. What about ROM flashing? Would going to Fission or any other ROM in the future take away this unlock?

A method not unlike traditional SIM unlocking would be the best. Something that sticks with the phone no matter what ROM or software modification has been implemented.

#9 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 18 January 2011 - 06:41 PM

This method makes modifications to the radio image only, so any ROM would not effect the band unlock. We can't guaranty that the hack won't be defeated by any OTA update and, in fact, we are certain that the 2.4.33 release does break this exploit. We would have to flash any phone on 2.4.33 back to 2.4.29 and then apply the hack and then you would have to avoid OTA updates to preserve the band unlock.
This is easily done by renaming otacerts.zip in /etc/security.

We have also considered offering one free reflash with each purchase but haven't made any decisions yet about that. It cannot be a lifetime guaranteed solution and I don't think that is reasonable to expect under the circumstances. I actually believe our core market is with people who already have GSM service with one of these carriers and simply wants a Droid device.

Who could blame them? :D
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#10 OFFLINE   compactmedia

    MDW Noob

  • Members
  • Pip
  • 2 posts
  • Device:Droid 2 Global

Posted 18 January 2011 - 07:00 PM

CellZealot said:

This method makes modifications to the radio image only, so any ROM would not effect the band unlock.

You can count me as a definite sale when it is available.

#11 OFFLINE   drvink

    MDW Noob

  • Members
  • Pip
  • 4 posts
  • Device:Droid 2 Global

Posted 18 January 2011 - 07:53 PM

Some more information here would be appreciated. The 360 hacking community gave out full details about how the KK shader exploit worked along with the rebooter and the later JTAG hack that allowed the KK exploit to be utilized once again. They didn't ask for any money, and the only reason they had to tell people they couldn't update the kernel/dash past a certain version was because Microsoft actually closed the hole.

What I'm getting at is that the lack of transparency here is distressing. If the OTA breaks it, then there's good reason to doubt there's any actual exploit. It's probably a leaked radio firmware that doesn't have the band restrictions and CDT that pass signature checks. If the OTA breaks this, it's because a way hasn't actually been found to modify the radio firmware in some fashion without causing the signature check to fail, i.e. no private key has been recovered in some fashion, nor has a 360-esque partial reboot solution been developed. Assuming this is all true, you're expecting people to pay for a leaked product that they have to be stuck on forever, forgoing updates that might provide greater signal reliability, longer battery life, fewer crashes, and faster data rates?

I appreciate the work that you guys have been doing, but I'm immediately suspicious once someone's asking for money.

#12 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 18 January 2011 - 08:48 PM

All of your points are well taken and I would be suspicious as well. Healthy caution is advisable in such circumstance.

The fact of the matter remains that this is the only solution available and will cost us a significant figure to acquire.

These are the terms that have been offered to us and why we have, in turn, presented it to the users as an option to consider.

There is a great deal that is unfavorable about the situation but we can't really change much about it and it's not ours to give away free...yet!

It is what it is...and we are not trying to hype it or misrepresent it in any way.
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#13 OFFLINE   evilp8ntballer7

    MDW Noob

  • Members
  • Pip
  • 2 posts
  • Device:Droid 2 Global

Posted 19 January 2011 - 08:39 AM

well I think $75 or $50 would be more reasonable and what about the people that did the OTA update and then flashed fission 2.4.3 would that still work?

Couldn't we have some method to pay via paypal and then get a unique username and password to log into TBH and then flash it, I know there used to be a program called GSM Online Tool that they used to do that same thing to fix a PSD error and recover bricks on motorola p2k phones, the username would be available for 24hours and you could do whatever you wanted so if we could do it that way then that would be good, also we wouldn't have to wait for the whole return process. I've been watching this for so long that I think I could even pay for a result, regardless of the method.

#14 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 19 January 2011 - 10:00 AM

I don't use Fission and am not going to bother testing for it. If it requires 2.4.33 then it will not work.

You must have the N_01.48.00R radio from the 2.4.29 release for this to work. We will be looking into testing system only versions of 2.4.33 over the old radio to see if we can have the best of both.

If there were a way to do it over the web that satisfied DBU's security concerns then I am sure they would have implemented it and we wouldn't be here discussing it.

I know it is their intention to continue to develop a web based tool to do this more easily. There is no time frame for that unfortunately.

That is why they offered to sell it to us. Dealing with all this mess is a huge pain. I know he is laughing at me reading this because it is exactly what he wants to avoid! ;)
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#15 OFFLINE   evilp8ntballer7

    MDW Noob

  • Members
  • Pip
  • 2 posts
  • Device:Droid 2 Global

Posted 19 January 2011 - 11:20 AM

hmmm so I hope your not saying that I am SOL because I have N_01.48.05R

so basiclly I want to know if people with the radio such as mine are able to still use the gsm explot somehow, its possible to downgrade it?

#16 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 19 January 2011 - 01:11 PM

Yes as I stated above, we would revert to 2.4.29 and proceed.
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#17 OFFLINE   silver6055

    MDW Noob

  • Members
  • Pip
  • 2 posts
  • Device:droid 2 global

Posted 19 January 2011 - 02:52 PM

Not sure you want "no" votes or just trying to gauge the number interested. But for me, the need to keep on an old version is a deal-breaker, partly because it's not as if the D2G is currently perfect, so I can (naively) hope that future updates will improve it.

I'm not sure that this is such a valuable asset for you. You mention that maybe GSM users are the core market, but I don't see that. On T-mobile, it offers an Edge solution, which, compared to their native HSPA+ is a big price to pay for Android. As the new Androids come out on AT&T, those GSM users can buy phones with a better spec and that will stay updated.

But, your money!

#18 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 19 January 2011 - 03:27 PM

We want to hear all opinions thanks! :)
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond

#19 OFFLINE   pc747

    Junior Droid

  • Members
  • PipPipPip
  • 37 posts
  • Device:droid

Posted 19 January 2011 - 10:51 PM

Just to get clarification is this a one time fee period or per device...in other words of I buy another device will I have to pay again.

#20 OFFLINE   CellZealot

    Android Pro

  • Moderators
  • 414 posts
  • Device:D1,D2 dev, DX dev, D2G dev, D Pro dev, D3, Bionic

Posted 20 January 2011 - 08:00 AM

Per device is how it would have to be I think. Perhaps one free reflash and maybe a discount for repeat customers.
CellZealot

TeamBlackHat

Digital alchemy for Droid and beyond





3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users