Bootloaders, Rooting, Manufacturers, and Carriers
I spent much of the year on an open phone and an open platform, and sometime in July I picked up a Droid X. I soon found a great bunch of friends and we formed Team Black Hat. Really wanting to break the bootloader, we spent more hours working on it than we did our 9 – 5 jobs. Eventually we came to the conclusion (with help from some unique resources), that we were not going to accomplish our objective. Every so often we still pluck away at it, but we have moved on to other things that will help people enjoy their Droid phones.
Fast forward to October 2010. I'm still in love with the concept of android, and I've done more than my share of developing, themeing, creating ROMS and even hacking. *Having been involved in so many things and having developed some unique contacts, I have been privy to information that is not disseminated to the masses. Some of this information I was asked to sit on. Some information I sat on because I felt it was best to do so for our entire community. You have probably seen me rant on occasion about what I thought the community was doing wrong and causing itself future pain. Each of those days I had received even more disheartening information. So where does this leave me? It leaves me with a difficult choice to make. What to tell, how much to tell, and do I want to give information out that could possible be slightly wrong. I've worked very hard to verify things through multiple sources, when possible, and some other information comes from sources so reliable that I take them at their word.
This brings me up to today. I've tossed and turned regarding how to say this, and how to express all of the information and my feelings in regards to this information. I guess the solution is to just let you all decide for yourselves what you think and what you want to do.
One Shoe Falls
Beginning in July, we (TBH), began hearing things about Motorola working on ways to make rooting the device more difficult. This was going to be done via Google through the kernel. No big deal we thought, the community always finds a way. When Froyo was released and there was no root for some time we became a bit concerned but soon there was a process and even 1-clicks. This was good news and bad news to me, because it simply meant that they would go back to the drawing board and improve upon what they had done.
During this time there were still little rumors here and there about security of devices, and other such things but nothing solid and concrete. Until November.
The Other Shoe Falls
Beginning in October, the information began coming in faster and it had more of a dire ring to it. It was also coming in from multiple sources. I began to rant a little at the state of our community, and that we were the cause of our own woes. So what did I hear?
[INDENT]1. New devices would present challenges for the community that would most likely be insurmountable, and that Motorola specifically – would be impossible to hack the bootloader. Considering we never hacked the previous 3G phones, this was less than encouraging.
2.Locked bootloaders, and phones were not a Motorola-only issue, that the major manufacturers and carriers had agreed this was the best course of action.(see new HTC devices)
3. The driving forces for device lock down was theft of service by rooted users, the return of non-defective devices due to consumer fraud, and the use of non-approved firmware on the networks.[/INDENT]
I think I posted my first angry message and tweet about being a responsible community soon after getting this information. I knew the hand writing was on the wall, and we would not be able to stop what was coming, but maybe we could convince them we were not all thieves and cut throats.
Moving along, December marked a low point for me. The information started to firm up, and I was able to verify it through multiple channels. This information made the previous information look like a day in the park. So what was new?
[INDENT]1. Multiple carriers were working collaboratively on a program that would be able to identify rooted users and create a database of their meids.
2. Manufacturers who supply Verizon were baking into the roms new security features:
a. one security feature would identify any phone using a tether program to circumvent paying for tethering services. (check your gingerbread DroidX/Droid2 people and try wireless tether)
b. a second security feature would allow the phone to identify itself to the network if rooted.
c. security item number 2 would be used to track, throttle, even possibly restrict full data usage of these rooted phones.[/INDENT][/INDENT]
The Rubber Meets the Road
So, I wish I had more time to have added this to the original post, but writing something like this takes a lot of time and effort to put all the information into context and provide some form of linear progression.
Lets get on with the story. March of this year was a monumental month for me. The information was unsettling and I felt as if we had a gigantic bulls-eye on our backs.
This is what I have heard:
[INDENT]1. The way that they were able to track rooted users is based on pushing updates to phones, and then tracking which meid's did not take the update. There is more to it than this but that is the simple version.
2. More than one major carrier besides Verizon has implemented this program and that all carriers involved had begun tracking rooted phones. All carriers involved were more than pleased with the accuracy of the program.
[INDENT]1. What I was not told is what the carriers intended to do with this information.[/INDENT]
3. In new builds the tracking would be built into the firmware and that if a person removed the tracking from the firmware then the phone would not be verified on the network (i.e. your phone could not make phone calls or access data).
4. Google is working with carriers and manufacturers to secure phones, and although Google is not working to end hacking, it is working to secure the kernel so that no future applications can maliciously use exploits to steal end-user information. But in order to gain this level of security this may mean limited chances to root the device. (This item I've been told but not yet able to verify through multiple sources – so take it for what you want)
5. Verizon has successfully used its new programs to throttle data on test devices in accordance with the guidelines of the program.
6. The push is to lock down the devices as tight as can be, but also offer un-lockable devices (Think Nexus S). [/INDENT]
The question I've asked is why? Why do all this; why go through so much trouble. The answer I get is a very logical one and one I understand even if I don't like it. It is about the money. With LTE arriving and the higher charges for data and tethering, carriers feel they must bottle up the ability of users to root their device and access this data, circumventing the expensive tethering charges.
What I would like to leave you with is that this is not an initiative unique to Verizon or Motorola, this is industry wide and encompassing many manufacturers.
So what does all this mean? You will need to make your own conjectures about what to think of all of this. But, I think that the rooting, hacking, and modding community - as we know it - is living on borrowed time.
In the final analysis of all this I guess I'll leave you with my feelings:
I will take what comes and turn it into a better brighter day, that is all I can do because I do not control the world.
I am intentionally not including any names of sources as they do not want to lose their jobs.
This information is being presented to you as I have received and verified it. *
I only deal with information pertaining to US carriers and have no specific knowledge concerning foreign carriers.