[Q] Who doesn't Loki work on MF3?

Search This thread

jbrookley

Senior Member
Sep 4, 2011
105
12
Hello everyone,

So, I've been looking into the status of unlocking the bootloader for MF3 updates (I downloaded it and read too late that they locked the bootloader in the update, sneaky bastards) and it appears this issue still hasn't been fixed. From what I understand, Dan Rosenberg waited until the Verizon update was released before he revealed the Loki exploit but, from what I've read, this exploit does not work on the MF3 update.

My question is now what is it that stops this from working with the MF3 version? Wasn't that the initial point of the release was to solve this particular issue?

I'm trying to understand some of the specifics as I've read a number of articles and links (both in XDA as well as others) and I'm still a bit confused as to where we're at with this. From what I can see, it doesn't appear there is any workaround in sight if the Loki exploit doesn't fix it. Am I more than likely stuck with a locked bootloader for the life of this phone?

Realistically, I am still able to get root access, so it's really not the end of the world but I'd definitely like to be able to flash custom roms if I wanted to. It sounds like I can indirectly do that via Safestrap (does it basically just protect all the crucial stuff that can break the fuse on the device and allow you just use TW based roms, just not custom kernals, is that correct?). But as of now, I believe that's my only option, if I understand correctly.

I realize a number of these issues have been addressed probably a number of times but, due to the amount of details and updates that seem to be changing, I just want to make sure I have a good understanding of everything so I know what my options are. If anyone wants to address this, I'd appreciate it but if these have all been answered a million times in one form or another, I understand that as well.

Thanks for your help!

(I put my questions in bold just to draw attention to them so anyone reading it doesn't have to search through my message to find them to address them, I'm not trying to come off like I'm yelling).
 

NighthawkXL

Senior Member
Mar 4, 2013
405
319
Florida
Hello everyone,

So, I've been looking into the status of unlocking the bootloader for MF3 updates (I downloaded it and read too late that they locked the bootloader in the update, sneaky bastards) and it appears this issue still hasn't been fixed. From what I understand, Dan Rosenberg waited until the Verizon update was released before he revealed the Loki exploit but, from what I've read, this exploit does not work on the MF3 update.

My question is now what is it that stops this from working with the MF3 version? Wasn't that the initial point of the release was to solve this particular issue?

I'm trying to understand some of the specifics as I've read a number of articles and links (both in XDA as well as others) and I'm still a bit confused as to where we're at with this. From what I can see, it doesn't appear there is any workaround in sight if the Loki exploit doesn't fix it. Am I more than likely stuck with a locked bootloader for the life of this phone?

Realistically, I am still able to get root access, so it's really not the end of the world but I'd definitely like to be able to flash custom roms if I wanted to. It sounds like I can indirectly do that via Safestrap (does it basically just protect all the crucial stuff that can break the fuse on the device and allow you just use TW based roms, just not custom kernals, is that correct?). But as of now, I believe that's my only option, if I understand correctly.

I realize a number of these issues have been addressed probably a number of times but, due to the amount of details and updates that seem to be changing, I just want to make sure I have a good understanding of everything so I know what my options are. If anyone wants to address this, I'd appreciate it but if these have all been answered a million times in one form or another, I understand that as well.

Thanks for your help!

(I put my questions in bold just to draw attention to them so anyone reading it doesn't have to search through my message to find them to address them, I'm not trying to come off like I'm yelling).

When Samsung released the MF3 update they used a two-prong attack to close the Loki exploit... those being
1. Closing the exploit in the code itself.
2. Blowing a qFuse on the board to prevent us from flashing any firmware lower then MF3.

I don't really want to get into the technical aspects of how this happened... I'll let someone else answer it if they wish.
 
  • Like
Reactions: saj222

DeadlySin9

Senior Member
Sep 2, 2012
1,475
703
Google Pixel 8 Pro
Hello everyone,

what is it that stops this from working with the MF3 version? Wasn't that the initial point of the release was to solve this particular issue?

Am I more than likely stuck with a locked bootloader for the life of this phone?

does it basically just protect all the crucial stuff that can break the fuse on the device and allow you just use TW based roms, just not custom kernals, is that correct?

Nighthawk gave the short answer for the first two. Also, it's possible the update mentioned may have been the MDB>MDL update or verizon equivalent.

Technically even MDL people are stuck with a locked bootloader, but they have an exploit. People are working on an exploit for MF3+, but I can't say how likely it is one will be found.

Safestrap lets you do anything a normal recovery can except flash kernels. This is why you can only flash TW ROMs, as the AOSP and TW kernels are not compatible. Kernels would trip the bootloader checks. However, to add a bit to this and the last answer, something called kexec is in progress of being implemented into Safestrap. The exploit found allows loading unsigned modules, which in turn allows loading a kexec module, which would then load a kernel over the stock kernel while in the boot process. So if this works, it would be the next best thing to a bootloader exploit in that it would give us the same result, though I don't know if kernels will require tweaks to load in kexec.
 
  • Like
Reactions: saj222

jbrookley

Senior Member
Sep 4, 2011
105
12
Nighthawk gave the short answer for the first two. Also, it's possible the update mentioned may have been the MDB>MDL update or verizon equivalent.

Technically even MDL people are stuck with a locked bootloader, but they have an exploit. People are working on an exploit for MF3+, but I can't say how likely it is one will be found.

Safestrap lets you do anything a normal recovery can except flash kernels. This is why you can only flash TW ROMs, as the AOSP and TW kernels are not compatible. Kernels would trip the bootloader checks. However, to add a bit to this and the last answer, something called kexec is in progress of being implemented into Safestrap. The exploit found allows loading unsigned modules, which in turn allows loading a kexec module, which would then load a kernel over the stock kernel while in the boot process. So if this works, it would be the next best thing to a bootloader exploit in that it would give us the same result, though I don't know if kernels will require tweaks to load in kexec.

Thanks for taking the time to explain that!

A somewhat related question, if my S4 ever gets an OTA update for 4.3, should I deny the update in case they create more obstructions for updates or should I take it since that's the only way my phone will get 4.3 at this point?
 

hovax615@hotmail.com

Senior Member
Jan 4, 2009
1,480
305
36
Corona, CA - Murfreesboro, TN
Thanks for taking the time to explain that!

A somewhat related question, if my S4 ever gets an OTA update for 4.3, should I deny the update in case they create more obstructions for updates or should I take it since that's the only way my phone will get 4.3 at this point?

I believe the kexec exploit is being worked on for mk2? But I'm not too sure you will have to review the threads.

Sent from my GT-I9505 using xda premium
 

DeadlySin9

Senior Member
Sep 2, 2012
1,475
703
Google Pixel 8 Pro
Thanks for taking the time to explain that!

A somewhat related question, if my S4 ever gets an OTA update for 4.3, should I deny the update in case they create more obstructions for updates or should I take it since that's the only way my phone will get 4.3 at this point?

I believe the kexec exploit is being worked on for mk2? But I'm not too sure you will have to review the threads.

Sent from my GT-I9505 using xda premium

It is MK2 exclusive since the MK2 root method gives access to kernel memory and allows it. However, once on MK2 you should definitely not take any and I'm not sure whether the security policy updates are safe or not.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Hello everyone,

    So, I've been looking into the status of unlocking the bootloader for MF3 updates (I downloaded it and read too late that they locked the bootloader in the update, sneaky bastards) and it appears this issue still hasn't been fixed. From what I understand, Dan Rosenberg waited until the Verizon update was released before he revealed the Loki exploit but, from what I've read, this exploit does not work on the MF3 update.

    My question is now what is it that stops this from working with the MF3 version? Wasn't that the initial point of the release was to solve this particular issue?

    I'm trying to understand some of the specifics as I've read a number of articles and links (both in XDA as well as others) and I'm still a bit confused as to where we're at with this. From what I can see, it doesn't appear there is any workaround in sight if the Loki exploit doesn't fix it. Am I more than likely stuck with a locked bootloader for the life of this phone?

    Realistically, I am still able to get root access, so it's really not the end of the world but I'd definitely like to be able to flash custom roms if I wanted to. It sounds like I can indirectly do that via Safestrap (does it basically just protect all the crucial stuff that can break the fuse on the device and allow you just use TW based roms, just not custom kernals, is that correct?). But as of now, I believe that's my only option, if I understand correctly.

    I realize a number of these issues have been addressed probably a number of times but, due to the amount of details and updates that seem to be changing, I just want to make sure I have a good understanding of everything so I know what my options are. If anyone wants to address this, I'd appreciate it but if these have all been answered a million times in one form or another, I understand that as well.

    Thanks for your help!

    (I put my questions in bold just to draw attention to them so anyone reading it doesn't have to search through my message to find them to address them, I'm not trying to come off like I'm yelling).

    When Samsung released the MF3 update they used a two-prong attack to close the Loki exploit... those being
    1. Closing the exploit in the code itself.
    2. Blowing a qFuse on the board to prevent us from flashing any firmware lower then MF3.

    I don't really want to get into the technical aspects of how this happened... I'll let someone else answer it if they wish.
    1
    Hello everyone,

    what is it that stops this from working with the MF3 version? Wasn't that the initial point of the release was to solve this particular issue?

    Am I more than likely stuck with a locked bootloader for the life of this phone?

    does it basically just protect all the crucial stuff that can break the fuse on the device and allow you just use TW based roms, just not custom kernals, is that correct?

    Nighthawk gave the short answer for the first two. Also, it's possible the update mentioned may have been the MDB>MDL update or verizon equivalent.

    Technically even MDL people are stuck with a locked bootloader, but they have an exploit. People are working on an exploit for MF3+, but I can't say how likely it is one will be found.

    Safestrap lets you do anything a normal recovery can except flash kernels. This is why you can only flash TW ROMs, as the AOSP and TW kernels are not compatible. Kernels would trip the bootloader checks. However, to add a bit to this and the last answer, something called kexec is in progress of being implemented into Safestrap. The exploit found allows loading unsigned modules, which in turn allows loading a kexec module, which would then load a kernel over the stock kernel while in the boot process. So if this works, it would be the next best thing to a bootloader exploit in that it would give us the same result, though I don't know if kernels will require tweaks to load in kexec.