Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[hoax][Q] Key to Motorola's locked bootloaders found

OP zamana

21st March 2011, 04:25 PM   |  #111  
JonesWTF's Avatar
Senior Member
Flag London
Thanks Meter: 138
 
551 posts
Join Date:Joined: Jan 2010
More
Mine is now useless to me because I can't get the sound working anymore. That's the only problem with it.
If someone throws together a rom and recovery using these keys, I'm more than happy to try it out on my Milestone.
The Following User Says Thank You to JonesWTF For This Useful Post: [ View ]
21st March 2011, 04:36 PM   |  #112  
TheSSJ's Avatar
Senior Member
Thanks Meter: 88
 
661 posts
Join Date:Joined: Feb 2010
Donate to Me
More
https://twitter.com/#!/nenolod/status/49639128924557312

But no proof without pictures or a little vid...
21st March 2011, 04:37 PM   |  #113  
kabaldan's Avatar
Recognized Developer
Flag Prague
Thanks Meter: 3,424
 
1,434 posts
Join Date:Joined: Dec 2009
Donate to Me
More
Nenolod has been talking a lot of bull**** in the past (back in October, about how he >almost< cracked the Motorola's bootloader - all based on nonsensical alleged similarity to some HTC code), and he's doing it again now.

Read this tweet: http://twitter.com/nenolod/status/49639128924557312
The conclusion from it is simple. All that nenolod needs to do to prove himself is to upload his modified, yet still bootable CDT (18kB). But he refused to do that with lame excuses (on IRC). That was the point that led to the Koush's tweet I linked in this thread before (Clockworkmod).

Nenolod keeps talking about Secure keystore, but there's no such thing on Motorola's phones. When asked about that, he explained that he means CDT. But CDT does not contain any keys (but yes, it specifies the types and addresses of signatures in other CGs).
Nenolod keeps talking about signing SBFs as the way to beat the bootloader, yet the sbf file itself is not signed at all (only the CGs inside it - and if you'd be able to sign the CGs, e.g. CDT, you wouldn't need a sbf file to flash it at all).
The published key is not even 256bit long...

I could go on, but I don't want to waste more time debating this nonsense (until I'm proven wrong ).
Last edited by kabaldan; 21st March 2011 at 04:40 PM.
The Following 8 Users Say Thank You to kabaldan For This Useful Post: [ View ]
21st March 2011, 04:44 PM   |  #114  
alijs's Avatar
Senior Member
Flag Amman
Thanks Meter: 22
 
257 posts
Join Date:Joined: Jan 2011
More
Quote:
Originally Posted by TheSSJ

I fear that someone has to sacrifize a Milestone to test it...

I'm ready, show me what to do & I'll do it.
The Following User Says Thank You to alijs For This Useful Post: [ View ]
21st March 2011, 04:50 PM   |  #115  
Member
Flag Avezzano, L'Aquila
Thanks Meter: 6
 
65 posts
Join Date:Joined: Jan 2010
More
so kabladan, you mean you're quite sure even this time it may be an hoax??
21st March 2011, 04:51 PM   |  #116  
Member
Thanks Meter: 5
 
71 posts
Join Date:Joined: Jun 2010
More
Quote:
Originally Posted by kabaldan

Nenolod has been talking a lot of bull**** in the past (back in October, about how he >almost< cracked the Motorola's bootloader - all based on nonsensical alleged similarity to some HTC code), and he's doing it again now.

Read this tweet: http://twitter.com/nenolod/status/49639128924557312
The conclusion from it is simple. All that nenolod needs to do to prove himself is to upload his modified, yet still bootable CDT (18kB). But he refused to do that with lame excuses (on IRC). That was the point that led to the Koush's tweet I linked in this thread before (Clockworkmod).

Nenolod keeps talking about Secure keystore, but there's no such thing on Motorola's phones. When asked about that, he explained that he means CDT. But CDT does not contain any keys (but yes, it specifies the types and addresses of signatures in other CGs).
Nenolod keeps talking about signing SBFs as the way to beat the bootloader, yet the sbf file itself is not signed at all (only the CGs inside it - and if you'd be able to sign the CGs, e.g. CDT, you wouldn't need a sbf file to flash it at all).
The published key is not even 256bit long...

I could go on, but I don't want to waste more time debating this nonsense (until I'm proven wrong ).

Thanks for clarifying kabaldan.. I won't get my hopes up as this does indeed sound like a hoax. Let's see what the Freemymoto team comes up with
21st March 2011, 04:52 PM   |  #117  
JonesWTF's Avatar
Senior Member
Flag London
Thanks Meter: 138
 
551 posts
Join Date:Joined: Jan 2010
More
Quote:
Originally Posted by kabaldan

The published key is not even 256bit long...

This is the only thing that's kind of pushing me to calling bull****. If he is right, however, I will be over the moon
21st March 2011, 05:28 PM   |  #118  
Junior Member
Thanks Meter: 7
 
23 posts
Join Date:Joined: May 2010
It is certainly possible that this is a hoax or an April Fools' prank. There was a similar one on twitter last year just a few days before April 1st, when someone claimed that they had cracked the then newly released PC game Assassin's Creed II (which had Ubisoft's new DRM which required users to be constantly connected to the internet to play the game). They kept posting status updates about their "progress" and on April 1st they finally posted a download link which turned out to be some malware. They later claimed that it was harmless since it would be detected and deleted by antivirus software on the users' computers. People were pissed initially but soon forgot about that prank since a few days later someone really did manage to bypass Ubisoft's DRM.

Anyway, the "proved wrong", "proven wrong", etc. that koushik and kabaldan have been adding to their posts suggests that they are themselves not 100% sure whether this is fake or not.

And if it really is a prank, then it is a very well executed one since many major Android blogs have picked it up.

Also, I noticed that in nenolod's Sholes signing key leak explained page, he has mentioned Codegroup Descriptor Table as the full form of CDT (which just sounds right). Whereas, in this and-developers.com page about Milestone partitions, they have mentioned the full form as CDT as Code Description Table with a question mark at the end. From this, it seems like nenolod knows what he is talking about. As I said, if it is a prank, it certainly is a very well executed one. He certainly had me fooled for a while but now I am not so sure what to believe. I think there is still a slight chance that this is real but there is a greater chance that this is fake. I guess I will find out on April 1st (or maybe not, if he chickens out and decides to keep quiet).

If this is indeed a prank, nenolod should be prepared for an a** kicking.
Last edited by ashketchum; 21st March 2011 at 05:46 PM.
21st March 2011, 06:17 PM   |  #119  
Member
Thanks Meter: 0
 
39 posts
Join Date:Joined: Jan 2008
May has nothing to do with this, but all sbf by moto are down.
http://droid-world.bplaced.net/index...ware%20Dateien
All links from here to the official motorola page are down.
21st March 2011, 06:20 PM   |  #120  
Member
Thanks Meter: 6
 
97 posts
Join Date:Joined: May 2010
More
Quote:
Originally Posted by ashketchum

a** kicking.

awweessommme

Post Reply Subscribe to Thread

Tags
bootloader, locked, miletone, motorola
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes