Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,728,117 Members 47,389 Now Online
XDA Developers Android and Mobile Development Forum

[hoax][Q] Key to Motorola's locked bootloaders found

Tip us?
 
JonesWTF
Old
#111  
JonesWTF's Avatar
Senior Member
Thanks Meter 127
Posts: 545
Join Date: Jan 2010
Location: London
Mine is now useless to me because I can't get the sound working anymore. That's the only problem with it.
If someone throws together a rom and recovery using these keys, I'm more than happy to try it out on my Milestone.
[CENTER]@JonesWTF

The Following User Says Thank You to JonesWTF For This Useful Post: [ Click to Expand ]
 
TheSSJ
Old
#112  
TheSSJ's Avatar
Senior Member
Thanks Meter 85
Posts: 660
Join Date: Feb 2010

 
DONATE TO ME
https://twitter.com/#!/nenolod/status/49639128924557312

But no proof without pictures or a little vid...
If you liked my tutorial(s)/support, click the thank you button

Phone history:
HTC Tattoo - sold
Motorola Milestone - died (RIP, HW Keyboard)
LG Optimus Speed - sold

Samsung Galaxy S3


 
kabaldan
Old
(Last edited by kabaldan; 21st March 2011 at 03:40 PM.)
#113  
kabaldan's Avatar
Recognized Developer
Thanks Meter 3033
Posts: 1,334
Join Date: Dec 2009
Location: Prague

 
DONATE TO ME
Nenolod has been talking a lot of bull**** in the past (back in October, about how he >almost< cracked the Motorola's bootloader - all based on nonsensical alleged similarity to some HTC code), and he's doing it again now.

Read this tweet: http://twitter.com/nenolod/status/49639128924557312
The conclusion from it is simple. All that nenolod needs to do to prove himself is to upload his modified, yet still bootable CDT (18kB). But he refused to do that with lame excuses (on IRC). That was the point that led to the Koush's tweet I linked in this thread before (Clockworkmod).

Nenolod keeps talking about Secure keystore, but there's no such thing on Motorola's phones. When asked about that, he explained that he means CDT. But CDT does not contain any keys (but yes, it specifies the types and addresses of signatures in other CGs).
Nenolod keeps talking about signing SBFs as the way to beat the bootloader, yet the sbf file itself is not signed at all (only the CGs inside it - and if you'd be able to sign the CGs, e.g. CDT, you wouldn't need a sbf file to flash it at all).
The published key is not even 256bit long...

I could go on, but I don't want to waste more time debating this nonsense (until I'm proven wrong ).
The Following 8 Users Say Thank You to kabaldan For This Useful Post: [ Click to Expand ]
 
alijs
Old
#114  
alijs's Avatar
Senior Member
Thanks Meter 22
Posts: 257
Join Date: Jan 2011
Location: Amman
Quote:
Originally Posted by TheSSJ View Post
I fear that someone has to sacrifize a Milestone to test it...
I'm ready, show me what to do & I'll do it.
"@nenolod #asshole"
The Following User Says Thank You to alijs For This Useful Post: [ Click to Expand ]
 
divicos
Old
#115  
Member
Thanks Meter 6
Posts: 65
Join Date: Jan 2010
Location: Avezzano, L'Aquila
so kabladan, you mean you're quite sure even this time it may be an hoax??
 
w4tchout
Old
#116  
Member
Thanks Meter 5
Posts: 71
Join Date: Jun 2010
Quote:
Originally Posted by kabaldan View Post
Nenolod has been talking a lot of bull**** in the past (back in October, about how he >almost< cracked the Motorola's bootloader - all based on nonsensical alleged similarity to some HTC code), and he's doing it again now.

Read this tweet: http://twitter.com/nenolod/status/49639128924557312
The conclusion from it is simple. All that nenolod needs to do to prove himself is to upload his modified, yet still bootable CDT (18kB). But he refused to do that with lame excuses (on IRC). That was the point that led to the Koush's tweet I linked in this thread before (Clockworkmod).

Nenolod keeps talking about Secure keystore, but there's no such thing on Motorola's phones. When asked about that, he explained that he means CDT. But CDT does not contain any keys (but yes, it specifies the types and addresses of signatures in other CGs).
Nenolod keeps talking about signing SBFs as the way to beat the bootloader, yet the sbf file itself is not signed at all (only the CGs inside it - and if you'd be able to sign the CGs, e.g. CDT, you wouldn't need a sbf file to flash it at all).
The published key is not even 256bit long...

I could go on, but I don't want to waste more time debating this nonsense (until I'm proven wrong ).
Thanks for clarifying kabaldan.. I won't get my hopes up as this does indeed sound like a hoax. Let's see what the Freemymoto team comes up with
 
JonesWTF
Old
#117  
JonesWTF's Avatar
Senior Member
Thanks Meter 127
Posts: 545
Join Date: Jan 2010
Location: London
Quote:
Originally Posted by kabaldan View Post
The published key is not even 256bit long...
This is the only thing that's kind of pushing me to calling bull****. If he is right, however, I will be over the moon
[CENTER]@JonesWTF

 
ashketchum
Old
(Last edited by ashketchum; 21st March 2011 at 04:46 PM.)
#118  
Junior Member
Thanks Meter 7
Posts: 22
Join Date: May 2010
It is certainly possible that this is a hoax or an April Fools' prank. There was a similar one on twitter last year just a few days before April 1st, when someone claimed that they had cracked the then newly released PC game Assassin's Creed II (which had Ubisoft's new DRM which required users to be constantly connected to the internet to play the game). They kept posting status updates about their "progress" and on April 1st they finally posted a download link which turned out to be some malware. They later claimed that it was harmless since it would be detected and deleted by antivirus software on the users' computers. People were pissed initially but soon forgot about that prank since a few days later someone really did manage to bypass Ubisoft's DRM.

Anyway, the "proved wrong", "proven wrong", etc. that koushik and kabaldan have been adding to their posts suggests that they are themselves not 100% sure whether this is fake or not.

And if it really is a prank, then it is a very well executed one since many major Android blogs have picked it up.

Also, I noticed that in nenolod's Sholes signing key leak explained page, he has mentioned Codegroup Descriptor Table as the full form of CDT (which just sounds right). Whereas, in this and-developers.com page about Milestone partitions, they have mentioned the full form as CDT as Code Description Table with a question mark at the end. From this, it seems like nenolod knows what he is talking about. As I said, if it is a prank, it certainly is a very well executed one. He certainly had me fooled for a while but now I am not so sure what to believe. I think there is still a slight chance that this is real but there is a greater chance that this is fake. I guess I will find out on April 1st (or maybe not, if he chickens out and decides to keep quiet).

If this is indeed a prank, nenolod should be prepared for an a** kicking.
 
SlowlyDead
Old
#119  
Member
Thanks Meter 0
Posts: 39
Join Date: Jan 2008
May has nothing to do with this, but all sbf by moto are down.
http://droid-world.bplaced.net/index...ware%20Dateien
All links from here to the official motorola page are down.
 
drsouly
Old
#120  
Member
Thanks Meter 6
Posts: 97
Join Date: May 2010
Quote:
Originally Posted by ashketchum View Post
awweessommme

Tags
bootloader, locked, miletone, motorola
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes