*Bootloader Unlock Research* Cheesecake Clarification

Search This thread

ROB281

Senior Member
Apr 8, 2010
498
50
Houston
This sounds like something that can kill a lot if time while I'm in the office.

What are we looking for when doing this?

Sent from my DROID BIONIC using xda premium
 
  • Like
Reactions: winmof@n

phydo

Senior Member
Apr 11, 2010
494
97
Lebanon, NJ
This sounds like something that can kill a lot if time while I'm in the office.

What are we looking for when doing this?

Sent from my DROID BIONIC using xda premium

Well, I'll get to the point soon. still modifying the post. but basically the gist of it is to check ALL of motorola's update servers for updates, not just the one that comes programmed into the device. If we're lucky and we find a hidden update, we may be able to get an unlocked bootloader (or other goodies?), which will allow us to use our device as we please (new kernels, better mods, etc)
 

phydo

Senior Member
Apr 11, 2010
494
97
Lebanon, NJ
Thanks for writing this up, I've been hesitant to try it since some of the paths/files in other posts did not exist on the Bionic.

Sent from my DROID BIONIC using XDA App

Well, I was bold and basically just created the files. When I ran the *#*#4636#*#* test, I found that it did indeed change my could update server.

also the com.motorola.blur.setup was in /data/data/ and not the system/etc/motorola.
 
  • Like
Reactions: demencia89

K.AuthoR

Senior Member
Nov 30, 2008
193
22
Thank you for this. The previous directions were based on the Atrix so there were a lot of files listed that I never saw so I felt unsafe just making them up and moving things around. I'll get on this sometime in the very near future.
 

phydo

Senior Member
Apr 11, 2010
494
97
Lebanon, NJ
Thank you for this. The previous directions were based on the Atrix so there were a lot of files listed that I never saw so I felt unsafe just making them up and moving things around. I'll get on this sometime in the very near future.

I actually have been testing some methods that may not even req a wipe in between or possible before

Sent from my DROID BIONIC using Tapatalk
 
  • Like
Reactions: demencia89

phydo

Senior Member
Apr 11, 2010
494
97
Lebanon, NJ
Apparently someone found an update somewhere. Good sign. I'm going to check it out in an hour or two. Don't have my hands on it yet.

Sent from my DROID BIONIC using Tapatalk
 

kennethpenn

Retired Forum Mod / Retired Recognized Developer
Nov 29, 2006
2,703
3,773
Washington, D.C.
briefmobile.com
when I hit the server, it says it's a 5.5.886 -> 5.5.891 update

Just so everyone can see it: the update label will always be for the build ID that the zip is supposed to be installed over. That means if you've got an update:

Blur_Version.1.XT875.Verizon.en.US.zip --> This means the zip should be installed over devices running Build number "1."

Blur_Version.5.5.886.XT875.Verizon.en.US.zip --> This means the zip should be installed over devices running Build number "5.5.886."
 

cellzealot

Senior Member
Jan 4, 2008
1,314
815
Philadelphia, PA
P3 flashed it and it does absolutely contain a bootloader update.

The critical pieces are the mbm.bin, mbmloader_hs.bin and mbmloader_ns.bin.

HS and NS refer to Hardware Secure and Non Secure parts and both are included in these updates because both types of hardware are present in the test groups or whomever is the intended recipient of these files.
There is not an unlock, per se, but both secured and unsecured mbmloaders are present and the updater script has a check for the ro.secure status and loads the appropriate file for the target device.


The D3 update and assumedly this file as well cannot be reverted to stock release version, so this file must be regarded very carefully and assessed before any decision to flash or not is made.

There is a LOT more discussion we need to have about these files and OMAP SoCs I think regarding the differences between them and the Tegra II SoCs and fuse arrays! ;)

Edit: This breaks the djrbliss root method using the tcmd exploit. We need to look further and discuss with him other possibilities for root. Reverting has not been established yet and may brick since we dont have a complete XML.zip.

WARNING!!!! This is a very dangerous file to flash at this stage!!! Please do not rush into testing it yet!!!

Thanks to those who got the file and thanks to P3Droid for guinea pigging.

Oh and I have to add that clarified cheescake is an oxymoron...you garnish cheesecake with wonderful things! :D
 
Last edited:
  • Like
Reactions: kennethpenn

jimmydafish

Senior Member
Nov 10, 2007
285
307
P3 flashed it and it does absolutely contain a bootloader update.

The critical pieces are the mbm.bin, mbmloader_hs.bin and mbmloader_ns.bin.

HS and NS refer to Hardware Secure and Non Secure parts and both are included in these updates because both types of hardware are present in the test groups or whomever is the intended recipient of these files.
There is not an unlock, per se, but both secured and unsecured mbmloaders are present and the updater script has a check for the ro.secure status and loads the appropriate file for the target device.


The D3 update and assumedly this file as well cannot be reverted to stock release version, so this file must be regarded very carefully and assessed before any decision to flash or not is made.

There is a LOT more discussion we need to have about these files and OMAP SoCs I think regarding the differences between them and the Tegra II SoCs and fuse arrays! ;)

Edit: This breaks the djrbliss root method using the tcmd exploit. We need to look further and discuss with him other possibilities for root. Reverting has not been established yet and may brick since we dont have a complete XML.zip.

WARNING!!!! This is a very dangerous file to flash at this stage!!! Please do not rush into testing it yet!!!

Thanks to those who got the file and thanks to P3Droid for guinea pigging.

Oh and I have to add that clarified cheescake is an oxymoron...you garnish cheesecake with wonderful things! :D


So I decided that I just couldn't sleep not knowing if the root patch had been fixed. So I decided to flash the update.zip. And what I expected to happen, happened, it zapped the local.prop exploit.

So here I sit on the new build unrooted and stock. I'm fairly certain that if I try to revert back to the OG build I will have a paper weight on my desk until a full xml fastboot file can be found. I would suggest you all wait and don't flash this yet.
 

Enzopreme

Senior Member
Aug 5, 2011
1,161
215
Medford
So I decided that I just couldn't sleep not knowing if the root patch had been fixed. So I decided to flash the update.zip. And what I expected to happen, happened, it zapped the local.prop exploit.

So here I sit on the new build unrooted and stock. I'm fairly certain that if I try to revert back to the OG build I will have a paper weight on my desk until a full xml fastboot file can be found. I would suggest you all wait and don't flash this yet.

thats what i call takin one for the team!!! thanks bro!!! You'll be rooted again in no time, maybe even s-off!!! ;)
 
  • Like
Reactions: chardie26

kennethpenn

Retired Forum Mod / Retired Recognized Developer
Nov 29, 2006
2,703
3,773
Washington, D.C.
briefmobile.com
P3 flashed it and it does absolutely contain a bootloader update.

The critical pieces are the mbm.bin, mbmloader_hs.bin and mbmloader_ns.bin.

HS and NS refer to Hardware Secure and Non Secure parts and both are included in these updates because both types of hardware are present in the test groups or whomever is the intended recipient of these files.
There is not an unlock, per se, but both secured and unsecured mbmloaders are present and the updater script has a check for the ro.secure status and loads the appropriate file for the target device.


The D3 update and assumedly this file as well cannot be reverted to stock release version, so this file must be regarded very carefully and assessed before any decision to flash or not is made.

There is a LOT more discussion we need to have about these files and OMAP SoCs I think regarding the differences between them and the Tegra II SoCs and fuse arrays! ;)

Edit: This breaks the djrbliss root method using the tcmd exploit. We need to look further and discuss with him other possibilities for root. Reverting has not been established yet and may brick since we dont have a complete XML.zip.

WARNING!!!! This is a very dangerous file to flash at this stage!!! Please do not rush into testing it yet!!!

Thanks to those who got the file and thanks to P3Droid for guinea pigging.

Oh and I have to add that clarified cheescake is an oxymoron...you garnish cheesecake with wonderful things! :D

I suppose I was looking for the wrong things. On other devices, "ap20bl.img" was responsible for bringing such goodies as an unlock capability.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 32
    3
    3
    So I got up to 10 posts just so I could post this in the dev forums because this has really been bugging me. I love flashing, customizing and doing **** to my phone because it's my property. Up until this point I found out how to do all the stuff I wanted to just by reading and a little trial and error (hence the lack of posts) but this topic (C Block and Verizon) has me a bit annoyed to say the least. I'm a lawyer (well technically a law school graduate waiting on my NY Bar Exam results that should be out Nov. 4th) and as such I have a significant amount of free time on my hands. Now I've read through some of the C Block rules promulgated by the FCC and yeah as discussed it does seem to hinge on "reasonable" and let me tell you, most all laws do (it's a pain in the ass but that's what gives us lawyers work). I've worked for 4 different federal court judges in the Eastern District of NY and I know how federal court works. I (and I'm hoping that there are some other lawyers out there willing to do this) am offering my services pro bono (that means for free) to get the ball rolling against Verizon. If people effected by this (us 4G phone owners on Verizon, got to have standing in federal court to bring a suit and we do) can jump on this stuff before the FCC (who's probably bought off by Verizon and other companies) determines what "reasonable" is without the input of end users we might (and I stress MIGHT) have a shot at forcing Verizon to unlock the bootloaders. Again, this is just an idea because I'm bored and need to keep my legal skills sharpened. I post this here so that perhaps I can find other people to join together because there's no way in hell I could do it all by myself. The first step would be going back through FCC and court rulings to determine what "reasonable" is in similar situations and the process moves on from there. I just wanted to throw my two cents in as this community (among others) has helped me tremendously and has allowed me to do (nearly) whatever I want with MY property. I just thought that since I'm no dev it'd be nice to try to give back in a way that uses my skill set.
    3
    The provisions aren't really specific, so there's ruin for some lawyering. I'd make the argument that if Verizon/Motorola prevents the app from functioning this is the same as preventing the app from being used

    Sent from my DROID BIONIC using XDA App
    3
    P3 flashed it and it does absolutely contain a bootloader update.

    The critical pieces are the mbm.bin, mbmloader_hs.bin and mbmloader_ns.bin.

    HS and NS refer to Hardware Secure and Non Secure parts and both are included in these updates because both types of hardware are present in the test groups or whomever is the intended recipient of these files.
    There is not an unlock, per se, but both secured and unsecured mbmloaders are present and the updater script has a check for the ro.secure status and loads the appropriate file for the target device.


    The D3 update and assumedly this file as well cannot be reverted to stock release version, so this file must be regarded very carefully and assessed before any decision to flash or not is made.

    There is a LOT more discussion we need to have about these files and OMAP SoCs I think regarding the differences between them and the Tegra II SoCs and fuse arrays! ;)

    Edit: This breaks the djrbliss root method using the tcmd exploit. We need to look further and discuss with him other possibilities for root. Reverting has not been established yet and may brick since we dont have a complete XML.zip.

    WARNING!!!! This is a very dangerous file to flash at this stage!!! Please do not rush into testing it yet!!!

    Thanks to those who got the file and thanks to P3Droid for guinea pigging.

    Oh and I have to add that clarified cheescake is an oxymoron...you garnish cheesecake with wonderful things! :D


    So I decided that I just couldn't sleep not knowing if the root patch had been fixed. So I decided to flash the update.zip. And what I expected to happen, happened, it zapped the local.prop exploit.

    So here I sit on the new build unrooted and stock. I'm fairly certain that if I try to revert back to the OG build I will have a paper weight on my desk until a full xml fastboot file can be found. I would suggest you all wait and don't flash this yet.