N900V Bootloader Bypassed + Custom Recovery...may be possible on N900A?
- Thread starter tropazr
- Start date
I would definitely think so since hashcode is the one that is known for getting safestrap to the Verizon note 3 first and is now making very good progress on getting it to us at&t guys who can't get anything but root. . Alpha version for now..
sent from my rooted, rommed, and strapped at&t note3... eat that at&t
No it hasn't been unlocked or bypassed. I suspect the OP was a little confused as to what safestrap actually does.
People are just confused and rightly so. You can flash roms with safestrap as long as you use the stock kernel provided by AT&T. Safestrap redirects the /system partition which isn't protected like the /boot partition is. This is fine right now, but once KitKat builds or AOSP start showing for the international version it's going to be a different story unless a way is found to unlock the bootloader and flash kernels on the N900A.
Last edited:
So the bootloader isn't bypassed by this method? Not unlocked...but bypassed? I thought that a locked bootloader was what prevented custom ROMs from being flashed? I understand it's not unlocked but it's been bypassed enough to flash a custom recovery/ROM...correct? I clearly am not an expert in the exact terminology/procedures of this so I am asking out of curiosity.
No the locked bootloader on the Note3 for ATT is protecting the kernel just like aboot protects the bootloader. It's a chain of events. The obstacle for flashing roms without kernels on the n900a was mainly SELinux enforcing. Other than that, it's about the same as the n900v. Again, the /system partition was never protected like the /boot partition is. That's why RDLV and safestrap work and don't effect the knox warranty status. It's because it doesn't change an area that is protected.
Last edited:
Agreed. Wasn't sure if you've seen the progress or not.
Sent from my SAMSUNG-SGH-I467 using Tapatalk 4
True
+1. And yes the breathing room afforded on the current version, will obviously be closed. They have to, when you realize you have millions of dollars of DoD, Enterprise contracts riding on this. You would obviously want to not take the next update, as even the /system partition loophole will be closed. And then, like hashcode has said it will be the end of the SS for locked bootloaders. unless someone leaks the signing keys or another loki type exploit is found (doubt it) it is pretty much impossible to break it. Don't want to sound pessimistic, but dealing with IT security on a daily basis, it does not look good .. unfortunately, yeah that is why I got the T-Mo Note 3 running great on the ATT network, of course my own ROM and kernel
, yeah the flexibility of unlocked bootloader shaves an insane amount of time for customization..
+1. And yes the breathing room afforded on the current version, will obviously be closed. They have to, when you realize you have millions of dollars of DoD, Enterprise contracts riding on this. You would obviously want to not take the next update, as even the /system partition loophole will be closed. And then, like hashcode has said it will be the end of the SS for locked bootloaders. unless someone leaks the signing keys or another loki type exploit is found (doubt it) it is pretty much impossible to break it. Don't want to sound pessimistic, but dealing with IT security on a daily basis, it does not look good .. unfortunately, yeah that is why I got the T-Mo Note 3 running great on the ATT network, of course my own ROM and kernel
, yeah the flexibility of unlocked bootloader shaves an insane amount of time for customization..
GoSooners345
Senior Member
To sum up
TrustZone protection implementation on Qualcomm devices suffers from integer overflow when checking if address is in protected memory vs nonprotected.
This allows for nonpriviledged code to write into protected memory.
Now.
Somebody needs to write some ARM code to try this.
TrustZone protection implementation on Qualcomm devices suffers from integer overflow when checking if address is in protected memory vs nonprotected.
This allows for nonpriviledged code to write into protected memory.
Now.
Somebody needs to write some ARM code to try this.
GoSooners345
Senior Member
Because QSEE on our N3 is infact vulnerable but the way Sammy locks BL works different than the way Moto(e-fuse) does it.
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
5The Verizon Note 3 variant N900V has had it's bootloader bypassed by @Hashcode and custom recovery has now been achieved on that device. I talked to @bajasur who is running their bounty thread and he believes that the same safestrap method could possibly be used on the N900A (our version). If @Hashcode can get this to work on the N900A I am sure development will move quickly so get over to our bounty thread and make your bounty pledges now!!! http://xdaforums.com/showthread.php?t=2493369
See @bajasur's N900V Bounty Thread here...
http://xdaforums.com/showthread.php?t=2473918
Sent from my SAMSUNG-SM-N900A using XDA Premium 4 mobile app3
No the locked bootloader on the Note3 for ATT is protecting the kernel just like aboot protects the bootloader. It's a chain of events. The obstacle for flashing roms without kernels on the n900a was mainly SELinux enforcing. Other than that, it's about the same as the n900v. Again, the /system partition was never protected like the /boot partition is. That's why RDLV and safestrap work and don't effect the knox warranty status. It's because it doesn't change an area that is protected.11
Have you not looked in the development forums?
Sent from my SAMSUNG-SGH-I467 using Tapatalk 4
New posts
-
[App][Beta] Stinger News - News and RSS feeds your way. [FREE] [NO ADS]
- Latest: Stephen.k.spear
-
-
Does usb otg not work on all custom roms or works on some?
- Latest: myanonymousaccountname
-
-
