Hope for unlocked bootloader
- Thread starter Morkai Almandragon
- Start date
Hard to read the image on my note 3. Where is the link to the websites maybe able to readable?
I am pretty sure that there still needs to be a way to blow the Qfuse that tells the boot loader the device is unlocked. On some HTC and Motorola devices, that fuse was directly addressable by software that was validated through TrustZone. So once TrustZone was compromised, a command could be given to the software responsible for Qfuse programming to blow the appropriate fuse and unlock the device. It's entirely possible that Samsung uses some different method of Qfuse programming or that particular fuse is not addressable on the Note 3 hardware. So there is hope if somebody will look into this, but it is definitely not a sure thing.
Broken link. In summary, there was a particular situation with how the bootloader was locked that allowed this exploit to break Motorola's implimentation. There is one fuse that tells the bootloader that it is locked that was blown, one that tells if it's permanently locked that was not, and one that if the permanent lock fuse isn't blown but this one is tells the bootloader it isn't locked.. The Trust zone vulnerability allowed him to send a command to blow that last fuse. Since you can't I unblow a fuse, this means permanent unlock. At least until the permanent lock is blown on an OTA.
Samsung may have different logic to determine if the bootloader is locked or may have blown the permanent lock fuse if the same logic is used.
Supposedly, it's already done. It affects all Snapdragon phones, including the Note 3.
However... they go on to say that the exploit was released over a month ago... and some phones are already patched.
DroidLife seems to be somewhat detached from the root community, though, since they assume that "already patched" means that everyone that owns the phone has installed the OTA. I'm on NC2, and I updated from MI9. I hope that NC2 is still vulnerable. MI9 was the initial release.
As an aside... I'm not sure if I particularly care about unlocking my bootloader. Installing AOSP roms doesn't appeal much to me, since the developer edition (for instance) has been out for a long time... and the best they can do with the S-Pen is to emulate a mouse input. Maybe modded kernels would hold more interesting possibilities... but even when I had my S3 I didn't mess with the kernel that often.
I'd at least like to be able to try aosp ROM on here. I tried eclipse and enjoyed it but a full ROM would be nice.
I haven't updated in months, so on MI9 and like it the way it is. That being said, I'd love to unlock it
First of all... if you're on MI9, you've NEVER updated. MI9 was the initial release. Right?
If you're on MI9... You should be able to unlock it. *See Note 1 below
My logic: MI9 is the initial release. If they were able to unlock a Note 3, then it was MI9 or later... and you can flash any release you want from MI9. (Careful, though that you can't go backwards... with the exception of MJE <--> NC2)
***Note 1***
I didn't see it specified that they unlocked a VERIZON Note 3. I don't remember if Verizon lagged behind other carriers in releasing the Note 3. Perhaps Verizon had a patch in to begin with. I'm not even sure if that's a possibility... but I wouldn't put it past them.
I'm not terribly interested in being unlocked per se, but it would spike the interest of devs to be sure.
Note III KK-style
LOL i dont care what yall say id love my BOOTLOADER UNLOCKED sick of Verizon telling me what to do screeeeeeewwwwwwwwwww yooooouuuuuu veirzon
I'd love to get custom kernels on here. My Note 3 flies. Love it... But I'd also love to have the option.
Hate VZW. And even Samsung. Let us do what we want!
Hate VZW. And even Samsung. Let us do what we want!
Keep in mind that this exploit only works on Motorola phones because of both the ability to run arbitrary code in TrustZone and the particular method Motorola used to determine bootloader lock status. At the bottom it notes other devices that have the TrustZone vulnerability. If these devices do not use the exact same method to determine unlocked status, this method will not work. Somebody will need to reverse engineer the Note 3 bootloader to determine how the check is performed and if some command from TrustZone can cause an unlock. In the mean time Samsung can patch the TrustZone kernel and it would be back to square one...
Welcome to Verizon's communist.
I'd love to have a unlock bootloader and I paid $700 retail edition note 3 to keep grandfathered unlimited data and I should have gone get a dev edition instead. In future, I'm not going to buy any phone from Verizon unless it has unlock bootloader or a DEV edition.
I'd love to have a unlock bootloader and I paid $700 retail edition note 3 to keep grandfathered unlimited data and I should have gone get a dev edition instead. In future, I'm not going to buy any phone from Verizon unless it has unlock bootloader or a DEV edition.
Not gonna happen
Check out @djrbliss's Tweet: https://twitter.com/djrbliss/status/497552086171533312
Sent from my SM-N900V using Tapatalk
Check out @djrbliss's Tweet: https://twitter.com/djrbliss/status/497552086171533312
Sent from my SM-N900V using Tapatalk
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone