Question Sweet merciful Jesus is the Verizon bootloader still permalocked?

Search This thread
It's unfortunate; this was actually the reason I switched from Verizon to T-Mobile lol. It appears the Verizon variant of the Pixel 6 remained locked all this time so I wouldn't bet on much different with the Pixel 7 :/ Hopefully somebody finds something for those with the VZW variant.
That is precisely the reason, well, and billing that I switched to T-Mobile. And the better cell signal
 
  • Like
Reactions: jake.99x3
Weird. Strange that this would still be a thing. Not like the device was cheap to purchase.
The two java applets that control this are...
oem_lock
persistent.data.block
Typing "cmd -l" in shell...and you can see that both services are running....starting with oem_lock....sending a few service calls...you'll come to see that it points to persistent.data.block......and sending a few more service calls....you'll see that it points to GMS...Play Services...because that's the only package that has any OEM reading and/or managing capabilities....the only problem is...finding a hole...big enough to... overwrite (like what DirtyPipe did) a read only system file....or somehow repacking an OTA with a patched init_boot.img and see where it can go...and if all fails....I'm going to say DirtyCred (pending PoC release)...should be good enough to pop a root shell...but only if....u don't continue to keep updating your firmware....the older...the better....but as i don't follow the source code or patches that Google releases...it's very hard to tell when they would patch Dirty Cred....or if it's already patched fully on their new baby...the Pixel 7 Pro. But I'm hopeful to keep hammering it out. It's just right now with work and the holidays...my time is super limited and right now...I'm split with both this phone and the S22 Ultra S908U. The S22 Ultra is where I'm advancing pretty good and day by day....it's coming closer to another way in or another level of privilege. But best believe once I'm in the s22....it should be pretty easy...pulling the packages for oem_block and persistent.data.block (s22 falls under same umbrella) and learning how it works and what makes it stay in place.

***Anyone know any Magisk devs...no not John Wu? Got a couple logs...maybe someone can interpret and help me out to figure what I'm reading and what's missing***
 
Lol. Here's a simple solution. Buy the unlocked version. Who changes carriers because of a bl lock? WTF?
It's only as simple as those who have the money and shell out hundreds and hundred of dollars...but I do agree with you on some parts. Me....i had the option for either buying outright....thru any carrier...or even Google. But I like a challenge and i do like everything I'm learning and building a good database of knowledge doesn't hurt one bit. But I'll definitely be quick to say...this is absolutely not easy especially coming from simple adb commands and following a guide to hands on reading and reading lines and lines of source code and cross referencing what you can find available.
 
Jun 21, 2011
13
1
It's only as simple as those who have the money and shell out hundreds and hundred of dollars...but I do agree with you on some parts. Me....i had the option for either buying outright....thru any carrier...or even Google. But I like a challenge and i do like everything I'm learning and building a good database of knowledge doesn't hurt one bit. But I'll definitely be quick to say...this is absolutely not easy especially coming from simple adb commands and following a guide to hands on reading and reading lines and lines of source code and cross referencing what you can find available.
You got this is in the bag, I believe in you!
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    How has nobody found a solution to this? Surely it's a software thing. You'd have thought some badass member somewhere with enough of a chip on their shoulder against Verizon would have figured a way around this.

    Too bad there isn't a bounty for it.
    1
    How has nobody found a solution to this? Surely it's a software thing. You'd have thought some badass member somewhere with enough of a chip on their shoulder against Verizon would have figured a way around this.

    Too bad there isn't a bounty for it.
    I doubt it is a simple or easy as it being simply a "software thing", and I completely believe it could/would never be done...but @wr3cckl3ss1 is on the case! :D

    you can see a bit of how he's progressing HERE and HERE and HERE :)
    1
    Nice!

    Surely it couldn't be a hardware lock!?
    The issue here is 2 java applets.....nothing hardware.
    1
    My question is why is Verizon so "gung-ho" about it? More than any other carrier (other carriers eventually allow to unlock the bootloader)? I could understand when they used to repair their own devices (so they didn't want the liability and the headaches of when customers messed with the devices); but that's the not the case anymore. Outside of their greedy archaic grasp on tethering and to load unremovable bloatware, I don't know what they have to fear of unlocked bootloaders & root access.
    1
    Just get the unlocked version and use with Verizon service. What's the upside with having the Verizon variant?