News + Articles
Sign In
Create Account
Sponsored Links
Recent Editorial
Recent Articles
Recent Article Comments
Sponsored Links
Recent Topics
Recent Replies
Sponsored Links
0
Orange: San Diego is bootloader locked and staying that way
Jun 20 2012 08:00 AM |
PaulOBrien
in Android
Following on from our review of the Orange San Diego, we've been looking into the bootloader lock / rooting / security situation including asking for an official line from Orange. This morning, my worst fears were confirmed... the device is completely locked down.
In the words of an Orange spokesperson...
This confirms what I have seen in my research to date - the device will not boot a modified boot or recovery image. This also suggests that if we DO get root via an exploit and manage to write the Superuser files to the system partition, the device then may also not boot if the main system partition is being checked too. We have seen numerous Ice Cream Sandwich leaks for the devices (engineering releases with Superuser access), but these do not flash to retail devices, suggesting test devices have unlocked bootloaders and recovery partitions that flash test signed update zips.
This news will be quite a disappointment to those (myself included) who hoped the San Diego would succeed the San Francisco as the enthusiasts phone of choice. Aside from messing around with ROMs and the like, a number of applications I use on a daily basis NEED root access so the phone really isn't for me (to the extent I now have to decide whether to sell it on).
The big manufacturers have learnt now that this isn't the way forward and giving consumers choice is the way to be successful... it seems Orange have yet to learn this (I was going to write 'the networks' but kudos to Vodafone for shipping the Ascend G300 with an open configuration).
A final thought for Orange / Intel... although you've locked down the phone, you haven't done a great job. A user with a basic (dangerous) level of fastboot knowledge can 'fastboot flash' both the boot and recovery partitions, effectively 'bricking' the phone.
In the words of an Orange spokesperson...
Quote
Security of the platform is very important to our customers. The device comes with an OS that is fairly flexible and you can load a large number of apps that don’t impact the ROM on the phone itself. If phones aren’t security locked it’s possible that someone could develop a virus that could cause a large amount of harm to the device and/or personal security of our customers.
One of the features of our devices is the programmable security engine on the platform. This is done to protect the ROM and the boot loader from corruption or from being overwritten. All production devices are secured utilizing keyed encryption.
For these reasons, the San Diego can’t be unlocked, and we don’t have any future plans to offer the ability to unlock it.
One of the features of our devices is the programmable security engine on the platform. This is done to protect the ROM and the boot loader from corruption or from being overwritten. All production devices are secured utilizing keyed encryption.
For these reasons, the San Diego can’t be unlocked, and we don’t have any future plans to offer the ability to unlock it.
This confirms what I have seen in my research to date - the device will not boot a modified boot or recovery image. This also suggests that if we DO get root via an exploit and manage to write the Superuser files to the system partition, the device then may also not boot if the main system partition is being checked too. We have seen numerous Ice Cream Sandwich leaks for the devices (engineering releases with Superuser access), but these do not flash to retail devices, suggesting test devices have unlocked bootloaders and recovery partitions that flash test signed update zips.
This news will be quite a disappointment to those (myself included) who hoped the San Diego would succeed the San Francisco as the enthusiasts phone of choice. Aside from messing around with ROMs and the like, a number of applications I use on a daily basis NEED root access so the phone really isn't for me (to the extent I now have to decide whether to sell it on).
The big manufacturers have learnt now that this isn't the way forward and giving consumers choice is the way to be successful... it seems Orange have yet to learn this (I was going to write 'the networks' but kudos to Vodafone for shipping the Ascend G300 with an open configuration).
A final thought for Orange / Intel... although you've locked down the phone, you haven't done a great job. A user with a basic (dangerous) level of fastboot knowledge can 'fastboot flash' both the boot and recovery partitions, effectively 'bricking' the phone.
About the author
201 Comments
TimSmall
Nov 28 2012 12:06 PM
http://lwn.net/Articles/15468/
http://lwn.net/Articles/280058/
Seeing as the San Diego is an x86 device, and can now be rooted... This would side-step the bootloader issue altogether.
Tim.
jikobutsu
Nov 28 2012 12:55 PM
ayziaa
Nov 28 2012 01:15 PM
Edit : what I'm gonna say could be pretty stupid but I'm gonna say it anyway please correct me if i'm wrong. fibblesan said in an other thread that if we had unlocked bootloader, at this point we could get android 4.1 x86 code by intel, compile it and falsh it. I don't know if intel have a github or something, and if they made the 4.1 source code available but if they did, we could compile that with it's kernel and try to boot it with kexec right?
flibblesan
Nov 29 2012 05:39 PM
We the bootloader is locked so this might never happen.
ayziaa
Nov 29 2012 06:40 PM
We the bootloader is locked so this might never happen.
Sorry to repeate myselft but with this kexec coundn't we boot a custom kernel without having to reboot completely the device, so without the bootloader checking the signatures? Because we can write over /system and we know that the bootloader doesn't check that, isn't a custom rom just a kernel and a /system? Or does each rom need a boot.img to boot which can be only launched by the bootloader (so kexec would be useless without unlocked bootloader)?
Trying to learn new stuff here!
jikobutsu
Nov 29 2012 07:48 PM
Custom rom, yes basically, it is the system, kernel and, boot.img, and whatever tweaks mods are added to those three by the Dev.
ayziaa
Nov 29 2012 07:53 PM
Custom rom, yes basically, it is the system, kernel and, boot.img, and whatever tweaks mods are added to those three by the Dev.
mickael
Dec 09 2012 09:07 PM
I don't know about how work and if it's possible on this device but it's possible on Defy to launch custom ROM with 2nd init .
So do you know if it's possible to see that on San Diego ?
ayziaa
Dec 09 2012 09:30 PM
I don't know about how work and if it's possible on this device but it's possible on Defy to launch custom ROM with 2nd init .
So do you know if it's possible to see that on San Diego ?
ayziaa
Dec 09 2012 10:29 PM
http://cvpcs.org/blo...nd_how_it_works
mickael
Dec 10 2012 12:24 PM
I see the post about Milestone : http://modmymobile.c...-21-2010-a.html
An dthe link for the GITHUB : http://gitorious.org...id/openrecovery
But it's not for me
MrPuddington
Feb 03 2013 10:23 AM
Custom rom, yes basically, it is the system, kernel and, boot.img, and whatever tweaks mods are added to those three by the Dev.
grizzlyflea
Feb 03 2013 11:42 AM
Sorry to warming up an old conversation, but I remember that the ZTE Blade got dual boot at some point. Since Android is based on Linux, you can specify any root device during the boot phase. Maybe that would a useful thing to do with kexec - start a new kernel and mount a new root device, possibly even on the SD card.
demoded
Feb 14 2013 04:41 AM
shootomanUK
Feb 16 2013 02:48 PM
thanks my AZ210A turned into an X900 and is now a SP-A20i lol
the rom works great, wonder if ricky could ad it to his AIO tool ?
it feels way faster than both the others and that is even running the megashell app, without that maybe even faster !
BlueMoonRising
Feb 16 2013 03:02 PM
the rom works great, wonder if ricky could ad it to his AIO tool ?
it feels way faster than both the others and that is even running the megashell app, without that maybe even faster !
shaper
Feb 16 2013 07:52 PM
When I went back to xolo ics ...
shootomanUK
Feb 16 2013 08:53 PM
it just feels a bit quicker, has megashell running from startup, there are a few russian apps on it, not sure as to updates to the phones hardware etc.
Caution: DOES NOT ROOT ! (for me anyway)
best wait for Ricky,Flibblesan or Jikobutsu who have more experience than me to have a bash at it before anyone tries it out !
BlueMoonRising
Feb 16 2013 09:47 PM
i am not a hacker
Feb 17 2013 11:51 AM
shootomanUK
Feb 17 2013 05:02 PM
no mate its megashell :
https://play.google....egafon&hl=en_GB
i am not a hacker
Feb 17 2013 06:00 PM
no mate its megashell :
https://play.google....egafon&hl=en_GB
shootomanUK
Feb 17 2013 07:26 PM
oh yeah its the same, when searching google it does say originally made by spb software, might be a sister company megalabs ?
quote:"For the Russian market applications installed on the phone and megaphone MegaShell - customizable 3D Shell [ clarify ], originally developed by SPB Software (absorbed in 2011 " by Yandex "), optimized to run on Intel Atom"
but whats the point in paying £10 for spb shell, when megashel is free lol
i am not a hacker
Feb 17 2013 08:11 PM
BlueMoonRising
Feb 17 2013 09:39 PM