Possible Ways to Crack the Bootloader

[Jaxidian]

I fully support an @home project, but it has to pan out to a true supercomputer status of cpu power or it will take years, even decades, to crack an encryption that is probably already replaced in newer phones.

We need some stats and specs to give an idea of how much cpu time and how many people would be needed to crack sha1 in a reasonable time.

What is the size of a single sha1 hash? How long does a typical (let's say a core duo/core 2 duo powered machine) computer take to run a single operation? From there we can move on to how many operations a second it is capable of, and work our way down to the end result of: how many users are needed to crack the code in x amount of time?

I see it this way. I have a droid 2 global on 2 year contract, with 20 months left. If it cant be done by 18 months then I do not believe the attempt to even be viable, considering how many of us have droid x's and 2's and milestones looking to upgrade.

The last time I crunched some numbers, with the help of some others in ##pbf on Freenode, it seemed like it would take ~1250 years if we had 1000 actual computers working on it. With cloud computing options (Azure, EC2, etc.), a quick burst of 1000 computers (an hour or two) isn't impossible nor that expensive but it's still a few orders of magnitude away and a sustained effort would be beyond affordable. If we had a million computers crunching the numbers, we'd still need over a solid year of it.

Unfortunately, I just don't have a botnet all. Sorry.

 

[WugFresh]

Yeah, that's why I shifted towards this new approach.. I didn't want to admit it, but the order of magnitude is still ridiculous. I am still curious to see what my math professor says.. maybe he will shed light on something I wasn't aware of.

{{ WugFresh }}

 

[WugFresh]

Ok. Enough chatting. I'm going underground. I will try and emerge with an app. Please keep this thread alive and keep bumping the petition thread. Together we will prevail!

{{ WugFresh }}

 

[Brennan_Huber]

Goodluck Wug!! We've got it started so let's get it finished!

FreeMyMoto!!
FreeMyMoto!!
FreeMyMoto!!

 

[PalmerCurling]

I know you haven't been working for long, but as you progress please keep us informed. When we have something done, I'll get it posted to XDA

Sent from my DROIDX using Tapatalk

 

[twalbaum]

Why don't we contact some of the bigger mobile or tech news sites to see if they will publicize our cause? Like engadget or something.

 

[Snow02]

Unfortunately, and I hate to say it, moto does not care. This is inspiring and all, but the only way to really make a difference is not buy motorola products in the future and have friends and family do the same. If there is a concerted effort behind a boycott, and motorola sees a measurable dip in revenue, maybe they will start to care.

But you can throw 10 million signatures in their face, but if their money isn't affected, they will not care. Bottom line. So if you really want to see unlockable motorola hardware, make sure your next purchase is not a motorola product and convince everyone you know to do the same.

 

[WugFresh]

Don't be so quick to rain on the parade Snow. I agree that a boycott is more effective than a boycott threat but the warning can actually be effective. Gives moto the chance to prevent it from panning out. You can't assume that everyone will follow through on their promise.. but a percentage will, so if that percentage is large enough for moto to care.. they will see a projected loss. Furthermore this is also aimed to threaten their future client base, I plan on doing alot more than waiving it in their face... with enough signatures we can get displayed in the press, on all the tech sites and blogs. Potential customers will see an uproar and wonder what its all about, moto might want to calm the storm before we really deter potential customers from chosing moto. I understand why you are skeptical or doubtful.. but I think that a solid community effort could really make a difference... if not for moto, for future android devices. Manufacturers need to know that locked bootloaders is a sure shot way to lose customer respect and loyalty, that is what this initiative is all about. I am not garenteeing success, I am saying its important that make a real community attempt.. or our future freedom in computer technology will forever be jepordized.

The whole.. 'I am too small to make a difference' mentality.. is the kind of mind set that holds us back in society. If you make enough commotion.. someone has to listen. Things can change.

{{ WugFresh }}

 

[androidgeek]

This is why I went ahead and bought the t-bolt. There are plenty other devices to choose from. If I buy a device I'm going to do whatever the hell I want to with it. It shouldn't concern Motorola what I do with MY equipment. My Droid 1 was awesome but here I am enjoying the **** out of HTC. Motorola's already out $500+ of my purchase. Motorola's not going to be the only dual core phone. Im pretty sure every business knows not to piss off the customer. Im sure they'll figure it out one way or the other. Well, I'm flipping back a few pages to sign. Thanks for everyone's efforts!

Sent from my ADR6400L using DroidForums Appn

 

[moosc]

its not MOTO HTC or other manufactures. it.is being requested by the carrier aka VZW. to lock them. go after VZW and maybe it.will change. five years ago the VZW locked the gps on phones enough people complained want to court and no more locked gps. but also remember the hacking community is less then 25% actual sold phones. so good luck.

 

[dfuser312553]

....The whole.. 'I am too small to make a difference' mentality.. is the kind of mind set that holds us back in society. If you make enough commotion.. someone has to listen. Things can change.

+1 million

 

[Snow02]

I'm just speaking from experience. I've seen similar efforts for other devices with other issues. The bottom line is, as a company, if it doesn't affect the bottom line, it doesn't matter.

I'm not trying to rain on everybody's parade, but rather, share my observations from past experience. And I'm old enough to temper my youthful exuberance with a healthy dose of reality.

But by all means, carry on. It certainly won't do any harm.

 

[WugFresh]

@Snow

Ok, well I hope this turns out differently. I think that their bottom line could be affected by effectively deterring future customers from choosing moto.. but I also know that you are implying the present bottom line. I think that company image is very valuable and if we can jeopardize that, then we have done our part. If we can change peoples brand association of moto the electronic device company, to moto.. that company with locked devices.. Then we have really screwed them up. The money losses will follow because in the world of business and marketing, image is everything.

{{ WugFresh }}

 

[Brennan_Huber]

Really I think what we are doing will work. If we get another petition going on with this that says I will not buy another Moto with a locked bootloader and get a few million sigs then they will realize what damage we can do to their profit. If only 5000 people sign it say half go through with it. That's still around $750,000 and that's a pretty good sum of money.

FreeMyMoto!!
FreeMyMoto!!
FreeMyMoto!!

 

[WugFresh]

To make the same clarification I made in the petition thread. Rather than trying to quantify the damage as money per sig, think about this as trying to deter future customers and jeopardize moto's image. We want to try and change peoples brand association from moto the electronic device company.. to moto.. that company with locked devices. If we can effectively do that, the damage would be much more threatening to moto. This is about exposure and peoples perception, so that we have substantial influence over potential customers choice of hardware... possible greater than moto's advertisement campaigns. The new users look up to the experienced users and the devs.... if all the the devs and "know-hows" are saying don't get moto, they lock down the device and impede development... that will really mess moto up. The sigs are important so that the press recognizes the issue, but the press is the main goal.... change perceptions... keep that in mind. Also if people in this thread want to consider adding the petition link to your sig that would be helpful.

{{ WugFresh }}