Possible Ways to Crack the Bootloader

[czerdrill]

Hmmm, maybe I need to re-read it. Then WTF was with all the media coverage when this came out?

Sent from my DROIDX using DroidForums

well because something that was thought uncrackable, was cracked. i mean i'm not saying its not a big deal, just that it's impractical outside of a test environment. too many things have to fall into place to make it a realistic solution.

it was discovered in march 2010...if it really was such a huge vulnerability, don't you think it would receive far more coverage then it did? the only sites that picked it up was techie blogs, and tech news sites. i dont see any articles in the Times or the WSJ about this, although I admit I didn't search that hard...

It's really more of a "huh, that's cool..." thing, then an "OMG!!! RSA has fallen!!!!" thing lol...

 

[plslowmo]

I don't want to continue debating a non feasable idea but from the summary, " The scientists found they could foil the security system by varying the voltage supply to the holder of the "private key," which would be the consumer's device". I'm on my phone so I can't pull up the research paper and read that. Either way if this was something practical, somebody would have tried it on something.

Sent from my DROIDX using DroidForums

 

[WugFresh]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

 

[czerdrill]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

 

[WugFresh]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

SWEET!!! Thanks czerdrill, I knew you would pull through! How did you do it, were you just extra lucky in a brute force attempt and guessed the sholes private key after ten tries?

{{ WugFresh }}

 

[czerdrill]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

SWEET!!! Thanks czerdrill, I knew you would pull through! How did you do it, were you just extra lucky in a brute force attempt and guessed the sholes private key after ten tries?

{{ WugFresh }}

come on man, that's ridiculous...took 20 tries...and they said brute forcing would take many millenniums...

 

[aliasxerog]

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

SWEET!!! Thanks czerdrill, I knew you would pull through! How did you do it, were you just extra lucky in a brute force attempt and guessed the sholes private key after ten tries?

{{ WugFresh }}

come on man, that's ridiculous...took 20 tries...and they said brute forcing would take many millenniums...

Well done dude! I would love to see a nice write-up on how you did this. I'm glad someone was able to do something with that damned bootloader, as kexec hasn't been very useful beyond research or, maybe now, test driving kernels.

 

[PalmerCurling]

goddanged sarcasms! #notokayguys :3

 

[random190user44]

Why would they put 2048 bit encryption on a smartphone, when banks and corporations use 1024? (or am i wrong about the majority of banks and corporations using 1024 bit?) Sounds kind of retarded and overkill of motorola

 

[plslowmo]

Why would they put 2048 bit encryption on a smartphone, when banks and corporations use 1024? (or am i wrong about the majority of banks and corporations using 1024 bit?) Sounds kind of retarded and overkill of motorola

I guess they got their point across, "We dont like it when you say you dont like blur."

Sent from my DROIDX using DroidForums

 

[random190user44]

Why would they put 2048 bit encryption on a smartphone, when banks and corporations use 1024? (or am i wrong about the majority of banks and corporations using 1024 bit?) Sounds kind of retarded and overkill of motorola

I guess they got their point across, "We dont like it when you say you dont like blur."

Sent from my DROIDX using DroidForums

I assume they did it simply because they could. Is it considerably more time consuming or resource intensive to make a 2048 bit encryption vs say...1024? Or is it just a little bit more time consuming, meaning they might as well do it anyways?

 

[Brennan_Huber]

Hello all.
Its been along time since ive posted but ive been thinking lately about a way to get around this locked bootloader and i believe i have an idea that might (extremely doubtful but hey i wanted to share) work. Im already expect this not to work so please shoot it down.
The bootloader is locked and its very doubtful we will ever get the keys or crack the code to unlock it. The next best solution, bypass it, weve already stated this but yeah. The way i have been thinking about doing this is sounds a little weird and i have been trying to do my research but from my understanding nothing like this has been done before.
My plan involves removing the current bootloader (by means yet to be determined with more research/experiments.) and loading a new one that a person will create.
From what i understand deleting a bootloader is not very hard. However those that have been deleted are on a computer AND of an **unlocked bootloader**. And creating a bootloader might be a challenge only because it will be for a cell phone.
I do not believe this will work for these reasons.
1. The possiblity of deleting a locked bootloader.
2. creating a successfull bootloader that will work 100% of the time without a single flaw.
and 3. The fact that this has never been done before therefore we will have to go off of what has worked with a computer and what SHOULD work on the phone.
like i said very doubtful it will work but i thought i would throw the idea out there for someone else to shoot down and to spark thoughts inside of other peoples mides.

 

[13th angel]

I dont think it would allow it to boot and it would just get stuck at the bootloader. From my understanding it runs through the bootloader to check and make sure everything is in place then boots. If it fails that initial check then its game over.

 

[andylulzyou]

F*** this locked bootloader... the DX could have been the most dominant android device of the single-core era..


Koush.. Birdman.. BlackDroid.. Cvpcs.. and all the extremely talented devs that have managed to do as much as they have.

 

[jickracer007]

I was wondering what was happening.
I installed new Cyan 7 and was dissapointed that I could not install a .wave file during start up.
On my stock Dinc and astro file I could see the boot not couldn't change it
Now with cyanide. 7 its not accessible.
Sent from my ADR6300 using DroidForums