
Unlocking the Motorola Bootloader with a TrustZone Exploit - laginimaineb
http://bits-please.blogspot.com/2016/02/unlocking-motorola-bootloader.html
======
daveloyall
Today I learned that headset manufacturers could simply NOT blow the
"engineering" QFuse and their devices would suddenly be FOSS compatible
hardware.

This is the sort of thing Senators are for.

~~~
jakeogh
Personally, I would rather vote with my dollars than ask for more rules.

~~~
daveloyall
Vote for devices? Companies?

Jake, the election is rigged!

Walk with me down this garden path, if you please... :)

Regulation of the manufacture and distribution of medicine is a good thing.

'Regulation' just means that corporations and individuals aren't blindly
trusted to do the right thing with regards to medicine.

That's because bad medicine generally has a profound impact on people's lives.

Somebody could put some bad medicine in a bottle, but there are actually
organizations checking for this and there are severe penalties.

Cellphones aren't medicine, but the impact that a bad device can have on
people's lives is growing every day.

It would appear that each person's identity is largely composed of their
memories and their internal processes, which were also shaped by their
experiences.

As devices become our primary source of information, the devices become more
important. More powerful and potentially more dangerous.

Today, Samsung (for example) would never get away with filtering all negative
news articles about a particular political candidate out of all their users'
feeds. Nor would they get away with inserting positive chatter about their own
devices.

For how long will that be true?

We have to establish some sort of minimum quality standard for the devices
through which we are going to experience life. Yes, rules!

~~~
ufmace
Regardless of the arguments over whether something like this is the proper
place of Government, it seems likely that, if anything, this is going the
exact opposite way. The vast majority of users have neither the ability or
interest to keep devices safe and free of malware etc, and are welcoming
locked-down devices and walled garden app stores. Those who want to hack and
tinker are the tiny minority.

~~~
jakeogh
True. Is this lack of desire to control our brain extensions set stone? It's
possible (I consider it inevitable) that power will over-step it's expected
boundaries. The statistical person might then care about their root access. In
my experience, if presented in the right way, they care now.

------
jtchang
Interesting part about QFuses. How are they actually implemented in the
hardware?

~~~
laginimaineb
AFAIK it's unknown - there's a controller on the SoC which is responsible for
reading/writing the fuses, but its firmware is in mask ROM and isn't
available. Perhaps it's a real chemical reaction? Maybe it's just emulated in
firmware? Your guess is as good as mine.

~~~
sliverstorm
Could easily be an actual fuse. A array of skinny pieces of metal with a big
monster current source to pop them on command.

------
gravypod
Please, please, please tell me this will lead to my Motorola Droid Turbo being
unlocked. I want CyanogenMod so badly!

I also want to be able to edit my hosts file and make it so I don't waste any
bandwidth any more.

~~~
laginimaineb
It will work on the Turbo! :)

But you'll either need a version old enough to be vulnerable to this TrustZone
exploit, or you can wait a couple of weeks until I release a new exploit
(which also works on the Turbo).

~~~
mdadm
>It will work on the Turbo! :)

Since people seem to put the Turbo/Mini/Maxx in the same group, would it work
on any of them? :)

~~~
laginimaineb
I believe so

------
ck2
Oooh sunshine is about to take a hit I guess.

added: wish you could subscribe to users on HN, I missed all your previous
goodies

wow you make it all look so easy, but it's not at all

~~~
laginimaineb
Thanks! I'm also on twitter in case that helps (@laginimaineb).

As for Sunshine - I'm publishing a new (even broader) zero-to-TZ saga,
complete with exploits, but I'm not going to create a product out of it. So
ultimately, as long as there are people behind Sunshine who are willing to
make it work with relative ease, I'm sure most people won't mind spending a
few dollars to unlock their device.

As for the more tech-savvy crowd; I hope they choose to do it themselves with
the exploits provided - it _is_ much more fun that way, IMHO.

~~~
chei0aiV
Have you considered contributing to android-rooting-tools?

[https://github.com/android-rooting-tools](https://github.com/android-rooting-
tools)

