[SOURCE] KERNEL Source Released! - LG Revolution

Well, this is sure an interesting email that I just received back from LG's support team, when asked about the kernel sources.
The rep seems to know what I'm asking for-- but for whatever reason denies my request (which is reasonable by the GPL).
Anyway, full email here:
Dear Tyler,
Thank you for inquiring of LG Electronics.
We do apologize for any inconvenience this may have caused.
We would be more than happy to provide the Kernel source which is: 2.6.32.9-PERF
[email protected] #1
Unfortunately, the source will not be released.
Please feel free to contact us if you have any additional questions or concerns. Thank you again for contacting LG Electronics.
Maya C
E-Mail Administrator
Customer Interactive Center
LGEAI
-----------Original Customer Inquiry------------
Received Date : 06/22/2011 02:03 10
The type of inquiry : Others
Product/Model No. : CDMA/LGVS910
As per the GPL, is there somewhere that I can find kernel sources for the LGVS910?
It is not on your LG Open Source page, is there an alternate location I should look?
If there is no public place to download the source, what is your timeline for releasing it?
Thank you!
Click to expand...
Click to collapse
Hmm, should I quote the GPL back to them, or try asking nicely again?

thecubed said:
Well, this is sure an interesting email that I just received back from LG's support team, when asked about the kernel sources.
The rep seems to know what I'm asking for-- but for whatever reason denies my request (which is reasonable by the GPL).
Anyway, full email here:
Hmm, should I quote the GPL back to them, or try asking nicely again?
Click to expand...
Click to collapse
Yeah, that's an invalid response if the code is GPLed.

I'm not quite sure why or how they think they can get away with that, considering the source for all their other phones is available here: http://www.lg.com/global/support/opensource/opensource.jsp
Even the tmobile g2x has it's sources posted...
What I wonder is if they're just saying that _this_ kernel's sources won't be posted.
Maybe they're embarassed? Hope not, because I demand this kernel's source!

thecubed said:
I'm not quite sure why or how they think they can get away with that, considering the source for all their other phones is available here: http://www.lg.com/global/support/opensource/opensource.jsp
Even the tmobile g2x has it's sources posted...
What I wonder is if they're just saying that _this_ kernel's sources won't be posted.
Maybe they're embarassed? Hope not, because I demand this kernel's source!
Click to expand...
Click to collapse
They may be protecting Microsoft's interests (they think) or they had a side agreement with Netflix. Either way, they can't deny a derivative work. It doesn't work that way. (at least I think? I haven't read the most recent GPL in a while...lol)

majorpay said:
They may be protecting Microsoft's interests (they think) or they had a side agreement with Netflix. Either way, they can't deny a derivative work. It doesn't work that way. (at least I think? I haven't read the most recent GPL in a while...lol)
Click to expand...
Click to collapse
As far as my understanding of the GPL, any code they modify that is released as GPL must be released as GPL also.
So, they (CodeAurora) modified Linux-2.6.32.9, which is GPL, hence they must release any modifications.
Where it gets grey is in terms of proprietary modules. However, if it's compiled into the kernel, I understand that it must also be released as source also. The only way to avoid that is to use module loading and taint the kernel, which then does some other license-protecting stuff.
Damn, the GPL is complicated.
EDIT: I'm in LG Live Chat right now asking...

thecubed said:
As far as my understanding of the GPL, any code they modify that is released as GPL must be released as GPL also.
So, they (CodeAurora) modified Linux-2.6.32.9, which is GPL, hence they must release any modifications.
Where it gets grey is in terms of proprietary modules. However, if it's compiled into the kernel, I understand that it must also be released as source also. The only way to avoid that is to use module loading and taint the kernel, which then does some other license-protecting stuff.
Damn, the GPL is complicated.
Click to expand...
Click to collapse
Yeah, it gets more so every year, and depending on what version of GPL is in use depends on what the specifics are. I'd have to say even if their module loading taints the kernel, they should be able to (read: must) release the modified source prior to the dirty side mods.

if they are anything like samsung, they will sit on it for as long as possible.

LG Chat:
Jorge: Hello Guest. Welcome to LG Electronics! How may I provide you with excellent service today?
Guest: Hello, I was wondering when the kernel sources for the LGVS910 would be posted? Specifically kernel 2.6.32.9-PERF [email protected]
Jorge: unfortunately we do not have a date
Guest: Any reasonable estimate?
Jorge: I will love to say a date but we do not have information.
Guest: Okay, thank you.
Click to expand...
Click to collapse
Well, maybe the person in the email was misinformed, or just plain ol confused...

thecubed said:
LG Chat:
Well, maybe the person in the email was misinformed, or just plain ol confused...
Click to expand...
Click to collapse
Or... the current rep is stalling? Why would there be a delay? Shouldn't the GPLed kernel be available immediately at request?
I'm going to assume it won't be too long before they release 2.3 for this phone.

majorpay said:
Or... the current rep is stalling? Why would there be a delay? Shouldn't the GPLed kernel be available immediately at request?
I'm going to assume it won't be too long before they release 2.3 for this phone.
Click to expand...
Click to collapse
Me too.
To give LG some benefit of the doubt, it is possible they just don't want to put the work into it, considering they may have something brand new around the corner.
But-- what I worry about is OTA locking down the phone.... hence my want/need for sources, just in case.

thecubed said:
Me too.
To give LG some benefit of the doubt, it is possible they just don't want to put the work into it, considering they may have something brand new around the corner.
But-- what I worry about is OTA locking down the phone.... hence my want/need for sources, just in case.
Click to expand...
Click to collapse
Yes, and I've seen 2.3 turn otherwise perfectly good phones into piles of poo, so I definitely want a way back if that happens here. Resource requirements and overall overhead seems to increase 10 fold on 2.3

Come to think of it... I just realized I should be really worried for the next OTA update...
Now, those of us with clockwork need not worry, since it just will say "invalid signature" when LG's updates try to install (since clockwork is signed with the testkeys from cyanogenmod). Once it says "invalid signature" you'd just click "reboot now" and grab the update file from /cache .
But still... the unknown is killing me!

Isn't that exactly what happend with the thunderbolt?

thecubed said:
Come to think of it... I just realized I should be really worried for the next OTA update...
Now, those of us with clockwork need not worry, since it just will say "invalid signature" when LG's updates try to install (since clockwork is signed with the testkeys from cyanogenmod). Once it says "invalid signature" you'd just click "reboot now" and grab the update file from /cache .
But still... the unknown is killing me!
Click to expand...
Click to collapse
Well, we can work on the assumption that it's never coming... because you know how Verizon is about releasing updates.
However, in the meantime LG needs to cough up the goods per legal requirement. It could all be part of a greater conspiracy, ha! Release the next batch of goods and destroy what had been previously done, THEN release the source code to the first kernel.

So in other words when we get 2.3 they'll unsuspectingly give us everything we need for custom roms and kernels once one of us extracts it from the cache...
Little Buddy Sr.

MXFrodo195 said:
So in other words when we get 2.3 they'll unsuspectingly give us everything we need for custom roms and kernels once one of us extracts it from the cache...
Little Buddy Sr.
Click to expand...
Click to collapse
Not likely... They'll release the source for 2.2 to the public when 2.3 gets pushed. We're helping them find all the holes they left in 2.2.

I guess the phones work differently. I have only experienced OTAs on the original droid. In that phone's case; once you got the OTA and the phone rebooted, it would reboot to clockwork. If you wanted to apply the OTA you just selected "Update from SD" (or something like that). If you didn't you just rebooted the phone. Now granted that it will keep on bugging you that you don't have the latest until you trick it by changing the signature (on one of the prop files I believe it was - not sure if it still works that way).

Someone please let me know what I need to say over live chat or by email ill send or talk with them. Nothing to lose and alot to gain. And several cold beverages of my choice will help. I'm just not in the know on open sorce code etc.... I want to help.

From the GPL:
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
Click to expand...
Click to collapse
As long as they hold out, they are in violation of the GPL. It should be noted, however, that they aren't the only ones in the Android world doing this. It has been the discussion hot topic for a lot of Android device manufacturers.
It could all be nothing, and they may not have "gotten around to it" yet. They have released all their previous and current works. It does question why this phone is on hold, and I'd venture to guess (but could be completely wrong) that it revolves around Microsoft protecting their digs in this machine.

The full thing is here if you want to review it...
http://www.gnu.org/licenses/gpl.html

Related

[Application]XDA TV 1.0

Reminds me of something... But I cant put my finger on it
Mod Edit: Links removed - http://forum.xda-developers.com/showpost.php?p=4745624&postcount=8
Its skinned to remove all logos, The only thing I could not remove was the text. I made it for myself, keep that in mind. I am just sharing.
*edit* if the original does not work, I doubt this one will but use the same install information 555-555-5555 and you must have the widget on your home screen. Launch it from the widget preferably.
is there anything different about these apks? Are they wifi compatible?
I tried wifi compatibility and it is still in the works but as of now this is only for looks but I am working on wifi as I post this.
555-555-5555?? call that number while the widget is up?
On some of the sprint apps it makes you comfirm that you are a sprint customer, so instead of sending sprint our real phone numbers (caller id=your name) we send them fake ones, like 555-555-5555
this seems like not a smart thing for you to do.
DemoShadow said:
Reminds me of something... But I cant put my finger on it
Mod Edit: Links removed - http://forum.xda-developers.com/show...24&postcount=8
Its skinned to remove all logos, The only thing I could not remove was the text. I made it for myself, keep that in mind. I am just sharing.
*edit* if the original does not work, I doubt this one will but use the same install information 555-555-5555 and you must have the widget on your home screen. Launch it from the widget preferably.
Click to expand...
Click to collapse
so basically you just violated alot of copyright laws....
Unfortunately, some may think, we cannot allow links to modded paying software. The software in question is provided under licence to Sprint users only. Now, we try not to sensor knowledge here, so we not going to delete all references to the fact that this software can be ported to non Sprint devices and used free of charge in breach of terms and conditions, BUT we cannot permit links to the software that would actively encourage members to break the law.
Mike
Links will be removed
It's not the fact that it is Sprint software ported over to the G1. It is the fact that he removed all of Sprint's branding. That's like taking the the Google Maps app (or any Google app) and removing Google's name from it. It's simply just a breach of copyright.
tekkitan said:
It's not the fact that it is Sprint software ported over to the G1. It is the fact that he removed all of Sprint's branding. That's like taking the the Google Maps app (or any Google app) and removing Google's name from it. It's simply just a breach of copyright.
Click to expand...
Click to collapse
Well, that too but the whole subject of the Sprint / Telnav software has been raised and discussed with Mods and Admin so there are issues regarding the use of such software on non Sprint phones.
Mike
Wow. Mike you have got to be one of the fairest, most logical forum mods I have ever had the pleasure to read. I am very impressed with the way in which this was handled.
mike i thought your site got closed because u had all the htc breakdown videos and what of that? but i do understand the point so i say lets make a new site that will let you post or upload. that way we can get the goods and xda dont get the blame if i remeber november 27 windows came down on xda for the same ish so please pleas dont let it happen to android just look for a new method for the shares. but i do like the work and want the app i was to late late for the link !!!!! Thanx mike !!!!!
*edit*( november 2007 )
llxll0m3g4llxll said:
mike i thought your site got closed because u had all the htc breakdown videos and what of that? but i do understand the point so i say lets make a new site that will let you post or upload. that way we can get the goods and xda dont get the blame if i remeber november 27 windows came down on xda for the same ish so please pleas dont let it happen to android just look for a new method for the shares. but i do like the work and want the app i was to late late for the link !!!!! Thanx mike !!!!!
Click to expand...
Click to collapse
I was shut down for a while and had to remove some things, but in the end reached a sort of unofficial compromise on intellectual property rights.
This is a delicate issue, in my case I don't offer folks something they would normally have to pay for through their network or otherwise. (I offer stuff they should not have, even if they have money to pay for it!!).
I guess our bottom line is that knowledge should be freely available, but handing folk the tools, to install stuff that is very close to being Warez, is off-limits. (Robbing banks with an uzi can be profitable = knowledge, but handing out uzis and suggesting you rob a bank, crosses the line)
.... and yes we know cooking ROMs and such is also a grey area, but even there we say that ROMs should not be cooked that include for free any software for which the user would normally have to pay.
If someone set up a site with Sprint software on it - that's entirely up to them. We would probably even accept a link to it if the poster said "hey here's a breakdown of a Sprint ROM" In fact that would probably be OK to post here - at least until someone asked for a "take-down"
The problem only comes when someone says you can load this stuff on non-Sprint phones and get stuff for free and just to help you do that here are the links. In other words that ceases to be a theoretical point of information and becomes an encouragement to do something naughty. If folks want t be naughty then they have to do so, by reading the knowledge and then looking for the tools from whatever source, here or elsewhere without our help.
These kinds of things have been debated many times here at XDA - there are no absolute rights and wrongs, only things we think are more or less safe for us to do - just like life generally I guess
Mike
mikechannon said:
These kinds of things have been debated many times here at XDA - there are no absolute rights and wrongs, only things we think are more or less safe for us to do - just like life generally I guess
Click to expand...
Click to collapse
Well said Mike. When I read it, I had a /foreheadslap moment thinking, "well duh, this should be pretty obvious," but im constantly reminded that there are users on here who simply feel they have a right or deserve to have any given piece of software if it is leaked online.
The bottom line is, do not post software that has not been explicity licensed as open source unless you have obtained permission to redistribute. As a general rule of thumb, if the software cannot be legally obtained unless you pay someone (e.g. it comes preloaded on a phone) or can be obtained free but only if you agree to a license agreement (downloading certain software update packages) then you should not redistribute it on xda or elsewhere.

Parts of honeycomb now in AOSP

I haven't checked out this code yet but it seems that the "GPL and LGPL bits" of honeycomb have been added to AOSP. I'm sure some of you will be excited to look through it.
Check out these posts.
http://groups.google.com/group/android-building/browse_thread/thread/b732d8cd82695ce1?pli=1
http://blog.alsutton.com/2011/04/12/android-honeycomb-source-drop/
Can any devs put into relatively plain english what this release means in terms of proper Honeycomb ROM development?
arrjaytea said:
Can any devs put into relatively plain english what this release means in terms of proper Honeycomb ROM development?
Click to expand...
Click to collapse
I can't say for sure, but I got so excited I nearly spilled my drink.
I'm on my phone now so can't really look at the code, but in general any GPLed parts of hc that was distributed as a binary (kernel, ALSA, etc) are required to be accompanied by source upon request. This is a tiny portion of android as a whole however.
Again,can't look at this in detail but sounds like google is just complying with their GPL obligations... as for what they released in particular, git should tell ya..
Update: realized that I should have been clear what the GPL is. Its an open source license... wikipedia should have more info, but wanted to add that just in case anyone may not have heard of it.
I finally finished downloading it
doesn't really seem to be anything interesting..
How about this? Has this been discussed already? Asus releases Google Android Honeycomb source code
xgunther said:
How about this? Has this been discussed already? Asus releases Google Android Honeycomb source code
Click to expand...
Click to collapse
I believe this is referring to the Asus kernel source, which is 100% useless to our tablet.
ScottyNuttz said:
I believe this is referring to the Asus kernel source, which is 100% useless to our tablet.
Click to expand...
Click to collapse
yeah that is, but the OP is talking about the ASOP. I have no idea what is included.
So what's the word? Is the GPL code that was released of any use to the Nook Color and optimizing it for Honeycomb? Or is it just stupid stuff that we already knew or had worked around?
Neither..
Sent from my Desire HD using XDA App
It has been in the repository since January. It's really just a snapshot of where they were in case they mess up the main branch they're working on, and only specific parts of it. Nothing important of use to us.
So basically this is "non-news"?
Exactly, old news.
https://twitter.com/#!/jbqueru/status/57875038942138368

[Q] Where is Simone201 with is excellent rom( Simply Honey)?

Where does he moved?
I want download is rom.
Mods made my ROM Thread under investigation for strange reasons.....
They say that i have to wait a few days....LOL
Too much time.....
Where I can find your excellent rom?
I wait for your HEBREW support.
I love your rom it the best for my SAMSUNG.
I don't think this is the right place for you to make such post ! But anyway, as he said his rom under investigation for the time being.
@simone: i dont think its strange reasons ! U linked ur rom with a licence under CC, which is somehow scr**ing with google and samsung. That's my assumption, maybe i am wrong
Sorry but you have to wait at least 2 days for the Hewbrew patch....cuz now i'm working on restoring my thread as soon as possible...
You can find my rom on damian's forum....
grsgs said:
I don't think this is the right place for you to make such post ! But anyway, as he said his rom under investigation for the time being.
@simone: i dont think its strange reasons ! U linked ur rom with a licence under CC, which is somehow scr**ing with google and samsung. That's my assumption, maybe i am wrong
Click to expand...
Click to collapse
Ok, but i can simply remove the CC license!!!
simone201 said:
Ok, but i can simply remove the CC license!!!
Click to expand...
Click to collapse
lol @ trying to re-license other peoples GPL work into your own CC license.
Always nice when people use opensource work for their own project and then try to close it down. Good thing GPL does not allow for such questionable practices.
phalanger said:
lol @ trying to re-license other peoples GPL work into your own CC license.
Always nice when people use opensource work for their own project and then try to close it down. Good thing GPL does not allow for such questionable practices.
Click to expand...
Click to collapse
As said, i can remove this license!!!!!
you also have to provide the source for all GPL projects upon request (where you have modified source code, otherwise you can point to the original project), that includes DGO's kernel - and as far as i know he's refusing to release the source (which is illegal and unethical anyway)
you probably just need to use another kernel in that case (there are many good / better ones anyway)
I have promised myself not to say anything about this, everything will be explained in favor of XDA. So it does not matter what we say regarding this issue.
I have stopped all my development activities on XDA.
from my own blog:
Political tags - such as royalist, communist, democrat, populist, fascist, liberal, conservative, and so forth - are never basic criteria. The human race divides politically into those who want people to be controlled and those who have no such desire. Heinlein
Brotuck said:
I have promised myself not to say anything about this, everything will be explained in favor of XDA. So it does not matter what we say regarding this issue.
I have stopped all my development activities on XDA.
Click to expand...
Click to collapse
probably because XDA is in fact, right
Not only they are but they have a legal obligation to make people mostly respect the laws. They allow a lot of margin (technically a lot of the rom repacking with samsung's property for example isn't exactly legal) so the XDA hating because complying to a few simple and fair licenses is "too hard" is rather dumb.
Suppose this topic will be moved to a proper location or closed also

[TOOL][CyboLabs] Open Bump! Sign your boot images by yourself!

CyboLabs is Proud to present
Open Bump!​
What is Open Bump?
Open Bump is a recreation of the closed source Bump project run by Codefire.
It will allow you to "sign" your boot images in the same way that Codefire does it, only you don't need an internet connection.
Click to expand...
Click to collapse
What Open Bump is NOT
lets get the obvious out the way. It won't axe murder you.
It is not a direct reverse engineer of Codefire's implementation. I found the key and iv on my own
The magic bytes were taken from Codefire's method however. If anyone has insight has to how they were found, please shout up.
It does NOT take your private data so you can use it. Tin hatters feel free to double check
Click to expand...
Click to collapse
How did I find this out
I had a general idea of what to look for, having heard that the exploit is related uicc, and is signed with a cipher.
Dropping the aboot image in to Ghex led me to finding a reference to "uiccsecurity". Using the bytes around this, I found a repeat of 32 bytes, which was followed by 16 bytes which formed something that resembled "SecureWallpaper".
As you can probably guess, this was mainly trail and error backed by common sense and logical thinking.
you can programmatically find these values with the python script:
Python:
aboot_name = './aboot.img'
aboot = open(aboot_name, 'rb').read()
key_end = aboot.index('uicc')
key_start = key_end - 32
key = aboot[key_start:key_end]
sec_key_start = aboot.index(key, key_end)
iv_start = sec_key_start + 32
iv_end = iv_start + 16
iv = aboot[iv_start:iv_end]
deciphering some already generated "signatures" proved that these were the key and iv used for "signing" the images.
Click to expand...
Click to collapse
What is coming next?
Inspecting the signatures that were originally uploaded and the ones that people can generate now, I found only one pattern.
The only similarities were the first 16 bytes of each "signature". I believe that only the magic number is needed, and none of the garbage that follows. This has been confirmed by the LG G3 dev from CyanogenMod, Invisiblek Done
Click to expand...
Click to collapse
How to use it?
I don't know how well this will run on anything other than linux, so for now.. I won't talk about it.
First, ensure you are using python2
then run the script
Code:
python2 open_bump.py "/path/to/boot.img"
flash the output, and enjoy
Click to expand...
Click to collapse
Thanks to:
Obviously, this wouldn't have been possible without Codefire since I wouldn't have known where to look, or that it was exploitable. And it was them that found the magic key.
Big thank you to @pulser_g2, who offered invaluable input on cryptography
Big thank you to @invisiblek, who I mercilessly kanged the main part of the image padding script from
note:
The original part of finding this information out was done on my own with guidance from pulser. The final results of this are posted above.
XDA:DevDB Information
Open_Bump, Tool/Utility for the LG G2
Contributors
cybojenix
Source Code: https://github.com/CyboLabs/Open_Bump
Version Information
Status: Beta
Created 2014-11-23
Last Updated 2014-11-23
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
g4rb4g3 said:
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
Click to expand...
Click to collapse
simple answer, this can be added to the build step really easily. See this commit
edit:
of course it may be useful to make a c program to do this.... I shall think on it.
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
After getting the bootloader may be open G3؟؟
Why not use the original Bump?
Quote:
Codefire has been extremely vague about their method, obviously to prevent someone else replicating their results.
They are also storing people's data unnecessarily, and even adding some information relating to the user in to the "signature", possibly for tracking purposes.
As a result of it being an external service, many reputable teams (which won't be named unless they want to be) have said they will not use it, and would rather wait till LG releases the official unlock method.
Finally, Codefire have said the sha1sum of the boot image is required. Whether they knew or not, it is NOT required, and I will be changing this tool to compensate for that.
Click to expand...
Click to collapse
Happy you found a new exploit for us builders and devs, just feel like you kinda disrespected codefire team by accusing them of things before actually talking to them, seems a bit counter productive, this may piss them off and next device you can kiss new exploits by them good-bye,
just my 2 cents on the matter,
i'd remove the line...
in any case thank you very much, i will add it to my build script
---------- Post added at 08:34 PM ---------- Previous post was at 08:29 PM ----------
nikosblade said:
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
Click to expand...
Click to collapse
"Bump stuff" has nothing to do with users, the devs and builders do the "bumping", and development of the G series has nothing to do with bumping, it just takes time to bring everything up
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
thecubed said:
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
Click to expand...
Click to collapse
First off, I didn't black mail. I gave your team notice about open sourcing it after reverse engineering the LG bootloader, not your "signatures".
It's your choice if you want to leave Android. Pinning the blame on me is somewhat childish though.
LG not patching Bump? That's a ludicrous statement, and even if it's true, it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
The hardest part of your teams work was getting the keys. If you know where to look, then it's easy enough to get engineering builds which I suspect contain the master magic bytes which you released.
I'm honestly shocked at your reaction though. I gave your team all the credit and stated which parts I did myself. The part about the service, and the deception was justified.
You tried to obscure something which by logic can't be obscured. That's how so many people realised they can just append the bytes to the image.
So which one would you rather have, LG not patching the exploit (as you so claim), and having an unknown number of people in china running around flashing custom boot images, or have everyone know how to do it to force LG to recheck their security measures.
What I did may not have been fantastic for the community, but what you did was insanely dangerous for the 90% of LG users.
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
cybojenix said:
it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
Click to expand...
Click to collapse
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
savoca said:
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
Click to expand...
Click to collapse
Yes, because I've been such a massive supporter of cm. (sarcasm in case you didn't realise).
I started reverse engineering the bootloader for research purposes. If it was more complex than what I have said above, then I probably wouldn't have done this thread.
If it weren't for the fact that the magic stays the same across all signatures, then I also wouldn't have done this thread.
The response I got from them when I contacted them before releasing this was pretty much one of lack of care. So I went ahead and posted it.
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
And once again, I refuse to take the blame for their team leaving Android.
whoppe862005 said:
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
Click to expand...
Click to collapse
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
cybojenix said:
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
Click to expand...
Click to collapse
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
savoca said:
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
Click to expand...
Click to collapse
Tbh I thought it would have been clear by now what I care about. Then again I may have been wrong about considering you one of the smart android people.
I care about learning and sharing knowledge. Which is precisely what this thread did.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
sooti said:
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
Click to expand...
Click to collapse
Wrong, I stated that I was going to open source it, meaning the work of put in to getting the key and how it's used to get the original magic.
It was after that that I realised the final magic is the only thing needed. I actually worked out how to get the magic key a few hours ago, but since I don't have the right images, it won't be globally usable.
Fair enough, I apologise for pointing out the flaws in codefires service, and that they took it badly.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
I don't know who Enderblue is, and I'm not affiliated with him..
whoppe862005 said:
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
Click to expand...
Click to collapse
cybojenix said:
I don't know who Enderblue is, and I'm not affiliated with him..
Click to expand...
Click to collapse
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
whoppe862005 said:
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
Click to expand...
Click to collapse
but the chat wasn't with me, so your point is null
autoprime had ample opportunity to say "don't do it yet", or "go talk to IO". but no, no objections were made.
Codefire treated the service like any other company would treat their unlocking service, so I treated them like a company and showed how it was done.

General The Source Code of the Tab S8 line is here!

I put in an email to Samsung Open Source to see if I could have the source code of the Tab S8+ (I didn't think to ask for the source code of the other Tab S8 devices at the time, but I will gladly ask for the other ones if they're needed.) so that maybe some development could be made on it (I'm not sure if development is happening for it behind the scenes or not. All I know is that I haven't seen anyone post anything in the development section). I'm not the most technically inclined, so I have not nary a clue of how important having the source code for a device is for development in terms of ROMs, kernels, recoveries, etc, but I'd like to think it's pretty important. If having it is an important step in having development start happening for the Tab S8 line of devices, then I will gladly link it. I'm currently downloading it as I'm typing this out. So, if you'd like it or need it for development purposes (or any specific files from the kernel, platform, etc), let me know, and I'll provide it as soon as it finishes downloading.
Edit: Update! The source code just finished downloading!
Edit 2: Turns out they gave me the source code for the april firmware update. So, it's not the absolute most up to date source code, but it may as well be as it seems that there isn't any available source code for the may firmware update, yet.
Edit 3: Finished uploading the source code. If you need it for development purposes, then here you go! Hopefully something cool will eventually come out of it! The file is super compressed and is around 6GB total once everything is extracted.
Edit 4: Now the source code of all three Tab S8 devices is here and available to download. I really really hope some new and awesome software development can happen now that the source code is available for all three Tab S8s. Regardless, here they are. Have fun!
Tab S8 Source Code: https://mega.nz/file/2hNSSIwA#FrDXCDFjo4OgfqkFy-0334fjFblGmnw1mQJFjOO6aRI
Tab S8+ Source Code: https://mega.nz/file/SgE3BBBD#RMvNMgd9V8bOZ6OLjYoz5jEo3UBBe8UDMOyq176jA7I
Tab S8 Ultra Source Code: https://mega.nz/file/m5sgmAyZ#5OXCFX_O5oYVK-F3BwVVCboLXDNTbNGQRcd3cKfCq3E
How did you get samsung to send you it? Like where did you contact them to ask for it?
Jake.S said:
How did you get samsung to send you it? Like where did you contact them to ask for it?
Click to expand...
Click to collapse
I went here and sent them an inquiry specifically asking for the source code of the SM-X800 for developmental purposes and just wanting to know how it works (I can't develope for nothing, but I'm sure somebody would, and I genuinely would like to know how these awesome tablets work). I got pretty lucky with them responding so quickly. I sent them an email May 6 and they got back to me yesterday evening. I've heard the horror stories of people requesting source code and not getting responses for months or not ever, so I'm glad they got back to me in a few days and not just telling me "No".
SavXL said:
I went here and sent them an inquiry specifically asking for the source code of the SM-X800 for developmental purposes and just wanting to know how it works (I can't develope for nothing, but I'm sure somebody would, and I genuinely would like to know how these awesome tablets work). I got pretty lucky with them responding so quickly. I sent them an email May 6 and they got back to me yesterday evening. I've heard the horror stories of people requesting source code and not getting responses for months or not ever, so I'm glad they got back to me in a few days and not just telling me "No".
Click to expand...
Click to collapse
Interesting, didn't know samsung gave out open source. But I understand why they do, so developers can test and such i guess
Interesting, @SavXL. I see now the site https://opensource.samsung.com/requestInquiry (or even https://opensource.samsung.com/) gives:
Sorry!We're doing some work on site.
Apologies for the mistake, but can you try to refresh the page? If that does not work,
try starting from the Homepage. We'll fix this as soon as we can.
Click to expand...
Click to collapse
Coincidence? LOL. I'm mostly kidding.
roirraW edor ehT said:
Interesting, @SavXL. I see now the site https://opensource.samsung.com/requestInquiry (or even https://opensource.samsung.com/) gives:
Coincidence? LOL. I'm mostly kidding.
Click to expand...
Click to collapse
I noticed that, lmfao. I was trying to see if maybe they've uploaded the source code for other Tab S8 devices, but then I saw that message pop up, and it's still there! I guess they must've started doing some server maintenance super shortly after sending me the source code. Considering myself even more lucky now all things considered! I'm going to set up a link to the source code so people will be able to develop off of it (and maybe we'll see our first post in the developement section) and I'll add it to my initial post.
Edit: Spoke too soon. Just checked those two links again and now they send me to the appropriate site. I'm not sure if any of the links on either of those two pages will give you that message again though.
Update! Just received the source code for the Tab S8 and S8U! I'm getting them ready for uploading as I'm typing this. Hopefully some new development will come from this as (at least to my knowledge) none has started just yet.
Update! Just uploaded the source code for the Tab S8 and S8U! I've updated the initial post with links to their respective source codes. Have fun with it!
Is source code what's needed to say port Android 13 to the S8U?
IFNg said:
Is source code what's needed to say port Android 13 to the S8U?
Click to expand...
Click to collapse
I'd like to believe that's possible, yes. However, to port that to the S8U (or anyone other device, within reason) it'd need to be made to where it can be flashed via Odin or via TWRP if you don't happen to have access to a PC. However, to do the TWRP method, someone would have to make a working build of TWRP for the S8U (or other devices), which no one has done as of now. I could be wrong and someone could be making one behind the scenes, but I doubt that.
SavXL said:
I'd like to believe that's possible, yes. However, to port that to the S8U (or anyone other device, within reason) it'd need to be made to where it can be flashed via Odin or via TWRP if you don't happen to have access to a PC. However, to do the TWRP method, someone would have to make a working build of TWRP for the S8U (or other devices), which no one has done as of now. I could be wrong and someone could be making one behind the scenes, but I doubt that.
Click to expand...
Click to collapse
this thread . . .
[RECOVERY][UNOFFICIAL] TWRP for Galaxy Tab S8 Series (Snapdragon)
Team Win Recovery Project 3.x, or twrp3 for short, is a custom recovery built with ease of use and customization in mind. Its a fully touch driven user interface no more volume rocker or power buttons to mash. The GUI is also fully XML driven and...
forum.xda-developers.com

Categories

Resources