MofoRoot : Secrets exposed. Yes or no? - Verizon Motorola Droid Turbo Q&A, Help & Troublesh

I feel Linux / android / XDA gas always been an open community. I feel if everyone had access to not only root, but HOW (m?)fastboot is tricked into uploading custom firmware, we would all get true root faster... So should I leak what I know?
Input from mods, or other respected contributors would be most helpful.

SaschaElble said:
I feel Linux / android / XDA gas always been an open community. I feel if everyone had access to not only root, but HOW mfastboot is tricked into uploading custom firmware, we would all get true root faster... So should I leak what I know?
Click to expand...
Click to collapse
Who would say no to that question?!
Sent from my XT1254 using XDA Free mobile app

Lincoln Douglas debate
You pose a very interesting intersection of values
I appreciate the dev for all his hard work and support the idea of him being paid for the work I already bought mofo so I feel like I have supported the Dev which makes me feel good
But all I want now is wp/off and even better an unlocked boatloader. That's why I vote yes
But I think its important not to pose this as a black or white decision because the poll is much more complex than that
A true Lincoln Douglas debate needs to be had on this lol

SaschaElble said:
I feel Linux / android / XDA gas always been an open community. I feel if everyone had access to not only root, but HOW mfastboot is tricked into uploading custom firmware, we would all get true root faster... So should I leak what I know?
Input from mods, or other respected contributors would be most helpful.
Click to expand...
Click to collapse
Mofo is a product and the dev owns that. On the other end, the underlying method isn't proprietary. I would say release whatever you have.

mofo secrets released?
Diego1751 said:
You pose a very interesting intersection of values
I appreciate the dev for all his hard work and support the idea of him being paid for the work I already bought mofo so I feel like I have supported the Dev which makes me feel good
But all I want now is wp/off and even better an unlocked boatloader. That's why I vote yes
But I think its important not to pose this as a black or white decision because the poll is much more complex than that
A true Lincoln Douglas debate needs to be had on this lol
Click to expand...
Click to collapse
Why put it out into the public so Motorola can patch it?

Let's hear it!

Yeah, release it, so people wouldnt have to pay 20$ to get to flash over mfastboot.
Sent from my XT1225 using XDA Free mobile app

I would not release a way for people to do it but the actual method behind it and the exploit used. This could help push development for the turbo which is something I am sure everyone would enjoy. That being said, I would recommend waiting for lollipop before releasing it to the world just in case moto/big red dont know how to do this. Whatever you choose to do please don't release it such that anyone can up and use the exploit as an executable per se because thats not fair to the creators. I vote yes
P.s. I already bought mofo and would pay full price again for an unlocked BL

My heart says yes
my head says no
just post the code, someone clever enough will figure it out what to do with it, OR DONT RELEASE IT AND MOTOROLA WOULDNT KNOW HOW TO FIX IT AND IT WILL STILL BE POSSIBLE TO ROOT ANDROID 5.1 WITH THE SAME METHOD
your call

Jaocagomez said:
My heart says yes
my head says no
just post the code, someone clever enough will figure it out what to do with it, OR DONT RELEASE IT AND MOTOROLA WOULDNT KNOW HOW TO FIX IT AND IT WILL STILL BE POSSIBLE TO ROOT ANDROID 5.1 WITH THE SAME METHOD
your call
Click to expand...
Click to collapse
Too late, I believe motorola is all ready aware of this exploit and how it works, and will have it fixed by next software update.

freemenot said:
Too late, I believe motorola is all ready aware of this exploit and how it works, and will have it fixed by next software update.
Click to expand...
Click to collapse
@jcase already stated they know about it. Release the exploit and start a dev thread about it.

kinglove1211 said:
Why put it out into the public so Motorola can patch it?
Click to expand...
Click to collapse
Motorola already knows about it

koftheworld said:
@jcase already stated they know about it. Release the exploit and start a dev thread about it.
Click to expand...
Click to collapse
nothing to release, authors notified qualcomm/motorola, the details are in the commit history in CAF. Its not secret, no point exists to overly vague forum posts about it.
SaschaElble is mistaken, mfastboot isnt tricked into flashing anything.

If its no secret then it should be disclosed in XDA so a free version can be made. And if mfastboot isn't tricked then "how" is it done? Link to this commit you speak of?

jcase said:
nothing to release, authors notified qualcomm/motorola, the details are in the commit history in CAF. Its not secret, no point exists to overly vague forum posts about it.
SaschaElble is mistaken, mfastboot isnt tricked into flashing anything.
Click to expand...
Click to collapse
To feed my own curiosity, which git on CAF is that (thought it's lk, but doesn't look like so)?
(yes I'm lazy)
EDIT: NVM, it's splattered on the 8084 branch throughout more commits.

https://www.codeaurora.org/projects...unds-checking-when-flashing-sparse-images-cve

SaschaElble said:
If its no secret then it should be disclosed in XDA so a free version can be made. And if mfastboot isn't tricked then "how" is it done? Link to this commit you speak of?
Click to expand...
Click to collapse
Why do you need a link, you already know what it is based on your op.
mfastboot is just a dumb client.

This is how moforoot flashes over the system partition:
https://www.codeaurora.org/projects...n and Roms since. We need more people rooted.

jcase said:
nothing to release, authors notified qualcomm/motorola, the details are in the commit history in CAF. Its not secret, no point exists to overly vague forum posts about it.
SaschaElble is mistaken, mfastboot isnt tricked into flashing anything.
Click to expand...
Click to collapse
I feel like there is a bigger divide between people with the real skills like @jcase, hash, and dhacker and everyone else that claims to be a dev than there used to be. I guess that is a function of how complex and secure android has become. Pretty soon only nexus phones will have any possible development.

SaschaElble said:
This is how moforoot flashes over the system partition:
https://www.codeaurora.org/projects...t have different areas of interest that's it.
Click to expand...
Click to collapse

Related

Droid X Security Measures

As outlined by Droid dev Steven Bird: http://stevenbird.info/2010/07/10/the-droidx-security-and-discovery/
I know absolutely nothing about Android development, but here's hoping that another dev here can make sense of it.
I love the confidence.
Even worse news: http://www.mydroidworld.com/forums/...-locked-down-let-me-tell-you-what-i-know.html
Mikerrrrrrrr said:
Even worse news: http://www.mydroidworld.com/forums/...-locked-down-let-me-tell-you-what-i-know.html
Click to expand...
Click to collapse
An "efuse" hardware chip? Wow Motorola!
I like the screen of the droid x, I like the size, but there is no way I could in good conscience buy this phone. Motorola has just slapped the dev community in the face.
Even Iphone doesn't have this BS , i guess Motorola one upped apple by kicking customers twice in the balls.
couldn't they run into some legal issues with this efuse method?
what about women?
ghost77 said:
Even Iphone doesn't have this BS , i guess Motorola one upped apple by kicking customers twice in the balls.
Click to expand...
Click to collapse
What we need to do is setup a site called "WeWant2RootDroidX.com" and make all tech blogs in the world link to it.
Well, just an idea.
zedomax said:
What we need to do is setup a site called "WeWant2RootDroidX.com" and make all tech blogs in the world link to it.
Well, just an idea.
Click to expand...
Click to collapse
i like it. Lets really get people to notice that Motorola is really screwing with our "Open Source" phones
zedomax said:
What we need to do is setup a site called "WeWant2RootDroidX.com" and make all tech blogs in the world link to it.
Well, just an idea.
Click to expand...
Click to collapse
Done deal. Give DNS a few hours to propagate and it's live!
The Droid X is already rooted though. The bootloader is what everyone is concerned about.
E30kid said:
The Droid X is already rooted though. The bootloader is what everyone is concerned about.
Click to expand...
Click to collapse
Link to news of root?
http://www.boygeniusreport.com/2010...-the-droid-x-may-not-lead-to-a-bricked-phone/
Apparently the original Droid has the same "eFuse". I think we need to reserve judgement until we find out if Moto is utilizing it or not. Just because it's there doesn't mean it's in use.
I was about to say the same thing, this chip is nothing new and doesn't stop you from rooting, get real, they even advertised the ability to root this phone in their ads
cyberhedz said:
I was about to say the same thing, this chip is nothing new and doesn't stop you from rooting, get real, they even advertised the ability to root this phone in their ads
Click to expand...
Click to collapse
I don't know if I've seen an ad talking about root, but...
I talked to a device tester today and apparently there is something VERY different about the Droid X bootloader. They had VERY specific instructions from Moto that if the bootloader (MBM) didn't match exactly what they required to send the phone back to have the MBM updated. If it wasn't it would corrupt the phone.
Not sure if this is the same as the "eFuse", but should be interesting to see what happens the first time someone tries to mess with the bootloader.
Sorry for any misunderstanding. I dont have anything that works.
LegionTHEFecalExcretion said:
I have an X and rooting files(I wont say what they are) ready to go, but you know what? Im not gonna be the first person to try this. Im sure someone out there will take the leap off of the proverbial cliff for us. Lets just hope moto didnt cut that persons parachute strings!
Click to expand...
Click to collapse
Send them, I will help, i will be in irc, #DroidXRoot
Wow
rainabba said:
Done deal. Give DNS a few hours to propagate and it's live!
Click to expand...
Click to collapse
Wow, that was quick!
i hear a lawsuit coming
Legion, Where are you?

can developer steal a rom from another developer?

just a subj... is it possible the some developer just take a rom which weas made by someone else and announce as his one achivement? (sulerly, some minor ganages could be done in the rom)
how to identify the thief?
alex_awful said:
just a subj... is it possible the some developer just take a rom which weas made by someone else and announce as his one achivement? (sulerly, some minor ganages could be done in the rom)
how to identify the thief?
Click to expand...
Click to collapse
It's not really stealing i guess as long as you put out credits of the people who created it, or by asking permission from the developers.
centrax said:
It's not really stealing i guess as long as you put out credits of the people who created it, or by asking permission from the developers.
Click to expand...
Click to collapse
if the "owner" has not been aware about any usage of his rom, is it faire to thread the rom? "credits" are given when a team were worked out the rom, or when you take the result of someone's job and just say "hey, i take it" ?
in my opinion, it is situational and depends on the context.
A =/= B =/= C
But they could share similarities that most people would agree something was done morally wrong. I guess you could share with us the situation then we can give a better opinion?
kaijura said:
I guess you could share with us the situation then we can give a better opinion?
Click to expand...
Click to collapse
i just wondering is there a sort of "widly known gentelmen agreement" about such situations. and the second matter is to get an idea how both parties (both developers) can get "a profitable solution" for both (= peace)
In my opinion, the developers community should be honest for it members. And other users have to proud for the achievments of this community. All team's results would be better, than results of each developer. That's why they should be together ^.^
PS sorry for bad english, I hope you understand my meaning
NikkyNine said:
That's why they should be together ^.^
Click to expand...
Click to collapse
all should be together with all ... sounds impossible
the problem is HOW can others results be used for making app / rom etc?
what is allowed to do and what is forbidden (ethically)?
alex_awful said:
all should be together with all ... sounds impossible
the problem is HOW can others results be used for making app / rom etc?
what is allowed to do and what is forbidden (ethically)?
Click to expand...
Click to collapse
To work together - allowed, to use with proper credits - allowed. To edit build.prop and post as own rom - not. I think so.
NikkyNine said:
To work together - allowed, to use with proper credits - allowed. To edit build.prop and post as own rom - not. I think so.
Click to expand...
Click to collapse
that is what i intended to clarify
alex_awful said:
just a subj... is it possible the some developer just take a rom which weas made by someone else and announce as his one achivement? (sulerly, some minor ganages could be done in the rom)
how to identify the thief?
Click to expand...
Click to collapse
If you suspect something, you can always go and compare files.
Technically you can do whatever you want since android is open source.
Ethically it isbetter to consult with rom owners about using parts of a rom and credit them offcourse
Sent from my GT-P7100 using XDA Premium HD app
Psyloid said:
Ethically it isbetter to consult with rom owners about using parts of a rom and credit them offcourse
Click to expand...
Click to collapse
if someone did not done it (consult) before he take a part of rom, what will happen? does it mean that othe other community will declare a boycott against him? or just say "you'd better stop doing it"?
Of course you're all talking about the Rom owners, Google... Right? Or perhaps HTC? I would be very surprised if any Rom posted in our dev thread have asked Linus Torvalds personally if they could post a derivation of his operating system here.
You don't see too many credits to those 3 either...
It's public domain, nobody here has built a Rom entirely from scratch all have borrowed from the community and the source, and if they offer even one piece of code that's new, I say good on them, they are contributing to the community, and the community will take from and build on that too.
But let's cut to the chase, why are you asking the question? You're planning to contribute? Or are you here to point the finger at someone for stealing your creation?
alex_awful said:
if someone did not done it (consult) before he take a part of rom, what will happen? does it mean that othe other community will declare a boycott against him? or just say "you'd better stop doing it"?
Click to expand...
Click to collapse
They come to your house and stab you in the back.
Lol !!!
Sent from my GT-P7100 using XDA Premium HD appu
alex_awful said:
if someone did not done it (consult) before he take a part of rom, what will happen? does it mean that othe other community will declare a boycott against him? or just say "you'd better stop doing it"?
Click to expand...
Click to collapse
Like everyone has stated, being a open source code and that no one in here is making profit from the roms, (on this site at least i can not speak for the world) it is really a null point of theft everything is free you can not steal something that is owned by the public. As well if you plan on taking something from a rom I would strongly suggest that you ask, and give proper credit were it is due. personally if i worked on a project and someone was using my development with no permission or credit i would publicly humiliate them in anyway possible so that the ass who "stole"
my work would never be able to call it his own again. As well the XDA community is great group of people who if you steal anything from another rom with no permission will find out and ostracize you for your pathetic attempt to pass of someone else's blood sweat and tears as your own.
Nuff said lol

New Nexus 6 lollipop update notification...

Hello friends:
Yesterday (09/16/2015) I received an update notification for Nexus 6 lollipop. It doesn't indicate what the version is, but is 26.8Mb in size.
Since I run a rooted stock ROM (and TWRP recovery manager), I won't be able to apply it.
Does anyone know about this latest update and whether someone has already created a pre-rooted, no-decryption version if it,... as they in the past?
Developer 'fhem' created the last one (i.e. the release the fixed StageFright).
I reply on these helpful builds.
Thank you!
Ops,... I meant no-encryption (I don't want encryption).
Please post to Q & A section.
I'm surprised they haven't jumped on you yet. Lol
its googles monthly security fix. monthly, as in youll get one every month.
Docavelli said:
Please post to Q & A section.
I'm surprised they haven't jumped on you yet. Lol
Click to expand...
Click to collapse
Nah. They did one better than jump on me. Lol. They nicely moved it on my behalf (which I appreciated) and wrote to let me know. I posted it from the Tapatalk app (which still confuses me since I use it sparingly) and wasn't aware of where I was when I posted it to. But Thank you!
nyceyes said:
Nah. They did one better than jump on me. Lol. They nicely moved it on my behalf (which I appreciated) and wrote to let me know. I posted it from the Tapatalk app (which still confuses me since I use it sparingly) and wasn't aware of where I was when I posted it to. But Thank you!
Click to expand...
Click to collapse
generally we arent mean about posting in the wrong sections. most of us will just ask a mod to move it to the right place. sometimes, if a person repeatedly posts in the wrong section, i might post a reply explaining where posts go, then ill ask a mid to move the thread there
simms22 said:
its googles monthly security fix. monthly, as in youll get one every month.
Click to expand...
Click to collapse
Yea. When I read about the more frequent updates a while back (which is the right thing to do), I knew it would be a challenge for stock-rooted users to keep up with (myself included).
It's why I appreciate the wonderful work done by this community.
I'll keep my eyes peeled.
nyceyes said:
Yea. When I read about the more frequent updates a while back (which is the right thing to do), I knew it would be a challenge for stock-rooted users to keep up with (myself included).
It's why I appreciate the wonderful work done by this community.
I'll keep my eyes peeled.
Click to expand...
Click to collapse
Hahaa. I'm still on pre Stagefright. Haven't seen an exploit in the wild yet so haven't really worried about it.

There is a new system update. It says to imporve the security.

I want to root at some point but wondering if this security system update will make it more difficult. Most likley since it's a new update nobody might know. Maybe it's been rolling out for a few weeks and someone knows something. Thanks
Edit: I see it's a security patch that I think started rolling out in January or it's a new February one. I still wonder if it will make root more difficult
no, root is still easy. its always the same method
You'll still be able to root after Feb. security update.
Sent from my Nexus 6 using Tapatalk
ok thanks =).
jeffrimerman said:
I want to root at some point but wondering if this security system update will make it more difficult. Most likley since it's a new update nobody might know. Maybe it's been rolling out for a few weeks and someone knows something. Thanks
Edit: I see it's a security patch that I think started rolling out in January or it's a new February one. I still wonder if it will make root more difficult
Click to expand...
Click to collapse
WTH? This isn't a SAMSUCK phone. This is a NEXUS.
doitright said:
WTH? This isn't a SAMSUCK phone. This is a NEXUS.
Click to expand...
Click to collapse
Yeah, from what I read they will put out monthly security patches or at least that's what the article said. There were some vulnerabilities in Android, all Android
jeffrimerman said:
Yeah, from what I read they will put out monthly security patches or at least that's what the article said. There were some vulnerabilities in Android, all Android
Click to expand...
Click to collapse
Do I need to spell it out for you?
NEXUS IS A DEVELOPER'S PHONE. NOT A LOCKED OUT PHONE FOR RETARDS.
doitright said:
Do I need to spell it out for you?
NEXUS IS A DEVELOPER'S PHONE. NOT A LOCKED OUT PHONE FOR RETARDS.
Click to expand...
Click to collapse
I'm with you, we should protest and have a sit in in front of Nexus hehehe. The article was specifically addressing Nexus phones. Or did you not believe there was a patch for our phones? I guess the Nexus is still mildly retarded hehe
hxxp://www.techtimes.com/articles/121547/20160106/january-android-security-patch-for-android-6-0-1-marshmallow-now-live-factory-images-also-available.htm
doitright said:
Do I need to spell it out for you?
NEXUS IS A DEVELOPER'S PHONE. NOT A LOCKED OUT PHONE FOR RETARDS.
Click to expand...
Click to collapse
If a locked out phone is for retards, then who uses an iPhone
jeffrimerman said:
I'm with you, we should protest and have a sit in in front of Nexus hehehe. The article was specifically addressing Nexus phones. Or did you not believe there was a patch for our phones? I guess the Nexus is still mildly retarded hehe
hxxp://www.techtimes.com/articles/121547/20160106/january-android-security-patch-for-android-6-0-1-marshmallow-now-live-factory-images-also-available.htm
Click to expand...
Click to collapse
Go buy a samsuck or apple. Better fit for you.
doitright said:
Go buy a samsuck or apple. Better fit for you.
Click to expand...
Click to collapse
hahahahhahahahaha funny cool guy . Considering I've been rooting android for years and never used a iphone or samsuck it's probably not the case but please feel free to mail me yours, sank u buddy. Did the article not spell it out for you that Nexus 6 will be getting patches?? But I don't trust the sytem either man, lets go find that server hosting that site and push it over heheh
jeffrimerman said:
hahahahhahahahaha funny cool guy . Considering I've been rooting android for years and never used a iphone or samsuck it's probably not the case but please feel free to mail me yours, sank u buddy. Did the article not spell it out for you that Nexus 6 will be getting patches?? But I don't trust the sytem either man, lets go find that server hosting that site and push it over heheh
Click to expand...
Click to collapse
to answer your question a little better.. why is it easy to unlock the bootloader and root any nexus? its because google decided to give us a gift with the nexus one.. the gift, fastboot oem unlock. google has made any nexus easy to root, for no other reason except its much easier. do you think google will take it away from us? i dont, as thats part of the magic that makes a nexus. actually, they did it because of all the app developers AND modders/rom developrs, so they could use their nexus to make us apps and to improve the whole nexus experience(yes, on occassion google picks code written by our xda developers and adds it into nexus devices). so leaving it easy to root also gives google more coding options. yea, i really dont think googles gonna change that.
doitright said:
Go buy a samsuck or apple. Better fit for you.
Click to expand...
Click to collapse
simms22 said:
to answer your question a little better.. why is it easy to unlock the bootloader and root any nexus? its because google decided to give us a gift with the nexus one.. the gift, fastboot oem unlock. google has made any nexus easy to root, for no other reason except its much easier. do you think google will take it away from us? i dont, as thats part of the magic that makes a nexus. actually, they did it because of all the app developers AND modders/rom developrs, so they could use their nexus to make us apps and to improve the whole nexus experience(yes, on occassion google picks code written by our xda developers and adds it into nexus devices). so leaving it easy to root also gives google more coding options. yea, i really dont think googles gonna change that.
Click to expand...
Click to collapse
Thanks, yeah I was wondering if it would make it more difficult but knew they would never eliminate it. No point in updating if it's gonna even cause a small extra step but glad it was nothing. I just put on a different rom that took out most of the apps I don't need and says will have better battery life and that seems to be the case. Thanks again
chapelfreak said:
If a locked out phone is for retards, then who uses an iPhone
Click to expand...
Click to collapse
---------- Post added at 12:43 PM ---------- Previous post was at 12:42 PM ----------
the beauty of open source.

nougat xposed on stackexchange

Is anyone familiar with android.stack exchange? I see they tried to create an xposed for nougat on oneplus. Has anyone tried it yet? They made it clear it has nothing to do with the official xposed. But I'm reluctant to touch anything non XDA released. I hope I'm not posting this against the rules.. I didn't see anything that said I could not ask about someone elses version or modification. So sorry in advance if I broke a rule
I would very, very much doubt that is true. Most likely click bait...
Here's your answer on the very same site you're talking about:
https://android.stackexchange.com/q...mework-and-installer-for-nougat/179398#179398
Since there are bound to be lazy people who won't even click the link:
Anything that isn't officially announced from Rovo89 is fake.
MusikMonk said:
Here's your answer on the very same site you're talking about:
https://android.stackexchange.com/q...mework-and-installer-for-nougat/179398#179398
Since there are bound to be lazy people who won't even click the link:
Anything that isn't officially announced from Rovo89 is fake.
Click to expand...
Click to collapse
Literally right under that is a post saying it works but only on a specific rom lol. It's sad that people create fake projects for nothing but attention.

Categories

Resources