I'm unfamiliar with how this all fits together. For example, I don't understand how if the bootloader is unlocked, why will it still brick the device if the bootloader is mismatched? Why would the BL version matter if it's unlocked? If the BL will still cripple the device, then it's not really "unlocked", is it?
Also, what does this mean in the future after Motorola stops updating the X? I know we can flash ROMs, but will we be stuck using the base of whatever update Moto/Verizon decides to put out?
The more detailed the better. I've tried googling and searching here, but I can't find any sort of place where this info is gathered & presented in a digestible format....all I'm finding is little pieces of info here & there. I don't even know enough to properly ask for more info. Any help, explanations, or links would be greatly appreciated.
Hopefully this gets you started... Its not completed, but I was typing it up in my spare time because I see a lot of people asking these questions
Versions of the Moto X..
There are 3 main versions of the Moto X available today..
1. Carrier Branded (aka Retail). Except for T-Mobie USA, this is available for order/pickup directly from your Carrier, their store or web site.
2. MotoMaker Edition. Available directly from Motorola.com. Ordering this version allows you to customize your device by selecting Memory, Front Color, Back Color, Accent (button, camera trim ring) color, add custom wall paper, engraving on the back, or even startup message.
3. Developer Edition. Available directly from Motorola.com. Available as black front, woven white back, silver accent (button/camera trim ring).
Due to the frequencies used by the various wireless carriers where the phones are sold, there are a few different model number designations like XT1060 (Verizon), XT1058 (AT&T), XT1053 (T-Mobile USA and GSM Developer Edition), along with other models depending on location/carrier. (NOTE: the Retail/MotoMaker and Developer Edition for Verizon are both XT1060).
Locked vs Unlocked bootloader. Why is this important?
Whats the difference between locked and unlocked?
While this article gives a good, detailed explanation -> http://www.extremetech.com/computin...tloader-and-why-does-verizon-want-them-locked
An overly simplified way of explaining this would be to say that With a locked bootloader, you can only flash ROMS and software digitally signed by your phone maker. Having an unlocked Bootloader allows you to flash custom roms, recoveries, kernels, etc, or to fully hack/customize your phone.
Why would I want unlocked bootloader?
If you are looking to root your phone and have a locked bootloader, you have to wait for someone to find a flaw in your phones rom/firmware, and exploit/hack it. This is getting increasingly difficult as Android evolves. As new updates for the phone get released, you need to wait until someone finds a usable exploit, creates a repeatable process that is relatively safe, and releases it. This could takes weeks, months, or never come. For Android 4.2.2, there was a process called RockMyMoto, for Android 4.4, SlapMyMoto. Neither of these exploits work for the Android 4.4.2 update, and as of this writing, no exploit/hack/process has been released for 4.4.2.
Having an unlocked bootloader, and being able to flash 3rd party code simplifies the rooting/hacking process, but could also be dangerous. If you want to root without having to wait on exploits or processes to be found, having an unlocked or unlockable bootloader is considered best. Once your bootloader is unlocked, you can install a custom recovery (like TWRP), boot to it, and install SuperSU and you will be rooted. This can be done no matter what ROM version is on your phone.
To fully remove the phone maker's rom, and replace it with a completely custom rom, your phone needs to have an unlocked bootloader.
Can I unlock the Bootloader on my Moto X?
If you have a Developer Edition Moto X, yes you can unlock the bootloader and it doesn't void your warranty.
If you have a MotoMaker or Carrier Branded model, it depends on IF your carrier allows Motorola to do it, and will void your warranty. For example, Verizon and ATT does now allow Motorola to unlock your boot loader. To see if your Moto X bootloader can be unlocked see -> https://motorola-global-portal.cust...e/bootloader/unlock-your-device-a/action/auth You can step through the procees until you get to the final submit WITHOUT voiding your warranty. Once you hit the final submit to request the code, your warranty is voided (unless your phone is the developer edition)
For the Verizon and ATT which Moto's web site wouldn't give out bootloader unlock codes, there was an option of buying the Bootloader Unlock Code for Non-Dev Verizon X from a Chinese site or middleman, but it appears to have dried up. (no contact from the seller in a few days, and rumors he got caught/fired/worse)
What is Write Protection Enabled or Disabled? Why is this important?
Due to trying to enhance the security on newer Android phones, the Motorola X ships with "Write Protection" enabled. This prevents any changes to /System or other "protected" folders from surviving a Power Off/On (aka hard reset). If you manage to gain root, but Write Protection is still enabled, any changes you make while rooted would be lost after Power Off/On.
If you have an unlockable bootloader, unlocking the bootloader disables write protection.
If you have a locked bootloader, an exploit/hack needs to be found and process needs to be developed and released. For Android 4.4 and below on the X, a process called MotoWpNoMo was used, however the Android 4.4.2 update closed/fixed the exploit and MotoWpNoMo no longer works. So as of this writing, if you have a locked boot loader, there is no way to Disable Write Protection on Android 4.4.2.
Can I downgrade the firmware on my phone before or after I unlock the bootloader?
As for downgrading firmware, the same caveats and warnings still apply. Due to changes in the bootloader included with 4.4.2, under certain circumstances when trying to downgrade from 4.4.2 to 4.4 or lower, you could either brick your phone, or set it up to brick in the future when you take an upgrade. So it is suggested you just stick with what is on your phone once you get on 4.4.2.
Can flash a 3rd party or custom rom?
If you want to flash a Non-Motorola ROM on your phone, say something like CyanogenMod, you MUST have an unlocked bootloader.
Can you just tell me how to root my Moto X phone?(sorry, this might be the long answer, but hopefully it will help you understand what I'm saying and why..)
SlapMyMoto can be used to root, and MotoWpNoMo can be used to disable write protection *IF* your phone is on 4.4 or lower.
MotoWpNoMo (which disables write protection) is needed because when Write Protection is enabled (the phone's default state with locked bootloader, or the state you are in after you take the 4.4.2 OTA), any changes made to /system, or the like, (including, but not limited to, App installs, file modifications, deletions, renames, etc) are not permanent and are lost at power off/on. Even if you have root, but lost Write Protection, any apps you've installed that need to write to system can't permanently save their changes (you have to re-do every time your phone powers off/on), and any Root type app, or app that gets installed to /system after WP is enabled will be lost at power off/on.
If you are on 4.4. and use SlapMyMoto/MotoWpNoMo, but later take the OTA to 4.4.2, you might keep root but Write Protection will be re-enabled with no way to disable it.
Due to fixes and changes in 4.4.2, the Root and Disable Write Protection processes that worked on 4.4 and lower, no longer work on 4.4.2. And don't expect anything for 4.4.2 for a while, if ever. So if the phone you buy comes with 4.4.2 pre-installed, or you have taken the 4.4.2 OTA update, and you have a locked bootloader you're stuck!!
This is not an issue if you have an unlocked bootloader. You can still unlock your bootloader (which disables write protection), and root (by just using a custom recovery and flashing SuperSU) no matter what rom is on your phone.
In conclusion...
If you really need ROOT, Write Protection Disabled, want to modify/replace/delete system files, the ability to tether on an unlimited data plan, flash a custom rom (like CyanogenMod or others) then you really should consider getting the Developer Edition X, as you can unlock its bootloader (without voiding warranty), root it (no matter what rom is on the phone), and do what you want.
If your carrier allows Moto to give you the code to unlock the bootloader, then you just have to weight the option of being able to order your phone customized (moto maker) and unlock the bootloader while voiding the warranty, or have an uncustomized phone that the warranty remains intact should you unlock the bootloader.
KidJoe said:
Hopefully this gets you started... Its not completed, but I was typing it up in my spare time because I see a lot of people asking these questions
Versions of the Moto X..
There are 3 main versions of the Moto X available today..
1. Carrier Branded (aka Retail). Except for T-Mobie USA, this is available for order/pickup directly from your Carrier, their store or web site.
2. MotoMaker Edition. Available directly from Motorola.com. Ordering this version allows you to customize your device by selecting Memory, Front Color, Back Color, Accent (button, camera trim ring) color, add custom wall paper, engraving on the back, or even startup message.
3. Developer Edition. Available directly from Motorola.com. Available as black front, woven white back, silver accent (button/camera trim ring).
Due to the frequencies used by the various wireless carriers where the phones are sold, there are a few different model number designations like XT1060 (Verizon), XT1058 (AT&T), XT1053 (T-Mobile USA and GSM Developer Edition), along with other models depending on location/carrier. (NOTE: the Retail/MotoMaker and Developer Edition for Verizon are both XT1060).
Locked vs Unlocked bootloader. Why is this important?
Whats the difference between locked and unlocked?
While this article gives a good, detailed explanation -> http://www.extremetech.com/computin...tloader-and-why-does-verizon-want-them-locked
An overly simplified way of explaining this would be to say that With a locked bootloader, you can only flash ROMS and software digitally signed by your phone maker. Having an unlocked Bootloader allows you to flash custom roms, recoveries, kernels, etc, or to fully hack/customize your phone.
Why would I want unlocked bootloader?
If you are looking to root your phone and have a locked bootloader, you have to wait for someone to find a flaw in your phones rom/firmware, and exploit/hack it. This is getting increasingly difficult as Android evolves. As new updates for the phone get released, you need to wait until someone finds a usable exploit, creates a repeatable process that is relatively safe, and releases it. This could takes weeks, months, or never come. For Android 4.2.2, there was a process called RockMyMoto, for Android 4.4, SlapMyMoto. Neither of these exploits work for the Android 4.4.2 update, and as of this writing, no exploit/hack/process has been released for 4.4.2.
Having an unlocked bootloader, and being able to flash 3rd party code simplifies the rooting/hacking process, but could also be dangerous. If you want to root without having to wait on exploits or processes to be found, having an unlocked or unlockable bootloader is considered best. Once your bootloader is unlocked, you can install a custom recovery (like TWRP), boot to it, and install SuperSU and you will be rooted. This can be done no matter what ROM version is on your phone.
To fully remove the phone maker's rom, and replace it with a completely custom rom, your phone needs to have an unlocked bootloader.
Can I unlock the Bootloader on my Moto X?
If you have a Developer Edition Moto X, yes you can unlock the bootloader and it doesn't void your warranty.
If you have a MotoMaker or Carrier Branded model, it depends on IF your carrier allows Motorola to do it, and will void your warranty. For example, Verizon and ATT does now allow Motorola to unlock your boot loader. To see if your Moto X bootloader can be unlocked see -> https://motorola-global-portal.cust...e/bootloader/unlock-your-device-a/action/auth You can step through the procees until you get to the final submit WITHOUT voiding your warranty. Once you hit the final submit to request the code, your warranty is voided (unless your phone is the developer edition)
For the Verizon and ATT which Moto's web site wouldn't give out bootloader unlock codes, there was an option of buying the Bootloader Unlock Code for Non-Dev Verizon X from a Chinese site or middleman, but it appears to have dried up. (no contact from the seller in a few days, and rumors he got caught/fired/worse)
What is Write Protection Enabled or Disabled? Why is this important?
Due to trying to enhance the security on newer Android phones, the Motorola X ships with "Write Protection" enabled. This prevents any changes to /System or other "protected" folders from surviving a Power Off/On (aka hard reset). If you manage to gain root, but Write Protection is still enabled, any changes you make while rooted would be lost after Power Off/On.
If you have an unlockable bootloader, unlocking the bootloader disables write protection.
If you have a locked bootloader, an exploit/hack needs to be found and process needs to be developed and released. For Android 4.4 and below on the X, a process called MotoWpNoMo was used, however the Android 4.4.2 update closed/fixed the exploit and MotoWpNoMo no longer works. So as of this writing, if you have a locked boot loader, there is no way to Disable Write Protection on Android 4.4.2.
Can I downgrade the firmware on my phone before or after I unlock the bootloader?
As for downgrading firmware, the same caveats and warnings still apply. Due to changes in the bootloader included with 4.4.2, under certain circumstances when trying to downgrade from 4.4.2 to 4.4 or lower, you could either brick your phone, or set it up to brick in the future when you take an upgrade. So it is suggested you just stick with what is on your phone once you get on 4.4.2.
Can flash a 3rd party or custom rom?
If you want to flash a Non-Motorola ROM on your phone, say something like CyanogenMod, you MUST have an unlocked bootloader.
Can you just tell me how to root my Moto X phone?(sorry, this might be the long answer, but hopefully it will help you understand what I'm saying and why..)
SlapMyMoto can be used to root, and MotoWpNoMo can be used to disable write protection *IF* your phone is on 4.4 or lower.
MotoWpNoMo (which disables write protection) is needed because when Write Protection is enabled (the phone's default state with locked bootloader, or the state you are in after you take the 4.4.2 OTA), any changes made to /system, or the like, (including, but not limited to, App installs, file modifications, deletions, renames, etc) are not permanent and are lost at power off/on. Even if you have root, but lost Write Protection, any apps you've installed that need to write to system can't permanently save their changes (you have to re-do every time your phone powers off/on), and any Root type app, or app that gets installed to /system after WP is enabled will be lost at power off/on.
If you are on 4.4. and use SlapMyMoto/MotoWpNoMo, but later take the OTA to 4.4.2, you might keep root but Write Protection will be re-enabled with no way to disable it.
Due to fixes and changes in 4.4.2, the Root and Disable Write Protection processes that worked on 4.4 and lower, no longer work on 4.4.2. And don't expect anything for 4.4.2 for a while, if ever. So if the phone you buy comes with 4.4.2 pre-installed, or you have taken the 4.4.2 OTA update, and you have a locked bootloader you're stuck!!
This is not an issue if you have an unlocked bootloader. You can still unlock your bootloader (which disables write protection), and root (by just using a custom recovery and flashing SuperSU) no matter what rom is on your phone.
In conclusion...
If you really need ROOT, Write Protection Disabled, want to modify/replace/delete system files, the ability to tether on an unlimited data plan, flash a custom rom (like CyanogenMod or others) then you really should consider getting the Developer Edition X, as you can unlock its bootloader (without voiding warranty), root it (no matter what rom is on the phone), and do what you want.
If your carrier allows Moto to give you the code to unlock the bootloader, then you just have to weight the option of being able to order your phone customized (moto maker) and unlock the bootloader while voiding the warranty, or have an uncustomized phone that the warranty remains intact should you unlock the bootloader.
Click to expand...
Click to collapse
Thank you for your reply! It has helped clear up most of my confusion.
Can I downgrade the firmware on my phone before or after I unlock the bootloader?
As for downgrading firmware, the same caveats and warnings still apply. Due to changes in the bootloader included with 4.4.2, under certain circumstances when trying to downgrade from 4.4.2 to 4.4 or lower, you could either brick your phone, or set it up to brick in the future when you take an upgrade. So it is suggested you just stick with what is on your phone once you get on 4.4.2.
Click to expand...
Click to collapse
Can you elaborate a little bit on this? What changes were made, and why does it brick your phone? (If the bootloader is unlocked, this shouldn't be an issue.....but this is not the case, obviously.) What makes this different than loading a ROM? Is there the same chance to brick your phone from flashing a ROM?
Arak-Nafein said:
Can you elaborate a little bit on this? What changes were made, and why does it brick your phone? (If the bootloader is unlocked, this shouldn't be an issue.....but this is not the case, obviously.) What makes this different than loading a ROM? Is there the same chance to brick your phone from flashing a ROM?
Click to expand...
Click to collapse
I didn't create the bootloader, so I can't elaborate on what exactly was changed. Moto doesn't post release notes. As why it bricks, I could only tell you what I've read. And the thread that was here discussing it in details has vanished for some reason. I do know things like GPT.BIN also come into play, but I don't remember ALL of the details.
As for this shouldn't be an issue with the bootloader being unlocked.. Well, I can tell you unlocked bootloader or not, the long thread that vanished was reports of both those who used the unlock code from Moto to unlock their bootloader, and those who still had a locked bootloader.
The bootloader is unlocked at least to the point that it disables the write protection and you can flash roms, recoveries, etc that are NOT signed by Moto. Is that "fully unlocked" I'll let someone else answer that.
If the 3rd party rom you are trying to install tries to revert the bootloader to a lower level or tries to downgrade the security files (GPT.BIN and a few others), then yes, you have a chance to brick. But most likely only the System partition will be written on 3rd party rom.
KidJoe said:
I didn't create the bootloader, so I can't elaborate on what exactly was changed. Moto doesn't post release notes. As why it bricks, I could only tell you what I've read. And the thread that was here discussing it in details has vanished for some reason. I do know things like GPT.BIN also come into play, but I don't remember ALL of the details.
As for this shouldn't be an issue with the bootloader being unlocked.. Well, I can tell you unlocked bootloader or not, the long thread that vanished was reports of both those who used the unlock code from Moto to unlock their bootloader, and those who still had a locked bootloader.
The bootloader is unlocked at least to the point that it disables the write protection and you can flash roms, recoveries, etc that are NOT signed by Moto. Is that "fully unlocked" I'll let someone else answer that.
If the 3rd party rom you are trying to install tries to revert the bootloader to a lower level or tries to downgrade the security files (GPT.BIN and a few others), then yes, you have a chance to brick. But most likely only the System partition will be written on 3rd party rom.
Click to expand...
Click to collapse
Thanks again!
I would love to read that thread if anyone has it archived or something.
KidJoe said:
Hopefully this gets you started... Its not completed, but I was typing it up in my spare time because I see a lot of people asking these questions
Versions of the Moto X..
There are 3 main versions of the Moto X available today..
1. Carrier Branded (aka Retail). Except for T-Mobie USA, this is available for order/pickup directly from your Carrier, their store or web site.
2. MotoMaker Edition. Available directly from Motorola.com. Ordering this version allows you to customize your device by selecting Memory, Front Color, Back Color, Accent (button, camera trim ring) color, add custom wall paper, engraving on the back, or even startup message.
3. Developer Edition. Available directly from Motorola.com. Available as black front, woven white back, silver accent (button/camera trim ring).
Due to the frequencies used by the various wireless carriers where the phones are sold, there are a few different model number designations like XT1060 (Verizon), XT1058 (AT&T), XT1053 (T-Mobile USA and GSM Developer Edition), along with other models depending on location/carrier. (NOTE: the Retail/MotoMaker and Developer Edition for Verizon are both XT1060).
Locked vs Unlocked bootloader. Why is this important?
Whats the difference between locked and unlocked?
While this article gives a good, detailed explanation -> http://www.extremetech.com/computin...tloader-and-why-does-verizon-want-them-locked
An overly simplified way of explaining this would be to say that With a locked bootloader, you can only flash ROMS and software digitally signed by your phone maker. Having an unlocked Bootloader allows you to flash custom roms, recoveries, kernels, etc, or to fully hack/customize your phone.
Why would I want unlocked bootloader?
If you are looking to root your phone and have a locked bootloader, you have to wait for someone to find a flaw in your phones rom/firmware, and exploit/hack it. This is getting increasingly difficult as Android evolves. As new updates for the phone get released, you need to wait until someone finds a usable exploit, creates a repeatable process that is relatively safe, and releases it. This could takes weeks, months, or never come. For Android 4.2.2, there was a process called RockMyMoto, for Android 4.4, SlapMyMoto. Neither of these exploits work for the Android 4.4.2 update, and as of this writing, no exploit/hack/process has been released for 4.4.2.
Having an unlocked bootloader, and being able to flash 3rd party code simplifies the rooting/hacking process, but could also be dangerous. If you want to root without having to wait on exploits or processes to be found, having an unlocked or unlockable bootloader is considered best. Once your bootloader is unlocked, you can install a custom recovery (like TWRP), boot to it, and install SuperSU and you will be rooted. This can be done no matter what ROM version is on your phone.
To fully remove the phone maker's rom, and replace it with a completely custom rom, your phone needs to have an unlocked bootloader.
Can I unlock the Bootloader on my Moto X?
If you have a Developer Edition Moto X, yes you can unlock the bootloader and it doesn't void your warranty.
If you have a MotoMaker or Carrier Branded model, it depends on IF your carrier allows Motorola to do it, and will void your warranty. For example, Verizon and ATT does now allow Motorola to unlock your boot loader. To see if your Moto X bootloader can be unlocked see -> https://motorola-global-portal.cust...e/bootloader/unlock-your-device-a/action/auth You can step through the procees until you get to the final submit WITHOUT voiding your warranty. Once you hit the final submit to request the code, your warranty is voided (unless your phone is the developer edition)
For the Verizon and ATT which Moto's web site wouldn't give out bootloader unlock codes, there was an option of buying the Bootloader Unlock Code for Non-Dev Verizon X from a Chinese site or middleman, but it appears to have dried up. (no contact from the seller in a few days, and rumors he got caught/fired/worse)
What is Write Protection Enabled or Disabled? Why is this important?
Due to trying to enhance the security on newer Android phones, the Motorola X ships with "Write Protection" enabled. This prevents any changes to /System or other "protected" folders from surviving a Power Off/On (aka hard reset). If you manage to gain root, but Write Protection is still enabled, any changes you make while rooted would be lost after Power Off/On.
If you have an unlockable bootloader, unlocking the bootloader disables write protection.
If you have a locked bootloader, an exploit/hack needs to be found and process needs to be developed and released. For Android 4.4 and below on the X, a process called MotoWpNoMo was used, however the Android 4.4.2 update closed/fixed the exploit and MotoWpNoMo no longer works. So as of this writing, if you have a locked boot loader, there is no way to Disable Write Protection on Android 4.4.2.
Can I downgrade the firmware on my phone before or after I unlock the bootloader?
As for downgrading firmware, the same caveats and warnings still apply. Due to changes in the bootloader included with 4.4.2, under certain circumstances when trying to downgrade from 4.4.2 to 4.4 or lower, you could either brick your phone, or set it up to brick in the future when you take an upgrade. So it is suggested you just stick with what is on your phone once you get on 4.4.2.
Can flash a 3rd party or custom rom?
If you want to flash a Non-Motorola ROM on your phone, say something like CyanogenMod, you MUST have an unlocked bootloader.
Can you just tell me how to root my Moto X phone?(sorry, this might be the long answer, but hopefully it will help you understand what I'm saying and why..)
SlapMyMoto can be used to root, and MotoWpNoMo can be used to disable write protection *IF* your phone is on 4.4 or lower.
MotoWpNoMo (which disables write protection) is needed because when Write Protection is enabled (the phone's default state with locked bootloader, or the state you are in after you take the 4.4.2 OTA), any changes made to /system, or the like, (including, but not limited to, App installs, file modifications, deletions, renames, etc) are not permanent and are lost at power off/on. Even if you have root, but lost Write Protection, any apps you've installed that need to write to system can't permanently save their changes (you have to re-do every time your phone powers off/on), and any Root type app, or app that gets installed to /system after WP is enabled will be lost at power off/on.
If you are on 4.4. and use SlapMyMoto/MotoWpNoMo, but later take the OTA to 4.4.2, you might keep root but Write Protection will be re-enabled with no way to disable it.
Due to fixes and changes in 4.4.2, the Root and Disable Write Protection processes that worked on 4.4 and lower, no longer work on 4.4.2. And don't expect anything for 4.4.2 for a while, if ever. So if the phone you buy comes with 4.4.2 pre-installed, or you have taken the 4.4.2 OTA update, and you have a locked bootloader you're stuck!!
This is not an issue if you have an unlocked bootloader. You can still unlock your bootloader (which disables write protection), and root (by just using a custom recovery and flashing SuperSU) no matter what rom is on your phone.
In conclusion...
If you really need ROOT, Write Protection Disabled, want to modify/replace/delete system files, the ability to tether on an unlimited data plan, flash a custom rom (like CyanogenMod or others) then you really should consider getting the Developer Edition X, as you can unlock its bootloader (without voiding warranty), root it (no matter what rom is on the phone), and do what you want.
If your carrier allows Moto to give you the code to unlock the bootloader, then you just have to weight the option of being able to order your phone customized (moto maker) and unlock the bootloader while voiding the warranty, or have an uncustomized phone that the warranty remains intact should you unlock the bootloader.
Click to expand...
Click to collapse
Question. Do you need a custom recovery to root? Can you root the Dev edition with stock recovery? I had a locked edition before and rooted it using the exploit method. Now i'm contemplating a Dev edition but don't want to use a custom recovery to root it.
Slim706 said:
Question. Do you need a custom recovery to root? Can you root the Dev edition with stock recovery? I had a locked edition before and rooted it using the exploit method. Now i'm contemplating a Dev edition but don't want to use a custom recovery to root it.
Click to expand...
Click to collapse
You must root via custom recovery. But after you are rooted, you can flash stock recovery back on if you wish and remain rooted.
I just got my Moto X in India and it bears the model number XT1052, it is the officially available model in India.
But, I saw no mention of this on XDA anywhere, so also I wasn't able to find any root methods for it. Can you suggest anything?
krazzyvishal said:
I just got my Moto X in India and it bears the model number XT1052, it is the officially available model in India.
But, I saw no mention of this on XDA anywhere, so also I wasn't able to find any root methods for it. Can you suggest anything?
Click to expand...
Click to collapse
Root methods are all the same....one way for locked bootloader and one way for unlocked bootloaders.
Read the complete moto x guide stickied in the general section for how to. ?
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
---------- Post added at 11:46 AM ---------- Previous post was at 11:45 AM ----------
Here,
http://forum.xda-developers.com/showthread.php?t=2603358
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
So, no one knows why downgrading bricks the device? I mean, I know it's because of the bootloader mismatch.....but that's unlocked so why is it being bricked? It seems "unlocked" is not really unlocked....I tried searching, is this efuse that's bricking the phone? If so, WTF? Why would they make something that destroys your phone?
Arak-Nafein said:
So, no one knows why downgrading bricks the device? I mean, I know it's because of the bootloader mismatch.....but that's unlocked so why is it being bricked? It seems "unlocked" is not really unlocked....I tried searching, is this efuse that's bricking the phone? If so, WTF? Why would they make something that destroys your phone?
Click to expand...
Click to collapse
Its just how it is. These aren't nexus phones. They made the 4.4.2 bootloader in a way that if you downgrage, then most commonly try to upgrade again...by ota for sure anyway, boom. Brick.. I'm sure it wasnt made that way intentionally. Personally I just think phone companies just don't care or support what we do. So they don't create anything thinking in terms of rooting and flashing this or that. Its not their concern....since 98 percent of their customers update their unmodified phones over ota and thats it.
Have to remember we're an extremely small percentage of phone users. They aren't even thinking of us when they make stuff. ?
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
kj2112 said:
Its just how it is. These aren't nexus phones. They made the 4.4.2 bootloader in a way that if you downgrage, then most commonly try to upgrade again...by ota for sure anyway, boom. Brick.. I'm sure it wasnt made that way intentionally. Personally I just think phone companies just don't care or support what we do. So they don't create anything thinking in terms of rooting and flashing this or that. Its not their concern....since 98 percent of their customers update their unmodified phones over ota and thats it.
Have to remember we're an extremely small percentage of phone users. They aren't even thinking of us when they make stuff. ?
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
Click to expand...
Click to collapse
Yet, they made the developer edition.
I know this isn't a nexus device, but I was expecting nexus-like functionality with the dev edition bootloader unlocked, I know this is not the case now. (Although, you get most of the functionality)
Well, they make a "developer edition" that bricks when you try to downgrade. That seems counter-intuitive.
That's why I'm trying to find the technical details of what causes the brick. Why does it brick? What are they trying to protect? The boot partition? I don't understand the whole point of it or why it happens. Why make a developer edition if it gets bricked like a non-dev edition when flashing? This may have been already answered when the first dev phones came out, but I missed that train. I only upgrade my phone every 2 years or so and this is my first "dev edition" so it's all new to me. I've done a bit of reading, but nothing explicitly states what's cause the brick, just that "it happens". What's causing it?
My main reason for asking is just because I'm curious & would like to understand.
The second is, I'm wondering what happens when we stop getting updates. Will we be stuck on the last version of Android that is given to us?
Arak-Nafein said:
I know this isn't a nexus device, but I was expecting nexus-like functionality with the dev edition bootloader unlocked, I know this is not the case now.
Well, they make a "developer edition" that bricks when you try to downgrade. That seems counter-intuitive.
That's why I'm trying to find the technical details of what causes the brick. Why does it brick? What are they trying to protect? The boot partition? I don't understand the whole point of it or why it happens.
Click to expand...
Click to collapse
I doubt they meant it to be that way....it just turned out that way. And again, I doubt they care. Dev editions are just made to make more money. And keep up to competitors who make them. You keep your warranty, but other than that....nothing is special about them. ?
Why it works that way? Dunno. Lol
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
Arak-Nafein said:
Yet, they made the developer edition.
I know this isn't a nexus device, but I was expecting nexus-like functionality with the dev edition bootloader unlocked, I know this is not the case now. (Although, you get most of the functionality)
Well, they make a "developer edition" that bricks when you try to downgrade. That seems counter-intuitive.
That's why I'm trying to find the technical details of what causes the brick. Why does it brick? What are they trying to protect? The boot partition? I don't understand the whole point of it or why it happens. Why make a developer edition if it gets bricked like a non-dev edition when flashing? This may have been already answered when the first dev phones came out, but I missed that train. I only upgrade my phone every 2 years or so and this is my first "dev edition" so it's all new to me. I've done a bit of reading, but nothing explicitly states what's cause the brick, just that "it happens". What's causing it?
My main reason for asking is just because I'm curious & would like to understand.
The second is, I'm wondering what happens when we stop getting updates. Will we be stuck on the last version of Android that is given to us?
Click to expand...
Click to collapse
You have to keep in mind, other than unlocking the bootloader, and Moto Maker customizations, the Developer Edition is the same as the "retail" edition phones except that you can get the unlock code from Moto for free without voiding your warranty and are stuck with the black front, woven white back, and silver accents.
Order a Verizon X via Moto Maker, its an XT1060, order a Dev Edition for Verizon its an XT1060, and they use the same Rom/SBF/FXZ files. GSM side, the "Unlocked GSM" model that comes with a T-Mobile SIM is an XT1053, a GSM Dev Edition is a XT1053, and again, they use the same rom/sbf/fxz. Did moto do this to "save cost" maybe?
The Dev Editions are unlocked just enough to allow you to flash stuff not signed by Moto. That is it. Moto makes no promises that you can successfully downgrade, or anything. If you have a Dev Edition and brick it, its covered under warranty.
As for why it works this way, only Moto knows. We can only speculate, guess and such, which was done in a big long thread that has since disappeared (not sure why it disappeared). Beyond that, we can only relay the cautions we know of, and tell you how it works based on the experience of several people. I'm sorry if that is not enough. If you want the real answer, you'l have to call Moto directly, or see if you can post on G+ tagging some of the Moto people, but they likely wont tell you.
I can tell you this.. My Moto Xoom was unlocked, needed no code to do so, and was virtually "un-brickable." The X does not work that same way. I can only GUESS why. (carrier request maybe? something else?)
KidJoe said:
You have to keep in mind, other than unlocking the bootloader, and Moto Maker customizations, the Developer Edition is the same as the "retail" edition phones except that you can get the unlock code from Moto for free without voiding your warranty and are stuck with the black front, woven white back, and silver accents.
Order a Verizon X via Moto Maker, its an XT1060, order a Dev Edition for Verizon its an XT1060, and they use the same Rom/SBF/FXZ files. GSM side, the "Unlocked GSM" model that comes with a T-Mobile SIM is an XT1053, a GSM Dev Edition is a XT1053, and again, they use the same rom/sbf/fxz. Did moto do this to "save cost" maybe?
The Dev Editions are unlocked just enough to allow you to flash stuff not signed by Moto. That is it. Moto makes no promises that you can successfully downgrade, or anything. If you have a Dev Edition and brick it, its covered under warranty.
As for why it works this way, only Moto knows. We can only speculate, guess and such, which was done in a big long thread that has since disappeared (not sure why it disappeared). Beyond that, we can only relay the cautions we know of, and tell you how it works based on the experience of several people. I'm sorry if that is not enough. If you want the real answer, you'l have to call Moto directly, or see if you can post on G+ tagging some of the Moto people, but they likely wont tell you.
I can tell you this.. My Moto Xoom was unlocked, needed no code to do so, and was virtually "un-brickable." The X does not work that same way. I can only GUESS why. (carrier request maybe? something else?)
Click to expand...
Click to collapse
Argh, so frustrating! Now I REALLY wanna see that thread. XDA isn't archived on the wayback machine is it?
Arak-Nafein said:
Argh, so frustrating! Now I REALLY wanna see that thread. XDA isn't archived on the wayback machine is it?
Click to expand...
Click to collapse
the thread was cached in google at one point, now its not, it only comes up with link to XDA but when you click on it, XDA says the thread does not exist.
See the OP here -> http://forum.xda-developers.com/moto-x/moto-x-qa/informative-thread-t2658742
People that REALLY love flashing and tinkering.....need a nexus. Bottom line. Nothing else compares....today anyway.
As much as I LOVED my X....this is why my wife has it now and i have the N5.
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
kj2112 said:
People that REALLY love flashing and tinkering.....need a nexus. Bottom line. Nothing else compares....today anyway.
As much as I LOVED my X....this is why my wife has it now and i have the N5.
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
Click to expand...
Click to collapse
If Verizon would allow it I would have already done it.
I did some more reading, it appears it all comes from motoboot.img(motoboot partition) & gpt.bin("partition" partition). As long as you don't mess with those & their respective partitions you shouldn't have to worry about bricking your phone. You can still access & read/write the boot partition & the system partition & everything else when unlocked. The OTAs will modify these (And check for certain versions of these) which can leave you in a nasty catch-22 situation & thus the brick. It's not the actual downgrade that bricks it, it's the security from the OTAs that error out & leave you stranded. You can still flash the OTA if you do it manually & leave out the bootloader stuff.(EDIT: This isn't entirely true) You can flash any other ROM because they don't have the built in security like the OTAs. So, if you flip over to an AOSP or CM ROM or anything not based on Motos stuff you needn't worry about nazi bootloaders & OTAs bricking your device. The only problem with going to those ROMs is the loss of Active Display & Touchless control. I'm guess Moto isn't releasing anything on the X8?
Does this sound correct? That's what I've collected from my readings. Feel free to correct me.
Arak-Nafein said:
If Verizon would allow it I would have already done it.
I did some more reading, it appears it all comes from motoboot.img & gpt.bin. As long as you don't mess with those & their respective partitions you shouldn't have to worry about bricking your phone.
Click to expand...
Click to collapse
I've said before....and I stand by it. Downgrading from 4.4.2 on any moto x is like playing russian roulette. And I simply say, don't. Lol
But.....its each person's phone and they can do what they want with it. ?
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
kj2112 said:
I've said before....and I stand by it. Downgrading from 4.4.2 on any moto x is like playing russian roulette. And I simply say, don't. Lol
But.....its each person's phone and they can do what they want with it. ��
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
Click to expand...
Click to collapse
That kinda came out wrong and I've tried to edit my post to better explain it.
The motoboot.img & the gpt.bin go together. For example, if you are on 4.4, you can manually flash all the parts except the motoboo.img & gpt.bin from 4.4.2 and it will work, and you'll retain the dowgradability of 4.4. But, you're setting yourself up for disaster should you accept an OTA (Which will be looking for the updated motoboot.img & gpt.bin. gpt.bin will be updated, but the bootloader will fail. This leaves you with a mismatched motoboot.img & gpt.bin and boom brick on next restart.)
You're right tho, it's best not to play with that. Unless you disable Motos OTA & treat it like a ROM that you have to return to stock before taking an OTA.
The bootloader is unlocked....but Motorola's software has built-in checks that only allow it to overwrite a specific version (cumulative changes?).
At least, that's the way I understand it. I'm probably way wrong here.
I looked into using SamDunk for unlocking the bootloader for my AT&T galaxy s5 but noticed that the code posted on the git was Verizon-specific (in that the bits it writes over in the cid of the phone is verizon-specific). This makes it to where running the code does not unlock the bootloader on a AT&T galaxy s5.
I wrote some python code parsing my original cid and the cid resulting from the current exploit code and noticed that the only difference pertained to the product's serial number (bits 47-16 of the cid). Even then, only certain bits within the product serial number are different. I suspect that some bits within product serial pertain to carrier, and some bits pertain to the bootloader, but I could be wrong.
My hunch is that if I can figure out which bits from the original cid's product serial number correspond to developer bootloader access then I may be able to modify the SamDunk code to allow for unlocking AT&T bootloaders. Or provide some method of calculating a dev bootloader cid from an original.
Has anyone else looked into this, and is this worth pursuing?
edit: looking further through SamDunk code. It appears that there is a dev signature associated with the cid (?) that gets written to aboot. Not sure if this is different between phones... If so then experimenting with only the cid may be futile.
product serial numbers are different for the first 12 bits then bits 25-32. I could post a link to my git if anyone is interested in experimenting with their cids
_ibis said:
I looked into using SamDunk for unlocking the bootloader for my AT&T galaxy s5 but noticed that the code posted on the git was Verizon-specific (in that the bits it writes over in the cid of the phone is verizon-specific). This makes it to where running the code does not unlock the bootloader on a AT&T galaxy s5.
I wrote some python code parsing my original cid and the cid resulting from the current exploit code and noticed that the only difference pertained to the product's serial number (bits 47-16 of the cid). Even then, only certain bits within the product serial number are different. I suspect that some bits within product serial pertain to carrier, and some bits pertain to the bootloader, but I could be wrong.
My hunch is that if I can figure out which bits from the original cid's product serial number correspond to developer bootloader access then I may be able to modify the SamDunk code to allow for unlocking AT&T bootloaders. Or provide some method of calculating a dev bootloader cid from an original.
Has anyone else looked into this, and is this worth pursuing?
edit: looking further through SamDunk code. It appears that there is a dev signature associated with the cid (?) that gets written to aboot. Not sure if this is different between phones... If so then experimenting with only the cid may be futile.
product serial numbers are different for the first 12 bits then bits 25-32. I could post a link to my git if anyone is interested in experimenting with their cids
Click to expand...
Click to collapse
I wouldn't mind taking a look.
NavSad said:
I wouldn't mind taking a look.
Click to expand...
Click to collapse
Thanks man, I appreciate all the help I can get.
I read further into the Verizon S5 bootloader unlock thread and it appears that only changing the cid may not work. If I remember correctly (looked at it yesterday) the cid is hashed/compared to the aboot somehow to determine whether its a developer edition or not. If we could get a regular cid/aboot and compare it to the verizon regular cid/aboot, then cross compare to the verizon dev edition cid/aboot then we may have a shot at possibly re-creating a at&t dev edition cid/aboot
_ibis said:
Thanks man, I appreciate all the help I can get.
I read further into the Verizon S5 bootloader unlock thread and it appears that only changing the cid may not work. If I remember correctly (looked at it yesterday) the cid is hashed/compared to the aboot somehow to determine whether its a developer edition or not. If we could get a regular cid/aboot and compare it to the verizon regular cid/aboot, then cross compare to the verizon dev edition cid/aboot then we may have a shot at possibly re-creating a at&t dev edition cid/aboot
Click to expand...
Click to collapse
If the bootloader uses SHA1 it may be easier.
Meanwhile us CID 11s over here just watching you guys from the distance..lol
AptLogic said:
Meanwhile us CID 11s over here just watching you guys from the distance..lol
Click to expand...
Click to collapse
I'm CID 11 too.
NavSad said:
I'm CID 11 too.
Click to expand...
Click to collapse
Oh okay lol.. really wish we could unlock all of the S5 bootloaders instead of just CID 15... what if we try doing like MultiROM with the "no-hardboot" thing like they do on HTC devices? We wouldn't need to patch the Kernel so we'd be able to flash other ROMs.
I know we have Odin mode instead of fastboot and we can not do the "OEM Unlock" in the Developer Options as it does not show up in there. I found this thread (https://www.xda-developers.com/how-to-discover-hidden-fastboot-commands/) on how to discover hidden fastboot commands.
So I followed the instructions there to extract the aboot.img (bootloader) and then "read" the contents of that to see what fastboot commands are available. To my surprise, it has "oem unlock" listed and a few other oem options, see attached image. Although, back to the beginning of my post, we can not fastboot in.
I would assume we could unlock the bootloader via fastboot commands if we only had a way in for it. I am not that experienced with Odin but I think that is only to flash images. I spent most of this weekend searching for any way to alternately try to fastboot in or use Odin but came up with nothing feasible. I used ADB to reboot the phone into all modes and tried doing "fastboot devices" in all modes but it just came back with nothing.
I just wanted to post this in the case of being useful in our attempt to unlock the bootloader.
What do you mean by a way in ?
There is no way, that I know of, to put the s5 in fastboot mode. I was thinking that if there is a way to boot to fastboot, or at least have the phone listed as a fastboot device in ADB, we could possibly run the oem unlock command.
Ok that's what I thought u had meant .... I used to have a few HTC devices I believe was the my touch 4g I'm thinking about ...Anyway some of the roms I had to use ADB and fastboot to flash a kernal sometimes ADB wouldn't pick up device to communicate with fastboot someone had found that by installing PDA.net (I think this was name of app for Windows) it enabled ADB to see the device at any rate .... I no it's a long shot but something to look into if your bored sometime lol I'm not sure why or how it worked or if wouldn't help us at all but I no for a fact it worked on a HTC device so felt was worth mentioning
I'll have a look at that when I get a chance. Anything is worth mentioning as you never know what little piece completes the puzzle!
sorry guys, been out of it for the last two weeks. Projects got crazy but should be able to begin working on this again soon.
I'm fairly certain Thier is still a bounty on this .... I no I pledged 100 bux to whoever unlocks my bootloader and saves me from having to buy a new phone lol but been waiting damn near 4 years not gonna start holding my breath now lol
Towelroot gives kernel memory access, downgrade, use kexec.
This is the easiest way and only one that is guaranteed to work since all exploits have already been made.
Guicrith said:
Towelroot gives kernel memory access, downgrade, use kexec.
This is the easiest way and only one that is guaranteed to work since all exploits have already been made.
Click to expand...
Click to collapse
If, of course, we could get kexec to WORK. Any modification of the Kernel breaks the chain of trust and the phone goes into a bootloop.
We dont need to modify the kernel, TowelRoot would write kexec from a file(/system/userlandbootloader.img) into the kernel after boot, then the kernel would boot a new kernel from /system/oskernel.img (which is writable on rooted 4.4-5.0)
The only kernel being modified is the one running in ram and that is deleted and replaced every reboot so trust chain is never broken.
Guicrith said:
We dont need to modify the kernel, TowelRoot would write kexec from a file into the kernel after boot, then the kernel would boot a new kernel from /system/oskernel.img (which is writable on rooted 4.4-5.0)
The only kernel being mdifyed is the one running in ram and that is deleted and replaced every reboot so trust chain is never broken.
Click to expand...
Click to collapse
But for everything to work correctly we need to be able to hardboot to the new kernel, so we need to patch the existing one to support it.
Why?
If you have kernel access you can just set all values to there boot time default.(unless there is hardware locked values like the gameboy color bootloader)
Clear the mmu mappings.
memset((void*)0x00000000, 0x00, sizeof(systemram));
Now it is in a pre boot state.
If that does not work triggering a crash that does not reload the kernel from rom but hardboots the system may work too.
Guicrith said:
Why?
If you have kernel access you can just set all values to there boot time default.(unless there is hardware locked values like the gameboy color bootloader)
Clear the mmu mappings.
memset((void*)0x00000000, 0x00, sizeof(systemram));
Now it is in a pre boot state.
If that does not work triggering a crash that does not reload the kernel from rom but hardboots the system may work too.
Click to expand...
Click to collapse
If we can code this and get consistent successful results we'd basically have a workaround for most locked BL devices to boot a custom ROM.
Of course the only theoretical hurdle left would be to actually code something like this.