Related
hi all
my theory is this but i ask all of you first if this has already been tried, With OTA updates these are all signed with i imagine official OTA keys so your device will install the update no matter what.
Now my question is, is there any way of reverse engineering the OTA signed zip files to figure out what these keys are so that we can make a ROM that will enable root on devices with Perfect SPLs
all information is appreciated
Thank you
If you have any place for me to download the T-Mobile OTA updates I'd be happy to look at them for you
Im not a proggrammer or lwayer, so take my word with a pinch of salt. Wouldnt this need reverse engineering? Making this whole deal illegal?
Required reading:
http://en.wikipedia.org/wiki/Public-key_cryptography
aron7awol said:
Required reading:
http://en.wikipedia.org/wiki/Public-key_cryptography
Click to expand...
Click to collapse
This. We need T-Mobile's private keys to sign the update, which won't be happening. If you can "reverse engineer" that then get ready to be famous, cause you just broke modern cryptography.
keemyb said:
Im not a proggrammer or lwayer, so take my word with a pinch of salt. Wouldnt this need reverse engineering? Making this whole deal illegal?
Click to expand...
Click to collapse
Depends on what country you live in. In the US, probably. In most other countries....probably not.
Those who know little about serious cryptography often assume that a particular encryption method is safe if nobody has cracked it. However, as the eminent cryptographer Bruce Schneier pointed out in his Crypto-Gram Newsletter dated 15 February 2003, "That's actually backwards. In the world of cryptography, we assume something is broken until we have evidence to the contrary." By this he means that an encryption method can be fully trusted only if it has been subject to rigorous and critical analysis by experts to check its resistance to all known cryptanalytic attacks.
While it is true that it's pretty much impossible to crack it, you can delete the keys and make your own. Although, I'm not exactly sure this is what he is looking for...
its encrypted, although you have a public key, you cant change a update since it breaks the signature... you also cant sign an update since you dont have the private keys... basically, no.
It depends on the strength of the encryption if it is AES-128 good luck you ain't never cracking it. If its RSA-512 It could be cracked by 1 person in 2 months. Or by a team of people say using boinc in 2 days. We cracked all the OS signing keys for the Entire line of Texas Instrument Graphing Calculators got a DMCA take down as well. We got EFF lawyers working to make sure we can keep working.
http://www.ticalc.org/archives/news/articles/14/145/145273.html
http://www.ticalc.org/archives/news/articles/14/145/145377.html
Isnt it illegal though to be cracking this stuff?
Not saying you would get caught but if you did you may or may not be charged.
But its easy to root so why try another approach?
What would make it illegal?
YOU own the equipment.
The modifications you do to your equipment do NOT enable you to break the law and DEFINITELY do not MAKE you do illegal things.
wow thanks for everyones replies, the only reason i question is for all the new android devices come with perfected SPLs which either conquer or make it very hard to gain root, so my theory was if we could get these keys we could make Roms signed by 'android' which would contain modified SPLs and recoverys
A will a way..
With modern encryption ..there are very few people who understand it..IT CAN BE BROKEN. NOw if u want to read about a sort of physical encryption check out quantum cryptograpy.
sync3 said:
With modern encryption ..there are very few people who understand it..IT CAN BE BROKEN. NOw if u want to read about a sort of physical encryption check out quantum cryptograpy.
Click to expand...
Click to collapse
im seeking some help on cracking this on a specialised java programming site so hopefully with some success we may have a solution
redmdc said:
im seeking some help on cracking this on a specialised java programming site so hopefully with some success we may have a solution
Click to expand...
Click to collapse
It's still a terrible idea. You'll make T-Mo very, very angry at both you and XDA, with almost zero real gain. The rooting process is trivial, and it works. I'd also recommend talking to a lawyer if you really intend to proceed.
its only for personal gain 'wink wink' i can do what i want with my own device as long as i do not distribute it intentionally
Actually, so long as you don't distribute any code or products themselves considered proprietary to T-Mobile, if you reverse-engineer their encryption key, there's nothing they can legally do about it.
What I mean by the above is that if we treat the decryption process in a manner similar to how Cyanogen does his current ROMs, and stick to simply releasing OSS-derived code, there's really nothing that T-Mo or anyone else can do 'bout it. The trouble with this is that it would require somehow maintaining the drivers for the SPLs on the device while only modifying the portions that lead to root.
To be rooted or not to be? [A Fundamental Question]
I guess you already read the news at CyanogenMOD about there thoughts regarding not enabling root access by default but rather give the user the option to be aware of the risk, if he is gonna enabling it by his own decision?
As a user you also should take some minutes and rethink about data security measurements on your device. If you're only using the phone with a prepaid mobile card and don't store confidential data like passwords or credit cards numbers or even do online payments with it, then you don't have to bother with security at all. Just enjoy your phone with the newest and fanciest ROM you would like to.
But in case you're intending to use its full potential, then below is my take on this subject. Read on, if and only if you really want to know about my personnel preferences on this topic. If my post hurts your eyes, ears or mouth in anyway, then please keep them all closed and move on. I'm very sorry, if I've stolen your precious time up to this point. ... ^^
<point-of-no-return>
Stock or Custom? Stay with unmodded stock rom, if you don't need the features the cooked roms is offering you. If something goes wrong (dialer, keylogger, trojan, ...), then Samsung have to take all the blame and financial loss for you. But only, if you're really carefull yourself about third party Apps. Install only from trustworthy sources and ask yourself, if the App should really get all the permissions it is asking for. Maybe an alternative App will do the same work but beeing less demanding?
Root What? If you don't understand the consequences of root permissions, then it probably is not what you should looking for.
Opensource or Closed? Only entrust third party ROMs with opensource code. You might never take a look at it, but there are other tech savvy users/developers, who will raise the issues publicly, if there happens to be any, because they can read the source and point out the security holes and eventually fix them quickly too. Since I'm reading many questions about the PROS or CONS of unofficial and official CyanogenMODs: You should by now be able to answer this question yourself, if you're a security and privacy loving individual.
Themes or Hacks? If you're missing some features on your current phone, then reconsider to get your hands dirty and do the needed changes yourself. Or at least know howto take the supplied MODs apart and thoroughly compare the modified files with your current installed ones. There is a reason why big companies distributing files with at least a MD5 or SHA1 checksum, you know? But since ACE, GIO and the MINI (->galaxyics) are midrange devices targeting teens as consumers, security or privacy is something most of this users don't want/have to worry about. Anyway, if the changes are not applied to the executable codes (dex files) but rather considered as widely known as theming (change layout, PNGs, color or text codes), then you should be on the riskfree side to apply them without further notice. ...
Hope I could give the more concerned users some points to think about towards ROMs and MODs in general.
ToS
[x]
GTVHacker has announced on their blog (http://blog.gtvhacker.com/2014/google-nest-exploiting-dfu-for-root/) that their upcoming talk at Def Con 22 will feature unreleased exploits for 20 devices, including the Chromecast, being released in a 45-minute period. Hopefully their unreleased exploit won't be patched between now and then.
Lets hope this is true and Google doesn't figure out how it is done and patch it before we get it!
That have had this root method for awhile according to the link you posted...
It's there any benefit to having your chromecast rooted, anyways?
tooandrew said:
It's there any benefit to having your chromecast rooted, anyways?
Click to expand...
Click to collapse
Yes, depending on your wants/needs.
https://forum.xda-developers.com/showthread.php?t=2621784
tooandrew said:
It's there any benefit to having your chromecast rooted, anyways?
Click to expand...
Click to collapse
I was one who argued earlier that there was no real need for it....
But at that time Developer support was limited and scarce!
Now I would have to argue that Rooting (and flashing Eureka) is a desirable thing to have as the Whitelist is becoming more of a hinderance than it once was.
Where there was once maybe 20 developers working on support and Goggle was quick to update the whitelist to get as much support to the public as possible....NOW there are probably 100's (maybe even 1000's) working on Apps that support CCast and waiting for Google to whitelist their projects and as we have seen recently, Things like Mirroring have been around and working for close to two months yet many are denied from using it due to the Whitelisting restrictions.
As time goes on...Having Root will be much more worth having than it was back in December and January.
So this is good news if you ask me! and YES rooting is becoming much more worth having than it used to be!
Asphyx said:
I was one who argued earlier that there was no real need for it....
But at that time Developer support was limited and scarce!
Now I would have to argue that Rooting (and flashing Eureka) is a desirable thing to have as the Whitelist is becoming more of a hinderance than it once was.
Where there was once maybe 20 developers working on support and Goggle was quick to update the whitelist to get as much support to the public as possible....NOW there are probably 100's (maybe even 1000's) working on Apps that support CCast and waiting for Google to whitelist their projects and as we have seen recently, Things like Mirroring have been around and working for close to two months yet many are denied from using it due to the Whitelisting restrictions.
As time goes on...Having Root will be much more worth having than it was back in December and January.
So this is good news if you ask me! and YES rooting is becoming much more worth having than it used to be!
Click to expand...
Click to collapse
Is there a list of apps that Google won't support yet and are added to custom whitelist? I do have Eureka ROM but chose to run official whitelist because the updates to popular or prominent apps gets there faster. I wouldn't mind having a look at some of the smaller developers and what features they offer, you can always find a gem or two there.
jasenko said:
Is there a list of apps that Google won't support yet and are added to custom whitelist? I do have Eureka ROM but chose to run official whitelist because the updates to popular or prominent apps gets there faster. I wouldn't mind having a look at some of the smaller developers and what features they offer, you can always find a gem or two there.
Click to expand...
Click to collapse
I could be wrong but I thought the "lag" was addressed a couple of builds back and there should be near-zero "lag" between a Google whitelist and Team Eureka whitelist now.
bhiga said:
I could be wrong but I thought the "lag" was addressed a couple of builds back and there should be near-zero "lag" between a Google whitelist and Team Eureka whitelist now.
Click to expand...
Click to collapse
I think you are right, I went to the project's file repository and noticed a whitelist-sync script. I guess it is safe to go back to Eureka provided whitelist.
jasenko said:
Is there a list of apps that Google won't support yet and are added to custom whitelist? I do have Eureka ROM but chose to run official whitelist because the updates to popular or prominent apps gets there faster. I wouldn't mind having a look at some of the smaller developers and what features they offer, you can always find a gem or two there.
Click to expand...
Click to collapse
Well Google's Mirroring app is the first one I'm sure about....
Not sure what else Team Eureka has included that is not on the official Google list....
The benefit isn't so much the MORE you can do it is the fact that when a MORE is found that Google is dragging it's feet on Eureka can add it to the list provided someone else has access to that feature.
And any developer who wanted to, could ask Eureka to whitelist their app should Google decline to do so...
Not many of those have popped up yet that I know of but in the future it will happen at some point.
ahecht said:
GTVHacker has announced on their blog (http://blog.gtvhacker.com/2014/google-nest-exploiting-dfu-for-root/) that their upcoming talk at Def Con 22 will feature unreleased exploits for 20 devices, including the Chromecast, being released in a 45-minute period. Hopefully their unreleased exploit won't be patched between now and then.
Click to expand...
Click to collapse
Any news, new insights regarding the Def Con exploits? Chromecast still on the list?
Bazzz66 said:
Any news, new insights regarding the Def Con exploits? Chromecast still on the list?
Click to expand...
Click to collapse
No and the LESS NEWS the BETTER if you ask me....
I don't want Google getting even the slightest hint at what it may be for fear of them Patching it before we get our hands on it!
Bazzz66 said:
Any news, new insights regarding the Def Con exploits? Chromecast still on the list?
Click to expand...
Click to collapse
The talk is Saturday at 10am. We'll find out then.
Everyone is anxious
I'm a Brazilian without English Course, sorry and be comprehensive
Everyone worried about Google patching your unit before the exploit comes out... Do what I did.
UNPLUG IT!
Your unit can't update if it has no power.
Well, it's Saturday and it's past 10AM in Las Vegas. Is there any news about the root exploit? I haven't seen anything on XDA or /r/chromecast about it.
obsama1 said:
Well, it's Saturday and it's past 10AM in Las Vegas. Is there any news about the root exploit? I haven't seen anything on XDA or /r/chromecast about it.
Click to expand...
Click to collapse
Well unless they are posting from the venue you are not likely to get any reports until about 8 or 9 PM Eastern.
Saw a recap on another website of the talk, but they didn't mention the Chromecast at all on the post. I hope it's real. I guess we'll have to keep waiting.
Information from defcon is up on http://dc22.gtvhacker.com, but there is no mention of any new root exploits, same old info from what i can see?
fldc said:
Information from defcon is up on http://dc22.gtvhacker.com, but there is no mention of any new root exploits, same old info from what i can see?
Click to expand...
Click to collapse
They're still in the process of updating the content on the site it looks like. Other devices haven't had their root methods released yet either.
Someone asked them on Twitter if new info on the Chromecast was out and they replied with "not yet " which leads me to believe they may not be releasing it just yet? Or perhaps like you said r3pwn, they haven't added it to their page yet.
Hi everyone!
I heard a lot of whining about locked bootloaders and answers just to pay for unlock and etc. However no so long ago in august on xda appeared http://www.xda-developers.com/android/qualcomm-security-exploit-djrbliss/ post about new exploit in quallcom soc's which should obviously affect our phone. This could really help for people like me with locked bl.
So has anyone heard something about using it IRL?
Arstorm.Z said:
Hi everyone!
I heard a lot of whining about locked bootloaders and answers just to pay for unlock and etc. However no so long ago in august on xda appeared http://www.xda-developers.com/android/qualcomm-security-exploit-djrbliss/ post about new exploit in quallcom soc's which should obviously affect our phone. This could really help for people like me with locked bl.
So has anyone heard something about using it IRL?
Click to expand...
Click to collapse
There is no unofficial unlock of bootloaders available
This has been talked about before
If you read the last paragraph of the article you linked to (Seen here http://prntscr.com/4ph7dk) you will see that although the vulnerability was found it is also not going to be released to the general public, but given to the OEMs so they can fix it.
While this is a notable discovery, it poses no immediate threat since Rosenberg did not release his exploit to the public, which allows manufacturers to patch it before any serious damage is done. Have a look at his full report in this summary image.
Click to expand...
Click to collapse
Also, there should be no advertising of paid for services on XDA, especially since if you can unlock your bootloader it is free to do it the official way and if anyone is taking your money for an unofficial unlock you are most likely being conned because there is no unofficial unlock.
Thank you for the reply! Unfortunately highly likely there is no official way to unlock my bl. My phone is sim-free but bl unlock is not allowed so I have no idea how to unlock it.
Also I checked comments section and found "On the summary page are enough information for any dev to write a exploit " http://www.xda-developers.com/android/qualcomm-security-exploit-djrbliss/#comment-1538589467
I'm just worried because after the end of support from sony there will be no possibility to switch to newer versions of android.
If we were somehow able to unlock the bootloader and install custom ROMs, would this solve the Google ban problem or is the device itself banned?
fach1708 said:
If we were somehow able to unlock the bootloader and install custom ROMs, would this solve the Google ban problem or is the device itself banned?
Click to expand...
Click to collapse
You should, in theory, be able to install opengapps if it came down to it.
There isn't an issue though as Google has already, on multiple occasions now, stated that current devices will not have their access revoked.
If people could read the news stories it would help...
NJ72 said:
There isn't an issue though as Google has already, on multiple occasions now, stated that current devices will not have their access revoked.
If people could read the news stories it would help...
Click to expand...
Click to collapse
If you could read news you would know that current devices will lose support after 90 days
No, Google has said that all existing devices will be supported with security patches.
BBC News - Huawei's use of Android restricted by Google
https://www.bbc.co.uk/news/business-48330310
"Existing Huawei smartphone users will be able to update apps and push through security fixes, as well as update Google Play services."
This has been reiterated by Google themselves. So please, read before trying any one-up-manship thanks.
NJ72 said:
No, Google has said that all existing devices will be supported with security patches.
BBC News - Huawei's use of Android restricted by Google
https://www.bbc.co.uk/news/business-48330310
"Existing Huawei smartphone users will be able to update apps and push through security fixes, as well as update Google Play services."
This has been reiterated by Google themselves. So please, read before trying any one-up-manship thanks.
Click to expand...
Click to collapse
Now let us talk about the difference of OS-Updates/Fixes and Application-Updates/Fixes.
It is a fact that newer Android Releases aswell as Security Updates for the P30 Pro are in jeopardy - not currently but atleast after the temporary license has been withdrawn.
Also Google removed the Mate 20 pro from the Android Q Beta:
https://9to5google.com/2019/05/21/huawei-mate-20-pro-android-q-removal/
Please read the post you've quoted, as well as all the other websites reporting on this.
ALL EXISTING HUAWEI DEVICES WILL BE ABLE TO RECEIVE SECURITY FIXES NOW AND IN THE FUTURE AS PER EXISTING AGREEMENTS.
Beta access is completely different.
https://9to5google.com/2019/05/19/google-existing-huawei-phones/
Read the tweet in the link above from the official Android Twitter account.
NJ72 said:
Please read the post you've quoted, as well as all the other websites reporting on this.
ALL EXISTING HUAWEI DEVICES WILL BE ABLE TO RECEIVE SECURITY FIXES NOW AND IN THE FUTURE AS PER EXISTING AGREEMENTS.
Beta access is completely different.
https://9to5google.com/2019/05/19/google-existing-huawei-phones/
Read the tweet in the link above from the official Android Twitter account.
Click to expand...
Click to collapse
In those links my Browser wasn't able to find the Text which you typed in while your Capslock was active.
And the tweet from Android only tells something about Apps and the Playstore, aswell as all other sites. They don't mention that Huawei Users will be able to get Android Q or further Android Versions <-- but that is the biggest point!
Nobody can guarantee if Huawei will provide us with a stable Android Q version. Especially since they announced that theywill provide/are working on their own Operating System.
Let's tackle things in the order you've posted them:
1- I didn't put them in quotation marks, as such it is not lifted directly from a website linked or otherwise (apart from now this one I supposed). It was a paraphrase of all the other websites reporting on the issue.
2- The tweet (along with other sites) state that all future security patches and updates will be made available.
3- Android Q is irrelevant at this point. Security patches are not equal to future OS versions. Android Pie will be supported up to a point, and will continue to receive security patches. The P30 Pro may never get Android Q, I don't recall it ever being promised that it would receive Android Q. If I'm incorrect, and it was promised, then please provide the information. As an extension of this, however, Android Q can still be provided to the P30 Pro through the AOSP which has also been stated in numerous articles and news stories - both linked above and not.
Finally, to reiterate for the people at the back (and this is a direct quote):
"Huawei will continue to provide security updates and after-sales services to all existing Huawei and Honor smartphone and tablet products, covering those that have been sold and that are still in stock globally."
This isn't from a particular link, but is from Huawei themselves. (a copy of this can be found at this link, as well as many others: https://www.standard.co.uk/tech/huawei-google-ban-mean-for-huawei-phone-owners-a4146211.html )
I don't know what is hard for people to understand about this, I really don't. This ban (until it is lifted, which is a whole other discussion) will only affect currently unreleased devices, all existing devices will continue to function as intended, with no disruption to service from either Google, Android or Huawei - something that has been directly stated by all 3 separate entities.
Would you like me to provide any more direct quotations on the matter? Alternatively please contact Huawei directly, as they will forward you on their official statement, as they have done to me and likely everyone else who has contacted them about their P30 Pro.
Regarding Android Q, although it was not technically 'promised', I think that it is expected when you purchase a flagship phone for a lot of money. I expect a lot of people would not have purchased the device if they knew that it would never be updated to newer future versions of Android. I certainly would not have.
I'm just hopeful that if it comes to it, Huawei will be able to use the AOSP code to provide us with Android Q.
Ultimately this is all irrelevant speculation (IMO) as Lord Trumpington is just using this as a power-play to try and strong arm a trade deal with China. Once the trade deal is finalised all trade blocks will be lifted and things will go back to normal.
NJ72 said:
Ultimately this is all irrelevant speculation (IMO) as Lord Trumpington is just using this as a power-play to try and strong arm a trade deal with China. Once the trade deal is finalised all trade blocks will be lifted and things will go back to normal.
Click to expand...
Click to collapse
Hopefully you're right