Last Updated: March 22nd, 2011

What an absolutely insane week it has been for unlocking encrypted and signed hardware!

Update: How disappointing - nenolod turned out to be a fraud, and the whole thing was a hoax. It seemed too good to be true, and it was.

First, the Thunderbolt, which turned out to be HTC's most closed off device ever, was cracked wide open by team AndIRC within days after release, including our own Justin Case (jcase), Jamezelle, scotty2, and others.

This morning, however, we are seeing light at the end of the tunnel for devices that have been uncracked for many months - namely, Motorola Milestone and possibly Droid X, Droid 2, Charm, and other devices from the Sholes family (this, apparently, does not include the Atrix 4G).

On these devices, only updates (called SBF on Motorola devices) signed by Motorola's own private key are allowed by the boot loader - in all other cases, you end up in recovery, and the only way back is by going back to a Motorola-approved image. You can read more about this technology, called eFuse in Motorola's case, here. So, if the private key used to sign updates for these devices were somehow found or reverse engineered, it would be possible for developers to trick the boot loader into loading both custom recoveries and custom ROMs, including tweaked kernels, effectively opening up the whole device to the level that we can consider fully unlocked.

And now it's time for you to meet William Pitcock, otherwise known as @nenolod. This morning, William posted the private key used by Motorola to sign all the images along with a few other useful strings that will allow developers to create valid signed updates that can get past the boot loader, including custom ROMs and recoveries. Taking a jab at Motorola, nenolod also said this:


While it may look a bit spiteful at first glance, William's ticked off message was apparently caused by the fact that Motorola knew about the vulnerability he used to reverse engineer the key, but did nothing about it for 3 months. William is a responsible engineer and at first tried to deal with the issue privately by taking it to Motorola directly. After receiving no response and giving them multiple warnings, he released the information online.

Guess how long it took Motorola's legal team to contact him this time, forcing the takedown of the keys (hint: 2 hours).

  • December 20th, 2010 — Motorola notified of keystore vulnerability. No response received from Motorola.
  • February 20th, 2011 — Motorola notified again of keystore vulnerability. No response received from Motorola.
  • February 27th, 2011 — Motorola notified that keystore vulnerability will be disclosed to public on March 20th. No response received from Motorola.
  • March 20th, 2011 — Keystore signature generation vulnerability publically disclosed including private key leak. Response received from Motorola legal.

So, what devices does today's leak affect? We know for a fact that it works on the Milestone (if you are a Milestone user, you should be ecstatic right now) and Droid 1 (though key verification was never enabled by Motorola in the boot loader on this device). Devices that are suspected to be signed by the same key are: Droid 2, Droid X, Charm, and possibly others. I jumped on IRC and talked to William about them, but he could not verify compatibility outside of the Droid/Milestone, because he simply did not have other devices on-hand (he has a G2 now).

Unless Motorola changed the encryption key in OTA updates and newer devices released after William reported the issue in December, they should still remain vulnerable. And even if Motorola did change the keys, there is a good chance the same vulnerability was never closed, which would allow such keys to be reverse engineered on a per-device basis.

William passed all the necessary information to the group called @FreeMyMoto, who will be exploring all the options and hopefully providing further details about each of the devices in question. You can join the discussion in ProjectBootloaderFreedom's IRC chat at chat.freenode.net, channel ##pbf (that's right, 2 hashes).

TL;DR: Key used to sign updates for Droid/Milestone has been reverse engineered and published today. It possibly applies to other devices, such as Droid 2, Droid X, and Charm. These devices are now theoretically unlocked to allow custom ROMs and recoveries, with more details to follow.

The minute we post the keys here, Motorola's legal team will show up with a C&D. Thus, to preserve the information, I recommend retweeting nenolod's tweets, reposting screenshots, and spreading the information in whatever way you see fit.

Source: nenolod, @nenolod

Artem Russakovskii
Artem is a die-hard Android fan, passionate tech blogger, obsessive-compulsive editor, bug hunting programmer, and the founder of Android Police.
Most of the time, you will find Artem either hacking away at code or thinking of the next 15 blog posts.

  • rpri214

    :))) I like!!! ... even if i don't own a moto device - it will make some friends of mine really happy - thx for sharing

  • Tom

    Please work with the DX!

  • Me

    Why even bother with this nonsense? It will be back-and-forth with Motorola so long as they keep up this insane desire to keep the bootloaders locked. Just go with a Galaxy S or something else that comes with an unlocked bootloader. Unless Motorloa relents, custom flashing will never be truly safe.

  • Dan

    All reasons not to buy a motorola, I won't buy the atrix even though I love the specs and product just cause Motorola is a bunch of assholes. now that HTC might be following suit looks like i won't be buying from them either

  • Al

    What I don't really get is why the companies do this. Who are they protecting by implementing these measures?
    I, as the owner of the device, want to mod my phone, why does Motorola care? This isn't even like the console situation where they are trying to protect the revenue from games.

  • Drae

    I hear it's a hoax; here's to hoping it is not!

  • Wishful_Starrr

    The Moto community just got trolled.

  • Greven

    Played. So hard. I'll just go back to my Atrix and cry now. Why can't I just have a perfect phone? It's really not an unreasonable request, I don't demand it be cheap, just give my a top-hardware, clean-software, open phone. That's all.

  • JackTheMan

    A hoax - take this off!!!

  • @$$ O

    I hope his kids have leg problems. Ass-fucking clown.

  • Xander Cage

    the bootloader is blocked because in the u.s there are agreements between carriers and phone companies. it works like this:
    carrier C advertises phone model M made by phone company P.
    C pays P to develop updates for M so that C can advertise slogans like 'only C offers you M with the latest android'.
    P keeps M locked to make sure only C's customers can have a official up to date M.
    In Europe, Asia, Africa and Australia such agreements are not made between carriers and phone companies.
    (At least to me) The main problem is that the Milestone 1&2 are made specifically for non-u.s markets so why shouldn't we, the Milestone 1&2 users be allowed to have a unlocked bootloader? Because if that would be the case, all other Moto phones that have the bootloader locked and are the same all over the world (Defy, Atrix etc) would have a sudden drop in sales because most of the users would buy the unlocked devices.