10
Feb
image

Update: You can download a batch script to root your DROID 4 now (you'll need to have USB debugging and Unknown Sources enabled in the Application settings menu). Find the file on this page, and if you can spare it, take the time to donate to Dan Rosenberg for finding the exploit. All proceeds will go directly to charity, in this case, the American Red Cross.

Widely known and respected security researcher Dan Rosenberg has evidently uncovered a root method for the Droid 4, in addition to a universal Motorola root method. Though the Droid 4's root access was discovered less than a day after its release, both exploits are being withheld until a $500 bounty is raised.

image

Unlike the mod efforts in search of predetermined bounties we've seen in the past, Rosenberg is asking that a $500 bounty be raised after the fact, and explains that it is being raised for a good cause. According to Rosenberg, the first $200 collected will go toward buying a Droid 4, while the remainder will be donated to the American Red Cross.

This certainly puts a refreshing philanthropic twist on Android development and security research, and is a commendable move on Rosenberg's part. If you'd like to donate to the cause, just click through to We Pay. Of course we'll keep you up to date on the exploits when they are released.

Via My Droid World

Liam Spradlin
Liam loves Android, design, user experience, and travel. He doesn't love ill-proportioned letter forms, advertisements made entirely of stock photography, and writing biographical snippets.

  • Caleb B

    Take that to the face Mototrolla.

  • http://www.theandroidsite.com Ben Marvin

    A reverse bounty? That's a new one. At least it's for charity and not just some scumbag looking to extort money.

    • Tom

      He just wants a Droid 4 for himself, what a scumbag.

      • Ian Stephenson

        At least he's doing good by giving back to both the Android community and the American Red Cross. Don't be such a fucking asshole, you scummy little bitch.

      • angermeans

        For the work these devs do they deserve a phone. If you've rooted or installed any of their projects you would know what I mean. I've donated countless times to get phones for the people with the talent to extend the lives of our phones. If you dont know the work that goes into it then just be quite.

  • Andrew

    well damn, i dont have $500 since i spent most of it on the phone lol

    come on people, donate!

    • Bo

      I still see it as pretty scumbag, unless all of it's going to charity. But I guess you could say his half is "charity." either way, someone else will figure it out soon enough. Walking a fine line, he is.

      • http://www.AndroidPolice.com Artem Russakovskii

        It is a bit of a gray area when it comes to asking for a device after you've already rooted it, rather than just trying to get one in order to try to root it.

        But who are we to judge? This guy is a very respected security researcher, he deserves a whole lot more for what he's done and all the hard roots he's discovered and published. Though I do wish he did it the conventional way and asked for donations after releasing the root.

  • pachi72

    What an ulgy phone...looooook at the bezel..

    • JoeJim

      It must get boring staring at your phone all day. Since looks are all that matter to you, that must be what you do with it. Me, I use my phone all day so I couldn't give a crap about what the bezel looks like.

      • angermeans

        No I agree. I've always been a fan of the Droid series phones, but the Droid 4 is ugly as all hell. The keyboard is great, but the phone is hideous. I don't know what Motorola was thinking when they gradually made the phone wider from the middle to the top. I am not a fan of the Motorola "let's just cut off the corners and ship" ideal. The Droid Razr, Droid Xyboard, and now Droid4 (the worst of them all) really are ugly looking devices. I agree that phones dont always have to look the best if what they offer is actually a benefit, but if your going to lock your bootloaders and make users use Blur then at least spend a little more time in prettying up your Android offerings.

  • Jeff Tarman

    So FIRST we have to pay $200 to buy the new D4 for him and then after the next $300 (which is nice that it's going to charity) is paid, we'll get the method?

    $110.00 has been collected at the time of this post.

    To the author of this post, please follow up with the method(s)

    Thanks

    • http://www.AndroidPolice.com Artem Russakovskii

      You mean follow up when the root is released? Sure, we'll do that.

  • Jaymoon

    I understand most of the money is going toward charity (or so he says...), but this is still a pretty sleazy thing to do.

    Not only is it bad taste this time, but now every one in the future will consider this model before releasing rooting methods. No promises the amount won't be higher for more higher profile devices, and who's to say the next guy will even consider charity donations?

    Just release your method, and slap a PayPal donate button right above and below the download link. If people think it's worth something, they'll donate.

    I sure hope someone releases their own method before this guy reaches his "goal". That'll show 'em! :P

    • JoeJim

      If you think it's sleazy, does that mean you give away your work and services? Why is it that when a software or computer expert wants to charge a fee for their services it’s sleazy?? A software engineer works hundreds of hours writing an app and people attack him when he dares to ask for a few dollars for his work. Does your stylist cut your hair for free... no? what a sleazy. Does your electrician wire your house for free... no, what a sleaze. Does your doctor heal you for free... no? what a sleazy. Do you get paid at work... yes? what a sleaze you are. I am sick and tired of the people expecting everything for free. If you don't like it, you go ahead and figure out how to root a phone on your own. Or you, and the rest of the community, could have donated 5 or 10 dollars each and say thank you to Dan for his work. But instead, you attack him. I for one am sad Dan caved into all the abuse and released the root anyway. Now he may not even bother to do anything next time.

  • ZEROibis

    With as fast as this was rooted perhaps this will free up some energy toward cracking the boot loader...

  • Babs

    Respected, commendable move?! Sounds like cheap greedy bastard to me!

    • Cameron Summerson

      Then you clearly don't know much about Dan Rosenberg.

    • http://www.AndroidPolice.com Artem Russakovskii

      I'm not here to take sides, but Dan has a long history and a long list of exploits, security research, and other incredibly insightful things he's released to the public, for free (http://vulnfactory.org).

    • BeatBlaster

      And you sound like someone who never donates. A donation is a very simple and affordable way to show appreciation for all of the time that goes into developing cool stuff for the rest of us to play with. ARGH I gotta stop posting here before I say something stupid.

  • BeatBlaster

    If everyone who used the exploit simply donated $1 freaking dollar (or 2 or hell maybe even 3!) these types of bounty wouldn't be difficult to exceed at all. If only I'd gotten $1 every time someone downloaded a copy of a theme I work on we'd have some pretty decent cash. Then again, I'm not complaining. Just proving that the smart phone community in general is filled with tons of cheap asses who really think spending $1 on hard work is either unjustified or just flat out unfair. Sad but true.

  • http://www.AndroidPolice.com Artem Russakovskii
  • eman

    This is no longer a donation anymore. He is charging the users $500 for his root method. Let's not confuse the two. Where the money is going is irrelevant. I hope others don't follow this route because it is going to suck for us! Another bad trend started in the Android community. Thanks buddy!

    • Justin

      Jeez he has now released the method for FREE and said any and ALL donations will go to charity. God forbid the guy might want to get a little something for his hard work. That's just wrong because Android is open source so that means peoples time and work is suddenly worth nothing.

  • tinyt

    I'm sure he won't be the only one to figure it out over the next few days.

  • STiK

    You all realise that you probably just alienated an asset to this community. The guy pulls exploits out of his ass in record time and all you people can do is bitch that he is wanting a little back for his efforts? It's really no different from charging a fee for an app on the market except he can't charge a fee on the market for a root exploit. I think the $200 for a phone is fair and I also like the fact that instead of making money for himself, he's sending some to charity. I understand the issue of "Donations" but if he just charged a small fee to purchase the exploit, one person would pay for it and it would be released to the public for all to use. It sucks that it has to be done the donation route but there really is no other feasible way to do it. If he decided to come straight out and say "I have an exploit and it's going to cost the community $500 to release it" you all would bitch about that as well. It's a no win for him... Fact is, you all want something, want it now, and want it free. Anything else is unacceptable. Frankly, I'm ashamed to be part of the android community at times because of shit like this. :(

    • scott

      But you're proud of someone holding an exploit/root hostage? Odd, indeed.

      • Shabbypenguin

        as someone who has worked with him in the past (worked being the key term, its mostly he shows up and goes ho hum this is how its done while i sit there drooling on myself) he has given android a lot more than he has taken in. the issue iwth posting a donate to me sticker on anything is that its going to get stolen and repackaged as a one click by someone else.

        people download superone click and think nothing of it and/or donate to them (not saying they dont deserve it, but they made a pretty little program.. hes the one making sure it works in the first place..

        • scott

          And I'm not doubting a word you said, nor diminishing the plethora of contributions he's made; it's "how" he went about it originally, not "why".

      • STiK

        I suppose he could have appeased those like yourself and lied about it by asking for donations in this same way and he would find a root for the phone and give the rest to charity. You'd all throw your money at him then lol

  • http://Www.cricketusers.com Chris

    Bounty removed. He should have stuck to his guns. No one is owed anything. Real loser is the American Red Cross.

    http://vulnfactory.org/blog/2012/02/11/rooting-the-droid-4-a-failed-bounty-experiment/

    • eman

      His intention was great, his execution was not...I am glad he removed the bounty and if I owned the device I would feel much better giving a donation at this point.

      Good move to the dev to remove the bounty, you almost brought the Android community back a huge step back.

    • STiK

      I have a Droid 3 that is off the upgrade path that this was able to root. I plan on donating $20 knowing it will go to the Red Cross.

    • http://www.AndroidPolice.com Artem Russakovskii

      He's donating everything to American Red Cross now.

  • eman

    Remember back in the day of Windows Mobile phones when donations didn't exist...

    Then the donation button was invented, then devs took it further and only released their new updates to this who donated...

    Now we are actually straight out charging for development...

    Guess next up CM10 will be $100 per device...

    How is this a good thing for the Android community?

    If you want money to go to a certain charity then just list that is where the money will go and people will donate freely without being forced.

    • Justin

      Yeah you are right. None of these devs deserve a thing for their hard work. However, the general Android community is OWED these folks hard work because they have been getting it for FREE in the past when donations weren't easy to do securely.

      • Justin

        By the way I forgot to add:
        /sarcasm

  • Shane
  • Shabbypenguin

    i think everyone is missing the big picture. he has released a bunch of exploits in the past. hes also helped in a lot of them. chances are if youve rooted since gingerbread youve prolly used some of his work. android is just a side thing for him, hes a security consultant, its his job to find exploits.. it however isnt his job to release them publicly for us. imagine how much this exploit could have been worth to a hacker?

    imagine a brand new root exploit brought about by malware. you guys all forget so far we have seen malware that is nice, imagine getting an app that formats your entire phone (even teh bootloader). how much would a guy like that be willing to pay for an exploit? or how about someone like symantec? they love causeing fake scares... why not make an app to scare people into buying the premium version? all im saying is the guy coulda made a LOT of money by selling it... instead we have people bitching cuz they didnt get it for free.

    he was willing to show it worked and had proof. so many people toss money at "devs" who get a device and disappear or just outright steal shit, dan is actually coming up with shit that interests us all and the best most of you can come up with is well "wtf sleazy asshole???"

    screw this crap im gunna go buy an iphone, at least there the people respect the guys doing work

    • eman

      No one is doubting his work but if we start to go this route, where will that bring us next? Will the price jump up to $1000 or $2000? Also the thing that sucks with something like this is you need a bunch of people to participate unless you are rick and can just pay the man $500.

      I don't know why people just think if you don't agree with the way someone goes about something it means you don't appreciate their work or you expect something for free. We all give something back to the Android community whether it be developing a Rom or helping a fellow community member un-brick his phone or just helping them change there wallpapee that they couldn't figure out.

      Oh, and to the iPhone...Yeah, that's where the cool crowd is. lol

  • strra

    flashbacks of the touch pro 2 unlock...

    • eman

      lol, I was there for that one!

  • John

    its too bad one cant contribute to the charity itself, or show charity proof of payment so we know its really going there. I call BS on the charity line!!

  • http://liquidsmoothroms.com jbroom

    This exploit also roots those of us that lost root on the latest update (5.9.902) on the Bionic.

    So in short if you want to update to 5.9.902 then root you can now... no more reverting back just to root!

  • D.D.

    Ungrateful android cheapskates.
    Sent from my Nokia 3600 slide.

  • Dark

    I haven't checked Android Police for a few days because of some software testing I was doing. Man I am upset that I missed this. Would of gladly donated. Donations are closed now unfortunately. However, I would like to say thank you for this exploit and all the hard work you do. Don't let the few people that want to throw a hissy fit discourage you. Keep up the great work and thank you again.

  • Justin Moody

    This is quite an old topic, but I was led here from Dan's blog regarding this experiment of his failing. As a web developer coding thousands of lines of PHP, HTML, CSS, jQuery etc. code on a single website, I can see nothing wrong with him getting a little fed up for the useless, ungrateful people here and throughout the Android community using his work which has in many ways pioneered development without repaying anything in return. $500 is an incredibly low amount in exchange for releasing a major milestone in the D4's development to increase its life-cycle. Had I known about this project before it was too late, I would have donated the full amount myself.

    But for those of you labeling him as a "scumbag" and his actions "sleazy", you should all be ashamed of yourselves and realize that Dan may look at this situation and declare it a deciding factor to never contribute to the community in the future. It is people like you that demand instant gratification and refuse to even relay some gratitude in return that caused me to stop development on my own ROM for the Droid X2, sell the phone and get something newer. A ROM (Affinity ROM) that in it's first beta had only one minor layout issue, but was made up for as being one of if not the fastest ROM for that phone. That is simply information that was said to me about the few gracious users of my ROM, so please don't take that reference as an attempt of showing my ego.

    If you have a problem paying even $5 to someone that worked hours on something for you, the solution is simple: Either show some respect or get out of my community!