OnePlus is something of a darling among Android power users, shipping phones that can be bootloader unlocked without any special permissions or codes. But security researcher Roee Hay found that the OnePlus 3 (and the revised OnePlus 3T) are rather more open than was probably intended. With two native fastboot commands, Hay found he could install unverified boot images and disable the verified boot feature, all without actually unlocking the bootloader with the familiar user-accessible command. Which is, well, bad: it basically means anyone can run malicious code on the phone without resetting the user's data. Read More
For years, Google's Nexus line could be counted on for one thing, an unlockable bootloader. While carriers have occasionally had limited freedom to defile customize certain models sold through their service, owners were at least free to either modify the stock software or completely replace it with custom builds.
It goes without saying people were more than a little disheartened to learn Google's second attempt to team up with US carrier Verizon lead to yet another disappointing result: the Google Pixels sold through VZW have non-unlockable bootloaders. In fact, there are at least two carriers selling non-unlockable Pixels. The other is EE Limited (formerly Everything Everywhere) in the UK. Read More
The SafetyNet API is the bane of root and custom ROM users everywhere. For those unfamiliar, it is part of the Google Play Services API that is designed to detect modified devices. If your system is tampered with in any way, be it rooted or a custom ROM, the SafetyNet check will fail. Android Pay, among other applications, uses this API and will fail to run if SafetyNet fails.
Reports are coming in from Reddit and our own tip box that SafetyNet appears to fail on some bootloader-unlocked devices, even if the device has not been modified in any other way. Devices confirmed to have issues include the Nexus 6P, OnePlus 3, and Nexus 6. Read More
Security has been a hot topic on Android for many years, particularly as smartphones take on increasingly significant roles both at home and at work. A single device acts as your main form of communication, contains personal photos and confidential documents, and may even have access to your finances. Google and other companies have made significant investments in time and money to ensure these devices are very hard to break into. However, a vulnerability was recently discovered in some phones that compromises important security measures and opens devices up to various types of attacks. The worst part is that it was created intentionally by a manufacturing partner contracted to build the phones, and the OEMs that designed the phone had no idea. Read More
Thought that Verizon was warming up to the idea of less carrier intrusion because there aren't any obnoxious Verizon logos on the device? Well, you thought wrong. Just minutes before the event, @evleaks tweeted that the Verizon Pixels' bootloaders would not be able to be unlocked; that information has now been affirmed by a Google representative at the San Francisco event. Read More
Motorola's relationship with unlockable bootloaders, and thus with the ROM-flashing aftermarket community, can be summed up as "complicated." While its default approach is to offer a consumer-friendly bootloader unlock on most of its phones, it nonetheless bows to the whims of its carrier masters (Verizon and AT&T) whenever they insist that said feature be disabled, and they don't offer those handy full-price Developer Editions anymore, either. Add Amazon to the list, because the retailer's customized, super-cheap edition of the fourth-generation Moto G can't be bootloader unlocked. Read More
If you want to make deep and lasting changes to your device, you need to unlock the bootloader. Not all phones can be unlocked, but you can add the LG G5 to the list of those that can. Well, the unlocked international G5 (H850). It's now supported by LG's official unlock tool. Read More
If I were to say that I'm going to flash a new system image to your Nexus phone without attaching a USB cable, you might think I'm a little crazy. Well, I could be a little crazy, but that thing about the cable is definitely coming true in the very near future. Google has added networking support to the fastboot tool. When paired with a phone with a supported bootloader, it will be possible to perform all of the usual fastboot commands wirelessly.
In a recent commit to AOSP, support for the TCP protocol was added to fastboot. The Transmission Control Protocol (TCP) is one of the basic building blocks of communication on the Internet, used for reliable transmission of data from one point to another. Read More
Any grizzled veteran of the aftermarket Android community (well, grizzled, in the sense that said community has been around for less than a decade) knows that users complaining about bootloaders is nothing new. Locked phone bootloaders with no user-accessible unlock option have become less of a contentious issue of late, now that customers on Neolithic carriers like AT&T and Verizon have more hardware options. But frustration is brewing in the growing and dedicated fanbase of Chinese manufacturer Xiaomi.
The XDA-Developers blog reports that Xiaomi has added locked bootloaders to several of its phones, including the Redmi Note Pro, Mi 4c, and Mi Note Pro, some of which are getting new bootloaders installed with the latest firmware. Read More
Motorola has always offered an official bootloader unlock option for the Moto X devices, but not all variants have been eligible. Specifically, AT&T and Verizon have blocked the process. Now, that's starting to change with the addition of Verizon's 2014 Moto X to the list of unlockable devices. Read More