There are plenty of good reasons to buy a Pixel, but for many, it's the unlockable bootloader that's most appealing. Imagine the disappointment when some Pixel 2 devices from the Google Store showed up without an unlockable bootloader. Google seems to have gotten right to work on the bug, and it's now fixed. Read More
Many people, like myself, look at Google's phones for one specific reason: they have an easily unlocked bootloader. That means when software support runs dry, or you get the itch to root/ROM, you can modify things without having to compound any potential security concerns with additional issues like exploits or undocumented software. If that's your motivation too, this news could be a small concern. Some Pixel 2s purchased directly from Google seem to have locked-down bootloaders. Read More
This flew under our radar back at I/O, but it's big news. On compatible devices, the new Verified Boot changes in Android 8.0 Oreo will prevent a device from booting should it be rolled back to an earlier firmware. The new feature is called Rollback Protection. So if your phone is flashed with older software, you (and your data) are protected from whatever potential security vulnerabilities may have been present in earlier versions. Read More
Back in 2015, LG officially started allowing customers to unlock bootloaders of select LG phones. You would still void your warranty, but you had the option. Now the bootloader for the 'H840' variant of the LG G5 can be officially unlocked. Read More
OnePlus is something of a darling among Android power users, shipping phones that can be bootloader unlocked without any special permissions or codes. But security researcher Roee Hay found that the OnePlus 3 (and the revised OnePlus 3T) are rather more open than was probably intended. With two native fastboot commands, Hay found he could install unverified boot images and disable the verified boot feature, all without actually unlocking the bootloader with the familiar user-accessible command. Which is, well, bad: it basically means anyone can run malicious code on the phone without resetting the user's data. Read More
For years, Google's Nexus line could be counted on for one thing, an unlockable bootloader. While carriers have occasionally had limited freedom to defile customize certain models sold through their service, owners were at least free to either modify the stock software or completely replace it with custom builds.
It goes without saying people were more than a little disheartened to learn Google's second attempt to team up with US carrier Verizon lead to yet another disappointing result: the Google Pixels sold through VZW have non-unlockable bootloaders. In fact, there are at least two carriers selling non-unlockable Pixels. The other is EE Limited (formerly Everything Everywhere) in the UK. Read More
The SafetyNet API is the bane of root and custom ROM users everywhere. For those unfamiliar, it is part of the Google Play Services API that is designed to detect modified devices. If your system is tampered with in any way, be it rooted or a custom ROM, the SafetyNet check will fail. Android Pay, among other applications, uses this API and will fail to run if SafetyNet fails.
Reports are coming in from Reddit and our own tip box that SafetyNet appears to fail on some bootloader-unlocked devices, even if the device has not been modified in any other way. Devices confirmed to have issues include the Nexus 6P, OnePlus 3, and Nexus 6. Read More
Security has been a hot topic on Android for many years, particularly as smartphones take on increasingly significant roles both at home and at work. A single device acts as your main form of communication, contains personal photos and confidential documents, and may even have access to your finances. Google and other companies have made significant investments in time and money to ensure these devices are very hard to break into. However, a vulnerability was recently discovered in some phones that compromises important security measures and opens devices up to various types of attacks. The worst part is that it was created intentionally by a manufacturing partner contracted to build the phones, and the OEMs that designed the phone had no idea. Read More
Thought that Verizon was warming up to the idea of less carrier intrusion because there aren't any obnoxious Verizon logos on the device? Well, you thought wrong. Just minutes before the event, @evleaks tweeted that the Verizon Pixels' bootloaders would not be able to be unlocked; that information has now been affirmed by a Google representative at the San Francisco event. Read More
Motorola's relationship with unlockable bootloaders, and thus with the ROM-flashing aftermarket community, can be summed up as "complicated." While its default approach is to offer a consumer-friendly bootloader unlock on most of its phones, it nonetheless bows to the whims of its carrier masters (Verizon and AT&T) whenever they insist that said feature be disabled, and they don't offer those handy full-price Developer Editions anymore, either. Add Amazon to the list, because the retailer's customized, super-cheap edition of the fourth-generation Moto G can't be bootloader unlocked. Read More