來源:http://www.xda-developers.com/android/keys-for-motorola-phones-bootloader-finally-hacked/
摩托羅拉兩個小時之後就向他們發出了律師函,空歡喜一場
3/21 的原文訊息
Keys for Motorola Phones’ Bootloader Finally Hacked!
March 21, 2011 By: egzthunder1
Many, many moons ago, there was a heck of a security implementation used by one of mobile world’s giants, Motorola. The system they used was a very similar system to the one used to protect the once unhackable PlayStation 3. So, while most Motorola devices have already been rooted, no custom recovery could be used due to this very secure platform. Well, guess what happened on March 20, 2011? As it turns out, the keys that were generated to protect the device had a small flaw in the sense that they were left unprotected as they were believed to be secure. A hacker by the name of Nenolod has posted a very thorough explanation on what was done, what went wrong for Motorola, and how the dev has already been contacted by Motorola Legal :p (it really didn’t take them long, did it?). The whole crack was done by using the powerful math software known as Mathematica.
There are various threads about this throughout the site (in different Motorola device sub-forums), and most of them really haven’t got many details about this aside from some skepticism by many who have been going at it for many months. Most devices seem to be affected by this with the exception of the Atrix (so far anyways). If you would like to see more information on this, please visit nenolod’s webpage. In there, you will find all the necessary background information to understand what was done!
Thanks pulser_g2 for the tip!
Want something published in the Portal? Contact any News Writer.
個人積分:10分
文章編號:26651180
個人積分:9分
文章編號:26651642
)
個人積分:140分
文章編號:26652891
個人積分:351分
文章編號:26653148
個人積分:3分
文章編號:26655602
個人積分:46分
文章編號:26656447
個人積分:0分
文章編號:26658035
個人積分:1472分
文章編號:26659962
個人積分:90分
文章編號:26664471
個人積分:9分
文章編號:26665140
Originally Posted by kabaldan View Post
Nenolod has been talking a lot of bullshit in the past (back in October, about how he >almost< cracked the Motorola's bootloader - all based on nonsensical alleged similarity to some HTC code), and he's doing it again now.
Read this tweet: http://twitter.com/nenolod/status/49639128924557312
The conclusion from it is simple. All that nenolod needs to do to prove himself is to upload his modified, yet still bootable CDT (18kB). But he refused to do that with lame excuses (on IRC). That was the point that led to the Koush's tweet I linked in this thread before (Clockworkmod).
Nenolod keeps talking about Secure keystore, but there's no such thing on Motorola's phones. When asked about that, he explained that he means CDT. But CDT does not contain any keys (but yes, it specifies the types and addresses of signatures in other CGs).
Nenolod keeps talking about signing SBFs as the way to beat the bootloader, yet the sbf file itself is not signed at all (only the CGs inside it - and if you'd be able to sign the CGs, e.g. CDT, you wouldn't need a sbf file to flash it at all).
The published key is not even 256bit long...
I could go on, but I don't want to waste more time debating this nonsense (until I'm proven wrong ).
小惡魔市集
關閉廣告