Results 1 to 22 of 22
  1. Thread Author  Thread Author    #1  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default Root vs custom ROMs

    Don't shoot me, I know there's info out there but it's a little much for an Android noob.
    From what I'm getting, the X can (eventually) be rooted, just can't have custom ROMs bc the bootloader is locked, right? So basically, once someone roots the thing, you can remove bloatware, use wireless tether, etc and just not load a custom ROM? Am I totally misunderstanding how this works?
    And if I missed this somewhere else, fell free to call me a noob and tell me to search the forum. And call me names. But hey, leave my mom out of it!
  2. #2  

    Default

    okay n00b. Root gives you admin access to the device. Stuff that motorola and verizon don't want you accessing. I would say you have a pretty good idea of it without being too technical. You can download apps that require root access from the market. eg. Titanium.
    There are some rumors about that the eFuse won't actually brick the device. I saw on another not-to-be-named forum that some guy bought Koush (an Android developer who, if anyone, has a good chance at rooting) a DroidX. So we shall see in due time.

    Edit: now go search the forum. And Google.
    Last edited by Aggie12; 07-19-2010 at 12:25 PM. Reason: I wanted to leave your mom out of it.
    Thanked by:
  3. Thread Author  Thread Author    #3  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default

    Thanks! I'm at work and limited to what sites I can browse, so I'm limited to my poor, overworked and underperforming BB. Is the locked bootloader what prevents (impedes?) the device from being rooted, or just from loading a custom ROM? I'm under the impression it just keeps you from loading ROMs, but getting root access is different.
    PS: Thanks for leaving my mom out of it.
  4. #4  
    moosc's Avatar
    Grand Master Moosc

    Posts
    3,443 Posts
    Global Posts
    5,517 Global Posts
    ROM
    AKOP M4 old geezer theme

    Default

    We will have root and we will ha e custom roms it will just time and a good developer to work the kinks out.
  5. Thread Author  Thread Author    #5  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default

    That's kinda what I'm wondering about; is getting root and the ability to use custom roms equally difficult?
  6. #6  

    Default

    Right now...yes, it's very difficult. In time...probably not.
  7. #7  

    Default

    In the case of this phone with the information we have now. Root will be here but I'm not to sure about the custom ROM flashing. I don't really care about custom ROMs, call me whatever but yeah. As long as 2.2 doesn't take to long I'm fine.
  8. #8  

    Default

    Quote Originally Posted by moosc View Post
    We will have root and we will ha e custom roms it will just time and a good developer to work the kinks out.
    You have a supercluster working on the encryption or a mole inside Motorola?

    No?

    Then you will never load custom ROMs.
  9. Thread Author  Thread Author    #9  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default

    I *think* I'm ok with root for now. Maybe once I fully grasp everything I'll change my mind about the need for roms.

    And its good to see no mothers were brought up, although schizrade is doing his best to start something
  10. #10  

    Default

    Quote Originally Posted by Adam Munger View Post
    I *think* I'm ok with root for now. Maybe once I fully grasp everything I'll change my mind about the need for roms.

    And its good to see no mothers were brought up, although schizrade is doing his best to start something
    No, just trying to make people aware of the ramifications of encryption. It is not a simple work around, although people think it can somehow magically be "hacked". The Milestone has the same setup, and it hasn't come close to being hacked. Encryption is not something easily hacked like you see on movies. Good encryption is, in a practical sense, bullet proof. There are always ways through or around something, but assuming Motorola used a half decent method (which the Milestone all but confirms), by the time a hole to work is even found, the world would have moved on to the next toy.

    Assuming 128bit or 256bit AES Encryption, cracking will not happen anytime soon:

    For cryptographers, a cryptographic "break" is anything faster than an exhaustive search. Thus, an XSL attack against a 128-bit-key AES requiring 2100 operations (compared to 2128 possible keys) would be considered a break. The largest successful publicly-known brute force attack has been against a 64-bit RC5 key by distributed.net.

    Unlike most other block ciphers, AES has a very neat algebraic description.[10] In 2002, a theoretical attack, termed the "XSL attack", was announced by Nicolas Courtois and Josef Pieprzyk, purporting to show a weakness in the AES algorithm due to its simple description.[11] Since then, other papers have shown that the attack as originally presented is unworkable; see XSL attack on block ciphers.

    During the AES process, developers of competing algorithms wrote of Rijndael, "...we are concerned about [its] use...in security-critical applications."[12] However, at the end of the AES process, Bruce Schneier, a developer of the competing algorithm Twofish, wrote that while he thought successful academic attacks on Rijndael would be developed someday, "I do not believe that anyone will ever discover an attack that will allow someone to read Rijndael traffic."[13]

    On July 1, 2009, Bruce Schneier blogged[14] about a related-key attack on the 192-bit and 256-bit versions of AES, discovered by Alex Biryukov and Dmitry Khovratovich,[15] which exploits AES's somewhat simple key schedule and has a complexity of 299.5. This is a follow-up to an attack discovered earlier in 2009 by Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, with a complexity of 296 for one out of every 235 keys.[16] Another attack was blogged by Bruce Schneier[17] on July 30, 2009 and released as a preprint[18] on August 3, 2009. This new attack, by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, is against AES-256 that uses only two related keys and 239 time to recover the complete 256-bit key of a 9-round version, or 245 time for a 10-round version with a stronger type of related subkey attack, or 270 time for a 11-round version. 256-bit AES uses 14 rounds, so these attacks aren't effective against full AES.

    In November 2009, the first known-key distinguishing attack against a reduced 8-round version of AES-128 was released as a preprint.[19] This known-key distinguishing attack is an improvement of the rebound or the start-from-the-middle attacks for AES-like permutations, which view two consecutive rounds of permutation as the application of a so-called Super-Sbox. It works on the 8-round version of AES-128, with a computation complexity of 248, and a memory complexity of 232.

    In July 2010 Vincent Rijmen published an ironic paper on "chosen-key-relations-in-the-middle" attacks on AES-128[20]
  11. #11  

    Default

    We can be hopeful Holly's can't we negative Nancy??
  12. Thread Author  Thread Author    #12  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default

    ::nods head with blank expression on face::
  13. #13  

    Default

    Quote Originally Posted by Aggie12 View Post
    We can be hopeful Holly's can't we negative Nancy??
    Sure.

    Hope.
  14. #14  

    Default

    Here, some sobering reality:

  15. #15  

    Default

    99.9 of encryption bypassing today is done by someone at a company wanting a toy to work their way and giving important development info to some hacker.

    So considering Motorola is an American company and the Milestone not selling well in America. My guess is someone at Motorola having a DX but wanting cool ROMs will eventually feed a ROM cooker with the Encryption info.
  16. #16  

    Default

    Quote Originally Posted by Topweasel View Post
    99.9 of encryption bypassing today is done by someone at a company wanting a toy to work their way and giving important development info to some hacker.

    So considering Motorola is an American company and the Milestone not selling well in America. My guess is someone at Motorola having a DX but wanting cool ROMs will eventually feed a ROM cooker with the Encryption info.
    Like I said, a mole will release the key.
  17. #17  

    Default

    Quote Originally Posted by schizrade View Post
    Like I said, a mole will release the key.
    If we can get AACS keys before HD-DVD or BD was ever released. I am confident someone will get a key or a bypass from Motorola. In the end this is stuff they do for their Board, the techs probably hate to see their hardware locked so tight anyways. The info will make it out.
  18. #18  

    Default

    Quote Originally Posted by Topweasel View Post
    If we can get AACS keys before HD-DVD or BD was ever released. I am confident someone will get a key or a bypass from Motorola. In the end this is stuff they do for their Board, the techs probably hate to see their hardware locked so tight anyways. The info will make it out.
    I'm hopeful, but there's also the chance that a human doesn't have the key. It makes sense to have one dedicated machine to compile all final builds, so that they all are the same and have the same MD5.

    If it were me, the RSA key would be unique to that machine and only a very few would be able to extract the private portion, so any leaking of keys would result in me firing a couple of people.
    ಠ_ಠ
    제리
  19. #19  

    Default

    Quote Originally Posted by gbhil View Post
    I'm hopeful, but there's also the chance that a human doesn't have the key. It makes sense to have one dedicated machine to compile all final builds, so that they all are the same and have the same MD5.

    If it were me, the RSA key would be unique to that machine and only a very few would be able to extract the private portion, so any leaking of keys would result in me firing a couple of people.
    I would think every factory would need to have it plus the OS and software developers. For this reason I would think probably 20 people in the company at least has direct access and some 100 or so with limited access to phone specific codes. Without a specific working code for each specific place it would be pretty hard to track down the source unless they track access to the files and only then it would be useful if this couldn't be done during the period of time where you would access it normally.
  20. Thread Author  Thread Author    #20  
    mungera's Avatar

    Posts
    14 Posts
    Global Posts
    406 Global Posts

    Default

    Success!! My noob topic got commented on by "the man". I feel like I've achieved something. And as an added bonus, I learned a lot of very technical information that I'll never use but I still feel is valuable.

    And still no mom jokes - FTW!
  21. #21  

    Default

    Quote Originally Posted by Topweasel View Post
    I would think every factory would need to have it plus the OS and software developers. For this reason I would think probably 20 people in the company at least has direct access and some 100 or so with limited access to phone specific codes. Without a specific working code for each specific place it would be pretty hard to track down the source unless they track access to the files and only then it would be useful if this couldn't be done during the period of time where you would access it normally.
    Depends on how big a secret they wanna keep. Easy enough to use a separate signing key on a master build machine, that only project leaders and Senior IT can get.

    Personally, I think the whole thing stinks. Moto needs to remember that their Android users pulled them up out of the grave, and treat them a little better. The Droid is proof that a strong dev community can keep a phone in the spotlight for 10 months.
    ಠ_ಠ
    제리
  22. #22  

    Default

    Quote Originally Posted by gbhil View Post
    Depends on how big a secret they wanna keep. Easy enough to use a separate signing key on a master build machine, that only project leaders and Senior IT can get.

    Personally, I think the whole thing stinks. Moto needs to remember that their Android users pulled them up out of the grave, and treat them a little better. The Droid is proof that a strong dev community can keep a phone in the spotlight for 10 months.
    Agreed.

Posting Permissions

B