Updated: Droid X now running Clockwork Recovery, another step forward. Still WIP

Bateluer

Lifer
Jun 23, 2001
27,730
8
0
http://www.droid-life.com/2010/08/11/droid-x-sees-custom-recovery-image-roms-next/

Using a hack discovered by the folks who’ve done all the work on the Milestone, birdman has booted a custom recovery on his handset. The process is labor-intensive and dangerous if you’re not prepared to recover from a bricked device (and technically this bricks the device since you can’t reboot into Android at this moment), but it’s a successful proof of concept.

Right now he’s working on getting ADB up so we can further investigate what it will take to get a fully functional recovery working (that will also allow reboot back into Android).

From there the focus will move to a more robust recovery and discovery if/how we can do Nandroids and/or write a new /System image (like Froyo)

Woot! Might make the Droid X worth buying a month or so.

Edit - Wonder if the same exploit can be used on the Droid 2? I would prefer a hardware keyboard for certain.

Edit 2 - Just saw mrbirdman's tweets, looks like he has adb working recovery now. Most excellent news. Not sure if this is further than the Milestone or not, I believe the Milestone was successfully booted into Android so long as the GSM radio was disabled though.
 
Last edited:
Feb 19, 2001
20,155
23
81
Congrats!

However I'd like to point out that the bootloader itself hasn't been cracked. The Recovery image is not verified in a typical bootup process. I myself have been helping out in Milestone development for some time now and while getting a recovery image on is nice, it's nowhere near what you need for a custom ROM.

We've been loading vulnerable recovery since Feb on the Milestone or whatever. It's how we root the device now.

But one positive thing is that with a recovery and adb on your phone, you can do Nandroids and load custom backups. It's like a pseudo ROM I suppose, and it's what many Milestone users deal with.

The next step is to get the 2ndboot hack that Milestone users use now. I know that with DROID, there were fewer hardware checks (besides the main bootloader check) and the Milestone verified and reverified each component so that it was almost impossible to easily port over a Desire or Nexus or DROID ROM without having half your features borked. GPS/Wifi/Internet/Radio/Camera, etc are like half working at best on the best ROMs for the Milestone. 2nd boot is just loading the default bootloader and then loading a custom bootloader. It does not mean the bootloader is cracked.

The cracking of the bootloader though is nearly impossible. I mean I wouldn't be surprised if you guys did it on the Droid X, but as explained by some of the experts working on the Milestone, the verification process is nearly bulletproof. And don't even think about a brute force hack because RSA-2048 is no joke. LOL.

Like literally, to break through you would have to desolder some crap and resolder because of the "high security mode checks"
 
Last edited:

Bateluer

Lifer
Jun 23, 2001
27,730
8
0
Congrats!

However I'd like to point out that the bootloader itself hasn't been cracked. The Recovery image is not verified in a typical bootup process. I myself have been helping out in Milestone development for some time now and while getting a recovery image on is nice, it's nowhere near what you need for a custom ROM.

We've been loading vulnerable recovery since Feb on the Milestone or whatever. It's how we root the device now.

But one positive thing is that with a recovery and adb on your phone, you can do Nandroids and load custom backups. It's like a pseudo ROM I suppose, and it's what many Milestone users deal with.

The next step is to get the 2ndboot hack that Milestone users use now. I know that with DROID, there were fewer hardware checks (besides the main bootloader check) and the Milestone verified and reverified each component so that it was almost impossible to easily port over a Desire or Nexus or DROID ROM without having half your features borked. GPS/Wifi/Internet/Radio/Camera, etc are like half working at best on the best ROMs for the Milestone. 2nd boot is just loading the default bootloader and then loading a custom bootloader. It does not mean the bootloader is cracked.

The cracking of the bootloader though is nearly impossible. I mean I wouldn't be surprised if you guys did it on the Droid X, but as explained by some of the experts working on the Milestone, the verification process is nearly bulletproof. And don't even think about a brute force hack because RSA-2048 is no joke. LOL.

Like literally, to break through you would have to desolder some crap and resolder because of the "high security mode checks"

You're such a downer. :p

But yeah, you're better off buying a phone with an open boot loader from the get go, rules out Moto's devices.
 
Feb 19, 2001
20,155
23
81
You're such a downer. :p

But yeah, you're better off buying a phone with an open boot loader from the get go, rules out Moto's devices.

lol sorry.. i know.... but i am holding out hope that the bootloader gets cracked. After all the iPhone guys did it, but I hope people realize it's not some simple click and you're done because this is serious security.

I've stayed up enough late nights and torn out enough hair over Milestone customizing and almost bricked my phone a dozen times to know this is no joke :D

BTW, I don't think any phone has an open bootloader. They're just very easy to unlock because manufacturers don't really care to lock it down....
 

Bateluer

Lifer
Jun 23, 2001
27,730
8
0
lol sorry.. i know.... but i am holding out hope that the bootloader gets cracked. After all the iPhone guys did it, but I hope people realize it's not some simple click and you're done because this is serious security.

Apple's security has always been a joke. :p