this post was submitted on 05 Sep 2025
108 points (100.0% liked)

Linux

12973 readers
397 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
108
ELI 15: How do phone manufacturers "lock" bootloaders? Is that software truly unhackable? (lemmy.world)
submitted 2 days ago by Maroon@lemmy.world to c/linux@lemmy.world
36 comments fedilink hide all child comments
 

I am seeing a growing discussion on the need for more Linux phones in the market given Google's problematic behaviour w.r.t the changes that will be introduced to that OS.

One very good point that some community member raised was that Android itself wasn't the problem but the locking of the bootloader in the phone. If the bootloader could be unlocked, then it significantly lowers the bar for the end user to install their OS of choice.

I have dabbled with flashing OSs in old smartphones (GrapheneOS, Post market and Lineage). I commend the developers because I could do that without truly having to "understand the code" at the lower levels. But I assume that was possible because the boot loader could be unlocked somehow*. It seems that isn't the case with many/most phone fro. Samsung / Xiomi, etc.

Are their bootloaders truly unlockable? Is it simply impossible to unlock and relock bootloaders?

  • I know that with lineage, the bootloader couldn't be relocked and that was touted as a security flaw. If someone could explain why this lock/unlock is so complex, I'd appreciate it.
you are viewing a single comment's thread
view the rest of the comments
[–] infjarchninja@lemmy.ml 2 points 2 days ago (1 children)

Thanks Ragebutt

Comprehensive answers

That what I like

Thank you

my motorola example:

fastboot oem get_unlock_data

3A35219112984799#5A593232444743424E46006D6F746F726F6C0000#869D8063DBECC893461CCDA39BC5560898D31E77E0EA41ED679205BA559DC4A1#663D5E2D000000000000000000000000

could this be cracked with Hashcat?

you upload this to motorola

They then send you this to unlock your bootloader

Here is the unique code to unlock the bootloader of your Motorola phone.

Unlock Code: YGS5FHGWSJDQKBTSWXBS

fastboot oem unlock YGS5FHGWSJDQKBTSWXBS

fastboot oem unlock YGS5FHGWSJDQKBTSWXBS

(bootloader) Bootloader is unlocked!

OKAY [ 13.949s]

Finished. Total time: 13.949s

I have wondered if Hashcat could crack the hash sand give the Unlock Code.

When you consider how long a WPA2 hash is and it s still very possible to crack WPA2 as long. 3-4 hours to run through an 8 char uppercase keyspace on an old sky router.

WPA021709ba709b92c3eb7b662036b02e843c6c5940096fb664cc2edaeb526c686c64ca37bb6be93179b0ce86e0f4e393d742fca6854ace6791f29a7d0c0ec15340860103007502010a00000000000000000001f09960e32863aa57ba250769b6e12d959a5a1f1cc8939d6bed4401a16092fa72000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001630140100000fac040100000fac040100000fac02000000

but a 20 char Unlock Code would be impossible on my gaming rig.

[–] possiblylinux127@lemmy.zip 1 points 1 day ago (2 children)

The device throttles attempts so it isn't crackable before the heat death of the universe.

Motorola has one of the better bootloader unlock programs. Many other companies make you jump though hoop after hoop or don't allow it at all

[–] Wispy2891@lemmy.world 2 points 1 day ago (1 children)

Well the Better unlock program is the one where it's just a toggle in dev settings and not one that depends on an online server that can be turned off at any moment. Especially those that makes the unlock irreversible or that immediately void hardware warranty

[–] umbrella@lemmy.ml 2 points 1 day ago* (last edited 1 day ago) (1 children)

funny you mention it because motorola does use that to take away the possibility to unlock on older devices.

[–] Wispy2891@lemmy.world 2 points 1 day ago

blocking bootloader unlock imho is more about sending more devices to the landfill rather than actual security

[–] infjarchninja@lemmy.ml 1 points 1 day ago

Thanks Possibly linux

Isn’t crackable before the heat death of the universe

so its a long way off then LOL