May 17 2011, 01:02 AM
QUOTE
Ever since mid-March, several sources online started to incite fear by reporting that someone discovered that the HTC Thunderbolt's bootloader was locked. Why would that be scary? Because we've all heard that Motorola's bootloaders are locked down, which severely limits how much you can do with a rooted phone, like flash custom ROMs. And Motorola has stated that it intends to do the same for all its future phones. Since the Thunderbolt's booloader is locked and signed, does this mean HTC is now headed down the same path?
No.
The first thing to understand is that the initial fear mongering was due to a huge lack of understanding about the nature of bootloaders. I'm going to explain it here in a clean thread and hope to counter all this misplaced concern for anyone looking for clarification.
What the authors of these reports failed to realize was that almost ALL phones' bootloaders come locked and signed. Always have. The Thunderbolt's bootloader security is no different than any of its HTC predecessors including the Droid Incredible, Evo 4G, and many others. They simply confused a "locked" bootloader to Motorola's bootloaders, which are also locked, but the key difference is the encryption layer that prevents the Moto bootloaders from being unlocked. There's a huge difference between being locked and being unlockable.
In a full root, one of the main objectives is to unlock the bootloader so you can flash custom ROMs. Here is a high-level overview of what happens during a full root:
1) find an exploit that tricks the phone in giving you temporary root privileges for that session. Typically some app has a vulnerability, and a root solution is available when a hacker finds an exploit.
2) Once a hacker has temp root, the superuser (su) binary is installed onto the system to make the root permanent. A user or app can simply call su to gain root privileges at will.
At this point, we've achieved a half-root. The phone is technically considered "root"ed. Now we move on to the juicy part of the root process: unlocking the bootloader.
3) The bootloader's stock firmware (HBOOT) can now be replaced with the pre-release Engineering version, which is a leaked HTC-signed image used when the phone firmware and OS was being developed. Since the image is properly signed, the bootloader accepts the firmware. The Engineering HBOOT comes with S-OFF, meaning it's unlocked by default (it makes sense that when the ROM is being developed, engineers wouldn't want to impose the lock on themselves). Once the bootloader is on the Engineering HBOOT, it is unlocked.
4) Now that the bootloader is unlocked (aka S-OFF, NAND unlocked), the factory recovery program is able to be replaced using the bootloader's fastboot flashing utility. Depending on the root method, you get either Clockworkmod or RA recovery, two widely available homebrew recovery programs.
5) with a custom recovery in place, you have the ability to flash images to various partitions that were previously protected by the bootloader, but now that the bootloader is unlocked, it essentially turns a blind eye to what the recovery image does.
Full root complete.
When the bootloader is encrypted, it means that it's expecting an HBOOT image to be encrypted with a very specific key. The problem is you can't generate the correct encryption on an Engineering HBOOT image without having the encryption key. So... no Eng HBOOT means S-ON remains (aka NAND locked, aka bootloader remains locked). Which means you can't ever have write access to key partitions of the filesystem that a custom kernel/ROM requires: /boot (kernel) and /system (Android OS). Furthermore, with Motorola bootloaders, there's something called an eFuse that checks to see if you've modified the bootloader. Assuming you do get the Eng HBOOT flashed, the eFuse may still kick in because of some checksum mismatch. Its job is to brick the phone when it detects that the bootloader has been tampered with. Ouch.
So will the Evo 3D come with a locked and signed bootloader? Most likely. But does that mean anything of consequence? No. The Engineering HBOOT will be inevitably leaked, a hacker will discover a root exploit, and the Evo 3D will be fully rooted shortly after.
Is there a possibility that HTC starts encrypting their bootloaders like Motorola? Yes. But the Thunderbolt's bootloader is not a valid reason to think that HTC is considering this. In fact, HTC has done nothing to indicate it may suddenly decide to change its existing policies. So relax. Chances are very good that the Evo 3D will be rooted quickly with little fanfare.
http://androidforums.com/evo-3d-all-things-root/329819-no-need-panic-about-locked-bootloader.htmlNo.
The first thing to understand is that the initial fear mongering was due to a huge lack of understanding about the nature of bootloaders. I'm going to explain it here in a clean thread and hope to counter all this misplaced concern for anyone looking for clarification.
What the authors of these reports failed to realize was that almost ALL phones' bootloaders come locked and signed. Always have. The Thunderbolt's bootloader security is no different than any of its HTC predecessors including the Droid Incredible, Evo 4G, and many others. They simply confused a "locked" bootloader to Motorola's bootloaders, which are also locked, but the key difference is the encryption layer that prevents the Moto bootloaders from being unlocked. There's a huge difference between being locked and being unlockable.
In a full root, one of the main objectives is to unlock the bootloader so you can flash custom ROMs. Here is a high-level overview of what happens during a full root:
1) find an exploit that tricks the phone in giving you temporary root privileges for that session. Typically some app has a vulnerability, and a root solution is available when a hacker finds an exploit.
2) Once a hacker has temp root, the superuser (su) binary is installed onto the system to make the root permanent. A user or app can simply call su to gain root privileges at will.
At this point, we've achieved a half-root. The phone is technically considered "root"ed. Now we move on to the juicy part of the root process: unlocking the bootloader.
3) The bootloader's stock firmware (HBOOT) can now be replaced with the pre-release Engineering version, which is a leaked HTC-signed image used when the phone firmware and OS was being developed. Since the image is properly signed, the bootloader accepts the firmware. The Engineering HBOOT comes with S-OFF, meaning it's unlocked by default (it makes sense that when the ROM is being developed, engineers wouldn't want to impose the lock on themselves). Once the bootloader is on the Engineering HBOOT, it is unlocked.
4) Now that the bootloader is unlocked (aka S-OFF, NAND unlocked), the factory recovery program is able to be replaced using the bootloader's fastboot flashing utility. Depending on the root method, you get either Clockworkmod or RA recovery, two widely available homebrew recovery programs.
5) with a custom recovery in place, you have the ability to flash images to various partitions that were previously protected by the bootloader, but now that the bootloader is unlocked, it essentially turns a blind eye to what the recovery image does.
Full root complete.
When the bootloader is encrypted, it means that it's expecting an HBOOT image to be encrypted with a very specific key. The problem is you can't generate the correct encryption on an Engineering HBOOT image without having the encryption key. So... no Eng HBOOT means S-ON remains (aka NAND locked, aka bootloader remains locked). Which means you can't ever have write access to key partitions of the filesystem that a custom kernel/ROM requires: /boot (kernel) and /system (Android OS). Furthermore, with Motorola bootloaders, there's something called an eFuse that checks to see if you've modified the bootloader. Assuming you do get the Eng HBOOT flashed, the eFuse may still kick in because of some checksum mismatch. Its job is to brick the phone when it detects that the bootloader has been tampered with. Ouch.
So will the Evo 3D come with a locked and signed bootloader? Most likely. But does that mean anything of consequence? No. The Engineering HBOOT will be inevitably leaked, a hacker will discover a root exploit, and the Evo 3D will be fully rooted shortly after.
Is there a possibility that HTC starts encrypting their bootloaders like Motorola? Yes. But the Thunderbolt's bootloader is not a valid reason to think that HTC is considering this. In fact, HTC has done nothing to indicate it may suddenly decide to change its existing policies. So relax. Chances are very good that the Evo 3D will be rooted quickly with little fanfare.
Here's hoping that someone will find an exploit in the Desire S soon.
Added on May 17, 2011, 2:11 amOn Li-Ion Batteries.
QUOTE
General Lithium-Ion Battery (LIB) Usage:
• Discharging your LIB fully (or less than 2.4 Volt per cell) is bad for the battery. Every time you do that, it can be said that small part of your battery (some cells) dies (they forever lose their charge). Do not store your batteries depleted, there's a high chance they will die completely or will become very "weak".
• You cannot restore bad LIBs by overloading/heating/praying. You gotta go buy a new one. They DO degrade overtime, some cells naturally lose the ability to gain/give electricity.
• Although it is said that LIBs do not have memory, it's not entirely true. LIBs have gauges that monitor performance of cells, and if you do a lot of small charges, it won't let those gauges to monitor a full battery potential, causing an invalid indication of charge level. A complete charge/discharge should be made when battery capacity seems reduced, that will calibrate gauges and they will provide your phone with correct charge level status. A full charge/discharge cycle should be done every 30 (or so) partial charges.
• LIBs have a shelf-life. Do not buy them to store them. Use them early, use them often, they will die whether you use them or not. Do not buy LIBs to use them in 6 months/year/etc, buy them right before actually using them.
• LIBs have short lives (in comparison to NiCa batteries, etc). You should expect to buy a new battery in 2-3 years after being manufactured. It is caused by internal oxidation and there's nothing you can do to stop or prevent that.
• Worst LIB treatment is to keep it at 100% charge level at high temperature (think laptop/phone under direct sunlight, like car dashboard).
• Best LIB treatment, or LIBs "favorite" charge level - 40%. That's also the usual charge level you buy them with.
• LIBs don't like heat. For example, while always at 100%, typical LIB in a laptop, at temperatures of 25C (77F) will lose 20% (twenty percent!) of full capacity per year. That capacity loss is reduced to 6% (six percent) at 0C (32F), and increased to 35% loss at 40C (104F). So, keep them cool (LIBs like fridges), don't let your devices sit in the sun or overheat at charge. Also, keep in mind that while in use, battery will be significantly hotter than phone/outside environment
• LIBs like frequent partial charges/discharges more than they like full charges/discharges.
• Car "fast-chargers" overtime degrade your battery a little, as they give too much energy to the battery too fast (high voltage). Trickle-charge (USB) is best. They do provide an initial higher capacity charge (high-voltage), but do degrade the long-term battery capacity. General idea is that the slower the charge - the longer (long-term) battery will serve you.
HTC/Google-specific advice:
• Although this part is somewhat controversial, they do recommend having a complete, full FIRST charge to be made. If time allows, a preferred time for the first charge is 12 hours. This may have more to do with the OS than the battery.
• Battery on a Android device, in average, will last about a full day with normal use (some videos, mail, calls). That's what you should kind-of expect.
• Speaking in averages, "idling" 3G/EDGE connection (when phone is sleeping and no data is transferred through 3G), drains almost no energy. Just a little more than having 3G/EDGE radio off completely. So when no apps are using 3G, you don't need to keep it off.
• Same goes to WiFi connection - although it's on, if there is no data flowing through it, it uses almost no energy.
• At full throughput (100% data flow), EDGE is using significantly more energy than 3G. 3G is much more energy-efficient than EDGE.
• WiFi is using more energy than 3G (when both are at 100% use), but since it transfers files much faster and then goes to "sleep", it's actually recommended to use WiFi whenever possible. Since it'll "sleep" more often than 3G, overall it will use much less battery than using 3G.
• Some bad apps or widgets can use android's "WakeLock", keeping CPU at 100%, screen always-on, or both. I myself have encountered such widget (I won't mention the name, it's in the market) that used a WakeLock to keep CPU spun-up at 100% all the time. That makes a huge impact on battery life. My advice - use a CPU profiling app to monitor the CPU - make sure that CPU slows down by itself when it's not used. So, beware of such widgets/apps. To check for CPU cycles, many recommend OSMonitor (free from market, install it, go to options, sort by "Load" in descending order. It'll give you "busiest" processes at the top). At rest you should be getting about 10-20% for OSMonitor itself, and 1-10% Android System. At rest, everything else should be 0-1%.
• Android (at least on Nexus One) slows down CPU when not in use by itself, as a built-in feature. Apps that throttle/change CPU frequency, are not necessarily needed.
http://forum.xda-developers.com/showthread.php?t=669497• Discharging your LIB fully (or less than 2.4 Volt per cell) is bad for the battery. Every time you do that, it can be said that small part of your battery (some cells) dies (they forever lose their charge). Do not store your batteries depleted, there's a high chance they will die completely or will become very "weak".
• You cannot restore bad LIBs by overloading/heating/praying. You gotta go buy a new one. They DO degrade overtime, some cells naturally lose the ability to gain/give electricity.
• Although it is said that LIBs do not have memory, it's not entirely true. LIBs have gauges that monitor performance of cells, and if you do a lot of small charges, it won't let those gauges to monitor a full battery potential, causing an invalid indication of charge level. A complete charge/discharge should be made when battery capacity seems reduced, that will calibrate gauges and they will provide your phone with correct charge level status. A full charge/discharge cycle should be done every 30 (or so) partial charges.
• LIBs have a shelf-life. Do not buy them to store them. Use them early, use them often, they will die whether you use them or not. Do not buy LIBs to use them in 6 months/year/etc, buy them right before actually using them.
• LIBs have short lives (in comparison to NiCa batteries, etc). You should expect to buy a new battery in 2-3 years after being manufactured. It is caused by internal oxidation and there's nothing you can do to stop or prevent that.
• Worst LIB treatment is to keep it at 100% charge level at high temperature (think laptop/phone under direct sunlight, like car dashboard).
• Best LIB treatment, or LIBs "favorite" charge level - 40%. That's also the usual charge level you buy them with.
• LIBs don't like heat. For example, while always at 100%, typical LIB in a laptop, at temperatures of 25C (77F) will lose 20% (twenty percent!) of full capacity per year. That capacity loss is reduced to 6% (six percent) at 0C (32F), and increased to 35% loss at 40C (104F). So, keep them cool (LIBs like fridges), don't let your devices sit in the sun or overheat at charge. Also, keep in mind that while in use, battery will be significantly hotter than phone/outside environment
• LIBs like frequent partial charges/discharges more than they like full charges/discharges.
• Car "fast-chargers" overtime degrade your battery a little, as they give too much energy to the battery too fast (high voltage). Trickle-charge (USB) is best. They do provide an initial higher capacity charge (high-voltage), but do degrade the long-term battery capacity. General idea is that the slower the charge - the longer (long-term) battery will serve you.
HTC/Google-specific advice:
• Although this part is somewhat controversial, they do recommend having a complete, full FIRST charge to be made. If time allows, a preferred time for the first charge is 12 hours. This may have more to do with the OS than the battery.
• Battery on a Android device, in average, will last about a full day with normal use (some videos, mail, calls). That's what you should kind-of expect.
• Speaking in averages, "idling" 3G/EDGE connection (when phone is sleeping and no data is transferred through 3G), drains almost no energy. Just a little more than having 3G/EDGE radio off completely. So when no apps are using 3G, you don't need to keep it off.
• Same goes to WiFi connection - although it's on, if there is no data flowing through it, it uses almost no energy.
• At full throughput (100% data flow), EDGE is using significantly more energy than 3G. 3G is much more energy-efficient than EDGE.
• WiFi is using more energy than 3G (when both are at 100% use), but since it transfers files much faster and then goes to "sleep", it's actually recommended to use WiFi whenever possible. Since it'll "sleep" more often than 3G, overall it will use much less battery than using 3G.
• Some bad apps or widgets can use android's "WakeLock", keeping CPU at 100%, screen always-on, or both. I myself have encountered such widget (I won't mention the name, it's in the market) that used a WakeLock to keep CPU spun-up at 100% all the time. That makes a huge impact on battery life. My advice - use a CPU profiling app to monitor the CPU - make sure that CPU slows down by itself when it's not used. So, beware of such widgets/apps. To check for CPU cycles, many recommend OSMonitor (free from market, install it, go to options, sort by "Load" in descending order. It'll give you "busiest" processes at the top). At rest you should be getting about 10-20% for OSMonitor itself, and 1-10% Android System. At rest, everything else should be 0-1%.
• Android (at least on Nexus One) slows down CPU when not in use by itself, as a built-in feature. Apps that throttle/change CPU frequency, are not necessarily needed.
This post has been edited by Joseph Hahn: May 17 2011, 02:11 AM
Quote
0.0978sec
0.25
7 queries
GZIP Disabled