Cracked! The Keys to Unlocking Motorola’s Bootloader

March 21, 2011 - Written By Mark Pavlik

Motorola Bootloaders Unlocked, Moto Ignores Issue until Keys Posted

William Pitcock, who goes by the name of @nenolod on twitter has been posting some info regarding Motorola’s “locked” sholes devices, as he has reverse-engineered the key to unlocking them.  A few of those devices are the original DROID, the Milestone, and possibly the Droid X, Droid 2, and Charm.

Because Motorola uses a private key to secure its bootloader, any update to these devices not signed by that same key will put the device in recovery mode.  That means custom ROMs have not been possible… until now.

How did Pitcock Crack Motorola’s Private Key?

What did Pitcock discover?  He found that Motorola had messed up their own security by setting their signature and public key nonce values to zero.  They failed to add a random value to the signature in order to hide their private key, which led to Pitcock cracking it.  He says the key can be cracked with Mathematica if you understand the Elgamal signature scheme.

Pitcock was very courteous in trying to let Motorola know what he found concerning their bootloader security.  HIs attempts to reach them had fallen on deaf ears until now, when he finally leaked their private keys on his site. Then Motorola immediately stepped up and sent him a Cease and Desist letter, so he has since taken the keys down.

Motorola Bootloader Unlocked, Keys Passed on to New Group

Pitcock, after taking the keys down, said, “all information has been handed over to people who are working on this.”  Those people would indeed be FreeMyMoto.  You can follow them on their Twitter page @FreeMyMoto or you can check out their site to see what they are up to.

Below you will find the dates when William reached out the Motorola.  It’s amazing how fast a legal document can be thrown together as a response but yet they can’t acknowledge someone on the first or second notification.  Remember, you may have some of the sharpest tools in your shed, but someone else’s shed might just know more about reverse engineering, encryption, and algorithms.

Notification of Motorola on Bootloader Security Issues

  • December 20th, 2010 — Motorola notified of keystore vulnerability. No response received from Motorola.
  • February 20th, 2011 — Motorola notified again of keystore vulnerability. No response received from Motorola.
  • February 27th, 2011 — Motorola notified that keystore vulnerability will be disclosed to public on March 20th. No response received from Motorola.
  • March 20th, 2011 — Keystore signature generation vulnerability publically disclosed including private key leak. Response received from Motorola legal.

What Does this mean if you own a Motorola Device?

We won’t post the keys themselves due to legal issues, but this pic might be a glimpse into what may or may not be the “key” ingredients.  How long will it take for these bootloaders to be officially unlocked?  When will we see custom ROMs for the Droid/Milestone line? Stay tuned.

Every Android phone has a locked bootloader.  Motorola “sholes” devices have an encrypted bootloader.  I have heard the Motorola Atrix 4G has a signed bootloader.  In order to unlock the Atrix, you have to use a private key to sign/encrypt a kernel that the phone will accept to unlock it.

A locked bootloader means you cannot make any kernel modifications.  That basically means you can’t fully customize the device in the deepest darkest levels most people don’t even know about.  But some people (FreeMyMoto) are going to find out, and you can follow them on their twitter address or using their IRC channel:

Channel: ##pbf
(yes, with two hashes instead of just one)

If you don’t know what this is, then learn a little bit more about IRC (it’s a chat) and, until then, use this web client to join. The experience is MUCH better with a proper client.

We’ll pass on anything we hear about Motorola, these devices, and their bootloaders.


With additional reporting by Maddi Hausmann Sojourner