Smartphone hacking without risk – plus, broken phones needed

[Adam Outler] and [Rebellos] have been working feverishly to advance the world of mobile device hacking. They’re attacking on two fronts, making it easier for the common hacker to monkey with the phone’s firmware and OS with impunity, and by finding ways to make regular handsets into dev-hardware for low-level hacking.

The Hummingbird Interceptor Bootloader (HIBL) circumvents the chain of trust on smartphones running the Cortex-A8 family of processors. This opens a lot of doors, not the least of which is the ability to run any OS that you’re capable of porting to the hardware. We’re certain that Android builds will come first as they are open-source, but there’s talk of iOS or Windows Phone being run after some heavy assembly hacking.

But the two developers are trying to bring more people into the fold with their recent hacks. [Adam] has put out a call for your broken hardware. He needs your dead smartphone boards to reverse engineer the circuitry. Soldering one wire from the OM5 pin on the processor to the OM1 resistor will make the phones unbrickable (something we heard about back in July) and remove the need for soldering in a JTAG interface. With borked hardware in hand he pops off the processor and traces out this connection as well as the UART pins.

The soldering isn’t an easy process, but it’s a marked improvement that breaks down more barriers that keep people from hacking their coveted hardware. The clip after the break shows how easy it now is to recover your phone if something goes wrong while messing with the firmware or OS.

17 thoughts on “Smartphone hacking without risk – plus, broken phones needed

  1. @andrew

    That’s the Ubuntu admin password prompt I believe.. It needs that if it needs any root-level access to certain OS features.

  2. Pretty please, could you port Maemo? There is only 3 phones that support it, and I want more.

    Also, one thing I never understood is why companies put so much effort and money into locking down their hardware; not releasing source I can understand (fear of being copied), but why block attempts to run new software on it? The only possible outcomes are:
    1- Nothing has interest or skills to port new software
    2- Someone ports that software increasing their device capabilities for free and they sell more.

    Seriously, can someone explain me what is the upside of them locking down their hardware?

  3. @Mike Szczys
    You might want to change your text to Cortex-A8 (M is for eMbedded/Mcu, A is for Application – and they’ve yet to design an M8 ;-)

  4. Can someone explain the hardware hack? Is it correct that modifying the “OM5″ signal somehow changes the boot sequence of the processor so that they can use a UART in the device core to communicate with some built-in bootloader?

  5. I’m surprised why phone manufacturers go this far to the point where they actively take measures to prevent load of other software.
    Phones that are easy to load new firmware in and have up to date ROM images available sell like hotcakes!
    Those who don’t are only bought by people who don’t know/care how to upgrade their software and generally don’t even bother to buy a phone with an OS that supports third party applications.
    When I’m buying a smartphone, my main concern is the availability of update OS images. If their official, better, if not, third party are ok.
    Its a shame most handset manufacturers (even Android ones) go with the policy of: Want a new OS version? Buy a new Phone!

  6. Ok so the question is, which CPUs and handsets does this work on?
    Based on the mention of “Samsung” I am guessing it works only on Samsung CPUs.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s