Motorola: Locking the Droid X

[rusky1]

[Update]: We may not have a problem, after all. Via BGR, it appears that the TI OMAP-based processors that Motorola has been using in all of their higher-end devices have had eFuse all this time, they just don’t use that feature of the chipset. Reports claim that the same technology can be found in the original Droid, the Milestone, and the Droid X, and that we’ll probably be seeing it in the Droid 2, as well.
If he’s correct, then we can probably start putting those pitchforks down. The only way to verify is by getting official word from Verizon or Motorola, or to see if any Android hacker has the guts to attempt to do anything with their brand new Droid X.

Just got this quote from the website referred to in the other Droid X thread in the news section.

This is good news indeed.

 

[Bitbang3r]

Even developer phones such as the Nexus One lose warranty the second you unlock the bootloader.

Strictly speaking, in the US at least, you don't. Oh, they might SAY you do. They might even act as if you do if you try to do a warranty replacement through normal channels. But if you really pushed the issue and filed a lawsuit against them (or got together with other Nexus One owners to launch a class action lawsuit), it would be almost an open and shut case in your favor thanks to the Magnuson-Moss Act, which was passed around 35 years ago.

In plain English, MMA basically says that a manufacturer can't arbitrarily deny warranty coverage unless they can prove that whatever it was you did literally and directly caused the product to break. At worst, it means HTC has the right to refuse warranty service for your phone unless you agree to let them wipe and reflash it to the stock factory rom first, and give it back to you with that stock rom.

It was passed because in the 60s and early 70s, American automakers tried invalidating warranties if you installed an aftermarket stereo, used "unauthorized" replacement parts, or basically did anything to it yourself besides add gas. Pre-MMA, Ford could refuse to repaint a peeling bumper because you installed replacement bulbs in the headlights that weren't sold by Ford.

There's a bit of legal gray area over whether or not HTC could legally charge a fee to Nexus One owners for reflashing their phones to stock. IANAL, but I believe HTC would lose unless it could demonstrate that the end user COULD have reflashed it to stock himself, but didn't.

As a practical matter, just about the only thing HTC (or any other handset maker) could really claim and have a chance in hell of prevailing over is if the phone's flash rom failed due to excessive erase-rewrite cycles that were FAR in excess of what any reasonable user might have expected to survive (ie, if they could prove that you flashed a kernel with a bug that madly wrote and rewrote a chunk of flash and wore it out prematurely).

Remember, at the end of the day, Verizon doesn't own your phone... you do. You purchased it, and you own it. It's yours. In fact, Verizon can't force you to lease it from them, because they're subject to the same consent decree that forced the breakup of AT&T 25 years ago. One of its terms was that they MUST allow customers to purchase their own phones, as long as they're physically compatible with the network. AT&T is subject to the same consent decree. Sprint & T-Mobile are a gray area... they're not descendants of AT&T and aren't subject directly to the decree itself, but they ARE subject to FCC regulation... and it's likely that at some point along the way, the FCC incorporated those terms into its own regulations.

Ownership of your phone is important, because it gives a STRONG legal claim to anyone whose phone gets bricked by Motorola's bootloader protection. American law (and European law) frowns mightily upon self-help remedies that attempt to enforce arbitrary contract terms by vandalizing hardware that doesn't belong to the vandalizer. DirecTV can fry your DVR if you tamper with it, because they legally own it. Verizon doesn't own your phone, and legally, they can't force you to let them own your phone.

Magnuson-Moss is *so* well-established in the US, companies don't even dare to *try* challenging it, because it would be legally suicidal. Two years ago, MSI shipped netbooks with a gig of ram, an empty soDIMM slot, and a sticker over the case screw stating that its removal (to upgrade the ram) would invalidate the warranty. Less than 2 months after the netbook hit stores, MSI had a statement on their website apologizing for the "confusion" clarifying that merely puncturing the tape, removal of the screw, or opening up the case for the specific purpose of ram expansion would NOT by themselves invalidate the warranty. I believe Britain has a similar law, and got a similar press release from MSI of its own a week or two later.

Getting back to Motorola... by just about any American legal standard, Motorola would lose if you as a consumer tried to reflash your phone, and Motorola's bootloader intentionally bricked it. HOWEVER, if Motorola's bootloader reacted to an attempt to "tamper" with the phone by wiping all of their copyrighted files from its flash, and left you with a phone that was useless at that point as a phone, but HAD a functioning bootloader and could (in theory, if not reality) be used to reflash whatever you want onto it (AOSP or whatever), they'd be safe. If the phone had a protected block of flash holding an encrypted backup copy of Motorola's ROM, and booting with a modified copy produced a message asking for permission to rewrite it back to stock, wipe the filesystem and flash your own image from the uSD card, or shut down, they'd be on about the safest legal ground you can be. Where their current policy crosses the line is bricking the phone beyond consumer repair in response to an activity that's entirely legal for a consumer to do with a phone he has purchased.

 

[zim2704]

Strictly speaking, in the US at least, you don't. Oh, they might SAY you do. They might even act as if you do if you try to do a warranty replacement through normal channels. But if you really pushed the issue and filed a lawsuit against them (or got together with other Nexus One owners to launch a class action lawsuit), it would be almost an open and shut case in your favor thanks to the Magnuson-Moss Act, which was passed around 35 years ago.

In plain English, MMA basically says that a manufacturer can't arbitrarily deny warranty coverage unless they can prove that whatever it was you did literally and directly caused the product to break. At worst, it means HTC has the right to refuse warranty service for your phone unless you agree to let them wipe and reflash it to the stock factory rom first, and give it back to you with that stock rom.

It was passed because in the 60s and early 70s, American automakers tried invalidating warranties if you installed an aftermarket stereo, used "unauthorized" replacement parts, or basically did anything to it yourself besides add gas. Pre-MMA, Ford could refuse to repaint a peeling bumper because you installed replacement bulbs in the headlights that weren't sold by Ford.

There's a bit of legal gray area over whether or not HTC could legally charge a fee to Nexus One owners for reflashing their phones to stock. IANAL, but I believe HTC would lose unless it could demonstrate that the end user COULD have reflashed it to stock himself, but didn't.

As a practical matter, just about the only thing HTC (or any other handset maker) could really claim and have a chance in hell of prevailing over is if the phone's flash rom failed due to excessive erase-rewrite cycles that were FAR in excess of what any reasonable user might have expected to survive (ie, if they could prove that you flashed a kernel with a bug that madly wrote and rewrote a chunk of flash and wore it out prematurely).

Remember, at the end of the day, Verizon doesn't own your phone... you do. You purchased it, and you own it. It's yours. In fact, Verizon can't force you to lease it from them, because they're subject to the same consent decree that forced the breakup of AT&T 25 years ago. One of its terms was that they MUST allow customers to purchase their own phones, as long as they're physically compatible with the network. AT&T is subject to the same consent decree. Sprint & T-Mobile are a gray area... they're not descendants of AT&T and aren't subject directly to the decree itself, but they ARE subject to FCC regulation... and it's likely that at some point along the way, the FCC incorporated those terms into its own regulations.

Ownership of your phone is important, because it gives a STRONG legal claim to anyone whose phone gets bricked by Motorola's bootloader protection. American law (and European law) frowns mightily upon self-help remedies that attempt to enforce arbitrary contract terms by vandalizing hardware that doesn't belong to the vandalizer. DirecTV can fry your DVR if you tamper with it, because they legally own it. Verizon doesn't own your phone, and legally, they can't force you to let them own your phone.

Magnuson-Moss is *so* well-established in the US, companies don't even dare to *try* challenging it, because it would be legally suicidal. Two years ago, MSI shipped netbooks with a gig of ram, an empty soDIMM slot, and a sticker over the case screw stating that its removal (to upgrade the ram) would invalidate the warranty. Less than 2 months after the netbook hit stores, MSI had a statement on their website apologizing for the "confusion" clarifying that merely puncturing the tape, removal of the screw, or opening up the case for the specific purpose of ram expansion would NOT by themselves invalidate the warranty. I believe Britain has a similar law, and got a similar press release from MSI of its own a week or two later.

Getting back to Motorola... by just about any American legal standard, Motorola would lose if you as a consumer tried to reflash your phone, and Motorola's bootloader intentionally bricked it. HOWEVER, if Motorola's bootloader reacted to an attempt to "tamper" with the phone by wiping all of their copyrighted files from its flash, and left you with a phone that was useless at that point as a phone, but HAD a functioning bootloader and could (in theory, if not reality) be used to reflash whatever you want onto it (AOSP or whatever), they'd be safe. If the phone had a protected block of flash holding an encrypted backup copy of Motorola's ROM, and booting with a modified copy produced a message asking for permission to rewrite it back to stock, wipe the filesystem and flash your own image from the uSD card, or shut down, they'd be on about the safest legal ground you can be. Where their current policy crosses the line is bricking the phone beyond consumer repair in response to an activity that's entirely legal for a consumer to do with a phone he has purchased.

wow.....must be a lawyer or pre-law i take it? Thanks for the information, I have heard of this somewhere before but never looked into it and had it put into layman terms.

 

[Bitbang3r]

lol. Actually, I did go to law school for a year before deciding to metaphorically hit ctrl-alt-delete and go for a second bachelor's degree in computer engineering instead (first degree was pre-law/liberal arts). I haven't regretted it once

 

[IOWA]

lol. Actually, I did go to law school for a year before deciding to metaphorically hit ctrl-alt-delete and go for a second bachelor's degree in computer engineering instead (first degree was pre-law/liberal arts). I haven't regretted it once

Ha! I was a liberal arts major myself. But my true love is with tech. Liberal Arts is just so darn flexible though.

 

[BoogieNYC]

I don't hope it tanks...you'd rather have iPhone restrictions? But it gives an opportunity for others to give better options.

The reason why I hope the X tanks is so it demonstrates to Motorola and other manufacturers that if they lock their phones they won't be in the Android market for very long. It's all about money, and the cause-and-effect. The cause: lock your phone. Effect: don't make money.

 

[EmoTonyB]

The reason why I hope the X tanks is so it demonstrates to Motorola and other manufacturers that if they lock their phones they won't be in the Android market for very long. It's all about money, and the cause-and-effect. The cause: lock your phone. Effect: don't make money.

yeah. this.

 

[goldenu]

Just got this quote from the website referred to in the other Droid X thread in the news section.

This is good news indeed.

Not really - Motorola responds to Droid X bootloader controversy, says eFuse isn't there to break the phone -- Engadget

This is directly from Motorola, and the pertinent part is here:

"If a device attempts to boot with unapproved software, it will go into recovery mode, and can re-boot once approved software is re-installed."

So unless you love staring at your bootloader, best pick those pitchforks back up.

 

[Yeltnerb]

So I am very torn about this.

On my job side I totally see the need to do this, to expand the market for the phone to the enterprise to sell addtional motorola properties (like Good Technology) you have to secure the product. A blackberry is just so much more secure than the droid. the nightmare security scenario is that someone reflashes the phone and then can snoop in on the email etc. of the user of the handset due to a custom rom. The fact that Moto/VWZ cannot guarantee this locks them out from a large segment of the government market, there are several phones that are not approved for end user use at some of the government facilities that I frequent as part of my job.

There is also the carrier side to think about (which is where most of the consumer stuff does come from) which says that wow, if someone puts a non standard ROM on the phone then what might it do to my network (and it would be easy to claim that any ROM not explicitly approved by VWZ was not compatible with their network). The other challenge that the carriers would face is that you want to ensure that consumers don't do things like tethering etc. which they want to monetize (as if a $350 ETF and requiring data plans was not generating enough $$).

But as a consumer I think that this blows, as I am using an original droid, with a froyo leak running on it, and I love it, when I see what can be done with a custom ROM I compared to the stock version that I was running I am just floored.

I am trying to determine what exact features I would miss from a locked down version of 2.2 and beyond. Ability to change kernels would be one, but that is minor if the battery and speed issues are solved, the obvious tethering one (but I don't use that so I it less important to me) and of course the impress the developers on your team factor by running Froyo I just cannot really see something that I could not do.

And in regards to timing of the annoucements etc. When Droid was coming out it was unclear if VWZ would have a hit, and the early droids were buggy at best with the stock ROM. Now that things have had 6 months to mature the stock ROMS are improving a ton, my wife uses an incredible and I am not sure that I would want to change the ROM out on that one at all.

 

[IOWA]

So I am very torn about this.

On my job side I totally see the need to do this, to expand the market for the phone to the enterprise to sell addtional motorola properties (like Good Technology) you have to secure the product. A blackberry is just so much more secure than the droid. the nightmare security scenario is that someone reflashes the phone and then can snoop in on the email etc. of the user of the handset due to a custom rom. The fact that Moto/VWZ cannot guarantee this locks them out from a large segment of the government market, there are several phones that are not approved for end user use at some of the government facilities that I frequent as part of my job.

There is also the carrier side to think about (which is where most of the consumer stuff does come from) which says that wow, if someone puts a non standard ROM on the phone then what might it do to my network (and it would be easy to claim that any ROM not explicitly approved by VWZ was not compatible with their network). The other challenge that the carriers would face is that you want to ensure that consumers don't do things like tethering etc. which they want to monetize (as if a $350 ETF and requiring data plans was not generating enough $$).

But as a consumer I think that this blows, as I am using an original droid, with a froyo leak running on it, and I love it, when I see what can be done with a custom ROM I compared to the stock version that I was running I am just floored.

I am trying to determine what exact features I would miss from a locked down version of 2.2 and beyond. Ability to change kernels would be one, but that is minor if the battery and speed issues are solved, the obvious tethering one (but I don't use that so I it less important to me) and of course the impress the developers on your team factor by running Froyo I just cannot really see something that I could not do.

And in regards to timing of the annoucements etc. When Droid was coming out it was unclear if VWZ would have a hit, and the early droids were buggy at best with the stock ROM. Now that things have had 6 months to mature the stock ROMS are improving a ton, my wife uses an incredible and I am not sure that I would want to change the ROM out on that one at all.

- Flashing a ROM would wipe the data on the phone, so how are they going to snoop emails?

- Flashing a custom ROM would not, and could not be proven to be incompatible with the network. If it works, it's compatible. Simple as that.

- If enterprise were so worried about these things, then they would completely drop the iPhones(if they use them), because you can simply hook up an iPhone to a Linux box and browse the iPhone with relative ease.

- If someone was really into corporate sabotage, I'm sure they can break into a blackberry if they wanted to, and retrieve the data.

 

[Yeltnerb]

- Flashing a ROM would wipe the data on the phone, so how are they going to snoop emails?
- Flashing a custom ROM would not, and could not be proven to be incompatible with the network. If it works, it's compatible. Simple as that.

- If enterprise were so worried about these things, then they would completely drop the iPhones(if they use them), because you can simply hook up an iPhone to a Linux box and browse the iPhone with relative ease.

- If someone was really into corporate sabotage, I'm sure they can break into a blackberry if they wanted to, and retrieve the data.

to address things.
1. a phone could be stolen reflashed and returned with the user none the wiser.
2. Iphones are banned for this very reason in a number of places (mostly high security government places). And many enterprises don't support iphones.
3. Anything is hackable but blackberry is built from the ground up to prevent such an attack.