XDA Devs unlock bootloaders on Nexus devices - sans Fastboot

Posted by Shane McGlaun

Google's mobile Nexus devices are fairly easy to unlock with bootloaders left open, courtesy of Mountain View. 

Indeed, unlocking these Nexus devices is often as easy as entering into fastboot mode and typing "fastboot oem unlock." The catch?

The recommended Google method automatically wipes data from your device. Of course, the data can be fairly easily retrieved if you know what you are doing. However, one of the biggest problems with using fastboot is that users who don't re-lock the bootloader are essentially leaving their devices unprotected against malicious attacks.

Fortunately, a senior member of XDA Devs by the name of segv11 has devised a method of safely unlocking the bootloader on the Galaxy Nexus, Nexus 4, and Nexus 10 that does not follow the normal convention.

"Instead, it falls back on a process where you can keep your bootloader locked, and still keep a sense of security," explained Jerdog of XDA Devs.

"He does this by simply changing a couple of bits in the /param partition, while keeping the bootloader locked for security reasons."

Last year a similar unlock that replaced the entire /param partition was released by the AdamOutler, also of XDA Devs, which utilizes a brute-force method to unlock the bootloader by replacing the entire /param partition.

"This app highlights an issue with the way Google has chosen to lock the bootloader, especially when it’s easy to just change the aforementioned bit," Jerdog added. "What else is contained in there that can be hacked? What else is there that a malicious app, with root privileges, could potentially render your device a pricey brick? Users [must] be very careful before they mess around with their devices, and to make sure they read all of the instructions the developers put together beforehand."