I recently found out that a locked device (aka a carrier lock) is actually locked in two very different ways.

  1. the sim lock, which prevents you from using a sim card from a different carrier. This usually has some sort of policy regarding how and when to unlock the device (for Verizon it is if the device goes for 60 days without connecting to the Verizon network, might also need to be fully paid off as well)

  2. Bootloader lock, this locks the bootloader and therefore disables any way of flashing anything (rom, root, etc) This is not something that will automatically be unlocked as far as I can tell and only the carrier can modify it. Most carriers seem to have the basic decency to unlock the device if you request it from their support, but be warned that there is no guarantee. What is guaranteed, is that Verizon will tell you to fuck right off and will never unlock your device.

The point of this post is to bring awareness to this issue, it is on me that I didn’t properly research this and just assumed that carrier lock means just a sim lock, but this sucked.

I bought a pixel 8 which was sim-unlocked but sadly, as I discovered, its bootloader was locked and the “oem unlock” option was grayed-out. This is because it was a Verizon model that was out of the network but still, a Verizon model…

As of right now there are no known exploits against this device / Android version, and so, there is no known way to bypass this.

I literally argued, begged, and threatened Verizon. And their official stand is that they don’t allow bootloader unlocks, they don’t have the ability to do them (A lie) and that it will degrade my experience (Idiots)

So I started doing anything I could think of. I tried old exploits that were patched (unsurprisingly they failed), I tried sideloading other versions of stock android (worked but didn’t affect the bootloader), I even setup mitm wifi hotspot that has a transparent tls inspection (see PolarProxy) but it seems that the OS does not trust any “user” CAs and so it tries to connect to android.googleapis.com, sees that the CA is not a system CA and aborts the bootloader check, which keeps it grayed-out. My idea was to spoof a valid response but apparently Android has good security practices (who knew)

Short of reversing the OS/Bootloader, it seems there is nothing to do.

So this is my warning to you, don’t buy carrier models, but if you do, make sure the oem unlock option works, but if you don’t, absolutely never buy a Verizon model.

ETA: I bought second-hand under the impression that it was an unlocked device, I thought that by checking sim compatibility I verified that it was, I was wrong.

  • ERROR: Earth.exe has crashed@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    3 days ago

    I think the point is, if you could flash an OS, you could theoretically bypass sim locking.

    Is your device already sim unlocked? Is so, you just connect to the internet with developer menu turned on, then wait (anywhere from hours to days, like let this happen in the background, it doesn’t have to stay on the screen) and hope the option becomes selectable. And reboot once a day to see if the menu option changes. I had a sim locked device that had the option suddebly become available for some reason.

    • davidgro@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 days ago

      It’s simply a ‘known issue’ which OP unfortunately discovered first-hand, that Verizon specific models have a modified OS that cannot ever be bootloader unlocked (without exploits) - regardless of SIM lock. It really is their corporate policy. And why I buy my devices directly from the OEM even though I could in theory get a discount from Verizon (happens to be my carrier… For now.)