I recently found out that a locked device (aka a carrier lock) is actually locked in two very different ways.

  1. the sim lock, which prevents you from using a sim card from a different carrier. This usually has some sort of policy regarding how and when to unlock the device (for Verizon it is if the device goes for 60 days without connecting to the Verizon network, might also need to be fully paid off as well)

  2. Bootloader lock, this locks the bootloader and therefore disables any way of flashing anything (rom, root, etc) This is not something that will automatically be unlocked as far as I can tell and only the carrier can modify it. Most carriers seem to have the basic decency to unlock the device if you request it from their support, but be warned that there is no guarantee. What is guaranteed, is that Verizon will tell you to fuck right off and will never unlock your device.

The point of this post is to bring awareness to this issue, it is on me that I didn’t properly research this and just assumed that carrier lock means just a sim lock, but this sucked.

I bought a pixel 8 which was sim-unlocked but sadly, as I discovered, its bootloader was locked and the “oem unlock” option was grayed-out. This is because it was a Verizon model that was out of the network but still, a Verizon model…

As of right now there are no known exploits against this device / Android version, and so, there is no known way to bypass this.

I literally argued, begged, and threatened Verizon. And their official stand is that they don’t allow bootloader unlocks, they don’t have the ability to do them (A lie) and that it will degrade my experience (Idiots)

So I started doing anything I could think of. I tried old exploits that were patched (unsurprisingly they failed), I tried sideloading other versions of stock android (worked but didn’t affect the bootloader), I even setup mitm wifi hotspot that has a transparent tls inspection (see PolarProxy) but it seems that the OS does not trust any “user” CAs and so it tries to connect to android.googleapis.com, sees that the CA is not a system CA and aborts the bootloader check, which keeps it grayed-out. My idea was to spoof a valid response but apparently Android has good security practices (who knew)

Short of reversing the OS/Bootloader, it seems there is nothing to do.

So this is my warning to you, don’t buy carrier models, but if you do, make sure the oem unlock option works, but if you don’t, absolutely never buy a Verizon model.

ETA: I bought second-hand under the impression that it was an unlocked device, I thought that by checking sim compatibility I verified that it was, I was wrong.

  • Dutchie@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    2
    ·
    edit-2
    1 month ago

    In netherlands a sim lock is not allowed for years. Nokia had never sim locks on their phones. As far as I know, bootloader locks are done by the manufaturer not by the provider. Edit down -> done

    • tb_@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 month ago

      The manufacturer can also lock the bootloader, but carriers in the US are a special kind of fucky.

    • Markaos@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 month ago

      As far as I know, bootloader locks are done by the manufaturer not by the provider.

      Verizon requires the phones they sell to NOT have the ability to unlock the bootloader. That’s why there are separate factory images for Verizon Pixels.

    • Pika@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      sim locks are not legal in the US either as long as the phone is in good standing and not owed money.

      Basically once the phone is fully paid off the carrier has to unlock it within like 60 days or so.

      Sadly this protection doesn’t cover prepaid devices, nor boot loader locks, only carrier/sim locks