防止固件修改

发布于 2024-10-24 03:42:04 字数 97 浏览 5 评论 0原文

有什么办法可以防止android aosp rom中的固件被修改吗?该 ROM 将被刷新到 Nexus One 中,未经授权的用户将无法进行任何修改,包括刷新另一个 ROM。谢谢。

Is there any way to prevent firmware modification in android aosp rom? The rom is to be flashed into Nexus One and unauthorized users will not be able to make any modification including flashing another rom. Thanks.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

孤独陪着我 2024-10-31 03:42:04

手机制造商长期以来一直在尝试这样做,但几乎都失败了。

大多数尝试都是基于软件的,通常存在可被利用来启用本地根访问的缺陷。到那时,你就已经输掉了这场战斗。

仅刷新新的 ROM 永远无法阻止未经授权的修改,因为攻击者可以直接引导到引导加载程序并从那里进行不受限制的访问。您最好的选择可能是编写一个自定义引导加载程序,但这超出了大多数人的能力范围,而且,即使这样也不能保证不会被篡改。

在我看来,唯一接近实现这一目标的是摩托罗拉,如果检测到加载的 ROM 未经授权(我相信使用数字签名),其电子保险丝就会熔断。

简而言之,您可能无法采取任何合理措施来防止未经授权的修改 - 一旦手机落入他人手中,您就不能相信它未经修改。

Handset manufacturers have been trying to do just this for a long time - almost all have failed.

Most attempts are software based an usually have flaws that can be exploited to enable local root access. At that point, you've already lost the battle.

Just flashing a new ROM will never allow you to prevent unauthorised modifications since an attacker can just boot to the bootloader and have unrestricted access from there. Your best bet may be to write a custom bootloader, but this is beyond what most people can achieve, plus, there's no guarantee that even this is secure from tampering.

Off the top of my head, the only people who have come close to achieving this is Motorola with their electronic fuse that blows if the loaded ROM is detected to be unauthorised (using digital signatures, I believe).

In short, there is probably nothing you can reasonably do to prevent unauthorised modification - once the handset is in somebody else's possession, you can't trust that it is unmodified.

思念满溢 2024-10-31 03:42:04

由于 Nexus 附带了一个可解锁的引导加载程序(您将用它来安装固件),简短的回答是您不能。

然而,您可以做的是编写一个应用程序来验证您的手机是否处于您期望的状态,但这也可以进行逆向工程。

Since the nexus one comes with an unlockable bootloader (that you would use to install your firmware) the short answer is that you can't.

However what you can do is write an application that validates that your phone is in the state you expect but that too could be reverse engineered.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文