Keeping track of companies that "care about your data 🥺"
Over the past few years, a suspicious number of companies have started to "take care of your data", aka block/strictly limit your ability to unlock the bootloader on your own devices.
While this may not affect you directly, it sets a bad precedent. You never know what will get the axe next: Shizuku? ADB? Sideloading? I thought it might be a good idea to keep track of bad companies and workarounds.
If you know of specific details/unlocking methods, please PR them or drop them in the discussions
Caution
Reminder that no matter how nice a company is,
you should not trust them unless their unlock process is 100% offline!
In the past, Huawei allowed you to unlock with a special code you get by submitting some information to emui.com (IMEI, serial, model, and product ID), but in 2018 "corporate values have changed" and the site went down.
Worse, on Android 10+, the unlock command has been completely removed from fastboot.
Certain Kirin-based phones can use PotatoNV
Paid methods:
I don't recommend paid methods due to general sketchiness. I have used one of these tools a while ago, it was okay.
Through HCU-client (Not everything is supported + incredible prices hcu-client.com) or DC-Unlocker (Same problems as HCU dc-unlocker.com)
In the flaming pile of HMD's "great" decisions to improve Nokia, one stands out more than others: They decided to follow the fresh "lock the bootloader" trend.
Why was this necessary? I don't know...
Well, anyway. Models released before early 2019 can request unlocking using Hikari Calyx's unofficial service hikaricalyx.com
And for some other models, Hikari Calyx has a repo with prototype ABLs. fih-firmware.hikaricalyx.com
Models 7.2, 8.3 and 5.3 can be unlocked offline, while others may require HMD Device Kit which is not public and requires a service account.
As for Windows Phones, most models have an unofficial method of unlocking, which is supported by most Nokia Lumias, except for the 620, 720, and 1320.
Info kindly provided by Hikari Calyx themselves!
The BBK family has an unlocking problem. If in case of OPPO/Realme they at least offer an app in some regions, Vivo is locked completely.
Well, that is, if xdaforums.com doesn't apply to you.
On pre-May 2022 firmware. I believe these methods were ~universal, but proceed with caution:
- Vivo x70 Pro+: xdaforums.com
- Vivo Y31 2021: xdaforums.com
I don't have much to say about OPPO.
The most annoying thing about them is that you can unlock your bootloader, but only if you can get into fastboot. And guess what? They locked fastboot with an RSA key!
As per Realme, they decided that segregating people by race their phone's region is cool. If you didn't buy your phone in China or India, chances are you won't be unlocking anything anytime soon.
In April-May 2023 you could unlock any Realme phone using this script rmx3474-rooting, but on May 26th Realme posted this joke of an announcement on their forum c.realme.com. (They've deleted the original announcement) Since then, they have forced their servers to only return "new struct" keys, which have model data attached, making the script useless.
In theory, if available, you could use full-OTA packages to change your phone's firmware region and use the deep testing app directly, but I can't verify that this works (please, correct me if I'm wrong). Guide: xdaforums.com
As for China and India... Seeing how easily Realme dropped the ball on their global users, I personally would be worried about their future plans. For now, you'll have to find and follow device-specific instructions at c.realme.com. The process is pretty much the same for most phones, but newer models may require a HeyTap account.
While this (currently) only affects users in China, Xiaomi's new policy makes unlocking very annoying.
With this new policy, You must have a Level 5 developer Xiaomi Community account.
And here's a list of things you have to do to get that:
- You must be a citizen of China.
- You have to use HyperOS and report at least 1 bug per day. (????)
- You have to submit at least 1 HyperOS suggestion per month. (????)
- You must be an active Xiaomi Community user.
Additional BS applies:
- The permission to unlock is temporary and is granted for 1-year only.
- You can only unlock 3 devices per-year.
- You will not receive OTA updates.
- your warranty will be void.
Also, check out Xiaomi-HyperOS-BootLoader-Bypass by MlgmXyysd.
Note
While not as extreme, if xiaomiui.net is to be believed, global unlock has also undergone some changes:
- Your Mi Account has been active for more than 30 days.
- Xiaomi Community App version 5.3.31 or above.
- You can only unlock the bootloader of 3 devices per year with your account.
Look here if you want to learn about how Ximi's bootloader works: Xiaomi-bootloader
Info kindly provided by n1ses!
If you have a North American device, well, uh... If you're lucky enough not to update for a while, you can check out this paid service. (At your own risk)
If you bought your phone elsewhere, and it's not carrier locked, you can use the standard process, but brace yourself for all the breakage coming your way!
For example, unlocking will permanently trip Knox. As a result, any Knox-based features will be broken even if you re-lock. This includes, but not limited to: Samsung Pay, Pass, Flow, Health, Secure Folder, Secure Wi-Fi, Smart View. Can you be denied warranty? Probably... Some of those features can be fixed with this LsPosed module KnoxPatch and this Magisk Module KnoxPatch#knoxpatch-enhancer.
In addition, some basic features can, and will probably break, such as VoLTE, (thanks to Samsung's proprietary implementation) and in certain cases even the camera.
Info kindly provided by aries-ts-indo!
Old devices (pre Android 8):
xdaforums.com
In the past, LG had a developer portal which could be used to unlock phones on their website, however it only supported international models of their phones, but in December 2021, LG announced the developer portal would be shutting down due to LG ending production of all phones. On some models (such as the Stylo 3 Plus and G6), the bootloader can be unlocked via fastboot oem unlock
only if the phone is a T-Mobile model.
In the past, HTC allowed you to unlock your bootloader on their developer website, but in June 2018 for whatever reason, HTC announced that any new phones would not have unlockable bootloaders, however their developer website would remain up for older devices.
Note
As of September 2024, the website is still up and working (tested with an HTC Raider), however since HTC hasn't supported it in over 6 years, it may go down at any time, and even for these legacy devices, BS applies.
HTC had a system known as "S-ON/S-OFF", with S-ON enabled, the only partitions that can be flashed are system and recovery, all other partitions are read only. While HTC claims you can write boot with S-ON, it's complicated. For whatever reason, HTC made it so you can't flash boot.img from recovery, if you want to flash boot.img, you have to flash it in fastboot, meaning if you want to flash a ROM, you have to install it in recovery, then reboot to fastboot and flash boot.img, then you can boot. There have been systems to work around this, such as TWRP's HTC Dumlock. There are ways to achieve S-OFF, but it's different for each device. Search for your specific device on XDA. Do note that due to the age of most of these tools, they may require legacy operating systems such as Ubuntu 14.04 or Windows 7.
There's not a lot to say about Meizu.
They've never had unlockable bootloaders, and although there are a number of unofficial methods. Some Snapdragon devices have a FRP exploit you can use in EDL to unlock, If your device is unsupported by the FRP exploit and isn't supported by mtkclient, there are paid services which you can use at your own risk.
Asus originally allowed you to unlock your bootloader via their website, however in November 2023, the website went down "for maintanence", Asus claimed it would come back, but it never did. Someone eventually found a way to unlock the bootloader on the Zenfone 9, and Asus responded, not by finally bringing the site back, but by patching the method and introducing anti-rollback. Following Asus's false claims of a bootloader unlock eventually coming back, a UK customer sued Asus for a refund of their phone, and Asus lost. Asus is still claiming the unlock site will come back eventuallly, but considering how long it's been closed, the anti-rollback, and them losing a lawsuit over their unlockable bootloader claims, it's safe to say it'll probably never come back.
There's nothing to say about Alcatel really. They have fastboot removed from most of their phones and have no official unlock method. A lot of their phones are MediaTek based so you can try mtkclient.
This one is probably expected. No iPhone, iPad, iPod Touch or Apple TV model has had an unlockable bootloader. Depending on your device or SoC, there are BootROM (hardware based) and iBoot (software based) exploits you can use to run unsigned code on iOS devices, such as checkm8 for A5-A11, limera1n for A4, iPod touch 3G, and iPhone 3GS 24kpwn for certain iPod touch 2G's and iPhone 3GS's and steaks4uce for iPod touch 2G's for BootROM exploits, and DRA for all 32-bit devices running iOS 7.x.x for iBoot exploits.
To start off, to unlock your bootloader you have to submit a request on their website, which is pretty bad on its own (wink Huawei). But how do you know if your device is unlockable? Well...
- This page says that "Most of our latest devices support our bootloader unlock program."
- This page says only "Photon Q 4G LTE, DROID RAZR M(Developer Edition), DROID RAZR HD(Developer Edition CDMA-LTE), MOTOROLA RAZR HD (Rest of World -UMTS/LTE), MOTOROLA RAZR HD (Rogers Canada - UMTS/LTE) and MOTOROLA RAZR i are supported by the Bootloader Unlock site."
- And from this conversation turistu had with their support: "most of our E devices doesn't support bootloader unlock program. Please see below a list of devices that support the bootloader unlock program : g100, g51 , g71 , g200 , g52 , g82 , g42 , g62 , g32"
- There's also an unofficial way with CID to check if your device can be unlocked, check here: xdaforums.com
- Motorola also requires the phone to have a stable internet connection for at least a week for the bootloader to be unlocked, this is not mentioned anywhere on the unlock website but has been confirmed by posts on the Motorola development forum
Moto used confusion! It seems pretty effective...
What? OnePlus? Aren't their phones super easy to unlock? - yes, but...
You probably heard about the OnePlus X OPPO os merger and while it did get called off, both companies started sharing a "unified codebase". You can probably see where I'm going.
If one day OnePlus decides to practice racism like Realme or go nuclear like OPPO/Vivo, they'll have those "unified" tools at their disposal.
No, wait, I have a point.
All Fairphones after 2 require you to request a code from this website to enable OEM unlock. There is nothing stopping them from requiring an account and having device unlock limits in the future. This is "proceed with caution" after all.
Not very fair in my opinion, but whatever fairs your phone.
They also broke Verified Boot, lol
Sony has an open policy for software developers:
- They are releasing AOSP sources under Sony Open Devices Program.
- Jolla provides first-class support for installing Sailfish OS on select Xperias. That wouldn't be possible without Sony's openness.
Since Sony likes to ruin a perfect thing:
- Sony requires you to request an unlock code from their servers. They can pull the plug anytime. You have to send your IMEI and agree to warranty voiding.
While Microsoft doesn't provide an official unlocking method, an unofficial method has been available for their Android devices basically ever since Microsoft began making Android phones, and Microsoft hasn't bothered to patch it, and Windows is possible to run on an unlocked bootloader Surface Duo, so it seems like the bootloader will remain unlockable for now, but do note Microsoft can patch the unofficial method at any time.
As for Windows Phones, once again, no official methods, but an unofficial method has been around for a while, and supports all Mirosoft-made Lumias except for the 540 and 535, as Windows Phone hasn't been supported since 2017, it is highly unlikely this is going to be patched.
Allows unlocking on almost any non-carrier locked device, but is also a pioneer in making rooting and custom ROMs painful with things like Safety Net and Play Integrity. With the latest feat being RCS messaging which requires DEVICE integrity to work. (To prevent "spam", of course)
Nothing Phones can be unlocked via fastboot without any codes. The only requirement is to enable OEM unlocking in Developer Options settings page. This is the same procedure as on Google Pixel.
Kirin 620, 650, 655, 658, 659, 925, 935, 950, 960:
It's possible to unlock using testpoints and PotatoNV (Read the readme)
If you own a MediaTek device exploitable by mtkclient you can unlock the bootloader using that.
If it also happens to be an OPPO/Realme device and you need to access fastboot: lkpatcher (web version)
If you own a phone with the Unisoc ud710 or ums512 SOCs you can look into this exploit: CVE-2022-38694_unlock_bootloader
Otherwise, you can also look into this: Spectrum_UnlockBL_Tool
This: xdaforums.com
Or this: subut
There's no Universal Qualcomm method, unfortunately.
Although some of these might work for you:
The general exploit:
alephsecurity.com the bootloader unlock section.
Xiaomi Mi A1 and maybe all MSM89** manufactured before 2018:
EDLUnlock