|
|
||
|---|---|---|
| .github/workflows | ||
| brands | ||
| carriers | ||
| misc | ||
| ru | ||
| .gitignore | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
Keeping track of companies that "care about your data 🥺"
mirrors
Why?
Over the past few years, a suspicious number of companies have started to "take care of your data", aka block/strictly limit your ability to unlock the bootloader on your own devices.
While this may not affect you directly, it sets a bad precedent. You never know what will get the axe next: Shizuku? ADB?
They've already gone after sideloading.
I thought it might be a good idea to keep track of bad companies and workarounds.
If you know of specific details/unlocking methods, please PR them or drop them in the discussions
The list:
Caution
Reminder that no matter how nice a company is,
you should not trust them unless their unlock process is 100% offline!
🍅 Just terrible!
The following manufacturers have made it completely impossible to unlock their devices without a workaround.
Alcatel
Amazon
Apple
Asus
Cat
Coolpad
Doogee
Energizer
Huawei
Meizu
Panasonic
Samsung
Sharp
TCL/BlackBerry
Vivo/IQOO
Vsmart
Windows phones
Carrier Locked Devices
Note
Phone brands handle carrier locks differently, so check your device manual or contact support.
Carrier locked devices are the ones you get after making a commitment with a carrier of your choice. This is quite common in North America and (supposedly) allows you to save some money on your device.
As a rule, almost all carrier locked devices do not allow the bootloader to be unlocked. This usually makes sense, as it would allow you to completely bypass the contract. The problem is that many devices still do not allow you to unlock the bootloader even after the carrier lock has been lifted. For more details, see the carriers page.
⛔ Avoid at all costs!
The following manufacturers allow unlocking under certain conditions, such as region, model, SOC, etc., or require a sacrifice to unlock.
Hisense
HMD/Nokia
Honor
HTC
LG
Motorola/Lenovo/NEC
OPPO/Realme
Oukitel
Xiaomi/Redmi/POCO
ZTE/nubia/Redmagic
⚠️ Proceed with caution!
The following manufacturers require an online account and/or a waiting period before unlocking.
Fairphone
Google/Nexus
Infinix
itel
OnePlus
Sony
Tecno
ℹ️ "Safe for now" :trollface:
Blackview
Cubot
Micromax
Microsoft
Nothing
Shift
Teclast
Teracube
TP-Link/Neffos
Ulefone
Umidigi
Volla
Misc info
Custom AVB Keys
Custom Android Verified Boot keys is a feature which allows you to run a custom OS with a locked bootloader.
It's rare to see a device which supports custom AVB keys, but some devices can be found here.
Universal SOC-based methods
Kirin
Kirin 620, 650, 655, 658, 659, 925, 935, 950, 960:
It's possible to unlock using testpoints and PotatoNV (Read the readme)
MediaTek
If you own a MediaTek device exploitable by mtkclient (fork old version) or Penumbra you can unlock the bootloader using that.
If it also happens to be an OPPO/Realme device and you need to access fastboot: lkpatcher (web version)
If bootloader unlocking doesn't work on an Oppo Mediatek device using the SECCFG mod (unlocking via mtkclient), you can try unlocking fastboot by writing a modified boot1 (preloader). Writing a preloader also uses mtckclient: oppo-mtk-fastboot-unlock.
Qualcomm
Snapdragon 8 Elite Gen 5
Patched in February/March 2026
On Snapdragon 8E5, Qualcomm introduced a vulnerability (CN) (POC) where the boot process would not perform signature verification for the Generic Bootloader, so with write access to the efisp partition it was possible to run arbitary code.
While the vulnerability itself is universal for the platform, it requires device/OEM specific tricks to get root and write the GBL. Some exist for Xiaomi devices.
Other
The general exploit:
alephsecurity.com the bootloader unlock section.
Unisoc
If you own a phone with the Unisoc UMS9620 or older you can use this (UMS9621 need this as exec address) to achieve temporary secure boot bypass and persistently unlock bootloader. This is valid for all devices except some devices with modified uboot which need this or this or this, note that the method used on all these three links is the same but implemented by different people and with possible differences, also by using this aside from bootloader unlock is possible to completely disable dm-verity by patching trustos partition which would allow booting of unsigned partitions.
If you own a phone with the Unisoc UMS312 UMS512 UD710,you can use this exploit to achieve persistently secure boot bypass, which means all firmwares including splloader,uboot can be modified and resigned.
Otherwise, you can also look into this: Spectrum_UnlockBL_Tool
This: xdaforums.com
Or this: subut
