Friday, November 7, 2008

Howto: Prevent OTA Update for the G1 Phone to retain Root access

OTA updates are all cryptographically signed to prevent you from spoofing the update and installing something on your phone that you shouldn't. Ironically, this signature checking makes it relatively easy for you to prevent OTA updates from being applied once you have gotten root access on your phone.

To prevent OTA updates, you can simply move the file from the expected location to another location on your device.

mv /system/etc/security/ /system/etc/security/

That one line will move the otakeys to a location the updater can't check for it - and once the OTA update is downloaded, it will be unable to apply.

Note, however, the OTA update will say "failed" and then immediately restart downloading it once the signature check fails - so this fix is less than ideal but will at least prevent you from waking up one day to a phone that doesn't love you as much as it did the day before.

It should also be noted that the "recovery mode" of the phone does NOT use the to check for the signature - currently it uses a compiled-in list of signatures to check for - so moving the has no effect at all on doing an SD Card update.

Original content for this was originally found here


  1. Hey, I want to congratulate you with your tips/tricks and information, I would love to see if you want to message me by

    my nickname is: rayosx

    keep the good work !

  2. i renamed the two files as instructed. failed to sync after that. dev phone 1 software, engineering bootloader

  3. I used your program and mine said read-only file. any recommedations?