Hello everyone, Im new here so please dont kill me if this is a common question. I have searched all over but cant find the answer I need. Im excited to learn from all the wonderful information here and cant wait to get started.
Anyway, I had a Nexus S 4g flashed to work on Boost. I would like to root it so that I can change some things. However, I do not know if my phone was previously rooted. Is there anyway to find out? If it was, and I rooted it again, would that cause problems? Also, does rooting the phone cause problems with the flashing, or will it keep all of the necessary network information intact (so that it doesnt screw up my service)?
Rooting doesn't cause problems with the flashing, it just -potentially- opens up the system to damage. This is a user responsibility and not a fault of the rooting process; it's a possibility of having too much power over the system.
Most likely it would have had the bootloader unlocked and have been rooted. Turn off the phone and turn it on again by holding Vol. Up and Power simultaneously for a few seconds. If it was rooted, the best way to know is if it says "bootloader unlocked" in the upper half of the screen. If not, there is a high chance it isn't CURRENTLY rooted. If it is unlocked, the most work you need to give root access to android is going into recovery and installing a .zip file.
Exactly so after finding that out just look over one of the many guides we have here at XDA to flash the superuser package.
Sent from my Nexus S
I didnt see anything saying unlocked. I see 'Lock State - Locked', so Im assuming this means that it is not currently rooted. I guess now I will go through some guides and learn which method would be best for me. Thanks for the quick reply and help.
Most likely you aren't rooted either - you can test by typing "su" in terminal emulator.
Just remember if u unlock bootloader the internal data and sdcard will all be deleted.
So after my experimenting with the latest OTA update I cannot attain s-off, and I don't think you will be able to with the new bootloader.
I think the people that were able to downgrade with the latest OTA were able to do it before they rebooted with the new hboot.
It seems that we are going to end up like the Evo 3D people where you have to use fastboot to flash a kernel boot.img and clock to flash the kernel/rom.
If anyone can come up with any other work arounds please feel free to suggest them.
I had the unlocked bootloader, running UKE AOSP ROM (CM7) and tried the misc.img trick. When I rebooted to flash PG06IMG.zip I noticed my bootloader went from unlocked to locked.
It seems that HTC has patched the misc.img trick.
Again, I am more than willing to admit I am wrong and hope someone can prove me wrong on this.
Maybe you should stop "experimenting" on things that will cause serious issues to your phone
It says in the title do not accept ota updates and I think that is a valid point. Only developers should accept and download the ota updates so they can make revisions on rom/fimeware updates to avoid loosing the eng s-off bootloader.
2+ thoughts:
First, the 2.3.4 update is actually pretty damn good. Even if we were on a locked bootloader with no other options, this is the closest to acceptable stock performance we've had on this hardware.
Second, with one remark I'll follow up with, I don't think being stuck without an S-OFF bootloader is really all that big a problem for a casual power user. We have to remember there are kind of three categories of people who will use a smartphone - people that don't care about root and custom software, people like me who will happily install things if it means better performance but don't necessarily need to be doing so constantly, and people like those of you who hang out in the dev forum who flash software constantly.
I got tired of having to constantly reinstall all my old apps and restore SMS data and whatever else every time I changed roms to try, and with all due respect to the guys pumping out remarkably high quality work on Sense 3.0/3.5 roms, there are too many problems with that software on our hardware for my tastes. I flashed new software on my Hero constantly and that was kinda fun, but as my life's gone on, I don't really like it the same way I used to, and a bugfix release seems somewhat less magical than it used to.
For someone like me, only being able to flash boot and system doesn't represent a substantial problem.
Now! The remark is that I think the limited unlock is stupid and hinders the community, despite the fact that I don't need it. You guys (active devs) do a hell of a lot for the lives of these phones that the companies crap out as fast as they can and then shovel into "release worthless maintenance releases every 4 months" as soon as the container ship leaves port. I will admit: we have been lucky with the 2.3.4 update. This seems to be well tested and deals with a number of outstanding problems with our phones, not the least of which was the awful performance of the 2.3.3 updates. Unfortunately, the limited unlock and its two-step flash process only serve to slow down your progress. That's it. I cannot conceive of any reason HTC would have been able to use to justify making the choice. I actually went in and complained at them about it through htcdev just because I feel like this is going to, in the long run, only serve to destroy the active communities surrounding many of these phones.
What's the solution we can suggest (since we all know HTC doesn't care enough to read this)? Instead of a halfassed unlock state that takes all of 20 seconds to attain, we need at least the ability to have recovery flash to the boot partition, if not a full S-OFF. What's the balance? Make it harder for us to get, I guess - flashing eng bootloaders is kinda difficult and beyond the reach of people that don't understand what they're doing anyway, so I guess that makes for a good process.
I also guess that the downside, in many people's eyes, is that an official unlock :VOIDS YER WARRANTY: whereas unofficial/revertable unlocks that only *voids your warranty*. I don't know how common warranty claims are but it's clear Sprint doesn't want to service ANY phones and I don't know if anyone's ever sent a phone to HTC for work or not. This is probably an area where companies need to figure out how to bring the concept of hardware warranties in line with what software can do. A CPU overclock/undervolt is going to have a tough time failing a digitizer, right? So why refuse service? And what if we don't have software that can make any changes to how the hardware runs, like when a phone first comes out and we have unlock but not source code?
There are a number of problems at play with this situation but overall, this is stupid and regretful and we at least need a patched unlockable hboot that allows one-step rom flashing.
I know this has been the longwinded brainfart nobody wanted to read, but it feels good to write it down in a public place.
nurrwick said:
2+ thoughts:
First, the 2.3.4 update is actually pretty damn good. Even if we were on a locked bootloader with no other options, this is the closest to acceptable stock performance we've had on this hardware.
Second, with one remark I'll follow up with, I don't think being stuck without an S-OFF bootloader is really all that big a problem for a casual power user. We have to remember there are kind of three categories of people who will use a smartphone - people that don't care about root and custom software, people like me who will happily install things if it means better performance but don't necessarily need to be doing so constantly, and people like those of you who hang out in the dev forum who flash software constantly.
I got tired of having to constantly reinstall all my old apps and restore SMS data and whatever else every time I changed roms to try, and with all due respect to the guys pumping out remarkably high quality work on Sense 3.0/3.5 roms, there are too many problems with that software on our hardware for my tastes. I flashed new software on my Hero constantly and that was kinda fun, but as my life's gone on, I don't really like it the same way I used to, and a bugfix release seems somewhat less magical than it used to.
For someone like me, only being able to flash boot and system doesn't represent a substantial problem.
Now! The remark is that I think the limited unlock is stupid and hinders the community, despite the fact that I don't need it. You guys (active devs) do a hell of a lot for the lives of these phones that the companies crap out as fast as they can and then shovel into "release worthless maintenance releases every 4 months" as soon as the container ship leaves port. I will admit: we have been lucky with the 2.3.4 update. This seems to be well tested and deals with a number of outstanding problems with our phones, not the least of which was the awful performance of the 2.3.3 updates. Unfortunately, the limited unlock and its two-step flash process only serve to slow down your progress. That's it. I cannot conceive of any reason HTC would have been able to use to justify making the choice. I actually went in and complained at them about it through htcdev just because I feel like this is going to, in the long run, only serve to destroy the active communities surrounding many of these phones.
What's the solution we can suggest (since we all know HTC doesn't care enough to read this)? Instead of a halfassed unlock state that takes all of 20 seconds to attain, we need at least the ability to have recovery flash to the boot partition, if not a full S-OFF. What's the balance? Make it harder for us to get, I guess - flashing eng bootloaders is kinda difficult and beyond the reach of people that don't understand what they're doing anyway, so I guess that makes for a good process.
I also guess that the downside, in many people's eyes, is that an official unlock :VOIDS YER WARRANTY: whereas unofficial/revertable unlocks that only *voids your warranty*. I don't know how common warranty claims are but it's clear Sprint doesn't want to service ANY phones and I don't know if anyone's ever sent a phone to HTC for work or not. This is probably an area where companies need to figure out how to bring the concept of hardware warranties in line with what software can do. A CPU overclock/undervolt is going to have a tough time failing a digitizer, right? So why refuse service? And what if we don't have software that can make any changes to how the hardware runs, like when a phone first comes out and we have unlock but not source code?
There are a number of problems at play with this situation but overall, this is stupid and regretful and we at least need a patched unlockable hboot that allows one-step rom flashing.
I know this has been the longwinded brainfart nobody wanted to read, but it feels good to write it down in a public place.
Click to expand...
Click to collapse
Sure I understand that people like you that already have the s-on unlocked are use to it. I'm not the type of person that flashes roms constantly so I think that's a stereo-type. I guess what it really comes down to is people that are use to having s-off will not like the new s-on bootloader, and there will be a stock sense rom soon enough for people that have and want to keep s-off to flash. Now can you tell me what a nandroid unlocked device is? Can you nandroid restore from a stock sense rom to a aosp rom and the kernel will get restored in recovery? I don't think it will. Sure I don't like to switch roms a lot, but I do like to nandroid restore every once in awhile back to ruu to check for prl/profile updates. I might not always be at me pc to do a fastboot flash boot.img when doing nandroid restores or flash a no wipe updated rom that has new features in it. I also use my pc a lot for compiling so it takes a lot of my pc's resources to do that. So therefore even when I am at my pc it might not be available for doing those types of things.
blahbl4hblah said:
Maybe you should stop "experimenting" on things that will cause serious issues to your phone
Click to expand...
Click to collapse
Good point, and good thing this is my "dev" phone.
VICODAN said:
Good point, and good thing this is my "dev" phone.
Click to expand...
Click to collapse
Now you just need to learn how to dev... Lmfao!
Sent from my PG06100 using Tapatalk
sparksco said:
Now can you tell me what a nandroid unlocked device is? Can you nandroid restore from a stock sense rom to a aosp rom and the kernel will get restored in recovery? I don't think it will. Sure I don't like to switch roms a lot, but I do like to nandroid restore every once in awhile back to ruu to check for prl/profile updates. I might not always be at me pc to do a fastboot flash boot.img when doing nandroid restores or flash a no wipe updated rom that has new features in it.
Click to expand...
Click to collapse
I can tell you what would irritate you is that the bootloader isn't allowing recovery to write to the boot partition. I can tell you recovery can write to data and to system. I can tell you that what I wrote up above is that, at the very least, what we need is the ability to write to all three at the same time. That's a feature I want, which is what I said up above.
Indeed, the very fact that restoring a nand backup is a two-boot two-step process is exactly what I think is broken with this unlock tool. I, too, would benefit from being able to backup and restore while not at a PC.
For what it's worth, I've wiped data once since I did the unlock and flashed recovery and cw recovery restored it. Additionally, I even just flashed a 2.3.3 zip in recovery to test a theory I had about loading recovery.img off a hard drive to see if it got better permissions than loading it from the phone. The answer? No it doesn't, but hey, at least recovery was able to overwrite 2.3.3 with 2.3.4 and restore my user data.
nurrwick said:
I can tell you what would irritate you is that the bootloader isn't allowing recovery to write to the boot partition. I can tell you recovery can write to data and to system. I can tell you that what I wrote up above is that, at the very least, what we need is the ability to write to all three at the same time. That's a feature I want, which is what I said up above.
Click to expand...
Click to collapse
Yes but it's not very easy to get that extra feature. Look at the evo 3D and how long they've been using the s-on bootloader. HTC is making more and more difficult to get s-off without bricking the phone while in the process of doing it. I've know many devs to brick their phones just trying to achieve s-off for all of us to enjoy, but most of them won't talk about it they'll just suck it up and keep doing what they normally do.
sparksco said:
Yes but it's not very easy to get that extra feature. Look at the evo 3D and how long they've been using the s-on bootloader. HTC is making more and more difficult to get s-off without bricking the phone while in the process of doing it. I've know many devs to brick their phones just trying to achieve s-off for all of us to enjoy, but most of them won't talk about it they'll just suck it up and keep doing what they normally do.
Click to expand...
Click to collapse
Yep we are now in the 3vo camp.
But, we can still flash roms and kernels, it's just more of a pain than it used to be.
sparksco said:
Yes but it's not very easy to get that extra feature. Look at the evo 3D and how long they've been using the s-on bootloader. HTC is making more and more difficult to get s-off without bricking the phone while in the process of doing it.
Click to expand...
Click to collapse
I am trying to say, and I thought I expressed it correctly, that the HTC unlock needs to enable recovery to work correctly, and that if it did, not having S-OFF would really be no big deal whatsoever.
If they enabled that, I would be 100% happy with an S-ON unlockable bootloader. In short, I am asking for HTC to give us that extra feature. No more. I don't need to write to radio.
But, since they don't, I understand the desire to keep S-OFF.
PERSONALLY, I will be happy with S-ON because 2.3.4 doesn't suck and I'm not compelled to switch away from it or put in a custom kernel. I *fully* recognize I am in a minority in that position.
IF, however, I purchase another HTC phone in the future and the only option for writing to the phone's memory is this half-assed bootloader unlock, I will be very unhappy. That's why I'm going to engage in a little back and forth with them, and why I'm going to wait for any future phone purchase for the software for it to settle down. I'm not buying something that's stuck in pocket mode ever again.
nurrwick said:
I am trying to say, and I thought I expressed it correctly, that the HTC unlock needs to enable recovery to work correctly, and that if it did, not having S-OFF would really be no big deal whatsoever.
If they enabled that, I would be 100% happy with an S-ON unlockable bootloader. In short, I am asking for HTC to give us that extra feature. No more. I don't need to write to radio.
But, since they don't, I understand the desire to keep S-OFF.
PERSONALLY, I will be happy with S-ON because 2.3.4 doesn't suck and I'm not compelled to switch away from it or put in a custom kernel. I *fully* recognize I am in a minority in that position.
IF, however, I purchase another HTC phone in the future and the only option for writing to the phone's memory is this half-assed bootloader unlock, I will be very unhappy. That's why I'm going to engage in a little back and forth with them, and why I'm going to wait for any future phone purchase for the software for it to settle down. I'm not buying something that's stuck in pocket mode ever again.
Click to expand...
Click to collapse
Correct me if I'm wrong but the problem is not recovery, the problem is the bootloader.
You can flash clockwork recovery, but you cannot overwrite the bootloader.
No, you're correct; you'll note I said "HTC unlock needs to enable recovery to work correctly." We all know recovery works right, since we were using it last week. This week, with bootloader unlock, it doesn't work right. BUT of course, as we also all know because you've succesfully done it, the bootloader allows you to write to boot with fastboot commands.
Thus, The problem is that the htc unlock doesn't let the bootloader give recovery permission to write to boot.
That's what I want fixed and what the dev community and people who want faster flash and restore need.
nurrwick said:
No, you're correct; you'll note I said "HTC unlock needs to enable recovery to work correctly." We all know recovery works right, since we were using it last week. This week, with bootloader unlock, it doesn't work right. BUT of course, as we also all know because you've succesfully done it, the bootloader allows you to write to boot with fastboot commands.
Thus, The problem is that the htc unlock doesn't let the bootloader give recovery permission to write to boot.
That's what I want fixed and what the dev community and people who want faster flash and restore need.
Click to expand...
Click to collapse
Well I guess it's time to trollolol HTC again?
Please note though, that HTC only supports unlocked bootloaders on HTC devices released after September 2011. We aren't even supposed to have an unlocked bootloader.
VICODAN said:
Well I guess it's time to trollolol HTC again?
Click to expand...
Click to collapse
Just before I wrote the longwinded post above, I sent a direct contact message through htcdev.com… then a little while ago, I tweeted at them about it, too.
I don't expect a positive result, but I guess I owe it to myself and to the community to at least try to do what I can!
VICODAN said:
Yep we are now in the 3vo camp.
But, we can still flash roms and kernels, it's just more of a pain than it used to be.
Click to expand...
Click to collapse
When you say "we" I'm assuming your talking about yourself and a few select others. I think a majority of the shift community still has s-off, so this doesn't really apply to a majority of the shift community.
Most of the community won't keep the shift forever. Not that we will meet with any success by trying to convince HTC that leaving boot off-limits to recovery is a mean-spirited and pointless thing to do, but on the off chance they'll listen, wouldn't you rather have people working toward getting it to be an official part of the official solution so that your next HTC phone is easier to work with while unlocked/S-ON?
If we have to put up with bootloader unlocks from now on instead of leaked engineering software, at least someone should fight to make sure they aren't crappy.
nurrwick said:
Most of the community won't keep the shift forever. Not that we will meet with any success by trying to convince HTC that leaving boot off-limits to recovery is a mean-spirited and pointless thing to do, but on the off chance they'll listen, wouldn't you rather have people working toward getting it to be an official part of the official solution so that your next HTC phone is easier to work with while unlocked/S-ON?
If we have to put up with bootloader unlocks from now on instead of leaked engineering software, at least someone should fight to make sure they aren't crappy.
Click to expand...
Click to collapse
Yes I agree HTC should allow s-off when unlocking the bootloader maybe as a seperate option or just part of the main unlocking feature on their website. S-on mean security on so if you want them to make a unlockable bootloader it needs to be s-off and not s-on that protects things like recovery from flashing the boot partition.
****ty quality but:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Thanks again otaking71
And if we pressure them into give us s-off maybe they would do it to future phones
While I am an advocate for device customization and modifications, I also believe there is an inherent need for locked bootloaders. When we unlock a BL and leave it that way so we can run custom ROMs, root etc, we sacrafice the security it provides allowing our devices to be tampered with or redistributed after a theft. I've seen the PSA advising people not relock their bootloaders on anything except stock. That is entirely true for Verizon and EE pixels that were never intended to be unlocked in first place. However I believe its entirely possible to boot properly self signed images on unlockable devices after re-locking.
Now, I'm not saying we should go around re-locking bootloaders with custom firmware installed there's a process. I've done a bit of reading on verified boot. I am interested in utilizing the "YELLOW STATE" so we can run self signed boot images using an "embedded certificate" along with dm-verity disabled. The problem is how can we self sign our boot images allowing boot to continue without compiling from source?
https://source.android.com/security/verifiedboot/verified-boot.html
https://mjg59.dreamwidth.org/31765.html
I found some information & maybe a more experienced DEV can shed some light on if its possible with our Pixel devices. That's really the goal of this thread, to start a discussion which I think is extremely important & hopefully turn into a guide or tool. We shouldn't completely sacrafice security to utilize root or custom ROMs. On my N5X I have a locked bootloader and modified boot/system with Allow OEM unlock disabled. Difference with our Pixels and Nougat BLs is verified boot is strictly enforced.
Please excuse me if this thread seems jumbled or all over the place. I really do want help with this idea tho to help inform and keep us secure. Any input is appreciated.
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
milan187 said:
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
Click to expand...
Click to collapse
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Which risk is greater. The risk of losing an unlocked device and it falling into the hands of someone that knows what to do or bricking it relocking it.
I vote the latter.
Its not re-locking that bricks... Its disabling the allow OEM unlock in dev options & screwing with stuff afterwards that may cause a bootloop. As long as you have a signed boot image in place with TWRP or stock recovery that uses your own keys the risk is minimal.
Simple rule... With a locked boot loader on a device where verification is strictly enforced always leave that option ticked if modifying anything.
I'm sorry but people are misinformed. Locking the boot loader doesn't brick if you have a custom ROM in place any more than a stock ROM. Its screwing with things or using a poorly dev'd ROM. If you are like me and can set something up the way you like once and not screw with it you'll be fine. If you do wanna screw with something remember to check allow OEM unlock in dev opts. Don't uncheck until you're 100% sure. It really is that simple.
If you are leaving the toggle open what have you accomplished when it gets stolen? They just issue the fastboot command to unlock it. Yea, it wipes data at that point. But I honestly can't think of anything on my phone that is confidential.
When I'm out n about and using my phone normally (i.e. not modding, flashing etc) I put the toggle to off. If I'm planning on changing anything I toggle it back on & if something causes a bootloop (most probably user error) I can recover. I don't think most people who steal phones care about data either but I keep a lot of keys, passwords etc to networks in my devices storage. I admit its not for everybody, just a way to be more secure and protect a $700+ investment. My phones bootloader isn't just locked, its locked with a persistent root ssh backdoor integrated into system so I can maintain control in the event.
want to re-lock my boot loader ?
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
---------- Post added at 10:57 AM ---------- Previous post was at 10:21 AM ----------
sally76 said:
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
Click to expand...
Click to collapse
Sorry Duhhhh !! Custom u said lol
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10?
(Or does anyone else know?)
PS: Sorry everyone for pumping such an old thread
nullstring2 said:
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10
Click to expand...
Click to collapse
Unfortunately no. Now there is avbtool and the process is actually a bit more complicated. Somebody wrote a guide on how to use it externally for another device but I couldn't even follow. I actually find it easier to get the sources for whatever ROM it is I'm trying to sign and set the signing params in config before build.
Here is the guy who did it usually avbtool externally
https://forum.hovatek.com/thread-32664.html
Many instructions here
https://android.googlesource.com/platform/external/avb/+/master/README.md
Geofferey said:
...but I couldn't even follow. /QUOTE]
Well, thats an intimidating introduction, but I'll take look.
That guide appears to be talking about mediatek CPUs which makes it a little confusing.
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
nullstring2 said:
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
If you mean how to make your own key to perform signing then
Code:
openssl genrsa -des3 -out avb.pem 2048
If you're asking how to get the same key that Google used to sign vbmeta, it ain't ever gonna happen.
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Is there ANY way to do this on Xperias or LGs?
Geofferey said:
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Click to expand...
Click to collapse
It has ALL to do with safetynet/play integrity.
I wouldn't care to leave my bootloader unlocked otherwise.
But I want a rom that passes all security standards without "tricks".
Forgive my lack of knowledge.
Before reading the drawbacks I attempted to unlock the boot loader on my X Compact, I received a few errors and now I am unsure as to whether it is unlocked or not. Is there a way to test this?
I intended to root the phone but I have not root a phone for years, the last one was a Samsung S5 and things seem to have got more complicated since then.
So my questions are, how do I check if the boot loader is unlocked?
If I have lost the DRMs, how do I replace them?
What actual effect does losing them create?
I have read dozens of threads but can't find a straight answer, If you know, I'd appreciate it.
I am still considering the root.
wyzzy said:
Forgive my lack of knowledge.
Before reading the drawbacks I attempted to unlock the boot loader on my X Compact, I received a few errors and now I am unsure as to whether it is unlocked or not. Is there a way to test this?
I intended to root the phone but I have not root a phone for years, the last one was a Samsung S5 and things seem to have got more complicated since then.
So my questions are, how do I check if the boot loader is unlocked?
If I have lost the DRMs, how do I replace them?
What actual effect does losing them create?
I have read dozens of threads but can't find a straight answer, If you know, I'd appreciate it.
I am still considering the root.
Click to expand...
Click to collapse
It's been a while, but I think you open the phone app and dial *#*#7378423#*#*, then go to service info>configuration, and in the info there it will tell you.
If you lost drm, they're gone for good. Back them up first, or no hope. The affect is a loss of certain Sony camera functions.
It says
"Bootloader unlock allowed: Yes"
but I read somewhere that sometimes this does not change after it is unlocked, is there a way to be sure?
What camera functions are lost? I read a lot of talk about it but nobody seemed to be able to pin down what the difference is.
Also how do I back up the DRM?
Im running Oreo
wyzzy said:
It says
"Bootloader unlock allowed: Yes"
but I read somewhere that sometimes this does not change after it is unlocked, is there a way to be sure?
What camera functions are lost? I read a lot of talk about it but nobody seemed to be able to pin down what the difference is.
Also how do I back up the DRM?
Im running Oreo
Click to expand...
Click to collapse
I think that if it is unlocked, it will say "status unlocked" or something. Your message only indicates that it's possible to unlock it, (sometimes it's not). The difference is subtle, but noticeable. There are certain camera features specific to Sony that make the pictures nicer. I never looked too much into it, since I'm not too much into photography. If you aren't too hung up on the finer aspects of photography, you probably won't miss it. Still a good idea to back up, though, just in case. I'm pretty sure you can't do it without downgrading to MM first. Then you can use dirtydirty-cow tool, then upgrade back to O if you want - http://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236 You might be able to do it manually from O with dd command, or something, but I'm not sure... You will need to find a MM ftf, shouldn't be too hard, might even be one on Xperifirm still... Now that I think about it, I think ta backup is possible on newer versions of twrp, but you still have to make the backup, and extract the img from the backup, so maybe not any quicker...