Does having your device encrypted affect the ability or result of rooting?
Conversely, does rooting affect the ability to encrypt / decrypt the device?
Related
Is it possible to have a encrypted and rooted nexus 4?
Yes. They do not conflict. You can even encrypt your phone with an unlocked bootloader.
After receiving my beloved 1+2, I rooted it, installed TWRP and flashed Xposed. Then I encrypted the phone. After wanting to update the rom, I realized TWRP doesn't yet support encryption. I reflashed the stock recovery, which I found here. This didn't help either, no encryption supported.
How can you safely remove the encryption? Does anyone have a functioning setup with stock recovery an encrypted device? Or is it possible to flash new firmware throught fastboot leaving it encrypted?
I made my Htc M7 useless trying to remove it's encryption, so i'm really careful one the 1+2...
Does really nobody know how to reverse this prominent feature in android???
A simple factory reset from the settings menu completely removed the encryption
Is it possible to regain encryption after a device has been rooted. I've seen some old posts about Samsung phones where you could unlock the boot loader, install custom recovery, then encrypt the phone. After the phone is encrypted, you can safely root the phone? Does this apply to the Moto G series as well?
Just temporarily un-root and encrypt the device
http://forum.xda-developers.com/mot...rsu-2-74-2-t3405772/post67864395#post67864395
Newer TWRP should be able to read the encrypted /data by now, IIRC
Hello,
I just ordered my first OnePlus and should receive it by the end of the month. Like all my previous (and quite old) phones, I would like to root it for several reasons and I found the native encryption needs to be disabled in order to be able to root the phone. Fair enough.
Since I never had to deal with encryption on my previous phones, I was wondering if you could tell me more about the consequences:
1) once the phone is rooted, can I enable the encryption again without hassles?
2) once rooted and (hopefully) encrypted, how will I have to update my phone? Flash the full OTA everytime (no partial updates allowed on rooted phones if I understood correctly)? Can I do this without disabling/re-enabling the encryption? After the full flash, will the data & cache be wiped or will it be hassle-free?
3) I generally use Titanium Backup to backup my apps (hence the need for root access) and copy the files on a network drive. Am I correct to assume that native encryption of the OP5 will not affect this process (either during backup or when the files are copied to the network drive (encrypted)?
Thanks for your help
GeeM said:
Hello,
I just ordered my first OnePlus and should receive it by the end of the month. Like all my previous (and quite old) phones, I would like to root it for several reasons and I found the native encryption needs to be disabled in order to be able to root the phone. Fair enough.
Since I never had to deal with encryption on my previous phones, I was wondering if you could tell me more about the consequences:
1) once the phone is rooted, can I enable the encryption again without hassles?
2) once rooted and (hopefully) encrypted, how will I have to update my phone? Flash the full OTA everytime (no partial updates allowed on rooted phones if I understood correctly)? Can I do this without disabling/re-enabling the encryption? After the full flash, will the data & cache be wiped or will it be hassle-free?
3) I generally use Titanium Backup to backup my apps (hence the need for root access) and copy the files on a network drive. Am I correct to assume that native encryption of the OP5 will not affect this process (either during backup or when the files are copied to the network drive (encrypted)?
Thanks for your help
Click to expand...
Click to collapse
First of all native encryption will still work when rooted. When you root using supersu or Magisk the encryption will stay. When you get your phone you first must boot to fastboot and unlock the bootloader. Doing so will erase data so do it as soon as you get the phone. Second you will need to flash TWRP. Wipe factory settings and flash Supersu or Magisk 13.3. I prefer Magisk. Once in setup you will need to put a password and fingerprint to get the encryption started. After that your all set. To update the rom just head to downloads.oneplus.net and download the correct rom for Oneplus 5 and flash it over TWRP then flash Magisk/Supersu after. I prefer using [ROM] xXx NoLimits 2.0 [OOS][OP5] ☆ Speed/RAM optimized ☆ because it uses stock oxygen os rom with better performance and battery life. Plus extra features like debloating. But other than that you will not lose encryption when rooting. Only when you want to install custom roms for right now like (LineageOS, RR, AOSP).
I have some questions about device security running with an unlocked bootloader.
I am somewhat experienced and comfortable with flashing custom ROMs, mostly LineageOS,
and flashing back the original stock ROMs for Pixel and Samsung devices.
I have recently experimented with running LineageOS 20 (Android 13) on a Samsung Galaxy
Tab S5e with Magisk (and a few Magisk modules). Within several of the XDA forums, and also at
other web sites, it's recommended with custom ROMs the bootloader not be re-locked since
this can create problems.
I use my S5e for steaming videos, basic web browsing and other things. I don't do banking or
have anything I would consider a huge security risk. My intent is to understand what risks
exist with an unlocked bootloader so I can make more informed decisions what I should/should
not install.
With later versions of Android, including 13, the built in storage is encrypted by default.
If the device is powered off filesystems are at rest in an encrypted state so is it possible
for someone else to gain access to my data if they power on the device or flash
their own recovery and/or custom OS? If someone boots into recovery mode encrypted
filesystems should not be mounted and remain unavailable. I'm wanting to understand where
there are weaknesses that could be exploited to access data.
If the device is powered on and the OS has been screen unlocked the first time after boot
(so encrypted filesystems are mounted and available) is access to my data at increased risk,
assuming USB debugging is disabled?
Can apps be sideloaded in recovery mode that an attacker could use to gain access to data
in other ways even if encrypted filesystems have not been mounted.
Any other security issues to be aware of?
If risks I haven't considered are too great I can also go back to stock ROM, but would consider
ways of mitigating or reducing any risks with a custom ROM and unlocked bootloader.
Please let me know if there is a more appropriate place for this posting.
Thanks,
Rodney
Samsung encryption not supported in TWRP recovery, but I have seen Samsung device running LineageOS on AOSP encryption.
of course on unlocked bootloader attacker can enable adb, inject scripts and gain root access easy. however, still it requires lock screen credentials for decrypting, so your personal data remains secured.
for some devices it's possible to set user-settable root of trust, this would allow to compile LineageOS with avb/dm-verity and re-lock bootloader.
Thanks for the reply, would be great to figure out a way to be able to lock the bootloader with LineageOS.
I do notice the "OEM Unlocking" option does not exist in Developer Settings in LineageOS 20.
lol have fun!
How to properly ENABLE dm-verity and FEC for /system on Motorola X4 with LineageOS 17.1?