Relock bootloader with twrp / systemless / magisk / root / xposed / etc? - Nexus 6P Q&A, Help & Troubleshooting

I've been searching these forums for the last few hours and there seem to be many mixed answers about this. Will it hard brick my phone?
It's probably an incredibly stupid thing to do, but I'm willing to do whatever (other than returning to stock) to get more security. I've lost too many phones
Anyway, I have a feeling changing the recovery.img will cause a locked bootloader to reject boot, but what about boot.img (which is used for root, magisk, etc)?
Is there anyone here that knows how the boot process works in detail? would appreciate the feedback and I'm sure people will appreciate it. Thanks

htko89 said:
I've been searching these forums for the last few hours and there seem to be many mixed answers about this. Will it hard brick my phone?
It's probably an incredibly stupid thing to do, but I'm willing to do whatever (other than returning to stock) to get more security. I've lost too many phones
Anyway, I have a feeling changing the recovery.img will cause a locked bootloader to reject boot, but what about boot.img (which is used for root, magisk, etc)?
Is there anyone here that knows how the boot process works in detail? would appreciate the feedback and I'm sure people will appreciate it. Thanks
Click to expand...
Click to collapse
How will relocking the bootloader add security? Are you secretly the President asking this question?
Jokes aside. Apparently it will cause you to brick because the boot.img needs to be secure. Having twrp or any other form of custom anything I assume has to have an unsecured boot. So when the bootloader lock command is processed and the boot isn't able to be secured, brick occurs?

htko89 said:
I've been searching these forums for the last few hours and there seem to be many mixed answers about this. Will it hard brick my phone?
It's probably an incredibly stupid thing to do, but I'm willing to do whatever (other than returning to stock) to get more security. I've lost too many phones
Anyway, I have a feeling changing the recovery.img will cause a locked bootloader to reject boot, but what about boot.img (which is used for root, magisk, etc)?
Is there anyone here that knows how the boot process works in detail? would appreciate the feedback and I'm sure people will appreciate it. Thanks
Click to expand...
Click to collapse
No offense, but this would be an incredibly stupid thing to do. There is always a trade off between convenience and features (i.e. root, etc.) and security. It's always either or, at least to a very large extent. Pick full stock or pick root/unlocked. The trade-off is highly weighted towards root as.long as you use reasonable care with your device, but feel free go for it if you're needing a new metal doorstop!

Related

How can I unbrick nexus 6p if I didn't unlock bootloader or OEM?

I'm new to Android. Recently I got a new nexus 6p. I was so confused that whether I have to unlock bootloader or not. Currently I just want to experience the pure Android simply without rooting or changing anything. But I heard a lot about bricked nexus 6 that the device would not be manually fixed if it was not bootloader unlocked before. As I am in China where I have no warranty for my nexus 6p, I have to keep my device safe as possible as I can.
So my question is under the circumstance that I haven't unlocked bootloader or OEM:
How much probability could it be I do nothing but unexpectedly brick the device?
If it is bricked, is it possible to recover it?
Do common nexus 6p users have to unlock bootloader?
Another important thing should be mentioned. Generally I can't access to any service by google in China, so I utilize a proxy tool to get over the great firewall to use google. Is there any experience about the situation like me? I also heard a saying that upgrading nexus 6 firmware by OTA through a proxy tool in China may brick the device, because google can not save the upgrading information of the device for the reason that the proxy IP is not static, then google will push update again, and once you click it, brick.
Puzzled enough...Thanks in advance.
I am not 100% certain what you are asking... If you do not unlock the bootloader, you should not be able to brick your device. The only reason to unlock it is to flash a custom ROM (not official from Google) or to flash Google factory images, which it sounds like might be necessary for you being that you are in China and may not receive OTAs properly. This is a process of downloading a file from Google and flashing to your device after unlocking the bootloader.
Your post was not exactly clear partially, but is your phone already bricked and you are trying to recover, or simply asking for your own reference?
fury683 said:
I am not 100% certain what you are asking... If you do not unlock the bootloader, you should not be able to brick your device. The only reason to unlock it is to flash a custom ROM (not official from Google) or to flash Google factory images, which it sounds like might be necessary for you being that you are in China and may not receive OTAs properly. This is a process of downloading a file from Google and flashing to your device after unlocking the bootloader.
Your post was not exactly clear partially, but is your phone already bricked and you are trying to recover, or simply asking for your own reference?
Click to expand...
Click to collapse
Thanks for replying. Could you please point out the unclear expressions? And I could edit them.
I have only unlocked nexus 6p bootloader, and the device is running well. I do not understand exactly why I have to do this, I just do it in case the situation described by other nexus 6 users happen to my nexus 6p. So I want to figure out the logic.
If you have no reason to unlock it, then you can relock it. Unlocking will always cause a full wipe (factory reset) of the device. Some users have stated that relocking the bootloader will also induce a wipe. If you want to leave it unlocked, this will allow you to flash factory images (such as updates from Google) as often as you'd like. It is possible to flash a factory image without losing any data by modifying the batch file used to flash the firmware.
Simply having the bootloader unlocked should not pose any threat to your device. You have to try very intentionally to flash firmware and risk bricking the device, it's not really something you can do by accident. The one thing I will mention is that with the bootloader unlocked, someone with the correct knowledge could flash a new image on your phone without needing your password or other security information. They would only need to power off the device, enter bootloader mode and plug into a PC to begin flashing. This would remove every trace of you and your data from the device and make it like it was brand new from the factory.
By keeping the bootloader locked and the "Allow OEM unlocking" option turned OFF, a person would need to have your password (or fingerprint) to gain access to this option in the settings, thus not allowing them to flash over the device as it is today.
Hope this helps.
fury683 said:
If you have no reason to unlock it, then you can relock it. Unlocking will always cause a full wipe (factory reset) of the device. Some users have stated that relocking the bootloader will also induce a wipe. If you want to leave it unlocked, this will allow you to flash factory images (such as updates from Google) as often as you'd like. It is possible to flash a factory image without losing any data by modifying the batch file used to flash the firmware.
Simply having the bootloader unlocked should not pose any threat to your device. You have to try very intentionally to flash firmware and risk bricking the device, it's not really something you can do by accident. The one thing I will mention is that with the bootloader unlocked, someone with the correct knowledge could flash a new image on your phone without needing your password or other security information. They would only need to power off the device, enter bootloader mode and plug into a PC to begin flashing. This would remove every trace of you and your data from the device and make it like it was brand new from the factory.
By keeping the bootloader locked and the "Allow OEM unlocking" option turned OFF, a person would need to have your password (or fingerprint) to gain access to this option in the settings, thus not allowing them to flash over the device as it is today.
Hope this helps.
Click to expand...
Click to collapse
According to you, I should not be able to brick my device if I did not unlock the device. I can understand this. But the problem is I am in China...By using proxy, I could receive OTAs correctly. But some nexus 6 users in China still encountered with device bricked after upgrading firmware by OTAs even they didn't unlock bootloader. One possible reason is like what I mentioned in last paragraph #1.
I don't like the prompt each time when I reboot the device after unlocking bootloader. Let's make the problem simpler. Can I unbrick the device if it is bricked and bootloader locked?
I can't really speak to your concern regarding bricking from OTA. This should nearly never happen, but I would suspect that the proxy is the issue. If you are concerned about that particular instance being an issue, I would simply not accept the OTA and don't install it. The file will download to your device and you will see a notification very similar to this: http://images.tapatalk-cdn.com/15/08/12/1c244e92c6a0cd69ca6e1a3037a05d62.jpg If you do not click Install, it will not install itself. You can click Later but usually cannot dismiss the notification. I have had the update pending on my Nexus 7 tablet that I don't often for months, but simply have not upgraded because I don't use it often enough to justify it.
If you want to be on the latest firmware for security reasons (Android 6/M will have monthly security patch releases from Google), you can download the factory images and flash yourself. However, if you believe there may be an issue because of the proxy you are using, the factory image could face the same issue as the OTA as you described. As I said, because I am not in China and do not use a proxy as you do, I cannot comment on how or why other users may have faced a hard brick scenario.
Ultimately, having the bootloader unlocked will allow you to flash the factory image over a bricked firmware caused by a corrupt (or otherwise unusable) OTA. If the phone can enter bootloader mode, you can flash the firmware and restore it to like new state. The warning message you see when booting is not able to be disabled without locking the bootloader again, but it only appears for a few moments. It was previously hidden on the Nexus 6 (not the 6p) so it might be possible in the future, but that is just a guess.
fury683 said:
I can't really speak to your concern regarding bricking from OTA. This should nearly never happen, but I would suspect that the proxy is the issue. If you are concerned about that particular instance being an issue, I would simply not accept the OTA and don't install it. The file will download to your device and you will see a notification very similar to this: If you do not click Install, it will not install itself. You can click Later but usually cannot dismiss the notification. I have had the update pending on my Nexus 7 tablet that I don't often for months, but simply have not upgraded because I don't use it often enough to justify it.
If you want to be on the latest firmware for security reasons (Android 6/M will have monthly security patch releases from Google), you can download the factory images and flash yourself. However, if you believe there may be an issue because of the proxy you are using, the factory image could face the same issue as the OTA as you described. As I said, because I am not in China and do not use a proxy as you do, I cannot comment on how or why other users may have faced a hard brick scenario.
Ultimately, having the bootloader unlocked will allow you to flash the factory image over a bricked firmware caused by a corrupt (or otherwise unusable) OTA. If the phone can enter bootloader mode, you can flash the firmware and restore it to like new state. The warning message you see when booting is not able to be disabled without locking the bootloader again, but it only appears for a few moments. It was previously hidden on the Nexus 6 (not the 6p) so it might be possible in the future, but that is just a guess.
Click to expand...
Click to collapse
OK I choose to give in...leave it unlocked there.
Thank you very much!
gnange said:
OK I choose to give in...leave it unlocked there.
Thank you very much!
Click to expand...
Click to collapse
The decision to leave it unlocked is the right decision. The other person replying in this thread is completely wrong when he says you can't brick a phone if you don't unlock it, that's completely and utterly incorrect. Sometimes things happen, unforeseen spontaneous problems happen all the time with smartphones. If this happens to you and your bootloader is locked there's absolutely nothing you can do to fix it. So yes, leave your bootloader unlocked as an insurance policy against the unforeseen.
@fury683, I'd think twice before telling someone that nothing bad can happen to their phone as long as it's locked, this is false information, and could potentially lead to someone being unable to repair a soft-bricked device due to following your advice.
Heisenberg said:
The decision to leave it unlocked is the right decision. The other person replying in this thread is completely wrong when he says you can't brick a phone if you don't unlock it, that's completely and utterly incorrect. Sometimes things happen, unforeseen spontaneous problems happen all the time with smartphones. If this happens to you and your bootloader is locked there's absolutely nothing you can do to fix it. So yes, leave your bootloader unlocked as an insurance policy against the unforeseen.
@fury683, I'd think twice before telling someone that nothing bad can happen to their phone as long as it's locked, this is false information, and could potentially lead to someone being unable to repair a soft-bricked device due to following your advice.
Click to expand...
Click to collapse
To be fair, I said should not. I've never bricked a device from normal use.
I offered my opinion, and the reasons why. I've been burned by comments and advice from people plenty of times and try my best to help out where I can. I don't think my post was misleading, and I appreciate your comments on the matter as well.
Heisenberg said:
The decision to leave it unlocked is the right decision. The other person replying in this thread is completely wrong when he says you can't brick a phone if you don't unlock it, that's completely and utterly incorrect. Sometimes things happen, unforeseen spontaneous problems happen all the time with smartphones. If this happens to you and your bootloader is locked there's absolutely nothing you can do to fix it. So yes, leave your bootloader unlocked as an insurance policy against the unforeseen.
@fury683, I'd think twice before telling someone that nothing bad can happen to their phone as long as it's locked, this is false information, and could potentially lead to someone being unable to repair a soft-bricked device due to following your advice.
Click to expand...
Click to collapse
Thanks for your advice. So, I can make the conclusion that we should unlock nexus bootloader no matter where we are, when it is and whether we will root or not, right ?
gnange said:
Thanks for your advice. So, I can make the conclusion that we should unlock nexus bootloader no matter where we are, when it is and whether we will root or not, right ?
Click to expand...
Click to collapse
The choice is ultimately yours, but my advice is always to have it unlocked, that way you're able to access and use fastboot in the event that something goes wrong.
fury683 said:
To be fair, I said should not. I've never bricked a device from normal use.
I offered my opinion, and the reasons why. I've been burned by comments and advice from people plenty of times and try my best to help out where I can. I don't think my post was misleading, and I appreciate your comments on the matter as well.
Click to expand...
Click to collapse
As I am new to android, your reply benefits me a lot. I notice you replied me before dawn while it was afternoon in China, thanks for your kindness but you should pay more attention to getting enough sleep, don't burn yourself out. : )
Heisenberg said:
The choice is ultimately yours, but my advice is always to have it unlocked, that way you're able to access and use fastboot in the event that something goes wrong.
Click to expand...
Click to collapse
Actually I used to suppose one has to unlock bootloader only if in China. Now I get it. Thank you !
Heisenberg said:
The choice is ultimately yours, but my advice is always to have it unlocked, that way you're able to access and use fastboot in the event that something goes wrong.
Click to expand...
Click to collapse
Yep what Heisenberg said is 100% true. My phone got bricked after the OTA update resulted in an error. I hadn't enabled the OEM Unlock setting, so couldn't unlock the phone. Have to wait for a replacement now

[DISCUSSION] Re-locking Bootloader w/ Custom OS

While I am an advocate for device customization and modifications, I also believe there is an inherent need for locked bootloaders. When we unlock a BL and leave it that way so we can run custom ROMs, root etc, we sacrafice the security it provides allowing our devices to be tampered with or redistributed after a theft. I've seen the PSA advising people not relock their bootloaders on anything except stock. That is entirely true for Verizon and EE pixels that were never intended to be unlocked in first place. However I believe its entirely possible to boot properly self signed images on unlockable devices after re-locking.
Now, I'm not saying we should go around re-locking bootloaders with custom firmware installed there's a process. I've done a bit of reading on verified boot. I am interested in utilizing the "YELLOW STATE" so we can run self signed boot images using an "embedded certificate" along with dm-verity disabled. The problem is how can we self sign our boot images allowing boot to continue without compiling from source?
https://source.android.com/security/verifiedboot/verified-boot.html
https://mjg59.dreamwidth.org/31765.html
I found some information & maybe a more experienced DEV can shed some light on if its possible with our Pixel devices. That's really the goal of this thread, to start a discussion which I think is extremely important & hopefully turn into a guide or tool. We shouldn't completely sacrafice security to utilize root or custom ROMs. On my N5X I have a locked bootloader and modified boot/system with Allow OEM unlock disabled. Difference with our Pixels and Nougat BLs is verified boot is strictly enforced.
Please excuse me if this thread seems jumbled or all over the place. I really do want help with this idea tho to help inform and keep us secure. Any input is appreciated.
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
milan187 said:
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
Click to expand...
Click to collapse
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Which risk is greater. The risk of losing an unlocked device and it falling into the hands of someone that knows what to do or bricking it relocking it.
I vote the latter.
Its not re-locking that bricks... Its disabling the allow OEM unlock in dev options & screwing with stuff afterwards that may cause a bootloop. As long as you have a signed boot image in place with TWRP or stock recovery that uses your own keys the risk is minimal.
Simple rule... With a locked boot loader on a device where verification is strictly enforced always leave that option ticked if modifying anything.
I'm sorry but people are misinformed. Locking the boot loader doesn't brick if you have a custom ROM in place any more than a stock ROM. Its screwing with things or using a poorly dev'd ROM. If you are like me and can set something up the way you like once and not screw with it you'll be fine. If you do wanna screw with something remember to check allow OEM unlock in dev opts. Don't uncheck until you're 100% sure. It really is that simple.
If you are leaving the toggle open what have you accomplished when it gets stolen? They just issue the fastboot command to unlock it. Yea, it wipes data at that point. But I honestly can't think of anything on my phone that is confidential.
When I'm out n about and using my phone normally (i.e. not modding, flashing etc) I put the toggle to off. If I'm planning on changing anything I toggle it back on & if something causes a bootloop (most probably user error) I can recover. I don't think most people who steal phones care about data either but I keep a lot of keys, passwords etc to networks in my devices storage. I admit its not for everybody, just a way to be more secure and protect a $700+ investment. My phones bootloader isn't just locked, its locked with a persistent root ssh backdoor integrated into system so I can maintain control in the event.
want to re-lock my boot loader ?
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
---------- Post added at 10:57 AM ---------- Previous post was at 10:21 AM ----------
sally76 said:
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
Click to expand...
Click to collapse
Sorry Duhhhh !! Custom u said lol
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10?
(Or does anyone else know?)
PS: Sorry everyone for pumping such an old thread
nullstring2 said:
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10
Click to expand...
Click to collapse
Unfortunately no. Now there is avbtool and the process is actually a bit more complicated. Somebody wrote a guide on how to use it externally for another device but I couldn't even follow. I actually find it easier to get the sources for whatever ROM it is I'm trying to sign and set the signing params in config before build.
Here is the guy who did it usually avbtool externally
https://forum.hovatek.com/thread-32664.html
Many instructions here
https://android.googlesource.com/platform/external/avb/+/master/README.md
Geofferey said:
...but I couldn't even follow. /QUOTE]
Well, thats an intimidating introduction, but I'll take look.
That guide appears to be talking about mediatek CPUs which makes it a little confusing.
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
nullstring2 said:
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
If you mean how to make your own key to perform signing then
Code:
openssl genrsa -des3 -out avb.pem 2048
If you're asking how to get the same key that Google used to sign vbmeta, it ain't ever gonna happen.
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Is there ANY way to do this on Xperias or LGs?
Geofferey said:
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Click to expand...
Click to collapse
It has ALL to do with safetynet/play integrity.
I wouldn't care to leave my bootloader unlocked otherwise.
But I want a rom that passes all security standards without "tricks".

H910 (ATT variant) firmware?

Has a KDZ (or other method to get back to factory stock) been created for the ATT model? This is a reason why I'm apprehensive about doing the dirtysanta root. If I get a boot loop with no way back, and cant get into twrp, I will lose a lot of work. I just cant stand the f-ing bloat on my phone. And the skins suck!!
cwis said:
Has a KDZ (or other method to get back to factory stock) been created for the ATT model? This is a reason why I'm apprehensive about doing the dirtysanta root. If I get a boot loop with no way back, and cant get into twrp, I will lose a lot of work. I just cant stand the f-ing bloat on my phone. And the skins suck!!
Click to expand...
Click to collapse
No KDZ exists for our variant - and I honestly doubt that it ever will. However, the chances of getting into a permanent bootloop are very minimal. Just know as long as you have access to fastboot and/or TWRP, you will be able to fix your phone. However, its generally not recommended to unlock & root your phone if you dont have at least a little technical competence. Theres a valid reason on why such security measures are in place.
If you get stuck you already know where to go to ask for help! But dont ****talk devs and people who are willing to help out. For some reason it seems theres quite a bit of hostility inside our phone's section. Good luck!
I only **** talk people who start with me.
I've been rooting since the Google g1. I don't know there's something more complicated with this one. The hell with it. I'm going to try.

Is my boot loader unlocked? And other questions.

Forgive my lack of knowledge.
Before reading the drawbacks I attempted to unlock the boot loader on my X Compact, I received a few errors and now I am unsure as to whether it is unlocked or not. Is there a way to test this?
I intended to root the phone but I have not root a phone for years, the last one was a Samsung S5 and things seem to have got more complicated since then.
So my questions are, how do I check if the boot loader is unlocked?
If I have lost the DRMs, how do I replace them?
What actual effect does losing them create?
I have read dozens of threads but can't find a straight answer, If you know, I'd appreciate it.
I am still considering the root.
wyzzy said:
Forgive my lack of knowledge.
Before reading the drawbacks I attempted to unlock the boot loader on my X Compact, I received a few errors and now I am unsure as to whether it is unlocked or not. Is there a way to test this?
I intended to root the phone but I have not root a phone for years, the last one was a Samsung S5 and things seem to have got more complicated since then.
So my questions are, how do I check if the boot loader is unlocked?
If I have lost the DRMs, how do I replace them?
What actual effect does losing them create?
I have read dozens of threads but can't find a straight answer, If you know, I'd appreciate it.
I am still considering the root.
Click to expand...
Click to collapse
It's been a while, but I think you open the phone app and dial *#*#7378423#*#*, then go to service info>configuration, and in the info there it will tell you.
If you lost drm, they're gone for good. Back them up first, or no hope. The affect is a loss of certain Sony camera functions.
It says
"Bootloader unlock allowed: Yes"
but I read somewhere that sometimes this does not change after it is unlocked, is there a way to be sure?
What camera functions are lost? I read a lot of talk about it but nobody seemed to be able to pin down what the difference is.
Also how do I back up the DRM?
Im running Oreo
wyzzy said:
It says
"Bootloader unlock allowed: Yes"
but I read somewhere that sometimes this does not change after it is unlocked, is there a way to be sure?
What camera functions are lost? I read a lot of talk about it but nobody seemed to be able to pin down what the difference is.
Also how do I back up the DRM?
Im running Oreo
Click to expand...
Click to collapse
I think that if it is unlocked, it will say "status unlocked" or something. Your message only indicates that it's possible to unlock it, (sometimes it's not). The difference is subtle, but noticeable. There are certain camera features specific to Sony that make the pictures nicer. I never looked too much into it, since I'm not too much into photography. If you aren't too hung up on the finer aspects of photography, you probably won't miss it. Still a good idea to back up, though, just in case. I'm pretty sure you can't do it without downgrading to MM first. Then you can use dirtydirty-cow tool, then upgrade back to O if you want - http://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236 You might be able to do it manually from O with dd command, or something, but I'm not sure... You will need to find a MM ftf, shouldn't be too hard, might even be one on Xperifirm still... Now that I think about it, I think ta backup is possible on newer versions of twrp, but you still have to make the backup, and extract the img from the backup, so maybe not any quicker...

I'm confused, rooted OnePlus 8 Pro can or can't use fingerprint security

Hello Guys,
I'm about to buy the OnePlus 8 Pro, as I haven't had a root-able phone for a few years and greatly miss it. In choosing the phone to buy, and to save you guys time answering repeated questions, I of course have read many threads related to rooting, which versions can me rooted, issues with rooting, etc. Mind you most of my rooting was with HTC and I never once had an issue.
I'll be buying the US market unlocked variant, rooting it, and I'll likely use Magisk during the process.
1. Do we actually need to flash a bootloader, or can I just load it with the bootloader without flashing to maintain the stock bootloader?
2. What things are broken from root? I'm assuming the google pay features will break, but will I not be able to use the fingerprint scanner? Or is it a hit and miss, intermittent problem for some and not others? This is the question that seems to lack a consolidated, concise explanation.
3. Is it better to use the international version, or the US version, or does it matter?
I rarely use custom roms, but when I do, I prefer to run pure Android. I prefer speed over animations. When I don't, I remove every app I can without breaking the phone. How friendly is this phone to trial and error, and re-flashing to start over while I'm learning?
Camboozle said:
Hello Guys,
I'm about to buy the OnePlus 8 Pro, as I haven't had a root-able phone for a few years and greatly miss it. In choosing the phone to buy, and to save you guys time answering repeated questions, I of course have read many threads related to rooting, which versions can me rooted, issues with rooting, etc. Mind you most of my rooting was with HTC and I never once had an issue.
I'll be buying the US market unlocked variant, rooting it, and I'll likely use Magisk during the process.
1. Do we actually need to flash a bootloader, or can I just load it with the bootloader without flashing to maintain the stock bootloader?
2. What things are broken from root? I'm assuming the google pay features will break, but will I not be able to use the fingerprint scanner? Or is it a hit and miss, intermittent problem for some and not others? This is the question that seems to lack a consolidated, concise explanation.
3. Is it better to use the international version, or the US version, or does it matter?
I rarely use custom roms, but when I do, I prefer to run pure Android. I prefer speed over animations. When I don't, I remove every app I can without breaking the phone. How friendly is this phone to trial and error, and re-flashing to start over while I'm learning?
Click to expand...
Click to collapse
Previous HTC rooter here. Had the 10, then the 12+
This phone is slightly more root friendly. And no, there is no custom bootloader. You will not need to go and get a token from a website to unlock the bootloader. As far I can tell at a glance, S-OFF isn't a thing.
If you set up magisk properly, google pay will work (for now). I use it every other day. Widevine certification will default to L3, so you can't root and keep that in L1 like you could with HTC. I don't get it myself.
Do: backup persist partition (and modem1 and modem2 I guess? Someone recommended it) For sure. While rare, and particularly an issue with magisk canary, if you want any chance of the fingerprint sensor to last, backup the persist partition. Otherwise, you're technically sitting on a ticking time bomb and it can pop at any time and no longer function. Haven't heard anything too recent, but better safe than sorry. Only other solution is RMA.
HTC phones, least the ones I used, used LCD panels. I love LCD, because it seems more protection from burn in and screen retention, and less issues for screen problems. That said, this is a newer screen and amazing, just not as amazing I feel as an LCD screen (although this is a better screen, via tech upgrades and more). Keep in mind there are rampant reports of green tint or burn in right away, black crush, and other screen issues. If you do go with the phone, I recommend giving that a thorough once over.
Customer service is in par to that famous thing of kids going, "Are we there yet? Are we there yet? Are we there yet?" Type stuff. Do not expect anything from customer service outside what directly is stated to contact them (such as RMAs), and then be prepared to fight tooth an nail for it, and prepare for any additives that arise from it. I would have better odds of customer service with comcast (as weird it sounds) than with oneplus' customer service. They will not honor anything outside what you can do on the website yourself.
What I mean by that, is if you have a coupon for a 10 dollars off accessories, and you accidentally "place" an order and forgot something, and want to add it again? Either wait for your current order to expire to then allow for the coupon, or you're SOL. And to add: By far, the oneplus 8 launch was the worst I ever experienced from any industry, especially as it comes to ordering it. So if you stay, keep that in mind.
A lot of people recommend to just forgo the warranty and get your own via other means (my renters insurance provides it for like, 6 bucks a year) as it's literally the same boat as customer service, with reports of people being charged erroneously like, 500 dollars for some incompency from the warehouse.
If you're in the US the global model I believe is the one you want. UK, INDIA, and CHINA have their own model. While it can be possible to use these, keep that in mind that you most likely want the phone to be compatible with the bands of your country. I believe the india / chinese model is the only one who now has the photochrom filter disabled, thus if you do go with one of these, you'll want to either install a magisk rom, or fix it yourself with one of the many guides available.
You can convert the phone to different models more easily. Such as chinese to global, as compared to HTC phones. You don't need to do superCID like you did or similar I believe, and it's very tolerant of that. In fact, the first oneplus phone even shipped with CyanogenMod installed, now more or less known as lineageOS. This device is very customizable friendly. In fact, some roms will even allow you to uninstall practically anything you want.
Speed is the name of the game, and if you like fast devices, this will blow you out of the water most likely. I personally run .5 on all animation speeds myself.
And of course, if there is issues and you really messed stuff up, you can use the MSM tool or whatever it is to correct the issue. (Again, keep that persist backup in case)
The device will detect if you're rooted and installed either the small OTA package, or the full package in case. I used to always have TWRP installed, but I don't even use it anymore myself so much. The full package can flash through the system update too, btw. Only upon unlocking the bootloader will the data partition be wiped that one time.
There is the hole punch camera, and that was a significant selling feature for me for HTC, but... I figured I'd deal with it this once. Keep that in mind if this feature bugs you as it does me.
Ok, this was my tidbit of info. If you need more clarification or something, ask. Otherwise, enjoy.
Great response, thank you!!! I think it'll be fun to pay with. But really, worse customer service than COMCAST!!! Wow. I guess you get the device and nothing more. Hard to justify 800 bones and no customer service though.
Truant_Luce said:
This phone is slightly more root friendly. And no, there is no custom bootloader. You will not need to go and get a token from a website to unlock the bootloader. As far I can tell at a glance, S-OFF isn't a thing.
Click to expand...
Click to collapse
What do you mean by "need to go and get a token from a website"?
Can't I just simply unlock the bootloader like on my Oneplus 5t?
I am getting my 8Pro this week and plan to install the global ROM instead of the Chinese ROM it will come with, then root it and finally install TWRP.
Do I need to install TWRP to both slots? What are those "slots" anyway? My old phone was a 5t so it had no "slots" .
The instructions I have read are a bit confusing, seems like it is more difficult to install TWRP than it was on the 5t.
Thanks.
Camboozle said:
Hello Guys,
I'm about to buy the OnePlus 8 Pro, as I haven't had a root-able phone for a few years and greatly miss it. In choosing the phone to buy, and to save you guys time answering repeated questions, I of course have read many threads related to rooting, which versions can me rooted, issues with rooting, etc. Mind you most of my rooting was with HTC and I never once had an issue.
I'll be buying the US market unlocked variant, rooting it, and I'll likely use Magisk during the process.
1. Do we actually need to flash a bootloader, or can I just load it with the bootloader without flashing to maintain the stock bootloader?
2. What things are broken from root? I'm assuming the google pay features will break, but will I not be able to use the fingerprint scanner? Or is it a hit and miss, intermittent problem for some and not others? This is the question that seems to lack a consolidated, concise explanation.
3. Is it better to use the international version, or the US version, or does it matter?
I rarely use custom roms, but when I do, I prefer to run pure Android. I prefer speed over animations. When I don't, I remove every app I can without breaking the phone. How friendly is this phone to trial and error, and re-flashing to start over while I'm learning?
Click to expand...
Click to collapse
Docomoco said:
What do you mean by "need to go and get a token from a website"?
Can't I just simply unlock the bootloader like on my Oneplus 5t?
I am getting my 8Pro this week and plan to install the global ROM instead of the Chinese ROM it will come with, then root it and finally install TWRP.
Do I need to install TWRP to both slots? What are those "slots" anyway? My old phone was a 5t so it had no "slots" .
The instructions I have read are a bit confusing, seems like it is more difficult to install TWRP than it was on the 5t.
Thanks.
Click to expand...
Click to collapse
Yes, you can. So HTC was the exact process, except you had to go to HTC dev, upload a string that was copied from bootloader, it would then create a token file that only your device could utilize and when you pushed it back to the device, that unlocked the bootloader. Oneplus, you just tell it you wanna unlock the bootloader and done. Since they are coming from HTC, why I said that.
Truant_Luce said:
Yes, you can. So HTC was the exact process, except you had to go to HTC dev, upload a string that was copied from bootloader, it would then create a token file that only your device could utilize and when you pushed it back to the device, that unlocked the bootloader. Oneplus, you just tell it you wanna unlock the bootloader and done. Since they are coming from HTC, why I said that.
Click to expand...
Click to collapse
Thanks.
How about installing TWRP? Would you have any suggestions as to how to go about it?
Also, I read that I better wipe /data before installing anther ROM.
However it seems TWRP still can't format partitions which means I can't wipe data.
Docomoco said:
Thanks.
How about installing TWRP? Would you have any suggestions as to how to go about it?
Also, I read that I better wipe /data before installing anther ROM.
However it seems TWRP still can't format partitions which means I can't wipe data.
Click to expand...
Click to collapse
Think mostly it's boot, but there is a way to install it if you must. I personally haven't touched twrp since moving to oneplus. If you're moving between AOSP or oxygen or hydrogen, yes, wipe data. This can be done via factory reset, without need of twrp. Now, don't quote me too closely for AOSP, but as oxygen or hydrogen builds go (Assuming magisk) you don't need to wipe data so much. I'd recommend consulting the individual device threads.
Thanks, will do.
Is there no way to retain L1? I've come from a Mi 9T where as long as your persist wasn't corrupted, L1 was fine. Do oneplus store the widevine certs in the boot partition or something strange?

Categories

Resources