I lose phones... habitually. Sometimes they find their way back to me and sometimes they don't, It is unsettling to me that even if I have a security app installed, or a GPS tracker that anyone with the ability to perform a google search can simply factory wipe my phone and make it their own.
So the question: Is it possible to include a password requirement to access the bootloader or recovery? I realize that if you forget your password there would likely be no way to save your phone in the event you need to, but I don't forget my passwords so this does not affect me.
Just wondering if this is even possible or worthwhile. Any input will be appreciated.
I opened a similar thread. It is possible to do however it seems people just don't care about the security risk.
Xda app
Surely this must be a concern to people. It certainly is for me.
+1
Sent from my Nexus S using xda premium
+1
i also wondering about this.
+1
We need it!
-1 this is pointless. someone could just go into download mode or fastboot and reflash the recovery.
What we're looking for is a password protected bootloader which will require password for booting into recovery or using download mode or fastboot.
mightyiam said:
What we're looking for is a password protected bootloader which will require password for booting into recovery or using download mode or fastboot.
Click to expand...
Click to collapse
Good luck as it would need to boot before anything else and we can see the issues with this. There will never be a fool proof way to lock your phone if lost. It will be as simple as loading up the bootloader and flash a stock rom which will wipe the recovery.
No there is not alot of interest in this as to be honest if the info you have on your phone is that important then its simple. Don't loose your phone.
zelendel said:
Good luck as it would need to boot before anything else and we can see the issues with this. There will never be a fool proof way to lock your phone if lost. It will be as simple as loading up the bootloader and flash a stock rom which will wipe the recovery.
No there is not alot of interest in this as to be honest if the info you have on your phone is that important then its simple. Don't loose your phone.
Click to expand...
Click to collapse
Perhaps you think I'm talking about an app. No, I'm talking about a modified bootloader.
I read somewhere that samsung galaxy s have that option..
+1
a bootloader with password setting is one of the few things i'm missing.
+1
We either need a password protected bootloader + CWM.
Or fulldisk encryption a la Whispercore.
I absolutely HATE the insecure concept of Android. Android is for kids and nerds. But not for serious people.
+1
if it is not being made, I'll look into it myself
+1
Would be awesome!
/edit: There's also this old thread: http://forum.xda-developers.com/showthread.php?p=6182586
/edit2: And here: http://forum.xda-developers.com/showthread.php?p=19314088
Plus 1 I like 2 see this bootloader password
Sent from my SGH-T839 using XDA App
Yes please
+ 1
I'm glad I'm not the only one wondering about this. I'm sure it would have been done if it was possible by now. Nqmobile + gotta! App is almost good enough for me, but a password protected bootloader would be a sick addition
+I
It is one of the questions bothering me for last few months.
I like all those sec. apps - but Android Lost, Call Back, TouchMyLife nor Avast! Lost will not be able to save me if someone will boot straight into CWM and flash it with whatever just to get rid of the "FindIt" stuff.
cool
i too would like to see a passworded bootloader, or even a passworded version of CWM.
Think about it: how many regular joes on the street know how to flash a phone, or put it into download mode. Im a samsung guy, i know how to put it into download mode. My buddy is an iPhone guy, he wouldnt know the first place to start. An HTC guy might know how to deal with a few HTC devices, but in reality a handfull of people who MIGHT find your phone MIGHT know how to thwart that sort of 'security'.
From a lost phone aspect: Samsung dive is impressive. Found my phone location to within a few houses. with GPS and Wifi off. as long as the phone has battery life and is turned on, i can find it. Unless someone wipes it. which takes my password. Or boots into CWM and wipes it that way.... which currently does not need a password. or uts it into download mode and flashes a new firmware, which knowing my phone is just asking for issues. In reality, i want someone to boot my phone and have to have it on in the state that i lose it and NOT reset it. That yeilds the highest possibility of me finding it again.
So yes, i realize that any security we put on here could be thwarted somehow, but by who? how much time and effort are they going to put into it aside from trying a reset and it fails, trying to reboot into recovery, passworded protected, turn it off and sell it on the street, when the next guy turns it on with their sim card (texts my google account the new number) and now i can get his name and address
what are the chances the guy who finds my phone is going to have a computer handy and know exactly how to flash the phone? Not high.
Definately +1 for passworded protected CWM.
Huge chances. Anytime, everywhere.
You don't need to know anything, apart from taking battery off.
And placing back when you got tools ready. This simply means, lost phone will never again boot into normal android os. Never.
Sent from my HTC Desire using XDA
Hi, all..
As is probably known, before fastboot commands on the Nexus 9 will work, two things are required...
First, this option, in Developer Options, needs to he checked box ticked...
** Enable OEM Unlock **
...followed by... (with the device booted into it's bootloader)...
Code:
fastboot oem unlock
------
UNDER ABSOLUTELY NO CIRCUMSTANCEs SHOULD THIS PROCEDURE BE REVERSED.... unless you're running 100% stock.
It will very likely cause your Nexus 9 to be become permanently semi-bricked.
The device will boot, and it will charge... However IF YOU CAN'T BOOT ANDROID, AND RE-ENABLE. the ** Enable OEM Unlock ** option in Developer Setting's, then...
Code:
fastboot oem unlock
...will fail.
And you won't even be able to fastboot flash back to factory stock.
You can't even remotely boot a recovery, with...
Code:
fastboot boot recovery
...as this too, also requires an unlocked bootloader.
I know; I've tried.
-----
And this is my current predicament... My Nexus 9 now constantly bootloops into TWRP, with this message, at the top of the screen...
This is a development device not intended for production use..
Bootloader is locked, and I can't unlock it because I can't boot Android in order to set ** Enable OEM Unlock ** in developer options.
Unless anybody has any suggestions, my Nexus 9 is now pretty much useless.
Rgrds,
Ged.
OK.. Anybody know what the setting **Enable OEM Unlock** in Developer Options actually sets.
What flag it sets?
In terms of the underlying operating system, this MUST JUST FLIP some binary state flag, such that...
Code:
fastboot oem unlock
...now works.
There's gotta be some ADB command that will re-enable this, in the absence of a bootable version of Android.
Or some terminal command like a (dd=if>of command).
----
I've been at this for now, for 12 f**king hours...
I've tried everything I know.
At one point, TWRP, didn't bootloop and booted properly. But it was a pyrrhic victory, 'cos I had nothing on the device to restore. That was four hours ago... since then TWRP just bootloops endlessly.
I suspect that when., via the bootloader, I select the FACTORY RESET option, it's looking for the stock recovery... and which of course it doesn't find.... because TWRP is installed.
Indeed, I also suspect because Lollipop now runs encrypted, there are issues with mounting the data partition.
----
Well, I guess, my Nexus 9 is pretty much screwed, I think...
It'll make a nice Christmas decoration though.. It actually lights up!!!))). It's not THAT bricked. It still lights up..
----
In conclusion..
...and for guidance for others...
***
After rooting, and fastboot flashing TWRP...
--do not relock the bootloader.--
--do not disable. ** Enable OEM Unlock ** in Developer Options--
***
If you do both, and Android won't boot, your Nexus 9 is f**cked!!
You won't be able to flash anything; not even with a a toolkit like Wugs. I've tried.
Rgrds,
Ged.
Wow, really sorry to hear about your device! Maybe somebody here can come up with a fix for you...
Thanks for giving the rest of us a heads up!
Sent from my XT1053 using Tapatalk
@GedBlake
If you have time I'm willing to help you out, I've been testing some things and may be able to help, just let me know
Don't worry! Will let demkantor help you. Have you tried fastboot erase recovery and flash stock?
MRobbo80 said:
Don't worry! Will let demkantor help you. Have you tried fastboot erase recovery and flash stock?
Click to expand...
Click to collapse
He can't fastboot because his boot loader is locked. He can't unlock boot loader because he can't check that box. I knew this was gonna be problems as soon as I saw this setting. I guess I get what google was going for, but I still don't like it.
A nexus device should be able to recover from anything short of a hand grenade, for something this simple to semi brick a nexus is ridiculous.
Op, i taje it you can get to an adb shell? Or can you not even access recovery?
di11igaf said:
He can't fastboot because his boot loader is locked. He can't unlock boot loader because he can't check that box. I knew this was gonna be problems as soon as I saw this setting. I guess I get what google was going for, but I still don't like it.
A nexus device should be able to recover from anything short of a hand grenade, for something this simple to semi brick a nexus is ridiculous.
Op, i taje it you can get to an adb shell? Or can you not even access recovery?
Click to expand...
Click to collapse
Hi, di11igaf...
Thanks for your response... And apologies for my late response. I took a few days off from Android; I just needed a break. (And I have a new Nexus 9).
Yep; whilst TWRP was bootlooping, ADB did work... certainly, ADB devices yielded a device serial number... but I had nothing to 'push'.
I had no Nandroid backups on my laptop, and no Custom ROM. zips to 'push'. (I don't even think there are any yet, for the Nexus 9).
And even if I did successfully ADB push something, TWRP was bootlooping.
TWRP was essentially just useless, other than acting as an ADB gateway.
***
demkantor said:
@GedBlake
If you have time I'm willing to help you out, I've been testing some things and may be able to help, just let me know
Click to expand...
Click to collapse
Hi, demkantor...
Thanks for your offer of help... but I now have a new Nexus 9.
Still interested though, in what you have in mind, as I suspect this particular problem is going to rear it's ugly head again sometime in the future. As other Nexus 9 devices will likely befall a similar fate to my Nexus 9....
-----------------------------------------------------------------
Hi, guys...
Thanks for your input, help and advice.
First, apologies for my language in my posts above. It's not often that I resort to expletives, even if disguised with asterisks. It was unbecoming of me, and I hope I didn't cause any offence.
On to the matter in hand...
After three days, I would dearly love to report that 'I fought the good fight', and discovered some ingenious method by which I resolved the problem... but alas I didn't.
The device continued to bootloop TWRP, and fastboot oem unlock continued to fail.
The bootloader itself was still accessible (by pressing & holding vol-down, followed by power on). This button press sequence, interrupted the bootlooping TWRP, and forced a reboot into the bootboader.
But the only real use for this, was to shut down the Nexus 9, as accessing fastboot was a sheer waste of time. With a locked and unlockable bootloader, nothing could be fastboot flashed.
The device was stuck, and with no way out.
A resolution.. but not a solution.
The Nexus 9 in question was actually bought for me, by a very close friend, for my 49th birthday on the 18th November. When she recently enquired how I was doing with it... well, as you can imagine, I was somewhat reluctant to admit that I'd screwed it up.
But eventually, and to my embarrassment, I admitted I'd made a bit of a pig's ear of it.
After she'd given me 'the look', and a sigh of exasperation, she revealed she'd also bought with it, a two year extended, no-quibble, anything-can-happens warranty. I have a similar warranty on my old Nexus 7, though I've never had any cause to avail myself of it on that older device. It adds about £80 to the price of the device. So, this morning, we both headed out to the local PC World from whence she bought the Nexus 9, and got it replaced: no questions asked.
So, I'm currently midway through setting it up again.
Needless to say, I won't be repeating the same mistake!
As it stands, right now, my replacement Nexus 9 is working just fine. And indeed, if it can be said that 'every cloud has a silver lining', it's that the replacement unit is actually 'better'. The original unit had some minor light bleed issues, and the back cover flexed inwards marginally. This new one has no lightbleed at all, and it just feels more robust, with no flexing of the back. Google and HTC really need to get these build quality issues sorted, and quickly. It's really just not good enough on a tablet at this price point.
In conclusion..
After three years of tinkering with Android devices... rooting them, flashing Custom ROMs, etc, this is the first time I've ever rendered one unusable. Not technically hardbricked, in the classical sense, with a black unresponsive screen... but certainly unusable and very likely unrecoverable.
And it's caused me to reconsider the whole point of rooting Android, and unlocking bootloaders.
What are the benefits of doing so? And what are the attendant risks?
And is it worth it?
Of course, it you're rich, and you can afford to replace a bricked device, then maybe it is worth it. Or if you happen to have a no-quibble warranty, (at an additional price), as I did... then perhaps, also it might be worth it.
***
Android today, is a wholly different beast to what it was when I first came to it back in 2011...
...with GingerBread, HoneyComb and, later Ice Cream Sandwich. Then, there where very significant benefits to rooting and flashing Custom ROMs... but today, I'm not so sure it's really worth the hassle, or potential financial cost if things go wrong. And it's been my experience of technology, that things can sometimes go horribly wrong.
***
I rooted my Nexus 9, just so I could run Titanium... A great app, but I feel it's no longer as relevant as once was... and to run Greenify, the power saving app. But if Lollipop delivers on it's promise of improved battery performance, with the so called Project Volta, then maybe even Greenify will become less relevant. And the Greenify app devs. have made great strides forward in making Greenify work in non-rooted mode anyway... I know; I have it running on my unrooted HTC One M8.
Maybe, at some point in the future, I will unlock the bootloader again, and root my Nexus 9 again... but there is going to have to be a pretty compelling reason to do so... And right now, I can't think of one.
I'm just happy to have a Nexus 9 that works one again... and I'm not inclined to take any further chances with it.
Cheers all...
Rgrds,
Ged.
GedBlake said:
Hi, di11igaf...
Thanks for your response... And apologies for my late response. I took a few days off from Android; I just needed a break. (And I have a new Nexus 9).
Yep; whilst TWRP was bootlooping, ADB did work... certainly, ADB devices yielded a device serial number... but I had nothing to 'push'.
I had no Nandroid backups on my laptop, and no Custom ROM. zips to 'push'. (I don't even think there are any yet, for the Nexus 9).
And even if I did successfully ADB push something, TWRP was bootlooping.
TWRP was essentially just useless, other than acting as an ADB gateway.
***
Hi, demkantor...
Thanks for your offer of help... but I now have a new Nexus 9.
Still interested though, in what you have in mind, as I suspect this particular problem is going to rear it's ugly head again sometime in the future. As other Nexus 9 devices will likely befall a similar fate to my Nexus 9....
-----------------------------------------------------------------
Hi, guys...
Thanks for your input, help and advice.
First, apologies for my language in my posts above. It's not often that I resort to expletives, even if disguised with asterisks. It was unbecoming of me, and I hope I didn't cause any offence.
On to the matter in hand...
After three days, I would dearly love to report that 'I fought the good fight', and discovered some ingenious method by which I resolved the problem... but alas I didn't.
The device continued to bootloop TWRP, and fastboot oem unlock continued to fail.
The bootloader itself was still accessible (by pressing & holding vol-down, followed by power on). This button press sequence, interrupted the bootlooping TWRP, and forced a reboot into the bootboader.
But the only real use for this, was to shut down the Nexus 9, as accessing fastboot was a sheer waste of time. With a locked and unlockable bootloader, nothing could be fastboot flashed.
The device was stuck, and with no way out.
A resolution.. but not a solution.
The Nexus 9 in question was actually bought for me, by a very close friend, for my 49th birthday on the 18th November. When she recently enquired how I was doing with it... well, as you can imagine, I was somewhat reluctant to admit that I'd screwed it up.
But eventually, and to my embarrassment, I admitted I'd made a bit of a pig's ear of it.
After she'd given me 'the look', and a sigh of exasperation, she revealed she'd also bought with it, a two year extended, no-quibble, anything-can-happens warranty. I have a similar warranty on my old Nexus 7, though I've never had any cause to avail myself of it on that older device. It adds about £80 to the price of the device. So, this morning, we both headed out to the local PC World from whence she bought the Nexus 9, and got it replaced: no questions asked.
So, I'm currently midway through setting it up again.
Needless to say, I won't be repeating the same mistake!
As it stands, right now, my replacement Nexus 9 is working just fine. And indeed, if it can be said that 'every cloud has a silver lining', it's that the replacement unit is actually 'better'. The original unit had some minor light bleed issues, and the back cover flexed inwards marginally. This new one has no lightbleed at all, and it just feels more robust, with no flexing of the back. Google and HTC really need to get these build quality issues sorted, and quickly. It's really just not good enough on a tablet at this price point.
In conclusion..
After three years of tinkering with Android devices... rooting them, flashing Custom ROMs, etc, this is the first time I've ever rendered one unusable. Not technically hardbricked, in the classical sense, with a black unresponsive screen... but certainly unusable and very likely unrecoverable.
And it's caused me to reconsider the whole point of rooting Android, and unlocking bootloaders.
What are the benefits of doing so? And what are the attendant risks?
And is it worth it?
Of course, it you're rich, and you can afford to replace a bricked device, then maybe it is worth it. Or if you happen to have a no-quibble warranty, (at an additional price), as I did... then perhaps, also it might be worth it.
***
Android today, is a wholly different beast to what it was when I first came to it back in 2011...
...with GingerBread, HoneyComb and, later Ice Cream Sandwich. Then, there where very significant benefits to rooting and flashing Custom ROMs... but today, I'm not so sure it's really worth the hassle, or potential financial cost if things go wrong. And it's been my experience of technology, that things can sometimes go horribly wrong.
***
I rooted my Nexus 9, just so I could run Titanium... A great app, but I feel it's no longer as relevant as once was... and to run Greenify, the power saving app. But if Lollipop delivers on it's promise of improved battery performance, with the so called Project Volta, then maybe even Greenify will become less relevant. And the Greenify app devs. have made great strides forward in making Greenify work in non-rooted mode anyway... I know; I have it running on my unrooted HTC One M8.
Maybe, at some point in the future, I will unlock the bootloader again, and root my Nexus 9 again... but there is going to have to be a pretty compelling reason to do so... And right now, I can't think of one.
I'm just happy to have a Nexus 9 that works one again... and I'm not inclined to take any further chances with it.
Cheers all...
Rgrds,
Ged.
Click to expand...
Click to collapse
As long as you don't make the same 'mistake' again,(admittedly a mistake google should have considered before implementing the 'unlockable' flag) rooting/flashing a nexus is perfectly safe. If you stay unlocked, you can recover from anything. Performance with kernels and roms will continue to get better as the nexus 9s shortcomings are discovered and figured out. (There is a lot of new things with the 9-----lollipop, 64 bit architecture, etc). Personally I need root and an unlocked boot loader, but not everybody does.
Realistically with your device having access to a # adb shell your device was probably recoverable at the very least with 'dd', but you're back up so thats good. You paid for the no questions asked warranty and used it as designed as you should have, as much as it sucks at least you're back up.
Glad everything worked out for you.
GedBlake said:
Hi, di11igaf...
Thanks for your response... And apologies for my late response. I took a few days off from Android; I just needed a break. (And I have a new Nexus 9).
Yep; whilst TWRP was bootlooping, ADB did work... certainly, ADB devices yielded a device serial number... but I had nothing to 'push'.
I had no Nandroid backups on my laptop, and no Custom ROM. zips to 'push'. (I don't even think there are any yet, for the Nexus 9).
And even if I did successfully ADB push something, TWRP was bootlooping.
TWRP was essentially just useless, other than acting as an ADB gateway.
***
Hi, demkantor...
Thanks for your offer of help... but I now have a new Nexus 9.
Still interested though, in what you have in mind, as I suspect this particular problem is going to rear it's ugly head again sometime in the future. As other Nexus 9 devices will likely befall a similar fate to my Nexus 9....
-----------------------------------------------------------------
Hi, guys...
Thanks for your input, help and advice.
First, apologies for my language in my posts above. It's not often that I resort to expletives, even if disguised with asterisks. It was unbecoming of me, and I hope I didn't cause any offence.
On to the matter in hand...
After three days, I would dearly love to report that 'I fought the good fight', and discovered some ingenious method by which I resolved the problem... but alas I didn't.
The device continued to bootloop TWRP, and fastboot oem unlock continued to fail.
The bootloader itself was still accessible (by pressing & holding vol-down, followed by power on). This button press sequence, interrupted the bootlooping TWRP, and forced a reboot into the bootboader.
But the only real use for this, was to shut down the Nexus 9, as accessing fastboot was a sheer waste of time. With a locked and unlockable bootloader, nothing could be fastboot flashed.
The device was stuck, and with no way out.
A resolution.. but not a solution.
The Nexus 9 in question was actually bought for me, by a very close friend, for my 49th birthday on the 18th November. When she recently enquired how I was doing with it... well, as you can imagine, I was somewhat reluctant to admit that I'd screwed it up.
But eventually, and to my embarrassment, I admitted I'd made a bit of a pig's ear of it.
After she'd given me 'the look', and a sigh of exasperation, she revealed she'd also bought with it, a two year extended, no-quibble, anything-can-happens warranty. I have a similar warranty on my old Nexus 7, though I've never had any cause to avail myself of it on that older device. It adds about £80 to the price of the device. So, this morning, we both headed out to the local PC World from whence she bought the Nexus 9, and got it replaced: no questions asked.
So, I'm currently midway through setting it up again.
Needless to say, I won't be repeating the same mistake!
As it stands, right now, my replacement Nexus 9 is working just fine. And indeed, if it can be said that 'every cloud has a silver lining', it's that the replacement unit is actually 'better'. The original unit had some minor light bleed issues, and the back cover flexed inwards marginally. This new one has no lightbleed at all, and it just feels more robust, with no flexing of the back. Google and HTC really need to get these build quality issues sorted, and quickly. It's really just not good enough on a tablet at this price point.
In conclusion..
After three years of tinkering with Android devices... rooting them, flashing Custom ROMs, etc, this is the first time I've ever rendered one unusable. Not technically hardbricked, in the classical sense, with a black unresponsive screen... but certainly unusable and very likely unrecoverable.
And it's caused me to reconsider the whole point of rooting Android, and unlocking bootloaders.
What are the benefits of doing so? And what are the attendant risks?
And is it worth it?
Of course, it you're rich, and you can afford to replace a bricked device, then maybe it is worth it. Or if you happen to have a no-quibble warranty, (at an additional price), as I did... then perhaps, also it might be worth it.
***
Android today, is a wholly different beast to what it was when I first came to it back in 2011...
...with GingerBread, HoneyComb and, later Ice Cream Sandwich. Then, there where very significant benefits to rooting and flashing Custom ROMs... but today, I'm not so sure it's really worth the hassle, or potential financial cost if things go wrong. And it's been my experience of technology, that things can sometimes go horribly wrong.
***
I rooted my Nexus 9, just so I could run Titanium... A great app, but I feel it's no longer as relevant as once was... and to run Greenify, the power saving app. But if Lollipop delivers on it's promise of improved battery performance, with the so called Project Volta, then maybe even Greenify will become less relevant. And the Greenify app devs. have made great strides forward in making Greenify work in non-rooted mode anyway... I know; I have it running on my unrooted HTC One M8.
Maybe, at some point in the future, I will unlock the bootloader again, and root my Nexus 9 again... but there is going to have to be a pretty compelling reason to do so... And right now, I can't think of one.
I'm just happy to have a Nexus 9 that works one again... and I'm not inclined to take any further chances with it.
Cheers all...
Rgrds,
Ged.
Click to expand...
Click to collapse
I think you simply got a good scare off this story, losing a tablet for a checkbox unchecked is quite annoying.
I like to have the bootloader unlocked/s-off as soon as I get a device, so that I can do whatever I like with it the future. I personally couldn't live without root and custom roms, but I guess that my opinion could differ from yours
Sent from my GT-I9100 using XDA Free mobile app
totalnoob34 said:
I think you simply got a good scare off this story, losing a tablet for a checkbox unchecked is quite annoying.
I like to have the bootloader unlocked/s-off as soon as I get a device, so that I can do whatever I like with it the future. I personally couldn't live without root and custom roms, but I guess that my opinion could differ from yours
Sent from my GT-I9100 using XDA Free mobile app
Click to expand...
Click to collapse
A good 'scare off' story is perhaps sometimes a good thing. It helps keep perspective. A 'chilling' perspective...
Rooting, unlocking bootloaders, and/or flashing custom roms/kernels/recoveries, etc... should, I think, NEVER be considered routine.
We're not talking about installing Angry Birds here... there is always going to be some element of risk to the device.
However, with all that said... I've decided that some valid points have been made... And so I have decided to bite the bullet, and root my replacement Nexus 9.
Currently backing everything up to my laptop...
I'm going to use CF-Auto root... And stay clear of TWRP. I have some suspicions that the presence of TWRP (which endlessly bootlooped), played some part in the previous debacle.
Hope my female friend, who bought me this device, doesn't learn that I'm messing with it again. She'll give me all kinds of hell if I screw it up again!!
Anyhow, signing off for now... progress report later.
Rgrds,
Ged.
Yay!!!! My Nexus 9 bootloader is now unlocked, and successfully rooted... and without problems.
I can now rest easy... .
Thanks once again, for everybodies input, help, advice and guidance.
Kind Rgrds,
Ged.
GedBlake said:
A good 'scare off' story is perhaps sometimes a good thing. It helps keep perspective. A 'chilling' perspective...
Rooting, unlocking bootloaders, and/or flashing custom roms/kernels/recoveries, etc... should, I think, NEVER be considered routine.
We're not talking about installing Angry Birds here... there is always going to be some element of risk to the device.
However, with all that said... I've decided that some valid points have been made... And so I have decided to bite the bullet, and root my replacement Nexus 9.
Currently backing everything up to my laptop...
I'm going to use CF-Auto root... And stay clear of TWRP. I have some suspicions that the presence of TWRP (which endlessly bootlooped), played some part in the previous debacle.
Hope my female friend, who bought me this device, doesn't learn that I'm messing with it again. She'll give me all kinds of hell if I screw it up again!!
Anyhow, signing off for now... progress report later.
Rgrds,
Ged.
Yay!!!! My Nexus 9 bootloader is now unlocked, and successfully rooted... and without problems.
I can now rest easy... .
Thanks once again, for everybodies input, help, advice and guidance.
Kind Rgrds,
Ged.
Click to expand...
Click to collapse
In my opinion, unlocking the bootloader and rooting is routine, on mine and on my close friends' phones. But, as I said, everyone is free to do whatever he likes with their device
I've always had bad luck with TWRP on my devices. I always use ClockworkMod recovery, even if someone specifically recommends TWRP for some task.
But don't be scared by this episode. From your post, you definitely know what you're doing and eventually hit a brick wall. Yeah, **** happens. It's an inherent risk of modding your device.
Just don't give up.
I just relocked mine prior to sending it back, however, I was stock.
I did a full wipe, then did a fastboot oem lock, then booted back into android, re-enabled Developer Options, disabled OEM Unlock option and wiped again - booted into setup screen no problem.
Now packed up ready to send back to Google.
StuMcBill said:
I just relocked mine prior to sending it back, however, I was stock.
I did a full wipe, then did a fastboot oem lock, then booted back into android, re-enabled Developer Options, disabled OEM Unlock option and wiped again - booted into setup screen no problem.
Now packed up ready to send back to Google.
Click to expand...
Click to collapse
that sounds like the logical proper order to do it.
Sent from my Nexus 9 using Tapatalk
Thanks for the warning. So to sum it up, if we need to enable oem unlock, we should be in stock 100%. Right?
albsat said:
Thanks for the warning. So to sum it up, if we need to enable oem unlock, we should be in stock 100%. Right?
Click to expand...
Click to collapse
Hi, albsat...
Apologies it's taken me so long to respond, but with Christmas coming up, and helping out with family related stuff, I've not had much chance this past week to post stuff.
---
Anyhow, to try to answer to your question...
Having thought long and hard about this problem... the problem isn't so much re-locking the bootloader with fastboot oem lock. I suspect this alone, shouldn't cause any problems.
It's the **Enable OEM unlock** setting in Developer Options, that is potentially dangerous.
---
If Android (for whatever reason) won't boot, (bootlooping, for example), and if all other possible remedies fail... you would normally just (re)unlock the bootloader with fastboot oem unlock, and fastboot flash a factory image.
BUT THIS WILL NOT WORK, if the **Enable OEM unlock** setting in Developer Options has also been disabled.
If the device is soft-bricked at this point, and Android won't boot such that you cannot gain access to Developer Options (in order to re-enable that setting), then the device is permanently soft-bricked.
And there is nothing that can be done to rescue the device. And this was my earlier prediciment, as previously described.
---
Let me see of if I can explain why I think this...
In a previous post on this thread, I wrote the following...
GedBlake said:
...anybody know what the setting **Enable OEM Unlock** in Developer Options actually sets.
What flag it sets?
In terms of the underlying operating system, this MUST JUST FLIP some binary state flag, such that...
There's gotta be some ADB command that will re-enable this, in the absence of a bootable version of Android.
Or some terminal command like a (dd=if>of command).
Click to expand...
Click to collapse
This was largely just desperate optimism on my part, in the hope that somebody might know of some ADB or terminal command... but having recently read the OP in this thread, I now know that my attempts to unbrick my previous Nexus 9, was likely a hopeless cause.
If, and as I suspect, the **Enable OEM unlock** setting in Developer Options, is an additional layer of security, then it probably CANNOT be circumvented by some ADB or terminal command.
It wouldn't be much of a security measure if it was that easy!!
Consider the following hypothetical scenario...
"Let's suppose a guy, a regular non-techy kind of guy, buys a brand new Nexus 9 tomorrow. Now, this guy knows nothing about fastboot or factory stock images or any of that stuff. Developer Options, by default, is hidden to him, 'cos he doesn't know you need to tap 7 times on the build number... And so, consequently also, the **Enable OEM unlock** setting is also hidden and by default, it's disabled.
He doesn't know this, and from his point of view, he doesn't want or need to know this. He just wants a nice tablet for browsing the web, checking his emails, posting on Twitter or Facebook, and maybe playing the occasional game. So he takes his new purchase home, and sets it up... with WiFi key and Google Account details, etc. He installs some apps from PlayStore, and copies over his music/pics/documents and other stuff from his laptop.
**But he's a security minded guy, so he decides to set a LOCK PATTERN or PIN NUMBER on his lock screen.**
One day, whilst going to work, he absent mindedly leaves his Nexus 9 on the train... which is then subsequently found by somebody who is not entirely honest. Instead of turning it into the police or the train stations lost property office, this scurrilous individual decides to keep the tablet for himself. He sees the device is PIN or PATTERN locked, but being a bit of an Android expert, he's non too worried about this. All he has to do, is unlock the bootloader and fastboot flash a factory stock image, and the stolen device will be his...
...Or so he thinks!!!
His first stumbling block (and upon which successfully flashing a factory stock image depends), is first unlocking the bootloader... and which of course will fail, because the lawful owner NEVER enabled **Enable OEM unlock** in Developer Options. Indeed, he wasn't even aware that such a setting existed. And our opportunist thief cannot boot Android in order to enable this setting, because he is not in possession of the LOCK PATTERN or PIN CODE required to get past the lock screen.
He is in possession of a useless tablet."
So, in this scenario... the setting **Enable OEM unlock** in Developer Options, has served it's purpose, in rendering the Nexus 9 useless to somebody who has no lawful right to it, and why I think that there was no possible way of salvaging my original Nexus 9. Any such method would undermine the whole point of it.
---
So, in conclusion...
Re-locking the bootloader is probably safe... The danger is ALSO, AND AT THE SAME TIME disabling the **Enable OEM unlock** option in Developer Options... and is risky, as you're potentially disallowing the bootloader from EVER being unlocked again.
And if Android won't boot... FOR WHATEVER REASON, there is NO WAY of re-enabling that setting.
So, once you've enabled it, my advice is to NEVER disable it... regardless of what you do with the bootloader lock state.
---
Anyhow, I hope my lengthy post sheds some light on all of this... And is of assistence to whomever has the patience to read the whole damn thing.
Sorry, but I do tend to waffle on at times.
Kind Rgrds,
Ged.
My case is similar, the only difference is that I never changed the recovery. After a few days of it working ok, at the startup it just stays at the Google logo.
Tried a Factory Reset and Wipe and not yet a single change. Next step would be to just flash the stock ROM, but wait! Developer Options was never enabled nor was Enable OEM Unlock.
I bought this $450 tablet in the US and I live in Brazil and now I cannot even return it. This is how dumb the decision to add this toggle was. And I tought Google made the device for developers.
dirceucorsetti said:
My case is similar, the only difference is that I never changed the recovery. After a few days of it working ok, at the startup it just stays at the Google logo.
Tried a Factory Reset and Wipe and not yet a single change. Next step would be to just flash the stock ROM, but wait! Developer Options was never enabled nor was Enable OEM Unlock.
I bought this $450 tablet in the US and I live in Brazil and now I cannot even return it. This is how dumb the decision to add this toggle was. And I tought Google made the device for developers.
Click to expand...
Click to collapse
You're fine. Just find the factory update.zip and install it via factory recovery, along with a userdata wipe.
After a few tries the factory reset was well succeeded. Thanks for the info though. I had no knowledge that I could flash the stock version via factory recovery. I guess I'm back to the noob pack.
Same just happened to me and I'm stuck. Is there any way to even use TWRP? I can boot into it but it can't mount storage which makes it useless afaik. I was running stock rom and everything except recovery..
You still have no answer to your problem?
Edit: after trying factory reset through the bootloader the recovery won't boot anymore..
For those who are bothered by the whispers of the QFUSE blowing with a Unlocked or Locked Bootloader :
You can :
Unlock and Re-lock the Bootloader with the stock out the box - The QFuse will say ENABLED
Wipe the system Partition - AKA no android OS installed and Lock and Re-lock - The QFuse will say ENABLED
Flash the Factory images Manually ( Boot / Bootloader / Radio / System / Userdata / Cache / Vendor ) - The QFuse will say ENABLED
The Finger Print Scanner IS NOT disabled with an unlocked boot loader or Rooting.
Current root has allowed me to run - Adblock plus and Root Explorer ( paid )
Flashed TWRP and rooted and left bootloader unlocked Qfuse is still enabled.
what happens when you unlock and flash a custom recovery?
Sent from my A0001 using Tapatalk
The QFuse is actually an array of different bits that control several different things on the device. In this case, we're talking about the Qualcomm secure boot fuse, which is actually blown at the factory (hence it always being enabled) to prevent an insecure bootloader from being run. It does not track any modifications to the phone other than that, so whatever you decide to do, the bootloader will always read the same thing. I think people are confusing this with Samsung Knox, which is specifically made for tracking modifications and storing them for warranty purposes.
I found this information that's a couple years old, but presumably still accurate:
Much of Qualcomm's security architecture is implemented using QFuses, which are software-programmable fuses that allow one-time configuration of device settings and cryptographic materials such as hashes or keys. Because of their physical nature, once a QFuse has been blown, it is impossible to "unblow" it to revert its original value.
If the FORCE_TRUSTED_BOOT QFuse is blown, as is the case on all production Motorola devices, each stage of the boot chain is cryptographically verified to ensure only authorized bootloader stages may be run. In particular, the PBL ("Primary Bootloader"), which resides in mask ROM, verifies the integrity of the SBL1 ("Secondary Bootloader") via a SHA1 hash. Each stage of the boot chain verifies the next stage using RSA signatures, until finally Motorola's APPSBL ("Application Secondary Bootloader"), "MBM", is loaded and run.
http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html
Click to expand...
Click to collapse
So, as kibmikey1 says, it would seem the Qfuse has nothing to do with unlocking the bootloader. It's just a way to set cryptographic keys in the hardware for verifying the authenticity of the bootloader, in a manner that makes it impossible to change the keys. In other words, once the fuse is blown the keys can't phyically be changed or overwritten. Presumably Google has the key and can sign new bootloader images correctly, so that when there is an update to the bootloader it will be verified properly by the chipset.
One has to wonder, how did the rumor start about the Qfuse being a way of tracking bootloader unlocks?
cb474 said:
I found this information that's a couple years old, but presumably still accurate:
So, as kibmikey1 says, it would seem the Qfuse has nothing to do with unlocking the bootloader. It's just a way to set cryptographic keys in the hardware for verifying the authenticity of the bootloader, in a manner that makes it impossible to change the keys. In other words, once the fuse is blown the keys can't phyically be changed or overwritten. Presumably Google has the key and can sign new bootloader images correctly, so that when there is an update to the bootloader it will be verified properly by the chipset.
One has to wonder, how did the rumor start about the Qfuse being a way of tracking bootloader unlocks?
Click to expand...
Click to collapse
The Internet that's why, people who are afraid of trying to root who don't know anything spread the rumors.
Deemed as a good excuse not to root or scare others off.
Have you tried to use Android Pay while rooted? Curious if it really does cause the cards not to read (since a workaround is needed to even add cards to begin with)
I'm curious about just unlocking the bootloader and the status of Android Pay?
Sent from my Nexus 6 using Tapatalk
Anyone's Nexus imprint flaky after bootloader unlock? About 80% of the time when I place my finger on the sensor, it wakes up to the lock screen (waiting for pin code I set up). Other times it wakes/unlocks to home screen. The only thing I have done is unlocked the bootloader and installed my apps via play store..
I have even started to disable apps that could interfere like Cerberus, but it does not seem to have any affect..
one7dchevy said:
Anyone's Nexus imprint flaky after bootloader unlock? About 80% of the time when I place my finger on the sensor, it wakes up to the lock screen (waiting for pin code I set up). Other times it wakes/unlocks to home screen. The only thing I have done is unlocked the bootloader and installed my apps via play store..
I have even started to disable apps that could interfere like Cerberus, but it does not seem to have any affect..
Click to expand...
Click to collapse
Nope, mines identical to before unlocking , try re adding your finger print
Sent from my Nexus 6P using Tapatalk
italia0101 said:
Nope, mines identical to before unlocking , try re adding your finger print
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
Hmm ok thanks! Guess I'll live with it until after I root/twrp and flash a new rom.
one7dchevy said:
Anyone's Nexus imprint flaky after bootloader unlock? About 80% of the time when I place my finger on the sensor, it wakes up to the lock screen (waiting for pin code I set up). Other times it wakes/unlocks to home screen. The only thing I have done is unlocked the bootloader and installed my apps via play store..
I have even started to disable apps that could interfere like Cerberus, but it does not seem to have any affect..
Click to expand...
Click to collapse
If you use an app that turns off the screen, this will happen. I made the same mistake and restored the 'Screen Off' app.
I have since uninstalled it and locks my phone with the power button exclusively. Not as convenient, but I really like the Imprint
ctbear said:
If you use an app that turns off the screen, this will happen. I made the same mistake and restored the 'Screen Off' app.
I have since uninstalled it and locks my phone with the power button exclusively. Not as convenient, but I really like the Imprint
Click to expand...
Click to collapse
haha you know what, I just realized that as I was sitting down to check this thread again. Ironically your post nailed it.
one7dchevy said:
haha you know what, I just realized that as I was sitting down to check this thread again. Ironically your post nailed it.
Click to expand...
Click to collapse
Same here
av8rdude said:
I'm curious about just unlocking the bootloader and the status of Android Pay?
Sent from my Nexus 6 using Tapatalk
Click to expand...
Click to collapse
Don't mean to hijack as imprint is different, but I'm interested in a definitive response on this also. As of 12 hours ago, I hadn't been able to locate this info. I've read that unlock disables Pay, but I'm not sure that was from a non-rooted user. On N5 L, Android Pay works with unlocked bootloader. So, has anyone been able to use Pay on non-rooted, unlocked 6P?
Sent from my Nexus 9 using Tapatalk
My 6P's bootloader is unlocked. I haven't changed anything else (stock recovery, unrooted., etc) and Pay works fine for me.
nkornbau said:
My 6P's bootloader is unlocked. I haven't changed anything else (stock recovery, unrooted., etc) and Pay works fine for me.
Click to expand...
Click to collapse
You've used Pay, not just added cards with the unlocked bootloader?
Sent from my Nexus 6P using Tapatalk
nkornbau said:
My 6P's bootloader is unlocked. I haven't changed anything else (stock recovery, unrooted., etc) and Pay works fine for me.
Click to expand...
Click to collapse
Thanks for the post. I will ask the same question: you've actually used it?
Sent from my Nexus 9 using Tapatalk
msaly said:
You've used Pay, not just added cards with the unlocked bootloader?
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
ritchea said:
Thanks for the post. I will ask the same question: you've actually used it?
Sent from my Nexus 9 using Tapatalk
Click to expand...
Click to collapse
I have paid with it several times now, without issue.
nkornbau said:
I have paid with it several times now, without issue.
Click to expand...
Click to collapse
Thanks.
Sent from my Nexus 9 using Tapatalk
Pay doesn't work once you rooted if I'm not mistaken.