So with the introduction of the stock Gingerbread it includes full device encryption. IMO this is a huge win for Androids everywhere since it now supports all exchange policies (i'm also the exchange admin) and i don't need to use touchdown.
The issue is when I run the unlocked bootloader the encryption breaks. It gets about 25% done and clears the screen and continues booting. Once the system boots up encryption boxes for device and sdcard is enabled but testing new files on the sdcard on my laptop I can open the files. While on the stock bootloader it gets to 100% and any new files on my sdcard cannot be opened on the laptop.
Is anyone aware of this issue?
Ravinmiist
Related
Has anybody already found out how the On Device Encryption can be activated on this device?
Do you have to add an Exchange server or Afaria ([com.Android.Afaria, which says "this version of the client does not support the Samsung Galaxy S2 AES." at the moment)?
I found some clues in having a Encrypt.apk in /system/app, which uses the permissions "com.sec.android.permission.ENCRYPT" and "android.permission.sec.MDM_SECURITY" and publishes an intent filter for "com.sec.android.app.encrypt.action.ENCRYPT".
There also is a clue in init.rc:
" # SEC_DMCRYPT efs or cache or lfs partition required
exec apply_sec_devenc_init"
Any luck with this? I'm very interested in getting on-device encryption up and running (with-out the need for any server bound tools from MS) and have a Galaxy S II on it's way (should arrive Wed/Thur.
I plan on digging around once I get it, but so far searchers here, Samsung, and through Google have not turned up anything. Only this thread and a lot of marketing junk.
I'm quite interested in this too. From what I've read from Samsung, it seems to be enabled automatically.
Gonna have a deeper look on how it's implemented, but there's really only 2 ways they could do it, at the filesystem level (eg. encrypting per cluster) or at a flash level (eg. encrypting per block).
From what i've heard,,setting up an exchange server will do this automatically,,,m not sure,never tried..
Old thread, don't shoot at me, got new news for old thread
First off, yeah, it's a feature only used when an Exchange policy enforces "device must be enrypted".
Samsung obviously didn't plan on making this feature "publically" accessible by the average user.
I hope they will keep Android 4.0's device encryption feature, as since 3.x it's an official part of Android, just not in 2.3.x or even below - so Sammy really added somthing usually not available here, like the USB OTG/host.
Anyways, I'm at ~85% of having Device Encryption "under my controll", i.e. enabling it without an Exchange account that enforces said policy
(click for larger view)
There will be a few quirks:
must disable the "On Boot Completed" autostart of Encrypt.apk using some app managing app
Will NOT work with most (if not all) custom kernels! If your kernel of choice uses CWM there's a 100% chance it will NOT work. The whole thing (even the "unlock" on boot) depends on the stock recovery being present.
Additional commands (usually symlinks to busybox) in /sbin will also get you stuck in a bootloop
Since /data isn't available unless "unlocked", some things like the language setting will snap back to the default of the ROM you're using.
Only "Password" unlock will be usable when using device encryption as you need to enter it on boot, very early when the OS starts booting up, no pattern unlock or the likes are supported for that.
Apart from that, the SGS2 really becomms a kind of a high-security fortress when using the encryption.
I now need to figure out a few last smaller details and make an idiot-pove app to enable it.
The app is what now will take the most of time XD
Bought a quad core Onda clone tablet (AOC Leopard hardware designation) from China - yes i know, i know, it was a bad idea but the spec was so good i thought it might get me into the tablet fun everyone seems to be having - i repair em but dont really have a lot of knowledge on the software side of things for hacking these things - although after the last two weeks of hacking the thing I am becoming a bit of an expert.
Here is a link to the same one albeit with a different manufacturer made up name - as you can see the spec (Quad core, 1Gb ram, 16Gb storage and hdmi) is amazing for the price of £42 I won it for at the auction so it was more of a plaything to learn on than a big purchase for me.
I am pretty good with Linux so be as technical as you need to be.
Basically the thing buggered up when my mate plugged in the wrong power supply and thankfully it still booted albeit with the OS or bootloader I suspect corrupted.
It is stuck on the Onda loading screen leading to my assumption that it is in a boot loop.
I have spent the last two weeks trying to find drivers for windows , a compatible os and a way to get it restored - ahh the perils of buying chinese!!!
Problem I have now is that the sdcard slot is completely snafu due to my careless and fat fingered fiddling and to be honest a slight bit of temper with the thing after two weeks of head scratching - do you blame me!!!
I have managed to get it recognised by windows by trying driver after driver on the internet until i found one that worked - the perils of buying a no name chinese clone are myriad.
Without the sdcard slot the problem is now worse as i have to use the usb slot connected to the pc and sideload the apps and os but thankfully that is sorted now - Have installed the Android development Bridge - SDK toolkit and adb devices linux command was coming up with no devices but i figured it out with a lot of fiddling with the android ini file in the user profile and the dev id in system device drivers in case anyone else is trying to figure that one out - its a very obscure fix but it works.
So all is swoopy and seemed to be going well until i got the same error i was getting with the sdcard when i tried to sideload a new os - sideloads the new "update.zip" perfectly and even passes the file verification but crashes out with the fatal "unexpected error" have tried Onda official zips and Cyanogenmod flashes but i reckon the problem is because the system is not rooted and doesnt have the cyanogen bootloader installed even though i rooted it with supersu before it went up the khyber so in essence I need root to get the new os on and yes "shell su" command doesnt work as the device is only in sideload mode - only option on the 3e emergency recovery mode on the tablet is either reload from usb , sideload from usb as well as the usual clear cache, reset system and clear user data.
I should add that the hardware isnt snafu as I can see my old files and the operating system on the flash drive when i use recovery mode (power button / up volume combo) - load from sdcard option when i choose browse to sdcard - Linux always mounts the onboard flash as sdcard and an external sdcard as ext-sdcard on a tablet or smartphone - so i can select sdcard and then browse the main flash storage where i can see all my movies , development programs apk's and the Linux system itself but obviously cannot do anything else other than browse the thing for a ZIP to upload onto the \temp which is then extracted by the Emegency recovery environment - checked for verification - it then seems to prepare to install but fails with as you say the usual "unknown error" which i only assume is because I dont have root i cant go any further.
Oneclick root doesnt work.
Also tried the pad product tool v1.05 for direct flash to the tablet using Ainol Novo 10 Captain firmware and it wont even work.
Flashboot adb doesnt work.
Rockchip android tool doesnt work.
Kinda running out of ideas now!!!
Ok ok so what i need to know is basically - Does anyone know if it is possible to root and install a new bootloader from the usb sideloader - ie Adb sideload "filename".
And yes i have tried the pinhole reset button on the back of the tablet and the wipe system and reload option in the recovery menu so hopefully there are some good techies on here who know how to su the bootloader and reload the os or if it is even possible!!!
This is not an Android project so I don't feel that posting it in the Android Development forum would be appropriate.
ArchLinuxARM for the manta (Samsung/Google Nexus 10) - Native Boot
Working:
Wi-Fi (with NetworkManager)
Audio (requires manual intervention)
Not Working:
Bluetooth
2D & 3D Accelerated Graphics
Installation (to a subfolder of the /data partition)
You will need a Terminal Emulator or ADB Shell to install.
This assumes that arch_manta_20141210_root.tar.gz is in the root of your internal storage (/data/media/0).
Code:
su
mkdir /data/local/arch
tar -C /data/local/arch -xpzvf /data/media/0/arch_manta_20141210_root.tar.gz
Booting
Since there is no workable multiboot solution for the Nexus 10 yet, you can take one of two routes to boot this thing:
Option 1: Flash the arch_boot.img to either the recovery or the boot partition of the internal flash chip. Due to risk of BRICKING if you flash to the wrong partition, I will not provide instructions here. I might make a flashable zip later on. Note that this removes access to Android.
Option 2: Use Fastboot to tethered boot the provided kernel from another computer where it is installed:
Code:
fastboot boot boot_arch_manta.img
Logging in
The username is "arch" and the password is "archlinux". Change the password ASAP.
For root, the username is "root" and the password is also "root". CHANGE THE PASSWORD ASAP!
You'll probably want to enable the On-Screen Keyboard (onboard) and set your Session to "MATE" up in the top right corner.
To make audio work after booting and logging in, run "fix_audio.sh" in a terminal.
Read Me
If you WIPE DATA, it will also WIPE OUT THIS PORT, all its applications, and any files you may have stored within it!
Downloads
root filesystem archive: https://drive.google.com/file/d/0B4WUjKii92l2Qkd6S3c3M2tDcTQ/view?usp=sharing
kernel for fastboot or flashing: https://drive.google.com/file/d/0B4WUjKii92l2UGhIWTlVam5vSk0/view?usp=sharing
Kernel Source: https://github.com/willcast/kernel_manta
Also available for:
Nexus 7 2013: http://forum.xda-developers.com/nex...fficial-archlinuxarm-release-n7-2013-t2969301
Galaxy S3 LTE: http://forum.xda-developers.com/gal...unofficial-port-archlinuxarm-release-t2969290
HP TouchPad: http://forum.xda-developers.com/hp-touchpad/other/unofficial-archlinuxarm-release-hp-t2969310
HTC HD2: http://forum.xda-developers.com/hd2-ubuntu/development/unofficial-archlinuxarm-htc-hd2-t2970483
Free space required?
Started with 5GB+ before downloading the 1.5 tar.gz, thought it will be enough but I'm supposed it wasn't cuz I'm getting "No space left in the device" although I still have 537MB free left.
Hmm, shouldn't do that. The archive itself is 4,060 MB uncompressed according to gzip -l.
Try booting it anyway, maybe? Also, perhaps I uploaded a truncated archive. I'll have to check.
Edit: Wait, you'd need upwards of 5.5 GB free to have both the archive and the extracted files on /data.
So, I deleted my nandroid backup and was able to install it. Actually it runs very well, I think even better than when ubuntu was being officially developed by canonical for the nexus 7. Of course it was easier to run because of the MultiRom solution, always wonder why Nexus 10 it's not supported, like Nexus 4, 5, 7 and even som non-nexus devices.
tavocabe said:
So, I deleted my nandroid backup and was able to install it. Actually it runs very well, I think even better than when ubuntu was being officially developed by canonical for the nexus 7. Of course it was easier to run because of the MultiRom solution, always wonder why Nexus 10 it's not supported, like Nexus 4, 5, 7 and even som non-nexus devices.
Click to expand...
Click to collapse
I don't know, honestly. After I'm done with the HD2 flash-image port of this, I'm looking at porting kexec hardboot from a random old Epic 4G kernel to my kernel_manta on github, because that's the only ready-made Exynos hardboot patch I can find through google. Then, we could boot this with a script similar to the Galaxy S III LTE port, and someone could theoretically port MultiROM, though that someone is probably not going to be me.
Thank you, Castwilliam! It run good , with some gitch on screen, but better than ubuntu phone devReview .
But when I run pacman -Syu ( update packages), reboot and it become blackscreen, try many taps in middle touch screen, intensity light of screen is something change. What wrong when update packages in pacman ?_?.
Is the booting option 2 temporary? Can I just turn off nexus and boot back to android? Can I unplug the nexus from PC while running linux?
I have no idea what I am doing here (and you probably dislike dealing with noobs flooding forums with questions right? :silly: )
Dri0m said:
Is the booting option 2 temporary? Can I just turn off nexus and boot back to android? Can I unplug the nexus from PC while running linux?
I have no idea what I am doing here (and you probably dislike dealing with noobs flooding forums with questions right? :silly: )
Click to expand...
Click to collapse
Yes, yes and yes
Hello,
This is awesome work! It booted properly, connected to a network, and programs run just fine. But as the tablet's pixel density is pretty high, it isn't too comfortable to use. I tried adding a new resolution using xrandr, but it throws something along the lines of "failed to get gamma size for display default". I've tried googling for it, but nothing worked. What can I do to resolve this?
Thanks,
Vedanth
Hello,
I am new to xda, but with what I would say a good understanding of computers in general, and good knowledge of c programming (if that matters)
I am structuring a guide for myself to be as foolproof as possible when attempting flashing my new phone. Please fill in any voids, comment, or answer questions if you can. This should prove useful to other users as well as it's not so model-specific.
1) It appears that the custom recovery of choice in most situations and for the time being is TWRP (correct?).
2) If I can get a backup of EVERY partition on my stock phone (as it came from the factory) using TWRP, could I conceivably restore ALL of them and be in a factory default setting? Excluding stuff like eFuse and similar mechanisms.
3) If the phone supports fastboot, unlocked bootloader and there is a compatible TWRP for it, would it be possible to boot the TWRP recovery through fastboot (without flashing that particular partition to phone), open a shell and take backups of all partitions on the phone? That should give us a file for each partition.
4) If one accomplishes step 3 successfully, in what scenarios would he/she NOT be able to bring the phone back to life after software bricking?
Minor questions:
a) "To have root" on a phone, is basically the same as having a root account on a BOOTED OS partition (like the admin accoun on a booted windows machine, or a root account on a linux machine)? If that's the case, booting a different partition (for example the recovery partition) could also give you root priviledges without affecting the booted partition, correct?
b) Why do some custom ROMs require a certain version of the stock/OEM rom to be installed PRIOR to flashing, since they are going to replace those partitions anyway?
c) How is Xiaomi's Anti Roll Back (ARB) feature implemented, if one restores all partitions to stock from step (3) ? There must be some other places of storing of information on the phone, besides internal memory, correct?
Hello,
my wife recently found her (very) old 'Medion E4504' and now claims that it appartly has many important pictures and messages stored, but she does not remember the PIN.
I can boot it up normally, but of course without the PIN we cannot get past the lockscreen.
As far as I can tell, it runs on Android 5.1 Lollipop, developer options (and USB-debugging) are disabled and it is not rooted.
If I hook it up to a PC, it is recognized, but I cannot see any files on the internal storage, I assume because it is locked.
Is there any way to either bypass the lockscreen (without hard reset and loosing all data of course), or alternatively somehow accessing the internal storage?
I tried this, but it does not work, since I cannot paste anything into the PIN field:
Android 5.x Lockscreen Bypass (CVE-2015-3860)
sites.utexas.edu
Perhaps the phone runs on a later software version where this was fixed.
I tried adb, but when I adb devices when it is booted up to the lockscreen, I cannot see it.
If I boot into bootloader, I can see it in the list if I adb devices, but it seems other commands do not work, I assume because developer options and USB-debugging are not enabled.
Thus, this did not work:
[Android][Guide]Hacking And Bypassing Android Password/Pattern/Face/PI
- DISCLAIMER - This Is For Educational Purposes Only You Shall Not Use This On Other People Phones Without Permission Under Any Circumstances I'm Not Responsible For Any Eventual Errors And Misbehaving Of Your Devices Files And Tutorials Are...
forum.xda-developers.com
Does anyone have any idea?
I would have thought that Android Lollipop 5.1 would be easier to beat . . .
I welcome all suggestions!
Regarding adb, please explain it to me as if I was a five year old, as I do not know much about adb.
Quick update:
I was able to boot into recovery and backup data on a microSD.
I now have two files: 'userdata_20150101_000026.backup' and 'userdata_20150101_000026.backup1', and am trying to figure out if it is possible to extract data from these files on a windows machine.
Sorry, if this is maybe trivial to some, but I am not a pro . . .