Hi All,
I have been checking a lot of ROM's recently i have find 2-3 settings in all ROM's which might sound a good choice for dev's however i am not sure whether they should be the same for user or not.
Some of the samples include
Code:
chmod 0777 /system
and all internal places.
this effectively allows us to do a adb push easily and without any hassels however per my study this allow just about anyone to mingle with any file whatsoever on my system.
Note : Having root of my own device to tinker with it is one thing. and handing over my device all permissions to someone else is another thing.
also another setting which bothers me is
Code:
ro.secure=0
which effectively allows adb to open shell in root mode directly.
can any dev help me in understand is this necessary for normal users.
also the reason why this thread is here is coz this needs discussion as this could very well turn out to be a security issues, as android platform is starting to get the limelight so will be getting eyes of both good and bad too....
also would love if someone can help me in compiling tips for normal users what they need to do and not do.
example
USB debugging should only be enabled when it is needed and not everytime.
Mod's I hope i am not voilating any rules by posting this here.
My point of view is cleary no and the obvious reason for that is that most users dont really know what they're doing, just try (most of the times to reach performance) something that someone who knows what are doing to get this or that.
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Edit:
I wonder with some behavior of some guys and with super root access that de had what could happen to the most of users around here if we have a real bootloader crack instead of bypass. Probably need to be rich to buy a new like avery week
Cheers old IBM'ER friend
Sent from my X10i using Tapatalk
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
@Hzu
You're write about the name I just forgot it since I wont use linux for about four years (since I work where im on now) but I think you get my point
Cheers
Sent from my X10i using Tapatalk
But you are still right though, people messing with the system without knowing what they are doing, and then blames the system for corrupting.
Seems like OP has did research, it should be OK for him to continue his research.
Hzu said:
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
Click to expand...
Click to collapse
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
anantshri said:
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
Click to expand...
Click to collapse
Even though I tend to agree with the above posts, I have to say that there is also another side that we should all consider.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Xperia X10i via Tapatalk
rendeiro2005 said:
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Click to expand...
Click to collapse
Is that not what the superuser app does?
I'm not a dev but I kno enough about linux to want rw to /system but I agree most users are stupid (well at least don't know what there doing). Apps that let you do damage to /system like root explorer allows you to easily mount it rw anyway. I can't see much extra danger having it always rw when you've already got root.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Click to expand...
Click to collapse
Agree ppl flashing roms should take a little time to learn about what they're doing but ppl are too lazy and want a quick fix. But if someone soft bricks their phone because they don't understand what their doing and don't read the instructions properly then its their fault and not the devs. But its not hard to connect to PC companion and repair and they've learnt a valuable lesson in the process.
No, the superuser app don't ask for password. Like in linux distros for the pc, you can set whether to have password or not, this can be done via visudo. Just google for visudo then you will understand.
Sent from my X10 using XDA App
Yeah the post requested a message or password, superuser provides a message. Yeah I use linux for a PVR so know what you mean.
resurrecting an old thread just to inform all dev's i have compiles some of the issues that i see could be a potential security issues.
http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/
hope this could help making ROMs more secure.
From http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/#comment-66733
"
Hi Anant
After i´ve read your white paper i got 2 conclusions:
1. you`re absolutely right and explain it as it should but…
2. If Devs consider all that why develop anything?
As principle i think you´re right but that fact is if any rom will be developed as “closed” almost anyone use it and no matter what make you develop you certain won´t develop for 1/2 guys/gals. For that we have stock ones
Now. I can agree with something like a big alert on every rom development section/thread about the potential risk by install an “open” rom but more than that it will kill all development in the end
Cheers pal
"
Perhaps the way forward is to have the warnings you have mentioned, but also encourage our devs to have a "security tester", another dev with the time and skill to give approval to the zip package. Zips have worried me too. This is a community after all, security is in all our interests.
Sent from my X10i using XDA App
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
anantshri said:
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
Click to expand...
Click to collapse
Hi bro
i did get your point! maybe i didn´t explain my point very clearly sorry if i didn`t
i perfectly support your idea...as you say ... "that's idealism, not reality."
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Crowds said:
Hi bro
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Click to expand...
Click to collapse
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
anantshri said:
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
Click to expand...
Click to collapse
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Crowds said:
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Click to expand...
Click to collapse
change in ro.secure need to go to ramdisk.
also after that setting try pulling /data/data or /system in adb.
nothing except adb's default behaviour will change.
Related
Greetings all,
This is my first post here. I hope to make it a memorable one.
Really; I've been programming on the UNIX system for more than 20 years.
Having picked up and activated a brand new HTC-EVO android-2.2 (froyo) 4
days ago. I discover "big brother's watching" (google). This is completely unacceptable. Looking for the definitive answer brings me to XDA. So, I spent the past 2 days reading threads here. But can't shake the notion that all of this "rooting" seems overly complicated. I mean if android runs atop Linux, WTF is all this MS-DOS BS? Granted, I'm new to the EVO, but in UNIX, it seems that a simple:
Code:
# su
password
# mkdir /evoandroid
# mount /dev/android-device /evoandroid
dd if=<your-ROM-name-here> of=/evoandroid
would suffice.
This above is only slightly different for Linux - but I think you get the picture.
Sure. I know the SDK && NDK are written for MS-DOS & Co.
But what's that got to do with writing a "rooted" ROM to the EVO?
Because Windows users use the EVO too?
Sorry, but what am I missing here? Would love to start writing a self-made ROM to my new EVO. In fact I've already nearly finished a compilation that features an almost indistinguishable OS X. But hate to move any farther forward w/o clearing this "nit" I have with writing to the EVO.
Thank you for all your time and consideration.
--Chris
I don't understand your question. Can you clarify, and I'm sure someone will be glad to help if possible.
You can download Windows, Mac, and Linux versions of the SDK & NDK, so I'm not sure why you think they are Windows specific. (Many, if not most, ROM devs use Ubuntu since compiling AOSP & kernel source works well on it.)
If there is some part of the rooting process for the EVO that requires Windows, then that might be better directed to the EVO specific forums. I have helped to root one EVO myself, and it was done from a Mac. Things may have changed though.
Hello gnarlyc, and thank you for your reply.
gnarlyc said:
I don't understand your question. Can you clarify, and I'm sure someone will be glad to help if possible.
Click to expand...
Click to collapse
OK fair enough. I'll try to be more concise.
Currently, it is my understanding, that to "get root" on the EVO. One must download the SDK && NDK. Then use the tools provided there-in to "get root".
Yes, I am aware that you also need some of the wonderful utilities provided by the "dev's" here at XDA.
But I wonder why it wouldn't be simpler to mount(8) ( http ://internethell.net/man/?query=mount ) the EVO (rom & sdcard), and simply write the custom ROM "raw" right to the EVO's live rom.
eg; on a *NIX boxen
Code:
# su
password
# mkdir /evoandroid
# mount /dev/evo-device /evoandroid
# dd if=./custom-rom.img of=/evoandroid
see: http ://internethell.net/man/?query=dd
Done. That was easy, wasn't it.
gnarlyc said:
You can download Windows, Mac, and Linux versions of the SDK & NDK, so I'm not sure why you think they are Windows specific. (Many, if not most, ROM devs use Ubuntu since compiling AOSP & kernel source works well on it.)
Click to expand...
Click to collapse
I was aware of the source being *NIX. But when I went to HTC, they presented me with only the Windows version. Perhaps, they felt I was on Windows, based on some browser "sniffing" thing. Dunno. I don't have Windows on anything. But occasionally on one of my BSD servers, I'll mount it in a Virtualbox VM.
Thanks for your info here. I'll go back and get the Mac version. I don't suppose it supports Apple Macs?
gnarlyc said:
If there is some part of the rooting process for the EVO that requires Windows,
Click to expand...
Click to collapse
See above.
gnarlyc said:
then that might be better directed to the EVO specific forums.
Click to expand...
Click to collapse
Couldn't find the HTC-EVO phone as a separate forum - like the other EVO's.
gnarlyc said:
I have helped to root one EVO myself, and it was done from a Mac. Things may have changed though.
Click to expand...
Click to collapse
I don't feel I'd have any trouble "rooting" it. I just felt that all of the "tut's" I've found here were un-necessarily complicated - overly complex. So I'm wondering why my example above wouldn't work.
Thank you again gnarlyc, for your thoughtful response.
--Chris
CTH-EVO said:
Hello gnarlyc, and thank you for your reply.
OK fair enough. I'll try to be more concise.
Currently, it is my understanding, that to "get root" on the EVO. One must download the SDK && NDK. Then use the tools provided there-in to "get root".
Yes, I am aware that you also need some of the wonderful utilities provided by the "dev's" here at XDA.
But I wonder why it wouldn't be simpler to mount(8) ( http ://internethell.net/man/?query=mount ) the EVO (rom & sdcard), and simply write the custom ROM "raw" right to the EVO's live rom.
eg; on a *NIX boxen
Code:
# su
password
# mkdir /evoandroid
# mount /dev/evo-device /evoandroid
# dd if=./custom-rom.img of=/evoandroid
see: http ://internethell.net/man/?query=dd
Done. That was easy, wasn't it.
I was aware of the source being *NIX. But when I went to HTC, they presented me with only the Windows version. Perhaps, they felt I was on Windows, based on some browser "sniffing" thing. Dunno. I don't have Windows on anything. But occasionally on one of my BSD servers, I'll mount it in a Virtualbox VM.
Thanks for your info here. I'll go back and get the Mac version. I don't suppose it supports Apple Macs?
See above.
Couldn't find the HTC-EVO phone as a separate forum - like the other EVO's.
I don't feel I'd have any trouble "rooting" it. I just felt that all of the "tut's" I've found here were un-necessarily complicated - overly complex. So I'm wondering why my example above wouldn't work.
Thank you again gnarlyc, for your thoughtful response.
--Chris
Click to expand...
Click to collapse
Ok, I think I get you now. I don't think this will work though. The running image is on an internal partition. Maybe you can mount that? I don't think so though. It doesn't seem to me that mounting the sdcard will get you anywhere. So many 'impossible' things have already been done with Android, so I wouldn't count you out completely.
http://android-dls.com/wiki/index.php?title=HOWTO:_Unpack,_Edit,_and_Re-Pack_Boot_Images
Kernel source for HTC phones - http://developer.htc.com/
Android Open Source Project source - http://source.android.com/source/download.html
Android SDK - http://developer.android.com/sdk/index.html
Android NDK - http://developer.android.com/sdk/ndk/index.html
I recommend this script for grabbing AOSP source on Debian/Ubuntu - http://blog.coralic.nl/2010/01/28/build-eclair-aka-android-2-1-for-hero-from-source/
You can change 'eclair' to 'froyo' for Android 2.2 source. It's good to look at this even if you don't use a Debian based distro, although it's mostly the same stuff that's on Google's site.
EVO forum - http://forum.xda-developers.com/forumdisplay.php?f=653
I don't think there's more than one EVO, but maybe I'm wrong. The internal name is 'Supersonic', btw. You might see that in places.
Won't this root method work? - http://forum.xda-developers.com/showthread.php?t=787304
Some other light reading -
http://android-dls.com/wiki/index.php?title=HOWTO:_Unpack,_Edit,_and_Re-Pack_Boot_Images
http://forum.androidcentral.com/hacking/6037-general-rom-faq.html
http://forum.xda-developers.com/showthread.php?t=633246
http://blog.coralic.nl/2010/01/28/build-eclair-aka-android-2-1-for-hero-from-source/
http://forum.xda-developers.com/showthread.php?t=622916
http://forum.androidcentral.com/htc...how-build-your-own-kernel-package-source.html
http://forum.xda-developers.com/showpost.php?p=6738713&postcount=1
http://www.kandroid.org/android_pdk/index.html
http://android-dls.com/wiki/index.php?title=Main_Page
https://docs.google.com/Doc?docid=0AcdxIJRSH9ypZGZzc2pxNDlfMjdnazk4OHNxZA&hl=en
http://forum.xda-developers.com/showthread.php?t=641223
http://adrianvintu.com/blogengine/post/Colored-Logcat-Script-for-Windows.aspx
http://www.androidenea.com/2009/08/init-process-and-initrc.html
http://forum.xda-developers.com/showthread.php?t=623976
http://lukasz.szmit.eu/2009/12/making-your-own-rooted-android-rom.html
http://androidguts.com/index.php/Main_Page
http://groups.google.com/group/android-kernel
http://groups.google.com/group/android-building
http://groups.google.com/group/android-porting
http://groups.google.com/group/android-developers
http://groups.google.com/group/android-ndk
http://groups.google.com/group/android-platform
Greetings gnarlyc.
Let me first preface this by saying how grateful I am for all the time and effort you put into your last reply - WOW.
I don't want to sound argumentative. But just for the record, when I plug my EVO into one of my BSD servers, it immediately sees both the running system, and the sdcard. While I haven't yet attempted to mount the live system. I will endeavor to do so when I can determine what state I need to have the phone in to safely mount it. I'll report back to you with my results.
I have a strong suspicion I'll be posting a "one step to root and ROM" here within a week. That should help a lot of folks out.
I primarily develop in, and on the BSD family of operating systems. But given the Linux ABI support on BSD, I've made my development workstation dual-boot BSD/Fedora 13. But given the workstation is an AMD X4 six-core 4Ghz
board. I've decided to cobble up a copy of OS X (Apple CPU) to install on it as well - see; triple-boot. I'm just about to install it in the next couple of days. But thought I'd take a break on that development, and play with my new toy.
I should also have a copy of OS X for the EVO before long. Think anyone would be interested?
Well, I may not be new to development, but this EVO is new territory for me. So I'd do well to take advantage of the wealth of information you've thoughtfully provided me.
Best wishes to you gnarlyc, and thanks again.
--Chris
CTH-EVO said:
Greetings gnarlyc.
Let me first preface this by saying how grateful I am for all the time and effort you put into your last reply - WOW.
I don't want to sound argumentative. But just for the record, when I plug my EVO into one of my BSD servers, it immediately sees both the running system, and the sdcard. While I haven't yet attempted to mount the live system. I will endeavor to do so when I can determine what state I need to have the phone in to safely mount it. I'll report back to you with my results.
I have a strong suspicion I'll be posting a "one step to root and ROM" here within a week. That should help a lot of folks out.
I primarily develop in, and on the BSD family of operating systems. But given the Linux ABI support on BSD, I've made my development workstation dual-boot BSD/Fedora 13. But given the workstation is an AMD X4 six-core 4Ghz
board. I've decided to cobble up a copy of OS X (Apple CPU) to install on it as well - see; triple-boot. I'm just about to install it in the next couple of days. But thought I'd take a break on that development, and play with my new toy.
I should also have a copy of OS X for the EVO before long. Think anyone would be interested?
Well, I may not be new to development, but this EVO is new territory for me. So I'd do well to take advantage of the wealth of information you've thoughtfully provided me.
Best wishes to you gnarlyc, and thanks again.
--Chris
Click to expand...
Click to collapse
No problem. I'm wrong at least once per day, but that's ok as long as I realize it and learn from it. I hope you are able to work it out.
I've seen 'rooting' of the Eris go from installing a leaked ROM to doing some crazy timing with pulling out the sdcard (or something like that) to a 1-click app that's on the market. Some really determined, knowledgeable, and intelligent people have put a lot of time into making these things easier and better. Welcome to the community!
A copy of OS X for the EVO? Do you mean running on the EVO? If so, then I'm sure people would be interested from a purely geeky perspective. There are several phones out there with the option to install Ubuntu and/or Debian on them. They don't seem to be of practical use yet. Can you cross-compile Darwin for arm CPUs? Maybe I'm confused here... My knowledge of such things only runs so deep.
(Side note - I keep those links in a text file just for such occasions. I don't see why everyone should have to spend their time searching for the sites that I already know about.)
gnarlyc said:
No problem. I'm wrong at least once per day, but that's ok as long as I realize it and learn from it. I hope you are able to work it out.
I've seen 'rooting' of the Eris go from installing a leaked ROM to doing some crazy timing with pulling out the sdcard (or something like that) to a 1-click app that's on the market. Some really determined, knowledgeable, and intelligent people have put a lot of time into making these things easier and better. Welcome to the community!
A copy of OS X for the EVO? Do you mean running on the EVO? If so, then I'm sure people would be interested from a purely geeky perspective.
Click to expand...
Click to collapse
Yes, and no. The "apps" and android are made with Java - something Oracle is currently sueing Google for as I speak (Google clams "clean-room" in-house Java, Oracle claims otherwise). So for all practical purposes, there is no reason that those same "apps" found on the phones, and in the "market" can't be made to run on OS X. In fact, it opens the doors to additional "apps" that otherwise wouldn't be possible - iTunes, for example.
gnarlyc said:
There are several phones out there with the option to install Ubuntu and/or Debian on them. They don't seem to be of practical use yet. Can you cross-compile Darwin for arm CPUs?
Click to expand...
Click to collapse
Glad you asked. BSD (which is what "hosts" NeXT/Darwin) has no problems with ARM, and I'm confident that I can manipulate Darwin to work on Snapdragon.
gnarlyc said:
Maybe I'm confused here... My knowledge of such things only runs so deep.
(Side note - I keep those links in a text file just for such occasions. I don't see why everyone should have to spend their time searching for the sites that I already know about.)
Click to expand...
Click to collapse
I'm really glad you do - it really helped me a lot not having to weed all these "jewls" out. Thank you very much for sharing them with me, I appreciate it!
Best wishes to you gnarlyc, and have a wonderful day.
--Chris
Are they doing something similar to what you are talking about?
http://forum.xda-developers.com/showthread.php?t=788554
gnarlyc said:
Are they doing something similar to what you are talking about?
http://forum.xda-developers.com/showthread.php?t=788554
Click to expand...
Click to collapse
Thanks for the link gnarlyc.
I thought about something similar to this when I first thought about "rooting" the phone; making a system folder on the sdcard, then "soft linking" it to /system.
Problem being, the performance hit using the sdcard for system related tasks made this option undesirable.
Thanks again for sharing the link, gnarlyc.
OH, one thing though, my phone is not linked to google. I have no google account(s). I activated this phone in "developer mode". Meaning that there is no personal info to worry about "attached" to this phone. Making it an ideal candidate for creating a bone-stock ROM for recovery/hacking purposes. I don't suppose you can direct me to "cloning" this phone. So that I might share this w/others as a ROM suitable for un-bricking their phone, could you?
HTC-EVO (supersonic) s/w# 3.26.651.6, baseband# 2.15.00.07.28, PRI version 1.71_003, andriod 2.2
Thanks again.
--Chris
Can I ask, what do you mean by "big brother (Google) is watching"?
CTH-EVO said:
Thanks for the link gnarlyc.
I thought about something similar to this when I first thought about "rooting" the phone; making a system folder on the sdcard, then "soft linking" it to /system.
Problem being, the performance hit using the sdcard for system related tasks made this option undesirable.
Thanks again for sharing the link, gnarlyc.
OH, one thing though, my phone is not linked to google. I have no google account(s). I activated this phone in "developer mode". Meaning that there is no personal info to worry about "attached" to this phone. Making it an ideal candidate for creating a bone-stock ROM for recovery/hacking purposes. I don't suppose you can direct me to "cloning" this phone. So that I might share this w/others as a ROM suitable for un-bricking their phone, could you?
HTC-EVO (supersonic) s/w# 3.26.651.6, baseband# 2.15.00.07.28, PRI version 1.71_003, andriod 2.2
Thanks again.
--Chris
Click to expand...
Click to collapse
If you have a custom recovery partition like Amon_Ra's, you can do a NAND backup to the sdcard. It's basically a snapshot of the currently flashed ROM. That should work just fine. NAND's can be manipulated in dsixda's kitchen (although I haven't tried it, the option is there and dsixda has things together pretty well) and I THINK you should be able to copy one from one EVO to another and do a restore.
A side note... Generally when people create the ROMs that are out there, they do not include the directories under /data that might have personal info, so you can actually create a bone-stock ROM like you want without using a phone in such a state as yours. I've flashed a lot of different ROMs, and I'm pretty sure that none of them had identifying information about the dev unless they purposely did something like put their name in the build.prop or the wallpaper. Generally, if they include a /data, it's just for /data/app, although there are exceptions like when they want to change a database or something else that might be under /data.
As far as I know, your phone won't be linked to Google until you sign in with the Google account. I've gone several days on a fresh ROM without setting that up. Eventually, I find I want to install something from the Market, so I go ahead and sign in...
MaybachMan said:
Can I ask, what do you mean by "big brother (Google) is watching"?
Click to expand...
Click to collapse
Greetings MaybachMan.
Yes. Of course you may.
What I mean by that, is that is that Google monitors your activity. To what extent,
all depends on what applications you use, and to what extent you have a relation
with Google - Gmail, Google search, or any other Google application/account you
have with Google. Myself, on the other hand, I activated my EVO in "developer" mode.
I have no Gmail account, or any other relationship/account with Google.
Google needs your data. Google is a "data miner" that's what Google does.
I don't have a problem with their chosen line of business. I simply choose not to be
part of the data they "mine" - to the extent I am able.
Meaning in the context of my OP; I want to remove most (if not all) of the Google apps
on my EVO - including the Market app.
I hope I have cleared things up for you, MaybachMan.
Thanks for your reply.
--Chris
gnarlyc said:
If you have a custom recovery partition like Amon_Ra's, you can do a NAND backup to the sdcard. It's basically a snapshot of the currently flashed ROM. That should work just fine. NAND's can be manipulated in dsixda's kitchen (although I haven't tried it, the option is there and dsixda has things together pretty well) and I THINK you should be able to copy one from one EVO to another and do a restore.
A side note... Generally when people create the ROMs that are out there, they do not include the directories under /data that might have personal info, so you can actually create a bone-stock ROM like you want without using a phone in such a state as yours. I've flashed a lot of different ROMs, and I'm pretty sure that none of them had identifying information about the dev unless they purposely did something like put their name in the build.prop or the wallpaper. Generally, if they include a /data, it's just for /data/app, although there are exceptions like when they want to change a database or something else that might be under /data.
As far as I know, your phone won't be linked to Google until you sign in with the Google account. I've gone several days on a fresh ROM without setting that up. Eventually, I find I want to install something from the Market, so I go ahead and sign in...
Click to expand...
Click to collapse
Thank you gnarlyc! You're a "pillar of wisdom" where these phones are concerned.
I really appreciate your sharing it with me.
Best wishes, and thanks again gnarlyc.
--Chris
CTH-EVO said:
Thank you gnarlyc! You're a "pillar of wisdom" where these phones are concerned.
I really appreciate your sharing it with me.
Best wishes, and thanks again gnarlyc.
--Chris
Click to expand...
Click to collapse
Well, thank you. At least one of the voices tells me that's why I'm here. I'm still learning, and I find it easier to pass on what I learn if I learned it recently. Since I just got this phone in March, nearly everything I know about it is pretty fresh!
In addition the "big brother" post. The book 1984 I believe is where it comes from. The author is George Orwell and usually this book refers to things in society today as an Orwellian society. It's a really great book anyone who has spare time should really check it out if they like conspiracies, apocalyptic scenarios etc.
@CTH-EVO - I understand having a little linux background myself why you feel the way you do that you could just dd a raw image to the phone but there are a few issues with that, that I would like to clarify with you.
It's not entirely impossible. We have seen that around here many times.
However....
1. To clarify, Android is NOT general linux in the form you think of it. It's definitely HAS a beautiful open source twin sister (AOSP) but HTC's version of sense is locked down, restricted, and tight. But there are other reasons why..
2. The boot process... By default you can't mount the system directory to be writable, only readable which wouldn't make a hill a beans difference if you try to use dd. It would just produce error:unwritable.
To iterate further into this subject though, there is also the boot process and the partitions that go with that. Let me go ahead and get the boot process out of the way first:
**Generic Boot Process**
1.SelfCheck
2.Radio
3.S-on/S-off (developer mode only)
4.Recovery (if installed)
5.Rom
By default when the system boots it is directed specifically from the radio (unless s-on is installed) to the system partition, which by default the system partition locks any root needed functions out (including writablility from external sources).
One other thing of note, the phone more than welcomes ANY linux o.s. to see the internal phone storage, just that you can't write to it unless you have root.
However I also would like to inform you that there are universal root programs getting easier and easier these days to use so you don't have to download all this and that, and most phones now you don't even have to have a computer to root it.
Here's what is involved in the rooting process:
1. Exploit code to inject code for root access (done from shell of phone)
2. root files (permissions program, etc)
3. recovery flash. (flashed to it's own 'sub' partition)
Actually come to think of it you used to have to boot into recovery to root (well.. not really a recovery but the stock wiping/reset program) And you could possibly get dd to flash the system from there, but the real issue here is just not bricking the device.
The device itself is of course just one memory bank partitioned into different places. If you use dd to flash a raw image to the rom, it would wipe out EVERYTHING would it not? And not JUST the regular rom partitions? This would be sweet if you can set up an entire phone's system including bootstrap, radio, and recovery (effectively unbricking probably 3/4 the bricked phones out there right now) but if it's unsuccessful, or unfinished then would it not brick it entirely?
Hope this helps you out!
Okay, what one-click root method, if any, can be applied after the latest OTA update (1.70.605.0)? I just bought the phone already updated, and I cannot find if there is one compatible. I'm to much of a noob to root without one click, so don't send me in that direction please! Any help is appreciated, Nick
Easyroot is about as close as you're going to get to a one-click for the Thunderbolt.
It should still work fine after the latest OTA.
Easyroot: http://forum.xda-developers.com/showthread.php?t=1005292
Instructions: http://forum.xda-developers.com/attachment.php?attachmentid=552281&d=1301123842
Has this worked for you with the Thunderbolt ?
Or you could just go to http://revolutionary.io Those easy root scripts are notoriously unreliable. I would also recommend getting ADB up and running and learn to use it and fastboot as well. They can be life savers when you get in trouble.
Sent from my HTC Thunderbolt
Yea, I saw Rev had another update for Tbolt yesterday so maybe it will work nicely for you.
Seriously though...if you're looking at Easyroot vs Manual method....learn from other panicking users and go the Manual route.
http://forum.xda-developers.com/showthread.php?t=996616
Absolute_Zero said:
Yea, I saw Rev had another update for Tbolt yesterday so maybe it will work nicely for you.
Seriously though...if you're looking at Easyroot vs Manual method....learn from other panicking users and go the Manual route.
http://forum.xda-developers.com/showthread.php?t=996616
Click to expand...
Click to collapse
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
No. That isn't accurate by any stretch of the imagination. It's more accurate to say if you want to use Windows, you should learn something about command line DOS. You absolutely SHOULD and I'm fairly certain most devs would agree. Please don't advocate ignorance.
I'm disappointed by the OP's flat rejection of obtaining new skills to perform a somewhat technical task and I think we, as a community, should not support that attitude, but rather foster an environment of support and encouragement towards increasing knowledge and experience.
Furthermore, the Revolution and AlphaRevX sites are still down which means obtaining a beta key to use their tools will not be possible. When these or other resources become reliable in the eyes of their creators as alternatives to the jcase method, and I have time to evaluate them, I will be adding them to my thread stickied at the top of this Q&A section. Until then, if your concern is to backup data before a manual root, then I'd suggest TwistedUmbrella's tools to perform that task.
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
While the comparison of learning C++ to typing (or copy/pasting) ADB commands that are listed verbatim in procedural order for you is a spot on* comparison, I will also have to disagree.
The problem is that when these scripts error/do not work (and they do quite often) the user has no idea whatsoever the step that caused the error. I'm going to have to say that the majority of users on here (along with a large number of users that panicked when the auto rooting scripts screwed up) will agree that the manual method is the way to go. Not only does it help you troubleshoot if something didn't work and therefore get help faster (b/c you know what command errored) but the failure rate is much lower to begin with. The manual method is actually very quick and painless (as many users have noticed after trying the auto scripts). Maybe it's just people's avoidance of anything that says "manual".
I suppose I (along with a majority of users here) will have to agree to disagree with you.
*read "not even remotely reasonable"
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
C++ is much harder to learn than adb (and perhaps one of the harder languages period to master due to the leadway it gives a user to screw things up). C++ you actually learn something useful. I dont think anyone will hire you because of your 1337 adb copy/paste skills alone
Overall I'd say that was a metaphor fail. I'd say learning to use adb is more like learning to use cmd.exe. Mostly useless unless you really really really need to do something out of the ordinary.
*full disclosure: i hate cmd.exe and use cygwin when on windows
RunNgun42 said:
Disagree. I looked at the manual vs easyroot method, and if your goal is to just flash custom roms, then theres nothing useful about learning ADB and what any of it means/does. Thats like saying to use windows you should learn C++.
Click to expand...
Click to collapse
So while your flashing those ROMS you end up with a bad flash and bad luck loving to come all at once your recovery gets corrupt as well. On top of that you don't have any recent backups for apps or a nandroid. Now the link to the bootloader flashable recovery is down. So now what?
Not the most likely scenario but still very possible. I guarantee when someone says "oh that's easy just fastboot a recovery on" your going to be wishing you had learned how to fix your phone before you messed it up.
Sent from my HTC Thunderbolt
JBO1018 said:
So while your flashing those ROMS you end up with a bad flash and bad luck loving to come all at once your recovery gets corrupt as well. On top of that you don't have any recent backups for apps or a nandroid. Now the link to the bootloader flashable recovery is down. So now what?
Not the most likely scenario but still very possible. I guarantee when someone says "oh that's easy just fastboot a recovery on" your going to be wishing you had learned how to fix your phone before you messed it up.
Sent from my HTC Thunderbolt
Click to expand...
Click to collapse
Sure you could end up with a bad flash as a result of improper script. But if you were just copy/pasting command lines then you still dont know wtf to do, so what difference does it make? In fact, since all of you are advocating just copy/pasting one line at a time, exactly what the hell are you learning from this process? You still have no idea what any of the commands mean or what they're doing, you're just taking 10x as long to do what a batch file does for you.
Because if you copy and paste the commands one by one and you run into a problem at least you know what step it happened on. So now when you go asking for help you can provide some useful information to those trying to help you.
Revolutionary makes all that moot in a way. The fact remains however you can still very easily end up in a situation where you need to fastboot a recovery on. So having ADB and fastboot installed and working plus knowing how to use them are definitely things EVERYONE who is rooted SHOULD know.
Sent from my HTC Thunderbolt
I also just found another damn good reason to know how to use ADB and fastboot. Until Alpharev and Unrevoked release an s-on tool the ONLY way, I'm fairly certain, to get back to stock s-on after using Revolutionary or the hard patched hboot is with fastboot and a special command.
Sent from my HTC Thunderbolt
loonatik78 said:
..the Revolution and AlphaRevX sites are still down which means obtaining a beta key to use their tools will not be possible. When these or other resources become reliable in the eyes of their creators as alternatives to the jcase method, and I have time to evaluate them, I will be adding them to my thread stickied at the top of this Q&A section.
Click to expand...
Click to collapse
Hmm.. pardon my confusion, but I just came back from a jcase thread on how to root and in red letters, it says NOT to use that method anymore.. that it was outdated. But if the Revolution and AlphaRevX methods are not available then the jcase method is really the only option.
I am all for learning how to do this. I never was a monkey at a keyboard that just followed a flow chart to solve a problem, I want to know what I am doing. But while I am still reading and learning, it would be helpful to know what I am reading is correct, up to date, and not out of date as I am no expert at rooting yet. Maybe a different disclaimer on that post is in order?
Hot Carl said:
Hmm.. pardon my confusion, but I just came back from a jcase thread on how to root and in red letters, it says NOT to use that method anymore.. that it was outdated. But if the Revolution and AlphaRevX methods are not available then the jcase method is really the only option.
I am all for learning how to do this. I never was a monkey at a keyboard that just followed a flow chart to solve a problem, I want to know what I am doing. But while I am still reading and learning, it would be helpful to know what I am reading is correct, up to date, and not out of date as I am no expert at rooting yet. Maybe a different disclaimer on that post is in order?
Click to expand...
Click to collapse
I believe he meant the rest of the post was outdated and to use revolutionary.io as of August 14th.
The old method will still work. It just does not give you the opportunity to save your apps and data like revo will.
>>>> 22Jan2012: linboothkvc v1.0 source released in my linboothkvc thread. It works successfully on Omap3 and Omap4 based devices including NookTab. And with minimal changes/love can work with any rooted arm based linux device <<<<
>>>> 17Jan2012: Kernel module SUCCEEDS on NookTab to reboot into NIRVANA - NO NEED to BREAK the default SECURE BOOT CHAIN and NOTE THAT EVEN THIS CAN WORK ON ANY ROOTED DEVICE and not just NT, with minimal love so ENJOY <<<<
>>>> 16Jan2012: My kernel module based path (linboothkvc) to running custom kernels and roms is almost done, except for a __small part__ to get it running on NT now - IF ONLY PEOPLE HAD WAITED ...., we could have reaped the potential benefit in future, Why not !!!! why not ....WHY NOT !?!?. NOTE that it can allow one to run custom kernel/roms WITH OUT MODIFYING ANY CRITICAL PARTITIONS provided one sets it up properly/appropriately. Source for beta version available in my linboothkvc thread, for the interested developers/experimenters for now ... <<<<
>>>> I may not respond to the posts on this thread currently, because I am trying to get a alternate option called linboothkvc using kernel modules up and running (which will occupy my free time), which AVOIDS the NEED for this flaw in the first place for most of the people out there (i.e Custom ROMS with different kernels). However over the weekends, I will go thro all the posts on this thread <<<<
>>>> 14Jan2012: Initial pre-alpha version of kernel module path based source code uploaded to my linboothkvc thread for those still interested to experiment
http://forum.xda-developers.com/showthread.php?t=1427610
<<<<
Hi All,
If you have been following my posts over the last few days
NOTE: To people frustrated with UART requirement - I understand the restrictions of UART access, but a lot of ROMS can be done with 2ndihkvc or equivalent methods and with out needing a Custom kernel. If someone is talking about Custom/New kernel for Android 4.0 (ICS). Then do note my statement (in NOP BYPASS thread) on POWER of KERNEL MODULES in Linux, IT CAN BE USED TO ACHIEVE what you want to achieve, only that it requires bit more effort, which I or some one else has not put currently... thats all. AND THAT By holding off now, we can _potentially_(Risk is always there) reap the benifit with next years NEXT GEN Nook Tab+ or what ever they call it.
a) I have implemented 2ndihkvc, which follows the same fundamental concept as 2nd-init, but achieves it in a simpler way (Needed because some of the calls used in original 2nd-init doesn't work on NookTab, or have unnecessary dependencies (in this given context, otherwise they are good in them selves) which can be avoided with my simpler method)
b) I have provided the NOP Bypass method of running a modified Ramdisk and also 90% a modified kernel, provided UART access is there.
c) There is still the power of linux KERNEL MODULES to EXPLOIT. (Haven't had time on that yet).
If you ask me, this should cover all category of people. Be it people who want to run custom Roms, or people who want to experiment with Kernel and or other low level stuff for the fun of it.
There is a 4th method which will allow one to achieve (b) above with out requiring UART access or even uSD (potentially . If one reads between the lines from all my posts till date, the answer is hidden in there. Only that I haven't spelt it out directly or in the face. The reason is because It is a fundament flaw (rather there are potentially two at two different levels - one relatively simple and one relatively bit more involved - One I know for sure, another I have to dig bit more) in the way things are done currently in the secure boot chain on this device as well as potentially other devices with same or similar SOC (and or different SOC but with similar boot chain s/w components.
SHOULD WE BE WASTING i.e providing a solution which uses it, when there is already 2ndihkvc and NOP Bypass over UART and also the Linux KERNLE MODULE ROUTE to cater to most peoples needs.
Because if we do, then even the Device manufacturers and their partners will come to know about it and can easily fix it in their Newer/NextGen devices. While if we withhold it for now, we may be able to get access to it on their Next generation Devices with hopefully Arm A15 core or .... (NOTE: Depending on the boot sequence ROOT access may or may not be required for this).
The reason I am asking now is because, few people are asking my help on certain things and the reality is I know that the concept for which they want my inputs/guidance, can be applied at a more fundamental level here (or even at the same level), but that I have not ventured into it because of my delimma above.
NOTE: People who wanted my inputs/guidance wrt uSD, you all know who you are, I know the flaw to achieve what you want to achieve, but it is more powerful than what you all are currently thinking of doing/ ristricting yourselves to (You all have one input/... in there wrt devices . Unless let me think thro further and see if something can be done differently, with out exposing the flaw I have in mind to help you achieve what you want, otherwise i.e if there is nothing else I can come up with, and in turn if you people experiment further and are able to come up with the solution on your own, I would suggest that hold off on it for few days, think thro all the implications keeping what I have mentioned in this thread, and then take a call one way or the other.
Please provide your thoughts on this after thinking thro the options already available on NookTab (root access, kernel modules, UART UBoot access and inturn 2ndihkvc and NOP Bypass or equivalents)
Based on all the feedbacks as well as bit more thinking from my side, I will take a call on this.
Forum moderators I know this is the development portion of the forum, but I wanted feedback from Developers also that is the reason why I have posted here. But beyond that I leave it to you, whether you want this to continue here or move it out.
UART access is not sufficient, as it is required during every reboot of the device if we wanted to have a custom kernel and ROM. This is simply an unacceptable state of affairs. (Say, my tablet turns off while on holiday, or at the airport. What then am I to do? Let is sit and wait off until I can get back home to my UART equipment in order to reboot?
The idea that the UART work around is sufficient is a nice one, however it is wrong.
---
Oh also, it's just a matter of time before they patch the u-boot in the Nook Tablet anyways... so it's not like this UART method is going to stick around forever anyways.
cfoesch said:
UART access is not sufficient, as it is required during every reboot of the device if we wanted to have a custom kernel and ROM. This is simply an unacceptable state of affairs. (Say, my tablet turns off while on holiday, or at the airport. What then am I to do? Let is sit and wait off until I can get back home to my UART equipment in order to reboot?
The idea that the UART work around is sufficient is a nice one, however it is wrong.
---
Oh also, it's just a matter of time before they patch the u-boot in the Nook Tablet anyways... so it's not like this UART method is going to stick around forever anyways.
Click to expand...
Click to collapse
Hi
I understand the restrictions of UART access, but a lot of ROMS can be done with 2ndihkvc or equivalent methods and with out needing a Custom kernel. If someone is talking about Custom/New kernel for Android 4.0 (ICS). Then note my statement (in NOP BYPASS thread) on POWER of KERNEL MODULES in Linux, IT CAN BE USED TO ACHIEVE what you want to achieve, only that it requires bit more effort, which I or some one else has not put currently... thats all.
By holding off now, we can potentially reap the benifit with next years Nook Tab+ or what ever they call it.
Im not a Developer but I've got a few questions. NOP requires to open up your device, so I think probably 95% won't open their device for ICS and I think since the device had a dual core CPU we should get ICS roms. Now my actual question how does your 2init work or how do you install it on our device? But great work so far keep on.
Sent from my SGH-T989
Just out the flaw now. Someone else might reveal it and you won't get the credit.
Don't you want a Wikipedia entry saying that you found this flaw? lol.
PM me about the flaw, I'll see if we should have it outed yet or not (sorry guys, but if it's a decent exploitable flaw and we have other methods, I'm pretty sure I'm with hkvc on it.)
xdahgary said:
Just out the flaw now. Someone else might reveal it and you won't get the credit.
Don't you want a Wikipedia entry saying that you found this flaw? lol.
Click to expand...
Click to collapse
Not worried for 2 reasons,
a) It doesn't bother if my name comes or not. I am exploring just for the fun of exploring.
AND MORE IMPORTANTLY,
b) Actually I have already revealed the flaw in my NOP Bypass thread, indirectly, if only, one reads carefully all my lines as well as between them. Only that I have just replaced one or two of the steps with a different steps thats all for now.
If someone else find the same flaw, he will realise the same, if he reads my posts once again with his new knowledge.
What an awesome idea, we can have a root for the Nook Tablet+ or whatever else in a years time!
...
So, um... what do I do now with my Nook Tablet? It's a piece of garbage now, I guess, so, I'll just return it since it's still within the Holiday return period? I suppose I'll just have to wait for the Nook Tablet+ to have a custom ROM running on my Nook... ("But you can UART hack it!" ... *sigh* I've already explain that that is not sufficient. The UART hack is a stop gap, and should only be stopped at if that is the absolute only option available.)
And I mean no disrespect to xIndirect, but why should he be the lone gatekeeper of what exploits and hacks are out there for the Nook Tablet? I would rather see this exploit before making a decision as well, but I don't think it fair that someone should have privileged access to the exploit. Either release it to everyone or DON'T SAY ANYTHING IN THE FIRST PLACE.
cfoesch, I have no plans to be using the exploit shown for myself. I am not going to be the "lone gatekeeper" I just want to know what it is before I give my full opinion. Chill.
Motorola Defy was locked bootloader too, may be to try and run port Defy bootmenu for Nook Tablet?
source: github.com/CyanogenDefy/android_external_bootmenu
Indirect said:
cfoesch, I have no plans to be using the exploit shown for myself. I am not going to be the "lone gatekeeper" I just want to know what it is before I give my full opinion. Chill.
Click to expand...
Click to collapse
If you buy a plot of land and the seller has accidentally left seeds there and isn't coming back for them, do you grow a garden on your current plot of land, or do you decide not to plant them and hope that the next time you buy a plot of land they might forget some seeds again?
I would rather tend the garden I own than hope for a better plot of land with seeds I may never have.
Cheers!
-M
XDA member since 2007
Sorry if my post is offtopic, I just want to help with development.
My SE Xperia x10 came worh a locked bootloader and devs figured out how to make a bootable recovery (xrecovery) based on CWM, may be with an adaptation for the NT we can get the world of custom roms, even with locked bootloader this crappy phone got cuatom kernels by bypassing the bootloader, hope this give little ligth to you guys the real Developers.
If this post is garbage mods please delate it.
Sent from my BNTV250 using xda premium
Hello, I beleive if there is a software way to get ICS + maybe overclocking it should be tried first as this IS what most people are waiting for. That's the big dream they got. If someone knows how to implement that, then please by all means do so ..
P.S. you said so much where to look for the flaw in your posts that if I was a programmer from B&N I'd know where to look like everybody else. Assuming they are not complete morons they can already figure it out too. Can they plug the hole or not? Is it oversight or permanent design flaw ? We'll see. Best way to keep a secret is to " keep it secret " , ie not talk about it at all. Especially if soft mod ICS, hw acceleration and overclocking already available.
Sent from my LG-P500 using Much Love
First of all hkvc +1 for your efforts.
I voted yes, the NT developers can read between the lines in your posts as well.
Whats life without risks once in a while
Hi All,
I understand very well that even BN devs will be looking and potentially can figure out and fix it. That is the risk, but at one level I don't mind taking the risk and see if it works out to my/our advantage (i.e the bug being still open in a new device (From BN or any other Vendor)) or disadvantage(the bug is either way fixed).
Also the flaw can affect ANY DEVICE (Not just NOOK TAB) using similar secure boot chain not just NookTab, that is also one reason why I am bit wary of releasing the info or a implementation which uses it just like that.
I will share my finding with few people on the forum/outside in few days time so that even If I loose interest in this, there will be few people with the required knowledge (i.e if they haven't already figured out on their own by then (and released something or not ...)).
Also I haven't taken a final call on this yet. I am in a delima, so getting all your opinions also before I decide.
Time permitting I will also attack/explore the KERNEL MODULE PATH in a few days time, so that people don't have to depend on this flaw in the first place, but use the wonderful world of Linux Kernel Modules to achieve what they want.
LexS007 said:
Motorola Defy was locked bootloader too, may be to try and run port Defy bootmenu for Nook Tablet?
source: github.com/CyanogenDefy/android_external_bootmenu
Click to expand...
Click to collapse
Hi,
With my modified 2nd-init (2ndihkvc), you can run bootmenu or any other user space mechanisms already on NookTab
absolutely YES, we r all xdaers, right hehehe. Thanks all devs especially hkvc for the efforts
hkvc said:
Hi,
With my modified 2nd-init (2ndihkvc), you can run bootmenu or any other user space mechanisms already on NookTab
Click to expand...
Click to collapse
It's very good. Thanks!!!
First off, not a dev but read religiously.
2nd, release it if the people who would take advantage of it agree. The rest of us say "great,woohoo!" But I must admit, I can't take advantage of it. But I certainly don't want to make a hardware uart to boot custom roms.
That being said, if its more complicated to install with a different method, that's fine. As long as it doesn't include a soldering iron.
But if it were easier to make a custom rom, or open up more capabilities of the kernal or whathaveyou, well that would attract more developers to make roms, etc. and so on and so forth.
Btw. Yes, exploit may exist if outedin a later tablet, but you found this one.... I have faith the next flaw will be found in the next one too.
A bird in the hand is worth two in the bush.
Posted from my B&N Nook Tablet... rooted of course!
jotekman said:
A bird in the hand is worth two in the bush.
Click to expand...
Click to collapse
I would say this summarizes everything I want to say on the topic.
ive read the thread in the general forum for noobs.
but i still dont quite understand all these things and what purpose they serve.
im SUPER new with all this stuff. so my apologies.
could someone help a brother out?
what is your question specifically?
just curious about what they are and do basically.
kevinallen4325 said:
ive read the thread in the general forum for noobs.
but i still dont quite understand all these things and what purpose they serve.
im SUPER new with all this stuff. so my apologies.
could someone help a brother out?
Click to expand...
Click to collapse
I'll try and help.
First you must ROOT your phone. This basically grants you access/permission to FIDDLE with a lot of things you can't normally. I use the word *fiddle* loosley, meaning you can install root tools (like overclock) custom Roms, change system settings, flash themes... the list goes on. It's kind of like the equivalent to "jailbreaking"
Rooting is the "first and foremost"... basically do this first. and all other things follow.
kevinallen4325 said:
just curious about what they are and do basically.
Click to expand...
Click to collapse
Well the sticky in the main forum really is a good place to start, as all these terms are defined there:
http://forum.xda-developers.com/showthread.php?t=1483113
As well as step-by-step instructions how to root. That should get you started!
ok so root first. got it. would any of this benefit my phone in anyway? or is it mainly just to put custom themes and such on?
kevinallen4325 said:
ok so root first. got it. would any of this benefit my phone in anyway? or is it mainly just to put custom themes and such on?
Click to expand...
Click to collapse
It is much more than that. I wrote this out before, so I will copy it again:
People have problems when rooted because they are not careful or do not know what they are doing. Rooting gives you (to put in Windows terms) full Administrator rights to your phone. With this right comes responsibility, so you must be careful and do research. This is why rooting also voids the warranty. The phone is now open for the user to do whatever they want, and circumvent any restrictions put on the phone by the manufacturer (including those in place to prevent harm to the device). But like a computer with Admin rights, rooting allows you to install any application, any "OS theme", and tweak the hardware to do what YOU want with it, not what the manufacturer wants.
So please be sure to READ READ READ all you can before you start!!! You don't want a $600 phone coaster. Just browse the forums for a couple weeks and learn from the posts.
kevinallen4325 said:
ok so root first. got it. would any of this benefit my phone in anyway? or is it mainly just to put custom themes and such on?
Click to expand...
Click to collapse
It depends what you consider a benefit. Sure..theming can be a benefit, but rooting provides the gateway to address any negative or less than ideal aspects of a device. For instance, The Note has been perceived as being somewhat laggy. So rooting allows you to free up system resources by eliminating unneeded bloatware that you can't remove if you remain stock. Also the lagginess has been addressed by overclocking, modding and building kernels that do specific things and of course making custom roms. The Note is still very early in the developmental process, so many things to improve the user experience of the device will become available over the course of time....but it all starts with being rooted.
Sent from my Samsung Galaxy Note LTE™
kevinallen4325 said:
ok so root first. got it. would any of this benefit my phone in anyway? or is it mainly just to put custom themes and such on?
Click to expand...
Click to collapse
Android isn't like iOS. I had an iPhone for four years before my Note and I know where you coming from. What the other guy was saying is that rooting can be viewed similar to jailbreaking, but it is kind of completely different. You don't need to be rooted to use themes (or most of the stuff on Cydia). Rooting allows you to back up apps, flash custom ROMs, etc. Otherwise, you most likely don't need root.
tbran said:
It depends what you consider a benefit. Sure..theming can be a benefit, but rooting provides the gateway to address any negative or less than ideal aspects of a device. For instance, The Note has been perceived as being somewhat laggy. So rooting allows you to free up system resources by eliminating unneeded bloatware that you can't remove if you remain stock. Also the lagginess has been addressed by overclocking, modding and building kernels that do specific things and of course making custom roms. The Note is still very early in the developmental process, so many things to improve the user experience of the device will become available over the course of time....but it all starts with being rooted.
Sent from my Samsung Galaxy Note LTE™
Click to expand...
Click to collapse
if i were to root it and do whatever else would that affect the notes ability to update itself when the time comes?
like if i were to put some custom rom or whatever on it and lets say ics came out (lulz) would it still be able to update to it, and would it basically remove everything i did to it
kevinallen4325 said:
if i were to root it and do whatever else would that affect the notes ability to update itself when the time comes?
like if i were to put some custom rom or whatever on it and lets say ics came out (lulz) would it still be able to update to it, and would it basically remove everything i did to it
Click to expand...
Click to collapse
Trust me, if you go the root and custom rom way, you will never install an official update. not because you can't, but because it will be leaked and debloated months before it is official.
i installed saurom. with and ics theme. i like it alot. but i cant get into setcpu or any program that requires root access. which is kind of an issue. no one else seems to be having that as an issue.
I rooted my Note a couple days ago and am still trying to figure out the benefits of doing so. I guess just spend time reading through this forum for the answers. That's what I am doing, but so far I see no benefit at all. The phone does all I want it to do so far. Maybe I am missing something.
Also, When i run quadrant, the scores are consistently lower after rooting the device then they were before. Not sure why though.
You are correct that the Note and newer phones may need no help. Not like two years ago. But, the big advantage to rooting even if you don't want to flash roms is Titanium Backup for app mgt and nandroids or full image backups--imho. The other like mentioned is earlier os releases. I have had ICS on my N1 for quite awhile and is still not on most new phones.
Ken
kevinallen4325 said:
i installed saurom. with and ics theme. i like it alot. but i cant get into setcpu or any program that requires root access. which is kind of an issue. no one else seems to be having that as an issue.
Click to expand...
Click to collapse
If you are sure you are rooted, a dialog box with a little Android head wearing an eyepatch will pop up asking if you want to allow the application to have root access. You must allow it here.
ok, i have a question, should i root my lg thirve (lg optimus one) just because i want to go from stock froyo to gingerbread made by cyanogen-mod.
thats all i would want, because my phone is not getting the update, and to get gingerbread i would need to root.
so should i do this, what are the dangers of it, i mean will my phone be vulnerable to dangerous things, will it break or mess up in any way?
No dangers, really. But yes, root. If you are interested in overclocking, tweaking, and installing any app that requires root (just search "root" on market and see what goodies come up), you should root, no questions asked. I highly recommend CyanogenMod as there are so many additional and useful features and it is pre-rooted (obviously). If you don't like modding or experimenting, then stick to the stock ROM.
I gotta be honest with you, when I first landed on the Android world I made myself that very same questions over and over again, until one day I said "what the heck!" and done it.
To be truth, isn't that big of a deal, rotting isn't difficult and isn't bad, you just gotta be carefully about what you do because you'r having access to the System folder, so you can really harm your phone, but if you don't mess up with it, you have nothing to worry about.
Some apps need root access because they use the system folder to make changes, so don't simply install any app that request you so, just those that are known and that you need.
So, in conclusion, Root your device, just don't go on the system folder and make changes if you have no idea what you'r doing.
Root is good and healthy to your phone. It gives you more freedom on using your phone. Really, it lets you do a lot more things that you can't do it on an unrooted stock ROM.
Most of us did that before, and it wont harm you phone's health provided that you don't root/unroot too many times in a week (it is similar to what my parents told me when I am still young and innocent)
Rooting process in most cases wont brick your phone unless you are trying to flash a rooted ROM without knowing it.
But anyway, if you want to try something new, you need to take the risk. And don't blame on others when you bricked your own phone. Maybe you can search on youtube videos or websites for those step by step rooting guides for your phone.
feenius danger
Yes.. root its worth it.. Speeds up your device by removing unnecessary crap, can customize the look much more, rather easy to do.. Just follow a guide on here and good luck .
YES!!!!!!!
rooting you phone adds infinitely more possibilities, and makes your phone a lot faster
also, cyanogen-mod is an amazing ROM,
go ahead, give it a try,
JUST REMEMBER BACK UP EVERYTHING BEFORE FLASHING CYANOGEN-MOD
good luck
dosage1 said:
Yes.. root its worth it.. Speeds up your device by removing unnecessary crap, can customize the look much more, rather easy to do.. Just follow a guide on here and good luck .
Click to expand...
Click to collapse
That's right, there a quite a few (a ton!) sites describing the benefits of it:
http://www.androidcentral.com/root
http://www.appsgeyser.com/blog/2012/03/20/should-i-root-my-android-phone/
http://www.androidpit.com/en/android/forum/thread/403299/So-what-exactly-is-rooting-and-is-it-for-me
http://www.addictivetips.com/mobile/top-10-reasons-to-root-your-android-phone-2/
The only thing I recommend is that you know what you're doing. If thats not the status: In the forums are a lot of posts
Definitely go for it.
The optimus one especially benefits from rooting/applying a new, better rom.
Don't root and unroot your phone too many times.Thats the caution,otherwise as said it gives you more control over your hardware than unrooted phone.
Sent from my LG-P350 using XDA
Gaining full control of your device is a big advantage. In addition to this some really useful apps just run with root.
ricky1001 said:
Don't root and unroot your phone too many times.Thats the caution,otherwise as said it gives you more control over your hardware than unrooted phone.
Sent from my LG-P350 using XDA
Click to expand...
Click to collapse
Actually, if that were true, ROM developers would have long given up and we wouldn't have any of the awesome ROMs floating around out there today. There's absolutely nothing wrong with rooting and unrooting repeatedly, as long you follow the correct procedure every time. Although why anyone would do that stumps me. Either you like your phone rooted, or not.
@singular9:
First off, "upgrade" is a very subjective term. Are you certain the ROM you're looking at will give you significant advantages over the one your phone's running now? While I don't doubt that the people behind the CM ROM for your phone are doing some brilliant work, always assume that something may go wrong. (Unlike Apple, other phone manufacturers source their hardware from all sorts of different places. Two phones, same model may have differently branded components.) If something DOES go wrong, are you prepared to undergo the arduous process that unbricking a phone will involve?
I'd say root your phone if - and ONLY IF:
1. You're a careful person who will read instructions and follow them to the letter, in the order they were set;
2. You're prepared to read up on what "root" is, what the terms used are, and accept that your "upgrade" may not quite offer you the benefits you were looking for (whatever they are, as you didn't specify)
If you're okay with the above, then yeah, I guess I'd say go ahead. My phone's rooted - I love it, and loved every step of the journey I took to root it.
terradune said:
Actually, if that were true, ROM developers would have long given up and we wouldn't have any of the awesome ROMs floating around out there today. There's absolutely nothing wrong with rooting and unrooting repeatedly, as long you follow the correct procedure every time. Although why anyone would do that stumps me. Either you like your phone rooted, or not.
Click to expand...
Click to collapse
haha, it is a joke dude, don't take it seriously. I don't see any reason for unrooting android unless you are preparing to send the phone back for warranty or get it repaired by its manufacturer and tell them : "ohh, I dunno what happened, it just stop working by it self this morning".
Cheers!
Root is the better way to take totally control of your phone !
Absolutely yes!
Yes U should, but read each instructions carefully before u root ur device.
.
Thread moved to Q&A due to it being a question. Would advise you to read forum rules and post in correct section.
Failure to comply with forum rules will result in an infraction and/or ban depending on severity of rule break.