Related
There seems to be a lot of confusion about what things are or how they work together so I'm gonna try and build a post to explain some things. If i get any of this wrong, feel free to call me out and I'll correct it. I can generally be relied upon to make mistakes.
First let's start with the various things that you're gonna be hearing about or messing with on your phone.
Hboot or bootloader
This is pretty much the lowest level thing you're gonna mess with. This is what makes the phone boot up, and where you can flash all sorts of things like new hboots, kernels, and whole roms depending on how they are packaged. You can get here by either powering off your phone then powering on with volume down + power, or by selecting "reboot to bootloader" in most custom roms. If you've entered your hboot from a powered off state, you'll start in hboot, also known as the bootloader. The bootloader is where you will load ph98img.zip files, factory reset, boot to recovery, or enter fastboot. Fastboot is the section of the bootloader that will allow you to run fastboot commands from your PC/mac/whatever to load things like boot images, recovery images, return your phone to an s-on state, etc. It's a very powerful interface. From here you have menu options which will allow you to reboot, power off, or return to the bootloader.
If you've entered hboot from the adb reboot bootloader command or your custom rom, you will start in fastboot, and can enter the bootloader from here.
When entering the bootloader using either method, the first thing the phone will do is look for a PH98IMG.zip file. If it finds one, it will want to install it. You'll have the option of installing it, or rebooting. That's it. This is why you want to get rid of the ph98img.zip files from the root of your sd card once you've used them - if you pooch your rom, you're not getting into recovery or fastboot until you remove that file. If you can't boot your phone, you better hope you have another SD card or a micro sd card reader kicking around somewhere. You can boot into fastboot by powering off the phone, then powering it on by holding power and volume down keys at the same time.
A word of warning - this is one of the few places you can actually "brick" your phone. Don't mess around with installing hboots unless you are absolutely certain that you a) have a need and b) have an md5 checksum of the file and have verified that checksum on your own gear. Generally speaking, the only time you need to flash the hboot is when you are upgrading in some way, for example when going from GB to ICS.
Quick note - when people refer to the "SD card patch" they are referring to a patch that allows you to use the GB firmware with ICS roms. This is largely unneeded at this time, since the main purpose was for folks who wanted to run ICS roms without upgrading their hboot - there's no going backward with hboot unless you have s-off.
Radio files
this is how your phone works with the radio. you can brick your phone here, too, so always check md5 before installing, and ask yourself if you really need to be installing it. new radio versions are generally given the credit for things like increased signal strength, faster 3g/4g, better power consumption, etc. these are often paired with a kernel, as well.
Recovery
This is a software layer that you can flash to your phone that allows you to boot the phone into a utility state where you can install roms, flash things like patches or modifications, backup your rom/kernel, etc. When people refer to a nandroid backup, they are referring to a backup made here. It's a snapshot of your phone that lets you mess with things and restore back to that point in time should you screw something up. You pretty much can't brick your phone at this level - it's all just files and filesystems. You can also mount your SD card to reader mode for connection to a computer, do a factory reset of data, and a few other fun things like root your rom here. You should only root your rom if it is a stock rom that has not been rooted yet. Rooting a rooted rom will usually unroot your root so you don't have root.
There are a couple of different recoveries. The rezound community seems to use primarily amon-ra, which is what i use, but there is also clockwork recovery as well. Recovery is usually installed by booting your phone into fastboot and running the "fastboot flash recovery <recovery file>" command. Recovery can also be installed via the flash_image binary found in the RomManager package (ex: flash_image recovery amonra.img). This eliminates the need for fastboot altogether. Just need a terminal, root, and the flash_image binary.
Kernel
This is basically the primary component of an OS. The kernel is where a lot of the functionality of the phone are made or broken. the setting that prevents use of setcpu to change the way the CPU is governed is here. The thing that prevents bluetooth from working right on sense 4 roms? Kernel. Everyone is waiting eagerly for the ICS kernel source to be released so custom kernels can be made that resolve these issues and more. You can flash a kernel via recovery if you've done s-off to your phone, or via a ph98img.zip file in the bootloader. With s-off, kernels can also be backed up in recovery. The kernel is often given much of the credit or blame for the performance of your phone, overheating, etc.
Roms
Your phone's OS, sometimes incorrectly referred to as firmware. It's not - the firmware is the stuff we've already covered that can brick your phone. Think of your phone more as a tiny computer, with the rom being the distribution that you're using. This is pretty apt since it's basically linux, and just like linux, the actual OS is just files and partitions. Because the radio interface layer requires sense, the bulk of our roms are all based on sense roms, and all the functional ones are. Developers modify them to add features, remove bloat or sense components, or take sense roms from other phones and adapt them for our own. You install a rom through recovery.
Never claim to have "bricked" your phone when installing a rom. You can't, and doing so only points out that you don't really know how your phone works. This is embarrassing and best avoided when possible so jerks like me do not tell you what a n00b you are, and to go read threads like this one. Since you're here, we can assume that you've bothered to research things before asking stupid questions, so bravo! In all seriousness, you can no more brick your phone by messing up the rom than you'd brick your PC by screwing up your windows install. You can always start again from the beginning and reinstall. You might lose apps and settings, but this is the nature of the beast. Always nandroid before messing about, and you'll be fine. Nandroid is covered further later on.
RUUs
Strictly speaking, the things that we refer to as RUUs aren't. Everyone calls them that anyway, and I don't see it going away anytime soon. Technically, however, an RUU is HTC's Rom Updater Utility, and it's an executable that gets run on your PC, not something you load to SD card and flash in your bootloader. That said, RUU has come to mean factory signed software/firmware packages that are released by the manufacturer or leaked. They come in the form of a ph98img.zip file that can install pretty much anything - hboot, radio, kernel, rom, etc. What is installed varies from package to package.
Installing an ruu can only be accomplished on a phone that is currently not in an htc dev unlocked state, or a phone that has s-off. when installing one of these that includes an hboot, you'll need to reinstall recovery as well - installing a new hboot via RUU will always require this as the custom recovery is overwritten with the stock recovery.
If your phone has not yet had the s-off procedure done and you intend to do so, make sure the RUU you are about to install does not break the s-off exploit. Doing so will lock you into that RUU until the dev updates the exploit to work with the new hboot (if included in the RUU) or another RUU is released.
HTCdev
This is the method HTC gives us to unlock our phones. it allows us to install recoveries and roms, but not a lot else. you cannot downgrade your hboot or radio files with this, for example. you can install kernels via ph98img.zip file, but not through recovery. basically, it's HTC's way of letting us mess with our phones but without (hopefully) giving us enough control to brick them. this is considered better than nothing, but much less than ideal since you still don't have total control over what your phone does and how. doing this does essentially void your warranty, though to date there have been no confirmed reports of this affecting a return via either warranty or insurance.
With your phone in a stock state, you can apply only factory signed RUUs. Roms and kernels are closed to you, and you can move only forward with your radio and hboot, never backward.
With your phone in an HTCdev unlocked state, you can apply unsigned RUUs that contain a boot, system, and recovery image - all components must be present.
To get your phone into this state, visit HTCdev.com.
S-Off
This sets your security flag on the phone to off.Stock, your phone comes with this flag set to on. Our s-off method does it at the radio layer, and at this time is thought to be irreversible by update. It isn't, though - it's just unlikely because there are legitimate s-off phones out there. Still, it's always a good idea to wait to see if that shiny new RUU is gonna make your phone boring again before you install it. To be safe, wait for an RUU that has the hboot removed and just applies kernel, radio, and system files. You can turn it back on with fastboot should you wish, however. Htcdev unlocking, a bit of wire or a paperclip, and a decent set of timing is required for this. In my opinion it is best to do this once you are sure your phone does not have problems that require a warranty return, but it should be done before upgrading to new, untested OTAs/RUUs. There's always the chance that HTC will block the exploit that gives us this, at which point you're stuck until the devs figure out another way or someone comes up with some crazy method like the evo 3d guys. Many are nervous about this process, and for good reason. While the devs have done everything they can to make this bulletproof, it is best to enter into this mod with as much knowledge as possible, just like any other mod. It's also best to be relaxed, have an internet connection other than your phone, and not have anywhere you have to be right away in case things go like you don't expect. Should things go wrong, don't freak out. Ask questions. Many "bricked" phones have been restored with simple application of knowledge.
Things s-off does: Allows you to flash kernels from recovery, allows you to flash any hboot and radio you want. Lets you install any "ruu" you want with any combination of boot image, system, and recovery, rather than the entire package. Makes rom installation easier on devs due to kernel installation in recovery.
Many have scoffed at s-off, claiming it does nothing that unlocking doesn't do already. This isn't really the case, as we've all seen how important the ability to downgrade firmware and radios can be. Personally, I think of a phone with s-on in much the same way I think of eating steak through a trash bag. If you have the option not to, what the hell are you doing?
Things s-off does not do: magically turn your phone into an open platform to which devs will instantly flock to give you the aosp roms you believe yourself entitled to. What will do that? Glad you asked.
RIL - radio interface layer
Basically, the RIL is a driver for the radio - it lets the radio interface with the software running on the phone. This is a new problem that effects 4g phones. It sucks. Basically, your manufacturers (also verizon, but you can assume they don't want you to do anything other than pay them.) don't want you touching their precious radio chipset with your grubby little paws. We don't have source code, and they're not talking. Of course we already have software on our phone that has the RIL stuff we need, right? Yes... sort of. For any sense roms we want to use. This is why we don't have aosp. For aosp, one of three things needs to happen:
1) Manufacturers grow a soul and give us source in the form of a leak or they go mad and just release it. This is pretty much as likely as Verizon deciding that they are doing away with early termination fees.
2) Someone reverse engineers our RIL and makes their own RIL software. This is as likely as my wife developing new roms for her Incredible 2. The one she blames for her school's ****ty email server and wants to trade in for an iphone.
3) Someone develops an interim layer that translates aosp to sense and back again. This was done on the thunderbolt, but it was wonky. Certain individuals are confident that this will be easier done on ICS and are working on it. Some AOSP action would be pretty damn awesome, but don't expect it, demand it, or hold your breath for it. It's hard, and is going to require a very intense combination of skill, knowledge, and tenacity.
Now i know what you're thinking - the Nexus is a CDMA 4g phone and they can do whatever the hell they want. Do they have an open RIL? The answer is no. They have an aosp (Android Open Source Project) RIL though, which amounts to basically the same thing. If it is any consolation they can't have sense roms as a result. Those poor bastards, right? This is why many are torn between the Nexus and the Rezound. The Nexus is open and a dev's paradise - CM9, AOKP, MIUI, ****ty roms that some kid slapped a godawful theme on - it's all there. The Rezound has better radios, better screen, and better build quality (subjective) but no aosp. If you're reading this you've already chosen or had the choice made for you by verizon's $50 sale.
Fast Boot
But Derek, you say, you already talked about fastboot in the bootloader section. We get it. Nay nay. This is fast boot. Note the space. Basically, HTC roms include a tech that puts the phone into a hibernation state rather than powering off. You'll find it in the power menu. When this box is checked, your phone will go from powered off to your home screen in a very short period of time - 15 seconds on my phone, vs the normal 45 second boot time. If you pull the battery, you will have a normal boot time. Personally, I could take or leave this feature. I almost never shut my phone off, and when I do, I want it to actually shut off because i'm shutting it down because I need a cold boot. It's up to you how useful this feature is to you.
Perflock, CPU Frequency, and Governers
Many people have had poor experiences running the ICS leaks due to the CPU maxing out. The stock HTC kernel uses perflock, which constantly resets the frequency and scaling of your CPU. This means that the use of programs like setcpu or system tuner to change the min/max frequencies or governer of your CPU will cause it to essentially run in a state where it is either using the max frequency, or the minimum, without scaling up and down according to need. Some CPU monitoring apps will cause a similar reaction. The best way to avoid all this unpleasantness and get the best battery life out of your phone is to simply leave it be and let it do it's thing, because quite frankly you can't stop it anyway. If you absolutely must see what your CPU is doing, I have had good results with CPU Monitor by Coconuts. I still don't recommend keeping this active full time as I suspect it still impacts performance and battery life, but many do without any obvious adverse results. As a side note, the HTC kernel uses the On Demand governer, which steps up the CPU frequency quickly when needed and scales it back down slowly. Clearly, HTC's focus was on performance rather than battery life, here. Once kernel source for ICS is released, devs can build custom kernels which do not include perflock, and add other nice features as well like full power usb charging. Once this occurs, we will be free to use setcpu to scale our CPUs up or down to our hearts content and use whatever governer we like. Until then the best advice is simply to leave it alone.
I will be updating this and adding to it constantly. I'm not an expert, just an average user who is trying to put some useful info in the same place. Please shoot me a PM with suggestions/things I got wrong and I will update this post and credit you.
Contributors who have helped make this more accurate
scotty1223, esheesle
Section for General Education Type Things
Titanium Backup
Quite possibly the most useful software you will use on your rooted android device. Well worth buying. This software will allow you to backup pretty much everything on your phone to your sd-card, dropbox, box account, etc. It even lets you pull data from nandroid backups. This is the best way I know of to backup your apps and restore them when switching to a new rom. Not only do you not need to go digging through the my apps section of the play store to reinstall every damn app, you can restore with the data from the time of the backup. That means config for a lot of apps, game saves, etc. Note that most SMS apps and launchers will require you to use the backup included in their software, as Ti Backup doesn't grab these things. Forgot to backup your apps and data but made a nandroid backup? No problem. It can read your nandroid backup and pull those things right out of it.
It can also screw up your rom install to the point where you might as well factory reset, if you use it wrong. Basically, you never ever want to use it for anything other than apps you've installed from the app store and their data. Restoring system apps, unless you know what you're doing, is a bad idea. Restoring system data, no matter how tempting, is an even worse idea. It's very likely to screw you up. There are circumstances in which it may not do so, but if you are reading this and this is new info, you don't know them. Stay away. Most devs will outright tell you not to use it with their rom since people will inevitably ignore the warnings and do it anyway. It makes switching roms an absolute breeze though - I can switch roms and have my software setup exactly how it was before in less time than it takes to download a rom from Android Police. Granted, that's a good hour, but you get what I'm saying. It's a huge time saver. Backup your user apps and data, but touch system apps or data at your own peril.
What to do if you think you're bricked
Step 1: Chill out and slow down. Seriously. Unless your phone isn't doing anything at all when powered up, it's probably recoverable. Double check your MD5 sums before pushing things like hboots and radios, and you should be OK. If you've screwed up the s-off process, make a post describing exactly what you've done and how, then wait for responses. Do not demand them. You can also join #juopunutbear on freenode, where the devs hang out. They're not always right there, but I've seen them help dozens of people out of some sticky places, and they'll help you if they can. They really know their stuff.
For general Rezound problems, you can join #rezound on andirc.net. There's usually some knowledgable guys hanging out there, willing to help. Remember, the very best thing you can do is take the time to gather enough knowledge to be confident that the steps you are going to take to fix the phone are the right ones, and why. Flipping out about your "bricked" phone and throwing anything you can at it is much more likely to make things worse, and annoy the people trying to help you. For example, if you are s-on and in a state where you need to reinstall a stock RUU package, you only have as many chances to get it right as there are newer RUUs than what is on your phone already. If you don't know enough about things to know what is wrong and why, you're not terribly likely to know the best way to fix it. Keep calm and carry on.
What will installing this ______ do to my phone? What do I need to do to install them?
Now that we have s-off and all these new ICS leaks, we've all gotten a bit flash happy. This has led many to ask what they can install, how, and what needs to be done. I'll try and address as much of this as I can by talking about the different states your phone might be in.
Totally stock - You have only one choice. You can install the full RUU, or not. That means you're getting whatever radio, hboot, kernel, and rom come with that RUU. Once you've installed that RUU, you can't install anything but a newer RUU after that. Remember that with RUUs, you need to reboot twice - there are two installation steps in hboot that require a reboot in between. Note that some RUUs will wipe your SD card. Nice of them, isn't it?
HTCDev unlocked - You can install kernels via hboot, a custom recovery via fastboot or hboot if packaged, and custom roms. If you want to install new radio files or an hboot, then you'll want to make a nandroid backup in recovery, relock your phone, and install the RUU via hboot. You cannot install the RUU without relocking first. You can then unlock your phone via HTCdev again, flash recovery, and restore from your nandroid backup. Like a totally stock phone, you can only go forward with hboot and radios, never backward. You have more options than the stock guys, but are still limited. But you also can't brick your phone. Again, some RUUs will wipe your SD card.
S-off - You can do anything you want. Flash any radio or hboot you want. Flash any kernel you like. If a new RUU comes out and you want to try it, just install it. You'll need to reinstall recovery, but that's it. Want to use the new leak's radio and kernel but not the rom itself? Flash 'em. But for the love of god, check the MD5 checksum before you flash. Apps like root explorer will let you see the MD5 of a file right from your phone's SD card. Flashing a bad radio or hboot can brick your phone. With great power comes great responsibility. Flashing hboot, kernels, and radio files do not require you to factory reset your device, nor will they do so. It is advisable to clear your cache and dalvik cache in recovery after installing a new kernel, but that will not affect the data on your device.
So let's say you've got s-off, and you're running a rom you like, but you want that new radio, hboot, and kernel. First, don't touch the hboot unless you have a reason to. That's a risk that you don't need to take most of the time. To flash the radio, find someone who has extracted the radio and repackaged it into a PH98IMG.zip that contains just the radio. Copy it to your SD card, check the MD5, and flash via hboot. To install the kernel, either grab it from someone who has packaged it, or pull the boot.img from the RUU zip. Check your md5, boot your phone to fastboot, and run:
fastboot flash boot <path to boot.img file>
You need fastboot on your PC, of course. Also, bear in mind that with a new kernel on an older rom, you may need to apply patches to make everything work properly, like wifi. Devs will generally release these patches and post them. Simply copy them to your SD card and install in recovery.
Where are all these files?
The Dev section. Go in there, and poke around. It doesn't take long after a leak is released to see that leak taken apart, rooted, deodexed, stripped of its kernel and radio files, etc. Read what people are saying, and asking. Generally, the first post will be updated to have everything you need, but the thread may have what you're looking for as well. What you don't want to do is ask where things are when the same question has been asked several times over already, often three pages back. Sometimes things can be hard to find, but it's good to make the effort. The community will be better for it.
What's a rooted rom? Deodexed? Busybox? Zipalign?
Rooted is fairly self explanatory. It's the process of packaging a superuser app with a rom that will allow you to operate your phone with root access. You'll need this for the good stuff like removing bloat, installing most wireless tethering apps, ad blockers, titanium backup, etc. Verizon wishes you wouldn't do this, so you know it's awesome.
Deodexing basically removes an optimization, called odexing, that basically takes bits of an apk and puts them elsewhere for optimization purposes. Deodexing packages everything back into the apk so you can use different apks without fear of conflicting code, etc. This is what makes a lot of mods possible.
Busybox provides several stripped down versions of unix tools in a single package. A lot of things like titanium backup depend on this. Generally when someone roots a rom they also busybox it.
A zipaligned rom is a rom that has had its application packages optimized for quick access by aligning them on 4 byte boundaries. This allows android to access resources without having to explicitly read them. You don't necessarily need to understand this one - just think of it as being optimized.
Contributions are appreciated and will be credited in the main post. In the interest of keeping this thread clean without a million different versions of the OP, please edit your post down to a basic "suggestions added" or something similar once I've noted your additions. That way things stay readable and don't confuse the readers. Ideally, a PM would be best, leaving the comments free for questions and the like. My goal is to jam as much knowledge in this thread as I can, and I'll continue working on it as I see new questions that commonly pop up.
tspderek said:
I literally meant the phrase "suggestions sent." i would prefer PMs or cleaned up posts after suggestions are included in the original post for cleanliness' sake and to keep down redundant info.
Click to expand...
Click to collapse
so,in other words,youd like your posts,followed by no posts,or "thanks" posts,with no real discussion.
my only issue with that,is simply any of us are capable of sending suggestions that are not correct,or that are correct but an opinion. are you filtering somehow what you add? or just adding everything everyone sends?
its your thread,ill accept your request,but i personally would like to see everyones personal contributions and how you incorporate them.
readers should be smart enuff to seperate the first 3 information posts from the rest of the discussions. my 2 cents
I literally meant the phrase "suggestions sent." i would prefer PMs or cleaned up posts after suggestions are included in the original post for cleanliness' sake and to keep down redundant info.
..
Khayos said:
Suggestion: Sticky! (then delete me)
Click to expand...
Click to collapse
it's been sticky since about an hour after it was written last night...
Thank you for writing this. It should be a requirement to read this before someone can post again.
Thanks for this! I was just thinking that this is getting REALLY confusing...I appreciate the Primer!
tspderek said:
There seems to be a lot of confusion about what things are or how they work together so I'm gonna try and build a post to explain some things. ...
<snip>
Click to expand...
Click to collapse
I had been contemplating a post to ask questions that this addresses; for myself, it is very timely as well as very helpful.
I've seen terms in the forum used interchangeably that really are not, and this helps clarify that. Consistent use of terminology could go a long way to help with the abundance of questions and misunderstandings that exist.
Again, many thanks.
Nice post. Thanks!
I was waiting for the OTA to go official before even thinking about s-off but now you got me thinkin' about it.
If the OTA is good but I just want it de-oxed and de-bloated should I bother with S-Off?
My Dinc was so easy with UnRevoked, wish this one was as easy as that!
my personal feeling is that i like my phone to have s-off, so i can use the radio that works best for me and have full control of my phone. if i've already voided the warranty with htcdev, then why not? it's not a difficult process if you research and prepare everything ahead of time. know the steps, have your tools ready, and you'll be fine. took me one try on my phone.
it's really up to you, though. it's your phone. there is a risk of bricking that isn't there with htcdev. it's low unless you make poor decisions or skip steps, but it does exist - that's what s-off does. it opens the door for you to help or hurt yourself.
Very Useful
This is very well written. I wish I had this when I started my journey with Android. This is my first post btw. Iv been doing this for about 6 months now and hate that i cant post in Developement section. But i appreciate the time it took to make this. Very nice!
Edit.. Second post. Fogot about the first one
Sweet, will be following this closely! Thanks for posting!
Thanks for posting this it helped clear a lot of things up for me. This is my first smartphone and so I'm still learning about this stuff. I think some people forget that not everyone understands all of the jargon. I'm learning more and more about what I can do everyday and this has certainly helped.
Installing RUU
tspderek said:
Installing an ruu can only be accomplished on a phone that is currently not in an htc dev unlocked state, or a phone that has s-off. when installing one of these that includes an hboot, you'll need to reinstall recovery as well - installing a new hboot via RUU will always require this as the custom recovery is overwritten with the stock recovery.
Click to expand...
Click to collapse
tspderek said:
With your phone in a stock state, you can apply only factory signed RUUs. Roms and kernels are closed to you, and you can move only forward with your radio and hboot, never backward.
With your phone in an HTCdev unlocked state, you can apply unsigned RUUs that contain a boot, system, and recovery image - all components must be present.
Click to expand...
Click to collapse
I'm confused. I am S-ON (scared of brick), bootloader unlocked, and running CleanROM Pro 4.3. I want to update to the newest firmware and then the newest version of CleanROM. Do I have to re-lock my bootloader in order to install ICS firmware? I'm looking at the 3.14.605.5 Ice Cream Sandwich ZIP RUU (http://forum.xda-developers.com/showthread.php?t=1365654). How do I go about installing that?
Any help would be appreciated, thanks!
pumpkinsoftruth said:
I'm confused. I am S-ON (scared of brick), bootloader unlocked, and running CleanROM Pro 4.3. I want to update to the newest firmware and then the newest version of CleanROM. Do I have to re-lock my bootloader in order to install ICS firmware? I'm looking at the 3.14.605.5 Ice Cream Sandwich ZIP RUU (http://forum.xda-developers.com/showthread.php?t=1365654). How do I go about installing that?
Any help would be appreciated, thanks!
Click to expand...
Click to collapse
yes, you need to lock it back up then apply the ruu.
or, take the path of awesome, and s-off that bad boy. what i'd actually do is install the latest leak RUU, s-off from that platform, then install amon-ra and whatever rom you want. that way your bootloader will already be upgraded, and your radio files. as new leaks come out you'll be able to apply radio files and kernels independently.
tspderek said:
yes, you need to lock it back up then apply the ruu.
or, take the path of awesome, and s-off that bad boy. what i'd actually do is install the latest leak RUU, s-off from that platform, then install amon-ra and whatever rom you want. that way your bootloader will already be upgraded, and your radio files. as new leaks come out you'll be able to apply radio files and kernels independently.
Click to expand...
Click to collapse
Ok, so...
1. Re-lock Bootloader
2. Install latest RUU
3. Unlock Bootloader and Root
4. S-OFF
5. Install Amon-RA
6. Install ROM
Sounds simple enough. Thanks.
Ok so I've taken your advice and removed setcpu and installed the one recommended in the post however is there any way to also monitor battery temp that won't interfere with things the same way setcpu does?
Sent from my ADR6425LVW using XDA
pumpkinsoftruth said:
Ok, so...
1. Re-lock Bootloader
2. Install latest RUU
3. Unlock Bootloader and Root
4. S-OFF
5. Install Amon-RA
6. Install ROM
Sounds simple enough. Thanks.
Click to expand...
Click to collapse
Step 4.5, install the patched hboot they offer you!
would it work i see it in the market?
i don't think it will work and if it could we first need a unlocked bootloader, which we don't have sadly. we have to wait till dev's can get it unlocked,
Can anyone confirm whether the Sony's HC or ICS kernel features loop device support. I haven't seen many stock kernels with it, but it would be a big step.
As for those apps in the Market, they are theoretically effective, but they require heavy support from the OS, kernel and in some cases even the bootloader.
There are two possible routes for Ubuntu on Android:
1. Native Ubuntu. This is extremely difficult and requires fully unlocked bootloaders and a lot of kernel work. This involves effectively removing Android from the system and booting the device straight into a patched bootloader, which would load a custom kernel, which could boot into an Ubuntu image, running natively on the device's hardware. As mentioned, very difficult and unlikely to ever be seen on the Sony.
2. chroot Ubuntu. This method is a fair bit easier and involves booting into Android as usual, then creating a new chroot environment (for newbies, this is hard to explain), from which you can loop mount an Ubuntu image, then load something like a VNC server or some other X display host, then connecting to that instance from an Android VNC client. This is definitely possible, and would only need the correct binaries, root access, and loop device support in the kernel (which is unconfirmed at this point).
Hope that helps clear it up.
UPDATE:
I just checked on my own rooted 3.2.1r2 device and from what I can see, that app might just work. Our device includes the /dev/block/loopX device files and the "busybox mount" binary seems capable of mounting the right kind of image. chroot is also included stock.
If you want to try out an app from the Play Store like this one, it might just work. Try it out and let us know!!
Mahaco said:
i don't think it will work and if it could we first need a unlocked bootloader, which we don't have sadly. we have to wait till dev's can get it unlocked,
Click to expand...
Click to collapse
danm that sucks woudl be sick to have a mini tablet ubuntu style guess were gona have to wait for the future and see hwat it holds
biggyhead said:
danm that sucks woudl be sick to have a mini tablet ubuntu style guess were gona have to wait for the future and see hwat it holds
Click to expand...
Click to collapse
See my above post regarding chroot Ubuntu. chroot does not need an unlocked bootloader, so if you're willing to run Ubuntu virtually within Android, then that should work alright.
Does this method work for Tablet S?
http://forum.xda-developers.com/showthread.php?t=1074200
Thanks,
Hi there,
I've been cruising these forums for a while and have managed to root my device, get adb setup, and TWRP installed. An unfortunate bit seems to be that you cannot leave TWRP installed and actually boot the device. I managed to get stuck in a boot loop having not restored the 5.4.1 bootloaders. I turned the device off and rebooted into TWRP, flashed the 5.4.1 bootloaders, rebooted, and I'm golden. However, this doesn't really get me anywhere.
So my goal here is to just wipe all this FireOS crap and turn this tablet into a normal android tablet. I've seen plenty of posts about it but cannot seem to find any single post that would achieve this for my specific device and software version. So I'm coming here for help.
Mostly, what I have done so far has come from this thread: http://forum.xda-developers.com/fire-hd/general/how-to-upgrade-to-lollipop-root-gapps-t3163950
Unfortunately, from what I can tell, this process does not remove FireOS and replace it with stock Lollipop, it just updates you to 5.1.2 (which I'm already at) and installs GAPPS. It does not really have a "pure" Android install and it somehow retains the FireOS as the primary OS.
Now, please correct me if I am wrong here with any of the above (this is not a hobby of mine) but since I've rooted a few devices before I figured I could handle it. It seemed like a bargain getting this Fire HD 7 used for like $64... if only I can get it onto stock Android. I'm basically trying to make it a Nexus 7.
Since I CAN get into TWRP, I figure I should just be able to flash a custom ROM right? I've just been having a really hard time finding a stock Lollipop ROM specifically for my device. From what I've heard, flashing the new ROM is the most error-prone part of this type of stuff and can totally brick the device if it were not meant for it. If that did happen, I would need to be able to boot the device back up, get an adb connection, run the scripts that flash the correct bootloaders (post #2, section 101, from the link above) so I can reboot into TWRP and fix it. Perhaps understandably so, I've been very hesitant to just go trying things willy-nilly that I don't fully understand.
Could anyone offer any assistance? Perhaps just point me in the right direction? I've probably read most of the threads you'll likely link, so a short bit of context to how something pertains to my specific device as well as the link could help me significantly. The guides that people write usually contain updates and are quite difficult to follow to the "T" and half the time I'm not even sure something I'm doing actually pertains to my device.
[EDIT] I found this video (https://www.youtube.com/watch?v=_c5hHSCO_o8) but it looks like he's doing that on a previous generation Fire so, again, I'm not sure it will work and don't want to try and then brick it.
nedwards said:
Hi there,
I've been cruising these forums for a while and have managed to root my device, get adb setup, and TWRP installed. An unfortunate bit seems to be that you cannot leave TWRP installed and actually boot the device. I managed to get stuck in a boot loop having not restored the 5.4.1 bootloaders. I turned the device off and rebooted into TWRP, flashed the 5.4.1 bootloaders, rebooted, and I'm golden. However, this doesn't really get me anywhere.
So my goal here is to just wipe all this FireOS crap and turn this tablet into a normal android tablet. I've seen plenty of posts about it but cannot seem to find any single post that would achieve this for my specific device and software version. So I'm coming here for help.
Mostly, what I have done so far has come from this thread: http://forum.xda-developers.com/fire-hd/general/how-to-upgrade-to-lollipop-root-gapps-t3163950
Unfortunately, from what I can tell, this process does not remove FireOS and replace it with stock Lollipop, it just updates you to 5.1.2 (which I'm already at) and installs GAPPS. It does not really have a "pure" Android install and it somehow retains the FireOS as the primary OS.
Now, please correct me if I am wrong here with any of the above (this is not a hobby of mine) but since I've rooted a few devices before I figured I could handle it. It seemed like a bargain getting this Fire HD 7 used for like $64... if only I can get it onto stock Android. I'm basically trying to make it a Nexus 7.
Since I CAN get into TWRP, I figure I should just be able to flash a custom ROM right? I've just been having a really hard time finding a stock Lollipop ROM specifically for my device. From what I've heard, flashing the new ROM is the most error-prone part of this type of stuff and can totally brick the device if it were not meant for it. If that did happen, I would need to be able to boot the device back up, get an adb connection, run the scripts that flash the correct bootloaders (post #2, section 101, from the link above) so I can reboot into TWRP and fix it. Perhaps understandably so, I've been very hesitant to just go trying things willy-nilly that I don't fully understand.
Could anyone offer any assistance? Perhaps just point me in the right direction? I've probably read most of the threads you'll likely link, so a short bit of context to how something pertains to my specific device as well as the link could help me significantly. The guides that people write usually contain updates and are quite difficult to follow to the "T" and half the time I'm not even sure something I'm doing actually pertains to my device.
[EDIT] I found this video (https://www.youtube.com/watch?v=_c5hHSCO_o8) but it looks like he's doing that on a previous generation Fire so, again, I'm not sure it will work and don't want to try and then brick it.
Click to expand...
Click to collapse
You seem to have the gist of it, which is that what you want to do can't be done. There is only one ROM for this device--CM11, here: http://forum.xda-developers.com/fire-hd/orig-development/rom-cm-11-kindle-hd6-t3270138 --and it is not fully working. No one's ever posted here about successfully installing a ROM for a different device, only about bricks as a result of trying.
@xSentinel has been disabling all possible apps, while still keeping the device running. His goal may be the same as yours(?). He started a thread here, but has since got a lot more disabled: http://forum.xda-developers.com/fire-hd/help/5-1-2-bloatware-safe-to-remove-apps-2014-t3355167. Might want to post there and see what he's up to.
DoLooper said:
You seem to have the gist of it, which is that what you want to do can't be done. There is only one ROM for this device--CM11, here: http://forum.xda-developers.com/fire-hd/orig-development/rom-cm-11-kindle-hd6-t3270138 --and it is not fully working. No one's ever posted here about successfully installing a ROM for a different device, only about bricks as a result of trying.
@xSentinel has been disabling all possible apps, while still keeping the device running. His goal may be the same as yours(?). He started a thread here, but has since got a lot more disabled: http://forum.xda-developers.com/fire-hd/help/5-1-2-bloatware-safe-to-remove-apps-2014-t3355167. Might want to post there and see what he's up to.
Click to expand...
Click to collapse
Ah, that is unfortunate. At least you've helped me to understand that my goal cannot be fully realized. I probably should have done a bit more research before purchasing the Fire tablet. I'm really just looking to set up an in-car tablet to handle Torque guages, navigation, and music. Perhaps I should just return the Kindle and shell out the extra cash for a Nexus 7. I think I could probably get a refurbished one for a price similar to what I paid for the Fire. I'll poke around xSentinel's thread a bit and see what I'm up against first though. If it comes down to it, the headache of dealing with Amazon's locked down devices might just outweigh the extra money/hassle of a Nexus 7 and a return.
nedwards said:
Ah, that is unfortunate. At least you've helped me to understand that my goal cannot be fully realized. I probably should have done a bit more research before purchasing the Fire tablet. I'm really just looking to set up an in-car tablet to handle Torque guages, navigation, and music. Perhaps I should just return the Kindle and shell out the extra cash for a Nexus 7. I think I could probably get a refurbished one for a price similar to what I paid for the Fire. I'll poke around xSentinel's thread a bit and see what I'm up against first though. If it comes down to it, the headache of dealing with Amazon's locked down devices might just outweigh the extra money/hassle of a Nexus 7 and a return.
Click to expand...
Click to collapse
You also might check out the Fire forums. (I got a refurb for $30.) They have a few ROMs and are doing interesting things. Also, lots of activity over there.
Some people may strive to be "purists", but remaining pragmatic is a recipe for relatively happy life
Because the bootloaders are locked, there are very limited options on what to boot. There was some lucky bug in the earlier bootloaders that gifted us with the ability to boot an unsigned TWRP using 4.5.3 bootloaders. But boot.img always had to be signed, or it would not boot.
To create a custom OS, one needs to match the custom ROM to the existing boot.img from a given version of FireOS. Kind of pain in the @ss, don't you agree ?
Instead, however, one can just keep FireOS 5, and tweak it to behave like almost a pure Android. And it's not hard ! So why chase the unicorns when all you want is right in front of you !
I'm currently working on completing a CM11 port - as someone else mentioned it needs to use the stock boot.img though, so I have to heavily modify CM code in order to get it to work with full functionality. CM11 does run very well on the device though, and it's much snappier than Fire OS imo.
In theory this device could use something like safestrap to boot unsigned boot images, however I probably won't bother writing something like that until I have CM11 at 100% functionality (currently my build is at about 60% if I were to estimate).
I think the guy who posted the first CM11 port is now working on porting CM12, although it's a massive pain to test.
nedwards said:
Ah, that is unfortunate. At least you've helped me to understand that my goal cannot be fully realized. I probably should have done a bit more research before purchasing the Fire tablet. I'm really just looking to set up an in-car tablet to handle Torque guages, navigation, and music. Perhaps I should just return the Kindle and shell out the extra cash for a Nexus 7. I think I could probably get a refurbished one for a price similar to what I paid for the Fire. I'll poke around xSentinel's thread a bit and see what I'm up against first though. If it comes down to it, the headache of dealing with Amazon's locked down devices might just outweigh the extra money/hassle of a Nexus 7 and a return.
Click to expand...
Click to collapse
Just so you know it can be done, I am running Torque on a Fire HD 6 and still running thr Fire O.S. There is also a similar app to Torque Pro in the Amazon app store - search for OBD and it should see it (sorry I can't give the name, soft bricked the device and won't be near a computer for another 4 days) It is similar in capabilities to Torque Pro, and runs around the same price.
Hello out there,
it might be an easy question for some of you, so please be so kind and help me out: I highly appreciate your answers.
--
The Samsung Bootloader, which can't be changed due to the burning of the eFuse (yet I do not understand, why one can't use the same method of digitally signing an own bootloader and load it onto the flash without burning the eFuse) boots from a certain file on the flash, which should be Linux-Standard /boot/vmlinuz.
Why can't one backup the whole flash with Samsung Tools and install an own Linux System to boot from?
I now know that the kernel protection is based on a google development, where several virtual machines are loaded and one of those is then the Android System and Kernel, with a Platform where the Apps can be started from (Dalvik) and this virtual machine can be checked for manipulations - so to speak: Software protection = of no use for me or my choice to implement or program my own version of such a protection, but it has nothing to do with a hardware based (knox) protection. Is this correct?
(I do not want to blow the fuse, but use a custom rom. Any solution for this?)
--
I could analyse the open source code of Android and maybe able to initialize an update process, which might replace the whole file system, but doing so might be a bit dangerous if you don't know what you're doing.
Thanks for answering.
TheLazyGuyDE
TheLazyGuyDE said:
(...)
(I do not want to blow the fuse, but use a custom rom. Any solution for this?)
(...)
Click to expand...
Click to collapse
You have already received an answer in your previous threads.
So I don't understand why you keep asking the same thing.
Let me specify my question:
I asked the question in relation to a customization of the bootloader, but I didn't ask it in relation to probably existing Tools, maybe from Samsung (I don't know), which might backup the flash and may be able to put something onto the flash or is this not possible? Why should I change the bootloader (and blow the fuse) if I have all the functionality I need already on the phone? - That's the question.
I've heared something about "download mode" where you can communicate with the smartphone and I've watched a custom rom installation.
I think the installed bootloader is able to backup and restore. But will installation of a custom rom do anything that isn't reversible (like blowing the fuse)?
Or is it fully reversible if I some day re-install the backup I made prior to installing the custom rom?
Is it possible to directly mount the flash under Linux?
Is the bootloader itself directly in the knox-chip? How should the chip otherwise recognise that the bootloader changed?
(a brief overview would be nice)
As you can see: I am very careful and I don't want to do anything wrong, which I'd definitely repent later on. "Just go ahead" without careful planning is not my style. That's the reason why I want to know everything before I start.
I appreciate every answer.
Please be kind if this is a stupid question - I'm very new to this and learning fast.
Would it be possible to add a signature to aromafm or to a lock pattern removal script, using the leaked Samsung platform certificate (as recently reported), and if so would that allow it to be sideloaded to stock recovery in a Galaxy S9?
I recently had to add a pattern lock - which I somehow managed to immediately forget. Even though it was a simple pattern specifically chosen to fall naturally under the hand so that I wouldn't forget it... I've tried so many variations that it's now making me wait 24 hours between attempts. It also turns out that data that I thought was backing up externally was actually only going to internal storage, so I really don't want to do a factory reset without trying absolutely everything else first.
Galaxy S9
Not rooted
Bootloader is locked
USB debugging is enabled
ADB can see the phone but it's not authorised
ADB sideload does work - but of course any scripts need the Samsung signature.
The phone is not registered with Samsung, so I can't unlock it through my Samsung account.
I realise it's clutching at straws but would the leaked platform key be a way in?
missmilla said:
Please be kind if this is a stupid question - I'm very new to this and learning fast.
Would it be possible to add a signature to aromafm or to a lock pattern removal script, using the leaked Samsung platform certificate (as recently reported), and if so would that allow it to be sideloaded to stock recovery in a Galaxy S9?
I recently had to add a pattern lock - which I somehow managed to immediately forget. Even though it was a simple pattern specifically chosen to fall naturally under the hand so that I wouldn't forget it... I've tried so many variations that it's now making me wait 24 hours between attempts. It also turns out that data that I thought was backing up externally was actually only going to internal storage, so I really don't want to do a factory reset without trying absolutely everything else first.
Galaxy S9
Not rooted
Bootloader is locked
USB debugging is enabled
ADB can see the phone but it's not authorised
ADB sideload does work - but of course any scripts need the Samsung signature.
The phone is not registered with Samsung, so I can't unlock it through my Samsung account.
I realise it's clutching at straws but would the leaked platform key be a way in?
Click to expand...
Click to collapse
While XDA prides itself on being hacker friendly, we shy away from anything that could result in legal liability, which is why we do not permit the sharing of any proprietary material, even if it's already in the public domain.
So in a nutshell....I imagine that if one did have a valid key, and signed an update package using that key, they could potentially use it to exploit their device, such as changing the props to allow bootloader unlocking, thereby permitting custom recoveries. Samsung as far as I know does not protect the system image with Verified Boot, so it is possible to modify /system without incurring a boot failure.
All that being said, the point is pretty moot, because as I pointed out we do not allow sharing anything that is licensed intellectual property, so any discussions on the topic would have to be rather...vague.
V0latyle said:
While XDA prides itself on being hacker friendly, we shy away from anything that could result in legal liability, which is why we do not permit the sharing of any proprietary material, even if it's already in the public domain.
So in a nutshell....I imagine that if one did have a valid key, and signed an update package using that key, they could potentially use it to exploit their device, such as changing the props to allow bootloader unlocking, thereby permitting custom recoveries. Samsung as far as I know does not protect the system image with Verified Boot, so it is possible to modify /system without incurring a boot failure.
All that being said, the point is pretty moot, because as I pointed out we do not allow sharing anything that is licensed intellectual property, so any discussions on the topic would have to be rather...vague.
Click to expand...
Click to collapse
Thank you, that's really helpful. I was thinking more whether simply adding a signature to a script would let that script be used directly with stock recovery, rather than unlocking the bootloader to flash a custom recovery (which I suspect would be beyond me), but it sounds as though in theory it might be worth a try. At this stage I probably have nothing left to lose as I'll have to to a full reset anyway if I can't find anonther way in.
missmilla said:
Thank you, that's really helpful. I was thinking more whether simply adding a signature to a script would let that script be used directly with stock recovery, rather than unlocking the bootloader to flash a custom recovery (which I suspect would be beyond me), but it sounds as though in theory it might be worth a try. At this stage I probably have nothing left to lose as I'll have to to a full reset anyway if I can't find anonther way in.
Click to expand...
Click to collapse
I'm honestly no expert on this kind of thing, but if I'm correct in my assumption that Samsung does not protect the system image, then yes - you could, in theory, use the leaked key to sign an update package that could patch /system to gain root. This would require knowledge of exactly how Samsung signs their updates. However, if the system image is protected, this would cause a boot failure, as AVB would detect the modification.
But.
If the above were possible, then the best course of action would be to create a script that would set ro.oem_unlock_ability=1 and sys.get_unlock_ability=1, after which the user would immediately reboot to download mode and unlock the bootloader, because once you've unlocked the bootloader, you've removed a lot of restrictions - you can flash a custom recovery, flash a root patch, flash anything you damn well pleased.
I doubt it's that easy unless you have in depth detailed knowledge of the encryption system and precisely how it's implemented. It's designed to be hard to hack. As for the stolen Samsung data be careful what you download. You may end up with something extra like a partition worming rootkit(s). boom. That was too easy.
A data recovery specialist that works with Samsung's is your best shot if you really need the data. Around $800 seems to be a going rate, maybe less but expect to pay a couple hundred.
In the future redundantly backup critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Copy/paste only then verify the copy file size and that the backups are readable. Otherwise sooner or later you will lose data, money or both.
V0latyle said:
I'm honestly no expert on this kind of thing, but if I'm correct in my assumption that Samsung does not protect the system image, then yes - you could, in theory, use the leaked key to sign an update package that could patch /system to gain root. This would require knowledge of exactly how Samsung signs their updates. However, if the system image is protected, this would cause a boot failure, as AVB would detect the modification.
But.
If the above were possible, then the best course of action would be to create a script that would set ro.oem_unlock_ability=1 and sys.get_unlock_ability=1, after which the user would immediately reboot to download mode and unlock the bootloader, because once you've unlocked the bootloader, you've removed a lot of restrictions - you can flash a custom recovery, flash a root patch, flash anything you damn well pleased.
Click to expand...
Click to collapse
Thank you, I will do some more digging around. Would unlocking the bootloader that way not wipe the data?
blackhawk said:
I doubt it's that easy unless you have in depth detailed knowledge of the encryption system and precisely how it's implemented. It's designed to be hard to hack. As for the stolen Samsung data be careful what you download. You may end up with something extra like a partition worming rootkit(s). boom. That was too easy.
A data recovery specialist that works with Samsung's is your best shot if you really need the data. Around $800 seems to be a going rate, maybe less but expect to pay a couple hundred.
In the future redundantly backup critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Copy/paste only then verify the copy file size and that the backups are readable. Otherwise sooner or later you will lose data, money or both.
Click to expand...
Click to collapse
Do you think it would brick the phone if I tried and it didn't like it, or would it just give the signature verification error like it does now?
Actually, looking again, I think I might have misunderstood. I thought the certificates themselves had been published (so wouldn't have to download anything), but what's shown may just be a hash of the certificate and so wouldn't give me the actual key anyway... I'm finding it all rather confusing.
It's ludicrous that Samsung won't let you unlock a phone if you can prove it's your own.
missmilla said:
Do you think it would brick the phone if I tried and it didn't like it, or would it just give the signature verification error like it does now?
Actually, looking again, I think I might have misunderstood. I thought the certificates themselves had been published (so wouldn't have to download anything), but what's shown may just be a hash of the certificate and so wouldn't give me the actual key anyway... I'm finding it all rather confusing.
It's ludicrous that Samsung won't let you unlock a phone if you can prove it's your own.
Click to expand...
Click to collapse
If in the US try a Samsung Experience center at a Best buy.
I never set locks on my phones, bios's or use encryption on data backup drives because you are always the one most likely to be locked out, sometimes through no fault of your own
Digital data is fragile unless it's redundantly backed up.
blackhawk said:
I doubt it's that easy unless you have in depth detailed knowledge of the encryption system and precisely how it's implemented. It's designed to be hard to hack. As for the stolen Samsung data be careful what you download. You may end up with something extra like a partition worming rootkit(s). boom. That was too easy.
A data recovery specialist that works with Samsung's is your best shot if you really need the data. Around $800 seems to be a going rate, maybe less but expect to pay a couple hundred.
In the future redundantly backup critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Copy/paste only then verify the copy file size and that the backups are readable. Otherwise sooner or later you will lose data, money or both.
Click to expand...
Click to collapse
Do you think it would brick the phone if I tried and it didn't like it, or would it just give the signature verification error like it does now?
Actually, looking again, I think I might have misunderstood. I thought the certificates themselves had been published (so wouldn't have to download anything), but what's shown may just be a hash of the certificate and so wouldn't give me the actual key anyway... I'm finding it all rather confusing.
It's ludicrous that Samsung won't let you unlock a phone if you can prove it's your own.
blackhawk said:
If in the US try a Samsung Experience center at a Best buy.
I never set locks on my phones, bios's or use encryption on data backup drives because you are always the one most likely to be locked out, sometimes through no fault of your own
Digital data is fragile unless it's redundantly backed up.
Click to expand...
Click to collapse
Thank you. I'm in the UK but we do have a couple of Samsung Experience Centres here so I'll try asking. Oh I will definitely be making multiple, unencrypted backups from now on! I will also be rooting the phone and installing a custom recovery just in case.
If you start playing with the firmware bricking the device is always a real possibility especially if you don't follow the protocols correctly. I never had to flash any of my Samsung's in 12 years, all are still working today. I don't do OTA updates either, ever, the potential to brick them like that is higher with you having zero control.
Samsung would really love to sell you a new expensive phone...
Some lessons you end up learning the hard way. I lost a 30yo database that is irreplaceable
Learn from your mistakes and press on. It's a lot easier though to learn from other's mistakes.
missmilla said:
Thank you, I will do some more digging around. Would unlocking the bootloader that way not wipe the data?
Click to expand...
Click to collapse
Unlocking the bootloader will always require a data wipe.
missmilla said:
Do you think it would brick the phone if I tried and it didn't like it, or would it just give the signature verification error like it does now?
Actually, looking again, I think I might have misunderstood. I thought the certificates themselves had been published (so wouldn't have to download anything), but what's shown may just be a hash of the certificate and so wouldn't give me the actual key anyway... I'm finding it all rather confusing.
Click to expand...
Click to collapse
The stock recovery will refuse any packages that are not signed, or are signed with an unrecognized key. There's other measures in place as well.
blackhawk said:
If you start playing with the firmware bricking the device is always a real possibility especially if you don't follow the protocols correctly. I never had to flash any of my Samsung's in 12 years, all are still working today. I don't do OTA updates either, ever, the potential to brick them like that is higher with you having zero control.
Samsung would really love to sell you a new expensive phone...
Some lessons you end up learning the hard way. I lost a 30yo database that is irreplaceable
Learn from your mistakes and press on. It's a lot easier though to learn from other's mistakes.
Click to expand...
Click to collapse
Probably not something to be messing around with when I don't know what I'm doing then.
Ouch! No wonder you're so careful with backing up... as I will be too from now on. Lesson learned
V0latyle said:
Unlocking the bootloader will always require a data wipe.
The stock recovery will refuse any packages that are not signed, or are signed with an unrecognized key. There's other measures in place as well.
Click to expand...
Click to collapse
It's sounding like I'd probably better count my losses and leave it alone. And be more careful in future. All this has got me itching to try stuff out though. Possibly not on my one and only phone, but maybe if I can get a cheap second hand one to play with, or the S9 once I eventually upgrade - it sounds so much fun!
You can use the key to sideload an update, if I were you I'll try to flash a blank vbmeta and magisk boot so that you can bypass dm-verity and other measures, but the problem on this is where you can find the certificate? Nobody will tell you where you can find it because who has it remains silent and also communities do not allow this kind of sharing.
Skorpion96 said:
You can use the key to sideload an update, if I were you I'll try to flash a blank vbmeta and magisk boot so that you can bypass dm-verity and other measures, but the problem on this is where you can find the certificate? Nobody will tell you where you can find it because who has it remains silent and also communities do not allow this kind of sharing.
Click to expand...
Click to collapse
Thank you. Yeah, I thought I had seen someone publish the certificate, but I misunderstood. So wouldn't be able to get hold of it what with not being familiar with the dark web!
Skorpion96 said:
if I were you I'll try to flash a blank vbmeta and magisk boot so that you can bypass dm-verity and other measures
Click to expand...
Click to collapse
you can always flash blank vbmeta on low level (such as usbdl, edl or bootrom mode) but that's not how it works.
aIecxs said:
you can always flash blank vbmeta on low level (such as edl or bootrom mode) but that's not how it works.
Click to expand...
Click to collapse
Depends, if your device is made in USA you can't. I was only suggesting a way to bypass flashing restrictions hoping that bootloader lock don't block you. Normally bootloader lock blocks unsigned flashing but if you are able to bypass it during flash maybe you can boot unsigned firmware, I'm not sure though. To flash stuff you can use an exploit or escalate privileges with a signed app that updates a system one to become uid 1000 and after that you can do setenforce 0 or setenforce permissive to set kernel permissive
No no, locked bootloader prevents booting unsigned boot, vbmeta, etc (not flashing in first place)
@missmilla just realized you wanna break into your device? this was always possible for S9 (encrypted with default_password) but it's not easy
https://www.forensicfocus.com/news/samsung-exynos-support-in-oxygen-forensic-detective
aIecxs said:
@missmilla just realized you wanna break into your device? this was always possible for S9 (encrypted with default_password) but it's not easy
https://www.forensicfocus.com/news/samsung-exynos-support-in-oxygen-forensic-detective
Click to expand...
Click to collapse
Apparently the Qualcomm variants aren't suspectable to this hack. Only Exynos models are listed.