[Q] Some questions regarding official update - Sony Ericsson Xperia Neo, Pro

I recently just got a Neo V from a network provider without a plan. When I installed PC companion and plug it in, it prompts for a firmware update and I did. After that, the rubbish apps of the provider still remains.
Recently I unlocked bootloader (SETool?), fastboot into CWM, and adb pushed Superuser.apk and su (by myself), and it is rooted.
So with these two events, a question comes in my mind: How does official firmware update work? Does it 1) flash the system partition, 2) replace files only, or 3) by other methods?
I was thinking that if it was 1, those rubbish apps should have been removed and if I update again it would be unrooted. But if it was 2, wouldn't it be either more difficult to update or less useful?

It flashes the firmware to the system partition, but they check which firmware you currently have, and download the same firmware version with the same bloatware.

You can remove the bloatware with rom toolbox it's the easiest way

For me, it totally replaces system partition, but leaves untouched user partition. My phone was be rooted too, some bloatware removed and some programs moved to ROM. After update, blootware was be restored and programs, moved to ROM, deleted!

Well I understand apps under data is preserved and they can be uninstalled using default Settings UI.
So rom update is region-specific?
These apps (bloatwares):
$ ls /system/app/*_
/system/app/com.game.crazyfarm.apk_
/system/app/com.kaixin001.activity.apk_
/system/app/com.kobobooks.android.apk_
/system/app/com.mas.apk_
/system/app/com.skysoft.kkbox.android.apk_
/system/app/com.sonyericsson.androidapp.lunarcalendar.apk_
/system/app/skyphoto.hk.shotnprint.apk_
I added an underscore to prevent them from being displayed, so they actually exists in firmware update?

Related

[Q] Will OTA update erase the data and apps?

I'm using my Atrix in Hong Kong, and got an update notification by AT&T, I have root, but if this update can sideload apps, I'll update.
But my only concern is does it erase your data and apps?
Cheers
Sorted, thanks!
It does not delete anything. It will remove root access unless you follow steps to rename su as described in another thread on this forum.
BTW, i don't believe the update has anything to do with sideloading. It contains minor bug fixes.

access my recovery partition/system/factory setting app backups?

Hi,
I wanted to update my phone to the new 45.4.13(?) update but it keeps giving me errors since I uninstalled some of the stock apps that were useless (for example, AdService.apk). Is there a way to either mount a partition that has the factory setting stuff, or modify the update to not check the hashes of the stock apps I don't have, and if I can do the latter, would that break the update/my phone?
Also I want to hear if anyone has updated their thing to 2.3.5 after superuser released their ota survival, and did that work?
-BananasGoMoo

[Q] Huawei U8652 no keyboard!

I've searched EVERYWHERE and I just can't seem to restore my phones keyboard.
I have an AT&T Fusion, AKA the Huawei U8652, and I successfully rooted it.
I currently have an iPhone 4S, so I was trying to use the Fusion as a sort of Android "iPod", so I downloaded a Terminal Emulator and started deleting unnecessary applications and bloatware, and any phone-related apks (and another type of file that I cannot remember), since I figured I wouldn't need them.
I deleted these apps from the System folder, which usually is read-only, but I gave myself temporary RW access via the command:
mount -o remount,rw -t yaffs2 /dev/block/mtdblock4/system
which allowed me to delete apps, and after deleting a few, my keyboard disappeared. I believe there was a pop-up about Google Services Framework crashing, but I had that happen prior to losing the keyboard after I deleted an app, and nothing seemed wrong.
I reset the phone to factory default to try and get the keyboard back, but nothing changed.
Now I'm on the activation screen, and clicking the Android does nothing, nor does clicking emergency dial, so there is no way I can bypass the activation screen via dialing numbers.
Since I reset the phone to factory default, I think I lost my root-access, so when I try to install a custom recovery image, the phone isn't recognized, and I cannot access the phone to enable USB-debugging so I can root the phone again.
I've gone into the recovery menu and deleted the cache, and data, and did a few factory resets, and nothing has changed.
Is there ANYTHING I can do? I believe I was on 2.3.5, so is there like a stock ROM I can download that I can install via the regular recovery menu?
The worst part about this is I only tried deleting the bloatware because I couldn't figure out how to install a custom ROM, but while looking for solutions to this problem, I figured out how to install custom ROMs on my phone...
Any help would be greatly appreciated, thanks in advance.
EDIT: I tried to install a supposed stock ROM on it, but it acts as if I'm installing a custom ROM, giving me a verification error, which leads me to believe its not a stock ROM. Is there anyway I could download the stock firmware and install it on my device as to restore the missing files? Also, would I need a valid AT&T SIM card to do any of this?
I did some googling, and it appears on many websites that the U8650 (Sonic) is almost identical to the U8652 you have. I can't tell you whether flashing sonic roms on your fusion is safe or not, but at the very least, if you can get your phone working with ADB, you can extract the sonic rom's zip and just push the apks you removed onto your phone. I can't guarantee it will work, but I don't see why it won't.
If you do try this, let me know how it works.
Hope that helps..
Edit: Oh, and you do not need a SIM card to flash ROMs onto your phone.
Edit: I just saw that you found a supposed stock ROM; perhaps try pushing apks from that?

Removing Stock Apps -> no updates?

Hi all!
Last time I modded a phone was cyanogen mod on my samsung galaxy s (yes no number), and from back then I remember that simply uninstalling stock apps caused problems when updating.
Since that's what I want to do again now (too much bloat on that phone...), I wanted to ask if I still will be running into such issues with it.
I dont want to change the ROM, just remove a lot of the apps I dont want/use, will I still be able to get updates from xiaomi w/o problems?
Thanks for reading, much appreciated!
Yep, no problems with updates. Right after receiving the phone I removed (from the system and via adb) a lot of preinstalled bloatware, including some Xiaomi apps and the phone was updated to MIUI 9.6.22 without any problems.
katoda_ltd said:
Yep, no problems with updates. Right after receiving the phone I removed (from the system and via adb) a lot of preinstalled bloatware, including some Xiaomi apps and the phone was updated to MIUI 9.6.22 without any problems.
Click to expand...
Click to collapse
i already uninstalled what the system allowed me to w/o root, did you remove anything requiring root (i dont know what adb is...)?
My device is not rooted, for most bloatware concerned root is not necessary while using adb.
See https://forum.xda-developers.com/poco-f1/how-to/debloating-xiaomi-poco-f1-safe-to-t3836119 and https://forum.xda-developers.com/poco-f1/how-to/bloat-poco-f1-tested-t3836457 but read them thoroughly, as there are some comments that some of the safe-to-remove services/app are indeed required to properly operate the device.
What is adb and how to get it: https://forum.xda-developers.com/showthread.php?t=2317790
katoda_ltd said:
My device is not rooted, for most bloatware concerned root is not necessary while using adb.
See https://forum.xda-developers.com/poco-f1/how-to/debloating-xiaomi-poco-f1-safe-to-t3836119 and https://forum.xda-developers.com/poco-f1/how-to/bloat-poco-f1-tested-t3836457 but read them thoroughly, as there are some comments that some of the safe-to-remove services/app are indeed required to properly operate the device.
What is adb and how to get it: https://forum.xda-developers.com/showthread.php?t=2317790
Click to expand...
Click to collapse
thank you very much, i even found out why i couldnt get updates any longer back in the day (with root):
These two commands respectively specify that the system app will only be uninstalled for the current user (and not all users, which is something that requires root access) and that the cache/data of the system application will be preserved (which can’t be removed without root access). Therefore, even if you “uninstall” a system application using this method, you can still receive official OTA updates from your carrier or OEM.
Click to expand...
Click to collapse

how to ensure a phone is malware free? especially from screen reading trojans

so I picked up a used pixel from craigslist. seems ok. but I starting thinking... how can I be certain this phone is not booby trapped. it would be awful to have a trojaned device and not really know it.
I searched quite a bit about about malware that can survive factory reset. so it seems that simply resetting is not so great.
then I thought adb sideload an official google factory image to both slot a and slot b would purge any demons. but then again, I cannot find any documentation that make it clear what get overwritten and and what doesn't. (eg do the bootloader or recovery partition remain intact... seems like a great place to hide malware on a booby trapped phone). similarly, it is unclear what /system paritition blocks get replace.. all of them? some of them? can a clever trojan/rat survive an ota?
and then there is the full factory image install via fastboot. the problem is that I cannot enable oem unlocking b/c Verizon locked bootloader. booooooo
final thing. and the trigger that really had me thinking about this. after setting up the phone and connecting to the network, I saw a notification that subtley asked to install a Google screen reader. no idea why. and no google searches return anything useful. was this device hacked already??!
specifically the notification said:
"install app for screen share" and "tap to install from the play store"
so, any security minded android users out there who can help me understand if I need to trash this phone?
Infrequent pop-ups when using a web browser or when running an app can be normal. However, if you are getting pop-ups even when you’re not opening a browser or when using a totally different app, there could be malware in your phone. Malicious pop-ups are often brought about by a bad app that you may have installed in the past. In some cases, legit looking apps may update to a sinister version after some time and cause pop-ups to be displayed.
Run the phone in safe mode and observe it. Safe mode is great tool in detecting a problem app. On this mode, all third party apps will be suspended so if the problem is absent when your Android is running on safe mode, that means there’s a malicious app in the system. While in this mode, you should be able to use preinstalled apps normally as well as use basic networking services without a problem.
My recommendation to have a malware-free phone:
Do a factory reset
Before re-installing any app install an anti-virus app
So will sideloading an official factory OTA image using adb from recovery, completely remove any malware? (I read about malware that can survive a factory reset.)
Also, has anyone else ever seen a notification asking to install a screen reader? This appeared after a factory reset, immediately after connecting to the wifi network. No apps installed.
A factory reset really only deals with the Data and the Cache partitions. System partition isn't affected. This is true regardless device is rooted or not So if malware got installed in System partition it survives a factory reset. A factory reset will also not remove any ROM upgrades or OTA's.
Hopefully by now you have a better understanding of what a factory reset is.
May be the browser - what typically is installed as system app / system-privileged app - is the culprit: Use another browser and see what happens.
I think I understand how the factory reset works. For this discussion, I am do used on Google Pixel line, no modifications, and no root, and only app from the official Play Store.
The adb sideload of a Google factory OTA is the part I don't fully understand.
For example, doe the OTA merely replace files? Or does to do a bitwise blocklevel swap? Does it modify anything in the bootloader, or recovery partitions?
I cannot find clear documentation on this.
The notification requests to install Screen Reader do not come from Chrome or any browser. They appear to come from the system. (Android 10).
So what I am trying to figure out is whether some malicious actor/app installed a persistent malware into the system partition, or the bootloader, or the recovery. Such that a factory reset cannot remove it (like with xHelper malware)
Like for example, can a malware get into the system partition, and a manual adb OTA sideload , or even manual fastboot factory image install, fail to remove the malware from the system partition? That would be. a nightmare for security.
Finally, I cannot find any documentation from Google that Pixel (3) on Android 10 will automatically try to install a screen reader as a native operation.
Basically, is this used, never rooted phone, permanently Trojan-ed junk now?
@thehighhat
Sorry to say this: I'll no longer waste my time with this ...
oops: duplicated post deleted
jwoegerbauer said:
...
My recommendation to have a malware-free phone:
Do a factory reset
Before re-installing any app install an anti-virus app
Click to expand...
Click to collapse
OK. Not sure why you're done with this - if you have insight, sharing it is good for everyone.
anti-virus (13 different ones) all show no malware. shows it is clean.
there are well known malware that can survive a factory reset.
the notification to install "screen reader" occurred immediately after a newly wiped phone connected to internet, even before any of the default apps (chrome, settings, etc.) opened
still looking for answers from someone who knows:
has anyone ever seen a system notification asking to install a "screen reader"?
does anyone know if
Code:
adb sideload official.google.ota.img
on a pixel modifies the boot partition or the recovery partition?
does anyone know if that manual ota install will guarantees the system partition contains only unmodified valid files/blocks?
thehighhat said:
OK. Not sure why you're done with this - if you have insight, sharing it is good for everyone.
anti-virus (13 different ones) all show no malware. shows it is clean.
there are well known malware that can survive a factory reset.
the notification to install "screen reader" occurred immediately after a newly wiped phone connected to internet, even before any of the default apps (chrome, settings, etc.) opened
still looking for answers from someone who knows:
has anyone ever seen a system notification asking to install a "screen reader"?
does anyone know if
Code:
adb sideload official.google.ota.img
on a pixel modifies the boot partition or the recovery partition?
does anyone know if that manual ota install will guarantees the system partition contains only unmodified valid files/blocks?
Click to expand...
Click to collapse
If you fastboot flash an official google system.img partition. From Google. With the correct hash value to insure correct download. It should flash the entire partition. Same goes for any other partition. If you have a certified unmodified image and flash it, the entire partition should be flashed, not just part of it.
With OTA updates. You only get patches. At least that's how the normal process goes. You got the smaller sized ota update and it only modifies the specific files that are being patched for that particular OTA update.
So with normal OTA only pieces of the partitions get updated. Sometimes they all are not touched with every update.
Delgoth said:
If you fastboot flash an official google system.img partition. From Google. With the correct hash value to insure correct download. It should flash the entire partition. Same goes for any other partition. If you have a certified unmodified image and flash it, the entire partition should be flashed, not just part of it.
With OTA updates. You only get patches. At least that's how the normal process goes. You got the smaller sized ota update and it only modifies the specific files that are being patched for that particular OTA update.
So with normal OTA only pieces of the partitions get updated. Sometimes they all are not touched with every update.
Click to expand...
Click to collapse
Thank you. This is exactly what I was looking for
So it sounds like file level replacement instead of block level.
Does the ota verify the other files on the system partition that it does not intend to modify?
thehighhat said:
Thank you. This is exactly what I was looking for
So it sounds like file level replacement instead of block level.
Does the ota verify the other files on the system partition that it does not intend to modify?
Click to expand...
Click to collapse
It does in the sense that it verifies before and after the process begins/ends, the correct size of the partition. This is true in the sense of Ssmsung devices and how the typical standard recovery image works.
But it is the update zip that does most if not all of the size/digest verifications after the files have been patched. Because there is no real way for the rom to know how big the updated build(s) is going to be before the update arrives.
Generally I've seen it verify all the hash values are the same as last time it updated when it begins. And the update zip specifies the ending size.

Categories

Resources