Are there any custom ROMs that support device encryption? My phone needs to be encrypted to allow me to access my work email. I had recently been running SlimKat when my work email changed to require encryption. I tried to encrypt phone but it did nothing. Then I read somewhere that maybe none of the Androd 4.4.x ROMs support device encryption, so I thought I would try Android 5 since I read that Android 5 enables encryption by default. I flashed CM12, but found that encryption isn't working in it either.
I've read that you need to unroot phone in order to get encryption to work. I did try that with SlimKat with no success. I haven't tried it yet on CM12, but I'm a little nervous that it might work just well enough to leave me with an unusable phone. Especially since the change log for the unofficial CM12 ROM specifically says that encryption doesn't work. Searching for "encryption" turns up lots of posts about unsuccessful encryption resulting in bricked devices.
I have gotten used to and really like the features of KitKat and Lollipop, and I don't want to have to downgrade all the way to stock ROM with Jellybean. But I do need to get to my work email from my phone. Does anyone know of any ROMs for the Razr out there with working device encryption?
Thanks in advance.
Another question along the same lines. If I boot the stock rom from the safestrap safe slot I should be able to encrypt my phone. I read that I may have to temporarily unroot it by killing the su process via adb to get it to start encrypting, but that should be no problem. Then once it's encrypted I'd want to go back to my custom ROM. It sounds easy enough, but since device encryption is not reversible I really want to know if it's going to work before I try it. It would suck to be trapped in stock ROM. If device encryption only affects the data partition and /sdcard then recovery should be ok (maybe), but I don't know if the safestrap ROM slots will still be functional/bootable after encryption.
Anyone have any experience with device encryption? Thanks in advance for any advice or thoughts on this.
Related
So I was upgraded to 4.5.2 but I got amazon to rollback to 13.3.2.7, now my question is how do I roll back to 13.3.2.3 so I can install twrp and CM11.
lol
DisgruntledUser said:
So I was upgraded to 4.5.2 but I got amazon to rollback to 13.3.2.7, now my question is how do I roll back to 13.3.2.3 so I can install twrp and CM11.
Click to expand...
Click to collapse
if you look around here at all lots and lots of people would like to know exactly that. I would not attempt to do any of the current rollback procedures I have not heard of any verified success only verified brick. Be patient and enjoy root and safestrap. Until they figure that one out.
repeat do not attempt unless you want to change your name to. ReallyDisgruntledUserNow
Additional Question
One more question now, because of the nature of safestrap where it is writing to artificial slots is it possible to flash this forums CM11, uninstall safestrap and just go on this way with CM11 or because it's not an actual boot loader unlock will it just be hardbricked(got this idea after reading another of your posts). I simply worry about the additional battery drain and emmc wear due to constant R/W, obviously emmc has gotten to be very dependable but it wears out and I hate corrupted data(like everyone) and I have no desire to ever return to this fireos if I get CM11 running.
DisgruntledUser said:
One more question now, because of the nature of safestrap where it is writing to artificial slots is it possible to flash this forums CM11, uninstall safestrap and just go on this way with CM11 or because it's not an actual boot loader unlock will it just be hardbricked(got this idea after reading another of your posts). I simply worry about the additional battery drain and emmc wear due to constant R/W, obviously emmc has gotten to be very dependable but it wears out and I hate corrupted data(like everyone) and I have no desire to ever return to this fireos if I get CM11 running.
Click to expand...
Click to collapse
No, or else it would've been done already. If you uninstall Safestrap, you lose access to anything you flashed on your alternative ROM slots.
only
DisgruntledUser said:
One more question now, because of the nature of safestrap where it is writing to artificial slots is it possible to flash this forums CM11, uninstall safestrap and just go on this way with CM11 or because it's not an actual boot loader unlock will it just be hardbricked(got this idea after reading another of your posts). I simply worry about the additional battery drain and emmc wear due to constant R/W, obviously emmc has gotten to be very dependable but it wears out and I hate corrupted data(like everyone) and I have no desire to ever return to this fireos if I get CM11 running.
Click to expand...
Click to collapse
the Nexus ROM is as close as you will get for now. Our current cm11 is not compatible and is built for a different kernel. If you are using a ROM slot it simply would not boot and would go back to safestrap after a hard reset. There have been a few people mistakenly flash it to their stock system and brick their device.
http://forum.xda-developers.com/kindle-fire-hdx/help/hdx-long-term-damage-caused-running-t2998019 post 2
for the normal user you're not going to see any damage IMO from using safestrap..
I consider myself a crack flasher a person with a flashing problem and I have only experienced corrupted files or an ineffective recovery. few times and luckily been able to squirm out of major issues.
Last Question for now
jimyv said:
the Nexus ROM is as close as you will get for now. Our current cm11 is not compatible and is built for a different kernel. If you are using a ROM slot it simply would not boot and would go back to safestrap after a hard reset. There have been a few people mistakenly flash it to their stock system and brick their device.
http://forum.xda-developers.com/kindle-fire-hdx/help/hdx-long-term-damage-caused-running-t2998019 post 2
for the normal user you're not going to see any damage IMO from using safestrap..
I consider myself a crack flasher a person with a flashing problem and I have only experienced corrupted files or an ineffective recovery. few times and luckily been able to squirm out of major issues.
Click to expand...
Click to collapse
Pardon but how am I even supposed to flash nexus ROM, it says that it is based on the 13.3.2.4 kernel and I am on rolled back 13.3.2.7(Are the kernels the same or "close enough")
Also I assume the safestrap "[13.3.2.3.2 and later] " version is fully compatible with 13.3.2.7 and none of the fuses set by the 13.4.5.2 update mess it up
(sorry I ask so many questions but being informed is how I have avoided all bricks in the past)
well
DisgruntledUser said:
Pardon but how am I even supposed to flash nexus ROM, it says that it is based on the 13.3.2.4 kernel and I am on rolled back 13.3.2.7(Are the kernels the same or "close enough")
Also I assume the safestrap "[13.3.2.3.2 and later] " version is fully compatible with 13.3.2.7 and none of the fuses set by the 13.4.5.2 update mess it up
(sorry I ask so many questions but being informed is how I have avoided all bricks in the past)
Click to expand...
Click to collapse
I have read of people using the nexus rom when they were stuck on .7 with safestrap personally I no longer need safestrap.
to find out all you have to do is build a rom slot and flash it to it if it boots up set it up and use it, if it doesn't then you will have answered your question that's what is all about...the whole reason safestrap is the way it is. Is so you never touch your stock system involuntarily (SAFE).if you start reading the threads of the modifications you are interested in( the OP is not always updated with compatibility) you will discover many more of other people's experiences and gain a lot more knowledge rather just asking a few people that might stop in to this thread.
personally if I were to attempt to run the Nexus ROM on your device I would do a backup of my stock.build a ROM slot restore the backup to the rom slot , basic factory reset swype, apply Nexus ROM reboot.
but of course before I did anything I would go over and read at least the last 10 to 15 pages because that should cover the latest activity in development same goes with safestrap and discussion of current compatibility
once you have built something on the ROM slot you believe is stable and to your liking. Refer to last paragraph of above linked post. there are several places around here I have posted on additional files that you will want to delete after you uninstall safestrap that will save you gigabytes of storage. http://forum.xda-developers.com/kindle-fire-hdx/help/amazon-rollback-to-13-3-2-7-t2993089 this thread was only a couple above yours.
I can confirm the nexus Rom works fine on 13.3.2.7 firmware I'm stuck there for now, so that's what I'm using.
I have done a bit of searching, and I see this question has been asked in the past, but not successfully answered. Perhaps the answer is that there is no answer at the moment, since CM 12 is so new. I was prompted to encrypt my device with CM 12 as I was attempting to install company email. I no longer need that email, and I would like to remove the encryption, but don't know how. I'm running CM 12 (nightly 2015-03-12) and TWRP 2.7.1.0.
The best solution I have read is to do a Factory Reset via TWRP (Wipe -> Factory Reset). However, I am afraid of the ramifications of that if I lose all of the data on the device, since I don't have adb access within recovery.
Is there a best practice for this situation? Thanks all for any help you can provide.
EDIT: I'd like to leave this thread open, but since I was too chicken to risk it, I opted to RUU and start from scratch. I can confirm that doing so is not affected by the encryption and that the RUU was successful. However, I am hoping someone out there can provide some better information to those who find themselves in this situation. I will not be encrypting again any time soon, I can tell you that much.
I've got two devices which I'm unable to encrypt now, a Moto G 2nd Gen Dual Sim and a Lenovo S8-50 tablet.
With both, when I start the encryption process it just reboots normally. I thought it might be because I had CWM recovery installed on my Moto G, so I flashed back the stock recovery but it still does the same. With the S8-50, I've never installed a custom recovery, just rooted it. I also changed the DPI in build.conf but I doubt that could prevent it encrypting but I wouldn't have expected rooting it to affect it either.
So it doesn't seem to be the recovery that's used for encrypting as I thought, or at least not only the recovery, so what else does it rely on?
bump. Anyone able to help? I really want to encrypt my devices.
doveman said:
bump. Anyone able to help? I really want to encrypt my devices.
Click to expand...
Click to collapse
doveman said:
I've got two devices which I'm unable to encrypt now, a Moto G 2nd Gen Dual Sim and a Lenovo S8-50 tablet.
With both, when I start the encryption process it just reboots normally. I thought it might be because I had CWM recovery installed on my Moto G, so I flashed back the stock recovery but it still does the same. With the S8-50, I've never installed a custom recovery, just rooted it. I also changed the DPI in build.conf but I doubt that could prevent it encrypting but I wouldn't have expected rooting it to affect it either.
So it doesn't seem to be the recovery that's used for encrypting as I thought, or at least not only the recovery, so what else does it rely on?
Click to expand...
Click to collapse
The encryption is carried out by encryptfs module in kernel. Rest inside /system itself, its just the code to interact with this module.
Jaskaranbir Singh said:
The encryption is carried out by encryptfs module in kernel. Rest inside /system itself, its just the code to interact with this module.
Click to expand...
Click to collapse
Thanks, that's useful to know but I've definitely found in the past that after installing a custom recovery it's not possible to encrypt and the device just reboots normally, so I assumed it must need to boot into the stock recovery to carry out the procedure. However, with the stock recovery restored to my Moto G it still doesn't work and I've never changed the recovery on the S8-50, so what else could be causing it reboot normally instead of running the encryption process?
Is it possible to run the process from ADB instead or will it still need to reboot to start the process even doing that and just result in the same normal reboot instead?
Bump. Anyone able to help me fix this problem on both devices?
I've had my rooted phone in what I thought was every stage of brick and boot loop but with TWRP as recovery and all the tricks I've been able to get it back - UNTIL I stupidly hit the erase option in MTKs flash tool. :crying: I think I now have a permanent brick to share for a solution with no easy way out.
My device running Oreo encrypts fingerprint data in an encrypted /data partition. I couldn't understand why I never got a tick in TWRP to backup the data section until now. I don't think it will ever come, because the encryption algorithm would have to be broken? I have the manufacturer ROM image which I used to recover o.k several times, but no source code files to try to build a custom rom . Unfortunately, the sad thing about Oreo is it seems so secure and they decided to put the IMEIs in the same encrypted data partition which I've wiped. :crying: So my device appears fully functional with apps & wifi working, no fingerprint I can live with, but it can't make a phone connection. It's therefore really 'bricked!
Whatever I try I can't find a way to disable encryption to try the older methods of restoring the IMEI data files. Frustratingly I can change the EXT4 data partition to FAT with TWRP and see the IMEI data isn't there, but can't make any changes to the file structure that stick. Ideally if I could stop encryption or get Nougat on the device I could then work rooted on the /data partition, but there is no bottom up custom rom available for my device. I suspect future custom roms will leave the encrypted partition alone, which won't help me or others in the same situation. Oreo seems to have done a good job on encryption, but it's a pity they also encrypted the wireless data which makes the phone work.
Some have reflashed from Oreo back to Nougat but unless their Nougat image flash included the IMEI data or it was added I think they would have the same problem as me. Oreo seems a one way trip to putting your phone IMEI wireless data in its encrypted partition where it seems impossible to recover for a downgrade. I have tools to build the wireless files but can't modify the Oreo /data section whilst encryption is active. My device is fairly new and was never sold with an older Android ROM I could flash to downgrade, replace wiped wireless data and 'upgrade' back to Oreo. Lesson learned, don't buy a new model Oreo!
If anybody has ideas to get me out of this hole I'd like some help or pointers but I only have the manufacturer Oreo ROM image to work with.
Thanks
Im interested in picking this phone up but my main holdback is whether or not you can root it. Ive been living that root based adblock life and I cant go back. Non-root based adblocks just dont work as well as the rooted ones.
Has anyone rooted the phone? does magisk + adb flash work? Has anyone rooted CN phone with global rom?
You should be able to but I would be cautious.
Firstly, the service for unlocking the bootloader seems unreliable from some reports (apparently you need to use some Chinese portal for requesting an unlock file - if you don't have luck getting that or it doesn't work, you're stuck and I bet getting help from Lenovo is not easy). Secondly, unless I've missed something, I don't see proper official ROM image downloads from Lenovo for extracting/patching boot or safely reflashing the device from bootloop/soft brick, so you have to go with whatever is available around for download here or elsewhere on the net and hope for the best. Even more important since you don't have custom recovery options (like TWRP) on this device.
In summary, yes, but it looks like risky business. This device doesn't seem to be root friendly...