Hi there,
New comer on the Poco, I just unlocked it, and look forward to flash a AOSP ROM.
The flashing procedure is not new for me, but when I was used to it, the encryption was not a forced option.
Then today, I'm quite confuse about this process. Here is what I understand so far :
1. Android force every device to encrypt the /data partition
2. this process take place at the forst boot of the current ROM
So my question is : If I flash a LineageOS today, then the system will encrypt my /data partition. So if I want to install another ROPM (let's say Pixel Experience), do I need to format my /data ? Is there any way to preserve this partition, even if I know the encryption password ?
PS : If you have a document about the implementation of the encryption on Android, I will be really please, since I love to understand what's going on my device (and I'm not affraid on crypto stuff )
There's zip that disable encryption. Just flash it every time after flashing ROM. I don't know if custom ROMs has encryption, but MIUI does
Wysłane z mojego POCOPHONE F1 przy użyciu Tapatalka
Ok, I have to flash it before the first boot right ?
Do you have any link of this file ? --- EDIT --- Found it here https://forum.xda-developers.com/poco-f1/how-to/xiaomi-poco-f1-unlock-bootloader-custom-t3839405
Another question on this zip : Why do we need this zip file ? Once encrypted the system check the integrity of every partition (/boot /recovery etc.) ? Wich mean, every time you flash a custom ROM, recovery, it change the integrity and stop working properly (bootloop) ?
Thanks
It's a very weird issue, when I was flashing purely MIUI roms, I needed to flash that zip file every ROM hop.
The last time when I was using MIUI before switching to AOSP, I had it disable force encryption and didn't flash the zip file before flashing the AOSP ROM (meaning after I formatted data).
Now, I don't have to flash the zip file when hopping between AOSP ROMs since I never encounter anything weird during the first boot process.
elpy909 said:
Ok, I have to flash it before the first boot right ?
Do you have any link of this file ? --- EDIT --- Found it here https://forum.xda-developers.com/poco-f1/how-to/xiaomi-poco-f1-unlock-bootloader-custom-t3839405
Another question on this zip : Why do we need this zip file ? Once encrypted the system check the integrity of every partition (/boot /recovery etc.) ? Wich mean, every time you flash a custom ROM, recovery, it change the integrity and stop working properly (bootloop) ?
Thanks
Click to expand...
Click to collapse
The ZIP modifies some text in the fstab on /vendor to tell it that encryption is not forced but optional. This only modifies vendor. Every AOSP ROM I saw so far does not have a vendor at all - it just assumes you already have a good one.
So you only need to flash it when flashing a new Vendor (e.g. Stock ROM includes Vendor). You should be able to keep encryptionand storage across AOSP ROMs without needing to Format.
But it doesn't hurt to just flash it every time you flash a ROM, just to be safe.
Oh great, thanks for the explanation. Perfectly clear
Hi, i have un update on the Xiaomi.eu if i install it via ota will encrypt my data? Thanks
Enviado desde mi POCOPHONE F1 mediante Tapatalk
Related
Hi
I flashed roms before and have a bit of knowlege but it was a long time ago (Nexus one)....
I want to update my S3 a bit:
What i want:
- Internal and exterman encryption (i read TWRP is capable of this)
- Custom Recovery for flashing ROMS and other goodies (while encrypted)
- What ROMS do support encryption (internal and external?)
My first goal will be: Working custom recovery and encryption with stock (rooted). After that i will flash roms...
1. My idea is to flash custom recovery (TWRP) before i do the internal and external encryption (on stock). I will use Heimdall for flashing the img but i could also do it with adb or even play store app, what mehtod do you recommend ?
- Is this the right order ?
- Does TWRP handle internal/external encryption well for flashing zips etc ? after i encrypted everything ?
- Will I be able to flash roms while internal/external is encrypted ? (guess no?)
- Does the recovery work with encrypted sdcard ? Can i wipe etc with TWRP when the internal is encrypted ?
- Does the encrypted stock work with the TWRP (i guess they have no connection but better be sure )
2. If everything works as i hope it does i want to use some Roms, unfortunatelly when i used to do this for the nexus one, every rom had stated what did not work on them. Now this seems not appropriate anymore and i have to ask.
- For the flashing of ROMS my idea of workflow is a s follows:
1. Facory restet in recovery (to get rid of encryption)
2. Wipe all caches etc
3. install custom Rom
4. Encrypt everything again
Does this sound good ?
However i think it is better to open a new thread about that cause its not so related to the recovery and encryption so much.
On a side note, from reading a lot it appears not many of you use encryption at all, why is that ? Any downsides ?
Thanks and have a nice week!
Is there anything way that i can disable data encryption? Both TWRP and orange fox not allow me to install anything and asking for password, i tried both lock password and mi password but nothing. I am trying to root my phone, i also tried to make a patched boot image with magisk manager but not install button was showing up.Any solution?
Stock rom with miui global 10.3.1.0 version
tzagaritos said:
Is there anything way that i can disable data encryption? Both TWRP and orange fox not allow me to install anything and asking for password, i tried both lock password and mi password but nothing. I am trying to root my phone, i also tried to make a patched boot image with magisk manager but not install button was showing up.Any solution?
Stock rom with miui global 10.3.1.0 version
Click to expand...
Click to collapse
Don´t waste your time trying to decipher the password, they´re advanced algorithms that Android uses to make the Encryption-By-Default to protect data user not a personal password that can be easily decoded.
You can flash any zip using adb sideload through Advanced options in recovery, the problem would be trying to boot up due to AVB implementation, I never cared about format data when is needed so my important files I ever have on my external SDCard.
Some members refer that such recovery can decrypt data or not, this is not a problem by its own but the ability to boot. The simple way to decrypt data is formatting it.
As a side note decrypt data will be required just in some cases like when you unlocked for first time, when you are coming back to a Miui upgraded rom then to an AOSP one but most of custom roms based on Miui don´t have encryption like ROS, Xiaomi.eu or Mi-Globe.
SubwayChamp said:
Don´t waste your time trying to decipher the password, they´re advanced algorithms that Android uses to make the Encryption-By-Default to protect data user not a personal password that can be easily decoded.
You can flash any zip using adb sideload through Advanced options in recovery, the problem would be trying to boot up due to AVB implementation, I never cared about format data when is needed so my important files I ever have on my external SDCard.
Some members refer that such recovery can decrypt data or not, this is not a problem by its own but the ability to boot. The simple way to decrypt data is formatting it.
As a side note decrypt data will be required just in some cases like when you unlocked for first time, when you are coming back to a Miui upgraded rom then to an AOSP one but most of custom roms based on Miui don´t have encryption like ROS, Xiaomi.eu or Mi-Globe.
Click to expand...
Click to collapse
thanks a lot , i did not know that i could flash zip files in that way, you saved me thanks again
use the custom TWRP by wzsx150, decryption is working with that one https://forum.xda-developers.com/mi-8-Lite/development/mi-8-lite-twrp-t3850019
borg4571 said:
use the custom TWRP by wzsx150, decryption is working with that one https://forum.xda-developers.com/mi-8-Lite/development/mi-8-lite-twrp-t3850019
Click to expand...
Click to collapse
Is possible to send me the img file through Google drive or anything familiar;its a mess trying yo download from the Chinese site
I have Android pie
Update May 23 2019
Now with new Twrp wzsx150 u dont need to follow this Tutorial to get full Backup to work because twrp can Auto decrypt your files
For all Who followed the guide already and want a encrypted device. Do a Format and dont use remove forceencrypt.
New twrp
https://mega.nz/#!TG4RwCrJ!9E0gOOoDaWjtSIS9GoB0pGvCc2BhRU7rSTNNJbAeUxc
---------------------------
Hello
Many people ask me to make a Tutorial HowTo have a full decrypt phone with full backup working.
Before we start u need to flash the newest Recovery from wzs150 Team https://mega.nz/#!WOZEBCpD!UlyCdDaP-UxuwvzLzDE4yzaqi5qMz-I8iOkseQ5gmP0
Steps to flash recovery should be already known or are available in other Threads on xda
So Now lets begin.
First of all you need to know you need to do format Data through the following process. So Backup your Data on your PC, TWRP NOT working
Lets Start.
1. Boot into TWRP
2. Format Data in Wipe Section (The one you need to type yes) i dont reboot TWRP after that
3. Flash the Rom u want
4. Go Back to the Start Screen of TWRP and Click "Advanced" and "RM Forceencrypt"
5. Uncheck "Remove DM Verity" and check "Remove Forceencrypt"
6. Now youre phone is full decrypted and Backup of all partitions are working
7. If u want Magisk flash it now
Notes:
Dont boot your phone before you did the "RM Forceencrypt" step or your decryption gets lost
If u update ur Rom you ALWAYS need to do Step 4 and 5
If u coming from another Rom and want to restore the Rom u need also to restore "Boot"
If u flashing now another Rom you dont need to do format data,wipe data is enough, but always RM Forceencrypt after Rom Flash
Have a nice day
Greetings from Germany
Nice, thx for that ! =)
Great tutorial thanks. Less frustrated flash rounds.
Verstuurd vanaf mijn MI 9 met Tapatalk
MangoMC said:
If u coming from another Rom and want to restore the Rom u need also to restore "Boot"
Click to expand...
Click to collapse
Was does it mean 'restore BOOT'?
Cheers
Toscha
toscha42 said:
Was does it mean 'restore BOOT'?
Cheers
Toscha
Click to expand...
Click to collapse
Boot is one of the Partitions u can Backup. Its where Ur Kernel is located
I dont uncheck "Remove DM Verity" and working too. I select both. Good guide, thanks.
Thanks for this!
Thanks for the step. I can backup now.
But the next time I update, always need to repeat "Remove Forceencrypt"; otherwise, phone cannot boot.
Assume this is needed until future update twrp version. a bit inconvenient, but ok.
Hello. I now use xiaomi.eu I don't want to format data.
I do a step 4 and 5 and can't backup. When I want to boot system nothing.....
I back to Twrp and make reverse step 5 and flash the same rom I have and system working fine. How to make backup without format data?
Wysłane z mojego MI 9 przy użyciu Tapatalka
Not possible. Maybe only wipe of data works but i didnt tested it. Twrp cant decrypt the data on your Phone it can only prevent the Phone to encrypt it
still no encryption support with twrp beta 10 people call formatting data "decrypt" or "unencrypt" all across board, so it adds to false expectations. would never turn off encryption to get, like, backup?
MangoMC said:
Update May 23 2019
Now with new Twrp wzsx150 u dont need to follow this Tutorial to get full Backup to work because twrp can Auto decrypt your files
For all Who followed the guide already and want a encrypted device. Do a Format and dont use remove forceencrypt.
New twrp
https://mega.nz/#!TG4RwCrJ!9E0gOOoDaWjtSIS9GoB0pGvCc2BhRU7rSTNNJbAeUxc
---------------------------
Hello
Many people ask me to make a Tutorial HowTo have a full decrypt phone with full backup working.
Before we start u need to flash the newest Recovery from wzs150 Team https://mega.nz/#!WOZEBCpD!UlyCdDaP-UxuwvzLzDE4yzaqi5qMz-I8iOkseQ5gmP0
Steps to flash recovery should be already known or are available in other Threads on xda
So Now lets begin.
First of all you need to know you need to do format Data through the following process. So Backup your Data on your PC, TWRP NOT working
Lets Start.
1. Boot into TWRP
2. Format Data in Wipe Section (The one you need to type yes) i dont reboot TWRP after that
3. Flash the Rom u want
4. Go Back to the Start Screen of TWRP and Click "Advanced" and "RM Forceencrypt"
5. Uncheck "Remove DM Verity" and check "Remove Forceencrypt"
6. Now youre phone is full decrypted and Backup of all partitions are working
7. If u want Magisk flash it now
Notes:
Dont boot your phone before you did the "RM Forceencrypt" step or your decryption gets lost
If u update ur Rom you ALWAYS need to do Step 4 and 5
If u coming from another Rom and want to restore the Rom u need also to restore "Boot"
If u flashing now another Rom you dont need to do format data,wipe data is enough, but always RM Forceencrypt after Rom Flash
Have a nice day
Greetings from Germany
Click to expand...
Click to collapse
Is the b17 still good if I want to decrypt ? b17 and follow the rest of the decryption steps you have mentioned ?, or shall I flash b10 if I want decryption ? cheers.
vtec303 said:
Is the b17 still good if I want to decrypt ? b17 and follow the rest of the decryption steps you have mentioned ?, or shall I flash b10 if I want decryption ? cheers.
Click to expand...
Click to collapse
U can use both to decrypt with my tutorial. B17 only can decrypt the Data Partition while its encrypted. So u can Backup All data with b17 without the need of remove forceencrypt
MangoMC said:
U can use both to decrypt with my tutorial. B17 only can decrypt the Data Partition while its encrypted. So u can Backup All data with b17 without the need of remove forceencrypt
Click to expand...
Click to collapse
OK cool, I get it, thanks for the quick reply, cheers
simcold said:
Hello. I now use xiaomi.eu I don't want to format data.
I do a step 4 and 5 and can't backup. When I want to boot system nothing.....
I back to Twrp and make reverse step 5 and flash the same rom I have and system working fine. How to make backup without format data?
Wysłane z mojego MI 9 przy użyciu Tapatalka
Click to expand...
Click to collapse
I've not ried it yet as I don't have the phone yet, but apparently this twrp (mi9-3.3.0-9.0-b17) supports encryption, you can use it to backup your encrypted data partition. Though, I'm probably too late and you've wiped already...
EDIT, just read the rest of the thread, seems I'm a bit late to the party! That twrp is already mentioned!!
I just installed B17 and backed up to SD. Seemed to work fine
picitup said:
I just installed B17 and backed up to SD. Seemed to work fine
Click to expand...
Click to collapse
Is that the twrp full rom backup you are talking about ?, backup has always worked for me its the restore which does't works and always ends up with an error, cheers
vtec303 said:
Is that the twrp full rom backup you are talking about ?, backup has always worked for me its the restore which does't works and always ends up with an error, cheers
Click to expand...
Click to collapse
Ahhh no. I tried to backup with earlier versions of TWRP and they failed with an error message. This version seemed to backup OK, but I've not tried a restore yet.
I'm just playing with Titanium backup so once I've got a good backup with that, I'll try TWRP B17 and report back.
Cheers
@vtec303 I just had a play and restore seems to work fine. My TWRP is:
recovery-mi9-3.3.0-9.0-b17.img by wzsx150.
Here's what I did:
Booted into TWRP and backed up Data, System and Boot to an OTG SD card
In TWRP performed a factory reset.
Booted into System, went through the Android setup (not wifi) and checked that all my 3rd party apps had disappeared, I had no SMS or calendar events.
Booted into TWRP and did a restore of all 3 partitions from the previous backup.
Booted into System and found all my 3rd party apps, SMS, Calendar and could browse the web so wifi was configured.
Hope this helps
Cheers
Just a bit extra....
As we know, TWRP doen't back up media data (photos music etc) but I was interested to spot that a factory reset using TWRP doesn't delete all that data either. Pretty handy for me as I'm testing out some backup packages and I don't have to restore all my media files lol.
Cheers
Hi together,
i have an problem with the tablet encryption.
i wanna swap from xiaomi.eu to another more actual custom rom..
i tried PixelExperience , Havoc-OS, dotOS, ArrowOs .. and everytime i activate the encryption it's end in an bootloop regardless of pin,password,pattern ..
I'm using the latest TWRP Version
- Wipe Dalvik/ART Cache, Cache, System, Vendor, Data
- Flash from zip
- start os and enable encryption
-> bootloop
My experience with this device is limited, but I faced a similar problem switching from stock rom to an older ROM not using any encryption.
I think it was only succesful after removing encryption. Maybe it also helps in your case?!
There are many guides how to remove encryption, most of them suggest "Advanced Swipe" combined with changing the file system.
I used TWRP to swipe "data" to ext2, then again swipe "data" back to ext4 and afterwards it still needed a tap on "File System Repair" for the "system" partition. After that, the flash and boot worked for that older ROM.
Maybe that will leave you with a better starting point for activating encryption of your ROM.
(But as I wrote: Just a guess, not based on experience.)
aes32 said:
My experience with this device is limited, but I faced a similar problem switching from stock rom to an older ROM not using any encryption.
I think it was only succesful after removing encryption. Maybe it also helps in your case?!
There are many guides how to remove encryption, most of them suggest "Advanced Swipe" combined with changing the file system.
I used TWRP to swipe "data" to ext2, then again swipe "data" back to ext4 and afterwards it still needed a tap on "File System Repair" for the "system" partition. After that, the flash and boot worked for that older ROM.
Maybe that will leave you with a better starting point for activating encryption of your ROM.
(But as I wrote: Just a guess, not based on experience.)
Click to expand...
Click to collapse
Hi,
thanks for your answer. As i wrote i delete nearly everything
The OS booted, but at the point where i want to enable encryption most roms get stuck in a bootloop.
After endless roms i found carbonrom which works.. Additionally i found an post from TWRP about encryption.. i don't know if it's connected, but i guess it's an similar problem cause AOSP..
Why doesn't TWRP support encryption on my device?
Why doesn't TWRP support encryption on my device?TWRP encryption is supported in 2 phases. The first item is keeping up with the newest support from AOSP, wh...
twrp.me
So i found a working rom, but not the solution or true cause of the bootloop problem
Ok, I understand.
I guess I don't know the encryption feature well enough to help.
Found some interesting stuff to read about it, not sure if it applies to the Mi Pad 4 and its custom ROMs, though:
Any way to encrypt /data/data and /sdcard on Xiaomi EU ROM?
Hello, Xiaomi EU ROM is running decrypted, that's a security breach... Is there a way to use Xiaomi EU ROM, based on Miui 10, in a encrypted phone? Thanks
forum.xda-developers.com
So the bootloop seems to be expected and if I got it right then the fstab.qcom needs an edit at least.
Mhm it's confusing me.. cause i run nearly 5 years xiaomi.eu rom encrypted from scratch on. i think with FDE .. the rom says encrypted and twrp says encrypted and the sdcard folder is only crypted filenames.. also interesting the article.. but i'm sceptical that edit the fstab.qcom maybe work on more "normal" AOSP roms..
so i found a working rom i'm not motivated enough to try the edit xD
xXZaretXx said:
Mhm it's confusing me.. cause i run nearly 5 years xiaomi.eu rom encrypted from scratch on. i think with FDE .. the rom says encrypted and twrp says encrypted and the sdcard folder is only crypted filenames.. also interesting the article.. but i'm sceptical that edit the fstab.qcom maybe work on more "normal" AOSP roms..
so i found a working rom i'm not motivated enough to try the edit xD
Click to expand...
Click to collapse
Yes, sorry, I fully understand your point of view.
It is confusing me as well.
I'm currently experimenting with some ROM's, so yesterday I gave encryption on Havoc-OS a try - even by starting with encrypted stock rom, flashing Havoc-OS and modifying fstab.qcom - but without success. It rebooted immediately and then seemed to be hanging idle during boot for a long time.
I was not interested in encryption so far, but of course it would be great if it worked. And I should be interested for the sake of privacy.
Thanks for reporting that it works with the carbon ROM.
Edit: In Lineage OS it will probably work too, based on the description of the ROM.
I will probably try that one next, because it is also supposed to have the "split screen" feature which I am looking for.
Encryption in Lineage OS seems to work fine, as expected.
I tried to analyze Havoc OS encryption once more: It seems not to be supported at all.
It does "something" trying to encrypt... because TWRP asked for a password the next time I rebooted to recovery. Problem is, decryption in TWRP did not work with the previously given password and the data partition seemed to be messed up (file system type was "emmc", and the data partition was not responding to any of tune2fs, e2fsck or alike).
I looked at the dmesg log, it seems during the boot attempt, the system just cannot work with data any more (hence the idle hang, I assume).
There are many many log lines, showing attempts to work with data and that the system actually expects an ext4 file system for "userdata" (=mmcblk0p64):
Code:
[ 2.990548] EXT4-fs (mmcblk0p64): VFS: Can't find ext4 filesystem
[ 2.990698] EXT4-fs (mmcblk0p64): VFS: Can't find ext4 filesystem
[ 2.996651] EXT4-fs (mmcblk0p64): VFS: Can't find ext4 filesystem
[ 2.996795] EXT4-fs (mmcblk0p64): VFS: Can't find ext4 filesystem
Hi,
I am encrypting my phone but it is taking so long time. It's been more than 15hrs but still its not completed. I have Havoc 11 installed on my phone. There are few important data in my phone which I don't want to loose. Is there any way to copy those folders as I don't feel encryption will complete.
I had 40-50 gb of data in my phone and its been 15hrs, encryption still not completed.
And is this much time is common for encryption ?
Thanks
Monster05414 said:
Hi,
I am encrypting my phone but it is taking so long time. It's been more than 15hrs but still its not completed. I have Havoc 11 installed on my phone. There are few important data in my phone which I don't want to loose. Is there any way to copy those folders as I don't feel encryption will complete.
I had 40-50 gb of data in my phone and its been 15hrs, encryption still not completed.
And is this much time is common for encryption ?
Thanks
Click to expand...
Click to collapse
How you encrypt ur phone?
To encrypt ur phone on decrypted roms like havoc, you need to do it on clean install and flash encrypt.zip and afterwards always to manually apply updates of ROM along with encrypt.zip.
Check my guides about DFE & Encryption and Clean Installation + Dirty Installation at POCO F1 Ultimate Collection & Guides.
Retrial said:
How you encrypt ur phone?
To encrypt ur phone on decrypted roms like havoc, you need to do it on clean install and flash encrypt.zip and afterwards always to manually apply updates of ROM along with encrypt.zip.
Check my guides about DFE & Encryption and Clean Installation + Dirty Installation at POCO F1 Ultimate Collection & Guides.
Click to expand...
Click to collapse
I encrypted from settings.
Is there any way around by which I can copy my phone data ?
Or clean ROM installation + encrypt.zip is the only option left?
Monster05414 said:
I encrypted from settings.
Is there any way around by which I can copy my phone data ?
Or clean ROM installation + encrypt.zip is the only option left?
Click to expand...
Click to collapse
If you stuck there and you can't do anything, manually reboot to TWRP recovery and connect your device to PC. I guess you would be able to take ur data.
Then do clean install along with encryption.zip. (remember do not do OTA afterwards - manually install the future updates always with encryption.zip)