I purchased outright this Moto E 4G LTE from Staples.
It's not locked to any single carrier and I more than likely will use it as a pocket computer, rather than a talk and text phone.
The details from within the phone are as follows:
Model Number - Moto E (2nd Generation) with 4G LTE
Hardware SKU - XT1527
Android Version - 5.0.2
Baseband version - M8916_200608.08.02.58.15R SURNIA_RETCA_CUST
Kernel version - 3.10.49-gb86829a [email protected] #1 Tue Aug 4 14:44:21 CDT 2015
System version - 22.46.8.surnia_retca.retca.en.CA retca
Build number - LXI22.50-53.8
This is my first plunge into the world of unlocking, rooting, and flashing Android OS.
So far I've been able to gather that cybojenix and squid2 have highly regarded threads and downloads related to the Moto E 4G LTE but the high volume of custom roms, TWRP files, modem files, gapps, patches to fix issues with the camera and patches to eliminate a warning message that warns of a rooted bootloader, etc have left me somewhat overwhelmed lost. I am in need of a short list of what I absolutely need to do what I want to do, and some hints of what extras would work best with my phone in terms of custom roms or whatever relevant.
I'd like to root my phone so that I can run a specific app not related to xdadevelopers. My needs are mostly related to security and anonymity because in my professional life I conduct social research with vulnerable populations and the ethics of my profession dictate a strict code of conduct in this vein.
[As an aside --The app I use unobtrusively requests root access and I fully trust the app since I am very familiar with its history and development to date. The app is found found at f-droid if anyone is interested in checking out f-droid's offerings.]
My questions are these:
What version of twrp-surnia-3.0.0-r*.img will my Moto E work with?
Motorola says my Android Version 5.0.2 is fully up to date when I try to use the in-phone System Updates feature from the About Phone tab in Settings. However I've read in XDAdevelopers that this version of Android can run into problems when using a later version of TWRP.
Can I install a flavour of CM13 straight from Android Version 5.0.2 or do I need to somehow install an Android Version of 5.1 as a first step?
What flavour of CM (Custom ROM) works best with this phone?
I recognize this thread is a bit long winded but I hope to have provided all the necessary details required to seek help from the many expert coders, programmers, and operators dedicated to xda-developers.
Thank you for taking time to read this, and many more thanks if you happen to contribute to any of the solutions that might follow.
Have a wonderful evening.
lostcelt said:
I purchased outright this Moto E 4G LTE from Staples.
It's not locked to any single carrier and I more than likely will use it as a pocket computer, rather than a talk and text phone.
The details from within the phone are as follows:
Model Number - Moto E (2nd Generation) with 4G LTE
Hardware SKU - XT1527
Android Version - 5.0.2
Baseband version - M8916_200608.08.02.58.15R SURNIA_RETCA_CUST
Kernel version - 3.10.49-gb86829a hud[email protected] #1 Tue Aug 4 14:44:21 CDT 2015
System version - 22.46.8.surnia_retca.retca.en.CA retca
Build number - LXI22.50-53.8
This is my first plunge into the world of unlocking, rooting, and flashing Android OS.
So far I've been able to gather that cybojenix and squid2 have highly regarded threads and downloads related to the Moto E 4G LTE but the high volume of custom roms, TWRP files, modem files, gapps, patches to fix issues with the camera and patches to eliminate a warning message that warns of a rooted bootloader, etc have left me somewhat overwhelmed lost. I am in need of a short list of what I absolutely need to do what I want to do, and some hints of what extras would work best with my phone in terms of custom roms or whatever relevant.
I'd like to root my phone so that I can run a specific app not related to xdadevelopers. My needs are mostly related to security and anonymity because in my professional life I conduct social research with vulnerable populations and the ethics of my profession dictate a strict code of conduct in this vein.
[As an aside --The app I use unobtrusively requests root access and I fully trust the app since I am very familiar with its history and development to date. The app is found found at f-droid if anyone is interested in checking out f-droid's offerings.]
My questions are these:
What version of twrp-surnia-3.0.0-r*.img will my Moto E work with?
Motorola says my Android Version 5.0.2 is fully up to date when I try to use the in-phone System Updates feature from the About Phone tab in Settings. However I've read in XDAdevelopers that this version of Android can run into problems when using a later version of TWRP.
Can I install a flavour of CM13 straight from Android Version 5.0.2 or do I need to somehow install an Android Version of 5.1 as a first step?
What flavour of CM (Custom ROM) works best with this phone?
I recognize this thread is a bit long winded but I hope to have provided all the necessary details required to seek help from the many expert coders, programmers, and operators dedicated to xda-developers.
Thank you for taking time to read this, and many more thanks if you happen to contribute to any of the solutions that might follow.
Have a wonderful evening.
Click to expand...
Click to collapse
The basic steps you need to follow are:
Unlock your bootloader
Flash the XT1527 RETUS 5.1 modem (see http://forum.xda-developers.com/moto-e-2015/help/moto-e-2015-modems-t3296044)
Flash the latest TWRP (my 3.0.1-r1 build as of this moment, see http://forum.xda-developers.com/moto-e-2015/development/twrp-squid-twrp-recovery-moto-e-lte-t3137649)
From TWRP, go into advanced wipe and erase system, data, cache, and dalvik
Flash CM13 + gapps together in TWRP
Apart from the modem, you don't have to upgrade anything else.
I choose to avoid Cm after reading up on it.
I prefer to use the Stock ROM etc
BUT!
I Root it with SuperSU then make my own Bootlogo + Animation
Then i use Squid's Kernel + Squid's TWRP and No-frills CPU Control (to use some of the options Squid's kernel has)
I believe my setup is cleaner and has more stable support and easier to do learn etc.
I checked on what features CM offers and none of it sound like anything i wanted.
I also don't want to have to fiddle around with Gapps or whatever.
I also seen some drawbacks before with some features on the stock Rom that do not work on CM.
I think most people use it simply because it's popular.
Evaluate your options and choose what is right for you.
First thing you want to do is check if you can unlock your bootloader.
Since your from Canada i bet you can.. i did on mine.
Squid's stuff plus Stock Android is good.. in my opinion better than CM.
squid2 said:
The basic steps you need to follow are:
Unlock your bootloader
Flash the XT1527 RETUS 5.1 modem (see http://forum.xda-developers.com/moto-e-2015/help/moto-e-2015-modems-t3296044)
Flash the latest TWRP (my 3.0.1-r1 build as of this moment, see http://forum.xda-developers.com/moto-e-2015/development/twrp-squid-twrp-recovery-moto-e-lte-t3137649)
From TWRP, go into advanced wipe and erase system, data, cache, and dalvik
Flash CM13 + gapps together in TWRP
Apart from the modem, you don't have to upgrade anything else.
Click to expand...
Click to collapse
Thank you for responding to my questions, squid2. I am very much honored to have had you taken the time to write on my behalf, this is certainly something to which I feel very privledged.
For the sake of clarity and accuracy I will quickly repeat the steps I just took after reading your answer to this thread. If you do not write into this thread a second time I will assume the steps I just took are indeed the correct ones.
1. I went to http://forum.xda-developers.com/moto...odems-t3296044 as you directed and downloaded only the one folder titled Modem, ignoring the larger file that includes another three folders in addition to the Modem folder (the larger file containing all the four files is 25.79GB, whereas the single Modem folder is just 561MB).
2. I then unzipped the Modem folder and selected the SURNIA-RETUS_5.1.zip, ignoring the SURNIA-RETUS_5.1_new.zip which is also in the Modem folder. (The newer SURNIA-RETUS_5.1_new.zip file is two days newer than the other SURNIA-RETUS_5.1.zip file, but since they are both in the same Modem folder I am taking that to mean I should follow your original instructions precisely as directed. Both files are about the same size, except that the newer file is slightly smaller than the other.)
Again, thank you. Your instructions were vital in enabling me to move forward on this task. We need a bitcoin tip jar for people who take time to help others.
xpmule said:
I choose to avoid Cm after reading up on it.
I prefer to use the Stock ROM etc
BUT!
I Root it with SuperSU then make my own Bootlogo + Animation
Then i use Squid's Kernel + Squid's TWRP and No-frills CPU Control (to use some of the options Squid's kernel has)
I believe my setup is cleaner and has more stable support and easier to do learn etc.
I checked on what features CM offers and none of it sound like anything i wanted.
I also don't want to have to fiddle around with Gapps or whatever.
I also seen some drawbacks before with some features on the stock Rom that do not work on CM.
I think most people use it simply because it's popular.
Evaluate your options and choose what is right for you.
First thing you want to do is check if you can unlock your bootloader.
Since your from Canada i bet you can.. i did on mine.
Squid's stuff plus Stock Android is good.. in my opinion better than CM.
Click to expand...
Click to collapse
Thank you, xpmule. I had been wondering whether it was a good idea to install CM or to use a stock Rom. From what I've been reading the Moto E version of Android is fairly bloat-free and since I really only need a rooted phone there is no real need for CM.
I've learned more than once that messing around with unfamiliar OS can be a recipe for disaster after foolishly timing updates of a Linux or BSD OS when I have papers due or exams to study for.
I'll take some more time to research the other options you recommended and then follow your lead with respect to this phone.
Again I'd like to thank both squid2 and yourself for helping me on this, and may I suggest that people who provide meaningful assistance such as this put a bitcoin wallet addres in their signature so that people like me can show our gratitude .
I Support Bitcoin and i think i said that to Squid before too LOL
But i have before refused some for helping people more than once.
My help is not as much as Squid's though.. he puts in effort for his public projects LOL
I don't think you will see him giving advice too much either.. at least i haven't.
So Squid.. GET a Bitcoin address man
OP good luck.. i think Moto's Android is fairly bloat free.. The stuff Moto put on there is good.
Like the twist the phone to activate the camera app or the app that tweaks the notifications.
I am happy myself just modding the stock firmware.
Thank you squid2, I followed your directions exactly as prescribed and I am now rocking the lastest nightly build of CM on my Moto E. It was fairly easy and I can confirm that everything works just fine.
And thank you as well, xpmule. I was going to follow your instructions too but when I got to a certain point in my process and my phone asked if I was sure I wanted to reboot even though there was no OS installed, well I had one of those moments.
Thank you, thank you, THANK YOU!!
Now it's time to explore this CM OS and see what all the fanfare is really about. )
Hi Guys hope you r donig well ♥
and suggestions about a stable rom & kernel for my 2gb version
i don't play pubg or games , only use my phone for camera and social media
i do prefer N roms cuz most of the people say that pie still have some issues
thanks for your time guys ♥
Citrus-caf obviously. Though it's a little bit old, i.e. Dec, 18. Nevertheless, it's the most stable among all. It's the only Pie rom for kenzo having SE Linux enforcing. Flash it with orangefox recovery and opengapps 64 bit nano package. Good luck.
Stabe and Up-to-date Custom ROM for Redmi Note 3, meet /e/!
Mo'men Hesham said:
Hi Guys hope you r donig well
and suggestions about a stable rom & kernel for my 2gb version
i don't play pubg or games , only use my phone for camera and social media
i do prefer N roms cuz most of the people say that pie still have some issues
thanks for your time guys
Click to expand...
Click to collapse
Hi Mo'men Hesham,
I strongly suggest /e/OS, from eFoundation (for Redmi Note 3 - kenzo)
Characteristics:
1. Stable (android 7/nougat);
2. Secure (latest security patch, SELinux enforcing, Phone Encryption)
3. Frequent updates (built-in updater);
4. Official nightly builds (on gitlab);
5. Privacy oriented (Privacy Guard, MicroG, ...);
6. Elegent & consistent experience;
7. Optional online services & a welcoming community.
Useful links
/e/OS ROM download: https://images.ecloud.global/dev/kenzo/
Insall instruction: https://gitlab.e.foundation/e/wiki/en/wikis/device/kenzo/install
/e/ project: https://e.foundation/
awalis said:
Hi Mo'men Hesham,
I strongly suggest /e/OS, from eFoundation (for Redmi Note 3 - kenzo)
Characteristics:
1. Stable (android 7/nougat);
2. Secure (latest security patch, SELinux enforcing, Phone Encryption)
3. Frequent updates (built-in updater);
4. Official nightly builds (on gitlab);
5. Privacy oriented (Privacy Guard, MicroG, ...);
6. Elegent & consistent experience;
7. Optional online services & a welcoming community.
Useful links
/e/OS ROM download: https://images.ecloud.global/dev/kenzo/
Insall instruction: https://gitlab.e.foundation/e/wiki/en/wikis/device/kenzo/install
/e/ project: https://e.foundation/
Click to expand...
Click to collapse
/e/ has this nasty bug that powers down the device at certain battery percentage, highly unstable. Also kernel (stock LineageOS 14.1) hasn't been updated in years which makes this security oriented ROM unsecure.
Hello n0b0dy666,
n0b0dy666 said:
/e/ has this nasty bug that powers down the device at certain battery percentage
Click to expand...
Click to collapse
I never experienced that bug on /e/ so far, my battery goes as down as 1% very often without any issue (which is terrible for its longevity actually)
n0b0dy666 said:
highly unstable
Click to expand...
Click to collapse
in my experience at least, it is very stable. I was on Havoc OS before, which wasn't that stable.
n0b0dy666 said:
Also kernel (stock LineageOS 14.1) hasn't been updated in years
Click to expand...
Click to collapse
Could you elaborate on that kernel issue please?
note that at the the present time, the "Phone Status" screen displays the following:
Kernel version: 3.10.105-lineageos-g92430f1a110 .... Fri Jul 5 02:59:21 UTC 2019
and
Android security patch level: june 5, 2019
Regards,
awalis said:
Hello n0b0dy666,
I never experienced that bug so far, my battery goes as down as 1% very often without any issue (which is terrible for its longevity actually)
in my experience at least, it is very stable. I was on Havoc OS before, which wasn't that stable.
Could you elaborate on that kernel issue please?
note that at the the present time, the "Phone Status" screen displays the following:
Kernel version: 3.10.105-lineageos-g92430f1a110 .... Fri Jul 5 02:59:21 UTC 2019
and
Android security patch level: june 5, 2019
Regards,
Click to expand...
Click to collapse
I was referring to the battery bug as being unstable. It's a bug within stock kenzo LineageOS 14.1 kernel which /e/ is powered by. Which takes me to the security part; there are system level patches, which are up to date, no problem with that and kernel level patches. Kernel was last updated (not built, different thing) on November 2017, which makes your device vulnerable to some serious exploits.
n0b0dy666 said:
I was referring to the battery bug as being unstable. It's a bug within stock kenzo LineageOS 14.1 kernel which /e/ is powered by.
Click to expand...
Click to collapse
Oh, now I see what you mean. I used to have that issue for a while back when I was on Lineage OS, but after I replaced my two years old battery, that behavior stopped completely! so I just put the blame on the battery age.
n0b0dy666 said:
there are system level patches, which are up to date, no problem with that and kernel level patches. Kernel was last updated (not built, different thing) on November 2017, which makes your device vulnerable to some serious exploits.
Click to expand...
Click to collapse
Thank you for the explanation, I just looked it up. So the Linux kernel 3.10.y reached its End Of Life almost two years ago! and the date displayed on "Settings > About phone" is just the actual building date. Well that's a serious security flaw related to the vendor/device itself, whatever the Custom ROM one chooses to install.
That being said, and if the OP still wants to keep his device, /e/OS is a right choice compared to the other Custom ROMs, for the remaining reasons stated in my first reply.
Cordially,
I want to install crdroid vanilla custom rom. I want to know whether microg is device specified like custom roms. I have a redmi note 10. Is there any specified micro g for redmi note 10 or can i install any mciro g. Also please suggest which is better from microg, nanodroid, nikgapps. I am also curious to know its pros and cons.
crdroid is unfortunately discontinued as vanilla build ( I still wonder why.. ) you better stick with other vanilla ROMs then.
however, getting Signature spoofing working on vanilla LineageOS is currently a mess and very tricky (as long as there is no official microG version), so many ways that worked before don't work anymore. nanodroid isn't working, the spoofing is not working. you have to manually extract framework files, deodex files, repack, upload again etc.. cumbersome.
if you have a vanilla ROM that supports signature spoofing out of the box, the best way seems to be having Magisk and installing the unofficial MinMicroG.zip with it. That was the only option that worked for me now on Android 11.
there is also no device specific MicroG version. To get a working MicroG installation it depends on 2 factors:
1. MicroG itself. the current version is kinda buggy on Android 11
2. the way it is installed and bound into the system (priv-app, userapp, as system installation or magisk module)
both need to work hand in hand, that means there are many combinations available that might work and might not work, and it's changing everyday (like, microg community updates fixes and adjusts the code, then google releases next update and nothing works anymore)
again: if your chosen ROM supports signature spoofing out of the box, installing microG is a piece of cake (if you know the right combinations that currently work, f.i. A11+magisk+minmicrog, or (currently not) nandroid, official microG apks only, etc.)
otherwise it's a lot more difficult, because there is currently nowhere a working one-click-solution to add signature spoofing.
(oh, and that's at least my experience so far, if anybody knows better, feel free correct me or add infos, I'm eager to hear)
Magisk Patched Unofficial GrapheneOS for the Pixel 6 / 6 Pro (oriole/raven)
This ROM will allow you to lock the boot loader. Do not ever disable the OEM unlocking checkbox when using a locked bootloader with root.
This is critically important. With root access, it is possible to corrupt the running system, for example by zeroing out the boot partition.
In this scenario, if the checkbox is turned off, both the OS and recovery mode will be made unbootable and fastboot flashing unlock will not be allowed.
This effectively renders the device hard bricked.
I am not responsible for any harm you may do to your device, follow at your own risk etc etc, Rooting your device can potentially introduce security flaws, I am not claiming this to be secure. If you would like to have more security and peace of mind then I highly recommend you follow This Guide to build this rom using your own encryption keys.
GrapheneOS is a privacy and security focused mobile OS with Android app compatibility developed as a non-profit open source project. It's focused on the research and development of privacy and security technology including substantial improvements to sandboxing, exploit mitigations and the permission model. It was founded in 2014 and was formerly known as CopperheadOS.
The features page provides an overview of the substantial privacy and security improvements added by GrapheneOS to the Android Open Source Project (AOSP). Many of the past features were contributed to AOSP, Linux and other projects to improve privacy and security for billions of users so they're no longer listed on the features page.
More info:
Official releases are available on the releases page (Not Magisk Patched) and installation instructions are on the install page.
GrapheneOS also develops various apps and services with a focus on privacy and security. Vanadium is a hardened variant of the Chromium browser and WebView specifically built for GrapheneOS. GrapheneOS also includes our minimal security-focused PDF Viewer, our hardware-based Auditor app / attestation service providing local and remote verification of devices, our modern privacy / security focused camera app, and the externally developed Seedvault encrypted backup which was initially developed for inclusion in GrapheneOS.
No Google apps or servicesGrapheneOS will never include either Google Play services or another implementation of Google services like microG. It's possible to install Play services as a set of fully sandboxed apps without special privileges via our sandboxed Google Play compatibility layer. See the FAQ section for more details on our plans for filling in the gaps from not shipping Play services and Google apps.
Installation Instructions: Fashing-factory-image
Locking the bootloader is Optional but does increase the device security Locking-the-bootloader
Update Instructions: simply follow these instructions Updates-sideloading to sideload the latest patched OTA update package (You can update from any previous version if using full ota update)
Android OS Version: 13
Current Version: See Post #2
Download: See Post #2
Sources: GrapheneOS - AVBRoot - Magisk - Patch Guide
PayPal Donation Link
Builds for Pixel 6 (Oriole)
Magisk-Patched GrapheneOS Factory Install Build
Full system install builds for clean and new installs
Build based on release#2023061402 (2023-06-14)
SourceForge_Download
Build based on release#2023050100 (2023-05-01)
SourceForge_Download
Build based on release#2023041100 (2023-04-11)
SourceForge_Download
Build based on release#2023032000 (2023-03-20)
SourceForge_Download
Build based on release#2023022300 (2023-02-23)
SourceForge_Download
Build based on release#2023020600 (2023-02-06)
SourceForge_Download
Build based on release#2023020200 (2023-02-02)
SourceForge_Download
Build based on release#2023012500 (2023-01-25)
SourceForge_Download
Build based on release#2023011000 (2023-01-10)
SourceForge_Download
Build based on release#2023010300 (2023-01-03)
SourceForge_Download | 1fichier_Download
Build based on release#2022122000 (2022-12-20)
Anonfiles Download | 1fichier Download
Build based on release#2022121400 (2022-12-14)
Anonfiles Download | 1fichier Download
Build based on release#2022121100 (2022-12-11)
Anonfiles Download | 1fichier Download
Build based on release#2022120300 (2022-12-03)
Anonfiles Download | 1fichier Download
Build based on release#2022113000 (2022-11-30)
Anonfiles Download
Build based on release#2022112500 (2022-11-25)
Anonfiles Download
Click to expand...
Click to collapse
Magisk Patched OTA Update packages
Full OTA Builds will let you update from any older version
Patched OTA based on release#2023061402 (2023-06-14)
SourceForge_Download
Patched OTA based on release#2023050100 (2023-05-01)
SourceForge_Download
Patched OTA based on release#2023041100 (2023-04-11)
SourceForge_Download
Patched OTA based on release#2023032000 (2023-03-20)
SourceForge_Download
Patched OTA based on release#2023022300 (2023-02-23)
SourceForge_Download
Patched OTA based on release#2023020600 (2023-02-06)
SourceForge_Download
Patched OTA based on release#2023020200 (2023-02-02)
SourceForge_Download
Patched OTA based on release#2023012500 (2023-01-25)
SourceForge_Download
Patched OTA based on release#2023011000 (2023-01-10)
SourceForge_Download
Patched OTA based on release#2023010300 (2023-01-03)
Anonfiles Download | SourceForge_Download | 1fichier Download
Patched OTA based on release#2022122000 (2022-12-20)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022121400 (2022-12-14)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022121100 (2022-12-11)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022120300 (2022-12-03)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022113000 (2022-11-30)
Anonfiles Download
Patched OTA based on release#2022112500 (2022-11-25)
Anonfiles Download
Click to expand...
Click to collapse
Builds for Pixel 6 Pro (Raven)
Always do a backup of your data before flashing any updates, just in case.
I make no promises that this works or that I will provide regular updates. I will attempt to provide updates when they are available and I have time, you may have issues with this rom, you could lose your data or brick your device (although it's very unlikely if you follow the instructions and use common sense)
#reserved
Thanks for this!
New Release #2022120300
Changes since the 2022113000 release:
kernel (Pixel 4, Pixel 4 XL, Pixel 4a): add back our change enabling ARM64_SSBD now that upstream issues with it are resolved for this branch
Sandboxed Google Play compatibility layer: avoid chain crash of GmsCompat app following process death from OOM killer, etc.
Vanadium: update Chromium base to 108.0.5359.79
kernel (Generic 5.15): update to latest GKI LTS branch revision including update to 5.15.76
kernel (Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Generic 5.10, Generic 5.15): update to latest GKI LTS branch revision
kernel (Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro): update Mali GPU driver to r37p0 (current release is r41p0 but there are substantial changes to the driver for the Tensor SoC on Pixels and it will take substantial work to upgrade all the way)
remove broken, obsolete upstream code causing install permissions defined by user install apps not being automatically granted for user installed apps installed before the app defining the permissions unless the app is reinstalled
Messaging: update MMS configuration database based on Google Messages 20221115_01_RC01
Dialer: update visual voicemail (VVM) configuration database based on Google Phone 90.0.477356402
Dialer: adjust VVM configuration database entries for compatibility with AOSP
Click to expand...
Click to collapse
Download in Post #2
does the full system install include the android 13 boot loader? if someone was still on A12 should they do a full oem update first?
nutzfreelance said:
does the full system install include the android 13 boot loader? if someone was still on A12 should they do a full oem update first?
Click to expand...
Click to collapse
I think you should upgrade to stock android 13 first just to be safe
brilliant thanks!! can i ask a reallly random stupid question please. if i have a stock pixel 6 rom, can i just run the ota update to keep present apps/data in place and to upgrade it to graphene or would that break my phone if not already running graphene?
Ictcreations said:
brilliant thanks!! can i ask a reallly random stupid question please. if i have a stock pixel 6 rom, can i just run the ota update to keep present apps/data in place and to upgrade it to graphene or would that break my phone if not already running graphene?
Click to expand...
Click to collapse
You must install Graphene OS first, and if you want to lock the bootloader then you will need to erase your data anyway
People from GrapheneOS will permanently suspend your account on their forums for simply telling people that it is in fact possible to ROOT Graphene and Lock the Bootloder
They like to LIE to people and tell them it's impossible, while preventing anyone from contradicting them
I flashed the oriole image flawlessy, everythings seems to be fine except for the magisk manager that keeps crashing. I need to do something in order to make it works?
Edit: my bad, i was installing a super old version of magisk Sorry.
Thank you so much for you hard work
i cant find any information if its possbile to use google pay and android auto again with a rooted grapheneos and working magisk modul.
i like graphene and the features but it sucks to use an iphone for my car and cant use my galaxy watch for paying something :/
any1 got an idea or is the only possibility to flash stock google for both apps
timuh said:
i cant find any information if its possbile to use google pay and android auto again with a rooted grapheneos and working magisk modul.
i like graphene and the features but it sucks to use an iphone for my car and cant use my galaxy watch for paying something :/
any1 got an idea or is the only possibility to flash stock google for both apps
Click to expand...
Click to collapse
You cannot use google pay with official Graphene, I mean it works with loyalty cards but not NFC payment cards
So you should not expect it to work with a magisk patched Graphene, maybe you can find some magisk module and a configuration to get safety net passing and google pay working. But I am not aware of anything that works with Graphene
Why so much headache as go trough build for such simple task as resign especially for Graphene? Just get ota, follow instruction in readme.txt avbroot and that it.
I understand if you do any changes to source (patches, unneeded apps, own apps, implement of root). But just for locked bootloader? Bootloader locked or not doing it job.
If you loose and somebody stole your device how locked bootloader helps? Get your data from recovery (it stock, not custom) over adb shell if you use pass not possible. Find device or location not on graphene build. You can't pass Safetycheck or use phone for contactless payments (NFC)
So all that wind just not allow to thief reflash and use device?
boom15 said:
Why so much headache as go trough build for such simple task as resign especially for Graphene? Just get ota, follow instruction in readme.txt avbroot and that it.
I understand if you do any changes to source (patches, unneeded apps, own apps, implement of root). But just for locked bootloader? Bootloader locked or not doing it job.
If you loose and somebody stole your device how locked bootloader helps? Get your data from recovery (it stock, not custom) over adb shell if you use pass not possible. Find device or location not on graphene build. You can't pass Safetycheck or use phone for contactless payments (NFC)
So all that wind just not allow to thief reflash and use device?
Click to expand...
Click to collapse
If you think it's too much headache, that's fine, it's not for you.
I prefer to build it from source myself using my own keys for the whole process, it may be possible as you say just to patch the provided ota with avbroot, but I haven't tested this and don't have any plans to
I don't want to argue about the potential security benefits or downsides, If you don't believe it's secure and you don't feel safe using it then just don't use it. I like my data being secure and not easily accessible, regular backups are important
You can't pass safetynet or use google pay for contactless payments on official graphene, so please take it up with them to fix that as rooting it isn't going to make you more likely to pass safetynet
The thief can always just reflash and use the device unless you disable OEM unlocking in the developer settings
But you should not do this, because if something happened and your phone started to boot loop or something then there would be no way to fix it and you will brick your device, but at least your data will be safe if you had the bootloader locked
FireRattus said:
If you think it's too much headache, that's fine, it's not for you.
I prefer to build it from source myself using my own keys for the whole process, it may be possible as you say just to patch the provided ota with avbroot, but I haven't tested this and don't have any plans to
I don't want to argue about the potential security benefits or downsides, If you don't believe it's secure and you don't feel safe using it then just don't use it. I like my data being secure and not easily accessible, regular backups are important
You can't pass safetynet or use google pay for contactless payments on official graphene, so please take it up with them to fix that as rooting it isn't going to make you more likely to pass safetynet
The thief can always just reflash and use the device unless you disable OEM unlocking in the developer settings
But you should not do this, because if something happened and your phone started to boot loop or something then there would be no way to fix it and you will brick your device, but at least your data will be safe if you had the bootloader locked
Click to expand...
Click to collapse
Read one more time my comment
I'm not said that I will or plan to use your guide to build. I said that it to much work for average person.
I saw your post where you clearly state that you wanna locked bootloader. I pointed to easiest way to do that. Don't like it? Do what you like.
For patching ota by using avbroot. I did it and tested on my own pixels(6a,2 -6, not pro) and not pushing you to do that. As all here I wanna show people another option.
I don't need rom signed you or any one else. It personal rom and I do not have time and willing to inspect it. For me enough that I trust graphene team! I already build rom for my self with implemented of root, patching some graphene code, remove some apks and replaced it with mine and settings that I need. Of cause I sign but that rom it for me and my family not for public. So no any need in secondhand roms.
I did't tell that you responcible for NFC, Saftynet pass just wanna point out that locking bootloader not helps with these issue.Not expect you fix that. You said that you didn't touch code. It's Graphene and it on their side. I used Graphene long enough to know advantages and disadvantages.
And I as you don't intend to start security discussion here or with someone else. Don't worry and have a good day!
boom15 said:
Read one more time my comment
I'm not said that I will or plan to use your guide to build. I said that it to much work for average person.
I saw your post where you clearly state that you wanna locked bootloader. I pointed to easiest way to do that. Don't like it? Do what you like.
For patching ota by using avbroot. I did it and tested on my own pixels(6a,2 -6, not pro) and not pushing you to do that. As all here I wanna show people another option.
I don't need rom signed you or any one else. It personal rom and I do not have time and willing to inspect it. For me enough that I trust graphene team! I already build rom for my self with implemented of root, patching some graphene code, remove some apks and replaced it with mine and settings that I need. Of cause I sign but that rom it for me and my family not for public. So no any need in secondhand roms.
I did't tell that you responcible for NFC, Saftynet pass just wanna point out that locking bootloader not helps with these issue.Not expect you fix that. You said that you didn't touch code. It's Graphene and it on their side. I used Graphene long enough to know advantages and disadvantages.
And I as you don't intend to start security discussion here or with someone else. Don't worry and have a good day!
Click to expand...
Click to collapse
1.I already know this, I thought this would be obvious. I think using Graphene OS at all is too much for the average person, the average person will just use their phone as it comes and never put a custom rom onto it. This was never intended for the average person.
2. I appreciate that there is an easier way to do it, But I already said I was going to do what I like instead.
3. I appreciate that you have tested this works, I will likely update the guide I have created with this information for people who don't want to build it from source but would also prefer to patch official builds with magisk themselves
4. I do highly recommend everyone does build it themself, I think you should not rely on and trust graphene to always provide updates that have not been modified in some malicious way, it's always possible they could get hacked and an update build could be silently replaced with a malicious version
5. Locking the bootloader has nothing to do with safetynet for me, It's more about the other protections that locking the bootloader enables, like making it much harder for someone to be able to access my data or use the phone without erasing the data
Thankfully there is several banking apps which work and even let you use NFC for payments, while you do not pass safetynet
6. I appreciate it, thank you. I hope you have a good day also.
FireRattus said:
1.I already know this, I thought this would be obvious. I think using Graphene OS at all is too much for the average person, the average person will just use their phone as it comes and never put a custom rom onto it. This was never intended for the average person.
2. I appreciate that there is an easier way to do it, But I already said I was going to do what I like instead.
3. I appreciate that you have tested this works, I will likely update the guide I have created with this information for people who don't want to build it from source but would also prefer to patch official builds with magisk themselves
4. I do highly recommend everyone does build it themself, I think you should not rely on and trust graphene to always provide updates that have not been modified in some malicious way, it's always possible they could get hacked and an update build could be silently replaced with a malicious version
5. Locking the bootloader has nothing to do with safetynet for me, It's more about the other protections that locking the bootloader enables, like making it much harder for someone to be able to access my data or use the phone without erasing the data
Thankfully there is several banking apps which work and even let you use NFC for payments, while you do not pass safetynet
6. I appreciate it, thank you. I hope you have a good day also.
Click to expand...
Click to collapse
I spent half of my week following your guide because with my old ass I7-3770K running Debian within VMware takes days since I didn't know there was another way. The main building part (m target-files-package took 6,5 hours to complete) Reading what boom15 said I'd be very happy if I never had to go down this route ever again.
Thank both of you gentlemen for spreading information about this, I wound't be able to figure it out by myself.
I guess I only have to download the OTA from grapheneos.org/releases and follow avbroot's readme, right? (I feel like a retard right now for wasting that much time setting up my VM, it running out of disk space, reinstalling it, etc.. )
Klavaro said:
I spent half of my week following your guide because with my old ass I7-3770K running Debian within VMware takes days since I didn't know there was another way. The main building part (m target-files-package took 6,5 hours to complete) Reading what boom15 said I'd be very happy if I never had to go down this route ever again.
Thank both of you gentlemen for spreading information about this, I wound't be able to figure it out by myself.
I guess I only have to download the OTA from grapheneos.org/releases and follow avbroot's readme, right? (I feel like a retard right now for wasting that much time setting up my VM, it running out of disk space, reinstalling it, etc.. )
Click to expand...
Click to collapse
I do completely understand and sympathize, I have already updated the guide with this simple method of patching graphene for those who are unable to or don't want to build it from source themselves
I think you have gained some valuable experience and knowledge though which will likely help you in the future with other endeavors.
At least you didn't spend a good couple of weeks trying to patch graphene with magisk manually before I even discovered AVBRoot was a thing, so glad that exists
FireRattus said:
I do completely understand and sympathize, I have already updated the guide with this simple method of patching graphene for those who are unable to or don't want to build it from source themselves
I think you have gained some valuable experience and knowledge though which will likely help you in the future with other endeavors.
At least you didn't spend a good couple of weeks trying to patch graphene with magisk manually before I even discovered AVBRoot was a thing, so glad that exists
Click to expand...
Click to collapse
I understand your side too, my end goal would be using only self built opensource software on every device I have, but you gotta start somewhere, right? Maybe once I'll have nothing better to spend money on I'll build myself a newer pc and dual boot linux so it doesn't take ages to build graphene.
I'm all about doing new things, getting experience and knowledge, so I'm not even mad, but just feel relieved that I'll be able to update it easily. Atleast now I'm getting familiar with Debian, which will come in handy when I'll get myself to continue setting up my VPS, so I can selfhost everything I need..
Well I didn't try that, mainly because I'm curious if I'll be able to use my banking app if I root my phone and lock the bootloader, since that sucker won't even let me use contactless payment with a stock os combined with an unlocked bootloader.
New Release #2022121100
Missed a couple of update releases due to build errors then other errors I have finally resolved so
Changes since the 2022120300 release:
resolve upstream bug in Android 13 QPR1 causing screen brightness dimming on user profile changes
Settings: replace hard-wired refresh rate in the text for the smooth display toggle with the actual max refresh rate used for the device model (Android has the string hard-wired to say 90Hz and expects the device to provide an overlay with the correct string which isn't present in AOSP for Pixels)
kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Generic 5.10): update to latest GKI LTS branch revision including update to 5.10.156
kernel (Generic 5.15): update to latest GKI LTS branch revision including update to 5.15.77
Sandboxed Google Play compatibility layer: new infrastructure for controlling Play Store updates of Play Store and Play services with a max version of Play services and the Play Store set via GmsCompatCompat and an override toggle for allowing it to update to any version
Sandboxed Google Play compatibility layer: hide GrapheneOS Auditor variant (app.attestation.auditor) from the Play Store so it doesn't try to update it (note: we plan to fully switch to app.grapheneos.auditor.play for the Play Store and we can remove this workaround once we unpublish the GrapheneOS variant of the app there and stop updating it)
Pixel 7, Pixel 7 Pro: remove unused Google Camera SELinux policy
Auditor: update to version 67
Camera: update to version 58
2022120700
Launcher: fix Recent Apps activity crashing when using the TalkBack screen reader due to an incorrect port of the Storage Scopes shortcut to Android 13 QPR1
2022120600
full 2022-12-01 security patch level
full 2022-12-05 security patch level
rebased onto TQ1A.221205.011 release, which is the first quarterly maintenance/feature release for Android 13
Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro: rewrite under display fingerprint scanner integration
Sandboxed Google Play compatibility layer: set GmsCompat versionCode to 1000 (v1) to prepare for defining dependencies on the compatibility layer version for the Google Play apps mirrored in our app repository
Pixel 6, Pixel 6 Pro, Pixel 6a: use Scudo instead of hardened_malloc for camera service for consistency with the Pixel 7 and Pixel 7 Pro until memory corruption issues with it are resolved
add back support for OS device controls and wallet quick tiles
kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Generic 5.10): update to latest GKI LTS branch revision including update to 5.10.152
Click to expand...
Click to collapse
Download in Post #2