Related
Hello, various posts say kenzo roms could be used on kate, but without modem files. Many users already tried flashing manually modified roms, bricking or having issues. Is there a full tutorial to how effectively:
- unlock bootloader (only unofficial way for what i understand...)
- root the phone (only flashing supersu via TWRP? what version of TWRP?)
- possibly modify existent kenzo roms to use them on kate (not only CM.... there are so many roms with various kernels too...are they working without problems on kate?)
so far i've been scouring the net for any possible guide, but there are really few to none specific for kate, and none answering clearly the previous questions....and i am sure i'm not alone as more and more people are buying right now the international version, and keep asking the same questions. Could somebody shed a light? thanks.
Following this thread. I bought international version and can't wait to flash CM
Inviato dal mio MI 2S utilizzando Tapatalk
You need to unlock bootloader and then flash TWRP. Once that's done all you need to do is flash CM13, CM13Firmware, Opengapps ARM64 and modem file for Kate (NON-HLOS from fastboot of MIUI8 Kate). Also can flash latest SuperSU for root.
To flash modem once CM13 is installed boot fastboot and then enter:
fastboot flash modem NON-HLOS.bin
Full guide
Is it possible to just install twrp and supersu and use miui roms?
http://forum.xda-developers.com/redmi-note-3/how-to/zcx-twrp-install-twrp-flash-supersu-t3462448
I wish there was a TWRP specifically for "kate" though. Because TWRP will think "kate" is "kenzo" for now.
is its possible to unlock the Kate version on the official way? Because in the Guide from Xiaomi ist the Point "You must on China Dev Firmware" but this versions isnt available for the kate version?
dadonali said:
is its possible to unlock the Kate version on the official way? Because in the Guide from Xiaomi ist the Point "You must on China Dev Firmware" but this versions isnt available for the kate version?
Click to expand...
Click to collapse
Until today, no one confirmed to have had success with official unlock. Even though it should be possible to unlock with the Mi Flash Unlock tool on every ROM, it is very likely that it can only reliable unlock when using a Chinese Developer ROM, which doesn't exist for Kate.
Most people are getting an error message in the above utility, saying that the MI account in the phone and the one used in the utility don't match, even if they do.
DPyro said:
Full guide
Click to expand...
Click to collapse
You found my guide.
Is there any good reason to wait for a reliable way to officially unlock the bootloader? Or any downside to go with the unofficial unlock method?
I got my phone yesterday and just found out today I actually had the Kate version. I don't really plan on going back to MIUI and from what I understand, the official unlock method would only make it easier to switch back to MIUI. Is that right?
(It's not my first time playing with custom ROMs, I have flashed multiple roms / kernels in the past but I always owned Nexus phones and it was quit dummy proof on these phones.)
BigBlarg said:
I don't really plan on going back to MIUI and from what I understand, the official unlock method would only make it easier to switch back to MIUI. Is that right?
Click to expand...
Click to collapse
That's my understanding, yes. Interestingly, when I had a Kenzo and unlocked it officially, the bootloader got relocked whenever I flashed something like CM. With Kate (unofficially unlocked), the bootloader wasn't relocked after flashing CM. In that sense, unlocking it via unofficial means may be advantageous.
Pumpino said:
That's my understanding, yes. Interestingly, when I had a Kenzo and unlocked it officially, the bootloader got relocked whenever I flashed something like CM. With Kate (unofficially unlocked), the bootloader was relocked after flashing CM. In that sense, unlocking it via unofficial means may be advantageous.
Click to expand...
Click to collapse
Thanks Pumpino!
I just followed your guide and successfully flashed CM 13 stable release without any issue.
It's only been a few minutes but everything seems to be working (much better than MIUI) so far.
BigBlarg said:
Thanks Pumpino!
I just followed your guide and successfully flashed CM 13 stable release without any issue.
Click to expand...
Click to collapse
You're welcome. I'm glad it went smoothly.
I've just edited my previous post, as "was" should have said "wasn't". ie. "With Kate (unofficially unlocked), the bootloader wasn't relocked after flashing CM."
Followed the guide and can't get the bootloader to unlock. Any ideas?
Downloaded the updated/modified emmc_appsboot.mbn, put it into the rom folder and flashed fine. Won't unlock.
BobSlob said:
Followed the guide and can't get the bootloader to unlock. Any ideas?
Downloaded the updated/modified emmc_appsboot.mbn, put it into the rom folder and flashed fine. Won't unlock.
Click to expand...
Click to collapse
I made a mistake at this part and it wouldn't allow me to unlock the bootloader. The guide to unlock the bootloader doesn't explicitly mention one important detail. In the screen where you have to allow USB debugging, you must also enable the option saying "Allow OEM unlock" or something like that. I didn't enable that option at first and in fastboot it would tell me I was not allowed to unlock the bootloader. So I had to reboot the phone normally, go through all the MIUI setup and finally re-enable USB Debugging and enable "Allow OEM unlock".
BigBlarg said:
I made a mistake at this part and it wouldn't allow me to unlock the bootloader. The guide to unlock the bootloader doesn't explicitly mention one important detail. In the screen where you have to allow USB debugging, you must also enable the option saying "Allow OEM unlock" or something like that. I didn't enable that option at first and in fastboot it would tell me I was not allowed to unlock the bootloader. So I had to reboot the phone normally, go through all the MIUI setup and finally re-enable USB Debugging and enable "Allow OEM unlock".
Click to expand...
Click to collapse
You sir are my hero! That was the issue. Many thanks.
One other question, when flashing the rom is it safe to put it on the SD card, or does it need to be on internal?
BigBlarg said:
The guide to unlock the bootloader doesn't explicitly mention one important detail. In the screen where you have to allow USB debugging, you must also enable the option saying "Allow OEM unlock".
Click to expand...
Click to collapse
Good point, although on mine, "Allow OEM Unlocking" was enabled by default. I used the developer ROM. Is it possible that it's not enabled by default on the stable ROM?
BobSlob said:
One other question, when flashing the rom is it safe to put it on the SD card, or does it need to be on internal?
Click to expand...
Click to collapse
Yes, totally safe. That's how I did it and that's also how I flashed multiple other Android devices using TWRP. Never had any issue putting the ROMs on the SD card.
Pumpino said:
Good point, although on mine, "Allow OEM Unlocking" was enabled by default. I used the developer ROM. Is it possible that it's not enabled by default on the stable ROM?
Click to expand...
Click to collapse
I did use the stable ROM, so that could explain it.
Alright, another problem. TWRP (tried a few versions) is unable to mount and wipe any partitions... any ideas? =P
Edit "Cofface TWRP Fix" as linked in the guide boot loops me
BobSlob said:
Alright, another problem. TWRP (tried a few versions) is unable to mount and wipe any partitions... any ideas? =P
Edit "Cofface TWRP Fix" as linked in the guide boot loops me
Click to expand...
Click to collapse
Did you try flashing first the Safe TWRP?
Seems the standard TWRP worked fine, disaster avoided
Hello guys,
I've been trying to root this phone since i've bought it, problem is every option i read on the web doesnt work because phone's bootloader is locked, and all methods get to this point when u have to unlock ur phone bootloader but in order to do that u have to get in the phone bootloader wich is locked. So who the hell is giving advices like these i dont know. Problem is that i am motivated to still root it, nothing its impossible.
So i am asking, did anyone from EU, with the EU ROM (full of mallware) MIUI 8, managed to unlock its bootloader and then managed to root it ?! please lets discuss here the options that work and the options that didnt work so we can make it through and solve this problem, everything thats on web at this moment 27-11-2016 doesnt work on the False EU MIUI 8.
Thanks.
CatalinSava said:
Hello guys,
I've been trying to root this phone since i've bought it, problem is every option i read on the web doesnt work because phone's bootloader is locked, and all methods get to this point when u have to unlock ur phone bootloader but in order to do that u have to get in the phone bootloader wich is locked. So who the hell is giving advices like these i dont know. Problem is that i am motivated to still root it, nothing its impossible.
So i am asking you did anyone from EU, with the EU ROM (full of mallware) MIUI 8, managed to unlock its bootloader and then managed to root it ? please lets discuss here the options that work and the options that didnt work so we can make it through and solve this problem, everything thats on web at this moment 27-11-2016 doesnt work on the False EU MIUI 8.
Thanks.
Click to expand...
Click to collapse
Not posibble without unlocked bootloader. Even the pre-rooted China Developer rom needs phone with unlocked bootloader. Good luck with unlocking the bootloader.
EU ROM full of malware?!?! Where did you get that idea? Completely false.
Anyway as said, yes you do need to unlock bootloader. Impossible any other way, because the system has dm-verity (similar to HTC S-On) which prevents modification to /system. So if you can't modify system or boot partition then you can't put Superuser binaries anywhere. Unlocked bootloader allows to put Superuser on boot pertition.
Sent from my Redmi Note 4 using Tapatalk
CosmicDan said:
EU ROM full of malware?!?! Where did you get that idea? Completely false.
Anyway as said, yes you do need to unlock bootloader. Impossible any other way, because the system has dm-verity (similar to HTC S-On) which prevents modification to /system. So if you can't modify system or boot partition then you can't put Superuser binaries anywhere. Unlocked bootloader allows to put Superuser on boot pertition.
Sent from my Redmi Note 4 using Tapatalk
Click to expand...
Click to collapse
Can't we just flash a recovery-that can disable dm-verity using SP Flash and root the phone that way?
I am guessing not because no one has said it works
I'm getting rly impatient because I still havent got my bootloader unlock request approved yet lol
asusm930 said:
Can't we just flash a recovery-that can disable dm-verity using SP Flash and root the phone that way?
I am guessing not because no one has said it works
I'm getting rly impatient because I still havent got my bootloader unlock request approved yet lol
Click to expand...
Click to collapse
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
have you atempted to see what actually happens when a bootloader is unlocked? Like what does the miunlocker do/flash on the phone?
---------- Post added at 05:20 AM ---------- Previous post was at 05:04 AM ----------
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
I'm gonna try to flash a twrp recovery using this guide http://en.miui.com/thread-371349-1-1.html
and replace the recovery file with TWRP. Will report if it works
Yea it doesnt work haha
CosmicDan said:
No because dm-verity is enabled/set in the kernel (ramdisk on boot partition), and if you modify the boot partition with a locked bootloader then it won't boot
Locked bootloader = prevents boot partition from being tampered with
dm-verity = set in boot partition, prevents system partition from being tampered with
So you simply need to unlock bootloader, there is just no other way to exploit the device (no possible attack vector). The device is very secure, like all Marshmallow devices.
So what is this false EU firmware you speak of? Obviously not the xiaomi.eu one because that requires unlocked bootloader.
You can flash global stable via SP Flash Tool, that's your best bet while waiting for bootloader unlock. If it's taking more than 1 week then you can contact official support or something via en.miui.com forum (its down at the moment for some reason).
Click to expand...
Click to collapse
Hey can you upload you miunlock tool folder here? Want to see if the miunlock tool downloaded anything that enabled the bootloader unlock
asusm930 said:
Hey can you upload you miunlock tool folder here? Want to see if the miunlock tool downloaded anything that enabled the bootloader unlock
Click to expand...
Click to collapse
You can download it for free, just search for MiFlash - it's not a secret tool or anything.
Attempting to see what actually happens...? Even if I had the skills to reverse engineer MediaTek security, I wouldn't do it.
You're trying to do such simple things to trick the system but you need to realize that this hardware has been verified by Google themselves as secure and safe enough for Android Pay and SafetyNet and such. It *can not* be easily cracked, accept it.
Replacing recovery.img with TWRP? Seriously? How dumb do you think these companies are? Sorry for being rude but you really are just being silly.
You are wasting your own time, and now mine too... Sorry but I'm going to unsubscribe now because these questions are just getting silly.
Sent from my Redmi Note 4 using Tapatalk
CosmicDan said:
You can download it for free, just search for MiFlash - it's not a secret tool or anything.
Attempting to see what actually happens...? Even if I had the skills to reverse engineer MediaTek security, I wouldn't do it.
You're trying to do such simple things to trick the system but you need to realize that this hardware has been verified by Google themselves as secure and safe enough for Android Pay and SafetyNet and such. It *can not* be easily cracked, accept it.
Replacing recovery.img with TWRP? Seriously? How dumb do you think these companies are? Sorry for being rude but you really are just being silly.
You are wasting your own time, and now mine too... Sorry but I'm going to unsubscribe now because these questions are just getting silly.
Sent from my Redmi Note 4 using Tapatalk
Click to expand...
Click to collapse
Man, I did not know that xiaomi actually put that much effort on making their mediatek phones actually google levels of secure.
Was always under the impression that they sorta skimped out on their mediatek lines (as they had before).
Now I'll just not try to unlock it unofficially lol
asusm930 said:
Man, I did not know that xiaomi actually put that much effort on making their mediatek phones actually google levels of secure.
Was always under the impression that they sorta skimped out on their mediatek lines (as they had before).
Now I'll just not try to unlock it unofficially lol
Click to expand...
Click to collapse
They had before sure, but in the recent year or so (since they started actually locking bootloaders) things changed - they want to target international market too.
Only reason the devices are not sold globally is because of some Mediatek patent/legal battle or something, not too sure (it's literally the only reason why they have snapdragon "pro" versions). But the device has a global firmware sold in Taiwan and some other places, and it is Google CTS certified (preinstalled with Google Play) and, since it's Marshmallow, requires all kinds of Google-approved security measures these days, which a lot of countries need legally too, so yeah.
Glad you understand. I read that if it takes too long to get unlock code, you should try/already be flashed on China dev ROM - so do that if you have not already.
Have you tried the unlocking link on this link? http://xiaomi-mi.com/redmi-note-4/
Cleaning this up and clarifying as my original post was vague:
It is recommended that you unlock your bootloader before the 7.0 Nougat update. Although it will still be possible the process will be more difficult and risky afterwards.as you will need to use one of the edl mode tools (axon7backup, axom7tool).
The easiest way is to download this kit f you have the A2017U: (I can't speak to other models) (This kit and instructions are thanks to @jcadduono)
https://build.nethunter.com/misc/axon7/AXON7-A2017U-BL-UNLOCK-KIT.zip
https://build.nethunter.com/misc/axon7/INSTRUCTIONS.txt
The basic steps, which the above zip with take you through in detail are:
1. Flash Official B20 , enable OEM UNLOCKING after flashing.
2. Flash BLFastboot zip provided by ZTE when they had unlock method.
3. Enable OEM UNLOCKING in Developers Option
4. Boot to Bootloader
5. type : fastboot oem unlock
6. Done
Note: If you do not have the OEM UNLOCKING flag set in developer options you will get a soft brick. Also bear in mid this will wipe data.
All that being said I've heard Nougat to is going to be great from those in the know. In their words ”Well worth the wait! Hang in there!” from a HIGHLY credible source.
Why would anyone relock before update? I do agree anyone who wants to unlock should do it now.
lokissmile said:
For anyone looking to bootloader unlock, I've heard that the methods might change when the N update rolls out. It's a major update and although I personally don't have N and can't get a direct answer because those who know for sure are under NDA. I can tell you that the advice given to me is to not re-lock. So if you are thinking of unlocking your bootloader I'd do it soon while the methods are stable. Google confirmed that daydream is certified in an upcoming update so the daydream version of the stock ROM has been through googles QA. Might as well get ready now, we will probably have another surge of custom ROMS shortly after. I'm just sharing what I think is a best practice.
Click to expand...
Click to collapse
OK, so just to make it quick, for everyone, unlock your bootloader sooner than later. It is safe since you can revert it to a locked state at any time later.
lafester said:
Why would anyone relock before update? I do agree anyone who wants to unlock should do it now.
Click to expand...
Click to collapse
I do it on occasion to test things I'm working on. Better to warn people who might do it to get PoGo or SafetyNet working I figured.
lokissmile said:
I do it on occasion to test things I'm working on. Better to warn people who might do it to get PoGo or SafetyNet working I figured.
Click to expand...
Click to collapse
No need to bootloader lock an Axon 7 to get SafetyNet (Android Pay, PoGo, etc). Just do it the XDA way. But never relock!!!!
Could one of you guys explain whats so dangerous about relocking bootloader since u seem to know something I don't.
I have unlocked and relocked my bootloader several times by fastboot oem lock and restoring my stock fbop partition.
Have I done something wrong?
Regards,
mischa_martin
mischa_martin said:
Could one of you guys explain whats so dangerous about relocking bootloader since u seem to know something I don't.
I have unlocked and relocked my bootloader several times by fastboot oem lock and restoring my stock fbop partition.
Have I done something wrong? [emoji14]
Regards,
mischa_martin
Click to expand...
Click to collapse
Read the OP.
I think what the op is trying to say is that by unlocking the bootloader you won't get ota updates. You would need to wait until a twrp flashable update is out or a rom running Android 7.
stevecaboose said:
I think what the op is trying to say is that by unlocking the bootloader you won't get ota updates. You would need to wait until a twrp flashable update is out or a rom running Android 7.
Click to expand...
Click to collapse
That's how it's been since modifying the bootloader was a thing. Unlocked bootloader = no OTA.
tzbigworm said:
That's how it's been since modifying the bootloader was a thing. Unlocked bootloader = no OTA.
Click to expand...
Click to collapse
@stevecaboose
Unlocking Bootloader = Yes to OTA's.
Modding System and Boot = NO OTA's
hope that clear things up.
Close enough lol!
To be clear, it would be best to unlock before N is pushed out. I have it on good authority that unlocking your bootloader after you update to N will be more difficult and risky. Relocking would put you in the same situation. It's trivial to return to stock system+boot with an unlocked bootloader and TWRP and then the OTA will come through just fine. Or you can just wait for the TWRP flashable N stock ROM.
So to be clear, since I'm not 100% sure what affects the "system" and "boot" areas: I can unlock my BL using only guide 2 in this link ( https://forum.xda-developers.com/axon-7/how-to/guide-install-twrp-unlock-bl-flash-t3517379 ) and still get OTAs? If I install TWRP does that make me OTA-ineligible?
ScaryBugThing said:
So to be clear, since I'm not 100% sure what affects the "system" and "boot" areas: I can unlock my BL using only guide 2 in this link ( https://forum.xda-developers.com/axon-7/how-to/guide-install-twrp-unlock-bl-flash-t3517379 ) and still get OTAs? If I install TWRP does that make me OTA-ineligible?
Click to expand...
Click to collapse
TWRP/BL unlock doesn't affect OTA, ROOT does.
raystef66 said:
TWRP/BL unlock doesn't affect OTA, ROOT does.
Click to expand...
Click to collapse
You're totally wrong there,
TWRP will affect OTA's if the OTA need to check/patch recovery, BUT been Bootloader Unlock will NOT effect OTA.
To manage a clean/successful OTA's installation, you need to be FULL STOCK. (System, boot, Recovery, aboot if the OTA need to patched).
I think the OP was trying to say that it's possible current tools will not work to unlock the bootloader after the 7.x ota is installed.
DrakenFX said:
You're totally wrong there,
TWRP will affect OTA's if the OTA need to check/patch recovery, BUT been Bootloader Unlock will NOT effect OTA.
To manage a clean/successful OTA's installation, you need to be FULL STOCK. (System, boot, Recovery, aboot if the OTA need to patched).
Click to expand...
Click to collapse
I'm not fully agreed with that. You can install OTA's when you receive it, download it, install it when first booted into twrp cache. Only if you're not rooted. When you're rooted first unroot and in principle this should work.
There are several cases on internet about that. Even I did it with an unrooted but TWRP-ed Zopo C2. Received an OTA and installed it.
Im always glad to learn but IMO there are some possibilities to do the ota after all. But I am willing to accept it's a general fact that twrp could affect the normal OTA.
Edit : let's wait and see when B10 is rolling out and if I get a notification about that and if I can install it as a normal OTA(not with SD) with TWRP. Keep you updated:cyclops:
Noob here, forgive me ...
So what is the best way to only unlock bootloader without flash twrp?
A2017U, B29.
Thanks
eladmitz said:
Noob here, forgive me ...
So what is the best way to only unlock bootloader without flash twrp?
A2017U, B29.
Thanks
Click to expand...
Click to collapse
I`m on the same boat. What should be the safer procedure to unlock BL an still get the N OTA?
eladmitz said:
Noob here, forgive me ...
So what is the best way to only unlock bootloader without flash twrp?
A2017U, B29.
Thanks
Click to expand...
Click to collapse
felipe.vella said:
I`m on the same boat. What should be the safer procedure to unlock BL an still get the N OTA?
Click to expand...
Click to collapse
1- Download Official B20 from ZTE SITE (look Software Updates for the 6gb variant)
2- look in the forum for the B20fastboot zip file
3- Move both files to your SDCARD.
4- Enable OEM Unlocking under Developers Option
5- boot to stock recovery.
6- Install B20 official update via SDCARD (this will wipe Data)
7- boot and re-enable OEM Unlocking
8- boot to recovery and install B20fastboot zip
9- boot to Bootloader and Unlock bootloader using this command.
Code:
fastboot oem unlock
If I remember correctly will reboot and factory reset the device , you'll need to re-enable OEM UNLOCKING and boot to Bootloader to flash TWRP 3.0.3 USING fastboot commands
Huami started to lock the bootloader of the Amazfit watch in their official release 1.2.13 and 1.3.2b onwards.
If you want to keep the possibilty to flash custom software on your watch, DO NOT UPGRADE TO THESE VERSIONS. You will not be able to flash any other firmware afterwards.
PACEfied firmware is safe, and does NOT lock your bootloader.
UPDATE 14.07.17:
We have heard several times now via inofficial sources that Huami is working on an official bootloader unlocking service. So far, we, however, have no official information here.
On the other hand, Olivier (french developer on xda) has spent a significant amount of time to understand the unlocking process and we have succeeded to successfully unlock two watches. We are currently in the process of setting up a (free) unlocking web service, allowing individual xda users to unlock their watches for private usage (and accepting loss of warranty from Huami).
In case, Huami may ever come out with their service, we will stop our service, as we do not want to compete with Huami here, just filling the gap if Huami doesn't move forward with their unlocking service.
Please give us some time (we expect 2-3 weeks) to setup the unlock service.
UPDATE 7.08.17:
The unlock service is live now. Head over to https://forum.xda-developers.com/smartwatch/amazfit/tutorial-unlock-bootloader-warning-void-t3654011, if you want your bootloader unlocked!
Fastboot oem unlock
And the command to unlock the bootloader does not work?*
Code:
Fastboot oem unlock
scrubber said:
And the command to unlock the bootloader does not work?*
Code:
Fastboot oem unlock
Click to expand...
Click to collapse
No, neither does
Code:
fastboot flashing unlock
I wouldn't expect Huami to put efforts into locking the bootloader and at the same time making it that easy to unlock it again. This is no coincidence. They saw our work and reacted. That's what happened. Very sad
Neuer_User said:
No, neither does
Code:
fastboot flashing unlock
I wouldn't expect Huami to put efforts into locking the bootloader and at the same time making it that easy to unlock it again. This is no coincidence. They saw our work and reacted. That's what happened. Very sad
Click to expand...
Click to collapse
Perhaps we need to find the Fastboot oem command, they can be different for different devices
https://www.xda-developers.com/how-to-discover-hidden-fastboot-commands/
scrubber said:
Perhaps we need to find the Fastboot oem command, they can be different for different devices
https://www.xda-developers.com/how-to-discover-hidden-fastboot-commands/
Click to expand...
Click to collapse
Well, the strings dump shows that the "oem unlock" command seems to exist, but it indicates that an unlock code is necessary, probably based on the serial number of the watch:
strings dump extract:
Code:
oem:
unlock
serial no length is null
magic_serialno:%s
, len:%d
%02x
uncrypted_str_serialno:%s
Unlocked code sucess
Unlocked code is error
Unsupport oem cmd
FAILED: The command is not recongized
So, we have three possibilities:
We find the method on how the code is calculated based on the serial of the watch
We find the location, where u-boot stores the variable, if the device is locked or not (EDIT: I would expect that in the Misc partition.)
We just reflash the old bootloader (easiest, but only temporary until next OTA update)
Neuer_User said:
So, we have three possibilities:
We find the location, where u-boot stores the variable, if the device is locked or not (EDIT: I would expect that in the Misc partition.)
Click to expand...
Click to collapse
Drop me stock ota 1.2.11c and 1.2.13
scrubber said:
Drop me stock ota 1.2.11c and 1.2.13
Click to expand...
Click to collapse
You will only need the bootloaders (rest of the OTA is just modified apks). I will send them both (old and new one) to you via PM. It would be necessary to disassemble and understand the new bootloader (the old one does not have any OEM commands and also did not read the serial no at all, instead displayed always a dummy serial).
The serial is stored on the misc partition, so the bootloader now needs to read this partition. That's why I believe they probably stored the lock/unlock flag also there. We just need to know which byte.
Of course, if there were someone with a functioning unlock code, he could dump his misc partition before and after unlocking. That would make it pretty clear
so I now have no way to flash a stable version starting from 1.2.13?
It's safe to update 1.3.2b ? English version
zbuh said:
It's safe to update 1.3.2b ? English version
Click to expand...
Click to collapse
No, also locks bootloader. But there is a good chance that we can unlock or reflash the bootloader, if someone wants to switch firmware later.
I also have this problem. I accidentally updated my Amazfit to the latest version official rom. Now I wanted to upgrade to PACEfied, but the bootloader is locked.
Do you have any ideas how to unlock it?
Hi neur_user will I be losing the interval timer and countdown timer app that I installed in pace 1.3.1m rom if update it to 1.3.2b since you said it is bootloader locked? And can you still install developers app in 1.3.2b?
powerforward said:
Hi neur_user will I be losing the interval timer and countdown timer app that I installed in pace 1.3.1m rom if update it to 1.3.2b since you said it is bootloader locked? And can you still install developers app in 1.3.2b?
Click to expand...
Click to collapse
Instalation of additional apps like those timer apps should still work.
barciol said:
I also have this problem. I accidentally updated my Amazfit to the latest version official rom. Now I wanted to upgrade to PACEfied, but the bootloader is locked.
Do you have any ideas how to unlock it?
Click to expand...
Click to collapse
I have an idea how we can unlock the bootloader. In the weekend I will see if I can post a tutorial.
Well, I don't know what I could gain by flashing PACEified FW on my watch... all I've really been looking for is working notifications from my phone to the watch. I'm coming from wearing a Samsung Gear Live that's now worn-out, and it integrated into my life by bringing notifications to my wrist. The Amazfit was perfect for fitness, runtime, and notifications -- but notifications have never worked despite all my hacking and flashing (originally came with Chinese ROM). My saga so far is detailed here: https://www.reddit.com/r/amazfit/comments/61w4ga/most_notifications_not_coming_through_facebook
I flashed the English ROM to it tonight, and proceeded to OTA it (because newer is better, right?). The update failed as I still had the Chinese recovery on it. When it failed, I decided to try intercepting the update bundle before it rebooted. I succeeded, by kicking it into Fastboot mode using the power-button trick, then I pulled the 1.3.2b update.zip file through the "mod recovery". That file is here: https://mega.nz/#!nIBDhLrR!7nQlWsn-TF4bsMNBSaTOfimY-vo-Z2R3dSavrDp1wsA
I fixed my recovery with help of another thread, and OTA'd again to success - the darn thing took a good solid 10 minutes to run the ~33MB update! The progress bar hung the longest (~2 mins each) near the "w", "c", and at the end of "watch" in the message about not powering off the watch. Rather surprising, and wasn't sure if it hung due to my mods or what it was doing...
Hopefully this helps someone interested in looking into how the bootloader gets locked (IDK if Amazfit expected someone to intercept this, being as it's near impossible to intercept except with a MitM on WiFi), perhaps in exchange for some help with these notifications?
Neuer_User said:
I have an idea how we can unlock the bootloader. In the weekend I will see if I can post a tutorial.
Click to expand...
Click to collapse
I'm stuck in 1.2.13 dev, if u want i can test the unlock
Cracklydisc said:
I'm stuck in 1.2.13 dev, if u want i can test the unlock
Click to expand...
Click to collapse
OK, will prepare it today and send it to you.
Neuer_User said:
OK, will prepare it today and send it to you.
Click to expand...
Click to collapse
I also want test the unlock. Please contact with me
barciol said:
I also want test the unlock. Please contact with me
Click to expand...
Click to collapse
Just to clarify: Technically, it is not "unlocking" the bootloader. It just reflashes the old one (which did not have the locking function). That implies that the "unlocked" bootloader will only stay "unlocked" until you install the next official OTA update (which again flashes the locked bootloader). If you move to PACEfied, then that is ok, as PACEfied certainly does not lock your bootloader.
It took 28 days an a number of fails an misstarts. My hardest cellphone to unlock boot loader ever.
I finally had success with a guy off youtube an waited 168hrs.
MiFlash Unlock Unofficial by KK World.
Link for those of you who struggled like me here is the link to a bootunlocking software that actually shows a countdown.
That was my issue i think. Miunlock showed a bunch of Chinese characters with no countdown.
KK world unofficial was the only one that showed an hr countdown.
Good luck everyone
MiFlash Unlock Unofficial by KK World - Google Search
This is an isolated case. Most of the users on this forum have unlocked their X3 using the official Xiaomi app with no issues.
I suggest people who read this post stick to the updated and official app. Unofficial apps may only serve to increase your waiting time.
Revontheus said:
This is an isolated case. Most of the users on this forum have unlocked their X3 using the official Xiaomi app with no issues.
I suggest people who read this post stick to the updated and official app. Unofficial apps may only serve to increase your waiting time.
Click to expand...
Click to collapse
I found stock miunlock did not work as I was never able to get an English countdown. I cannot be the only one who had this issue? There are all different skill levels buddy. It says senior member but I am anything but. I cannot even compile code lol.
Just trying to help.
Revontheus said:
This is an isolated case. Most of the users on this forum have unlocked their X3 using the official Xiaomi app with no issues.
Click to expand...
Click to collapse
Can't talk about other, but as a Linux user the only solution I found was xiaomitool V2
Counter-example here: with an European v1.0.4.0 stock ROM, I was able to unlock the bootloader after the customary 7 days delay with the regular Mi Unlock tool. Seems YMMV.
pnin said:
Counter-example here: with an European v1.0.4.0 stock ROM, I was able to unlock the bootloader after the customary 7 days delay with the regular Mi Unlock tool. Seems YMMV.
View attachment 5178567
Click to expand...
Click to collapse
Well, I got about 21 days on Global Nfc then I try it again after 2 days Then Got only 92 hours.
Is there any way to unlock the bootloader under Linux? I tried to install a Windows VM and set up USB pass through to use the tool but my computer is to poorly spec'd to run a VM. During the unlock process is the connected as a USB device or does it present as a serial port?
You must do it under windows unfortunately.
Send an email to Xiaomi and put some pressure on them to develop a linux tool or simply allow bootloader unlock using fastboot.
J-Mizzle said:
I tried to install a Windows VM and set up USB pass through to use the tool but my computer is to poorly spec'd to run a VM.
Click to expand...
Click to collapse
Maybe creating a Windows VHD will run good enough for you. FYI, here's a step-by-step that may be of help...
Boot from VHD
pnin said:
Maybe creating a Windows VHD will run good enough for you. FYI, here's a step-by-step that may be of help...
Boot from VHD
Click to expand...
Click to collapse
Thanks, I'll look into that option.
Bryceicle1971 said:
It took 28 days an a number of fails an misstarts. My hardest cellphone to unlock boot loader ever.
I finally had success with a guy off youtube an waited 168hrs.
MiFlash Unlock Unofficial by KK World.
Link for those of you who struggled like me here is the link to a bootunlocking software that actually shows a countdown.
That was my issue i think. Miunlock showed a bunch of Chinese characters with no countdown.
KK world unofficial was the only one that showed an hr countdown.
Good luck everyone
MiFlash Unlock Unofficial by KK World - Google Search
Click to expand...
Click to collapse
Technical Experience Right there
Running-___--Elephants said:
Technical Experience Right there
Click to expand...
Click to collapse
I'm an amateur man. Cellphones are a hobby. No idea why xda have decided I'm a 'senior member' next to my name I drive forklifts for a living an enjoy custom roms. I can't even write code lol.
I just found this bootloader extremely difficult to unlock. Every other Xiaomi device I've had it has been about a week.
I got 168 hours for my bootloader unlock. I assume I can continue using my device and then use the unlock tool again in a week for a successful unlock?
Anybody? I have never had a device with MIUI so the bootloader unlocking seems strange.
J-Mizzle said:
I got 168 hours for my bootloader unlock. I assume I can continue using my device and then use the unlock tool again in a week for a successful unlock?
Click to expand...
Click to collapse
Ur correct....just not unbound ur Mi account from ur phone all this period.
J-Mizzle said:
Anybody? I have never had a device with MIUI so the bootloader unlocking seems strange.
Click to expand...
Click to collapse
same with huawei bootloader unlocking process they give you oem unlock key via email ... they making bootloader unlocking so complicated
Unlocked my bootloader and flashed crDroid. I get a message saying the current user is unable to edit apn setting, so I am unable to get my data working. This happens no matter what rom I install. Any way to fix this issue?
J-Mizzle said:
Unlocked my bootloader and flashed crDroid. I get a message saying the current user is unable to edit apn setting, so I am unable to get my data working. This happens no matter what rom I install. Any way to fix this issue?
Click to expand...
Click to collapse
format data partition??
ineedroot69 said:
format data partition??
Click to expand...
Click to collapse
I did. No dice.
So the unofficial one version 3 unlock the phone instantly without wait time?
Any other newer tool to unlock the bootloader for Poco X3 NFC ?