How To Guide Dark room (i.e. icebox for bloatware) - Xiaomi 12S

Xiaomi, while way better than Huawei in terms of bootloader unlock support etc, still has an issue of bloatware. This is where Dark room comes in. It is a simple app that can run in various modes to disable apps that refuse to be disabled. This would be a nice GUI to disable apps. No more finding package names and uninstalling from adb!
Requirements: another computer or terminal emulator with adb
icebox app:https://www.coolapk.com/apk/web1n.stopapp
You DO NOT need to unlock your bootloader. This can all be done from adb. Just enable it in developer settings.
It supports multiple modes, including shizuku mode.
Be aware that while using device owner mode means it survives restarts, you would have to log out of all accounts on the device including the Xiaomi account, and other users (also called second space) will be deleted. You would have to log back in manually. The app developer has also included a support page for a GUI application which can set device owner (basically it inputs adb commands that delete accounts and then sets device owner)
https://stopapp.https.gs/nonroot.html
Bugs: DO NOT disable critical system apps. You will end up soft bricking your device. System reset is your only option now.

Related

[Q] Change/remove lock code with internal class or adb shell

Problem:
I'm an app developer. I have one app that let's you lock the device using Device Administration. One of my users had some conflicts with my app and another. He then removed Device Administration and uninstalled my app, rebooted his phone, and now he cannot access his phone.
He of course cannot use my app to change the password now (since it's uninstalled).
His phone is stock 2.2 LG Optimus V, Virgin Mobile, Rooted.
Question:
I'm needing to find a way that my user can now change his lock code.
I need:
1.) to know an internal class (from com.android.internal) that I could use within an app to change the lock code (just like the system settings do).
OR
2.) to know a command I can use with adb shell to remove or change the phone lock code.
OR
3.) to know the location of the file that stores the lock code information.
Any help is greatly appreciated.
I did actually manage to rewrite a couple pieces of my app, install with adb install, then start it with adb shell am start, and re-enable device admin. So I was able to make it work.
This also worked when my user tried it. Problem Solved.

Tasker 'Secure Settings' ADB access - How 'safe' is it ??

Ok lets first explain the situation
I've been dabbling with Tasker (Paid for version)- getting some automation depending on certain situations (mainly stuff like 'If I'm @ {location} get volumes set high' or ' If Unread msg then vibrate my Amazefit bip watch' - Nothing too complicated using variables / javascript etc)
One situation I want to attempt though is 'If Gpay app is started - turn on NFC, but when I leave the app - turn NFC off'
Now I already know there are 2 'main' ways I can turn on/off NFC in Tasker.. either use 'AutoInput plugin' or use 'Secure Settings'
- I've tried with Autoinput plugin but the problem is that with the free option, you need to watch an Ad every day to use it but of course I can pay for it (its only a couple of quid)
However you can't Install it & pay for it directly from within the plugin - you need to install yet another App (AutoApps) first - & although this one is free - I just don't like adding more bloat to my phone than necessary. Adding both the plugin & this additional App adds (although only a 'minor' amount) up to 20Mb
The other method is give Tasker 'Secure settings' permission
- So I read the 'What to do to give 'Write Secure Settings Permission' to Tasker' (enable Developer mode > Usb Debugging > Install ADB on PC etc etc) & it looks simple enough,
But (a loooong time ago) I tried other 'hacks' & it ended up disastrously (probably I did something wrong with missing a step or something) & I just want to make sure that it IS as simple as it seems and also ask how safe is it
for example
* If I type in the command in ADB - could something go wrong & could it crash/brick the phone ?
* Is this permanent - ie if I turn off/on phone or if I get an OTA update & phone restarts - will it stay, or will I have to repeat the ADB command each time ?
* Will this 'break' official OTA updates (whether security &/or Android firmware) - I once did a firmware update with a step that used ADB (IIRC) & it broke something that prevented any updates from happening
- official OR manual firmware updates
Any help/advice would be appreciated
Cannon_Foddr said:
* If I type in the command in ADB - could something go wrong & could it crash/brick the phone ?
* Is this permanent - ie if I turn off/on phone or if I get an OTA update & phone restarts - will it stay, or will I have to repeat the ADB command each time ?
* Will this 'break' official OTA updates (whether security &/or Android firmware) - I once did a firmware update with a step that used ADB (IIRC) & it broke something that prevented any updates from happening
- official OR manual firmware updates
Click to expand...
Click to collapse
ADB is the door to your phone's Android. It's a tool not meant to be used by John Doe. Wrongly used you can brick your phone. Hence it's by default disabled.
1. Yes, using ADB you can render your phone absolutely useless. If you e.g. enter
Code:
adb shell rm -rf /
then phone gets totally wiped ( really all gets destroyed, it gets naked ) - you can throw it into electric waste.
2. ADB commands aren't persistent, but their results may be.
3. ADB itself breaks nothing: it's a driver installed on your computer that let you access Android's files and launch Android executables.
Thanks for the reply
I doubt I'll use THAT command.
I forgot to mention what tasker's command is
adb shell pm grant net.dinglisch.android.taskerm android.permission.WRITE_SECURE_SETTINGS
Not 100% sure about your last comment though.
ADB allows access to android files so changing android files could break things, which I'm worried about especially with OTA updates etc. (my last phone stopped getting OTA updates when I rooted it despite using official firmware)
However IF I understand the above command all this does is tell the android operating system ('android') to only give the tasker app (which 'Real' name is 'net.dinglisch.android.taskerm') the rights ('permission') to access the required settings ('WRITE_SECURE_SETTINGS') which the NFC on/off toggle is part of (settings >connected devices > connection preferences> nfc) & 'shouldn' t' affect any other files such as OTA (unless OTA is also part of secure setting?)
@Cannon_Foddr
As I can see you until now haven't understood what ADB is, how it works.
Same probably your understanding of what an OTA is.
Personally never would allow 3rd-party apps ( like Tasker ) to modify sensible system settings: Tasker isn't an open-source app, so you can't control what it does in the last run.
It's simply on you to decide whether Tasker is given that right, or not ...
Can't see why 'open-source' has to do with this
IMHO if Open-source - anyone can release similar apps with added extra hidden code that could spy's on you/steal info etc, but a 'closed sourced' app from a long running developer (tasker been around for 10yrs with over 1mil downloads) must mean people seem to trust him/them & if he was 'dodgy' surely he would've been caught out by now
Anyway the Bottom line seems to be
Safe route: pay for plugin & live with extra bloatware
Or
Risky route: give access to secure system resources, see what happens & keep fingers cross nothing does
Thanks for your replies.. I think I may have to sit down & have a long hard think which route I feel more comfortable with
I have been using Automate for about 4 months now. I granted it WRITE_SECURE_SETTINGS and I have not noticed any modifications in my system. Granted I may have not looked specifically for them but as far as braking the system or disruption of OTAs no issues so far
DennisHarrows said:
I have been using Automate for about 4 months now. I granted it WRITE_SECURE_SETTINGS and I have not noticed any modifications in my system. Granted I may have not looked specifically for them but as far as braking the system or disruption of OTAs no issues so far
Click to expand...
Click to collapse
I assume you had to do something like Taskers command then to grant the secure settings
( "adb shell pm grant net.dinglisch.android.taskerm android.permission.WRITE_SECURE_SETTINGS" )
Cannon_Foddr said:
I assume you had to do something like Taskers command then to grant the secure settings
( "adb shell pm grant net.dinglisch.android.taskerm android.permission.WRITE_SECURE_SETTINGS" )
Click to expand...
Click to collapse
Automate is straight forward, there is a toggle for "modify system settings" needed for some tasks to run and one you run the ADB command, it's done

Samsung stock to no-Google MicroG based privacy reconfigure step by step

This is Niall's guide to reconfiguring stock Samsung S10 Android 10 into a privacy focused MicroG based sytem purged of the stock spyware and annoying and useless stuff, but with the actually useful Samsung Apps such as Camera, and VoLTE remaining fully functional. Don't get me wrong here, LineageOS on the S10 is better in all ways especially in regular security updates, but the current LineageOS camera experience just can't compete with Samsung's deep integration of camera software and hardware. I therefore reluctantly offer this guide as a stopgap until LineageOS gets a better Samsung camera experience.
After completing this guide, you will have only these apps left installed visibly in the launcher:
Aurora Services and Aurora Store (to replace Play Store)
Brave privacy web browser + Bromite privacy web view
Samsung Calendar
Samsung Camera
Samsung Clock
Samsung Contacts
F-Droid
Samsung Gallery
Magisk Manager (root, customisations etc)
Google Maps (retained only due to its great usefulness for public transport)
Samsung Messages (for text messages)
microG Settings
Samsung My Files
OsmAnd (for offline navigation)
Samsung Phone
Samsung Settings
Upon each boot you can choose whether you will have root via Magisk by booting your phone with the correct buttons pressed (Volume Up + Bixby + Power, but released after the boot screen). There is no need to run with root available, per boot, unless you want it.
The principle things removed from stock are:
Samsung AR stuff
Samsung Bixby (apart from QR codes and Routines which are useful)
Google Chrome (it keeps hanging and stalling if used with MicroG, and besides it leaks your browsing habits)
Google GMail
Facebook (all traces)
Google YouTube (you ought to use NewPipe from F-Droid instead)
Samsung App store
Samsung Games home app
Microsoft OneDrive
Samsung Tips
Samsung DexOnPC (it spams you with messages)
Samsung EasySetup (also spams you with messages)
Samsung Edge Panel (the swipey translucent tab which floats above at the top right and gets in the way of taps)
Google Play Store
Google Accounts
Google Services
Samsung Launcher and its Recent Apps, replaced with custom One Plus Launcher and its Recent Apps
Note that this is NOT a deep "debloat", I only removed the bits you can see, which make themselves noticeable, or stuff known to leak your information to others. I left everything else alone, even if on most common "debloat" lists for the S10.
This guide uses Nanodroid, which has a reputation for installing lots of stuff you don't want, which puts a lot of people off using it. As of recently, Nanodroid now offers small, single purpose, packages which you individually combine to get what you want. So no more random ringtones nor backdrops being installed that you don't want!
You should be warned that this conversion leaves your device insecure. OTA updates from Samsung self disable as soon as you modify any system image, so you'll need to manually go retrieve new firmwares and repeat the below instructions (obviously flashing HOME_CSC instead of CSC to not factory reset the device) to stay secure.
Privacy achieved limitations
As with any device with a mobile (cellular) connection, as soon as you see a mobile phone (cell) signal, your position is exposed as they can track you by IMEI. Outside the EU, your historical, and sometimes current, location data is routinely sold for money by your provider to commercial third parties. Within the EU, your mobile provider is not supposed to expose your location to anyone but law enforcement without your explicit permission, but some providers are still catching up with GDPR and still relying on implicit permission buried deep inside EULA text. In any case, as soon as you see a mobile phone tower with your phone you have declared your position, and only airplane mode prevents that. This is unavoidable no matter how you configure any device capable of interacting with mobile phone masts.
Google Maps obviously leaks your location and movements to Google as soon as you open it, so you should prefer to use OsmAnd for offline maps and navigation whenever possible. Equally only Google Maps can route over public transport, knows when buses will arrive etc, so that's why I've kept it. Use judiciously!
MicroG needs to register with Google for push notifications, otherwise stuff like WhatsApp doesn't work. MicroG leaks as little information about you as it can, but ultimately Google can see from where you register including if by wifi alone, and thus determine your coarse location. You may wish to consider a VPN if you wish to obscure your physical location.
As much as you may secure your phone, individual apps you install may leak a great deal about you. For example most apps for tracking ovulation and when you have sex sell your personally identifying data and when you do it to others for money. You personally may not install such apps, but if anyone enters your private information into any phone, then your information is leaked. That information is composed into commercial databases which record everything about everyone. Is this paranoid? Note I said commercial databases. Most western governments are prohibited from mass survellience, so they simply buy the data from private firms which aggregate everything there is to know electronically about you. Amongst the many companies providing such service are Experian (you can request a dump of what they know about you, prepare to be disgusted) and Palantir (legislation hasn't caught up with them yet).
Finally, even if you are always in airplane mode, and all your friends and loved ones are as aware of personal data leakage as you are, ultimately this is a losing fight. Every time a CCTV camera facial recognises you, every time a satellite tracks your car, it's all being aggregated into databases about everyone, and more importantly, whom everyone has relations with. Even the device-less person is recorded, studied, tracked, and inferred from by algorithms. There is only so much any of us can do.
Instructions
Preparation: go find APKs for the following:
Magisk Manager. Rename it to MagiskManager.apk.
You really ought to insert a micro sd card. It makes life vastly easier when wiping the device, and this guide assumes that you have inserted one.
Make sure your bootloader is unlocked and your device has been configured to accept unofficial binaries. You can find instructions for how to do this at https://topjohnwu.github.io/Magisk/install.html#samsung-system-as-root. You will need adb shell working with your device in Developer mode.
In Odin, flash your choice of stock Android 10. Flash all parts, choosing CSC not HOME_CSC for the CSC slot in order to ensure a factory reset. Do NOT skip this complete reset to stock. Boot into stock firmware, enable wifi, and download and install any security updates available.
After updates have installed, enter Settings and MAKE SURE that OneUI is v2.5 or later. I originally wrote this guide in July 2020, but due to a showstopper bug in OneUI before v2.5 I had to sit on releasing this guide to xda-developers until September 2020 when OneUI v2.5 for S10 went public.
It will likely take multiple attempts of holding volume Up, Bixby and Power to boot into Stock Recovery, but keep at it until you get there. In Stock Recovery, reboot into bootloader mode. On Odin, flash AP slot with Ian's TWRP img + disabled vbmeta.img placed into a TAR archive using images and instructions from https://forum.xda-developers.com/ga...ecovery-twrp-3-3-0-galaxy-s10-exynos-t3924856.
Boot into TWRP recovery using Volume Up + Bixby + Power On. This may also take multiple attempts. It may be useful to know, if stuck on the first boot Samsung logo (you don't need to worry about interrupting first boot right now), that holding volume down and power button for long enough will force reboot the device.
In TWRP format data. Do NOT skip this part. This removes Samsung's encryption of the internal sdcard so you can take backups of your data etc in TWRP.
In TWRP install Ian's multidisabler zip available from https://forum.xda-developers.com/ga...ynos/g97xf-multi-disabler-encryption-t3919714. Make SURE you rename it to contain the string "_btfix" before you copy it to the sdcard by MTP (this enables the Bluetooth settings loss fix).
Put into a file called .nanodroid-setup:
Code:
nanodroid_nlpbackend=1001
nanodroid_play=21
nanodroid_gsync=0
This custom .nanodroid-setup adds the install of the radiocells location backend (this uses a downloaded on-device database of mobile phone mast ids to locate you), and prevents the install of the Google Sync Adapters which prevents Google getting your contacts list and calendar.
In TWRP mount Product, System and Vendor.
Do the following from your PC with TWRP still running:
Code:
adb shell
rm /system_root/system/app/ARZone/ARZone.apk
rm /system_root/system/app/BixbyWakeup/BixbyWakeup.apk
rm /system_root/system/app/FBAppManager_NS/FBAppManager_NS.apk
rm /system_root/system/app/Facebook_stub/Facebook_stub.apk
rm /system_root/system/app/YouTube/YouTube.apk
rm /system_root/system/priv-app/Bixby/Bixby.apk
rm /system_root/system/priv-app/BixbyAgentStub/BixbyAgentStub.apk
rm /system_root/system/priv-app/BixbyService/BixbyService.apk
rm /system_root/system/priv-app/GalaxyAppsWidget_Phone_Dream/GalaxyAppsWidget_Phone_Dream.apk
rm /system_root/system/priv-app/GalaxyApps_OPEN/GalaxyApps_OPEN.apk
rm /system_root/system/priv-app/GameHome/GameHome.apk
rm /system_root/system/priv-app/FBInstaller_NS/FBInstaller_NS.apk
rm /system_root/system/priv-app/FBServices/FBServices.apk
rm /system_root/system/priv-app/EasySetup/EasySetup.apk
rm /system_root/system/priv-app/OneDrive_Samsung_v3/OneDrive_Samsung_v3.apk
rm /system_root/system/priv-app/Tips/Tips.apk # stupid Samsung Tips popups
rm /system_root/system/priv-app/DeXonPC/DeXonPC.apk
rm /system_root/system/priv-app/CocktailBarService_v3.2/CocktailBarService_v3.2.apk # Edge panel top right floats
rm /system_root/system/app/Chrome/Chrome.apk
rm /system_root/system/app/ChromeCustomizations/ChromeCustomizations.apk
rm /system_root/system/app/Gmail2/Gmail2.apk
rm /system_root/system/app/GoogleCalendarSyncAdapter/GoogleCalendarSyncAdapter.apk
rm /system_root/system/app/GoogleContactsSyncAdapter/GoogleContactsSyncAdapter.apk
rm /system_root/system/app/GoogleLocationHistory/GoogleLocationHistory.apk
rm /system_root/system/priv-app/SetupWizard/SetupWizard.apk # Without removal never passes initial setup
rm /system_root/system/priv-app/TouchWizHome_2017/TouchWizHome_2017.apk # OneUI launcher
# Stuff replaced by MicroG
rm /system_root/system/priv-app/GmsCore/GmsCore.apk
rm /system_root/system/priv-app/GoogleServicesFramework/GoogleServicesFramework.apk
rm /system_root/system/priv-app/Phonesky/Phonesky.apk
rm /system_root/system/priv-app/Velvet/Velvet.apk
mkdir /system_root/system/app/MagiskManager
exit
adb push MagiskManager.apk /system_root/system/app/MagiskManager/
adb push .nanodroid-setup /external_sd/
All the removed apps free up enough space on the priv-app partition to install the Nanodroid apps coming next, so the above step isn't really avoidable. You also need to repeat it after any firmware upgrade.
In TWRP install exactly these individual packages from https://gitlab.com/Nanolx/NanoDroid:
NanoDroid-BromiteWebView-23.0.1.20201029.zip
NanoDroid-fdroid-23.0.1.20201029.zip
NanoDroid-microG-23.0.1.20201029.zip
NanoDroid-OsmAnd-23.0.1.20201029.zip
NanoDroid-patcher-23.0.1.20201029.zip
(Later, but not earlier, versions will probably work fine too)
Still in TWRP, install the modded One Plus Launcher from https://forum.xda-developers.com/android/apps-games/app-oneplus-launcher-4-6-4-t4140631. You will want the TWRP for ROM edition (NOT GSI!). Note that if you don't want the One Plus Launcher, and are happy with the stock Samsung launcher (which may send telemetry to Samsung), don't delete the TouchWizHome_2017 apk earlier on. If you want a different launcher altogether, be aware that you need one which specifically implements an Android 10 Recents provider. Many popular choices e.g. Nova Launcher, do not.
NOTE: There is a bug in v4.6.5 of the One Plus Launcher TWRP install script which silently fails to install anything into /system. To fix, extract the contents of the zip file. After TWRP install, remount Product, System and Vendor, then do 'adb push TWRP.ROM.OnePlus.4.6.5.RandomAJL\system /'. Then reinstall the ZIP within TWRP to set permissions.
Reboot into System. It will get stuck on the Samsung boot logo for a while, but will eventually open onto the final All Done stage of setup (we earlier removed all the earlier parts of setup). Hit Finish to reach the One Plus Launcher. Enable wifi and connect to your wifi connection.
Once into the device, open the microG settings app. Run the Self-Check, the "System grants signature spoofing" will be unticked. Tap it, grant permission. The item "Play Store (Phonesky) has correct signature" will also be unticked. Tap that, grant permission. Now the self check should report everything is working and having correct signature. Signature spoofing should be working.
Within MicroG settings, enable Google device registration, cloud messaging and safety net. If you don't enable these, any applications you install next will never receive notifications, ever. Enter location modules. Enable Deja Vu, Radiocells and Nominatim backends. The Deja Vu backend doesn't need configuring, it simply records Wifi and mobile phone mast data and your GPS location when available, and builds a database matching wifi and mast data to GPS. Next tap the Radiocells entry, then Configure, then download offline catalog now, choose your country, then choose offline mode. Now your phone can locate itself purely using an offline database of phone masts and wifi. Next tap the Nominatum entry, then Configure, then choose Nominatum API server, and then OSM.
Open OsmAnd~ the app, choose your country, and download your offline map so you can navigate without an internet connection. Open the app, ensure navigation is working.
Enable and enter Developer options in the settings, open the WebView implementation, and set it to Bromite System WebView.
You should now root your device. Copy Ian's TWRP img to the sdcard, then open Magisk Manager with a wifi connection active. Choose install. Then choose Select and Patch file. Patch Ian's TWRP img previously copied. Magisk Manager will output a root patched img into Downloads. Copy that back to the PC. Make a new TAR file of that and the vbmeta disabled image. Flash that in Odin in the AP slot. Boot the device using Volume Up + Bixby + Power, but release as soon as the bootloader warning screen appears. Go back into Magisk Manager, let it do its install and setup. If root ever appears to have got lost or isn't working, check the Magisk Manager, you probably forgot to hold the right keys during boot.
Go to https://nextdns.io/ and create yourself an account and unique id. From Aurora Store, find and install the NextDNS app. Configure the app with the id you got from your account on the website, and tell it to send your device's name. NextDNS acts as if a VPN for your Android device and thus all internet traffic routes through it, but it blackholes DNS lookup for a configurable list of items in your NextDNS account. Via this, you can block a long list of leakage of your personal information, and also optionally block ads on your device. If you log into nextdns.io from time to time, you will no doubt be fairly saddened by how much of your data is attempted to be leaked all the time.
From Aurora Store, find and install the Brave privacy web browser. As we removed Chrome due to it not working well with this modified system (it keeps stalling), you will need a new system web browser in any case and out of the box, Brave blocks all adverts and tracking. If you enter its settings, you can also disable Javascript by default (only enable it per site on a case by case basis, you can enable temporarily per site, or store an exception). Be aware that if you don't enable Brave rewards, the Brave authors silently pocket any BAT tokens your web browsing earns, so you may wish to enable Brave rewards for the very tiny income generated by your attention if you leave Brave ads disabled (it is local browser only, nothing gets enabled online, BAT tokens are conferred by crypto exchange so none of your browsing gets leaked). Personally speaking, I'm quite keen on the idea of me getting paid personally to see adverts as none of my personal browsing history leaves the Brave browser, even if it's pennies a month, so I leave that stuff turned on.
Settings
You probably want a decent set of settings rather than iterating through the Settings app. These are mine obviously, so you can skip these or not. With Developer Mode enabled, do the following:
Code:
adb shell
settings put global display_size_forced 1440,3040
settings put global navigationbar_key_order 1
settings put secure default_display_density_forced 560
settings put secure display_density_forced 560
settings put secure default_display_size_forced 1440,3040
settings put secure package_verifier_state 1
settings put secure screensaver_components
settings put secure selected_input_method_subtype 65538
settings put secure ui_night_mode 2
settings put system hdr_effect 1
settings put system display_night_theme_wallpaper 1
settings put system screen_off_timeout 300000
settings put system aod_servicebox_page_gravity 17
settings put system aod_show_state 1
settings put system aod_tap_to_show_mode 0
settings put system display_night_theme 1
settings put system hearing_diagnosis 1
settings put system hearing_direction 0
settings put system hearing_musiccheck 0
settings put system hearing_parameters 5,5,5,5,5,5,5,5,5,5,5,5
settings put system hearing_revision 0
settings put system hearing_videocheck 0
settings put system lock_clock_adaptive_colors 'fffaeecd;ffd9faeb;fffae7b4;ffc0fae0'
settings put system qs_detail_content_primary_text_color -2500135
settings put system qs_detail_content_secondary_text_color -1710619
settings put system remote_control 0
This is mainly how I like my settings. I want the actual resolution of my fancy device, not some subset (why bother buying a device with better otherwise?). I want dark theming to take advantage of power saving in my fancy AMOLED screen.
Swype keyboard
Enter Settings, General Management, Language and input, On-screen keyboard, then Samsung Keyboard, and then Swipe, Keyboard swipe controls. Enable Swipe to type.
Firmware upgrades
To apply future firmware upgrades, you will need to acquire the latest Samsung firmware for your device from a reputable source. You almost certainly want to take a full backup in Titanium Backup, and copy that backup onto an external sd card to be safe. During flashing in Odin, flash the HOME_CSC, not the CSC, image into the CSC slot. This should preserve all your settings and installed applications. Disable auto rebooting in the Odin options. Then when the flash is done, manually reboot into stock recovery, then back into Download, then flash the root modded Ian's TWRP recovery you made earlier into the AP slot. Reboot into TWRP, and repeat all the steps above.
If you do it right, you'll reboot into your device just as you left it, just with all the components upgraded to latest. If you screwed up, that Titanium Backup you made will be very useful.
Not that I'd recommend running out of date firmware images, but I would say that by far the most common upgrade you'll need to do is latest MicroG because Google bumped the minimum version of Play Services its apps will accept, so for example Google Maps will barf about Play Services being too old. There is a very simple fix for this: don't upgrade Google apps! An older Google Maps works just fine even if it's many months old.
Credits
What this guide achieves wouldn't have been possible without the following hard work from many people creating the components I have reused:
topjohnwu
ianmacd
Christopher Roy Bratusek
RandomAJL
mar-v-in
Whomever makes available Samsung Odin and the other stuff which makes LineageOS and AOSP become ever better for the S10 devices.
Changelog:
15th Nov 2020: Lots of improvements after a month of testing as a daily driver:
Replace Chrome browser with Brave browser to fix browsing hangs, and reduce browsing habits leakage.
Remove GMail as well, stop Google getting more of your info.
Remove Samsung Edge panel, which I had previously missed.
Use latest NanoDroid.
Add paragraph on how to upgrade this with new Samsung firmware releases.
12th Oct 2020: Replaced NextDNS instructions as .xapk's can't be adb installed, and installing from Aurora Store is better anyway.
10th Oct 2020: First release to xda.
Looks like a fantastic guide, thank you!
It's for S10E to?
Sent from my [device_name] using XDA-Developers Legacy app
[email protected] said:
It's for S10E to?
Click to expand...
Click to collapse
I've only tested it on a S10, but because we begin from stock, and the stock Samsung Android 10 images are all basically the same (at least at the level we're working with), the guide should be widely portable to most of the current generation of Samsung Android 10 devices.

Samsung Android 11 stock to no-Google MicroG based privacy reconfigure step by step

Two years after my previous guide for Android 10, this is Niall's modernised guide to reconfiguring stock Samsung S10 Android 11 into a privacy focused MicroG based system purged of the stock spyware and annoying and useless stuff, but with the actually useful Samsung Apps such as Camera, and VoLTE remaining fully functional. Don't get me wrong here, LineageOS on the S10 is better in all ways especially in regular security updates, but the current LineageOS camera experience just can't compete with Samsung's deep integration of camera software and hardware. I therefore reluctantly offer this guide as a stopgap until LineageOS gets a better Samsung camera experience.
NOTE: The previous version of this guide for Samsung S10 Android 10 can be found at https://forum.xda-developers.com/t/...sed-privacy-reconfigure-step-by-step.4174691/. Before anyone asks, no I don't have a guide for Android 12, nor do I expect to make one for at least a year from now (I trail major Android releases, I don't lead them, it's too much work!)
After completing this guide, you will have only these apps left installed visibly in the launcher:
Aurora Services and Aurora Store (to replace Play Store)
Brave privacy web browser + Bromite privacy web view
Samsung Calendar
Samsung Camera
Samsung Clock
Samsung Contacts
F-Droid
Samsung Gallery
Magisk Manager (root, customisations etc)
Google Maps (retained only due to its great usefulness for public transport)
Samsung Messages (for text messages)
microG Settings
NextDNS to prevent even more personal data leakage (and optionally ads)
Samsung My Files
OsmAnd (for offline navigation)
Samsung Phone
Samsung Settings
Samsung Launcher and its Recent Apps switcher, as with a bit of reconfiguring it's not too bad actually.
Upon each boot you can choose whether you will have root via Magisk by booting your phone with the correct buttons pressed (Volume Up + Bixby + Power, but released after the boot screen). There is no need to run with root available, per boot, unless you want it. This makes my solution markedly superior in my opinion to the more popular Magisk + Zygisk + LSposed + FakeGapps MicroG approach which relies on injecting code into every app you run, which in turn requires you to always boot with root enabled. Personally speaking, I am also not comfortable with injecting code into my banking apps etc.
The principle things removed from stock are:
Samsung AR stuff
Samsung Bixby (apart from QR codes and Routines which are useful)
Google Chrome (it keeps hanging and stalling if used with MicroG, and besides it leaks your browsing habits)
Google GMail
Facebook (all traces)
Google YouTube (you ought to use NewPipe from F-Droid instead)
Samsung App store
Samsung Games home app
Microsoft OneDrive
Samsung Tips
Samsung DexOnPC (it spams you with messages)
Samsung EasySetup (also spams you with messages)
Samsung Edge Panel (the swipey translucent tab which floats above at the top right and gets in the way of taps)
Google Play Store
Google Accounts
Google Services
Note that this is NOT a deep "debloat", I only removed the bits you can see, which make themselves noticeable, or stuff known to leak your information to others. I left everything else alone, even if on most common "debloat" lists for the S10.
I also didn't remove ALL of the annoying popup notification Samsung stuff in this guide, unlike for my Android 10 guide. This is because removing all of it breaks the Samsung TouchWiz launcher which my Android 10 guide completely replaced. Besides, Android 11 is good at letting you suppress annoying notifications caused by things really wanting you to activate them e.g. "Find my Mobile", which requires a Samsung account.
This guide uses Nanodroid, which has a reputation for installing lots of stuff you don't want, which puts a lot of people off using it. As of recently, Nanodroid now offers small, single purpose, packages which you individually combine to get what you want. So no more random ringtones nor backdrops being installed that you don't want!
You should be warned that this conversion leaves your device insecure. OTA updates from Samsung self disable as soon as you modify any system image, so you'll need to manually go retrieve new firmwares and repeat the below instructions (obviously flashing HOME_CSC instead of CSC to not factory reset the device) to stay secure.
Privacy achieved limitations (so you know what we can't keep private)
As with any device with a mobile (cellular) connection, as soon as you see a mobile phone (cell) signal, your position is exposed as they can track you by IMEI. Outside the EU, your historical, and sometimes current, location data is routinely sold for money by your provider to commercial third parties. Within the EU, your mobile provider is not supposed to expose your location to anyone but law enforcement without your explicit permission, but some providers are still catching up with GDPR and still relying on implicit permission buried deep inside EULA text. In any case, as soon as you see a mobile phone tower with your phone you have declared your position, and only airplane mode prevents that. This is unavoidable no matter how you configure any device capable of interacting with mobile phone masts.
Google Maps obviously leaks your location and movements to Google as soon as you open it, so you should prefer to use OsmAnd for offline maps and navigation whenever possible. Equally only Google Maps can route over public transport, knows when buses will arrive etc, so that's why I've kept it. Use judiciously!
MicroG needs to register with Google for push notifications, otherwise stuff like WhatsApp doesn't work. MicroG leaks as little information about you as it can, but ultimately Google can see from where you register including if by wifi alone, and thus determine your coarse location. You may wish to consider a VPN if you wish to obscure your physical location.
As much as you may secure your phone, individual apps you install may leak a great deal about you. For example most apps for tracking ovulation and when you have sex sell your personally identifying data and when you do it to others for money. You personally may not install such apps, but if anyone enters your private information into any phone, then your information is leaked. That information is composed into commercial databases which record everything about everyone. Is this paranoid? Note I said commercial databases. Most western governments are prohibited from mass survellience, so they simply buy the data from private firms which aggregate everything there is to know electronically about you. Amongst the many companies providing such service are Experian (you can request a dump of what they know about you, prepare to be disgusted) and Palantir (legislation hasn't caught up with them yet).
Finally, even if you are always in airplane mode, and all your friends and loved ones are as aware of personal data leakage as you are, ultimately this is a losing fight. Every time a CCTV camera facial recognises you, every time a satellite tracks your car, it's all being aggregated into databases about everyone, and more importantly, whom everyone has relations with. Even the device-less person is recorded, studied, tracked, and inferred from by algorithms. There is only so much any of us can do.
Instructions
Preparation: go find APKs for the following:
Magisk Manager. Rename it to MagiskManager.apk.
You really ought to insert a micro sd card. It makes life vastly easier when wiping the device, and this guide assumes that you have inserted one.
Make sure your bootloader is unlocked and your device has been configured to accept unofficial binaries. You can find instructions for how to do this at https://topjohnwu.github.io/Magisk/install.html#samsung-system-as-root. You will need adb shell working with your device in Developer mode.
First install: In Odin, flash your choice of stock Android 11. Flash all parts, choosing CSC not HOME_CSC for the CSC slot in order to ensure a factory reset. Do NOT skip this complete reset to stock. Optional: Boot into stock firmware, enable wifi, and download and install any security updates available. Do NOT upgrade to One UI 4.0 or later (that is Android 12 or later, this guide is written for One UI 3.5/Android 11 only)
Upgrade: In Odin, flash your choice of stock Android 11. Flash all parts, choosing HOME_CSC not CSC for the CSC slot in order to prevent a factory reset. Do NOT let the device try to boot into the system, it will wipe your data!
You will need to reboot the downloader for the next step. Be aware that if you are upgrading and you mess this up even just once, all existing data will be wiped and you'll need to start again as if first install. With a USB cable connected to the computer, you need to hold volume Down, Bixby and Power to boot into Download. If it goes to screen dark and doesn't continue, try releasing Power.
Restart Odin, then flash AP slot with the TWRP TAR archive and the CP slot with the vbmeta.tar using images and instructions from https://forum.xda-developers.com/t/...-0-x-twrp-for-galaxy-s10-e-5g-exynos.4180287/.
Boot into TWRP recovery using Volume Up + Bixby + Power On by holding them down until the recovery starts. This can take multiple attempts. It may be useful to know, if stuck on the first boot Samsung logo (you don't need to worry about interrupting first boot right now), that holding volume down and power button for long enough will force reboot the device.
First install: In TWRP format data. Do NOT skip this part. This removes Samsung's encryption of the internal sdcard so you can take backups of your data etc in TWRP.
Upgrade: Do NOT format data, for obvious reasons.
In TWRP install the multidisabler zip available from https://forum.xda-developers.com/t/...-0-x-twrp-for-galaxy-s10-e-5g-exynos.4180287/.
Put into a file called .nanodroid-setup:
Code:
nanodroid_nlpbackend=1001
nanodroid_play=21
nanodroid_gsync=0
This custom .nanodroid-setup adds the install of the radiocells location backend (this uses a downloaded on-device database of mobile phone mast ids to locate you), and prevents the install of the Google Sync Adapters which prevents Google getting your contacts list and calendar.
In TWRP mount Product, System and Vendor.
Do the following from your PC with TWRP still running:
Code:
adb shell
rm /system_root/system/app/ARZone/ARZone.apk
rm /system_root/system/app/BixbyWakeup/BixbyWakeup.apk
rm /system_root/system/app/FBAppManager_NS/FBAppManager_NS.apk
rm /system_root/system/app/Facebook_stub/Facebook_stub.apk
rm /system_root/system/app/YouTube/YouTube.apk
rm /system_root/system/priv-app/Bixby/Bixby.apk
rm /system_root/system/priv-app/BixbyAgentStub/BixbyAgentStub.apk
rm /system_root/system/priv-app/BixbyService/BixbyService.apk
rm /system_root/system/priv-app/GalaxyAppsWidget_Phone_Dream/GalaxyAppsWidget_Phone_Dream.apk
rm /system_root/system/priv-app/GalaxyApps_OPEN/GalaxyApps_OPEN.apk
rm /system_root/system/priv-app/GameHome/GameHome.apk
rm /system_root/system/priv-app/FBInstaller_NS/FBInstaller_NS.apk
rm /system_root/system/priv-app/FBServices/FBServices.apk
rm /system_root/system/priv-app/EasySetup/EasySetup.apk
rm /system_root/system/priv-app/OneDrive_Samsung_v3/OneDrive_Samsung_v3.apk
rm /system_root/system/priv-app/Tips/Tips.apk # stupid Samsung Tips popups
rm /system_root/system/priv-app/DeXonPC/DeXonPC.apk
rm /system_root/system/priv-app/CocktailBarService_v3.2/CocktailBarService_v3.2.apk # Edge panel top right floats
rm /system_root/system/app/Chrome/Chrome.apk
rm /system_root/system/app/ChromeCustomizations/ChromeCustomizations.apk
rm /system_root/system/app/Gmail2/Gmail2.apk
rm /system_root/system/app/GoogleCalendarSyncAdapter/GoogleCalendarSyncAdapter.apk
rm /system_root/system/app/GoogleContactsSyncAdapter/GoogleContactsSyncAdapter.apk
rm /system_root/system/app/GoogleLocationHistory/GoogleLocationHistory.apk
rm /system_root/system/system_ext/priv-app/SetupWizard/SetupWizard.apk # Without removal never passes initial setup
# New annoying popping up stuff in Android 11
rm /system/priv-app/ConfigUpdater/ConfigUpdater.apk
rm /system/priv-app/KnoxPushManager/KnoxPushManager.apk
rm /system/priv-app/SamsungAccount/SamsungAccount.apk
rm /system/priv-app/SPPPushClient/SPPPushClient.apk
# Stuff replaced by MicroG
rm /system_root/system/priv-app/GmsCore/GmsCore.apk
rm /system_root/system/system_ext/priv-app/GoogleServicesFramework/GoogleServicesFramework.apk
rm /system_root/system/priv-app/Phonesky/Phonesky.apk
rm /system_root/system/priv-app/Velvet/Velvet.apk
exit
adb push .nanodroid-setup /sdcard/
All the removed apps free up enough space on the priv-app partition to install the Nanodroid apps coming next, so the above step isn't really avoidable. You also need to repeat it after any firmware upgrade.
(Incidentally, if you want to figure out what other apks to prevent being installed on first boot, once installed from adb shell do
Code:
pm list packages -f
and it will print all installed apks and the path from where they came. If that isn't enough to track a bloatware package down,
Code:
adb shell dumpsys package packages > all_package_info.txt
will give you a searchable text file of detailed information)
In TWRP install exactly these individual packages from https://gitlab.com/Nanolx/NanoDroid:
NanoDroid-BromiteWebView-23.1.2.20210117.zip
NanoDroid-fdroid-23.1.2.20210117.zip
NanoDroid-microG-23.1.2.20210117.zip
NanoDroid-OsmAnd-23.1.2.20210117.zip
(Later, but not earlier, versions will probably work fine too)
Try installing in TWRP NanoDroid-patcher-XXX.zip. If it works (the 23.1.2.20210117 version did not for me), great. If it doesn't, you'll need to manuall do the patching, see below for how to do that.
Reboot into System. It will get stuck on the Samsung boot logo for a while, but will eventually open onto either the enter Samsung account stage of setup, or the Setup All Done stage (we earlier removed all the earlier parts of setup). Hit Skip and/or Finish to reach the Launcher. Enable wifi and connect to your wifi connection.
Enable Developer Mode by entering Settings => About Phone => Software Information then tap the Build Number ten times. In Developer options, enable USB debugging and authorise your PC via USB cable.
If NanoDroid-patcher failed to work earlier, we need to do the patch by hand via root. Install MagiskManager.apk using
Code:
adb install MagiskManager.apk
. Extract the TWRP recovery.img from the TAR file and copy it to the sdcard, then open Magisk Manager with a wifi connection active. Choose install. Then choose Select and Patch file. Patch the TWRP img previously copied. Magisk Manager will output a root patched img into Downloads. Copy that back to the PC. Make a new TAR file of that. Flash that in Odin in the AP slot. Boot the device using Volume Up + Bixby + Power, but release as soon as the bootloader warning screen appears, so you boot into the system with root enabled. Go back into Magisk Manager, ensure Magisk appears as installed. If not, reboot and again try the key combination until it works. If in the future root ever appears to have got lost or isn't working, check the Magisk Manager, you probably forgot to hold the right keys during boot.
In Magisk Manager, choose the Modules tab, then Install from Storage. Copy in NanoDroid-patcher-23.1.2.20210117.zip to the device again. Let Magisk install it, it will appear to work, but in fact on your next reboot your device will never start again. Before that happens, copy the patched services.jar out to your PC:
Code:
adb shell
su # magisk will prompt to allow
cp /data/adb/modules/NanoDroid_Patcher/system/framework/* /sdcard/
exit
exit
adb pull /sdcard/org.spoofing.apk
Start again from the top of this guide i.e. reinstall stock, TWRP (but this time flash the rooted patched edition). Once into TWRP format data, mount Product, System and Vendor. Copy out the services.jar file to your PC:
Code:
adb pull /system_root/system/framework/services.jar
Get the Android 11 patch files from https://forum.xda-developers.com/t/signature-spoofing-on-unsuported-android-11-r-roms.4214143/ and execute:
Code:
java -jar dexpatcher-1.8.0-beta1.jar -a 11 -M -v -d -o ./ services.jar haystack-11-attempt\11-hook-services.jar.dex haystack-11-attempt\11core-services.jar.dex
Open the original services.jar in WinRAR and drag in the newly generated classes.dex, classes2.dex, classes3.dex, classes4.dex, replacing the three classes files in there. Your patched services.jar file will now be half the size, for some reason the original one was created without ZIP compression. It doesn't matter, adb push your patched files:
Code:
adb push services.jar /system_root/system/framework/
adb push org.spoofing.apk /system_root/system/framework/
Reboot into system, remembering holding down the keys to enable root for this boot, and reinstall Magisk Manager again.
Once back into the device, open the microG settings app. Run the Self-Check, the "System grants signature spoofing" will be unticked. Tap it, grant permission. The item "Play Store (Phonesky) has correct signature" will also be unticked. Tap that, grant permission. Now the self check should report everything is working and having correct signature. Signature spoofing should be working.
Within MicroG settings, enable Google device registration, cloud messaging and safety net. If you don't enable these, any applications you install next will never receive notifications, ever. Enter location modules. Enable Deja Vu, Radiocells and Nominatim backends. The Deja Vu backend doesn't need configuring, it simply records Wifi and mobile phone mast data and your GPS location when available, and builds a database matching wifi and mast data to GPS. Next tap the Radiocells entry, then Configure, then download offline catalog now, choose your country, then choose offline mode. Now your phone can locate itself purely using an offline database of phone masts and wifi. Next tap the Nominatum entry, then Configure, then choose Nominatum API server, and then OSM.
Open OsmAnd~ the app, choose your country, and download your offline map so you can navigate without an internet connection. Open the app, ensure navigation is working.
Enable and enter Developer options in the settings, open the WebView implementation, and set it to Bromite System WebView.
Go to https://nextdns.io/ and create yourself an account and unique id. From Aurora Store, find and install the NextDNS app. Configure the app with the id you got from your account on the website, and tell it to send your device's name. NextDNS acts as if a VPN for your Android device and thus all internet traffic routes through it, but it blackholes DNS lookup for a configurable list of items in your NextDNS account. Via this, you can block a long list of leakage of your personal information, and also optionally block ads on your device. If you log into nextdns.io from time to time, you will no doubt be fairly saddened by how much of your data is attempted to be leaked all the time.
From Aurora Store, find and install the Brave privacy web browser. As we removed Chrome due to it not working well with this modified system (it keeps stalling), you will need a new system web browser in any case and out of the box, Brave blocks all adverts and tracking. If you enter its settings, you can also disable Javascript by default (only enable it per site on a case by case basis, you can enable temporarily per site, or store an exception). Be aware that if you don't enable Brave rewards, the Brave authors silently pocket any BAT tokens your web browsing earns, so you may wish to enable Brave rewards for the very tiny income generated by your attention if you leave Brave ads disabled (it is local browser only, nothing gets enabled online, BAT tokens are conferred by crypto exchange so none of your browsing gets leaked). Personally speaking, I'm quite keen on the idea of me getting paid personally to see adverts as none of my personal browsing history leaves the Brave browser, even if it's pennies a month, so I leave that stuff turned on.
Brave defaults to regularly pinging you with Android notifications with Ads, which is very annoying, but deep inside the Brave settings you can specifically disable Ads notifications completely.
Settings
You probably want a decent set of settings rather than iterating through the Settings app. These are mine obviously, so you can skip these or not. With Developer Mode enabled, do the following:
Code:
adb shell
settings put global display_size_forced 1440,3040
settings put global navigationbar_key_order 1
settings put secure default_display_density_forced 560
settings put secure display_density_forced 560
settings put secure default_display_size_forced 1440,3040
settings put secure package_verifier_state 1
settings put secure screensaver_components
settings put secure selected_input_method_subtype 65538
settings put secure ui_night_mode 2
settings put system hdr_effect 1
settings put system display_night_theme_wallpaper 1
settings put system screen_off_timeout 300000
settings put system aod_servicebox_page_gravity 17
settings put system aod_show_state 1
settings put system aod_tap_to_show_mode 0
settings put system display_night_theme 1
settings put system hearing_diagnosis 1
settings put system hearing_direction 0
settings put system hearing_musiccheck 0
settings put system hearing_parameters 5,5,5,5,5,5,5,5,5,5,5,5
settings put system hearing_revision 0
settings put system hearing_videocheck 0
settings put system lock_clock_adaptive_colors 'fffaeecd;ffd9faeb;fffae7b4;ffc0fae0'
settings put system qs_detail_content_primary_text_color -2500135
settings put system qs_detail_content_secondary_text_color -1710619
settings put system remote_control 0
This is mainly how I like my settings. I want the actual resolution of my fancy device, not some subset (why bother buying a device with better otherwise?). I want dark theming to take advantage of power saving in my fancy AMOLED screen.
Swype keyboard
Enter Settings, General Management, Samsung Keyboard settings, and then Swipe, Keyboard swipe controls. Enable Swipe to type.
Firmware upgrades
To apply future firmware upgrades, you will need to acquire the latest Samsung firmware for your device from a reputable source. You almost certainly want to take a full backup in Titanium Backup, and copy that backup onto an external sd card to be safe. During flashing in Odin, flash the HOME_CSC, not the CSC, image into the CSC slot. This should preserve all your settings and installed applications. Disable auto rebooting in the Odin options. Then when the flash is done, manually reboot into Download, then repeat all the steps above.
If you do it right, you'll reboot into your device just as you left it, just with all the components upgraded to latest. If you screwed up, that Titanium Backup you made will be very useful.
Not that I'd recommend running out of date firmware images, but I would say that by far the most common upgrade you'll need to do is latest MicroG because Google bumped the minimum version of Play Services its apps will accept, so for example Google Maps will barf about Play Services being too old. There is a very simple fix for this: don't upgrade Google apps! An older Google Maps works just fine even if it's many months old.
Credits
What this guide achieves wouldn't have been possible without the following hard work from many people creating the components I have reused:
topjohnwu
ianmacd
Christopher Roy Bratusek
RandomAJL
mar-v-in
Whomever makes available Samsung Odin and the other stuff which makes LineageOS and AOSP become ever better for the S10 devices.
This is well written. I was familiar with most of this. I tried Lineage, but since VoLTE was not supported, I could not make or receive phone calls.
I got stuck on step 12. At that point, all the zip files were invalid. I was able to do steps 14 & 15, but gave up after 16. I could not install any apps as I had no microG or Aurora. I downloaded the files directly from NanoDroid Christopher Roy Bratusek. Any ideas what I did wrong?
The one difference is I am using an S10e, SM-G970F. I verified it is European, Exynos (I don't think I could have gotten to 12 if it was not). However, the two year ago thread said it should work with the e model.
I downloaded the files from NanoLx and got those installed. I cannot get root. I have tried the key combinations over and over again. I just get booted into TWRP recovery, no matter how soon I release the buttons. I have made many attempts.
It's because so far I cannot successfully Odin the magisk patched TWRP in the AP slot. It never shows any progress.
I patched the file 3 times, every time wi-fi was active. Different SHA256, but all same size. Not one would write in AP slot with Odin. I was able to flash AP with TWRP and CP with vbmeta, so I know how to do it. It will not write this file.
With great persistence, I was finally able to use Odin to write the patched AP file. Odin said success. However, I have tried hundreds of times to get the button combination, and nothing works. I have tried holding all three buttons (up, bixby, power), releasing power and holding up and bixby, and also only holding up. All of these I have tried various lengths of time. I was not able to get magisk root with Lineage, either. I believe I got root with SU, but the app was discontinued and not supported.
I have watched numerous tutorials on the button combination, most of them similar, and tried all of them. Counting the screens (most say 3, some 2), and many other times. Again, hundreds of iterations.
Does anyone have a reliable way of getting magisk root access? I am stuck in the middle of step 16. I restarted at the top with a complete factory reset (CSC, not HOME_CSC). Everything was smooth until the button combination.
Sorry to hear that you have found the going tough. I would say that the guide above hides how many times you need to repeat and rinse when you are writing the guide in the first place. The way I wrote the guide above is basically throw on a movie, one which doesn't require much attention, and in the background almost semi-automatically just keep rinse and repeating the guide until it succeeds. Very occasionally I pause the movie if I need to concentrate on something for a bit. The guide then is just a sequence of very frequently repeated steps.
You sure you are using Magisk to patch the TWRP image and not the system firmware image? The way root works on these devices is that Magisk is installed as a recovery firmware. When you boot with the recovery buttons, it runs Magisk. Magisk then counts down a timer, if the buttons are still held down it'll boot TWRP, otherwise it'll boot the main system with root enabled. If no buttons or the wrong buttons are pressed on boot, then neither Magisk nor TWRP ever get involved, the system boots without root.
Hopefully this makes sense. Also, given some of the Odin flash problems you've seen, I'd suggest trying a different USB cable. I've never found Odin will fail to work if the device is freshly booted into Downloader mode unless your USB cable is flaky. If you leave the device in Downloader mode for too long, it seems to time out. Also, it won't accept a second flash if it's already done a first flash without an intermediate reboot back into Downloader mode.
Hope this help.
I never did get it to work with this method. I did gain root access with
Tutorial : Root Galaxy S10 Series Android 12 One UI 4.1 Stock Firmware
Root Samsung Galaxy S10 Series Android 12, WITHOUT Ramdisk Root Samsung S10+ - S10 - S10e SM-G97xxx, Stock Rom Android 12 - UI 4.1 Latest Version (I tested G970FXXSGHWC2) (Without combination keys for active Magisk after normal restart –...
forum.xda-developers.com
After that, I eliminated google play and used microg with
Samsung Android 11 stock to no-Google MicroG based privacy reconfigure step by step
Two years after my previous guide for Android 10, this is Niall's modernised guide to reconfiguring stock Samsung S10 Android 11 into a privacy focused MicroG based system purged of the stock spyware and annoying and useless stuff, but with the...
forum.xda-developers.com
Thank you for your help.

Need advise to test mobile application security

I need advise on the following as I am doing mobile application security and testing.
I most of the time I use Burpsuite/Magisk/Objection/Frida for testing purpose
Some of the constraints I am facing;
1) How do I set a permanent alias to the phone itself
2) How do I issue remote command like adb shell "cd /" and show the responses as successful
3) What are some of the ways to bypass root detection and ssl pinning (I already know there is Magisk Denylist - but its not effective at times)
4) I am also involved in IOS related testing and such, is there a wall to post IOS related stuff here.
While I was working on IOS, I find that apt-get command is quite useful but it is not available on android phone, I want to have a lot of useful software in the phone like nano, which I installed using magisk etc.

Categories

Resources