Related
Dear Experts,
as I have already complained in several topics, my N9005 didn't boot after encryption.
Now I'm on the way to try other ROMs. But now I'm starting to thing, how to even test it with other ROMs. I have a backup of the original ROM made with TWRP. BUT, if I encrypt the device and something goes wrong - then how will I restore ? Will TWRP be somehow able to read the encrypted device ? Please suggest on how to proceed ?
I'm afraid, that if I put a ROM and encrypt the phone with it, I'll be stuck with that ROM... Or if not - what to choose in TWRP in order to get rid of the encryption then ?
Many thanks in advance!
Did you use the phone with stock recovery to encrypt?
Duplicate.
Please follow your existing thread: http://forum.xda-developers.com/gal...encryption-t3478539/post69084515#post69084515
Closed
Hi everyone, sorry for a noob problem but I seemed to have soft bricked my phone and was hoping that somebody here would be able to help me out. I have an A2017U in the US.
A short history:
I had been using my phone on B20 rooted/locked with tenfar's tool for about 3 months now, and decided I would try and update it finally before the new year.
To update it, after reading it seemed I would need to unlock the bootloader to keep root on B29 so I decided first step would be to unlock the bootloader and then update to B29. I did the following steps today
1) Unlock bootloader using DrakenFX's guide here http://forum.xda-developers.com/axon-7/how-to/guide-how-to-unlock-bootloader-stay-t3461165 The unlocked proved successful and I was able to boot back into B20 after all the data was wiped, and I followed the instruction to backup the Boot in TWRP. All good.
2) I then decided to follow another of DrakenFX's guides (https://forum.xda-developers.com/showpost.php?p=68873482&postcount=2) to update from B20 to B29. I followed the instructions exactly again, but then the phone just hangs on the ZTE logo on boot infinitely. I wondered if I made a mistake when re-initializing TWRP after unlocking the bootloader. I did a search and found in "Mount" to uncheck "Mount system partition read-only" and unchecked it. The System partition however is unmounted, I'm not sure if that's normal now or not. Even when I check it, after rebooting it goes away. I've checked the MD5 of the ZTE_A2017U.B29_StockSystem_by_DrakenFX.zip file and it's good. I then flashed through fastboot to the new 3.0.3-0 TWRP which I'm now using, and still nothing. It appears I don't have an OS installed. I'm going to guess here the issue is with a setting in TWRP but I've tried everything I could find. Unfortunately I don't seem to have a copy of my stock recovery right now to flash either. I've tried several times to flash ZTE_A2017U.B29_StockSystem_by_DrakenFX.zip and reboot but to no avail. I even tried this tip from rczrazor to delete DATA first and others one by one (https://forum.xda-developers.com/showpost.php?p=69428659&postcount=136) but no such luck for me. Still stuck on the ZTE logo.
tl;dr - I have access to fastboot and TWRP, but apparently no ROM installed even though have flashed now multiple times.
If anybody could help me I would greatly appreciate it. I'm even willing to pay a few bucks in Paypal to help get me going again.
Thank you all in advance.
shyguy88 said:
Hi everyone, sorry for a noob problem but I seemed to have soft bricked my phone and was hoping that somebody here would be able to help me out. I have an A2017U in the US.
A short history:
I had been using my phone on B20 rooted/locked with tenfar's tool for about 3 months now, and decided I would try and update it finally before the new year.
To update it, after reading it seemed I would need to unlock the bootloader to keep root on B29 so I decided first step would be to unlock the bootloader and then update to B29. I did the following steps today
1) Unlock bootloader using DrakenFX's guide here http://forum.xda-developers.com/axon-7/how-to/guide-how-to-unlock-bootloader-stay-t3461165 The unlocked proved successful and I was able to boot back into B20 after all the data was wiped, and I followed the instruction to backup the Boot in TWRP. All good.
2) I then decided to follow another of DrakenFX's guides (https://forum.xda-developers.com/showpost.php?p=68873482&postcount=2) to update from B20 to B29. I followed the instructions exactly again, but then the phone just hangs on the ZTE logo on boot infinitely. I wondered if I made a mistake when re-initializing TWRP after unlocking the bootloader. I did a search and found in "Mount" to uncheck "Mount system partition read-only" and unchecked it. The System partition however is unmounted, I'm not sure if that's normal now or not. Even when I check it, after rebooting it goes away. I've checked the MD5 of the ZTE_A2017U.B29_StockSystem_by_DrakenFX.zip file and it's good. I then flashed through fastboot to the new 3.0.3-0 TWRP which I'm now using, and still nothing. It appears I don't have an OS installed. I'm going to guess here the issue is with a setting in TWRP but I've tried everything I could find. Unfortunately I don't seem to have a copy of my stock recovery right now to flash either. I've tried several times to flash ZTE_A2017U.B29_StockSystem_by_DrakenFX.zip and reboot but to no avail. I even tried this tip from rczrazor to delete DATA first and others one by one (https://forum.xda-developers.com/showpost.php?p=69428659&postcount=136) but no such luck for me. Still stuck on the ZTE logo.
tl;dr - I have access to fastboot and TWRP, but apparently no ROM installed even though have flashed now multiple times.
If anybody could help me I would greatly appreciate it. I'm even willing to pay a few bucks in Paypal to help get me going again.
Thank you all in advance.
Click to expand...
Click to collapse
This happened to me once - boot to TWRP, format data, reboot to TWRP, advanced wipe everything but the external SD card,reboot to TWRP, flash DrakenFX B29 bootstack, reboot to TWRP, flash DrakenFX B29 system.
shyguy88 said:
Hi everyone, sorry for a noob problem but I seemed to have soft bricked my phone and was hoping that somebody here would be able to help me out. I have an A2017U in the US.
If anybody could help me I would greatly appreciate it. I'm even willing to pay a few bucks in Paypal to help get me going again.
Thank you all in advance.
Click to expand...
Click to collapse
I have bricked my AXON 7 many times during the last week. The Zip files from DrakenFX are very good. But in case those were still failling...
First, check for corrupted downloads, just check the zip file integrity using 7zip, winRAR or any other tool.
Use TWRP 3.0.3
Try a different ROM such as ZADMix or even CM13.
If everything fails:
Flash TWRP 3.0.2 signed.
Flash the original Stock B29 Boot partition and reboot to recovery
Flash again the verified DrakenFX files.
Hi guys, this is my first post here
I have a Moto G4 that I rooted recently and flashed with good ROMs for testing, but in all ROMs, Encryption doesn't work.
In all times that I tried, I go on Settings > Encrypt and start, but always remaining 00:00 for a lot or hours and when I restart phone, I enter with password and display this error.
Decryption unsuccessful. The password you entered is correct but unfortunately your data is corrupt
Click to expand...
Click to collapse
Then I have a question, encryption doesn't work on rooted Moto G4? If yes, have other option to protect my data on rooted device?
Thanks.
joubertredrat said:
Hi guys, this is my first post here
I have a Moto G4 that I rooted recently and flashed with good ROMs for testing, but in all ROMs, Encryption doesn't work.
In all times that I tried, I go on Settings > Encrypt and start, but always remaining 00:00 for a lot or hours and when I restart phone, I enter with password and display this error.
Then I have a question, encryption doesn't work on rooted Moto G4? If yes, have other option to protect my data on rooted device?
Thanks.
Click to expand...
Click to collapse
In my knowledge, encryption will not work on rooted phones. But there is a workaround for this. You can root your phone after the phone is fully encrypted. To root your phone after it is encrypted, you can click adb sideload on TWRP and through the terminal on your pc, you can sideload phh's superuser. Reboot your phone and you have a working, encrypted phone with root installed. I didn't try this, but I think, it will work.
@stkpxl thanks for the help, but I have a question.
Will be possible to make encryption with SD card as extended internal storage? Thanks
@stkpxl I'm trying to flash LineageOS after flash Magisk but response error 7. What wrong about this? Thanks.
stkpxl said:
You flash Lineage before flashing Magisk.
Click to expand...
Click to collapse
I really trying, but isn't working, look my steps.
- Flash Stock ROM like this post http://www.stechguide.com/download-stock-firmware-of-moto-g4-and-g4-plus/
- Run stock, setup first run, format sd and define as internal storage
- Flash recovery twrp-3.0.3-n4-athene_shreps.img
- Run twrp
- Install ElementalX-G4-1.04-LOS.zip
- Run stock, set password and encryption device
- Smartphone restart and stock encrypt device
- Run stock again, password working fine
- Run twrp, twrp ask for encrytion password, I put and enter on twrp normally
- Install lineage-14.1-20170313-nightly-athene-signed.zip without wipe
* Fail on this point
Code:
Installing zip file '/path/to/lineage-14.1-20170313-nightly-athene-signed.zip'
Checking for MD5 file...
Skipping MD5 check: no MD5 file found
Target: <a big number>
detected filesystem ext4 for /dev/block/bootdevice/by-name/system
Can't install this package on top of incompatible data. Please try another package or run a factory reset
Updata process ended with ERROR: 7
Error installing zip file /path/to/lineage-14.1-20170313-nightly-athene-signed.zip
Updating partition details...
...done
This problem display only If I encrypt device on stock ROM, when I flash without encrytion, twrp flash LineageOS normally.
Seems like full disc encryption is not working in general. Its reported https://jira.lineageos.org/browse/BUGBASH-253
I am also quite sure that this bug was already in cyanogenmod and also reported there.
tonymarschall- said:
Seems like full disc encryption is not working in general. Its reported https://jira.lineageos.org/browse/BUGBASH-253
I am also quite sure that this bug was already in cyanogenmod and also reported there.
Click to expand...
Click to collapse
Thanks for reply @tonymarschall
Are you know any custom ROM that encryption is working for me test here? Thanks
joubertredrat said:
Are you know any custom ROM that encryption is working for me test here? Thanks
Click to expand...
Click to collapse
No, I am sorry and searching by myself. I hope that one day it will be official supported. Maybe you can give the issue an upvote.
Hi guys.
A bug related about encryption fail was solved and encryption is working fine on lineage-14.1-20170501-nightly-athene-signed.zip
https://jira.lineageos.org/browse/BUGBASH-253
Disclaimer: I have done these steps multiple times and haven't come across any issues
Read All Step carefully. Any issues or damage to your phone that occurs while doing this I am not responsible.
If TWRP asks you for Password to decrypt data & maybe you have important data in you device, So you can't format data.
Follow these steps:
1. Download the OxygenOS full zip file (tested on 4.0.1 & above)
2. Open TWRP.
3. When It asks for password, cancel it.
4. Click "Read Only" button.
5. Install the OxygenOS zip file.
6. Reboot.
7. The OS may misbehave.
8. Open TWRP again. & Boom! No encryption password.
9. Connect to PC and copy the Important data.
10. Flash Any ROM now.
Thanks!
Recently I had to type in the password but I didn't know that it is possible to bypass it with this...
svandasek said:
Thanks!
Recently I had to type in the password but I didn't know that it is possible to bypass it with this...
Click to expand...
Click to collapse
Glad it helped you
ah.... if i only knew :crying:
That's good from a data recovery point of view... but it just sucks from a security point of view.
Not sure if I should be happy or concerned
TWRP Encryption ByPass
maddler said:
That's good from a data recovery point of view... but it just sucks from a security point of view.
Not sure if I should be happy or concerned
Click to expand...
Click to collapse
Agree .... that seems like a gaping security vulnerability. :-/
maddler said:
That's good from a data recovery point of view... but it just sucks from a security point of view.
Not sure if I should be happy or concerned
Click to expand...
Click to collapse
There's no need to be concerned (about this, specifically).
tk8lm6 said:
Agree .... that seems like a gaping security vulnerability. :-/
Click to expand...
Click to collapse
Actually, this is a case where this device is more secure than previous devices. The encryption key for your user data is divided into two parts. First is the part you type in when booting. The other half is stored in the "secure element" (TrustZone) inside the processor, and is unique to your phone. How the OP3 improves this is that it actually stores two versions of the device-specific key. One is used when the system is trusted (the kernel is signed and dm-verity passes), and the other is used when it is untrusted. This is part of what wipes your data when you unlock the bootloader. The security benefit comes from the SoC locking down the encryption keys when verification fails. Going back to the stock ROM causes all of the verification to pass, and the keys stored in the TrustZone are allowed to unlock your data partition.
On the other hand, if this allows you to bypass manually-enabled encryption, that would be a major security problem.
What interests me is that installing OOS should replace TWRP with the stock recovery image, but this appears not to have happened. Or did you have to flash TWRP again from fastboot after booting into OOS?
smaeul said:
There's no need to be concerned (about this, specifically).
Actually, this is a case where this device is more secure than previous devices. The encryption key for your user data is divided into two parts. First is the part you type in when booting. The other half is stored in the "secure element" (TrustZone) inside the processor, and is unique to your phone. How the OP3 improves this is that it actually stores two versions of the device-specific key. One is used when the system is trusted (the kernel is signed and dm-verity passes), and the other is used when it is untrusted. This is part of what wipes your data when you unlock the bootloader. The security benefit comes from the SoC locking down the encryption keys when verification fails. Going back to the stock ROM causes all of the verification to pass, and the keys stored in the TrustZone are allowed to unlock your data partition.
On the other hand, if this allows you to bypass manually-enabled encryption, that would be a major security problem.
What interests me is that installing OOS should replace TWRP with the stock recovery image, but this appears not to have happened. Or did you have to flash TWRP again from fastboot after booting into OOS?
Click to expand...
Click to collapse
No arguing that previous versions were less secure. But, still, as long as there's a way to bypass encryption that's a security failure.
Encrypted data shouldn't be made available unless proper key(s) or passwords have been provided.
If that's the way that's meant to work, then that's flawed by design.
smaeul said:
There's no need to be concerned (about this, specifically).
Actually, this is a case where this device is more secure than previous devices. The encryption key for your user data is divided into two parts. First is the part you type in when booting. The other half is stored in the "secure element" (TrustZone) inside the processor, and is unique to your phone. How the OP3 improves this is that it actually stores two versions of the device-specific key. One is used when the system is trusted (the kernel is signed and dm-verity passes), and the other is used when it is untrusted. This is part of what wipes your data when you unlock the bootloader. The security benefit comes from the SoC locking down the encryption keys when verification fails. Going back to the stock ROM causes all of the verification to pass, and the keys stored in the TrustZone are allowed to unlock your data partition.
On the other hand, if this allows you to bypass manually-enabled encryption, that would be a major security problem.
What interests me is that installing OOS should replace TWRP with the stock recovery image, but this appears not to have happened. Or did you have to flash TWRP again from fastboot after booting into OOS?
Click to expand...
Click to collapse
I've tried many times. OOS replaces TWRP only on CLEAN Instal for me.
hey guys, i tried to flash oos 5.0 zip, before that i was on another rom. wiped data, system, cache and flashed oos 5.0. and now internal storage is encrypted. how do i flash the zip in twrp now?
manchitro said:
hey guys, i tried to flash oos 5.0 zip, before that i was on another rom. wiped data, system, cache and flashed oos 5.0. and now internal storage is encrypted. how do i flash the zip in twrp now?
Click to expand...
Click to collapse
Just flash it.
Wait, are you saying by just installing a zip, the encrypion hardware pass is gone? WTF.. Is such "hack" available on other devices? Xiaomi redmi(s) for example?
hey i am not able to see any of my files or the zip itself within? is there anything to resolve that?
i can boot into os but for whatever reason cant get to twrp. i have the backup .imgs on my pc now too can i sideload a restore?
im stuck not able to get twrp to see any of my storage and i cant get into twrp twice in a row, so if i fastboot and flash twrp thru adb and then boot into twrp, it asks me for the password, if i hit cancel it just shows 0 storage. ive tried to go to adb sideload but it just sits there. I have the backup i made thru twrp before trying to update.
SourPower said:
hey i am not able to see any of my files or the zip itself within? is there anything to resolve that?
i can boot into os but for whatever reason cant get to twrp. i have the backup .imgs on my pc now too can i sideload a restore?
im stuck not able to get twrp to see any of my storage and i cant get into twrp twice in a row, so if i fastboot and flash twrp thru adb and then boot into twrp, it asks me for the password, if i hit cancel it just shows 0 storage. ive tried to go to adb sideload but it just sits there. I have the backup i made thru twrp before trying to update.
Click to expand...
Click to collapse
Yeah same issue here, as soon as I go in twrp and can't type the password, I can't access my files which is expected behavior, so I don't understand how you can access the file to flash from twrp.
Can someone detail please?
---------- Post added at 07:06 PM ---------- Previous post was at 06:40 PM ----------
Actually I just found a way out to get to previous twrp version, and all is back to normal
From your running ROM, you can download the application twrp (root needed oc)
Then you can use it to flash recovery.
I always keep former version file so I could revert to bluspark twrp that was working before. All worked as expected!
Still not solving the encryption password issue when flashing new recent twrp..
Android 10 Encryption / Security Issue - ADB Encryption Bypass?
rahulrs0029 said:
Disclaimer: I have done these steps multiple times and haven't come across any issues
Read All Step carefully. Any issues or damage to your phone that occurs while doing this I am not responsible.
If TWRP asks you for Password to decrypt data & maybe you have important data in you device, So you can't format data.
Follow these steps:
1. Download the OxygenOS full zip file (tested on 4.0.1 & above)
2. Open TWRP.
3. When It asks for password, cancel it.
4. Click "Read Only" button.
5. Install the OxygenOS zip file.
6. Reboot.
7. The OS may misbehave.
8. Open TWRP again. & Boom! No encryption password.
9. Connect to PC and copy the Important data.
10. Flash Any ROM now.
Click to expand...
Click to collapse
Does this only affect the TWRP -encryption, because when you set your lockscreen password (for the auto-encrypted userdata partition in Android 10, for example) the data can't be decrypted without this password..?
I have discovered another security issue however on a rooted device:
On my Magisk-rooted and encrypted Note 10+/Exynos (Android 10) I just found out, that the userdata (data/data ) partition is UNENCRYPTED and fully readable when viewed with an ADB viewer from my PC although the device is in lockscreen mode / locked!
This doesn't happen after reboot before the first unlock! After the device has been unlocked, accessed via ADB and re-locked (but not rebooted) it is (still) unencrypted, even after rebooting the PC!
Here the lockscreen password would not make much sense at every screenlock - it just unlocks the screen which can be bypassed and all data can be read via ADB anyway - it would only make sense once at boot. Is there a way to have two passwords (1 at boot and an easier one at screenlock) for example?
Is this issue related to Magisk? And can it be fixed?
monicaONxda said:
Does this only affect the TWRP -encryption, because when you set your lockscreen password (for the auto-encrypted userdata partition in Android 10, for example) the data can't be decrypted without this password..?
I have discovered another security issue however on a rooted device:
On my Magisk-rooted and encrypted Note 10+/Exynos (Android 10) I just found out, that the userdata (data/data ) partition is UNENCRYPTED and fully readable when viewed with an ADB viewer from my PC although the device is in lockscreen mode / locked!
This doesn't happen after reboot before the first unlock! After the device has been unlocked, accessed via ADB and re-locked (but not rebooted) it is (still) unencrypted, even after rebooting the PC!
Here the lockscreen password would not make much sense at every screenlock - it just unlocks the screen which can be bypassed and all data can be read via ADB anyway - it would only make sense once at boot. Is there a way to have two passwords (1 at boot and an easier one at screenlock) for example?
Is this issue related to Magisk? And can it be fixed?
Click to expand...
Click to collapse
Anyone with thoughts on this...?
monicaONxda said:
Anyone with thoughts on this...?
Click to expand...
Click to collapse
There are two, separate passwords. One for the encryption and one for the lock screen. And they don't have to be the same.
If you remove the encryption by formatting /data and then boot up on stock OOS, it will encrypt /data with a default password. TWRP can decrypt /data because it knows the default password that's used.
When you set the lock screen password you have the option to set the encryption password to be the same or not.
So, you could set the lock screen and encryption password to be something and then change the lock screen password only to be something different.
ADB can only access /data after it has been decrypted, ie the phone has booted up. But only if: 1. ADB is enabled, 2. You have given permission on your phone to trust the PC connecting to the phone.
So, there's no back doors here. If you have set an encryption password, you can't access the data without having entered the password. And you can't access the phone data without entering the lock screen password. And you can't access the data via ADB unless you have given the specific PC permission from your phone.
Of course, if you use the default encryption password and have TWRP installed, you might just as well not have a password at all. But that's up too you.
Sent from my OnePlus 3T using XDA Labs
BillGoss said:
When you set the lock screen password you have the option to set the encryption password to be the same or not.
So, you could set the lock screen and encryption password to be something and then change the lock screen password only to be something different.
Click to expand...
Click to collapse
For which roms is this working? I guess this behaviour is rom spefic. E.g. for all lineageos 15.1 and 16.0 roms and all roms based on tje same code base, the above procedure (setting the lockscreen passphrase without the boot passphrase checkbox set) will reset the boot passphrase to "default_password".
The only way I know of to get a seperate passphrase for boot and lockscreen on los15, los16 and roms based on these is this:
https://forum.xda-developers.com/on...eplus-3-3t-t3866517/post80390263#post80390263
nvertigo67 said:
For which roms is this working? I guess this behaviour is rom spefic. E.g. for all lineageos 15.1 and 16.0 roms and all roms based on tje same code base, the above procedure (setting the lockscreen passphrase without the boot passphrase checkbox set) will reset the boot passphrase to "default_password".
The only way I know of to get a seperate passphrase for boot and lockscreen on los15, los16 and roms based on these is this:
https://forum.xda-developers.com/on...eplus-3-3t-t3866517/post80390263#post80390263
Click to expand...
Click to collapse
'setting the lockscreen passphrase without the boot passphrase checkbox set) will reset the boot passphrase to "default_password"' - Ah, sorry, I didn't realise that. I was saying this based on what I had done on another phone.
Sent from my OnePlus 3T using XDA Labs
BillGoss said:
'setting the lockscreen passphrase without the boot passphrase checkbox set) will reset the boot passphrase to "default_password"' - Ah, sorry, I didn't realise that. I was saying this based on what I had done on another phone.
Sent from my OnePlus 3T using XDA Labs
Click to expand...
Click to collapse
I'm pretty sure this behavior is rom dependent and not device dependent. E.g.: in los14 and early los15 builds the user was able to set lockscreen passphrase and boot passphrase seperately from rom's settings. This has been removed from aosp (officially because of "security concerns"; but I guess these "concerns" has been too many users with too less knowledge have locked up the boot process).
For me the cryptfs cli is perfectly ok, for the average user the behaviour you've expirienced may feel more comfortable. But the longer I think about, the more I like the seperate setting... YMMV.
Just updated with the February full image using fastboot, editing out the -w from flash-all.bat. Fastboot booted TWRP, and then queued up TWRP, Kernel, Magisk and let all 3 rip. No hitches and back up running rooted and everything working normally. Be sure and read the entire Security Bulletin as there were loads of functional updates not always a part of the monthly updates. :good:
Mine wouldn't flash because unlock_critical reset, now my phone is wiped and won't boot the latest update.
Tb0n3 said:
Mine wouldn't flash because unlock_critical reset, now my phone is wiped and won't boot the latest update.
Click to expand...
Click to collapse
Give Deuces script a try. It has helped a lot of people recover their device from similar situations.
I haven't tried it on Feb update though.
You can get it from Development section. Good luck.
Tb0n3 said:
Mine wouldn't flash because unlock_critical reset, now my phone is wiped and won't boot the latest update.
Click to expand...
Click to collapse
what do you mean "because unlock_critical reset?"
Tb0n3 said:
Mine wouldn't flash because unlock_critical reset, now my phone is wiped and won't boot the latest update.
Click to expand...
Click to collapse
Did you ever unlock critical before you tried the update? Or did this happen after the update?
Can someone here confirm the correct way to upgrade from rooted Jan security update without losing data? Would I
reflash stock recovery
fastboot OTA img
fastboot boot twrp.img
flash twrp.zip
flash kernel
flash magisk last?
Or can I use the full image from the dev site, remove the -w and run the flash-all.bat, then use the steps above? Same result, or is one better than the other? Am I missing any steps here?
Is xposed module working on Feb update?
RampageRR said:
Can someone here confirm the correct way to upgrade from rooted Jan security update without losing data? Would I
reflash stock recovery
fastboot OTA img
fastboot boot twrp.img
flash twrp.zip
flash kernel
flash magisk last?
Or can I use the full image from the dev site, remove the -w and run the flash-all.bat, then use the steps above? Same result, or is one better than the other? Am I missing any steps here?
Click to expand...
Click to collapse
See the OP. Use the full image then add back recovery,kernel,magisk in that order. Yes magisk last.
v12xke said:
Just updated with the February full image using fastboot, editing out the -w from flash-all.bat. Fastboot booted TWRP, and then queued up TWRP, Kernel, Magisk and let all 3 rip. No hitches and back up running rooted and everything working normally. Be sure and read the entire Security Bulletin as there were loads of functional updates not always a part of the monthly updates. :good:
Click to expand...
Click to collapse
Quick question - I have performed the flash-all part and at the end it rebooted and everything is fine (except for no root) - it asks for the encryption password and it works with my normal password.
Then I boot TWRP with "fastboot boot twrp-3.2.1-0-taimen.img" and that again works just fine but only to the point where it asks for the password - which here is NOT working? Just a few hours ago the same twrp was working fine with the exact same password (since I did a full backup in advance), and the password is obviously working fine in Android itself, it is only in TWRP where is no longer working???
xclub_101 said:
Quick question - I have performed the flash-all part and at the end it rebooted and everything is fine (except for no root) - it asks for the encryption password and it works with my normal password. Then I boot TWRP with "fastboot boot twrp-3.2.1-0-taimen.img" and that again works just fine but only to the point where it asks for the password - which here is NOT working? Just a few hours ago the same twrp was working fine with the exact same password (since I did a full backup in advance), and the password is obviously working fine in Android itself, it is only in TWRP where is no longer working???
Click to expand...
Click to collapse
I don't really know what went wrong. What do you mean it asks for the encryption password?? If you have some kind of boot encryption set, maybe that is is. My encrypted unit never asks me for a password. I have an unlock screen PIN and that is all. When I flash-all, I wait for the flash to finish (knowing it will reboot) and at the right time hold the volume down button to get me right back into the bootloader. I do not allow it to boot into the OS until I fastboot boot twrp and have never had TWRP refuse my password. Maybe it has something to do with you allowing it to boot into the OS first? Anyway from that "booted" instance of TWRP, I then queue up twrp.zip, kernel.zip, magisk.zip and once they are added, I let TWRP flash all 3. You may want to take this over to the TWRP thread where others have had the PIN issue as well. Some are confirming temporarily removing your PIN/fingerprints fixes it. I have never removed my PIN or fingerprints before or after flashing?
v12xke said:
I don't really know what went wrong. What do you mean it asks for the encryption password?? If you have some kind of boot encryption set, maybe that is is. My encrypted unit never asks me for a password. I have an unlock screen PIN and that is all. When I flash-all, I wait for the flash to finish (knowing it will reboot) and at the right time hold the volume down button to get me right back into the bootloader. I do not allow it to boot into the OS until I fastboot boot twrp and have never had TWRP refuse my password. Maybe it has something to do with you allowing it to boot into the OS first? Anyway from that "booted" instance of TWRP, I then queue up twrp.zip, kernel.zip, magisk.zip and once they are added, I let TWRP flash all 3. You may want to take this over to the TWRP thread where others have had the PIN issue as well. Some are confirming temporarily removing your PIN/fingerprints fixes it. I have never removed my PIN or fingerprints before or after flashing?
Click to expand...
Click to collapse
Yes, it is quite weird.
A few more questions - when you boot your normal Android - do you first get a question about any password there? Since if you don't - your system probably uses the default Android encryption password (which last time when I was looking was literally "default_password" without the quotes).
Why do you still need to flash the kernel - are you using a custom kernel?
xclub_101 said:
Yes, it is quite weird.
A few more questions - when you boot your normal Android - do you first get a question about any password there? Since if you don't - your system probably uses the default Android encryption password (which last time when I was looking was literally "default_password" without the quotes). Why do you still need to flash the kernel - are you using a custom kernel?
Click to expand...
Click to collapse
I never get prompted for a password upon booting, and my phone is encrypted. I think you are probably on to the real reason your twrp is not accepting your PIN. Older Nexus phones had boot encryption with a password but since the Pixel line I thought it was removed? When discussing this further in the TWRP thread I think you should be comparing notes with others on this boot encryption, because I don't have it. I'm reading something now about direct boot and fbe.
Yes I use a custom kernel, always have. I like being able to monitor and control my system and gestures, vibration, etc. I like the kernel monitor (and battery monitor) that goes along with EX Kernel. Highly recommended. Good luck to you.
i sideloaded the update to my verizon version pixel 2 xl, and havent noticed anything, mainly just a run of the mill security update. i read that pixel core has been extended to a few apps.
v12xke said:
I never get prompted for a password upon booting, and my phone is encrypted. I think you are probably on to the real reason your twrp is not accepting your PIN. Older Nexus phones had boot encryption with a password but since the Pixel line I thought it was removed? When discussing this further in the TWRP thread I think you should be comparing notes with others on this boot encryption, because I don't have it. I'm reading something now about direct boot and fbe.
Yes I use a custom kernel, always have. I like being able to monitor and control my system and gestures, vibration, etc. I like the kernel monitor (and battery monitor) that goes along with EX Kernel. Highly recommended. Good luck to you.
Click to expand...
Click to collapse
Thank you for the info!
The encryption is still a weird point - and I believe is still linked by default to the "screen lock password" as described at https://www.xda-developers.com/how-to-manually-change-your-android-encryption-password/ - but I am not yet convinced that I should remove my existing password since the system is telling me that removing it will remove all fingerprints that I have added and mark the system as unsecure for Pay.
What I wonder is if I should go ahead with just writing Magisk without decrypting the user data partition - after all Magisk should not be touching either the system nor the user data partition, so it could work just fine?
Did they remove the setting to turn on Pixel Visua Core in Developer settings?
xclub_101 said:
Thank you for the info!
The encryption is still a weird point - and I believe is still linked by default to the "screen lock password" as described at https://www.xda-developers.com/how-to-manually-change-your-android-encryption-password/ - but I am not yet convinced that I should remove my existing password since the system is telling me that removing it will remove all fingerprints that I have added and mark the system as unsecure for Pay.
What I wonder is if I should go ahead with just writing Magisk without decrypting the user data partition - after all Magisk should not be touching either the system nor the user data partition, so it could work just fine?
Click to expand...
Click to collapse
I guess my question is why do you have an encryption password at boot? My phone boots up to a lockscreen. I enter my PIN and that's it. Maybe I'm misunderstanding and you are calling my PIN your boot encryption password.... do you then have a lockscreen and enter a separate PIN? As for Magisk it doesn't decrypt the data partition or anything else. I always install it by flashing the zip file in TWRP and you have no options there. It just does it's thing and installs Magisk Manager as an app, so when you boot up System, MM is in your app drawer. You can configure it from there. My setup has always passed SafetyNet but I don't use/want Pay.
v12xke said:
I guess my question is why do you have an encryption password at boot? ...
Click to expand...
Click to collapse
Good question - I would normally expect that to be required when Android itself needs to decrypt first time after boot the user data partition? Which up to that point during the boot process is not otherwise needed?
The fact that on some systems is not required suggests to me that Android (like maybe also TWRP) first tries "default_password" and that works?
Mikulec said:
Did they remove the setting to turn on Pixel Visua Core in Developer settings?
Click to expand...
Click to collapse
yes.
djkinetic said:
i sideloaded the update to my verizon version pixel 2 xl, and havent noticed anything, mainly just a run of the mill security update. i read that pixel core has been extended to a few apps.
Click to expand...
Click to collapse
Its quite a bit more than the run of the mill security update.
visual core is now extended to any app, not just a few (so long as they target API level 26, Oreo).
i sideloaded the update like I always do. All updated normally and all functioning as expected. After sideloading the update I booted the twrp-3.2.1-0-taimen.img, it booted and when I entered my pin, which i have been using, in TWRP it would not accept my pin. I rebooted into the boot.img 3 times same issue. I removed my pin and TWRP functioned as expected. I installed TWRP.zip and rebooted recovery. Back in TWRP flashed Kernel, and Magisk and no issues. This was the first time I had issues entering my pin on booting TWRP.img