Related
Now that it seems allot of progress is being made on rooting the s7. Does that mean that the bootloader has been unlocked.
Since having a unlocked bootloader is the only way new firmwares can be flashed, isn't this the only way this could have been done,
2 VERY different things. There MAY eventually be some ways through FlashFire but not as of yet
I'm getting a 6p for Christmas and I have a question.
Say the 6p is on Marshmallow, and I decide to unlock the bootloader (just that, no root or anything) on MM. Will I be able to update to 7.1.1 via ota (no I don't want to sideload or flash) without issues? Or is there a process to it like updating bootloader, vendor, radio or whatever else. Or does the Ota file contain the updated boot.img and vendor etc.
ricbaez said:
I'm getting a 6p for Christmas and I have a question.
Say the 6p is on Marshmallow, and I decide to unlock the bootloader (just that, no root or anything) on MM. Will I be able to update to 7.1.1 via ota (no I don't want to sideload or flash) without issues? Or is there a process to it like updating bootloader, vendor, radio or whatever else. Or does the Ota file contain the updated boot.img and vendor etc.
Click to expand...
Click to collapse
Yes, you can unlock then update via OTA. OTAs patch every partition permitted there are no modifications done to system and boot.
Sent from my Nexus 5X using Tapatalk
ricbaez said:
I'm getting a 6p for Christmas and I have a question.
Say the 6p is on Marshmallow, and I decide to unlock the bootloader (just that, no root or anything) on MM. Will I be able to update to 7.1.1 via ota (no I don't want to sideload or flash) without issues? Or is there a process to it like updating bootloader, vendor, radio or whatever else. Or does the Ota file contain the updated boot.img and vendor etc.
Click to expand...
Click to collapse
Why would you want to unlock the bootloader if you don't intend to root or install a custom recovery? I don't understand what the benefit is.
jhs39 said:
Why would you want to unlock the bootloader if you don't intend to root or install a custom recovery? I don't understand what the benefit is.
Click to expand...
Click to collapse
I actually intend to install megapixel rom
jhs39 said:
Why would you want to unlock the bootloader if you don't intend to root or install a custom recovery? I don't understand what the benefit is.
Click to expand...
Click to collapse
@ricbaez
No disrespect, but I would say why would you NOT unlock the bootloader on a Nexus? Especially when you first get the phone because unlocking wipes it. Unlocking the bootloader allows you to use MANY more tools in the event your phone boot loops or becomes unresponsive. There are dozens of threads where people are completely screwed because they did NOT unlock the bootloader and so cannot salvage their device with ADB/Fastboot. If you bought a Nexus, one of the selling points is that Google ALLOWS the owner to unlock the bootloader right in the Dev Options! Even if the OP is not going to root or install a custom recovery, if he/she does not unlock the bootloader, they are going to be S.O.L. if the phone won't boot. There are many examples of this since Google has gone to the monthly security OTA's and updates. Or... simply put, if you are unlocked you can flash full Google images and use ADB/Fastboot. If you are locked, you can only sideload an OTA with the stock recovery and that hasn't been working out well for so many people here on XDA.
To the OP. Recommend you unlock your bootloader first thing which will wipe the phone and start you out fresh. Unlocking the bootloader will not prevent you from receiving OTA's. Make sure your Google login works properly. Login. Logout. Login. Then do whatever the F you want with your phone, knowing you will have serious options to recover in the event things go south for any reason. Next would be installing TWRP. Good luck!
v12xke said:
@ricbaez
No disrespect, but I would say why would you NOT unlock the bootloader on a Nexus? Especially when you first get the phone because unlocking wipes it. Unlocking the bootloader allows you to use MANY more tools in the event your phone boot loops or becomes unresponsive. There are dozens of threads where people are completely screwed because they did NOT unlock the bootloader and so cannot salvage their device with ADB/Fastboot. If you bought a Nexus, one of the selling points is that Google ALLOWS the owner to unlock the bootloader right in the Dev Options! Even if the OP is not going to root or install a custom recovery, if he/she does not unlock the bootloader, they are going to be S.O.L. if the phone won't boot. There are many examples of this since Google has gone to the monthly security OTA's and updates. Or... simply put, if you are unlocked you can flash full Google images and use ADB/Fastboot. If you are locked, you can only sideload an OTA with the stock recovery and that hasn't been working out well for so many people here on XDA.
To the OP. Recommend you unlock your bootloader first thing which will wipe the phone and start you out fresh. Unlocking the bootloader will not prevent you from receiving OTA's. Make sure your Google login works properly. Login. Logout. Login. Then do whatever the F you want with your phone, knowing you will have serious options to recover in the event things go south for any reason. Next would be installing TWRP. Good luck!
Click to expand...
Click to collapse
You are right. I wasn't aware that people were having boot loop issues on phones running stock Android but that apparently is the case. But as long as USB Debugging and Allow OEM Unlock are ticked in the developer options you should be able to unlock the bootloader later through ADB if you need to. I assumed the warning about my phone being insecure since my bootloader is unlocked that pops up every time I boot was there for a reason. There is no security issue created by unlocking your bootloader?
jhs39 said:
You are right. I wasn't aware that people were having boot loop issues on phones running stock Android but that apparently is the case. But as long as USB Debugging and Allow OEM Unlock are ticked in the developer options you should be able to unlock the bootloader later through ADB if you need to. I assumed the warning about my phone being insecure since my bootloader is unlocked that pops up every time I boot was there for a reason. There is no security issue created by unlocking your bootloader?
Click to expand...
Click to collapse
It's cool, and I respect your decision to stay locked if you decide that is best for you. I suppose you could set Allow OEM unlock in Dev settings AND USB debugging in USB just in case, but if for some reason you could not boot, unlocking bootloader would then wipe userdata and your backups would be gone before you could transfer them off. In the end it's up to the individual to choose security vs, recoverability. Many ppl are getting locked out of their phones in the interest of security (or just the default settings). As it turns out, they were just trying to perform a monthly security update and hosed their phone. Stock rom, stock recovery, unrooted. Every Nexus phone I've owned (Galaxy?) has been unlocked so that I could use all the tools available to get myself out of a bind if needed. I don't give a sh!t about the boot up warning, because I know that my nandroid and FF backups can get me back home in the event of a lockup. Unlocking will not stop you from receiving OTA's if you are stock. Even if you are not, unlocking will allow you to use ADB, custom recoveries, toolkits, etc. If you end up in a bootloop and your bootloader is locked you are S.O.L. plain and simple. Each to their own though... if you need encryption and value high security of your data over recoverability then you may want to stay bootloader locked. As owners of a Nexus phone we have that option. Many others do not. Cheers my friend!
Thank you guys everything was successful, unlocked it in no time, downloaded 7.1.1 and it's perfect. NOw time to flash twrp and MegaPixel Rom
While I am an advocate for device customization and modifications, I also believe there is an inherent need for locked bootloaders. When we unlock a BL and leave it that way so we can run custom ROMs, root etc, we sacrafice the security it provides allowing our devices to be tampered with or redistributed after a theft. I've seen the PSA advising people not relock their bootloaders on anything except stock. That is entirely true for Verizon and EE pixels that were never intended to be unlocked in first place. However I believe its entirely possible to boot properly self signed images on unlockable devices after re-locking.
Now, I'm not saying we should go around re-locking bootloaders with custom firmware installed there's a process. I've done a bit of reading on verified boot. I am interested in utilizing the "YELLOW STATE" so we can run self signed boot images using an "embedded certificate" along with dm-verity disabled. The problem is how can we self sign our boot images allowing boot to continue without compiling from source?
https://source.android.com/security/verifiedboot/verified-boot.html
https://mjg59.dreamwidth.org/31765.html
I found some information & maybe a more experienced DEV can shed some light on if its possible with our Pixel devices. That's really the goal of this thread, to start a discussion which I think is extremely important & hopefully turn into a guide or tool. We shouldn't completely sacrafice security to utilize root or custom ROMs. On my N5X I have a locked bootloader and modified boot/system with Allow OEM unlock disabled. Difference with our Pixels and Nougat BLs is verified boot is strictly enforced.
Please excuse me if this thread seems jumbled or all over the place. I really do want help with this idea tho to help inform and keep us secure. Any input is appreciated.
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
milan187 said:
I still wouldn't do this. What's the point? You will still pass safety net with custom kernel.
As for security you, your device still needs to be decrypted to use TWRP. It should still be as secure. I guess someone can wipe your device if they get ahold of it but that's not really a security risk.
Risk is still huge locking your device with a custom OS.
Sent from my Pixel using Tapatalk
Click to expand...
Click to collapse
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Which risk is greater. The risk of losing an unlocked device and it falling into the hands of someone that knows what to do or bricking it relocking it.
I vote the latter.
Its not re-locking that bricks... Its disabling the allow OEM unlock in dev options & screwing with stuff afterwards that may cause a bootloop. As long as you have a signed boot image in place with TWRP or stock recovery that uses your own keys the risk is minimal.
Simple rule... With a locked boot loader on a device where verification is strictly enforced always leave that option ticked if modifying anything.
I'm sorry but people are misinformed. Locking the boot loader doesn't brick if you have a custom ROM in place any more than a stock ROM. Its screwing with things or using a poorly dev'd ROM. If you are like me and can set something up the way you like once and not screw with it you'll be fine. If you do wanna screw with something remember to check allow OEM unlock in dev opts. Don't uncheck until you're 100% sure. It really is that simple.
If you are leaving the toggle open what have you accomplished when it gets stolen? They just issue the fastboot command to unlock it. Yea, it wipes data at that point. But I honestly can't think of anything on my phone that is confidential.
When I'm out n about and using my phone normally (i.e. not modding, flashing etc) I put the toggle to off. If I'm planning on changing anything I toggle it back on & if something causes a bootloop (most probably user error) I can recover. I don't think most people who steal phones care about data either but I keep a lot of keys, passwords etc to networks in my devices storage. I admit its not for everybody, just a way to be more secure and protect a $700+ investment. My phones bootloader isn't just locked, its locked with a persistent root ssh backdoor integrated into system so I can maintain control in the event.
want to re-lock my boot loader ?
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
---------- Post added at 10:57 AM ---------- Previous post was at 10:21 AM ----------
sally76 said:
hey,
I as well as plenty of others thought I was clever unlocking it as I mainly wanted to unlock it from EE UK network , its not been touched since ,no custom rooms or root but after reading people are trying to Re-lock it and getting bricked im too scared too try lol its only phone ive got ? Appreciate any help please x
Click to expand...
Click to collapse
Sorry Duhhhh !! Custom u said lol
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10?
(Or does anyone else know?)
PS: Sorry everyone for pumping such an old thread
nullstring2 said:
Geofferey, Do you happen to know if these commands are still right with LOS 17.1 / Android 10
Click to expand...
Click to collapse
Unfortunately no. Now there is avbtool and the process is actually a bit more complicated. Somebody wrote a guide on how to use it externally for another device but I couldn't even follow. I actually find it easier to get the sources for whatever ROM it is I'm trying to sign and set the signing params in config before build.
Here is the guy who did it usually avbtool externally
https://forum.hovatek.com/thread-32664.html
Many instructions here
https://android.googlesource.com/platform/external/avb/+/master/README.md
Geofferey said:
...but I couldn't even follow. /QUOTE]
Well, thats an intimidating introduction, but I'll take look.
That guide appears to be talking about mediatek CPUs which makes it a little confusing.
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
nullstring2 said:
Any hint on how to get the vbmeta signing key for the google pixel?
Click to expand...
Click to collapse
If you mean how to make your own key to perform signing then
Code:
openssl genrsa -des3 -out avb.pem 2048
If you're asking how to get the same key that Google used to sign vbmeta, it ain't ever gonna happen.
Geofferey said:
Well if anybody is interested in re-locking their boot loader with a custom ROM and kernel in place I basically figured out how
Refer to this post
If anybody plans to attempt this and has ANY questions or concerns regarding re-locking their bootloaders in a custom state please don't hesitate to post here. I successfully re-locked my bootloader with custom ROM and Kernel. I also modified TWRP in my kernel to only start via locked down adb with key access. This allows my pixel to be highly secure and still recoverable. Might start a new post highlighting my proceedures and research on this subject.
Click to expand...
Click to collapse
Is there ANY way to do this on Xperias or LGs?
Geofferey said:
It has nothing to do with passing safety net. TWRP can only access the data after the pin is input, true, but leaving a device with an unlocked boot loader leaves the ability to flash modified boot images (a huge attack vector). This is to keep your device yours if it falls into a theives hands. You can not have device protection features on a unlocked Allow OEM unlock device. You're right there is risk but being careful can alleviate the risk. I do this because I want my phone to be a trackable paper weight if somebody takes it. I have established my own chain of trust outside of googles. I have even modified my TWRP side of boot.img to only start with my PC using adb-keys.
Click to expand...
Click to collapse
It has ALL to do with safetynet/play integrity.
I wouldn't care to leave my bootloader unlocked otherwise.
But I want a rom that passes all security standards without "tricks".
Hi there,
I found there is a thread describing how to root the US/Chinese model without unlocking the bootloader -
https://forum.xda-developers.com/axon-7/development/wip-axon-7-root-bootloader-unlokced-t3441204
However it mentions that this'll brick the European model because of the included TWRP version and unfortunately I'm on a ZTE A2017GV1.0.0B08 (Android 6.0.1, Kernel 3.18.20).
Is there any news if this can be done now with the international variant -
I'm not interested in a custom ROM or updating Android, I'm happy at the moment with the 6.0.1 version I have, but really would like root for xposed framework, Titanium, Tasker ...
Is there a different TWRP version that can be used or is it not working due to the ZTE's signature key used?
Alternatively is there a way for the A2017G to re-lock the bootloader that's 100% working/safe, if you don't apply a custom ROM?
Thanks a lot for your help!
The answer you will find here
https://forum.xda-developers.com/showthread.php?t=3441204
This is the way I did it with my first A7
sent from zte axon 7 with tapatalk
Hi.
It didn't really answer the question : Is unlocking necessary to root, or can we root without unlocking ?
Every tutorials founds all follows the same paths : Unlock first, then root. But why ? is there a reason for that, or is it just a "since i'm rooting, let's unlock it while i'm at it" thing ?
(edit : Sorry 4 my english ... i hope i've been clear enough)
marcus.linkenbach said:
The answer you will find here
https://forum.xda-developers.com/showthread.php?t=3441204
This is the way I did it with my first A7
sent from zte axon 7 with tapatalk
Click to expand...
Click to collapse
Hallo Marcus
Danke fuer die Antwort -
Maybe I didn't fully comprehend the thread - I was under the impression that it bricked some A2017G, while not others and didn't want to take the risk.
Reading through the instructions - which of these steps did you take (and in what order)?
I read it that you do not need to flash TWRP? So can I just root the phone without bricking it and all is good as long as I stay with my 6.0.1 B08 version?
I understand the instructions as
- boot into edl
- install Qualcomm driver
- run axon7root to already root the device (backup seems to be done in the next step?! according to instructions).
However there is no axon7root version for the A2017G (B08) as it was removed due to TWRP?!
All I can find is the axon7backup tool (would you actually do this before you run the axon7root the first time?)
If you run the axon7root, did you do 'axon7root.exe -p 4 -b'
so that it only flashes the boot.img (not TWRP recovery) and therefore this is safe?
Sorry for the long essay, help is really appreciated!
Hey, sorry for the delay.
I am quite busy. I really don't know the procedere anymore. It is a long time ago. But if you would give me some time, I will have a look on it and will let you know. But why won't you unlock your bootloader? Without unlocking not everything runs as it should with unlocked BL.
OK. I will let you know.
Marcus
Sn8K said:
Hi.
It didn't really answer the question : Is unlocking necessary to root, or can we root without unlocking ?
Every tutorials founds all follows the same paths : Unlock first, then root. But why ? is there a reason for that, or is it just a "since i'm rooting, let's unlock it while i'm at it" thing ?
(edit : Sorry 4 my english ... i hope i've been clear enough)
Click to expand...
Click to collapse
Theoretically, yes, you can root w/o unlocking the bootloader. This is how things are done typically with certain manufacturers (LG, Samsung) that rarely offer BL unlocking. To be able to flash TWRP on a locked BL is even more difficult, as it would require a BL-level exploit. The reason that's not an option here is the ability to unlock, which precludes such development.
Hi Marcus,
Thanks a lot, that would be really great.
Regarding Bootloader unlock - I didn't buy the phone in the EU, hence my warranty would be void if I unlock it. And my warranty even comes with screen replacement (not that I ever cracked a screen, but there's always a first).
I have to admit that I'm tempted by Lineage OS, but for now (as I just bought the phone) - if there's a reasonably safe way to root without unlock, I'd prefer to just root and then maybe in a year's time or so switch to Lineage OS...
For now I managed to have my phone recognized as QUSB_BULK and I can boot into edl.
I was trying to use the axon7toolkit (1.1.1), but for whatever reason I cannot use it in commandline mode (maybe as there seem to be different versions, or maybe cause I am on Win7 32bit, no idea).
Any help would be really great!
Hi jeboo, Hi Sn8k,
Hope above explained my motivation, regarding root without unlocking - there's a thread about this
https://forum.xda-developers.com/axon-7/development/wip-axon-7-root-bootloader-unlokced-t3441204
HOWEVER there are two problems:
1) The bootloader can stay locked as it's using a signed version of TWRP, which can brick your device (A2017G)
2) The linked axon7root.exe is not for my device (A2017G B08).
Having said that, some users have been successful with rooting this version, so there seems to be a way, if you get the steps right.
Whoooo? said:
Hi Marcus,
Thanks a lot, that would be really great.
Regarding Bootloader unlock - I didn't buy the phone in the EU, hence my warranty would be void if I unlock it. And my warranty even comes with screen replacement (not that I ever cracked a screen, but there's always a first).
I have to admit that I'm tempted by Lineage OS, but for now (as I just bought the phone) - if there's a reasonably safe way to root without unlock, I'd prefer to just root and then maybe in a year's time or so switch to Lineage OS...
For now I managed to have my phone recognized as QUSB_BULK and I can boot into edl.
I was trying to use the axon7toolkit (1.1.1), but for whatever reason I cannot use it in commandline mode (maybe as there seem to be different versions, or maybe cause I am on Win7 32bit, no idea).
Any help would be really great!
Hi jeboo, Hi Sn8k,
Hope above explained my motivation, regarding root without unlocking - there's a thread about this
https://forum.xda-developers.com/axon-7/development/wip-axon-7-root-bootloader-unlokced-t3441204
HOWEVER there are two problems:
1) The bootloader can stay locked as it's using a signed version of TWRP, which can brick your device (A2017G)
2) The linked axon7root.exe is not for my device (A2017G B08).
Having said that, some users have been successful with rooting this version, so there seems to be a way, if you get the steps right.
Click to expand...
Click to collapse
Did you figured out a method to root the A2017G without unlocking?
I just got mine and need root for transferring all the apps from my old Nubia Z7....
Thx.
catadoxy said:
Did you figured out a method to root the A2017G without unlocking?
I just got mine and need root for transferring all the apps from my old Nubia Z7....
Thx.
Click to expand...
Click to collapse
You can't. Don't even try it if you don't want to face DFU...
Just use the same app that the phone comes with, I think it's WeShare or something like that. It should let you transfer all of your crap via a LAN wifi transmission (If you use a 5GHz hotspot it'll be fast as heck).
Or just unlock the phone. But don't relock it if you do, because you can make a huge mess
I've been combing the forums for a couple of weeks trying to get information about upgrading my old note 4 (Verizon, MarshMellow). I wanted to use the Lineage OS 18.1 but I can't find a way to unlock the bootloader. I've tried every method without success. None of the temp root programs seem to work. Odin gets close and then fails at the end. Same for ADB. I can't seem to get a clear answer to a question: Do you have to downgrade to 5.11 before attempting any of this? If so, how is that done on this phone? It is alluded to but not clearly stated anywhere. I'm willing to do the legwork, I just need a clear starting point.
Thanks
To unlock a device's bootloader it's NOT required device's Android is got rooted.
To flash a custom ROM like LOS you have to find a suitable custom Recovery for your device and flash this as 1st thing of all things.
Thanks for the response. That's what has been confusing. Most of the procedures I've read (some of them older) state the the first step is to temp root with Kingroot or similar. These don't work on my phone so I haven't gotten very far. Others want you to unlock the bootloader first. Same problem, can't find a way to to that in this phone that works. I'm pretty OCD so I'll keep searching.
@docsquic
[Official] Note 4 Verizon Bootloader Unlock
Enjoy. Don't forget to thank beaups too, he discovered the eMMC backdoor and exploited it! UPDATE: [8/2/16] I have recompiled the binary to fix issues with older ROMs like 4.4. This should fix all the issues with "This is for samsung device...
forum.xda-developers.com
If you are using an SM-910 with a locked bootloader, like the 910V, then the answer is an unequivocal YES you must first unlock the bootloader before you can accomplish anything substantive with it, and to do that YES you must also downgrade to 5.1.1 to root it and unlock the bootloader. And your device must have a CID 15 eMMC chip to achieve any of this.