I found a workaround to decrypt 5T
1. Boot into TWRP
2. Format Data > Yes > Enter
3. Mount storage
4. Download no-verity flashable zip: https://drive.google.com/file/d/0B0pr-ZA5b-1pWHp5aDkzaC1ydUk/view
5. Transfer no-verity flashable zip to your 5T
6, Flash it
7. Reboot
U didn't have any side effects or errors with a zip for the 5, not 5T?
yung40oz84 said:
U didn't have any side effects or errors with a zip for the 5, not 5T?
Click to expand...
Click to collapse
I only tested briefly but nothing at all
Are there benefit?
Do u still have to enter password in twrp
what's this?
I know everyone wants as much performance they can get. In the days of the Nexus 6 and prior, un-encrypting the phone made it faster. With today's flagship phones is is completely unnecessary. You can certainly try and dycrypt if you want but you won't gain any additional performance on the 5t
Mike02z said:
I know everyone wants as much performance they can get. In the days of the Nexus 6 and prior, un-encrypting the phone made it faster. With today's flagship phones is is completely unnecessary. You can certainly try and dycrypt if you want but you won't gain any additional performance on the 5t
Click to expand...
Click to collapse
True..however it just takes away that first step in TWRP "Mount Decrypt" you go right to the home page. Just convenience not performance.
Will this remove the dm-verity message at boot up I got when I had the OP3? Is that message even a thing for the 5T?
showofdeth said:
Will this remove the dm-verity message at boot up I got when I had the OP3? Is that message even a thing for the 5T?
Click to expand...
Click to collapse
Not sure about a message ? When I boot into TWRP it opens on the Mount page and I have to enter a password
to Decrypt before the main page comes up.....this should remove the Mount/Decrypt page and go right to the main page
hopefully on the 5T a well....
If anyone decrypts and is able to remove enforce fbe I have some files for the OP5T for dualboot you can test. Ported over front he OP5. Pm me if interested.
I tried everything under the sun to get the FBE enforced encryption to not encrypt device on boot with stock or any stock ROM, including FreedomOS and Audax. I cannot get it to work. It either does not boot at all or says encryption failed and I have to factory reset and wipe data. I tried every TWRP, every disable dm verity zip, every kernel, combination of flashing. Must wait for a proper zip to disable the forced FBE encryption for OP5T.
That sucks...I was hoping for that...hope a Dev comes up with something soon....
sent from OnePlus 5T
skyeking69 said:
Not sure about a message ? When I boot into TWRP it opens on the Mount page and I have to enter a password
to Decrypt before the main page comes up.....this should remove the Mount/Decrypt page and go right to the main page
hopefully on the 5T a well....
Click to expand...
Click to collapse
That is not true. If you don't set Android to also use your screen lock password to bet used at boot, the default password for decryption will be "default_password" and TWRP will decrypt without asking. As decryption is done in hardware, you should not notice any difference in speed.
showofdeth said:
Will this remove the dm-verity message at boot up I got when I had the OP3? Is that message even a thing for the 5T?
Click to expand...
Click to collapse
It is more likely that decrypting will trigger such message, unless you have something installed that will suppress such warnings, e.g. Magisk.
This zip worked fine for me. I'm running audax decrypted.
dreinulldrei said:
That is not true. If you don't set Android to also use your screen lock password to bet used at boot, the default password for decryption will be "default_password" and TWRP will decrypt without asking. As decryption is done in hardware, you should not notice any difference in speed.
Click to expand...
Click to collapse
Ok how do I set Android not to use my screen lock password at boot?
---------- Post added at 01:19 PM ---------- Previous post was at 01:19 PM ----------
slebit said:
This zip worked fine for me. I'm running audax decrypted.
Click to expand...
Click to collapse
What zip ?
skyeking69 said:
What zip ?
Click to expand...
Click to collapse
The one from first post...
skyeking69 said:
Ok how do I set Android not to use my screen lock password at boot?
Click to expand...
Click to collapse
Set a screen lock pin or pw, when Android asks to protect boot process, choose no.
If this helped, there's a thanks button.
dreinulldrei said:
skyeking69 said:
Ok how do I set Android not to use my screen lock password at boot?
Set a screen lock pin or pw, when Android asks to protect boot process, choose no.
If this helped, there's a thanks button.
Click to expand...
Click to collapse
all it asks for is what notifications to display when screen is locked ?
Click to expand...
Click to collapse
I am using freedom os. I backup all my data into titanium and if I move to another rom my all data will be deleted or not ??
Can I access that data on another rom ??
Related
It just occured to me, that despite encrypting my device, I can boot into TWRP recovery and flash things to various partitions without entering a password.
Doesn't that essentially mean that the encryption key must be stored somewhere by TWRP in a clear (unencrypted) form?
If so, doesn't root basically render device encryption meaningless? Sure the average phone thief might not care to crack into it, but it would probably be trivial for anybody with a little technical knowledge and time on their hands. And police probably have a step-by-step process for cracking rooted devices.
Does root compromise encryption?
static416 said:
It just occured to me, that despite encrypting my device, I can boot into TWRP recovery and flash things to various partitions without entering a password.
Doesn't that essentially mean that the encryption key must be stored somewhere by TWRP in a clear (unencrypted) form?
If so, doesn't root basically render device encryption meaningless? Sure the average phone thief might not care to crack into it, but it would probably be trivial for anybody with a little technical knowledge and time on their hands. And police probably have a step-by-step process for cracking rooted devices.
Does root compromise encryption?
Click to expand...
Click to collapse
To answer your exact question, no, root doesn't compromise encryption. Root and TWRP are two separate things, you can have TWRP without root. However, TWRP does allow access to your data without requiring authorisation.
Doesn't "enable Password on Boot" in Settings/Security, force a password onto TWRP as well?
Sent from my Nexus 5X using Tapatalk
SlimSnoopOS said:
Doesn't "enable Password on Boot" in Settings/Security, force a password onto TWRP as well?
Sent from my Nexus 5X using Tapatalk
Click to expand...
Click to collapse
Yeah that's a good point, I don't use that feature as I find it annoying so I forgot about it.
SlimSnoopOS said:
Doesn't "enable Password on Boot" in Settings/Security, force a password onto TWRP as well?
Sent from my Nexus 5X using Tapatalk
Click to expand...
Click to collapse
The only way your data is truly encrypted (in my opinion) is doing just that.
Agent said:
The only way your data is truly encrypted (in my opinion) is doing just that.
Click to expand...
Click to collapse
Thanks so much! This is exactly what I was looking for.
I don't know why it didn't occur to me earlier. I'm glad I don't have to choose between security and usability (root, TWRP, etc).
i was thinking about this today actually, because my phone has no encryption (both system and userdata).
However, with purenexus rom and cerberus if your phone is ON when it's stolen, you can essentially prevent someone from booting into recovery since the normal power menu is not available, and pressing and holding the power button for 10 secs just reboots the phone into OS again which is locked. Also, the USB defaults to charging, so data is inaccessible.
is there a way boot into recovery in a situation such as this?
2x4 said:
i was thinking about this today actually, because my phone has no encryption (both system and userdata).
However, with purenexus rom and cerberus if your phone is ON when it's stolen, you can essentially prevent someone from booting into recovery since the normal power menu is not available, and pressing and holding the power button for 10 secs just reboots the phone into OS again which is locked. Also, the USB defaults to charging, so data is inaccessible.
is there a way boot into recovery in a situation such as this?
Click to expand...
Click to collapse
They can hold Power and volume down to boot right into bootloader (and subsequently recovery) from lockscreen. I did this last night since restoring my TWRP 3.0 backup locked me out of my 5X lol
Edit: just want to be clear, I do not have Cerberus. idk if it blocks the above combo as well
SlimSnoopOS said:
They can hold Power and volume down to boot right into bootloader (and subsequently recovery) from lockscreen. I did this last night since restoring my TWRP 3.0 backup locked me out of my 5X lol
Edit: just want to be clear, I do not have Cerberus. idk if it blocks the above combo as well
Click to expand...
Click to collapse
You're right, that way definitely works. And I'm not sure that it it can block that tbh
2x4 said:
You're right, that way definitely works. And I'm not sure that it it can block that tbh
Click to expand...
Click to collapse
Keep in mind that when your data is encrypted and a boot password is used, they may can get into the bootloader, but they can not get inside your system. They will have to wipe it to get anything on it that will work.
Agent said:
Keep in mind that when your data is encrypted and a boot password is used, they may can get into the bootloader, but they can not get inside your system. They will have to wipe it to get anything on it that will work.
Click to expand...
Click to collapse
Thanks for the clarification. Is there any way to get the boot password feature without encrypting my data?
Hi all, just got my new V20 (Verizon)! Feels good to be back after my beloved G3 died last year. I know that Android 7.0 includes the new file-based encryption, but you have to enable it from developer options. Should be "convert to file encryption." However I don't have the option on my V20. Am I missing something? Does anyone else have the option?
On Verizon as well and I don't have it either.
All v20 have encryption enabled out the box as when we root and use TWRP have to wipe the whole thing
Sent from my Pixel XL using Tapatalk
nexus6r3plicant01 said:
All v20 have encryption enabled out the box as when we root and use TWRP have to wipe the whole thing
Sent from my Pixel XL using Tapatalk
Click to expand...
Click to collapse
Does that mean that after we finish installing TWRP and boot the phone for the first time it will start using the file based encryption again?
farleydwnsu said:
Does that mean that after we finish installing TWRP and boot the phone for the first time it will start using the file based encryption again?
Click to expand...
Click to collapse
No
To be able to use twrp you have to remove encryption and mot use it as it blocks twrp from backing up your data.
Therez a fix for twrp i started to port to the v20 so it wasnt a requirement to decrypt but in all honesty encryption slows your handset down a ton!
So you either use full device encyrption by defualt.
Or you formatt your phone and flash a Rom that has decryption turned off.
If you ask the dev of your model nicely that makes the rom you are gonna use i bet he would make you a boot.img with it on if you wanted. Just know that twrp backups of your data will not work.
In an effort to keep this chatter out of other threads, here is the info that you seek. I didn't discover this process @DespairFactor and Bryant (not sure of his XDA handle) get the credit.
First you need to go through the Google set up and Skip everything except, the unlock Theft Protection. It will then ask you if you want to add the Google account and you say no. If at any point you say yes to something or add a pin / fingerprint it will encrypt. Then you need to reboot to the bootloader and run, fastboot format userdata then, Boot and Skip through the set up again. As long as you do not add a pin / password or a google account you will stay un-encrypted. This will work on the stock boot.img.
Reserved
Any advantage of doing it? In theory it should work faster, but is it visible?
Hola
And further to @DforDesign's question, I take it that having a decrypted device helps with existing TRWP and available custom kernel installations? I haven't reviewed the Development sub-forums yet as I am still awaiting my device.
Thanks for the guide.
If you do stay unencrypted, isn't all we can do for now is just edit the build prop? Anything else? I thought magisk would still bootloop
DforDesign said:
Any advantage of doing it? In theory it should work faster, but is it visible?
Click to expand...
Click to collapse
Depends on if you talk to people that wear tin foil hats, that also gives you your answer.
so after the setup, can you add your google account, fingerprint/pin later?
xryousukex said:
so after the setup, can you add your google account, fingerprint/pin later?
Click to expand...
Click to collapse
Then you will lose twrp after doing that process. It will be encrypted.
Let me make sure I'm understanding this.
I already set up my 2 XL with pin and fingerprint, so now it's encrypted making seeing root file tree impossible (like sdcard, download folder).
If I reset my device, and say NO to everything requiring pin or fingerprint on the device, I can set it up normally and still have access to the root file tree?
So long as I don't password, pin, fingerprint protect the device, I'll continue to have access to these files, right?
But this also means no google account activity (Gmail, contacts , photos, etc) right?
Yes for now, that's exactly what that means, at least for now until TWRP , or AOSP recovery is update and worked on to work with our device.
Az Biker said:
Let me make sure I'm understanding this.
I already set up my 2 XL with pin and fingerprint, so now it's encrypted making seeing root file tree impossible (like sdcard, download folder).
If I reset my device, and say NO to everything requiring pin or fingerprint on the device, I can set it up normally and still have access to the root file tree?
So long as I don't password, pin, fingerprint protect the device, I'll continue to have access to these files, right?
But this also means no google account activity (Gmail, contacts , photos, etc) right?
Click to expand...
Click to collapse
You understand correctly. The only thing I'm not sure about is whether or not a factory reset will be enough. We used format userdata in fastboot to achieve it. It may be a good test to see if simply linking a Google account will trip encryption.
I can add my google account as long as i dont set a pin or fingerprinter my phone's internal storage is visible via TWRP with no issues.
Let me add something we discovered. It seems to be on the pin/pattern setup only. I think you can do everything else to stay decrypted in twrp. Now might thought was to setup everything they way you want without pin/pattern and you can then backup. Then save that backup on a PC. After that you lock your device via pin/pattern. If for some reason something screws up instead of setting everything up again. Just factory reset and skip everything and place backup on SD card then boot twrp and try to restore. Someone want to test this theory lol????
Sent from my Nexus 6 using Tapatalk
bryantjopplin said:
Let me add something we discovered. It seems to be on the pin/pattern setup only. I think you can do everything else to stay decrypted in twrp. Now might thought was to setup everything they way you want without pin/pattern and you can then backup. Then save that backup on a PC. After that you lock your device via pin/pattern. If for some reason something screws up instead of setting everything up again. Just factory reset and skip everything and place backup on SD card then boot twrp and try to restore. Someone want to test this theory lol????
Sent from my Nexus 6 using Tapatalk
Click to expand...
Click to collapse
Thanks for confirming
Great! Thanks. I can't use TWRP on the Nov patch but I have a question... I'm now using a permissive kernel. Can I simply wipe userdata to unencrypt? Can you confirm? Is the command fastboot format userdata?
Thanks in advance!
Mike02z said:
Great! Thanks. I can't use TWRP on the Nov patch but I have a question... I'm now using a permissive kernel. Can I simply wipe userdata to unencrypt? Can you confirm? Is the command fastboot format userdata?
Thanks in advance!
Click to expand...
Click to collapse
Yes, but twrp is still not functional
bryantjopplin said:
Yes, but twrp is still not functional
Click to expand...
Click to collapse
Thanks. I didn't realize we needed twrp. I was thinking we could just use fastboot erase userdata in leu of twrp.
Can't you just factory reset and then flash Magisk before re-setting up your phone? I thought Magisk disabled force encrypt by default.
Mike02z said:
Thanks. I didn't realize we needed twrp. I was thinking we could just use fastboot erase userdata in leu of twrp.
Click to expand...
Click to collapse
No you can, I thought you were thinking format userdata would fix twrp. Sorry
TheSt33v said:
Can't you just factory reset and then flash Magisk before re-setting up your phone? I thought Magisk disabled force encrypt by default.
Click to expand...
Click to collapse
Tried it, no luck. Removed my Google account, reset phone, did not log into my Google account and did not set up any PIN or password and it's still encrypted. I'll try fastboot erase userdata and cache and see if that works.
I am stuck on the 'Phone is starting...' screen. This is how I landed here
1. Added Finger Print Customizations when the phone was working and they did work as expected.
2. Noticed update from 9.0.10 to 9.0.10
3. Flashed stock 9.0.10 image over Bluespark and Magisk rooted image
4. Flashing stock 9.0.10 caused getting stuck in the 'Phone is starting...' screen
5. I can hear my phone ringing on this screen, but I cannot answer any calls since the phone is stuck forever on this screen
6. I tried flashing bluespark and magisk in the hopes of being able to boot, but that just cases my old boot screen to show up and then going back to restarting in a loop again
I believe OPSystemUI.apk (file that I replaced under /system/priv-app for getting custom finger print animation) is causing the issue. I do not know how to restore the stock version of this file without wiping all my data clean. I am not sure if this is the file causing the issue. Is there any way to get the phone started by flashing some files via adb?
Appreciate the inputs in advance.
pramathesh said:
I am stuck on the 'Phone is starting...' screen. This is how I landed here
1. Added Finger Print Customizations when the phone was working and they did work as expected.
2. Noticed update from 9.0.10 to 9.0.10
3. Flashed stock 9.0.10 image over Bluespark and Magisk rooted image
4. Flashing stock 9.0.10 caused getting stuck in the 'Phone is starting...' screen
5. I can hear my phone ringing on this screen, but I cannot answer any calls since the phone is stuck forever on this screen
6. I tried flashing bluespark and magisk in the hopes of being able to boot, but that just cases my old boot screen to show up and then going back to restarting in a loop again
I believe OPSystemUI.apk (file that I replaced under /system/priv-app for getting custom finger print animation) is causing the issue. I do not know how to restore the stock version of this file without wiping all my data clean. I am not sure if this is the file causing the issue. Is there any way to get the phone started by flashing some files via adb?
Appreciate the inputs in advance.
Click to expand...
Click to collapse
You don't have launcher installed.
Just sideload any launcher apk using advanced and you should be good..
indian84 said:
You don't have launcher installed.
Just sideload any launcher aok using advanced and you should be good..
Click to expand...
Click to collapse
Are you sure? Before messing it up with stock boot image I had nova running for me and had also kept one plus stock installed. Not sure how I can side load a launcher. Any pointers to that, please?
pramathesh said:
Are you sure? Before messing it up with stock boot image I had nova running for me and had also kept one plus stock installed. Not sure how I can side load a launcher. Any pointers to that, please?
Click to expand...
Click to collapse
Not 100% sure it'll help.
But won't hurt to try..
indian84 said:
Not 100% sure it'll help.
But won't hurt to try..
Click to expand...
Click to collapse
True. Any idea on how to side load an apk? I usually side load zip. Apk is new to me.
pramathesh said:
True. Any idea on how to side load an apk? I usually side load zip. Apk is new to me.
Click to expand...
Click to collapse
Well, I shared a screenshot with you.
It's similar to sideloading a zip..
indian84 said:
Well, I shared a screenshot with you.
It's similar to sideloading a zip..
Click to expand...
Click to collapse
I am unable to open the image you have attached
pramathesh said:
I am unable to open the image you have attached
Click to expand...
Click to collapse
Google would help.
Too lazy to type..
Lol
pramathesh said:
True. Any idea on how to side load an apk? I usually side load zip. Apk is new to me.
Click to expand...
Click to collapse
Adb install name.apk
Where name.apk is the app you're installing
indian84 said:
Not 100% sure it'll help.
But won't hurt to try..
Click to expand...
Click to collapse
I am getting this while trying to sideload apk
C:\Program Files (x86)\Minimal ADB and Fastboot>adb install launcher.apk
adb: connect error for write: closed
If you use bluespark TWRP then you're several weeks late, use officially working TWRP check in ROM section
Sideload the whole ROM to go back to normal, with temporary boot TWRP in fastboot mode
Striatum_bdr said:
If you use bluespark TWRP then you're several weeks late, use officially working TWRP check in ROM section
Sideload the whole ROM to go back to normal, with temporary boot TWRP in fastboot mode
Click to expand...
Click to collapse
I have the 9.0.10 downloaded from here:
https://forum.xda-developers.com/oneplus-6t/how-to/official-oxygenos-9-0-4-ota-oneplus-6t-t3860953
I unzipped them found a .bin file. Is there any guide on extracting the binary files and flashing the entire rom via ADB?
pramathesh said:
I have the 9.0.10 downloaded from here:
https://forum.xda-developers.com/oneplus-6t/how-to/official-oxygenos-9-0-4-ota-oneplus-6t-t3860953
I unzipped them found a .bin file. Is there any guide on extracting the binary files and flashing the entire rom via ADB?
Click to expand...
Click to collapse
Use fastboot ROM in that case. See relevant threads
Striatum_bdr said:
Use fastboot ROM in that case. See relevant threads
Click to expand...
Click to collapse
Let me check, is it okay to PM you?
pramathesh said:
Let me check, is it okay to PM you?
Click to expand...
Click to collapse
No, I've never had to use that, and all is explained clearly in the threads giving fastboot ROM
Ultimate tool is msmdownload, there are dedicated threads also
Striatum_bdr said:
No, I've never had to use that, and all is explained clearly in the threads giving fastboot ROM
Ultimate tool is msmdownload, there are dedicated threads also
Click to expand...
Click to collapse
Sorry for being so naive but I couldn't find any ROM that would have fastboot support. There is very less stuff for 6T to comb from.
pramathesh said:
Sorry for being so naive but I couldn't find any ROM that would have fastboot support. There is very less stuff for 6T to comb from.
Click to expand...
Click to collapse
Not very hard to find
https://forum.xda-developers.com/oneplus-6t/how-to/rom-stock-fastboot-roms-oneplus-6t-t3862516
Striatum_bdr said:
Not very hard to find
https://forum.xda-developers.com/oneplus-6t/how-to/rom-stock-fastboot-roms-oneplus-6t-t3862516
Click to expand...
Click to collapse
Silly me, I was looking in the ROM section. I will use this and update the thread again
Hey! It worked. The phone is up and running now. Only thing is I lost all the data on the phone
Solution
Next time you face this issue in any ROM, you can do the following to come out of it. However, you would need to have a customised notification panel, which will allow you to go to settings and security option. Also, ensure you do not have a default launcher, if you have more than 1 launcher in your phone that you use.
Just long press any icon which leads to settings, or click on the settings icon from the notification bar.
It will open a blank settings page. Do a scroll up and down, and it will refresh.
Then go to security and privacy and delete the fingerprints.
You may also need to delete the security pin or swipe or the lock screen settings.
NOTE: Do not delete the locksettings.db from Recovery mode. It will break everything and the above steps might not help.
BTW, I am facing this issue for the last 3 days. Have been doing clean flash everytime. I was searching this issue on internet, but yours came up just now, and I read, FingerPrint, and it stuck me. Now it worked. Rebooting now. But posting the comment here in case I face any issues. Want to help you, as I know what the feeling is like. Frustrated and tired, wanting to kill someone.
Edit: Rebooted without any lock pin or FP. Shows phoe is starting, and starts in 2 seconds and allows access.
Will set a pin and check now.
Then will set one FP and check.
Edit2: Set pin lock and rebooted. Works okay..
Well, decryption actually. I would love to disable encryption entirely like on the OP6, but apparently that's not possible due to the fingerprint or something. It's so frustrating. I load OOS then Havoc (or ASOIP, maybe others) and everything seems fine until i try to flash something in TWRP only to find it won't accept my pattern, pin, fingerprint etc. Anyone seen this?
You have to clean flash an April security patch build, add your password/pin etc., then dirty flash to May and it will work
The other day it did that to me but when I skipped the pattern my files still showed up as normal. I'm using TWRP 3.3.0-2
king_david43 said:
The other day it did that to me but when I skipped the pattern my files still showed up as normal. I'm using TWRP 3.3.0-2
Click to expand...
Click to collapse
ZeroKool76 said:
You have to clean flash an April security patch build, add your password/pin etc., then dirty flash to May and it will work
Click to expand...
Click to collapse
Hmm, i swear i think i tried that a couple times. :latest release, no beta.
I'm very familiar with wiping the data partition to create a fresh decrypt one. I think i just need a no-forced encrypt zip like on OP6. Unfortunately i think that screws up login attempts because of the fingerprint being proprietary. If someone knows a way or is working on it, you'd be my hero.
jaysonic88 said:
Hmm, i swear i think i tried that a couple times. :latest release, no beta.
I'm very familiar with wiping the data partition to create a fresh decrypt one. I think i just need a no-forced encrypt zip like on OP6. Unfortunately i think that screws up login attempts because of the fingerprint being proprietary. If someone knows a way or is working on it, you'd be my hero.
Click to expand...
Click to collapse
Have you tried to format data instead of wiping? Some ROMs like treskmod require this for successful decryption.
reppi said:
Have you tried to format data instead of wiping? Some ROMs like treskmod require this for successful decryption.
Click to expand...
Click to collapse
Sorry, yes that's what i mean. I indeed do completely format the data partition where it prompts and requires "yes" to do so. The odd thing is it DOES decrypt it just sometimes encrypts again and then locks me out. I do tend to reinstall twrp and root more than is probably required (to get safetynet passed). Is there some rule i need to follow or something i need to do during each flash to prevent this?
Thanks by the way for everyone's input.
jaysonic88 said:
Sorry, yes that's what i mean. I indeed do completely format the data partition where it prompts and requires "yes" to do so. The odd thing is it DOES decrypt it just sometimes encrypts again and then locks me out. I do tend to reinstall twrp and root more than is probably required (to get safetynet passed). Is there some rule i need to follow or something i need to do during each flash to prevent this?
Thanks by the way for everyone's input.
Click to expand...
Click to collapse
Ok, i think i found the issue. According to the guy who wrote the unofffical TWRP 3.3.02 it's a bug in the code. He sent the info including the lines of code that were causing the problem to teamwin.
https://forum.xda-developers.com/showpost.php?p=79515334&postcount=2559