Database Develop

Security Issues With Unlocking the Bootloader Without Rooting?

Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?

That's always a risk. Read playstore comments before installing anything.
Has nothing to do with being rooted or not...or boot loader state.
Sent from my Moto X cellular telephone...

Cozume said:
Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?
Click to expand...
Click to collapse
You could have asked at AC and I would answer it over there.
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified. I can flash custom recovery to your phone. Custom recovery give full root access to the phone. It is then easily possible to copy all your data from the phone and also disable the lock for your phone. Although if you encrypt your phone, then custom recovery will require the password to give access to the /data partition, which is where all the user datas are. I guess if someone is determine enough, then they can make an image copy of your phone and try to decrypt it.
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader. However, if the phone brick then you can't get back your data in the phone.

eksasol said:
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified.
Click to expand...
Click to collapse
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
eksasol said:
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader.
Click to expand...
Click to collapse
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.

Cozume said:
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
Click to expand...
Click to collapse
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system. Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.
Click to expand...
Click to collapse
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
If you have an older Android phone, you don't need to do anything except to enable USB Debugging and run a program to install root. But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection. But KitKat is much safer now.
You don't need root to install malware and virus to your phone. Just download an infected app or use unreliable app stores like Aptoide. Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Point I'm trying to make is, if the phone have unlocked bootloader, or even locked bootloader with custom recovery, and someone else have a hold of it, then all bets are off.

eksasol said:
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system.
Click to expand...
Click to collapse
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
eksasol said:
Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
Click to expand...
Click to collapse
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
eksasol said:
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
Click to expand...
Click to collapse
good to know!
eksasol said:
But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection.
Click to expand...
Click to collapse
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
eksasol said:
But KitKat is much safer now.
Click to expand...
Click to collapse
why is this?
eksasol said:
Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Click to expand...
Click to collapse
thanks, Amazon app store required that to be enabled to load apps from their app store.

Cozume said:
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
Click to expand...
Click to collapse
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
Click to expand...
Click to collapse
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA.
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
Click to expand...
Click to collapse
Yes. The actual component of root isn't the SuperSU app, but a 'su' binary. Without the SuperSU app, anything can have full fledged root access. You need SuperSU to control that access.
why is this?
Click to expand...
Click to collapse
For many reason, I'm not a developer so I can only talk about what I know and seen from a user perspective. It used to be that you can flash an exploited update.zip to modify the stock recovery of Android, in order to make it ignore the package signatures, so the recovery could flash any package without the correct signature. Now there are no such exploits for latest stock recovery. With USB Debugging enabled in Android 4.3 or newer, it would not even allow access when connected to a PC unless you accept to trust that PC in a pop up dialog in the phone, I'm not sure if it's mean the phone is totally invulnerable to exploits (like memory overflow), you'll have to ask someone smarter. Also apps like Framaroot that I just linked won't work anymore.

eksasol said:
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA. My guess is if you tried it with modified logo it will either fail or overwrite it.
Click to expand...
Click to collapse
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.

Cozume said:
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.
Click to expand...
Click to collapse
You already gave me enough thanks at AC.

eksasol said:
You already gave me enough thanks at AC.
Click to expand...
Click to collapse
what is your user name there?

Cozume said:
what is your user name there?
Click to expand...
Click to collapse
someguy

Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Sent from my Moto X cellular telephone...

eksasol said:
someguy
Click to expand...
Click to collapse
ok great!

kj2112 said:
Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Click to expand...
Click to collapse
I am just trying to understand how all of this works.

Okay one thing why are you trying to unlock the bootloader without rooting?? Or did I read everything wrong? And yes unlocking the bootloader allows you to write to every partition of the phone. Except when HTC and you're s-on you have to manually flash the boot.img via fastboot. But with moto. There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty. Three it can disable functions on your phone like features, camera options I think and yeah etc. But if you follow instructions you won't have any problems ever rooting or shouldn't if you semi have a brain and know how to follow instructions if not well you can somewhat brick :$ I don't mess with moto much but I have. Sorry this thread was in my latest and scrolling through xda. Lol. You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Sent from my Rezound using xda-developers app. CyanogenMod 11. S-off

I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
edit: link: http://forum.xda-developers.com/showthread.php?t=2575586&page=2

pball52998 said:
Okay one thing why are you trying to unlock the bootloader without rooting??
Click to expand...
Click to collapse
I rooted but a friend of mine is unlocked but not rooted. She wanted to be unlocked because it wipes your device so wanted to do it before she got the phone all set up. She is afraid of rooting. Anyhow, maybe she shouldn't have unlocked but she did.
pball52998 said:
There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty.
Click to expand...
Click to collapse
She has the dev ed so it doesn't void her warranty. And she may want to Wifi tether in the future so I told her she needs to unlock and root for that so get the dev ed. She did and unlocked but is afraid to go any further.
pball52998 said:
You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Click to expand...
Click to collapse
It increases the phone's resale value to unlock it.

eksasol said:
I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
Click to expand...
Click to collapse
I thought I saw a thread where someone could relock the Moto X bootloader.
And what about this?
Re-Lock Your Bootloader

It should just be a command like fastboot_oem_lock or something but idk. And two if she has the dev edition. Root that thing!!! XD that's what it's for!! Just install twrp via goo manager. Wipe factory reset all that good stuff. After making a back up. Notice after backing up. Then flashing rom and gapps In that order. I mean its a lot easier than htc rezound or htc one, htc in general and such lol.
Sent from my crappy apple iPad.....

pball52998 said:
Wipe factory reset all that good stuff. After making a back up.
Click to expand...
Click to collapse
well, I didn't wipe and do a factory reset when I rooted so I guess I did it wrong, lol! That is what she is afraid of - not doing it right and messing up her phone.
And I don't have a backup, but do I really need one if I can flash the factory images?

Will Google ever let us choose to disable encryption without rooting?

Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J

We can only guess but I suspect not.

Jaxione said:
Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J
Click to expand...
Click to collapse
Please don't take this as offense but why get a nexus device if u don't want to root? if your worried about voiding warranty all u have to do is return to stock/Unroot/Lock Bootloader back up and then you good.

Jaxione said:
Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J
Click to expand...
Click to collapse
No they've stated that they suggest all devices going forward are encrypted. Obviously OEM's can do what they want but that's not going to be an option on the Nexus side.

the_rooter said:
Please don't take this as offense but why get a nexus device if u don't want to root? if your worried about voiding warranty all u have to do is return to stock/Unroot/Lock Bootloader back up and then you good.
Click to expand...
Click to collapse
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J

Jaxione said:
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J
Click to expand...
Click to collapse
If you ever need a step my step on doing so there is a video that i followed on youtube. There are many that does wonders. I can also offer a helping hand in doing so. I know how to do fasboot/adb method also I tried the WUG Toolkit which many people blast tool kits, but i come to enjoy it. I have made mistakes in rooting/unlocking bootloaders but thats mainly because I didnt fully read before I started. If your concerned check out WUG Tool kit here, and also this youtube channel does wonders.
https://www.youtube.com/watch?v=XBIPQVDfAQ8
Rootjunky channel on youtube. The guy has awesome videos and he does step by step. If interested I can even offer some help and guidance. Pm me.

Jaxione said:
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J
Click to expand...
Click to collapse
You don't need to be rooted in order to remove encryption. But you do need to format all data.
Unlock in Fastboot (all data wiped automatically)
Flash TWRP 2.8.5.0 in Fastboot
Flash kernel in TWRP without encryption flag (LeanKernel or franco, to name a few)
In TWRP - Wipe -> Factory Reset, then Wipe -> Format Data -> (yes) to confirm format
Fastboot flash all but the boot.img from the latest factory image

NotATreoFan said:
You don't need to be rooted in order to remove encryption. But you do need to format all data.
Unlock in Fastboot (all data wiped automatically)
Flash TWRP 2.8.5.0 in Fastboot
Flash kernel in TWRP without encryption flag (LeanKernel or franco, to name a few)
In TWRP - Wipe -> Factory Reset, then Wipe -> Format Data -> (yes) to confirm format
Fastboot flash all but the boot.img from the latest factory image
Click to expand...
Click to collapse
Ok thanks. But how will this affect my warranty?
Br J

It doesn't with a Nexus device.
As long as you can flash back stock your warranty is intact.
I had TWRP recovery, custom kernel and some ROM tweaks first thing this morning. Then I flashed everything back to stock and sent it in for warranty repair today.

Jaxione said:
Ok thanks. But how will this affect my warranty?
Br J
Click to expand...
Click to collapse
Unlocking a Nexus device will not void the warranty. If your only desire is to remove encryption, you could even go back to stock recovery and relock the device afterward.

NotATreoFan said:
Unlocking a Nexus device will not void the warranty. If your only desire is to remove encryption, you could even go back to stock recovery and relock the device afterward.
Click to expand...
Click to collapse
Well hold on. I've no idea how moto handle warranty...
But on the nexus 5, if you bought from play store, Google handled warranty. Even if it was unlocked... Like the law in many places suggest.. However if you bought from somewhere else. LG handled the warranty but they would refuse it if it was unlocked or tamper flag tripped...
Now the 6 does t seem to have a tamper flag and I'm not sure how moto do things vs LG, but saying "Nexus device" insinuates all of them but that would not be accurate.

rootSU said:
Well hold on. I've no idea how moto handle warranty...
But on the nexus 5, if you bought from play store, Google handled warranty. Even if it was unlocked... Like the law in many places suggest.. However if you bought from somewhere else. LG handled the warranty but they would refuse it if it was unlocked or tamper flag tripped...
Now the 6 does t seem to have a tamper flag and I'm not sure how moto do things vs LG, but saying "Nexus device" insinuates all of them but that would not be accurate.
Click to expand...
Click to collapse
You may be correct. I am speaking from the Google side, as well as T-Mobile. I've spoken to their service reps and they will issue RMAs for unlocked Nexus devices.

NotATreoFan said:
You may be correct. I am speaking from the Google side, as well as T-Mobile. I've spoken to their service reps and they will issue RMAs for unlocked Nexus devices.
Click to expand...
Click to collapse
Yep Google are definitely good. That's why I bought from play this time. Moto may also be good - I don't know. But lg on the 5 I hope are not setting a trend

I didnt buy the Nexus 6 for the flashing, rooting and unlocking. I bought it because I wanted a clean Android experience and because I think the Nexus 6 is a handsome looking phone. Found this article: http://www.droid-life.com/2014/11/20/i-didnt-buy-a-nexus-to-flash-all-the-things/
Thats exactly how I see it even though I didnt write the article. But it makes me pissed that google is forcing encryption on us for no reason.
Br J

Jaxione said:
I didnt buy the Nexus 6 for the flashing, rooting and unlocking. I bought it because I wanted a clean Android experience and because I think the Nexus 6 is a handsome looking phone. Found this article: http://www.droid-life.com/2014/11/20/i-didnt-buy-a-nexus-to-flash-all-the-things/
Thats exactly how I see it even though I didnt write the article. But it makes me pissed that google is forcing encryption on us for no reason.
Br J
Click to expand...
Click to collapse
Its not for no reason. Its for security. Its to become a viable alternative to apple in the corporate world.

rootSU said:
Its not for no reason. Its for security. Its to become a viable alternative to apple in the corporate world.
Click to expand...
Click to collapse
Completely agree.... It was most certainly done for A REASON.
Just like Samsung's KNOX was done for A REASON...
Some people may not like the reason because it doesn't meet their particular needs, but that's another story...

JasonJoel said:
Completely agree.... It was most certainly done for A REASON.
Just like Samsung's KNOX was done for A REASON...
Some people may not like the reason because it doesn't meet their particular needs, but that's another story...
Click to expand...
Click to collapse
Indeed. I hate encryption but I also love rooting and flashing so I'm good..

Lets set one thing straight; the only DOWNSIDE to encryption, is the performance hit, and that is because they are using SOFTWARE CRYPTO. Qcom didn't have the code for hardware crypto published on time for the N6 ship date, but it is now, which means that there is a good potential for THAT to be added at some point. IMO, it is MUCH more likely that they will add hwcrypto than to fall back to allowing you to run unencrypted.

Just talked with Motorola. I was thinking about rooting the device but after the talk with Motorola Im not going to. They said I will void the warranty when rooting.
Br J

derp.. my mistake :angel:

Install TWRP on locked bootloader with Android 5.1

Hello,
Kindly how can I install TWRP recovery on my Nexus 6 with Android 5.1 and locked bootloader and I don't have a working android (shows android figure and it maybe bricked)?
Is it possible to install a recovery to install any other custom ROM so I can make the device working?

Pr0fess0rX said:
Hello,
Kindly how can I install TWRP recovery on my Nexus 6 with Android 5.1 and locked bootloader and I don't have a working android (shows android figure and it maybe bricked)?
Is it possible to install a recovery to install any other custom ROM so I can make the device working?
Click to expand...
Click to collapse
Please provide some more information.
Can you boot into Android at all? (Does the phone work)
Can you get to the developer options menu?
---------- Post added at 06:40 AM ---------- Previous post was at 06:27 AM ----------
Also, please list any steps you took, prior to the phone being in this present condition.

Evolution_Freak said:
Please provide some more information.
Can you boot into Android at all? (Does the phone work)
Can you get to the developer options menu?
Click to expand...
Click to collapse
I can't boot into phone and after I relocked the bootloader after the factory image installed (as I do usually since years to receive the OTAs for Nexus devices).
Unfortunaily Google changed the game here without notifying US about this big move and it should mention to not relock the bootloader after installing 5.1!
I know I can unlock the bootloader from the developers tools but I can't open (boot into) android.

Pr0fess0rX said:
I can't boot into phone and after I relocked the bootloader after the factory image installed (as I do usually since years to receive the OTAs for Nexus devices).
Unfortunaily Google changed the game here without notifying US about this big move and it should mention to not relock the bootloader after installing 5.1!
I know I can unlock the bootloader from the developers tools but I can't open (boot into) android.
Click to expand...
Click to collapse
The bootloader can be re-locked but there's a process that must be followed. Click the top link in my signature for more information.
So, you flashed a factory image and then locked the bootloader before booting into Android and ticking the button in developer options to allow OEM unlock, correct?
If this is the case, you are bricked. There is no fix for this. You can RMA or return it to where you purchased it from. Sorry.

Evolution_Freak said:
If this is the case, you are bricked. There is no fix for this. You can RMA or return it to where you purchased it from. Sorry.
Click to expand...
Click to collapse
Thank you but what do you mean by RMA?

Pr0fess0rX said:
Thank you but what do you mean by RMA?
Click to expand...
Click to collapse
RMA = Return Material Authorization. i.e. warranty return from your retailer.

Pr0fess0rX said:
Hello,
Kindly how can I install TWRP recovery on my Nexus 6 with Android 5.1 and locked bootloader and I don't have a working android (shows android figure and it maybe bricked)?
Is it possible to install a recovery to install any other custom ROM so I can make the device working?
Click to expand...
Click to collapse
Pr0fess0rX said:
I can't boot into phone and after I relocked the bootloader after the factory image installed (as I do usually since years to receive the OTAs for Nexus devices).
Unfortunaily Google changed the game here without notifying US about this big move and it should mention to not relock the bootloader after installing 5.1!
I know I can unlock the bootloader from the developers tools but I can't open (boot into) android.
Click to expand...
Click to collapse
cam30era said:
RMA = Return Material Authorization. i.e. warranty return from your retailer.
Click to expand...
Click to collapse
Sadly if u would have done a simple search you would have known this is something that has been talked about for a few months now. RMA is the only option.

While folks who visit these forums regularly may have know about this, Google really should update the factory images site for those who are not regular to these forums

jj14 said:
While folks who visit these forums regularly may have know about this, Google really should update the factory images site for those who are not regular to these forums
Click to expand...
Click to collapse
Even if ur not a regular number one rule here is use the search, and u will find it. Simple search as issues with nexus 6 updating or updating nexus 6.

I do agree that the factory images page should have some mention of the new procedure needed for locking. While it doesn't apply to all devices, it obviously applies here. Too many devices have been lost because of this.

kpierce2014 said:
Even if ur not a regular number one rule here is use the search, and u will find it. Simple search as issues with nexus 6 updating or updating nexus 6.
Click to expand...
Click to collapse
Not disputing that.
But realize that there are folks out there who may expect the Nexus devices to work the way they always have, and may not bother to ever visit xda (maybe they are ok with their devices completely stock). If a user doesn't visit xda, they aren't going to search xda (unless they don't know how to do what they want to do, or they suspect things have changed)

Why do I have to search about a standard procedure I am doing since years and there is no warning from Google that this time this procedure might brick the phone!!!

Pr0fess0rX said:
Why do I have to search about a standard procedure I am doing since years and there is no warning of Google that this time this procedure might brick the phone!!!
Click to expand...
Click to collapse
This is what we've been discussing in the posts above. The process has changed significantly with the new security features of 5.1 and Google needs to update their page to reflect this.
That being said, you still should read before jumping into anything because things change. Plain and simple, things and procedures change. We're talking about a whole new OS with lollipop. It is not entirely your fault but in a sense, you, with a bit of searching and reading, could have avoided this situation.
Sadly, this is a very common problem, which led to me working with others and creating the guide to safely re-lock. A 2 minute search of XDA would have given multiple results for you to read.
---------- Post added at 09:47 AM ---------- Previous post was at 09:35 AM ----------
I also feel that this hasn't been publicized enough. This thread is a perfect example. I understand that people have done things the same way for years but without an in your face warning of some sort, why would people think they were doing it wrong? Yes, my thread is mentioned in the sticky roll up thread, and for some that is enough. But as mentioned earlier, what about those that don't read the sticky roll up or use XDA at all?
The blame should fall on Google for not promoting a new procedure. They have to be aware of it, right? Why, also, have none of the Android forums or online magazines made mention of the new procedures? Obviously people use factory images and many have bricked. ???

Evolution_Freak said:
The blame should fall on Google for not promoting a new procedure. They have to be aware of it, right?
Click to expand...
Click to collapse
I agree - at the very minimum, update the instructions on the factory images site. Currently, here's what it states
6. Execute the flash-all script. This script installs the necessary bootloader, baseband firmware(s), and operating system.
Once the script finishes, your device reboots. You should now lock the bootloader for security:
1. Start the device in fastboot mode again, as described above.
2. Execute:
fastboot oem lock
Click to expand...
Click to collapse

Unlock with fingerprint after lock screen with app

Hi guys, I'm pretty new to xda community, so I don't know if my issue is solved before or not but I can't find any.
As u know, when u use an app to lock the phone screen, u can't unlock it the next time with fingerprint. Is there any way, root or no root required to make it possible? And if it's root required, could u plz tell me how to do it or give me any tutorial on it?
Thanks in advance.

nokia8user said:
Hi guys...
Click to expand...
Click to collapse
Well firstly, if no else has said so, welcome to XDA ?
Firstly, what your looking to do is definitely possible. But as you likely suspected, you will require root for it to work properly.
Once you have root access, you will just need to make sure that the app your using to lock the phone has the option to utilise root access to work.
Nova launcher for example allows you to choose root as the method of locking the phone.
As for actually rooting your phone, you will first need to unlock your phones bootloader, which although there is an official method for now, still comes with serious and permanent consequences.
I believe there are guides on how to unlock the bootloader and how to subsequently gain root and/or install TWRP, here in the Nokia 8 forums which I am sure you will be able to find yourself (rather then me redundantly providing you instructions here)
However, as a friendly warning to you (and any other users new to the forums who read this later) due to the consequences and implications of unlocking the bootloader (i.e. impact on device security, receiving OTA updates etc.) you should only proceed if:
- You 100% understand the steps involved (rather than blindly following them)
- You truely understand what they are actually doing to your device
- You are 100% aware the consequences
- You know how to, and are prepared to, recover your device if something does go wrong.
In the end, most of the issues I've seen on XDA over the years are the result of people not truely understanding what they were doing. You can never know too much.
Hopefully this answered your question?

ajgftw said:
Well firstly, if no else has said so, welcome to XDA ?
...
Hopefully this answered your question?
Click to expand...
Click to collapse
Oh god, you are so nice. I will absolutely try to follow the steps u mentioned above. Thanks so much.

Lost system on A partition, how to get back?

Totally stock pixel 5. Tried to sideload 12, and due to crappy instructions on XDA, that failed to mention the need to do the OEM unlock step, I ended up with a ADB sideload flash that failed at 94% and resulted in a empty A partition and a phone that failed to boot, so it switched to the backup system partition.
I'm now booted on the B partition (Android 11).
How can I fix my phone, so it's got 2 good system partitions?

Enable OEM unlocking, unlock bootloader, then use the Android Flash Tool to flash 12 Beta 5. Wiping /data shouldn't be necessary; however, if this fails and you have to force flash all partitions, a /data wipe will be required.
I highly recommend you keep the bootloader unlocked while using beta firmware, because it makes it a LOT easier to downgrade back to production firmware.
If you intend to root, don't forget to disable dm-verity and vbmeta-verification.
Detailed instructions on using the Android Flash Tool
Tip: When you get to the step of selecting which build to flash to your device, click the pencil icon to change options. Make sure you leave Relock Bootloader unchecked,

V0latyle said:
Wiping /data shouldn't be necessary
Click to expand...
Click to collapse
But unlocking the bootloader will wipe the phone.....
EDIT: I'm assuming there is a wipe data option with Android Flash Tool?
I don't know. I've never used it

xunholyx said:
But unlocking the bootloader will wipe the phone.....
Click to expand...
Click to collapse
Correct, but it's still necessary to install the beta (and downgrade)
xunholyx said:
EDIT: I'm assuming there is a wipe data option with Android Flash Tool?
I don't know. I've never used it
Click to expand...
Click to collapse
There is indeed. It's actually quite comprehensive.

I don't want to unlock the bootloader. I just want to get a system partition back, I do t want root or any modifications,

Chr1stOnABike said:
I don't want to unlock the bootloader. I just want to get a system partition back, I do t want root or any modifications,
Click to expand...
Click to collapse
In that case, I believe the only option for you is to attempt to sideload the OTA via recovery.
Download the beta OTA here
Follow the instructions to apply the OTA here
If this does not work, you can try using the Android Flash Tool after enabling Developer Options and USB Debugging. You can choose not to wipe your device in the tool options. No guarantee this will work. Requires unlocked bootloader
I will say this: Running beta software on a locked bootloader is not only highly inadvisable, it's foolhardy. Beta software is EXPERIMENTAL, you use it AT YOUR OWN RISK, meaning it is YOUR responsibility to fix it if something goes wrong. Keeping your bootloader unlocked means your ability to fix it is limited, if not impossible.

V0latyle said:
In that case, I believe the only option for you is to attempt to sideload the OTA via recovery.
Download the beta OTA here
Follow the instructions to apply the OTA here
If this does not work, you can try using the Android Flash Tool after enabling Developer Options and USB Debugging. You can choose not to wipe your device in the tool options. No guarantee this will work.
I will say this: Running beta software on a locked bootloader is not only highly inadvisable, it's foolhardy. Beta software is EXPERIMENTAL, you use it AT YOUR OWN RISK, meaning it is YOUR responsibility to fix it if something goes wrong. Keeping your bootloader unlocked means your ability to fix it is limited, if not impossible.
Click to expand...
Click to collapse
Flash tool doesn't work, as it expects to go i to recovery, and it doesn't it comes up with the no system error.
So when android 12 releases in a couple of weeks, will it just flash it to the other partition, to retain 11? In other words,will this fix itself in the fullness of time.
Also, who is going to fix the crappy XDA blog post that was poorly checked that caused this mess. I can't be the only one (I know the flawed instructions have been copied by the usual churnalists 9to5google Android authority, Android police)

Chr1stOnABike said:
Flash tool doesn't work, as it expects to go i to recovery, and it doesn't it comes up with the no system error.
Click to expand...
Click to collapse
Ah. Well, you can fix this, but it will require unlocking the bootloader.
You can always relock it after you're done.
Chr1stOnABike said:
So when android 12 releases in a couple of weeks, will it just flash it to the other partition, to retain 11? In other words,will this fix itself in the fullness of time.
Click to expand...
Click to collapse
Don't know. Given that you can't boot into recovery, you can't sideload the OTA to test this theory. I personally doubt it. You can either wait and see, or you can just bite the bullet and fix the issue.
Chr1stOnABike said:
Also, who is going to fix the crappy XDA blog post that was poorly checked that caused this mess. I can't be the only one (I know the flawed instructions have been copied by the usual churnalists 9to5google Android authority, Android police)
Click to expand...
Click to collapse
Link to the post? You may not be the only one, but the majority of folks (including myself, I was in the Marine Corps for 9 years so you can guess my mental acuity) have been able to use the instructions to our success.

Isn't unlocking and relocking bootloader detectable in soft fuses and an instant warranty void?

How to install Android 12 and 12L on Google Pixel and other Android devices
Google has just released Android 12L beta for the Pixel lineup. Here is how you can install Android 12 (or 12L) on your smartphone!
www.xda-developers.com
Someone in the comments also broke their phone by following the untested Instructions.

Chr1stOnABike said:
Isn't unlocking and relocking bootloader detectable in soft fuses and an instant warranty void?
Click to expand...
Click to collapse
I'm not sure. But that raises a question for you: Why are you running beta firmware if you're worried about the warranty?
Chr1stOnABike said:
How to install Android 12 and 12L on Google Pixel and other Android devices
Google has just released Android 12L beta for the Pixel lineup. Here is how you can install Android 12 (or 12L) on your smartphone!
www.xda-developers.com
Someone in the comments also broke their phone by following the untested Instructions.
Click to expand...
Click to collapse
I have updated my phone using both of these methods and can personally confirm the instructions are correct. The only difference I would point out is that I'm comfortable enough using adb and fastboot commands that I manually type them and don't use the batch file.
It is your responsibility to understand the instructions and follow them. You flash and modify your device at your own risk. If you do not fully understand the instructions, it is also your responsibility to either find the details you need, or ask for help.
This may seem rather condescending or apathetic, but the situation is this:
- You tried to run experimental beta firmware on your device despite your concerns for the warranty
- You did not ask questions before doing so, and if you did read any of the multiple threads on this issue, you would have been acutely aware of the recommendation to unlock your bootloader before you proceed
- You are now left with few options to fix your device because you decided to ignore experienced advice and do things your own way
As I stated previously, the responsibility for fixing things is yours and yours alone. If you were that concerned with your warranty, you should have kept your phone completely stock and avoided installing the beta.
I have one last recommendation for you:
Disenroll from the beta program and wait for the OTA to take you back to A11 public release. A data wipe will be required.
You have been told in detail what you can do to fix your device. What you do now is completely up to you.

V0latyle said:
I'm not sure. But that raises a question for you: Why are you running beta firmware if you're worried about the warranty?
I have updated my phone using both of these methods and can personally confirm the instructions are correct. .
Click to expand...
Click to collapse
The instructions only work if you have previously done the unmentioned OEM unlock step, which you must have done.
The fact you don't understand this, it limits your credibility. Just because something worked for you, doesn't make it correct.
It also sounds like you don't understand the difference between OEM unlock and a bootloader unlock.

Chr1stOnABike said:
The instructions only work if you have previously done the unmentioned OEM unlock step, which you must have done.
Click to expand...
Click to collapse
Yes - I unlocked and rooted my phone the day I got it, and I bought it full price direct from Google. Your point?
Chr1stOnABike said:
The fact you don't understand this, it limits your credibility. Just because something worked for you, doesn't make it correct.
Click to expand...
Click to collapse
Yes, it's always worked for me. I've been trying to work with you here and give you options that do not require OEM Unlock or unlocking the bootloader. The reason I thought the Android Flash Tool might work is because it's literally a tool provided by Google, and though it uses ADB, I figured they might have some sort of security to allow recovery of locked phones.
What exactly is it you don't think I understand? As I've pointed out, you decided to install beta software on your device despite your concerns for warranty. As I ALSO pointed out, if warranty was that much of a concern for you, you should have stayed on stock public release firmware and not messed with anything at all.
I will admit that the guide you linked does not mention needing an unlocked bootloader. I think it's generally been assumed among us in the community that modifying your device requires an unlocked bootloader. I will talk to the mods and see if we can get a note added to the post. However, you seemed to miss the big warning that advises against using the beta on your daily driver.
Chr1stOnABike said:
It also sounds like you don't understand the difference between OEM unlock and a bootloader unlock.
Click to expand...
Click to collapse
Again, how so? If you're going to call me ignorant, you had better explain how.
OEM Unlock simply sets a flag: "unlock-ability" to 1. It's an on/off switch that corresponds to the 1 or 0 set for the "unlock-ability" flag. It has no other function.
When someone attempts to unlock the bootloader, the device checks that flag. If it's 0, the bootloader cannot be unlocked. If it's 1, it can.
Unlocking the bootloader disables security features that prevent you from flashing partitions on your phone, or booting images sent via ADB. The reason why this is important when running custom or experimental firmware is because it allows the user to reflash corrupted partitions (like in your case). It allows a lot more freedom over what you can do with your phone.
I've been doing this for years - more than 10 years in fact. I would be careful about making accusations like "you don't understand the difference" or "you don't know what you're talking about'" to someone who is trying to help you. I understand you're frustrated, but you're going to have to swallow your pride here and admit, at least to yourself, that you screwed up. It seems pretty clear to me that you either did not fully understand the risk of trying to modify your device with a locked bootloader (yes, installing the beta counts as a modification), or you ignored the risk and tried to do it anyway. Yet you come here and impugn my credibility? As they say, "check yourself before you wreck yourself". You screwed up and got yourself into this mess. You alone are to blame. No one has to help you, and believe me, I've been quite tempted to tell you to pound sand. The least you can do is show a little gratitude for someone who's trying to help, and respect for experience and knowledge far beyond your own.
I have one more option for you: Rescue mode.
Reboot your phone into bootloader (hold power + volume down, release power but keep holding volume down when screen turns off)
Use volume buttons to select rescue mode on the right side, then press power to select
Google Pixel Repair Tool
This probably won't work because the repair tool only works if the firmware on your phone is older or equivalent to the firmware the repair tool has.

Chr1stOnABike said:
The instructions only work if you have previously done the unmentioned OEM unlock step, which you must have done.
The fact you don't understand this, it limits your credibility. Just because something worked for you, doesn't make it correct.
It also sounds like you don't understand the difference between OEM unlock and a bootloader unlock.
Click to expand...
Click to collapse
I haven't had time to read much of this thread yet, but why insult the one person I see who's trying to help you?
I've seen this before and other users who may know what to do, usually just walk away as they don't want to help someone who may just insult them or are clearly unappreciative of the help given.
Everyone let's all keep it civilized.
If you have issue with a post, please hit report button and walk away.
Positive vibes, all.
--andybones

@Chr1stOnABike I am indeed trying to help you, as I understand your situation is frustrating. I also understand that it may be frustrating to be told to do what you didn't want to do in the first place, but the reason why I'm telling you to do it is because it'll be of the most help to you.
Losing your data sucks. I get it. But fortunately the Pixel 5 is great about backing everything up to your Google account. Just make sure your photos are backed up and you'll be fine. Setting it back up after a wipe is a pain in the ass, but again, I'm recommending the bootloader unlock because I believe it's your best chance at recovery.
As far as that goes, I'm still trying to be flexible and provide you with different options. Be aware that if these other options don't work, you have no other choice. I'm not saying that to be rude, that's just the reality of it.
And lastly, I would very much appreciate you making the distinction between thinking I'm wrong because you have evidence to the contrary, vs thinking I'm wrong simply because you don't like my recommendations. If you sincerely believe I'm incorrect and can demonstrate how, please feel free to do so.
My only objective here is to help people the best I can with the knowledge and experience I have.

For those who ever get stuck like I did. When I got stuck in a bootloop, I realized I could 'fastboot boot twrp.img' and was able to save my internal storage from being lost by backing up to PC with TWRP, then move it back onto internal after the factory reset. Did I lost app data in these cases, yes. But that's my own fault for not regularly backup app data up with something like Swift or AppDash.

@Chr1stOnABike just checking in to see if you were able to get your problem resolved?