Related
Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?
That's always a risk. Read playstore comments before installing anything.
Has nothing to do with being rooted or not...or boot loader state.
Sent from my Moto X cellular telephone...
Cozume said:
Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?
Click to expand...
Click to collapse
You could have asked at AC and I would answer it over there.
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified. I can flash custom recovery to your phone. Custom recovery give full root access to the phone. It is then easily possible to copy all your data from the phone and also disable the lock for your phone. Although if you encrypt your phone, then custom recovery will require the password to give access to the /data partition, which is where all the user datas are. I guess if someone is determine enough, then they can make an image copy of your phone and try to decrypt it.
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader. However, if the phone brick then you can't get back your data in the phone.
eksasol said:
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified.
Click to expand...
Click to collapse
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
eksasol said:
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader.
Click to expand...
Click to collapse
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.
Cozume said:
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
Click to expand...
Click to collapse
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system. Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.
Click to expand...
Click to collapse
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
If you have an older Android phone, you don't need to do anything except to enable USB Debugging and run a program to install root. But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection. But KitKat is much safer now.
You don't need root to install malware and virus to your phone. Just download an infected app or use unreliable app stores like Aptoide. Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Point I'm trying to make is, if the phone have unlocked bootloader, or even locked bootloader with custom recovery, and someone else have a hold of it, then all bets are off.
eksasol said:
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system.
Click to expand...
Click to collapse
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
eksasol said:
Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
Click to expand...
Click to collapse
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
eksasol said:
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
Click to expand...
Click to collapse
good to know!
eksasol said:
But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection.
Click to expand...
Click to collapse
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
eksasol said:
But KitKat is much safer now.
Click to expand...
Click to collapse
why is this?
eksasol said:
Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Click to expand...
Click to collapse
thanks, Amazon app store required that to be enabled to load apps from their app store.
Cozume said:
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
Click to expand...
Click to collapse
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
Click to expand...
Click to collapse
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA.
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
Click to expand...
Click to collapse
Yes. The actual component of root isn't the SuperSU app, but a 'su' binary. Without the SuperSU app, anything can have full fledged root access. You need SuperSU to control that access.
why is this?
Click to expand...
Click to collapse
For many reason, I'm not a developer so I can only talk about what I know and seen from a user perspective. It used to be that you can flash an exploited update.zip to modify the stock recovery of Android, in order to make it ignore the package signatures, so the recovery could flash any package without the correct signature. Now there are no such exploits for latest stock recovery. With USB Debugging enabled in Android 4.3 or newer, it would not even allow access when connected to a PC unless you accept to trust that PC in a pop up dialog in the phone, I'm not sure if it's mean the phone is totally invulnerable to exploits (like memory overflow), you'll have to ask someone smarter. Also apps like Framaroot that I just linked won't work anymore.
eksasol said:
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA. My guess is if you tried it with modified logo it will either fail or overwrite it.
Click to expand...
Click to collapse
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.
Cozume said:
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.
Click to expand...
Click to collapse
You already gave me enough thanks at AC.
eksasol said:
You already gave me enough thanks at AC.
Click to expand...
Click to collapse
what is your user name there?
Cozume said:
what is your user name there?
Click to expand...
Click to collapse
someguy
Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Sent from my Moto X cellular telephone...
eksasol said:
someguy
Click to expand...
Click to collapse
ok great!
kj2112 said:
Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Click to expand...
Click to collapse
I am just trying to understand how all of this works.
Okay one thing why are you trying to unlock the bootloader without rooting?? Or did I read everything wrong? And yes unlocking the bootloader allows you to write to every partition of the phone. Except when HTC and you're s-on you have to manually flash the boot.img via fastboot. But with moto. There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty. Three it can disable functions on your phone like features, camera options I think and yeah etc. But if you follow instructions you won't have any problems ever rooting or shouldn't if you semi have a brain and know how to follow instructions if not well you can somewhat brick :$ I don't mess with moto much but I have. Sorry this thread was in my latest and scrolling through xda. Lol. You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Sent from my Rezound using xda-developers app. CyanogenMod 11. S-off
I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
edit: link: http://forum.xda-developers.com/showthread.php?t=2575586&page=2
pball52998 said:
Okay one thing why are you trying to unlock the bootloader without rooting??
Click to expand...
Click to collapse
I rooted but a friend of mine is unlocked but not rooted. She wanted to be unlocked because it wipes your device so wanted to do it before she got the phone all set up. She is afraid of rooting. Anyhow, maybe she shouldn't have unlocked but she did.
pball52998 said:
There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty.
Click to expand...
Click to collapse
She has the dev ed so it doesn't void her warranty. And she may want to Wifi tether in the future so I told her she needs to unlock and root for that so get the dev ed. She did and unlocked but is afraid to go any further.
pball52998 said:
You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Click to expand...
Click to collapse
It increases the phone's resale value to unlock it.
eksasol said:
I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
Click to expand...
Click to collapse
I thought I saw a thread where someone could relock the Moto X bootloader.
And what about this?
Re-Lock Your Bootloader
It should just be a command like fastboot_oem_lock or something but idk. And two if she has the dev edition. Root that thing!!! XD that's what it's for!! Just install twrp via goo manager. Wipe factory reset all that good stuff. After making a back up. Notice after backing up. Then flashing rom and gapps In that order. I mean its a lot easier than htc rezound or htc one, htc in general and such lol.
Sent from my crappy apple iPad.....
pball52998 said:
Wipe factory reset all that good stuff. After making a back up.
Click to expand...
Click to collapse
well, I didn't wipe and do a factory reset when I rooted so I guess I did it wrong, lol! That is what she is afraid of - not doing it right and messing up her phone.
And I don't have a backup, but do I really need one if I can flash the factory images?
I've unlocked the bootloader and rooted the phone with the help of the Nexus Root Toolkit by WugFresh.
I now have it setup just how I want it and I don't want an OTA to kill root or change anything so something stops working (phone isn't for me, but I've set it up just right for someone with special needs).
I've read conflicting information on whether or not an OTA will actually install on a rooted phone or not. Some things say that it won't if you've changed anything at all while others say it might be possible.
Is there some system file I can rename or something to ensure the phone doesn't get a system update unless I do it manually?
LaTropa64 said:
I've unlocked the bootloader and rooted the phone with the help of the Nexus Root Toolkit by WugFresh.
I now have it setup just how I want it and I don't want an OTA to kill root or change anything so something stops working (phone isn't for me, but I've set it up just right for someone with special needs).
I've read conflicting information on whether or not an OTA will actually install on a rooted phone or not. Some things say that it won't if you've changed anything at all while others say it might be possible.
Is there some system file I can rename or something to ensure the phone doesn't get a system update unless I do it manually?
Click to expand...
Click to collapse
no matter how many times you will try to update via ota, you will not be able to. if any files change from stock, any at all, you wont be able to install an ota. especially with root.
LaTropa64 said:
I've unlocked the bootloader and rooted the phone with the help of the Nexus Root Toolkit by WugFresh.
I now have it setup just how I want it and I don't want an OTA to kill root or change anything so something stops working (phone isn't for me, but I've set it up just right for someone with special needs).
I've read conflicting information on whether or not an OTA will actually install on a rooted phone or not. Some things say that it won't if you've changed anything at all while others say it might be possible.
Is there some system file I can rename or something to ensure the phone doesn't get a system update unless I do it manually?
Click to expand...
Click to collapse
Root solved your problem ha ha
simms22 said:
no matter how many times you will try to update via ota, you will not be able to. if any files change from stock, any at all, you wont be able to install an ota. especially with root.
Click to expand...
Click to collapse
And sometimes, even if one is 100% stock, those pesky OTAs won't install.
cam30era said:
And sometimes, even if one is 100% stock, those pesky OTAs won't install.
Click to expand...
Click to collapse
right. any system file changes prevent install.
Awesome. Thanks.
Will it even attempt to install an update, and if so, does it only attempt once and then give up so you don't get stuck in a loop?
Install a custom recovery. Done. OTAs require the stock recovery in order to flash files.
LaTropa64 said:
Awesome. Thanks.
Will it even attempt to install an update, and if so, does it only attempt once and then give up so you don't get stuck in a loop?
Click to expand...
Click to collapse
itll only attemp if you let it(it needs your approval to update), otherwise itll only tell you that an update is available. if you let it, itll try, but fail. if you boot up, youll be where you were before.
Apparently I rooted it incorrectly because it was able to update. I just got a call and the phone had rebooted and went through optimizing X of X apps and now many of the tasker profiles I had set are no longer working.
It wouldn't have optimized a bunch of apps if it hadn't updated the OS, or no?
LaTropa64 said:
Apparently I rooted it incorrectly because it was able to update. I just got a call and the phone had rebooted and went through optimizing X of X apps and now many of the tasker profiles I had set are no longer working.
It wouldn't have optimized a bunch of apps if it hadn't updated the OS, or no?
Click to expand...
Click to collapse
you can always look at your android version in aboy phone, to see if it updated or not.
LaTropa64 said:
Apparently I rooted it incorrectly because it was able to update. I just got a call and the phone had rebooted and went through optimizing X of X apps and now many of the tasker profiles I had set are no longer working.
It wouldn't have optimized a bunch of apps if it hadn't updated the OS, or no?
Click to expand...
Click to collapse
You'll find update or not optimizing apps happens a lot especially if you clear cache etc...
Your fine otas can't install with root
Just flash twrp it will cone in handy incase you brick it one day you'll have twrp to fastboot fix or sideload a rom to recover from.
ONE NOTE: Never ever ever relock your bootloader with the toolkit you'll be screwed. Always leave bootlaoder unlocked. I just had to rma manufacturer phone replacement I relock mine with toolkit and couldn't flash stock firmware or oem unlock again.
Sent from my LGMS769 using XDA Free mobile app
simms22 said:
you can always look at your android version in aboy phone, to see if it updated or not.
Click to expand...
Click to collapse
I'll take a look the next time I get over there. It's not my phone, I just set it up for someone with accessibility issues and wanted it to stay the same as the day I set it up but apparently it's not done that.
This is the place to discuss anything and everything related to SuperSU and SafetyNet / Android Pay.
To clarify, I am not currently actively doing any development on having SuperSU pass SafetyNet detection, or having Android Pay work; the same way I put no effort into beating other root detection methods such as various enterprise security tools.
In case any SuperSU-rooted device passes SafetyNet, that is a bug in SafetyNet, not a feature of SuperSU.
While I may not agree with Google's stance, I'm not about to go messing with payment systems. Is it possible though? Probably yes.
This thread has been created because you guys simply cannot stop talking about this, so these posts can now go here, where I don't ever have to see them.
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
0.0 said:
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
Click to expand...
Click to collapse
Root is a no no with android pay and I think custom ROMs are also out at the moment
Sent from my A0001 using Tapatalk
Pure Drive GT said:
Hey, thanks for your continued support for root on Android, was just wondering, is google making it harder to achieve decent root privileges, as in they don't want rooted devices or are they just unrelatedly changing up things which forces you guys to adapt?
On another note, is there any progress on root without the modded boot? This is by no means an ETA, just wanted to know if you think it's possible or the situation looks rather dire.
Thanks again for your many efforts!
Click to expand...
Click to collapse
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Many banking and financial apps restrict access on rooted devices; it's not just Google.
It makes sense in some ways: root access allows running things in the background to either circumvent, monitor, or interrupt program transactions. They're being paranoid, and I don't blame them.
I don't like the Google Pay concept (or Apple's either); like every other encryption or security system, it's destined to eventually be hacked.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Yep, I was able to add my debit card but not credit.
VZW LG G4
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
http://www.androidpolice.com/2015/0...hy-android-pay-doesnt-support-rooted-devices/
shaggyskunk said:
Yet the Note 5 has been rooted for at least a couple of weeks
Click to expand...
Click to collapse
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Srandista said:
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Click to expand...
Click to collapse
I believe that it's only at&t and Verizon that locks the bootloader - And none in Canada and many other Countries.
Sent From my SM-N910W8 Running SlimRemix V5.1
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
NYZack said:
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
Click to expand...
Click to collapse
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Lrs121 said:
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Click to expand...
Click to collapse
I also found that having an unlocked bootloader will stop Pay working. When MM released I decided to go fully back to stock but kept the bootloader unlocked so I could flash MM. Pay still failed, so I've given up and gone rooted again.
Sent from my Nexus 6 using Tapatalk
Ch3vr0n said:
@Chainfire if you actually are able to pull off fully working stable root WITHOUT modifying the /system does that mean you MIGHT have opened the door into having root AND still being able to get OTA's?
Click to expand...
Click to collapse
osm0sis said:
Yup, all you'd need to do is reflash stock kernel to pass the boot partition EMMC check, or, we could automate restoring the previous stock kernel, flashing the OTA and then injecting the new stock kernel with root after flashing (à la AnyKernel2 or MultiROM). So many exciting possibilities there where custom recoveries are concerned.
Click to expand...
Click to collapse
Chainfire said:
Honestly it's not so different from using FlashFire to flash re-flash system, then OTA, then re-root. But it is easier, yes.
Click to expand...
Click to collapse
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Andrew Morykin 12:24
This should retain Android Pay, right?
Click to expand...
Click to collapse
Chainfire 12:58
+Andrew Morykin if it does, then it's by accident and not by design, and Android Pay will be updated to block it.
Click to expand...
Click to collapse
https://plus.google.com/+Chainfire/posts/aJbqUZ8PEP4
also, I was confused by this:
Chainfire said:
- I have not tested with encrypted devices
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=63197935
Aren't
Nexus 6P / angler
angler-mdb08k-boot-systemless.zip
Click to expand...
Click to collapse
and
Nexus 5X / bullhead
bullhead-mdb08i-boot-systemless.zip
Click to expand...
Click to collapse
encrypted out of the box?
dabotsonline said:
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Click to expand...
Click to collapse
How is that a downside?
It's exactly the same with every other form of root you will ever see. They don't want to support Android Pay (and some other stuff) on rooted devices. If we find a root that allows it, they will update their system to detect and block it. That cat and mouse game will not end as long as Google doesn't want Android Pay on rooted devices.
Maybe someone will make apps/modules that help circumvent this, but it certainly will not be me.
also, I was confused by this:
Aren't
Nexus 6P / angler
and
Nexus 5X / bullhead
encrypted out of the box?
Click to expand...
Click to collapse
Still can't test what I don't have.
russlowe73 said:
Factory images
Click to expand...
Click to collapse
So basically I have to go back to 100% stock using ADB, and then flash the new SuperSU stuff with any custom ROM? If so, what are the benefits of this other than getting Android Pay while rooted?
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of root on the Nexus 6!!
efrant said:
Starting with Android 5.0, OTA updates are now block-based rather than file-based, so any modification to the system partition will cause the OTA to fail, even mounting the system partition as r/w.
Click to expand...
Click to collapse
Just to add to this, it's a whole-partition /system patch OTA if the device launched with Lollipop or later, anything that launched with KitKat is still receiving the old file-based patch OTAs. Modifying Settings.apk would likely trip either method for a lot of OTAs though, since it's a pretty central component.
galaxyuserx said:
I use Galaxy s6 G9200 HK with Kernel compiled by me, but i have problem with root 5.1.1 and i think in future too 6.0
These root method is integrated in kernel source or i can integrate with those "boot.img systemless" my selfcompiled kernel?(repack boot.img with kernel compiled by me)
Is possible to work this new root method to android 5.1.1?
I have problem with gain root when i use kernel compiled by me ( STOCK kernel have too this problem BOOTLOOPs and FREEZEs on boot system) and i don't know how slove it :/
I found on chineese forums root integrated in boot.img it working good and isn't comunicat "KERNEL is not SEandroid enforced" but when i try integrate my kernel with this boot.img error with boot system :/
Click to expand...
Click to collapse
Yup, it's all ramdisk changes so should be workable on any version of Android. Chainfire left instructions outlining the ramdisk changes in the WIP thread if you want to give it a try.
phishfi said:
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of on the Nexus 6!!
Click to expand...
Click to collapse
Yup, seems to be the case with most banking and root-detecting apps... for now.
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
secguy said:
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
Click to expand...
Click to collapse
Just ran it and it passed.
Went ahead and installed su on a stock nexus 5, so far working well, android pay does not work but that was me being stupid and changing the host file and dpi before setting it up
I do notice a little input lag after this, not enough to even make me consider removing root, but it is noticeable, anybody else with this?
Just a month ago, OnePlus was caught collecting personally identifiable data from phone owners through incredibly detailed analytics. While the company eventually reversed course on the data collection, another discovery has been made in the software of OnePlus phones. One developer found an application intended for factory testing, and through some investigation and reverse-engineering, was able to obtain root access using it.
Read more Androidpolice:
http://www.androidpolice.com/2017/11/13/oneplus-left-backdoor-devices-capable-root-access/
Does anyone know if uninstalling that app via adb (without root: https://www.google.nl/amp/s/www.xda...arrier-oem-bloatware-without-root-access/amp/) will cause any problems?
swa100 said:
Does anyone know if uninstalling that app via adb (without root: https://www.google.nl/amp/s/www.xda...arrier-oem-bloatware-without-root-access/amp/) will cause any problems?
Click to expand...
Click to collapse
You can root easily using the EngineerMode APK then (after that) uninstall it! ::
I'm trying to push the su binaries, but when I try to mount /system as rw using "mount -o rw,remount,rw /system" I get the following error:
Code:
mount: '/dev/block/dm-0'->'/system': Device or resource busy
Any ideas on how to get around this? Something to do with dm-verity?
Update:
Got the system to mount using:
Code:
mount -o rw,remount -t ext4 /dev/block/dm-0 /system
But whenever I try to push the su binary, the phone reboots.
Update 2:
SuperSu is now working. See https://www.reddit.com/r/oneplus/comments/7cuu0w/gain_root_via_the_recent_backdoor/
I think it's time to switch to aosp
Sent from my Oneplus 5 using Tapatalk
Waits patiently for him to push apk out to root without rooting
Yeah,im waiting/on it since morning.I did run the adb command,it says Root successfull in engineering mode app ,but Super su says Binary not found.
And the best part it has MR ROBOT references everywhere.
The guy who found exploit has twitter account themed MrRobot.
The final best one the IRONY,the password of backdoor is 'ANGELA'
Looks like fan of series in Oneplus or Qualcomm.
I will be incredibly happy even if the only thing this allows us to do is to install adaway without having to unlock bootloader, install custom recovery and all that...
I've found the app and set "Modify system settings" to "no". Would that stop someone giving root access? [I know it can be re-enabled, just asking]
Alan
IonAphis said:
I will be incredibly happy even if the only thing this allows us to do is to install adaway without having to unlock bootloader, install custom recovery and all that...
Click to expand...
Click to collapse
i don't understand what's the matter with unlocking the bootloader n flashing a custom recovery n everything ? what's the problem with it ?
ReyTheBoss said:
i don't understand what's the matter with unlocking the bootloader n flashing a custom recovery n everything ? what's the problem with it ?
Click to expand...
Click to collapse
Reasons.
This app "Engineer mode" is present in many "chinese" phones and in mediateks phones.
Personnaly, i'm not surprised but this exploit was never expoited before...
Time to install aosp rom... OnePlus is a youg company and i think security is not a priority for them
AOSP and other open source ROMs are most secure than Oxygen, but has too much bugs and requires more time to configure it.
Isn't a good solution to all users.
bartito said:
AOSP and other open source ROMs are most secure than Oxygen, but has too much bugs and requires more time to configure it.
Isn't a good solution to all users.
Click to expand...
Click to collapse
blinkin said:
I think it's time to switch to aosp.
Click to expand...
Click to collapse
I'm going to suggest the NoLimits ROM, which is based upon OOS but no spying junk; I'm not seeing the engineering mode app in the list of apps.
https://forum.xda-developers.com/on...xxx-nolimits-1-1-speed-ram-optimized-t3627121
(Don't be lazy; push yourself to learn something new.)
It's pretty stable and has a few nice bells and whistles which make it a compelling alternative to OOS.
If you want spying junk you can't easily get rid off, stick with OOS. If you want more control and better privacy, go with a custom ROM, even one that is based on OOS.
ReyTheBoss said:
i don't understand what's the matter with unlocking the bootloader n flashing a custom recovery n everything ? what's the problem with it ?
Click to expand...
Click to collapse
Same question here, is that hard to unlock the bootloader and install a custom recovery?
The only reason that I can think is because maybe someone that don't have access to a PC
ReyTheBoss said:
i don't understand what's the matter with unlocking the bootloader n flashing a custom recovery n everything ? what's the problem with it ?
Click to expand...
Click to collapse
Unlocking bootloader wipes of our data including internal storage. And we have to take backup whole data and restore once its done which is pain in the a$$
When will the APK come out to root? Hopefully before OnePlus patches it.
pacattack81 said:
When will the APK come out to root? Hopefully before OnePlus patches it.
Click to expand...
Click to collapse
But... The reason you gained access in the first place is because the app was there. When the app goes so does your root access. No?
I am surprised that no one is commenting on the weird apparent coincidence that the password is a theme on the same movie that the discoverer of the exploit is a fan on. Emphasis on "apparent". Anyone want to bet that we soon learn that the "discoverer" is either an OP or Qualcomm employee who had a hand of putting it there in the first place?
And finally, is there any apparent downside of just deleting this thing? Or a Magisk module to disable it, just like the one that got made for the other Spyware?
NoLimits is removing EngineeringMode app (and also other related apps) if you select the agressive debloating mode on install.
I have done it this morning on my rooted O+5.
Now I delete the following apps each time that I reinstall OOS:
Code:
/system/app/AndroidPay"
/system/app/BasicDreams"
/system/app/BookmarkProvider"
/system/app/BTtestmode"
/system/app/Calculator"
/system/app/Calendar"
/system/app/CalendarGoogle"
/system/app/Chrome"
/system/app/DMAgent"
/system/app/Drive"
/system/app/Duo"
/system/app/Email"
/system/app/EngineeringMode"
/system/app/EngSpecialTest"
/system/app/ExactCalculator"
/system/app/FaceLock"
/system/app/Gmail2"
/system/app/GoogleTTS"
/system/app/GoogleWallpaperPicker"
/system/app/LatinIME"
/system/app/LatinIme"
/system/app/LatinImeGoogle"
/system/app/LiveWallpapersPicker"
/system/app/LogKitSdService"
/system/app/Maps"
/system/app/messaging"
/system/app/Music2"
/system/app/MusicFX"
/system/app/NFCTestMode"
/system/app/OemAutoTestServer"
/system/app/OEMLogKit"
/system/app/OPBackup"
/system/app/OPBugReportLite"
/system/app/OPPush"
/system/app/OPSocialNetworkHub"
/system/app/OpenWnn"
/system/app/OPLauncher_aosp"
/system/app/OPWallpaperResources"
/system/app/PartnerBookmarksProvider"
/system/app/Photos"
/system/app/PhotosOnline"
/system/app/PicoTts"
/system/app/PrintSpooler"
/system/app/SecureSampleAuthService"
/system/app/SensorTestTool"
/system/app/Stk"
/system/app/talkback"
/system/app/Videos"
/system/app/WifiRfTestApk"
/system/app/YouTube"
/system/priv-app/Eleven"
/system/priv-app/Gallery2"
/system/priv-app/H2DefaultIconPack"
/system/priv-app/H2FolioIconPack"
/system/priv-app/H2LightIconPack"
/system/priv-app/Launcher3"
/system/priv-app/Launcher3-azaidi"
/system/priv-app/OPDeviceManager"
/system/priv-app/OPDeviceManagerProvider"
/system/priv-app/OneplusCircleIconPack"
/system/priv-app/OnePlusGallery"
/system/priv-app/OneplusIconPack"
/system/priv-app/OneplusSquareIconPack"
/system/priv-app/OPMms"
/system/priv-app/Snap"
/system/etc/usb_drivers.iso"
/system/bin/bugreport*"
/system/bin/fmfactorytest*"
/system/bin/oemlogkit"
/system/bin/WifiLogger_app"
CaptShaft said:
I'm going to suggest the NoLimits ROM, which is based upon OOS but no spying junk; I'm not seeing the engineering mode app in the list of apps.
https://forum.xda-developers.com/on...xxx-nolimits-1-1-speed-ram-optimized-t3627121
(Don't be lazy; push yourself to learn something new.)
It's pretty stable and has a few nice bells and whistles which make it a compelling alternative to OOS.
If you want spying junk you can't easily get rid off, stick with OOS. If you want more control and better privacy, go with a custom ROM, even one that is based on OOS.
Click to expand...
Click to collapse
I have two question to the people who actually have some knowledge. If I gain root access via ADB and that app:
1) will I be able successfully to flash OTAs in the future?
2) will the root disappear once the next ota is applied to my phone (in case the answer for the previous question is positive)?
So users who have rooted their Mate 10.
Share with us, What Root Apps and Mods are you using and why ?
Thx:good:
None until there's twrp
ı had rooted my phone i used apps like adaway tasker changed dpi including the notification area, almost all of em were working UNTILL i changed some system files which has bricked my phone. nothing is working
i relocked the boot laoader tried the update from erecovery FAILED
used dload forced recovery to stock version FAILED
tried to relock the bootloader NOT WORKING NO ACEES PERMISSION is denied
so i put it back in the box and using mate 8 again
Love of my life mate 8
nomipakistanli said:
ı had rooted my phone i used apps like adaway tasker changed dpi including the notification area, almost all of em were working UNTILL i changed some system files which has bricked my phone. nothing is working
Click to expand...
Click to collapse
What did you change, can you be more specific?
It's a few people here claiming they bricked by changing "some files", yet nobody cares to share what exactly they changed so we can all learn from it.
TheFrozen4 said:
What did you change, can you be more specific?
It's a few people here claiming they bricked by changing "some files", yet nobody cares to share what exactly they changed so we can all learn from it.
Click to expand...
Click to collapse
I moved the system app like HIVOICE from its location to an other location outside the root thats what i did
and also i had to freeze the updater app to protect bootloader (which did not create the problem but moving hivoice was a mistake)
other than that everything worked fine
Reuben_skelz92 said:
None until there's twrp
Click to expand...
Click to collapse
ohh would twrp make it more safer? and harder to brick right? I hope so ! :fingers-crossed:
because i really want to decrease the dpi of the notification center!
Shady282 said:
ohh would twrp make it more safer? and harder to brick right? I hope so ! :fingers-crossed:
because i really want to decrease the dpi of the notification center!
Click to expand...
Click to collapse
Twrp makes it easier and harder to brick yeah
Reuben_skelz92 said:
None until there's twrp
Click to expand...
Click to collapse
this x10
Adaway is the only reason to root
As long as you don't write any permanent changes to system files or various partitions of the phone, it should be more or less safe.
Changing config files is also relatively safe. Just need to be careful about disabling apps, modifying system files, etc.
One thing i noticed when i rooted, is that build.prop file was impossible to read (usually it has 644 permissions), not without changing permissions.
Never happened on my rooted devices, but maybe it's usually the case with Huawei.
Pretoriano80 said:
One thing i noticed when i rooted, is that build.prop file was impossible to read (usually it has 644 permissions), not without changing permissions.
Never happened on my rooted devices, but maybe it's usually the case with Huawei.
Click to expand...
Click to collapse
Huawei is very peculiar indeed.
duraaraa said:
Huawei is very peculiar indeed.
Click to expand...
Click to collapse
Yeah, this is my first Huawei, after years with Nexus. I was going to build TWRP myself (based on your work for Mate 9 Oreo), but i've stopped for now, too risky.