Database Develop

[GUIDE] Dirty flash from lpv to LRX21O

So like many of you who were running the awesome LPV build for the past few months and just recently tried updating to official Lollipop (LRX21O) have likely run into issues on first boot (black screen with only a back button). In this state/issue the phone will respond to "OK Google" but nothing else. The pulldown shade will also be present but show nothing. The issue appears to be related to the lock screen. The following is how I fixed my issue, and I will be looking at this thread to try and update the OP as we pin down the EXACT issue, but I believe I have a fix:
NOTE: If you've already updated and are AT the black screen, I hope you have a backup to restore as you'll need to revert to change some settings. If not, you may find flashing the system.img or zip of your old build (LPV) allows you access to your phone again to access these settings.
1. Restore backup or revert if necessary so you can access settings BEFORE flashing LRX21O.
2. Settings-Security-Screen Lock Make sure you have one set other than swipe so you can perform the next step (we will change this back later)
3. Go to "Trust Agents" on the same screen (Security) and turn OFF SmartLock
4. Go back to screen lock, now select SWIPE (or none if present, but I don't believe it's an option on most)
5. (Optional) I chose to both enable USB debugging as well as going into SuperSU (if present) and setting it to grant all requests. I did not need this, however if you're having issues it may help your troubleshooting to have root adb access.
6. With your lock screen set to swipe and smart lock off, now try flashing LRX21O, followed by a custom kernel (or boot.img if you have it) and/or root in that order if you'd like.
7. Upon boot, it SHOULD have resolved the black-screen issue. I did still have the "non-working home button" issue that was quickly resolved by running the setup wizard again with the following command via adb:
adb shell am start -n com.google.android.setupwizard/.SetupWizardTestActivity
When it asks about restoring backups or setting up as a new device, choose set up as new device. The "Restore" would simply re-download and restore apps that are already installed. "Set up as new device" simply tells setup to do nothing, which is fine, because all your data is already there
8. SDcard Fix (root required): If you have issues seeing SD card content, use these ADB commands below (credit to rootSU here
su
restorecon -FR /data/media/0
That's IT! You should be set. I love dirty flashing (I know everyone hates it because yes, it does cause a lot more chatter in the forums, but that's half the fun ) and problem solving. Everytime I see someone claiming they fixed a problem by factory resetting I'm thinking "...that's like saying you fixed your car by buying a new car". I hope I this makes other's lives a little easier

Schiziodd's ROM flavors for HTC desire

in the subsequent posts below, you will find all the info you need for not only the device but the ROMs I have had my hands in.
each person who I pulled the files from will get a thanks in the posts as necessary

NonSense 1.04
Disclamer: these files are meant specifically for the HTC Desire 510. Use these files at your peril, you assume any responsibility for loss or damage that may result from use of these files or procedures. what has been included in this tutorial is for the HTC Desire 510
You have been warned.
note: from now on CRI signifies cricket, and B-S signifies sprint/boost if those signifiers aren't used, it applies to both type of this phone
now to the goodies.....
List of supplies:
1. Phone (HTC Desire 510)
2. USB cord that syncs with the PC
3. USB drivers installed for the phone
4. the zip files from this location. click here
4.1 there are 2 different versions of the same ROM, but the *1.04-lean.zip is US only (refer to changes to see why).
4.2 CRI for cricket/att, B-S for boost/sprint
5. read these instructions completely before attempting
before we get started make sure you have supersu (which can be downloaded from here), and NonSense1.04.zip copied to the root of your external SD card
NETWORK UNLOCK (I.E. switching services)​
as this phone is LTE compatible, it takes a SIM card no matter the service to receive calls and data. so it stands to presume all you need to do is network unlock the device (Sprint calls it UICC unlock, others it's the Network Unlock Code)
the phone needs to be network (SIM) unlocked in order to switch it from cricket to sprint, or from sprint to virgin mobile, etc.
to network unlock the phone:
1. make sure you are on stock ROM (the one that came with the phone, not the one listed in this post nor CM)
2. call the respective original service provider of the phone (i.e. cricket, sprint, etc.) and tell them that you are leaving the country (like to Australia) and you want to unlock the SIM so you can use your device for service down there.
2.1 if you bought the phone second-hand or don't have service on it, you will have to find a reputable unlock service online
2.2 for sprint customers, your account HAS to be at least 6 months old before they will give you the UICC(SIM unlock) code
2.3 for boost customers, your account HAS to be at least a year before they will give you the UICC(SIM unlock) code
3. once you have the SIM unlock code, pull battery from phone, remove the original SIM, put your services respective SIM in (i.e. originally a cricket phone now running a T-Mobile SIM), put in battery, boot phone, and enter the unlock code where it asks.
4. once your back into device, you'll notice you will have no data.
4.1 what needs to be done is to program the APN (google will be your best friend here - for example sprint lte apn settings, or T-Mobile lte apn settings).
5. now that you have the APN settings, you can program them into the phone.
5.1 APNs can be found in the device by going to settings, then mobile data, clicking on access point names. in there in the upper right hand corner should be 3 dots that are verticle. click on that and then on new APN.
5.2 add the respective settings, click save and then make sure it has a green dot next to it.
6. sit back and enjoy the fruits of your labor
APNs for this device can only be written once the phone has been UNLOCKED and the original (cricket) service providers SIM is NOT inserted, and your using another service Provider ( sprint, T-Mobile, etc.) SIM.
UNLOCKING BOOTLOADER​
1. for the drivers, use the ones contained here in the HTCDrivers.zip and extract them to the desktop
1. extract and use the file contained in adb.zip to flash unlock token
2. follow this tutorial and choose all other supported devicess when it asks about device.
INSTALLING TWRP AND KERNEL​
in the adb file you should notice a file called recovery.img. that is TWRP recovery for the device
there is also a file called boot.img. this will allow read/write permissions at the System level once root is obtained
if you have either the sprint, boost or another service provider's variety of this phone, try flashing their respective kernel after you install the ROM or before you root (no guarantees that flashing the respective kernel will work. as I have the cricket variety of this phone, I am only developing for that one)
1. from home screen, go to settings and scroll down to power and then scroll all the to the bottom of that and uncheck "fast boot"
2. shut down phone completely
3. go back into fastboot (vol down + power)
4. Select fastboot from the menu list and press the power button.
5. open command prompt and use the CD command to get it to the root of the adb folder (CD C:/users/sky/desktop/adb).
6. plug in device and wait for it to say fastboot USB
7. type in command prompt "fastboot flash recovery recovery.img' (should complete within 4 seconds)
8. in the same command window type "fastboot flash boot boot.img" (should complete within 4 seconds)
8.1 step 8 can be skipped if your just flashing *NonSense1.04*.zip
9. pull battery once that is completed and put it back in.
10. power device on (skip this step if rooting)
OBTAINING ROOT (can be skipped if installing NonSense1.04 as it's already rooted)​
1. re-enter fastboot mode and choose recovery. press power to select it
2. once in recovery select install and go to external SD and select the supersu update package.
3. once selected, you should see a slider on the bottom of the screen that says swipe to confirm. do so
4. once package is installed you should see a button that says reboot device. do so
5. wait for it to fully load
INSTALLING NonSense 1.04​
1. re-enter fastboot mode and choose recovery. press power to select it
2. once in recovery select install and go to external SD and select the NonSense1.04.zip.
3. once selected, you should see a slider on the bottom of the screen that says swipe to confirm. do so
3.1 beware, it may take a bit to install. just be patient, it's working.
4. once package is installed you should see a button that says reboot device. do so
5. wait for it to fully load. be forewarned, it may take about 15 minutes to load
CHANGES​
CRI versions
1. DEODEXed the ROM
2. added external SD support into the ROM
3. fixed FC on clock app (switched clock/alarm from stock worldclock.apk to AOSP clock)
4. changed bootanimation.zip, boot sound, and stock ringtones and sounds.
5. added more stable kernel to flash file.
6. added Pandora (no-ads vers. 5.5), SpiritUL (FM radio support), Facebook, RootBrowser, Adobe reader, Adobe flash player, and Viper4android (DSP/equalizer)
6.1 all apps that have been listed in 6 can be uninstalled without the need for root
7. root and SU have been added and are up to date in this rom as of 11:45PM MST on 3/1/215
8. added apns-conf.xml from CyanogenMod
9. got native APP2sd support thanks to pattyboi's kernel
B-S versions
1. mostly DEODEXed the ROM
2. fixed FC on clock app (switched clock/alarm from stock worldclock.apk to AOSP clock)
3. changed bootanimation.zip, boot sound, and stock ringtones and sounds.
4. added more stable kernel to flash file.
5. added Pandora (no-ads vers. 5.5), SpiritUL (FM radio support), Facebook, RootBrowser, Adobe reader, Adobe flash player, Wifi Tether, and Viper4android (DSP/equalizer)
5.1 all apps that have been listed in 5 can be uninstalled without the need for root
6. root and SU has been added
*1.04-lean
list of removed apps
1. Dropbox (can be found in playstore)
2. Google plus (can be found in playstore)
3. Hangouts (can be found in playstore)
4. HTC Dot View(can be found in playstore)
5. keyboard language packs for Arabic, Chinese, English UK, French, German, Greek, Italian, Portuguese, Russian, and Spanish (not in play store) if needed, flash language.zip found here
6. VPN dialogs (not in play store) if needed, flash missing.zip found here
7. HTC Zoe (can be found in playstore)
BUGS​
CRI versions
1.USB internet pass-through not working
2.WiFi direct (miracast) not working
3. want to get rid of annoying volume too loud warning
B-S versions
1. native hotspot says internet when connected to win 7 machine, but will not allow it to go through. Have included wifi tether as a workaround until the issue can be resolved
THANKS​
CRI versions
I thank wolfaas12345 for his awesome tutorial on bootloader unlocking, pattyboi for providing a more stable kernel, and chainfire for providing a great solution to provide the SU binary and app for rooted devices. and of course, CraviingCritic for providing the original ROM in which this wouldn't be possible
B-S versions
I thank wolfaas12345 for his awesome tutorial on bootloader unlocking, pattyboi for providing the current kernel, and chainfire for providing a great solution to provide the SU binary and app for rooted devices. and of course, LarryBoyG for providing the original ROM in which this wouldn't be possible
please feel free to let me know if there's any issues with this release and i will fix them as they are found for now as this device is the one i primarily use as of right now.
I will also be keeping the links updated for as long as I own the device (being that my HTC Desire 510(Cricket) is network unlocked, that may be a long time - or until I get a better device).
UPDATES​
for those of you who have downloaded the ROM since first release, I will include an CRI_NSupdate.zip or B-S_NSupdate.zip file found here. it will include the changes I have made to the rom since it's initial upload.
the file by the name of NSupdate.szip will include update that pertain to both the CRI and B-S ROMS
to install the updates, just put the update file onto the root of the SD card, reboot into recovery, choose install, pick the update file, swipe the blue button on the bottom, reboot and enjoy.
EDITING THE BOOTUP​
location of files mentioned is in /system/customize/resource
to change boot animation
1. find your favorite boot animation
2. rename it to AIO_bootup.zip
3. copy/move and overwrite the original with a root explorer to /system/customize/resource
to change the boot sound
1. find a sound file you like and want to hear every time the phone boots (can be changed at any time)
2. convert it to wav (the file has to be wav in order for the phone to recognize it)
3. rename it to CRICKET_LOGO_24bit28k_STEREO.wav
4. copy/move and overwrite the original with a root explorer to /system/customize/resource
reboot and enjoy...
THINGS NOTICED WHILE CREATING ROMs​
1. both (cricket and boost/sprint) phones are exactly the same except for the boost/sprint ones contain a CDMA chipset.
1.1 the only things I had to change from the cricket rom to the boost rom was apns.xml in framework-res, apns-conf.xml, and the preferred network type in build.prop.
2. all kernels work for both (US) versions
3. the same recovery is used on both (US based) devices
so essentially, if we develop for the boost/sprint version of the device, change a few things, it will be ready to roll for the cricket version as well
TO FIX NATIVE TETHER ON B-S VERSIONS​
1. Install Script Manager – SManager app from the Play Store.
2. Open the app and grant it root access when prompted.
3. Now, navigate to /system/etc/init.d and tap “tether” script.
4. Click on SU and Boot (Android skull and gear icons, respectively)
5. Click on Run and Save options.
The issue should be fixed now. Reboot and enjoy!
thanks goes to qwerty6532 and LarryBoyG for the fix. now to add that permanently to the ROMs and then they'll be absolutely stable enough for me to be happy and start working on CM11

CM11
I will be building CM11 for the device for both the cricket and boost models. look for the info here as I update it a I need
****edit**** ok so I figured out some of the issue with CM11 not wanting to install apps. I got the internal memory pulling the 1.1 gbs but now I need to symlink the external memory where it goes.
****edit**** so I have figured out what needs to be done...... the kernel for CM11 needs to be built from the ground, up (or one needs to be built that is compatible with it). i'll upload the current one that fixes the memory error (look in downloads).

reserved
so as i have not been actively developing on the phone i will no longer supply updates. all flash files are up to date as of 8 months ago and should be working with out an issue.

again, reserved
same to you...

This would have to be one of the most comprehensive tutorials I have read. 10 out of 10 and kudos. Pity I have a 64 bit device and can't use most of it lol.

Burtrum57 said:
This would have to be one of the most comprehensive tutorials I have read. 10 out of 10 and kudos. Pity I have a 64 bit device and can't use most of it lol.
Click to expand...
Click to collapse
if I had a 64-bit version for this device, I would have it out as soon as I could. and thanks

Great job. Off and running now

I'm not sure how to add the tether fix to the ROM. Not really a developer more of a tester.. Wish I could get into developing don't really know where to start lol.
If you need any help testing or working on CM11 for Boost shoot me a PM I'd be glad to help
Sent from my 0PCV1 using XDA Free mobile app

Question to you Schizoidd......If I install the new 1.04lean over the previous build, do I still need to flash that update or is is already included in 1.04lean. I already falshed that some time ago when you first put it out, so I'm just not sure if its needed again or not. Thanks bro.

CSP III said:
Question to you Schizoidd......If I install the new 1.04lean over the previous build, do I still need to flash that update or is is already included in 1.04lean. I already falshed that some time ago when you first put it out, so I'm just not sure if its needed again or not. Thanks bro.
Click to expand...
Click to collapse
When you flash the new one, wipe the system partition and then use an explorer to remove v4a from the user apps. Which is located in /data/apps and reboot

qwerty6532 said:
I'm not sure how to add the tether fix to the ROM. Not really a developer more of a tester.. Wish I could get into developing don't really know where to start lol.
If you need any help testing or working on CM11 for Boost shoot me a PM I'd be glad to help
Sent from my 0PCV1 using XDA Free mobile app
Click to expand...
Click to collapse
Well it's added to it. It just needs to be activated for now until I can figure out how to add it to automatically start from the first run of the Sprint/boost ROM

schizoidd said:
When you flash the new one, wipe the system partition and then use an explorer to remove v4a from the user apps. Which is located in /data/apps and reboot
Click to expand...
Click to collapse
Sorry, not following "wipe the system partition" ???

CSP III said:
Sorry, not following "wipe the system partition" ???
Click to expand...
Click to collapse
if you in recovery, go to wipe and then advance wipe and check system. wipe it like u would as if ur doing a factory reset

schizoidd said:
if you in recovery, go to wipe and then advance wipe and check system. wipe it like u would as if ur doing a factory reset
Click to expand...
Click to collapse
Yeah, I figured as much. Should have been clearer with my ? Is that before or after I flash the new lean. I though if I did it after, that it would set me back to square one. As in having to start fresh setting everything up again, which I really dont want to have to do. Apologies for my unclearness.

CSP III said:
Yeah, I figured as much. Should have been clearer with my ? Is that before or after I flash the new lean. I though if I did it after, that it would set me back to square one. As in having to start fresh setting everything up again, which I really dont want to have to do. Apologies for my unclearness.
Click to expand...
Click to collapse
it'll leave ur data alone, just delete the OS. do not touch internal memory, davlik, data, or cache and ur stuff will be safe. I have done it and my stuff is fine

schizoidd said:
it'll leave ur data alone, just delete the OS. do not touch internal memory, davlik, data, or cache and ur stuff will be safe. I have done it and my stuff is fine
Click to expand...
Click to collapse
Right on buddy. I'll take you at your word on it. I've never had to do that before so it naturally made me a little nervous. Not that I couldnt have just restored a backup, but still . Many thanks.

Problems
System UI force closes and power button doesn't turn the screen back on when I flash the latest cricket version.

schizoidd said:
I
for those of you that build the kernels, do you think u can build one that is AOSP and compatible with the device for android 4.4.4?
Click to expand...
Click to collapse
we cant really do a "aosp" kernel because of htc's modifications to the board and pins,and they have their own dtb issues...im 99% sure mine works with android 4.4.x because of larry using it in gpe,just repack the ramdisk the zimage and it should be okay

Bobby060 said:
System UI force closes and power button doesn't turn the screen back on when I flash the latest cricket version.
Click to expand...
Click to collapse
If you're going from bone stock to this, you need to do a factory data reset. Just make ssure you back up your data and use nandroid manager to pull it data back into the new ROM

Did I found a Security Hole?

I take too serious the security in my device. I'm not a computer technician or anything, just a normal-to-advanced user who tends to change things in my device more frequently than my pants. This happend accidentally while trying to replace my SystemUI.apk with a modified one. My phone uses a pattern to unlock it at system level (lockscreen protection, not SIM). So I changed the SystemUI, I've set permissions and rebooted. For some reason the apk didn't worked, resulting in a constant "Android is Upgrading" window. I pressed the power button to lock it, and the screen went off. I pressed it again and my device booted directly to my homescreen with a message saying that my System UI has stopped working. But wait: No pattern unlock? I connected my device via USB to my PC and I was able to see all my files inside (normally, if your device is locked with pattern/pin/finger/etc and connect it to a PC it will not show any file in sdcard0, just an empty folder). The phone was almost unusable because if I press OK in the FC popup a new one would appear 0.5sec later, but I was able to open multiple apps and even type with the keyboard to a Whatsapp contact (with a little of patience) within one popup and another. I even replaced my corrupted SystemUI with root explorer...
So the question is: Is this a security hole? For now this could happen only to Rooted users since there's no way to modify a System apk without root privileges. But if someone manages to break the SystemUI without needing to root the device, he would have access to anything inside your device...
Here's my device info:
Samsung Galaxy Note 4 N910C
Android Version 5.0.1
Build: N910CXXU1BOC5
Deodexed
If anyone experience in security read this, please give me an opinion. Thanks!

It's not a security hole, the keyguard doesn't really do much in the way of security. Device encryption is another matter entirely - that's sure to protect your device if the attacker doesn't know the passcode.
Rooting sidesteps many of the security measures put into place by the OS, and that's why rooting trips the Knox counter.

galaxynote2 said:
I take too serious the security in my device. I'm not a computer technician or anything, just a normal-to-advanced user who tends to change things in my device more frequently than my pants. This happend accidentally while trying to replace my SystemUI.apk with a modified one. My phone uses a pattern to unlock it at system level (lockscreen protection, not SIM). So I changed the SystemUI, I've set permissions and rebooted. For some reason the apk didn't worked, resulting in a constant "Android is Upgrading" window. I pressed the power button to lock it, and the screen went off. I pressed it again and my device booted directly to my homescreen with a message saying that my System UI has stopped working. But wait: No pattern unlock? I connected my device via USB to my PC and I was able to see all my files inside (normally, if your device is locked with pattern/pin/finger/etc and connect it to a PC it will not show any file in sdcard0, just an empty folder). The phone was almost unusable because if I press OK in the FC popup a new one would appear 0.5sec later, but I was able to open multiple apps and even type with the keyboard to a Whatsapp contact (with a little of patience) within one popup and another. I even replaced my corrupted SystemUI with root explorer...
So the question is: Is this a security hole? For now this could happen only to Rooted users since there's no way to modify a System apk without root privileges. But if someone manages to break the SystemUI without needing to root the device, he would have access to anything inside your device...
Here's my device info:
Samsung Galaxy Note 4 N910C
Android Version 5.0.1
Build: N910CXXU1BOC5
Deodexed
If anyone experience in security read this, please give me an opinion. Thanks!
Click to expand...
Click to collapse
So you gave the user root access and you say you are concerned about security? :silly: A silly screen unlock pattern is not going to save you, as anyone with a a computer can access everything on your phone and make any changes they want (granted they have access to you phone).

Security hole can be said of you are uprooted. You changed (corrupted) systemui means you have rooted device and since screen guard is part of systemui so how can you expect to work normally.
Also not difficult to reproduce. Simply delete systemui with root explorer, your device will reboot normally without pattern though you have set it. Even you can explore all files with root explorer (that means you can do almost anything) and can change pattern lock with setting too. Just you will have black wallpaper and no status bar. Once you replace systemui you will have your pattern lock back.
In sort you are rooted users your are no more secured.
Even not rooted but simply having custom recovery you are not secured. Any script having command to delete your pattern /pw it can be deleted from that even device is not rooted as custom recovery can mount partition and can edit it.
That's why Samsung trip knox even by flashing custom recovery.
Sent from my SM-N910G using xda premium

OOs 4.0.3 / Encryption / Tracking

My OP3T has OOs 4.0.3 and I have set it up with fingerprint lock. However when I go into TWRP recovery and connect the phone I can see all the internal storage contents. Does this mean that the phone is un-encrypted?
I want to keep the contents safe so that no one can access them in case it is lost. Not even in recovery mode. Does TWRP also recognize fingerprints?
Should I encrypt the phone? Is it safe / recommended? Would it slow down the phone?
What is the best solution?
Are there any tracking features or apps which can be used in case the phone is lost?

You can check if your phone is encrypted by going into Settings > Security > (scroll to bottom of page).
The phone is encrypted out of the box and will remain so unless you format your /data partition after rooting.
The fingerprint itself is not the encryption key, the key is generated by the OS. While TWRP can find your encryption key and use it to access certain parts of your internal storage that it needs to function, it cannot mount User Storage (/data/media) and retrieve data other than zips/imgs.
TWRP itself cannot access user data, but ADB can. You can turn off USB debugging to prevent someone from pulling data.
Encryption is definitely useful if you want to keep your data safe, though it really depends on individual usage. I personally don't keep any important data on my phone and like to keep it decrypted. By decrypting, you experience fewer problems when flashing different ROMs. The phone also boots a bit faster as you don't have to decrypt each time.
There are services that you can use to track and remote access lost phones. Check out Cerberus Anti Theft, which has some unique features such as being able to install as a system app to avoid deletion via factory reset. For basic tracking, Google actually had built in tracking. As long as your phone is on and has network access, you can use Google Device Manager to locate your phone. You also have the option to remotely lock and erase your phone if needed, though keep in mind that this requires internet access. Services such as Cerberus allows you to send commands to your phone through texts and other means even when data is disabled.

Anova's Origin said:
You can check if your phone is encrypted by going into Settings > Security > (scroll to bottom of page).
The phone is encrypted out of the box and will remain so unless you format your /data partition after rooting.
The fingerprint itself is not the encryption key, the key is generated by the OS. While TWRP can find your encryption key and use it to access certain parts of your internal storage that it needs to function, it cannot mount User Storage (/data/media) and retrieve data other than zips/imgs.
TWRP itself cannot access user data, but ADB can. You can turn off USB debugging to prevent someone from pulling data.
Encryption is definitely useful if you want to keep your data safe, though it really depends on individual usage. I personally don't keep any important data on my phone and like to keep it decrypted. By decrypting, you experience fewer problems when flashing different ROMs. The phone also boots a bit faster as you don't have to decrypt each time.
There are services that you can use to track and remote access lost phones. Check out Cerberus Anti Theft, which has some unique features such as being able to install as a system app to avoid deletion via factory reset. For basic tracking, Google actually had built in tracking. As long as your phone is on and has network access, you can use Google Device Manager to locate your phone. You also have the option to remotely lock and erase your phone if needed, though keep in mind that this requires internet access. Services such as Cerberus allows you to send commands to your phone through texts and other means even when data is disabled.
Click to expand...
Click to collapse
When I go to Settings > Security > Encrypt it has a button to start the encryption so I guess that the phone is not encrypted. I also am not keeping very important data on the phone. However just in case it is lost I don't want people to see my Contacts, WhatsApp messages, photos etc. Will encryption encrypt all of these? If I press Encrypt, will it retain the data or should I take a backup first? If I encrypt the phone and have a fingerprint lock, does it mean that no one else can access my data? Not even through TWRP? How will I know the encryption key? Once encrypted, can I update the phone?
Thanks for the advice on Cerberus, If there are any other suggestions, I would like to know.

Encrypting the phone will not erase any data, just click the button and it does so automatically. You can't see the actual encryption key, it's maintained by the OS. I believe that if you set a password in addition to your fingerprint, TWRP may ask for the password on boot. I'm not too sure how this works exactly, there'll likely be more accurate sources online somewhere.
Encryption will encrypt all user data, including photos and most appdata. TWRP doesn't have access to user data by design, that's why nandroids can't backup Storage. TWRP itself also cannot see or access any user data in its built-in file explorer.
Keep in mind that while encryption works well, nothing is perfect. You never know when someone will find another exploit, especially if you leave your bootloader unlocked and modify your phone with root/custom ROMS/recoveries/etc.
As for Cerberus alternatives, I've got no idea. I've never really looked into these services and only know about Cerberus due to its popularity.

General System root + Passed Safety Net Pixel 5a

Hey everyone,
after some trial and error, I was able to pass Safety Net.
I just want to mention what I did in the process to get there. May have been a combination of things or just one...
1. I followed this guide, but make sure you notice that It's for the Pixel 5 not 5a. But the process is similar. This process didn't fix the issue. However, it's also a good how-to on how to root. I did also modify the props to the 3a.
How to Root the Pixel 5 & Still Pass SafetyNet — Full Guide for Beginners & Intermediate Users
The Pixel 5 is a great value proposition in this era of $1,500 phones. With its reasonable price tag, fully open-sourced software, and unlockable bootloader, it's also an ideal phone for rooting.
android.gadgethacks.com
2. When that didn't work, I followed this video, and hid all my banking apps besides the Google Play Services:
3. When that didn't work, I installed these both using Magisk from this post:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
4. Cleared my data and cache with Google Play and GPay + any other banking apps.
That worked for me!
EDIT: IF GOOGLE MAPS reports the wrong location, its likely XPrivacy-LUA, Google Services. Uncheck some of them.

Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!

anubis2k3 said:
Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!
Click to expand...
Click to collapse
Didnt think it was that big of a deal to me. But it was fun with a new phone with nothing on it.

This was the Magisk module that worked to pass safety net for me. I didn't need any others.
Releases · kdrag0n/safetynet-fix
Google SafetyNet attestation workarounds for Magisk - kdrag0n/safetynet-fix
github.com
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.

joemommasfat said:
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.
Click to expand...
Click to collapse
That's the part that I use the most, and the reason I haven't rooted yet. Please let us know if it works. Much appreciated!

I can confirm that using google pay (newer GPay app) on my rooted 5a works at merchants. I've already used it several times over the last week or so with no problems.

Deadmau-five said:
3. When that didn't work, I installed these both using Magisk from this post:
Click to expand...
Click to collapse
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.

borxnx said:
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.
Click to expand...
Click to collapse
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.

I only mentioned what works for me since there was no step-by-step guide.
Dangerous how? Doing any mods to your phone is "dangerous". I fail to see how this is more so than others. Modifying your phone is risky.
If it didn't work I wouldn't have posted this guide. I only mentioned the steps that I took. It's not really a guide, just how I passed safety net.
But, my 5a has still been working great since then. GPay included.

jcmm11 said:
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.
Click to expand...
Click to collapse
Just a quick note to say I just finished with everything (new Pixel 5a 5G, rooted + Safety net, restored all my apps, etc) and it's a flawless victory, ALL banking apps work great, SafetyNet passes, no hiccups.
I'd be happy to craft up a step by step and post it if there's some interest. It's not often I get to give back to this outstanding community, so it's the least I can do jumping on the opportunity. UFC 266 Main card is just starting, so I'll get started right after the fight and post it here in this thread.
Great to see ya again @jcmm11! Coming back to root a new phone feels like a family reunion, so great to see many of you active folks still here helping out!!
hfam

Alright, as promised, here is my writeup for a step-by-step tutorial for rooting your new Pixel 5a and getting SafetyNet up and going. I know it looks like a book, but I wanted to put it into plain language and attempt to explain the process for everyone, even absolute first timers. I know when I first started I really appreciated when the person helping didn't presume I had any knowledge, so for those that may have some experience, sorry for the wordiness. I'll also include how I apply updates when a new Android security update is pushed out. I understand that there are now elegant ways to accept OTA updates, but that is out of the scope of this tutorial as I have always had issues with OTA, and have to catch up on how that works myself. I can attest to years of using this method though (using a full factory image) to perform the "monthly" security updates, and I have never had anything but full success, so I'll share that here below the rooting tutorial.
*Disclaimer and heads-up* this is for an UNLOCKED PIxel 5a purchased directly from Google Store. At the time of this writing that is the only place I'm aware of which currently offers the PIxel 5a. Once carriers like Verizon, etc, offer this device, there may be some changes to the process, so just know up front this is for the unlocked Pixel 5a*
*WARNING*! When you unlock the bootloader on your phone it WILL WIPE YOUR PHONE and reset it to factory. If you've already used your phone and set it up, you're going to lose that setup. If you can't bear it, then the rest of this isn't for you, as root cannot be achieved without unlocking the bootloader.
First, you'll need a few things
- https://developers.google.com/android/images
and download the latest FACTORY IMAGE for "barbet", which is the Pixel 5a. You want to download the SAME VERSION that is currently installed on your device. At the time of this writing, it's the September release.
From that same page, you will need the ADB+Fastboot platform tools which will allow you to perform the required tasks, download from this link:
- https://developer.android.com/studio/releases/platform-tools.html
I use Windows 10, and extract this tools download to a folder in the root of C: called "platform-tools". You will then need to add "c:\platform-tools" to your environment path.
On the Pixel 5a, you need to enable developer options. Go into Settings/About Phone/and tap "Build Number" 7 times. This enables developer options and it will let you know when you've unlocked this as you tap 7 times. Once developer options is unlocked, go back to Settings/System/Advanced, and you'll see Developer Options is now available.
Select Developer Options, and enable "USB Debugging" and also enable "OEM Unlocking".
(**NOTE** For now at least, until you decide how you want to proceed with handling updates in future (more on that later), I strongly recommend turning OFF "Automatic System Updates" as well, just a few items below "OEM Unlocking". This prevents any updates happening automatically on a phone reboot. You don't want to wake up and find an OTA update pushed out and removed root, or worse. You can always turn it back on later.)
Plug your phone into a USB port on your PC. Allow the PC to do it's thing. You can open up Computer Management on the PC (right click the windows menu button icon lower left of your toolbar and select "Computer Management". Select "Device Manager" on the left panel. You should see "Android ADB Device" appear at the top of the right pane list of devices. if not, then visit:
Install OEM USB drivers | Android Studio | Android Developers
Discover links to the web sites for several original equipment manufacturers (OEMs), where you can download the appropriate USB driver for your device.
developer.android.com
and download the appropriate USB driver for your system and retry the above directions.
First thing we have to do is unlock the bootloader.
On the PC, open a command prompt and change directory to "C:\platform-tools" as discussed above.
Now, type in "adb reboot bootloader". The phone will reboot into bootloader. (you may receive a dialog on the phone which says something to the effect of not recognizing the PC. Go ahead and allow it, check the box to allow it in the future, and proceed.
Phone is now at the bootloader, and shows you some info letting you know it's so, including that the bootloader is locked. Also, look at the Device Manager we opened earlier and confirm that you see Android ADB Device (or similar) which confirms your PC recognizes the phone and setup for ADB commands .
To unlock the bootloader, in the command prompt type:
fastboot flashing unlock
This will unlock the bootloader, you will likely see a warning that it's going to wipe the phone. Proceed and allow the unlock. The phone will then reboot and take you to your wiped phone just as you received it out of the box, except the bootloader is now unlocked and Developer Options are still available. Let the phone continue through it's first-time setup, and leave the phone plugged into the PC. If you unplugged no biggie, but we're going right back to the PC shortly and it will need to be plugged back in before the next step to accept the file we're going to push to it.
Now, you want to open a browser on the phone and go to (at the time of this writing, v23.0 is the current stable Magisk):
Release Magisk v23.0 · topjohnwu/Magisk
This release is focused on fixing regressions and bugs. Note: Magisk v22 is the last major version to support Jellybean and Kitkat. Magisk v23 only supports Android 5.0 and higher. Bug Fixes [App]...
github.com
Scroll down and under "Assets" select that Magisk 23.apk file, download and install it. Open Magisk if it doesn't open on install, and just let it sit, we're coming back to it shortly.
PATCHING THE BOOT.IMG FILE
On the PC, go back to the Factory Image you downloaded, and extract it to a temporary directory. You will see 6 files; a few "flash-all" files, a radio image, a bootloader image, and a ZIP file called "image-barbet-XXXXXXXXXXX.zip (the xxx's are whatever the version number is you've downloaded). Double click that ZIP file and you will see a dozen files. The one we need to root the device is "boot.img".
Copy (don't move!!) this file to c:\platform-tools. Now, go back to your command prompt (still pointing to c:\platform-tools) and type in:
adb push boot.img /sdcard/Download
Now back on the phone, within the Magisk app we left open, at the top where it says Magisk, choose to install. A dialog box will open, select Patch Boot File Image. Point the process to your /sdcard/Download, and select the boot.img file we just pushed there. Now allow it to patch the boot.img and Magisk will show you it's patching it, and in a moment tell you it was successful. Close the Magisk app, open "Files" and direct it to sdcard/Download. Note the name of the patched boot file, which is called "magisk_patched-XXXXX_xxxxx.img (the X's are the Magisk version, and the x's are 5 random chars). Feel free to leave it there as you go back to the PC...
Back on the PC, in the command prompt, now type:
adb pull /sdcard/Download/magisk_patched-XXXXX_xxxxx.img
make certain you get the name exact or it won't go, no worries, just get it correct. The file now resides in the "c:\platform-tools" directory along with the unpatched "boot.img" and your ADB+Fastboot tools.
Just about done rooting, here we go!
Now, in the command prompt type:
adb reboot bootloader
The phone reboots into bootloader. Now type:
fastboot flash boot magisk_patched-XXXXX_xxxxx.img (again, use the numbers and letters in YOUR patched file!)
Lastly, type:
fastboot reboot
Your phone reboots, and you should be rooted!! Unplug your phone from the PC, open up Magisk App and confirm, the Magisk entry at the top of the main Magisk App screen should now show you the version you installed, etc!
Time to get your banking apps (and any others that may detect unlocked bootloaders/root/etc) working!
In the Magisk App, on the bottom of the screen is a 4 item menu bar. Select the right-most icon, which is "Modules". At the top of the screen select "sorting order" and sort alphabetically. Scroll down to "riru" and select the module that is JUST "RIRU", (not any of the other "riru _______" modules). Choose to download it, then choose to install it. You'll be prompted to reboot the phone, so reboot the phone.
Next, we're going to install drag0n's Universal SafetyNet fix (at the time of this writing it's currently v 2.1.1) You will need to download this via a browser on your phone, so open a web browser and go to:
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
On the right-hand side, you'll find "Releases", and v2.1.1 is the latest. Select that, then scroll down to "Assets" and download "safetynet-fix-v2.1.1.zip" By default this will download to sdcard/Download.
Go back into the Magisk App, select the "Modules" menu as above, and at the very top select the "Install from Storage" bar. Point to the file we just downloaded and install it (don't extract it, etc, it requires the zip exactly as downloaded and will do it's thing). Again, it will install the module and prompt you to reboot. Reboot.
Almost there!
At this point, if you havent installed your banking apps, do so. DON'T RUN THEM, just install them. I also have a Nintendo Switch Online app which failed because of root, so if you also have or want this app, install it now, again, do NOT run it yet, just install. Same with any other apps you are aware which have root/bootloader unlocked issues, get them installed, but don't run 'em.
Now, we're going to use MagiskHide to hide these apps and complete the process for passing SafetyNet and running apps which may not run due to root.
in the Magisk App, at that 4 item menu bar at the bottom, select the 2nd from left, or "MagiskHide". Select the MagiskHide item and it will open to a scan of all the apps on your system. By default I believe Magisk sets up to hide Google Play Services. You will see it selected, and all the other apps on your system unselected. Select each of the banking apps, the Nintendo Switch Online (if you have it), and any other apps that YOU ARE SURE will complain about unlocked bootloaders and/or root. Any onilne gaming that's popular are good choices, but again, it's easiest to NOT RUN them PRIOR to hiding them via MagiskHide. Pokemon GO comes to mind as one I've seen that needs hiding, etc, so make it easy on yourself and do a little research on any suspect apps prior to running them, then hide them if needed.
Anyhow, select your banking apps to hide them.
Now, we're going to check SafetyNet to make sure youll now pass.
On the Home menu in the Magisk App, select "Check SafetyNet". You will be prompted to download some proprietary SafetyNet shhhhhhhtuff....so let it download. Once done, SafetyNet check will open, and you should show a blue screen which says SUCCESS, and "basicintegrity" and "ctsProfile" will be checkmarked, evalType will show BASIC.
You're good to go, rooted, SafetyNet works perfect, and you can now open your banking apps and should open right up!!
If you find any specific issues about specific apps not working, or detecting root, etc, the best place to get help is in the Magisk General Discussion forum:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
I owe those folks eternally for showing me what I know, and always having the answers for any issues I've ever had. Some of the nicest, smartest people Ive had the pleasure of knowing, they're always helpful, and even maintain fantastic sites for FAQ and chock full of great info about every aspect of Magisk.
BONUS ITEM: As I indicated above, I'd share the method I know, trust, and have used many many times, trouble free, to apply a system update to the phone without overwriting anything, and not hitting any issues many encounter using the OTA method (though I understand that's been vastly improved, I haven't educated myself as to that process and will likely continue to use this method).
Security Update (monthlies) Process using Full System Image
As above, download the newest Full Factory Image from the site. Extract this full image to a directory inside C:\platform-tools
In this directory, if you're on Windows, open the "flash-all.bat" file (don't run it, open it with Notepad or something similar, I really like Notepad++ as it's free, has a LOT of great functionality and, like the native Notepad, doesn't do any goofy formatting/fonting/etc when modifying and saving a file.)
In flash-all.bat, look for the "-w" entry in the fastboot command near the end of the file and REMOVE ONLY THE "-w", leaving the line correctly formatted (don't leave an extra space or something goofy), then save the file over the top of the original with the same name. This will remove the overwriting of your data when pushing the image, the "-w" tells the process to overwrite, so we remove it.
Open up a Windows Explorer and go to your c:\platform-tools directory. Delete (or move to another location) any "boot.img" files along with any "magisk_patched-XXXXX_xxxxx.img" files from previous operations. Also note and confirm that you have correctly extracted the latest Full System Image to it's own directory, residing in c:\platform-tools.
Now, connect your phone to the PC. Open your command prompt and point to "C:\platform-tools" again. Type: cd <name of Full system Image directory>
In command prompt, type:
adb reboot bootloader
The phone is now in bootloader. In command prompt, confirm you're pointing to "C:\platform-tools\<Full System Image extract dir>" Type:
flash-all
This will do a full factory image push to your phone, you'll see a couple quick writes and phone reboots, then begins writing the rest of the image to your phone, but since we removed the "-w" from "flash-all.bat", it's NOT overwriting your data, just the necessary system files to update it to the latest version!
Reboot your phone, let it do any optimizing and updating it needs to do, and don't run anything yet, we're not quite done, just let the phone settle in and finish booting and doing it's thing.
Now, go back and perform the steps above listed under "PATCHING THE BOOT.IMG FILE" to patch the newest boot.img from the Full System Image we just updated the phone with (push the boot.img to sdcard/Download, patch with Magisk App, pull magisk_patched-XXXXX_xxxxx.img to your PC, blast it back using fastboot), and you've now rerooted the phone.
Lemme just say again that I know this was a friggin' book, and I tried to make it as clear and plain language as I could to help even a first timer, so my apologies if it seems like an onerous process. It's really not, and once you've done this once or twice, it's a cakewalk and takes about 10 minutes of your time from start to finish to do the whole system update and reroot. Again, the newer methods to take OTA without losing root may be something you'd like to look into, i definitely will, but I'm very confident in sharing this method as I know it works like a champ and is foolproof if you take your time the first few times and make sure you do what's required (remove the "-w" from the flash-all.bat, etc)
Lastly, I've been using this method since the Pixel 2, and just performed it on my new 5a, it worked exactly as it has for years for me on the P2, so you can be confident moving forward that, if you follow instructions and take your time until it's all familiar, you'll be successful in rooting, passing SafetyNet, and applying system updates without screwing up the A/B slots or overwriting your data in the process.
I hope this helps even one person, and since I rarely find myself able to give back to the community in any real meaningful way (many of these folks are WAAAY beyond my modest skills and know so much!!), I hope that this provides some folks with a useful and meaningful tutorial, providing confidence that anyone can root their P5a (or about any Pixel it seems) without being a Magisk/Android prodigy.
@Didgeridoohan, @pndwal, @zgfg, @jcmm11, and so many others over the years have been so helpful, I couldn't have done any of this without their selfless help, so give those folks a big thanks also if this is any help to you.
Best of luck,
hfam

Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!

nsoult said:
Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!
Click to expand...
Click to collapse
Awww, thanks! Glad to do it and really hope it helps some folks tackle rooting their phones and passing SN!

Rooted with magisk v.23 - flashed zip as a module

So has anyone installed the October update yet?

GrandAdmiral said:
So has anyone installed the October update yet?
Click to expand...
Click to collapse
Yep, good to go. I used the same method I shared above.

Is this working with Android 12? Which Magisk version to use?

This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?

Poking around in this thread, it seems that android 12 root is a much more involved process, requiring factory wipe and additional steps.
[Guide] Flash Magisk on Android 12
Trying to root the Pixel 5 running Android 12 by flashing a magisk-patched boot image results in the phone only booting to fastboot mode ("failed to load/verify boot images") Some users have reported that booting (instead of flashing) the patched...
forum.xda-developers.com

tintn00+xda said:
This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?
Click to expand...
Click to collapse
As you stated, you are correct. You need to perform a full wipe or flash the factory image with a wipe and then root works fine and phone boots. Tried myself and works fine.