Database Develop

[Q&A] Collection

Disclaimer: I try my best to produce valid answers, but if you have no idea what you're doing, don't do it.
Terms and Definitions
NVflash / APX mode
This is the lowest level of software that can talk to an Nvidia Tegra device. Basically this is the Holy Grail of memory modification, which can even fix a damaged bootloader.
To use it, one boots the tablet with [Vol +] + [Power]. This will lead to the PC detecting an "APX" device. The screen stays blank.
This is no working solution for anything yet, as not only there is no leaked NVflash binary yet, but also the communication is encrypted via an unique 128bit AES key. This key is at no stage accessible, but can be used to encrypt data during boot. This is where the wheelie tool for previous transformers was of help. The Communication itself happens via a protocol called nv3p, which actually is open source, but as long as the key is unreachable, that's not a lot of use. NOTE: I will create an extra post with a lot more details about this.
Fastboot
The Android Bootloader.
This is the essential part of software which loads Android/a Recovery image/rooting ramfs/etc.
This is the most delicate part in the Android boot process, as fastboot is the lowest level of communication we have so far. In other words: The only way to fix a damaged bootloader would be NVflash, which is not yet available for this device.
Generally the Bootloader is locked as a method to prevent unauthorized access to data stored on the device. A locked Bootloader means no Fastboot.
Bootloader unlocking
To gain access to fastboot devices, the Bootloader needs to be unlocked. This can be as simple as installing an APK provided by the manufacturer or running "fastboot unlock".
Unlocking the Bootloader always leads to three resulting actions: Fastboot now works, all data on the device is wiped, the device's warranty is now void.
Unlocking the bootloader via unlock app can require you to have internet access and a valid google account. This can be problematic in the case of one-time-passwords, as the normal password will possibly not work (and you'll wonder why the heck it doesn't run).
Bootloader locking
This is (at least currently) not possible. Warranty void remains permanent.
RamFS
Simple file system in a file, which gets loaded into RAM. We use this for rooting.
Boot image
A file generally called "boot.img". This contains the kernel.
Recovery image
A partition image that contains a bootable linux kernel and file system, which server the purpose of creating and restoring nandroid backups and perform related tasks.
Brick - general
A device with messed up software, not being able to boot let alone perform any higher task other than being a brick.
Soft brick
A device not booting, which still responds to fastboot queries.
Hard brick / Brick
Fastboot doesn't work anymore. Maybe a visible boot loop, maybe nothing. The only point in which this differs from scrap is the ability to get into APX mode.
Chances are, there will be a way to use NVflash to fix this sometime.
Unbrick
Fixing a bricked device. Currently only soft bricked devices can be unbricked.
Root
General term for having super user abilities on a linux powered device. This can be used for reading/writing/executing restricted files, modifying things, loading custom ROMs etc.
Also having Root can mean "running with scissors", as there's not much left to prevent you from deleting important files and bricking your device.
Remember: Having Root is a very useful device, but with power comes responsibility. Also there is Android malware, which specifically targets rooted devices.
Rooting
The process of gaining Root. In early methods this generally starts with unlocking the device's Bootloader, then booting a Kernel with a purposely prepared ramfs to install and modify certain files.
As always, unlocking the Bootloader means all data will be wiped. By chance at some point someone will figure out a way to do this without unlocking.
ROM
A stock or custom Android ROM image. This contains everything needed for a running system. Custom ROMs contain tweaks, themes, improvements, styles, preloaded apps etc. Also more often than not, a load of bloat ware will be removed.
Bloat ware
Apps nobody needs/many fail to understand what they actually do/bring new ways to crash your device/sniff your precious data/revive long fixed and forgotten security leaks/the manufacturer adds to promote sales ("hey look, we've got an app for that pre installed").
Most importantly, cannot be removed from your device without Root.
Stock
A mint Android ROM, just like what the device gets shipped with.
Guides
Rooting
Requirements: Currently none
Compatible versions: anything > 10.14.1.47
Method: Booting custom Kernel and ramfs
Status: Proven
Link: http://forum.xda-developers.com/showthread.php?t=2516215
Recovery
Creator: Drgravy
Version: 6.0.3.7
Status: Abandoned but functional
Requirements: Bootloader <= 10.14.1.47 (this will not work with 10.26.1.7. Trying to do so will not work, but still boot Android as usual.)
Link: http://forum.xda-developers.com/showthread.php?t=2524401
Recovery
Creator: lpdunwell
Version: 6.0.4.5
Status: Experimental, WIP
Requirements: Bootloader >= 10.26.1.7
Link: http://forum.xda-developers.com/showthread.php?t=2556944
Various information
Hardware assembly date
On the box, rear side label.
Partition information / Unbricking
Link: http://forum.xda-developers.com/showthread.php?t=2546941
Keyboard key remapping
The physical keyboard has custom keys, with functions of debatable value. Here's how to remap them to suit your needs.
Note: This also works for other ASUS Transformers.
Warning: Backup any file you attempt to edit!
Method: The keyboard mapping is described in /system/usr/keylayout/asuspec.kl. The structure is pretty straight forward.
After saving the file, reboot the device.
Code:
Key: Function: Key number: Text:
lock Delete 142 "key 142 FORWARD_DEL WAKE UNLOCK"
search ALT 217 "key 217 ALT_LEFT WAKE UNLOCK"
HDMI configuration
The HDMI resolution can be adjusted. This can be handy under certain circumstances, although results may vary.
Method: Via terminal; disable frame buffer 1, change resolution, enable frame buffer 1
Info: To get a list of valid settings, run "cat /sys/class/graphics/fb0/modes".
This will reset at reboot.
This example enforces 1920x1200 @ 59Hz, in my case to force a HP Compaq monitor to keep running (without this it'll go to sleep for whatever reason).
Code:
echo 0 > /sys/class/graphics/fb1/device/enable
echo "D:1920x1200p-59" > /sys/class/graphics/fb1/mode
echo 1 > /sys/class/graphics/fb1/device/enable
Teardown
Teardown with two images and a brief description of the process: http://forum.xda-developers.com/showthread.php?t=2564143
Q&A
Q: "I have never rooted anything before. Can you send me some fairy dust to fix my bricked tablet if anything goes wrong?"
A: No. And if you are not absolutely sure of what you're doing, there's a fair chance you'll mess it up. Been there, done that.
Q: "What are known causes of bricked TF701?"
A:
Failed upgrade
Flashing incompatible boot.img and blob
Flashing something other than blob to staging
Removal of important files after rooting
Q: "I had a quick look at your instructions for xxx and I don't understand..."
A: Tough luck.
Q: "I re-read your instructions for xxx, searched the forum and I still cannot understand..."
A: Check if there's a matching thread. If there isn't create one with a diagnostically conclusive title. Use as much detail as possible.
Final notes
I hope this helps. As always, updates will follow.
Want to see your tutorial/guide/etc. here? Send me a detailed PM with the subject "TF701 Q&A extension".
You can help making this even better!
Found a mistake or believe I'm wrong about something? Let's discuss it.
Has this helped you? Consider clicking thanks.

THANK YOU for the hack to get a forward delete on the keyboard! That has been bugging me for a year!
Works just the same on the TF700 keyboard, btw.

Ask the mod to make it sticky, then it will always be at the top of the main thread.
Sent from my superfast Asus Infinity TF701with Dock

Snah001 said:
Ask the mod to make it sticky, then it will always be at the top of the main thread.
Sent from my superfast Asus Infinity TF701with Dock
Click to expand...
Click to collapse
he is retired .... Doesnt reply to any request ...

berndblb said:
THANK YOU for the hack to get a forward delete on the keyboard! That has been bugging me for a year!
Works just the same on the TF700 keyboard, btw.
Click to expand...
Click to collapse
yeah, the keymapping crap...
I found tons of "unpack this apk, edit soandso..." but I wanted to have it changed on a lower level. the remapping should work on most if not all transformers, and be easily portable to anything that has a hardware keyboard...

Rikodu said:
he is retired .... Doesnt reply to any request ...
Click to expand...
Click to collapse
Huh? Wut?????
Considering this is the first "Q & A" post, I will sticky it.
Provided the OP updates and maintains it.
MD

I'm pretty sure the resolution hack can be improved, but it's all I needed for now...
anybody write an app for that?

Moscow Desire said:
Huh? Wut?????
Considering this is the first "Q & A" post, I will sticky it.
Provided the OP updates and maintains it.
MD
Click to expand...
Click to collapse
go for it, it's sinking...
cheers

lpdunwell said:
go for it, it's sinking...
cheers
Click to expand...
Click to collapse
Seeing if you were paying attention..... :good:

lol

Maybe you could explain where to see the build date.
As far as I know its in the serial number after the characters. But in my case (and maybe others) I can´t see a date in 160074 .

done

hard bricked tf701t
Dear lpdunwell,
I have a bricked tf701, only asus logo available and loopboot, fastboot menu is broken as well. Only APX mode working, but I could not find appropriate nvflash for my pad (s I see there is no nvflash currently available for my tab)
In your explanation about bricked device, you wrote that there is possibility to recover tf701?
Please describe what nvflash version should I use to succeed?
Thanks in advance,
stream1313

stream1313 said:
Dear lpdunwell,
I have a bricked tf701, only asus logo available and loopboot, fastboot menu is broken as well. Only APX mode working, but I could not find appropriate nvflash for my pad (s I see there is no nvflash currently available for my tab)
In your explanation about bricked device, you wrote that there is possibility to recover tf701?
Please describe what nvflash version should I use to succeed?
Thanks in advance,
stream1313
Click to expand...
Click to collapse
Sorry mate we don't have nvflash and it is too late for you now anyway If you only have access to APX you are hard bricked. Best to sell it for parts and move on.... Or if you want to revive it send it to Asus to fix at a cost or source a replacement mainboard and do it yourself.

sbdags said:
Sorry mate we don't have nvflash and it is too late for you now anyway If you only have access to APX you are hard bricked. Best to sell it for parts and move on.... Or if you want to revive it send it to Asus to fix at a cost or source a replacement mainboard and do it yourself.
Click to expand...
Click to collapse
Hi man.. Why do you think I have to forget about my toy.. It was my Christmas (New Year in Tbilisi, Georgia, opposite planet side) present to myself But it is all the lyric only
Pls explain - do you really think that for ex., several weeks / months later, smb will create the nvflash or any similar SW which will be able to fix my problem? Actually I believe that until all electronic components are ok, device is not "dead" forever... Why you so pessimistic exactly for 701 transformer tab? Pls if you have time reply me
Kind regards,
Stan

stream1313 said:
Hi man.. Why do you think I have to forget about my toy.. It was my Christmas (New Year in Tbilisi, Georgia, opposite planet side) present to myself But it is all the lyric only
Pls explain - do you really think that for ex., several weeks / months later, smb will create the nvflash or any similar SW which will be able to fix my problem? Actually I believe that until all electronic components are ok, device is not "dead" forever... Why you so pessimistic exactly for 701 transformer tab? Pls if you have time reply me
Kind regards,
Stan
Click to expand...
Click to collapse
the way nv flash works is you need to flash the special bootloader to extract your device blobs and device specific keys. As you haven't been able to do it and you CANNOT do it once you have bricked you will have no chance. How are you going to flash a bootloader that you need fastboot for?
Sorry to bring bad news but if you only have APX with no saved nv flash files (which is not yet avail for our device) then you currently have 0% chance of recovering.

sbdags said:
the way nv flash works is you need to flash the special bootloader to extract your device blobs and device specific keys. As you haven't been able to do it and you CANNOT do it once you have bricked you will have no chance. How are you going to flash a bootloader that you need fastboot for?
Sorry to bring bad news but if you only have APX with no saved nv flash files (which is not yet avail for or device) then you currently have 0% chance of recovering.
Click to expand...
Click to collapse
Thanks a lot for reply (as well as for my another, initial thread reply) I have only CWM backup of my tab, on the MD card. But I do not know, does this backup contain all needed stuff? At list, I did not found there saved nv flash or blob files. Just "blobgenerator" (462Kb) and "blobtester" (370Kb), also some system files with "nv" in the name. But I do not have Idea, does CWM saving the low level loader files, at list I was not able to recognize them there...
my apologize for too many questions as well as for my poor English - it is not my native lang
Kind regards,
Stan

stream1313 said:
Thanks a lot for reply (as well as for my another, initial thread reply) I have only CWM backup of my tab, on the MD card. But I do not know, does this backup contain all needed stuff? At list, I did not found there saved nv flash or blob files. Just "blobgenerator" (462Kb) and "blobtester" (370Kb), also some system files with "nv" in the name. But I do not have Idea, does CWM saving the low level loader files, at list I was not able to recognize them there...
my apologize for too many questions as well as for my poor English - it is not my native lang
Kind regards,
Stan
Click to expand...
Click to collapse
No having CWM backups saved won't help you as you have no way of getting to the bootloader which would then be used to open the recovery so you could restore. WIthout a working bootloader you can't proceed. NV Flash uses APX mode to restore the blobs via the wheelie binary. You haven't captured the blobs to restore and as they are encrypted to your device you can't use anyone elses.
It's a new main board or nothing I'm afraid.

sbdags said:
No having CWM backups saved won't help you as you have no way of getting to the bootloader which would then be used to open the recovery so you could restore. WIthout a working bootloader you can't proceed. NV Flash uses APX mode to restore the blobs via the wheelie binary. You haven't captured the blobs to restore and as they are encrypted to your device you can't use anyone elses.
It's a new main board or nothing I'm afraid.
Click to expand...
Click to collapse
I see, everything is clear. Thanks for your time man. But I beleive that Asus has some kind of "backdoor" for such cases, for internal usage, of course. Asus manifest about "mainboard replacement" probably just for business, normally must be some way to crack this protection. I hope somebody from Asus will share some useful info or even software for public usage... Maybe it's my dreams only, I'm realistic (I'm working as IT/IS/GSM/WCDMA, but I'm so far from programming..)
Again, thank you. Pls notify me in case of any news about K00C hack

Problems flashing CWM recovery
stream1313 said:
I see, everything is clear. Thanks for your time man. But I beleive that Asus has some kind of "backdoor" for such cases, for internal usage, of course. Asus manifest about "mainboard replacement" probably just for business, normally must be some way to crack this protection. I hope somebody from Asus will share some useful info or even software for public usage... Maybe it's my dreams only, I'm realistic (I'm working as IT/IS/GSM/WCDMA, but I'm so far from programming..)
Again, thank you. Pls notify me in case of any news about K00C hack
Click to expand...
Click to collapse
----------------------------------------------------------------------------------------
Sorry I am not yet familiar with how to ask questions.
I recently bought a TF701T having used a TF700T now for two years and before that the TF101, TF201 and TF300T.
All these tabs I installed a recovery: CWM or TWRP and flashed the best ROM I could find. Usually Cyanomod or CROMi-X.
Everything worked fine so I was very excited when I got hold of the TF701T with its incredible Q-ratings and smoothness.
Unlocking worked just fine but installing CWM just does not work: flashing with Fastboot works OK but when I boot into recovery the little green man falls down and stays there
FYI: I am on the latest BL: 10.26.1.28, so newer than the mentioned 10.26.1.18 !
Please could anyone respond ?
Regards, JOTX10 from the Netherlands.

Android on Alcatel Idol 4S Windows edition

Hi everyone!
I was wondering if it's possible to flash android on the Alcatel Idol 4s Windows edition. The reason why i am asking is because i noticed that the TCL 950 (android smartphone) shares exactly the same SOC and specs with the Alcatel Idol 4s and it is actually made by the exact same company (TCL). It is basically the exact same phone, with a different brand on it and a different OS.
So i was wondering, would it be possible to flash the TCL 950 firmware on the Idol 4S windows in order to install Android on it? If yes, did any of you guys had the chance to find the firmware for the TCL 950? Cause i searched for it but didn't have any luck...
Thank you so much in advance!
I saw also that @compu829 commented a while back on the argument

steinwayer said:
Hi everyone!
I was wondering if it's possible to flash android on the Alcatel Idol 4s Windows edition. The reason why i am asking is because i noticed that the TCL 950 (android smartphone) shares exactly the same SOC and specs with the Alcatel Idol 4s and it is actually made by the exact same company (TCL). It is basically the exact same phone, with a different brand on it and a different OS.
So i was wondering, would it be possible to flash the TCL 950 firmware on the Idol 4S windows in order to install Android on it? If yes, did any of you guys had the chance to find the firmware for the TCL 950? Cause i searched for it but didn't have any luck...
Thank you so much in advance!
I saw also that @compu829 commented a while back on the argument
Click to expand...
Click to collapse
I still haven't found the firmware myself. As long as it was signed with the same certificate and windows phone, it should be possible.

compu829 said:
I still haven't found the firmware myself. As long as it was signed with the same certificate and windows phone, it should be possible.
Click to expand...
Click to collapse
After doing some heavy research i managed to find it!! Here it is, the TCL 950 firmware
http://pan.baidu.com/s/1geDBRnt
It is the official firmware directly from TCL i managed to talk with their assistance in China
@compu829 how can i flash this firmware now on my idol 4s??
Thank you so much in advance

@steinwayer I will need to download and extract it. I'll take a look later today.

Thanks @compu829
Did you find anything interesting ?

I'm interested in the possibilities here too. Thanks for your research and sharing it!

steinwayer said:
Thanks @compu829
Did you find anything interesting ?
Click to expand...
Click to collapse
I can't download it. Can you? If so can you put it somewhere like mega.co.nz?
I was able to download the package and re-upload it to mega with some help from my friends. Here is the link: https://mega.nz/#!ITJhjYIS!R_iUZhGZMcslAK_u1wdsJ-7q-0D5ma_KrHl4pu2CPqo
I took a quick look, and it is pretty much all mbn files that the factory would flash during assembly, so you will (most likely) need a copy of QPST. We may also be able to use WDRT to flash it. In either case, flashing will fail miserably if the certificates don't match.

So how would you suggest to do this @compu829?

steinwayer said:
So how would you suggest to do this @compu829?
Click to expand...
Click to collapse
compu829 said:
... In either case, flashing will fail miserably if the certificates don't match.
Click to expand...
Click to collapse
^^^ You probably won't be able to easily. At this point, no one here knows, but as @compu829 stated, if the certificates don't match (which they most likely don't), then you're not going to be flashing it at this point.

Would it not be possible to "force" the flashing of that image? Afer all the devices are exactly the same from an hardware perspective..

steinwayer said:
Would it not be possible to "force" the flashing of that image? Afer all the devices are exactly the same from an hardware perspective..
Click to expand...
Click to collapse
Same hardware != same implementation. There's mechanisms that will only allow certain things to be flashed, while all protections are still enabled on the device. Since it's a newer phone, I imagine qualcomm's security mechanisms are stepped up as opposed to how they are on older SoC implementations.
If anything, it will NOT be an easy feat to accomplish, so I will say no to a way of "forcing" it to flash at the moment.

It makes perfect sense
What i was thinking tho is that probably the two devices have even a different bootloader. Meaning that it would be a total wipe of the entire disk including swap partition and try to flash that rom.
I was thinking: imagine a bricked device, sometimes is possible to wipe out completely the memory on it and just flash the right rom. Sadly i do not habe much experience in mobile devices.. been developing only for desktops for years.
But if you guys manage to accomplish that it would be great.
The alcatel idol 4s is a great phone for both specs and design and is currently EXTREMELY cheap to. Buy on ebay (you can even find it at 100 bucks) mainly because of its OS
Being able to turn it into an Android phone would be an amazing feat

snickler said:
Same hardware != same implementation. There's mechanisms that will only allow certain things to be flashed, while all protections are still enabled on the device. Since it's a newer phone, I imagine qualcomm's security mechanisms are stepped up as opposed to how they are on older SoC implementations.
If anything, it will NOT be an easy feat to accomplish, so I will say no to a way of "forcing" it to flash at the moment.
Click to expand...
Click to collapse
Also, a very important factor is that the phones are made by the same shenzhen manufacturer most likely in the same plant. The only thingthey really change is the logo on the back, which comes later on, and the OS.from aanufacturing perspective it would not make much sense to lock with certificates the devices,slowing quite a bit he manufacturing process.it would have sense if the two devices were to be released in the same country, but in this case, tcl 950 is just available in asia, where idol 4s isnot. How can we verify this certificate thing @compu829 ? We have an Idol 4s

hello @snickler do you think that doing this: https://www.youtube.com/watch?v=Iwkx5CFRFKo
would give me a chance of success?
Also, in case of failure for differente certificates, do you think the process would not even start or would it start and brick my device?
Thanks

Update: I am trying to let QFIL to see my device.
First i put my device in flash mode by shutting it down and then immediately pressing and holding the volume up key. It goes in flash mode. I launch QFIL , connect the phone over the USB port, but the tool does not see my device.. i tried installing several qualcomm usb drivers, but till now no luck.
You guys have any suggestions??
@snickler @compu829 ?
Thanks in advance

It won't work. This is for phones stuck in QDLoader 9008 mode (DEAD MODE) and DLOAD mode. The Sahara protocol only accepts signed programmers that are stored in the UEFI. You also need the exact flashers for the particular phone for it to work as it's specific to the phone's bootloader (which is definitely signed)

snickler said:
It won't work. This is for phones stuck in QDLoader 9008 mode (DEAD MODE) and DLOAD mode. The Sahara protocol only accepts signed programmers that are stored in the UEFI. You also need the exact flashers for the particular phone for it to work as it's specific to the phone's bootloader (which is definitely signed)
Click to expand...
Click to collapse
Which method would you suggest me to try??

steinwayer said:
Update: I am trying to let QFIL to see my device.
First i put my device in flash mode by shutting it down and then immediately pressing and holding the volume up key. It goes in flash mode. I launch QFIL , connect the phone over the USB port, but the tool does not see my device.. i tried installing several qualcomm usb drivers, but till now no luck.
You guys have any suggestions??
@snickler @compu829 ?
Thanks in advance
Click to expand...
Click to collapse
I don't know what QFIL is, but vol up and power will put the windows phone in a flash mode that is compatible with WDRT. This mode is completely different than the Qualcomm mode. You most likely need to intentionally brick your device to enable Qualcomm recovery mode.

steinwayer said:
Which method would you suggest me to try??
Click to expand...
Click to collapse
No method. It's probably not best to randomly try things without understanding the underlying mechanisms and the implications of what could happen in the end.
Honestly, IMO, if you want Android then buy an Android phone. I understand that it would be cool to be able to swap out, but the likelihood of this happening right now is close to zero.

snickler said:
No method. It's probably not best to randomly try things without understanding the underlying mechanisms and the implications of what could happen in the end.
Honestly, IMO, if you want Android then buy an Android phone. I understand that it would be cool to be able to swap out, but the likelihood of this happening right now is close to zero.
Click to expand...
Click to collapse
If only i could put my hands on the software they use at tcl to flash their devices...
This is oje of the reasons why smartphones are still way behind computers. Not much freedom of choice and yet theorically it would be more than possible to allow a certain level of freedom on it

Samsung: worst ever for a power user!

Today I got up real pissed with Samsung for being so restrictive around ROM flashing, rooting, flashing custom firmware or even stock firmware, so wanted to create this post to help anybody considering to get a Samsung phone to stay away from it.
This post is not intended to recommend any specific brand or model of android phone, but to recommend the exact opposite, which brand and model NOT TO EVEN THINK of purchasing.
This post relates to Samsung Galaxy S9 G9600 model which is Snapdragon architecture, but since Samsung is coming up with a bunch of "security features" I tend to think this may be the case for other models as well. I browsed all around XDA and other sources for guides on how to root and install custom roms, and it turns out Samsung manages to have limitations for EVERY step of the way.
Getting a few facts straight
Reference post: https://forum.xda-developers.com/ga.../rom-lineageos-17-1-s9-s9-snapdragon-t4093301
Ok, so there is a solid thread about a custom firmware and looks like several users got hands on it, but they might have been able to get passed though all Samsung security crap before it came out or before it got so tightened up. I'll list below every limitation I found:
OEM Unlock
There is a step where we need to tick OEM Unlock from the phone developer settings, it turns out Samsung has put a 7-day timer for this option to even appear listed to enable. If you do factory reset of the phone, the 7-day timer restarts. There are a few posts around on how to get passed this timer, but to me they were all crap, none of them worked. STRIKE ONE!
Bootloader unlock
After 7-days, we get the OEM Unlock option to appear, at this point you may think: Hurray!! .... WRONG! Now next step is to unlock the bootloader using an utility called CROM Services... And as you may have already guessed, did not work! I'm able to install the apk, but on launch it complains about wrong android version. (Tried with Android 8 and 10) STRIKE TWO!
There are some posts and guides claiming to be able to unlock bootloader by using fastboot utility, I can't reach to understand how, since fastboot commands rely on the bootloader to be previously unlocked (?). I least that is my understanding, correct me if wrong. Needless to say fastboot did not work for me. ADB lists my device but fastboot doesn't. There are a few troubleshoot guides around to try selecting proper USB driver from windows device manager, tried all that, tried a couple of ADB installations, fastboot didn't work.
Knox and RMM state
After some lookup in the web, Samsung incorporates some security features trying to prevent device theft and such things. For us power users this is in reality just a whole load of crap preventing us to get all the juice out of our phones.
Reference: https://www.goandroid.co.in/unlock-bootloader-of-galaxy-s9-plus-snapdragon/84688/
TWRP Recovery
Next step would be to flash a custom recovery such as TWRP with Odin or adb/fastboot, but since we are not able to unlock the bootloader in previous step, this is not doable at all. STRIKE THREE! OUT!
Fastboot utility doesn't recognize the device in download mode, so we can't send any commands to the phone.
Odin complains it is only able to flash signed stock roms, so since TWRP is not, we cannot flash it.
Rooting
Needless to say that if we don't have TWRP, we cannot flash the corresponding packages to root. Although this step may not be needed to install custom firmware, rooting has not been possible.
Stock ROM Flashing
Ok, so let's stay out of custom firmware - let's play around with stock firmwares. At this point, since flashing stock firmwares is kind of allowed by Samsung I was able to try out a couple from android 8 to 10 with Odin
Stock ROM Source: https://www.sammobile.com/samsung/galaxy-s9/firmware/#SM-G9600
But watch out! Once you get to install a specific build version, you cannot go back or downgrade to ROMS with previous Android build version. So now that I got Android 10 cannot go back to 8 or 9, this is probably because locked bootloader and unable to unlock. Here, Odin complains with FAIL! (AUTH) message.
STRIKE FOUR! EVEN OUTTER!
SIM Unlock
Ok, let's stay out of Samsung S9 G9600 model, let's crash it to the wall and throw it away to the garbage! Ok no, let's have it carrier unlocked and sell. Unlockbase is a well known and trusted sim unlock provider, I purchased a license to unlock by USB cable, but... GUESS WHAT! G9600 is not supported for unlocking operator network with this software... what a surprise!! I was able to apply for a refund and got my money back, so no worries here.
Note that flashing carrier free ROM does not unlock sim to use with any network operator.
I'll be trying to unlocking by code soon, as this is based on IMEI number, I may think this is independent to the phone model and edition, so I hope I have more luck with this option.
Conclusion
G9600 is a really crappy phone to mess around with. I may have ran low on luck with this specific Samsung Galaxy model since I got it as a gift, which is the latinamerican crappy edition. I wonder if other S9 editions and other Samsung models run with better luck than mine on this scenery... But as a lesson to myself, I will stay away of any Samsung smartphone in the foreseeable future.

OEM Unlock
The 7-day lock prevents stolen phones from being factory reset, leaving the thief with a phone permanently protected by your account. While a minor inconvenience, it's actually effective and not the worst compared to other manufacturers.
Bootloader Unlock
After OEM Unlocking, flashing TWRP through ODIN is effectively unlocking the bootloader. This is possible on both exynos and snap.
Knox and RMM
While this is an inconvenience, from Samsung's point of view, it's worth it. It makes the phone look more secure in the eyes of potential customers. If you really wish for NFC payments, I'm still able to use GPay with Magisk on a custom ROM.
TWRP Recovery
TWRP is flashed through ODIN, not fastboot. Look up an actual guide before complaining.
Root
Yes you can
Stock ROM Flashing
The one thing I could agree on with you is Samsung disabling OTA updates when OEM unlocking. I don't see the point really, but you're free to flash whatever you want through ODIN. Downgrading shouldn't be an issue. Not sure what's up with that.
Before buying a phone, how about you do some research before crying on forums. As a power user coming from the Oneplus One, I don't regret going for Samsung in the least.

Thanks for your reply, I had dropped all hope after several attempts over last few weeks. Found this option and I was able to get past my blocking issue with TWRP and moved on.
https://forum.xda-developers.com/ga...er-development/g9650zhu6dta7-android-t4051751

I have G960F and have to admit I totally disagree with your original post. I've been using custom ROMs on nearly every phone I ever had and don't think S9 (G960F) is bad in terms of unlocking. Just did an OEM unlock, waited a week, flashed TWRP through Odin, booted straight to TWRP and immediately flashed a custom ROM from it (because a boot to the stock ROM would replace TWRP back with the stock recovery IIRC). In the end I got sick of all the problems with Magisk and non-working google pay that I went back to the stock ROM - making S9 the first phone I use with a stock ROM even though it can be flashed. I think it's a great phone for power users.
And as far as SIM unlock goes - Samsung is not to blame, the carrier the phone was made for (and purchased from) is. Phones that Samsung itself sells are unlocked. I wonder why there's still some countries where SIM locking remains legal.

This thread is a prime example of how people end up with bricked devices. So much misinformation in one page LOL

I had the 9650 and most of what I'm doing here is user error. This was one of the best devices I've ever owned. I mention of fast boot and such you obviously just do not know samsung devices. You can't blame samsung on your own ignorance

How To Guide FYI: NE2217 T-mobile (Carrier locked, BL locked) <== Dont Flash Any Other Region w/o reading.

!!! This is a HIGH RISK method of performing any form of modification, if you are on a T-Mobile ne2217 !!!
There are unidentified files that your device might have conflict with, and cause a bootloop!
Proceed at your own risk! You have been warned!​
OK, first lemme explain. The NE2217 (10 pro) itself does not have any special restrictions on it, unlike the CPH 2419 (10T) which is an exclusive T-Mobile variant. My guide on region swapping the CPH2419 (10T, link below) is still valid for the NE2217 (US- NA) . But there are conditions required or you will enter an infinite bootloop which becomes un-recoverable, without an edl flash. I do not have the specifics as to exactly which partitions cause this, but basically the bottom line is, IF YOU HAVE NOT UNLOCKED YOUR BOOTLOADER, EVEN IF YOU ARE SIM UNLOCKED, do not attempt to region swap.
There are a couple of partitions that are specially locked, that ONLY become write capable using the fastboot command, "Unlock Critical". Without a Bootloader unlock, the Oxygen Updater/Local Update programs, CANNOT make the needed changes to the Kernel, as well as these other important partitions, which have instructions that implicitly block changing to other regions. I cannot confirm if this exists in other countries with carrier locks, but i do know for a fact that T-Mobile has this enforced on all of the 10 Pro (ne2217) purchased through them.
As mentioned in previous threads that ive replied in, I suspected that the apps Oxygen Updater and Local Update, do not have the permissions capable to make direct changes to the boot.img, or recovery.img directly, primarily because those partitons cannot be altered while the system is currently running. These images can only be altered through Fastboot, or EDL thus the need for an MSM Tool if you cannot unlock your bootloader via conventional methods. So what happens is upon "Pre-boot" those special instructions i spoke of, take authority and put the carrier specific files, into an untouchable state that are locked behind the USERDATA partition, so these applications just copy the updated files to the inactive partition and performs the changes during the next boot, and even a hard wipe factory reset does not have the authority to erase the carrier instructions. The only way they are removed is by Unlocking your Bootloader! When you do that, the Qualcomm Processor has an embedded command, which is required to ERASE the entire Userdata partition, to protect the encrypted files protected by the bootloader lock! You can read about that by googling "Qualcomm Bootloader Unlocking".
Hope that makes sense to the majority of you. So again, the ONLY requirement for you to be able to go from 'ne2217', to any other fw is YOUR BOOTLOADER MUST BE UNLOCKED!
Failure to follow that one requirement will indeed force your device into an unusable, infinite bootloop, which can be resolved only by an EDL flash, which as of right now we do not have the tools that can perform this on CONSUMER level. You will have to RMA, your device, or go thru third party channels, which in itself is very risky, and puts you at risk of viruses/malware/wormholes/zombie-apocalypse because you must give someone full access to your computer remotely, and pray that the person only does what you requested. (NOT IDEAL).
Now if you're on a T-Mobile locked device, you are NOT hopeless... as I am on a T-Mobile locked device, and i am now bootloader unlocked as well! These two conditions are independent of each other, but trust me when i tell you that YOU DO NOT WANT TO GO THRU WHAT I HAVE EXPERIENCED, IN ORDER TO REACH THIS GOAL!
In so I will not publicly disclose how i was able to enter the real Fastboot Mode, so that i could pull the unlock code needed to request the unlock token from T-mobile.
(If you are so inclined to do this that you are willing to forgo ALL precautions and risk the possibility of bricking your device, or you have already landed yourself in an unrecoverable bootloop state, and are willing to try ANYTHING, you can join Bootloopers Anonymous, by clickiing it, and drop a message. This is a brand new telegram channel, and i will try to watch it for your requests. And again i strongly advise that you DO NOT embark on MY adventure, but if Unlocked Bootloader by Any Means Necessary is your ultimate goal, and nothing less is acceptable, i will try to help you achieve it... *** YOUR DEVICE WILL ENTER A COMPLETELY UNUSABLE STATE FOR A MINIMUM OF 7 DAYS!! *** but bear in mind that EVEN IF you have to use my method, you will be still subject to the 7-day waiting period outlined by OnePlus company policy. No one can overcome that, as the unlock token comes thru a separate division of Oppo/Oneplus that only generates the token through an automated request which is pushed after the expiration of 7 full days (1-week) has passed. YOU HAVE BEEN WARNED!)
The 10-Pro doesn't require the "In-Depth Testing" app to get your BL unlocked. That said, it also does not mean that OPPO has not designed one for this device because indeed they have. That application is individually encoded with device specifications so that only devices and regions EXPRESSLY AUTHORIZED by Oppo, can submit a request to unlock. DO NOT TRY sideloading any "In Depth Testing" apk floating around on the internet, as these can be altered to contain malware or worse, and then if your device becomes corrupted by it, Oppo can deny you an RMA on your device, thus charging you for the repair as there are warnings that you must acknowledge to even run the app, and attempting to circumvent the safeguards that this app already has in place is considered a violation of ToS.
If OPPO adds your device/region to the list of allowed devices, you will be able to download this application through OFFICIAL channels, and it will be made known to the public.
Once you are completely knowledgeable that your BL has indeed been fully unlocked, you can proceed to follow the instructions in the link to my guide below. The guide is for the CPH2419 (10T), but the instructions are completely compatible with the 10 Pro entire series, assuming your BL is unlocked. On the 10T this is not a requirement, and i honestly do not understand why this enforcement was put into our 10 Pro model, released almost a year earlier. Probably just an oversight by T-Mobile which might be corrected in future builds.
How to use Oxygen Updater + Local Update apks to switch regions.

EDIT: Local Update downgrade it currently installing
No Go, The update installed and downgraded but it just loads to the welcome screen and crashes and boot loops

supercobaltss said:
EDIT: Local Update downgrade it currently installing
No Go, The update installed and downgraded but it just loads to the welcome screen and crashes and boot loops
Click to expand...
Click to collapse
again, what most ppl are failing to do is follow my guide exactly as i defined. The VERY 1st thing you MUST DO... prior to unlocking the Bootloader... Prior to even downloading ANY rollback packages is, you MUST go and Download ANY of the Android 13 beta updates that are available in Oxygen updater. Turn on advanced mode, and select the whichever model you prefer... Its actually best to choose the region you plan on swapping to, for easier transition with the rollback package. IMHO i would always pick the EU model whenever attempting this, simply because that one usually has more bands available. But the main idea behind this is to make the phone, first BREAK the connection it has with T-Mobile's custom kernel, and modem... which is done just by upgrading to an Android 13 beta, as T-Mobile does not EVER release any beta builds, so by doing an actual OS upgrade, your phone must load the OS kernel, and several other partitions/files which i am sure that T-Mobile has branded in the 2217. Upgrading to a newer OS will without a doubt overwrite the carrier locked files, because the Upgrade comes from a higher authority in the chain of trust. Until TMO releases an update, then this is a requirement so that the rollback package of that region can safely downgrade the files, in their correct partitions. If you download a beta 13 thru oxygen updater, you can local update flash it, without problem. I did it myself to several demo devices at Tmobile stores here in Texas to test the technique, after i bricked mine by using a rollback package first!
Remember the 2217 is a T-Mobile EXCLUSIVE! No other carrier may sell this same model... but ALL of the internals are the exact same, and as im sure we are all well aware of, T-Mobile doesnt have the fastest adaptations when it comes to OS updates.
But there are several key identifiers which point to a custom made BL, Kernel, and Modem: 1. The build for all T-Mobile versions is on a revision that no other model has released... This alone could cause BL because if you flash a build that is older than the one you have currently, several files have anti-downgrade measures built into them. This is why we need the signed rollback packages to downgrade. But even if OPPO signed a rollback, unless they released one with T-Mobiles file specs, then anything you flash can create a conflict with an existing file... BL! But i know of about 13 ppl who have attempted my method, plus i just did another one myself last night for someone who contacted me and offered to compensate me royally if i would meet them since we were local logistically. 2. AFAIK, when installing a different rom to a device, you cannot downgrade the modem version. I know this is apparent with Samsung... as if you try to flash a rom with a lower modem version, it usually bricks, and you have to use odin to flash the newer modem back, in order to boot. Again this is taken care of by installing the NEWEST beta for Android 13, unless you had my situation which is, my phone CAME WITH updated security, and build already installed for October 2022. I havent heard of anyone who has said they even have the option to update theirs past August. So new purchases have to be careful. T-mobile sold mine with a blocked Fastboot, that doesnt respond to the button combo. Which clearly identifies they modified the recovery partition. 3. E-fuses have become a staple in Android devices for the past 5+ years.
Sure we have not heard of anything being in the T-mobile fw... but also who here can say that they have a FULL BUILD of the Tmo fw to examine? No one.... there is a generic 2217 build floating around that claims to be official, yet it is the ONLY build that does not have an OTA formatted file structure. All the 10 Pro OTA have been in payload.bin format, yet this happens to come only as a decrypted OFP, or a compressed OFP. *** OPPO is not directly supporting the 10 Pro 2217 or 10 T 2419 ! As these are proprietary T-Mobile builds. This is why you cannot find either of those models fw in the Oppo repository. So if OPPO doesnt release builds for TMO, then how exactly did an "Official 'OFP' for 2217" get released? *** OFP is an Official OPPO format for all the OPPO model phones. 10 Pro is still branded Oneplus, thus just about any OFP file you find in the wild, is almost 100% guaranteed NOT to be an official released build for our phones. Every package for this and the 10T that they have OFFICIALLY released, has been in Payload.bin format, because they havent released any full images yet! So in theory, who's to say that TMO didnt place an efuse into their specific model? Its only code, and if set, then it could have been burned during the initial release, or a later update, like AMAZON did with updates to the Firestick/FireTV devices, which would ONLY allow newer updates to certain files in THEIR build. That would totally explain a bootloop, because the rollback packages all push you back to 11_A.013 .... that build is from Feb-March 2022. Rolling back would almost guarantee that some files are overwritten with older components, which would cause a brick by e-fuse standards. We had to be lucky enough to catch it early in the FIrestick forum, to stop ppl from installing the update. Everyone who did, had their ability to unlock/load custom fw to their devices blocked, and there is still today no way to circumvent it. Sure new methods to mod became available, but only minimal changes, cuz the e-fuse blocked downgrading to exploitable builds. Since TMO has gone this far to stop us from modifying this phone, you can bet solidly on the fact that they have several safeguards in place to protect their investment.
Now im not trying to discourage anyone or discredit anything anyone has said or experienced regarding this phone, but look at the NUMEROUS unanswered replies to handfuls of problems that only happen to 1 or 2 ppl... they all have the same final result, but its astounding how many different scenarios ppl have found, that no one else has experienced, yet it leads to another bricked device. If this problem was rampant among a significant number of users, and it was triggered by the exact same scenario, then TMO would have to address it with an update... But all we know for sure is that there is some file(s) that is not compatible with any other model except the 2217. Til we have an EXACT culprit identified, all we can do is speculate, which is why I am going to re-label this as HIGH RISK in the OP. It has about a 40-50% chance of causing a bootloop, and about a 10% chance to leave your device unresponsive! There have been several released guides for other devices that have close to the same success rate / risk factor. All i can do is share what I have done, and what i know from personal exp.
Im sorry if anyone lands themselves on the wrong side of that equation, but it is a risk that only you can decide if its worth taking. For me, that answer is and always will be YES because i will not own a device that i do not OWN! For others this may be a touch more out of their league, and if thats true they should steer clear, until I or another user can get hold of an official TMO OTA, to examine the diff files in each.
****** Now all of that being said.... if ANYONE wishes to contribute to finding a solution to this dumpster fire, I am not asking for donations.... What i am asking, is for SOMEONE who might have a T-Mobile 10Pro on the release build, or any build PRIOR to 11_A.13 and is looking to help, we NEED an exact copy of an OTA update that might be sitting in your notifications. All updates download to the /sdcard/ partition of your phone in a folder that is accessible without root permissions. If you accept the download for the update, and DONT begin the install immediately, you can locate and pull that OTA to your computer, then delete the file from your phone, and it will cancel the update on reboot. No loss to you, but EXTREMELY HELPFUL to us, because we will have something from TMO to work with, which may give us a clue as to what we need to remove from the updater script ! *******
and FYI the signatures used to sign some of the OTA we already have, are already deciphered and as such can be used to create new signatures after making some changes to the respective regions package. But to make having these be of any value, we need to know what to take out or change in the manifest, that will prevent alterations of the files causing bootloops. If anyone can help with an upload of a TMO-OTA please share publicly or dm myself or one of the other devs who have expressed interest in this issue.
Thanks

I can probably pull the update from my wifes phone. She never updates anything. I did get my 10 pro to boot to android 13 but everything just says its disabled. This is only the 3rd phone ive done this with so ill warranty another one if i have to lol.

supercobaltss said:
EDIT: Local Update downgrade it currently installing
No Go, The update installed and downgraded but it just loads to the welcome screen and crashes and boot loops
Click to expand...
Click to collapse
Yup, this happened to me as well. Setup wizard crashes before I even get very far in it, and I've wiped multiple times trying to complete it somehow.

GuyInDogSuit said:
Yup, this happened to me as well. Setup wizard crashes before I even get very far in it, and I've wiped multiple times trying to complete it somehow.
Click to expand...
Click to collapse
Ive tried to convert multiple different ways. Upgrading to 13 basically screws you with the disabled apps BS, Downgrading just crashes the device. Either way its broken. I've went through 3 devices now messing around.

So I guess it's time to replace it, then? Crap.

GuyInDogSuit said:
So I guess it's time to replace it, then? Crap.
Click to expand...
Click to collapse
Start a RMA on OnePlus website, don't go through T-Mobile. They will have you send in phone and then either reflash your phone and send it back or just send you a new phone which is what they did when I had to do it. All that bs about voiding warranty when unlocking bootloader is just that, bs. They fix or replace without any issues but you have to go through OnePlus.

FML.
I've gotten it working for the most part, but what's most concerning is that there's no IMEI. And it doesn't charge or even acknowledge the cable. Fantastic.

jeffsga88 said:
Start a RMA on OnePlus website, don't go through T-Mobile. They will have you send in phone and then either reflash your phone and send it back or just send you a new phone which is what they did when I had to do it. All that bs about voiding warranty when unlocking bootloader is just that, bs. They fix or replace without any issues but you have to go through OnePlus.
Click to expand...
Click to collapse
I can't even request an RMA as I don't have an IMEI to provide. It's blank in the phone. I think I'm screwed. Or try T-Mobile. Dunno. This sucks.

GuyInDogSuit said:
I can't even request an RMA as I don't have an IMEI to provide. It's blank in the phone. I think I'm screwed. Or try T-Mobile. Dunno. This sucks.
Click to expand...
Click to collapse
The T-Mobile version has your IMEI sketched into the back cover of your phone. You should be able to use that.

jeffsga88 said:
The T-Mobile version has your IMEI sketched into the back cover of your phone. You should be able to use that.
Click to expand...
Click to collapse
Oh. Uh.... completely forgotten about that.

I just updated to Android 13 on the TMO NE2217, device not unlocked, still financed. And now have the option to unlock the BL.

beatbreakee said:
All updates download to the /sdcard/ partition of your phone in a folder that is accessible without root permissions. If you accept the download for the update, and DONT begin the install immediately, you can locate and pull that OTA to your computer, then delete the file from your phone, and it will cancel the update on reboot.
Click to expand...
Click to collapse
Is this still useful, with the NE2217_11_C.26 update? And either way, how can I delete it? I couldn't find anything big in /sdcard. Thanks!

deleted

psm321 said:
Is this still useful, with the NE2217_11_C.26 update? And either way, how can I delete it? I couldn't find anything big in /sdcard. Thanks!
Click to expand...
Click to collapse
^
^
^
^
^
THIS Please my phone ignored my saying no and next reboot the damn thing will go off on me ... so frustrating that even when you set the darn thing to OFF on auto update and such it STILL does this BS...
Damn TMobile and their special lock junk UGH ...
anyway ... please can one direct with a screen shot and file manager they used to find this file so I can delete the thing? ... I have tried to find it and struck out ... but having got the notification today and the Oxygen app is showing 'REBOOT' instead of 'resume' when I ignored the update previously has me thinking if I reboot I will see android 13 pop up and in this case means I will lose my whoop as something with it breaks pairing my wearable ... whoop has offered no timetable for a fix

Google Pixel 5 downgrade to install /e/os

Hi,
for my Google Pixel 5 I want /e/os/.
Two instructions how to accomplish this. To flash /e/os onto a Google Pixel 5, the smartphone need to have Android 12.
My Google Pixel 5 has Android 13 (I received a New Old Stock device in a unopened box with Android 13. So no tinkering
beforehand.)
I found this archive of Android 12 images - all for the Google Pixel 5 and all Android 12:
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
How can I determine and choose the correct image to flash?
Cheers!
Etymotics

12.1.0 (SQ3A.220705.003.A1, Jul 2022) is going to be the latest android 12 build which should be compatible.

Hi noidea24,
thank you for your post and the information. That helps me a lot - I was confused by the shear amount of images.
Do you know a thread which may have the things I want to achieve as topic ? I tried to search with keywords
like "Google Pixel 5 /e/os" and similiar, but it looks like the search found all threads containing GOOGLE *and* all threads with PIXEL *and* all....and so forth. I would need a second search engine to skim through the results...\
Cheers!
Etymotics

What are you looking for specifically? There's not really much info on e/os on the pixel 5. It works well, but the development is slow. Why e/os over similar projects with updated android versions like Graphene, Calyx, Copperhead?

e/os is not daily drivable, recommend not to install.

e/os was recommended to me by Marcel Bokhorst, the author of XPrivacy.
But as it seems, I had bad luck with the phone I bought:
The "OEM unlock" is greyed out and I know of no way to unlock the bootloader.
It currently runs on Android13 and last update was Dec. '22.
My intention behind all this was to have a de-googled phone because I [CENSORED] this
tracking and spying and "owning" a device, which I cannot control to 100%.
Anything else I can do to achieve this?
PS: My phone may be is one of these [CENSORED] Verizon devices. It was originally packaged
and as it seems never used before...

Where did you buy your phone? Ebay? A retailer?
Is there a keyword "Locked" or "Unlocked" anywhere on the website?
If the product listing didn't mention anything about it being carrier locked, I suggest requesting a refund or a replacement.
The "OEM Unlock" greyed-out is most definitely due to it being a carrier locked device and you're out of luck.
Also, if you truly want a de-googled OS, I recommend Graphene OS. https://grapheneos.org/

Etymotics said:
e/os was recommended to me by Marcel Bokhorst, the author of XPrivacy.
But as it seems, I had bad luck with the phone I bought:
The "OEM unlock" is greyed out and I know of no way to unlock the bootloader.
It currently runs on Android13 and last update was Dec. '22.
My intention behind all this was to have a de-googled phone because I [CENSORED] this
tracking and spying and "owning" a device, which I cannot control to 100%.
Anything else I can do to achieve this?
PS: My phone may be is one of these [CENSORED] Verizon devices. It was originally packaged
and as it seems never used before...
Click to expand...
Click to collapse
Not to give you false hope but did you connect to wifi on your first time through setup? If you don't, OEM unlock will be greyed out, regardless.

Hi Alex,
(NOT meant as any form of criticism or complaint... )
...I am a little confused here.
Other posts (not necessarily on this forum...can't remember) say: "Pull out the simcard, disable Wifi and DON'T contact anything, only skip through the setup..."
At the moment I only have a simcard of the wrong size...but I enabled Wifi but did not update anything in fear of getting an even stronger patch to disable any form of tinkering.
But as I am still having a locked "OEM unlocking" and a locked bootloader I am open for any kind of tinkering to get
this damn thing freed.
Would these steps ok:
Start the phone,
Setup lockscreen, dark theme, etc..
enable Wifi and download all updates, install updates
Ok? Or what would you suggest?
Cheers!
Etymotics

Etymotics said:
Hi Alex,
(NOT meant as any form of criticism or complaint... )
...I am a little confused here.
Other posts (not necessarily on this forum...can't remember) say: "Pull out the simcard, disable Wifi and DON'T contact anything, only skip through the setup..."
At the moment I only have a simcard of the wrong size...but I enabled Wifi but did not update anything in fear of getting an even stronger patch to disable any form of tinkering.
But as I am still having a locked "OEM unlocking" and a locked bootloader I am open for any kind of tinkering to get
this damn thing freed.
Would these steps ok:
Start the phone,
Setup lockscreen, dark theme, etc..
enable Wifi and download all updates, install updates
Ok? Or what would you suggest?
Cheers!
Etymotics
Click to expand...
Click to collapse
If you're not going to lose data or your not afraid of it, I would:
Factory reset without sim card in
When phone reboots, start setup
Don't put sim in but do connect to wifi
Skip through setup if you want and check if oem unlock is available
I'm not sure of the instructions you have, maybe that's what people believe for Verizon phones but you're not sure if you have one, correct?
Here's my experience:
I have several pixels, all unlocked. If I flash back to stock firmware and skip through setup without connecting to wifi, OEM unlock is greyed out. If I connect wifi on the first time through, it's available.
I've also heard this in tech videos. However, it won't work with Verizon phones. But if yours isn't Verizon, this could be the reason you're not able to unlock.

Hi Alex,
thank you for all your help! By the way: Are there any definite proofs for "my smartphone is a Verizon one" ?
I will try what you wrote and will be back with the result.
Two things came into my mind:
- Shall I install updates/upgrades if offered?
- Would downgrading (if even possible) via Chrome and the "Flash" feature on the Google page with all these images help, if I have a Verizon jail?
Cheers!
Etymotics

Etymotics said:
Hi Alex,
thank you for all your help! By the way: Are there any definite proofs for "my smartphone is a Verizon one" ?
I will try what you wrote and will be back with the result.
Two things came into my mind:
- Shall I install updates/upgrades if offered?
- Would downgrading (if even possible) via Chrome and the "Flash" feature on the Google page with all these images help, if I have a Verizon jail?
Cheers!
Etymotics
Click to expand...
Click to collapse
There may be a way but I'm not entirely sure, perhaps Google well help. I do seem to remember something about the IEMI but that may have been older models.
I wouldn't upgrade anything after setup and it shouldn't offer anything during.
As far as I know, downgrading won't help but I don't think you could from the Google page, as it requires an unlocked bootloader

Hi Alex,
I will try, what you wrote without updating anything ... will be back then...

Hi Alex,
no...unfortunately it does not help to connect to wifi...the "OEM unlock" is still grayed out.
Now....I wanted a de-googled phone to keep my privacy...instead I got a phone which is the
exact opposite. Unfortunately the cost of that thing remains the same...
Anything else, I can try?
Cheers!
Etymotics

Last week-end, i was abble to downgrade a Pixel 5 from A13 to A12 following this page
Navigate this article:
Downgrading your Google Pixel smartphone to stable Android version
Method 1: Leave the beta program
Method 2: Manual downgrade
Using Android Flash Tool
Using Fastboot
choose method 2 : fastboot (at the end of the article)
https://www.xda-developers.com/how-...rom-beta-developer-preview-to-stable-android/
and install e-1.10-s-20230412278810-stable-redfin according to the official instructions https://doc.e.foundation/devices/redfin/install

Hi Piero-e
That sounds very interesting. Did you unlock your bootloader before starting the procedure?
Did you change the bootloader of you device to another one?
Cheers!
Etymotics

Yes, i first unlock the bootloader (using the WiFi connection to another phone)
And flash bootloader and modem,
Then unfortunately my computer don't find the flash-all command, so I used the Gogol online tool to flash the others partitions