Hi all,
I recently got a HK N7105 and because it lacked the possibility to use a french keyboard I upgraded to a stock unbranded ROM from Sweden (XXDLL1) and succesfully rooted with the relevant CF_autoroot through Odin. Also installed TWRP 2.3.3.1.
Then, I connected the Note 2 to my corporate exchange server which enforced a full encryption policy (device and external SD card) so I had to type in a password at each boot time (with a "nice" swedish prompt that took ma while to decypher), plus a password to unlock the screen. All was well as the root survived the process.
Next I upgraded to a later stock ROM from France (XXDLL4 from SFR) to try and get rid of the swedish prompt. That worked fine (and root was loast in the process, as expected) but I hated the branded stuff so much I reverted to XXDLL1 until a proper unbranded "english" or "french" ROM is available.
At this point I decided to root again. I was running XXDLL1 like the first time and used the same autoroot tar from Chainfire. Except my Note 2 was still encrypted and after that it would not accept my boot password (a four digit PIN) anymore so I was guted and had to factory reset and root then reinstall everything before reconnecting to the exchange server.
Question 1: Does anyone know of a safe, proven way to root a fully encrypted Samsung device so I can go another upgrade without having to wipe the device first?
Why reinstall everything? Why not backup everything first so you can restore after the wipe? Well, it so happens that no recovery (at least neither CWM or TWRP) can read any encrypted media on the Note 2 at the moment. And no Recovery can actually fully backup the device as well.
Question 2: Does anyone know of a proper way to handle this situation with minimum hassle?
So far, the best I can think of is doing a Titanium backup and FTP the files to my NAS so I can retrieve them later. But (Question 3) will this be enough to restore my phone to the expected state after a stock firmware upgrade?
Thanks in advance,
François
frankieGom said:
Hi all,
I recently got a HK N7105 and because it lacked the possibility to use a french keyboard I upgraded to a stock unbranded ROM from Sweden (XXDLL1) and succesfully rooted with the relevant CF_autoroot through Odin. Also installed TWRP 2.3.3.1.
Then, I connected the Note 2 to my corporate exchange server which enforced a full encryption policy (device and external SD card) so I had to type in a password at each boot time (with a "nice" swedish prompt that took ma while to decypher), plus a password to unlock the screen. All was well as the root survived the process.
Next I upgraded to a later stock ROM from France (XXDLL4 from SFR) to try and get rid of the swedish prompt. That worked fine (and root was loast in the process, as expected) but I hated the branded stuff so much I reverted to XXDLL1 until a proper unbranded "english" or "french" ROM is available.
At this point I decided to root again. I was running XXDLL1 like the first time and used the same autoroot tar from Chainfire. Except my Note 2 was still encrypted and after that it would not accept my boot password (a four digit PIN) anymore so I was guted and had to factory reset and root then reinstall everything before reconnecting to the exchange server.
Question 1: Does anyone know of a safe, proven way to root a fully encrypted Samsung device so I can go another upgrade without having to wipe the device first?
Why reinstall everything? Why not backup everything first so you can restore after the wipe? Well, it so happens that no recovery (at least neither CWM or TWRP) can read any encrypted media on the Note 2 at the moment. And no Recovery can actually fully backup the device as well.
Question 2: Does anyone know of a proper way to handle this situation with minimum hassle?
So far, the best I can think of is doing a Titanium backup and FTP the files to my NAS so I can retrieve them later. But (Question 3) will this be enough to restore my phone to the expected state after a stock firmware upgrade?
Thanks in advance,
François
Click to expand...
Click to collapse
I think using Exynos Abuse apk will do the work
http://forum.xda-developers.com/showthread.php?t=2050297
Thanks for the heads up, I'll look into it. But to be clear, that answers question 1, correct?
Sent from my GT-N7105 using xda app-developers app
frankieGom said:
Thanks for the heads up, I'll look into it. But to be clear, that answers question 1, correct?
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Yes that's a way to root the device.
Regarding encryption, very few people on xda seem to use it. So for that reason you'll have trouble finding out what works... I do use it though through choice so I can help you a bit.
When you encrypt the device, just consider /data to be off limits to anything not booted fully. That's why it asks you for your key in swedish - it can't see what language is in use until you unlock /data.
You will have issues using recovery with the device, since they can't read /data. You can use an external sd to perhaps load data to the device though.
I believe that TWRP might soon support the Samsung encryption on the device, meaning you could use it as recovery. Once you have a recovery that supports Samsung encryption, you should be able to consider it a fairly normal device.
Just be more cautious to backup your data as it is hard to recover if something goes wrong...
If your using stock rom 4.1.2, exynos abuse method of root will not work. It's been patched
Sent from my GT-N7100 using xda app-developers app
pulser_g2 said:
Yes that's a way to root the device.
Regarding encryption, very few people on xda seem to use it. So for that reason you'll have trouble finding out what works... I do use it though through choice so I can help you a bit.
When you encrypt the device, just consider /data to be off limits to anything not booted fully. That's why it asks you for your key in swedish - it can't see what language is in use until you unlock /data.
You will have issues using recovery with the device, since they can't read /data. You can use an external sd to perhaps load data to the device though.
I believe that TWRP might soon support the Samsung encryption on the device, meaning you could use it as recovery. Once you have a recovery that supports Samsung encryption, you should be able to consider it a fairly normal device.
Just be more cautious to backup your data as it is hard to recover if something goes wrong...
Click to expand...
Click to collapse
Fine, I understand. As long as I have a way to recover my data if I need to wipe I'm okay... I just have to hope Titanium backup gives me that until TWRP can manage encruption on the Note 2.
I'm really waiting for a stock rom that boots in English or French now.
Sent from my GT-N7105 using xda app-developers app
vash_h said:
If your using stock rom 4.1.2, exynos abuse method of root will not work. It's been patched
Sent from my GT-N7100 using xda app-developers app
Click to expand...
Click to collapse
Not the case with xxdll1. When was it patched, xxdll4 or xxdll7?
Sent from my GT-N7105 using xda app-developers app
frankieGom said:
Not the case with xxdll1. When was it patched, xxdll4 or xxdll7?
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
I am on Stock 4.1.2 and Exynos Abuse did work on my device, it's successfully rooted using the Exynos AbuseAPK on 4.1.2 :good:
OK, now I have been experimenting a bit with backups and upgrade and have trouble restoring my device fully. Let me explain...
I got hold of a TWRP build that seems to handle Samsung encryption fine through one of the TWRP devs (thanks!), so I decided to go back and try to update my device.
Current ROM: N7105XXDLL1_N7105TLADLL1_N7105XXDLK7_HOME.tar (obtained from Samsung Updates)
New ROM: N7105XXDLL7_N7105OLBDLL2_N7105DXDLL1_HOME.tar (obtained from Samsung Updates)
First I performed a complete Titanium Backup on the device and pulled the files to my laptop using ADB.
Then I restarted into TWRP 2.4.0.0 (got a prompt for my password), performed a full backup and pulled the files to the laptop using ADB.
(for some reason, I could not install the new ROM from TWRP (unable to open ZIP), but the ZIP looked OK, as well as after a second download which TWRP since did not like, so I had to use Odin instead).
Next, I flashed DLL7 with Odin. It worked, asked for the password at boot, but the device was unrooted at this point (I expected that).
Then, I flashed CF-Auto-Root-t0lte-t0ltexx-gtn7105.tar from Odin, but the boot up password would not be accepted anymore as I already knew.
Tried to flash DLL7 again from Odin, same thing
Flashed TWRP back on recovery partition, but on startup it would not ask for password anymore and the external sdcard looked empty to it.
I then copied my backup to a different, non encrypted sdcard and could restore from TWRP but the password would still not work after reboot.
I did a factory reset, restored backup, same result.
At this point I decided to factory reset, wipe Dalvik and format /data. The format did the trick and after TWRP restore of my original back up the device booted up, did not ask for password and all my data was there. Except the Exchange account I use for Corporate email wants me to restore encryption in order to work (I expected that too).
Back at DLL1, so I flashed DLL7 again with Odin (OK), rooted the phone, triangled away the flash counter and reflashed TWRP to recovery.
I was where I wanted to be except for one thing: I need to restore Corporate access. But when I let it encryp the phone it does nothing. I let it through the night and nothing). And if I reboot the phone no password is needed at boot time, yet the phone seems to behave as if it thought the device was still encrypted...
I reflashed my original, full, backup (i.e DLL1) succesfully but Exchange still wants to encrypt my device. Isn't restore supposed to restore the encrypted /data I backed up?
At this point I'm left with possibly tryinjg to go back to full factory settings, not use the backup at all, encrypt the device then restore my data from the Titanium backup I made.
Is there a better option?
[edited jan 18 - TWRP/TB behaviour]
My comments apply to encrypted devices only! I am not trying to talk down TWRP or TB here, as they provide splendid performance on non encrypted devices. I have come upon hard time trying to upgrade/restore an encrypted device using thoise tools, that's all
For those considering upgrading & re-rooting encrypted devices, don't!
I am finding the hard way that this is a one way street. At this point, my TWRP made full backup does not restore the device to the expected status. Each time I apply it, subsequent bootup takes several minutes and I end up going through the initial setup procedure. It seems the device for some reasoin goes through a complete reset procedure.
[edit]
Clarification: The TWRP build I use, 2.4.0.0 is an alpha build and I was not current when I restored my backup. I so happens that it was overwriting the encryption header on the partition, which messed things up bad, and had issues writing back the data partition, ending up in a factory reset status!
Using the latest drop as of today (jan 27) I was able to restore my original backup and am now back to my original state. All is well.
[/edit]
Titanium Backup is none better. It keeps telling me that my Android ID has changed, a host of system applications start to fail when I try to restore and generally speaking I have now spent between a good 20 hours trying to simply restore my data.
[edit]
this behaviour is probably linked to encryption. I know for a fact that TB works very well on non encrypted phones. The 20h figure is overall, not just with TB.
[/edit]
The end story is: root before you encrypt, and either don't upgrade or don't re-root if you do! If you do, be prepared for some rough times...
Unless someone has a cleat idea of how to do this properly without losing all your data, that is.
François
frankieGom said:
For those considering upgrading & re-rooting encrypted devices, don't!
I am finding the hard way that this is a one way street. At this point, my TWRP made full backup does not restore the device to the expected status. Each time I apply it, subsequent bootup takes several minutes and I end up going through the initial setup procedure. It seems the device for some reasoin goes through a complete reset procedure.
Titanium Backup is none better. It keeps telling me that my Android ID has changed, a host of system applications start to fail when I try to restore and generally speaking I have now spent between a good 20 hours trying to simply restore my data.
The end story is: root before you encrypt, and either don't upgrade or don't re-root if you do!
Unless someone has a cleat idea of how to do this properly without losing all your data, that is.
François
Click to expand...
Click to collapse
I have had no issues despite doing upgrades, with and without wipes.
Titanium is fine, just stop restoring system app data. Seriously, what data do you have in a system app that you want to restore.
Restore your user apps, their data, and the xml based call, sms, Wifi backups. It will work fine.
Device ID isn't a problem - it's just trying to help you.
pulser_g2 said:
I have had no issues despite doing upgrades, with and without wipes.
Titanium is fine, just stop restoring system app data. Seriously, what data do you have in a system app that you want to restore.
Restore your user apps, their data, and the xml based call, sms, Wifi backups. It will work fine.
Device ID isn't a problem - it's just trying to help you.
Click to expand...
Click to collapse
Sorry if I came across dissing Titanium Backup and/or TWRP. This was not the intent... I am sure both tools work real nice in general cases (and I have had success restoring data on a Jetstream before).
My main issue here is _full device encryption_ enforced by my company's corporate IT to allow me on the corporate exchange server. Do you have full device encryption on?
On my device, even after a full wipe and flashing a fresh stock rom Titanium Backup just did not work as I hoped. When I had to confirm individual popups of apps closing unexpectedly while it was proceeding and got nothing back in the end, what was I supposed to think? It could be that I don't understand how TB works... I was neither able to restore missing apps after the flash (missing apps: 0) nor installed apps data (they would close unexpectedly when started after restoring the back up). So I say: until full operation of TB on encrypted devices is documented, I will stay away from it, even though I am a registered user (and I do not plan to seek reimbursment)!
Anyway, I got to a belated happy ending (previous post edited).
frankieGom said:
Sorry if I came across dissing Titanium Backup and/or TWRP. This was not the intent... I am sure both tools work real nice in general cases (and I have had success restoring data on a Jetstream before).
My main issue here is _full device encryption_ enforced by my company's corporate IT to allow me on the corporate exchange server. Do you have full device encryption on?
On my device, even after a full wipe and flashing a fresh stock rom Titanium Backup just did not work as I hoped. When I had to confirm individual popups of apps closing unexpectedly while it was proceeding and got nothing back in the end, what was I supposed to think? It could be that I don't understand how TB works... I was neither able to restore missing apps after the flash (missing apps: 0) nor installed apps data (they would close unexpectedly when started after restoring the back up). So I say: until full operation of TB on encrypted devices is documented, I will stay away from it, even though I am a registered user (and I do not plan to seek reimbursment)!
Anyway, I got to a belated happy ending (previous post edited).
Click to expand...
Click to collapse
Yup I use device encryption Enabled manually, but it's the same encryption.
You should find that titanium shouldn't even be aware of it - the encryption is transparent!
I wonder... I'm sure lenny had that issue on a recent 4.1.2 "stock" ROM... And he doesn't use encryption...
I personally have had no issues with titanium on an encrypted device anyway
I notice you were using the newest rom - that's the one lenny had issues on.
pulser_g2 said:
Yup I use device encryption Enabled manually, but it's the same encryption.
You should find that titanium shouldn't even be aware of it - the encryption is transparent!
I wonder... I'm sure lenny had that issue on a recent 4.1.2 "stock" ROM... And he doesn't use encryption...
I personally have had no issues with titanium on an encrypted device anyway
I notice you were using the newest rom - that's the one lenny had issues on.
Click to expand...
Click to collapse
Exactly like I thought, encryption should be transparent to Titanium Backup since it runs within the OS.
I have had problems restoring into 4.1.2 DLL1 (the build I came from) and DLL7 (the one I was trying to go to)
The point is moot anyway since the DLL7 I tried was actually branded (Singtel stuff all around the launcher) and did not include French, which is why restoring my TWRP backup was a tempting proposition.
Good to know TB runs fine with encryption as well. What ROM are you running?
François
frankieGom said:
Hi all,
I recently got a HK N7105 and because it lacked the possibility to use a french keyboard I upgraded to a stock unbranded ROM from Sweden (XXDLL1) and succesfully rooted with the relevant CF_autoroot through Odin. Also installed TWRP 2.3.3.1.
Then, I connected the Note 2 to my corporate exchange server which enforced a full encryption policy (device and external SD card) so I had to type in a password at each boot time (with a "nice" swedish prompt that took ma while to decypher), plus a password to unlock the screen. All was well as the root survived the process.
Next I upgraded to a later stock ROM from France (XXDLL4 from SFR) to try and get rid of the swedish prompt. That worked fine (and root was loast in the process, as expected) but I hated the branded stuff so much I reverted to XXDLL1 until a proper unbranded "english" or "french" ROM is available.
At this point I decided to root again. I was running XXDLL1 like the first time and used the same autoroot tar from Chainfire. Except my Note 2 was still encrypted and after that it would not accept my boot password (a four digit PIN) anymore so I was guted and had to factory reset and root then reinstall everything before reconnecting to the exchange server.
Question 1: Does anyone know of a safe, proven way to root a fully encrypted Samsung device so I can go another upgrade without having to wipe the device first?
Why reinstall everything? Why not backup everything first so you can restore after the wipe? Well, it so happens that no recovery (at least neither CWM or TWRP) can read any encrypted media on the Note 2 at the moment. And no Recovery can actually fully backup the device as well.
Question 2: Does anyone know of a proper way to handle this situation with minimum hassle?
So far, the best I can think of is doing a Titanium backup and FTP the files to my NAS so I can retrieve them later. But (Question 3) will this be enough to restore my phone to the expected state after a stock firmware upgrade?
Thanks in advance,
François
Click to expand...
Click to collapse
About a backup : have you tried Online Nandroid (Playstore) (or similar, based on Onandroid) ? This makes a CWM or TWRP compatible backup while the device is running (everything should be unencrypted at this moment).
See http://forum.xda-developers.com/showthread.php?t=1620255
About rooting : you can try the same trick as above, by using ADB-shell and pushing the needed files to root to the device while it is running.
For my S3 there is a Toolkit that automates all this (http://forum.xda-developers.com/showthread.php?t=1703488), maybe there is something similar for your device ?
If not, you should still be able to do it using manual ADB-pushing.
I'm sorry I can't give you detailed instructions about the rooting as I'm not familiar with your device. Search here on XDA and you'll find more details.
pat357 said:
About a backup : have you tried Online Nandroid (Playstore) (or similar, based on Onandroid) ? This makes a CWM or TWRP compatible backup while the device is running (everything should be unencrypted at this moment).
See http://forum.xda-developers.com/showthread.php?t=1620255
About rooting : you can try the same trick as above, by using ADB-shell and pushing the needed files to root to the device while it is running.
For my S3 there is a Toolkit that automates all this (http://forum.xda-developers.com/showthread.php?t=1703488), maybe there is something similar for your device ?
If not, you should still be able to do it using manual ADB-pushing.
I'm sorry I can't give you detailed instructions about the rooting as I'm not familiar with your device. Search here on XDA and you'll find more details.
Click to expand...
Click to collapse
Thanks for the suggestions, and no I had not tried Online Nandroid as I was not aware of it. Anyway, my main issue is now resolved since TWRP has include support for Samsung TouchWiz based encryption in 2.4 and that works well.
For those interested, the only remaining issues I have with TWRP regarding encryption are that if you want to format /data from TWRP (say, to remove encryption) it will fail unless you _do not_ enter the password at boot, and the TWRP formated /data cannot be re-encrypted (you must use stock recovery to factory reset/wipe the device or else the encryption step will sit deat in the water doing nothing). I suppose the second one is a bug that will be fixed in a later version.
I will check Online Nandroid out anyway, being able to make a backup from a live system sounds good!
François
frankieGom said:
Thanks for the suggestions, and no I had not tried Online Nandroid as I was not aware of it. Anyway, my main issue is now resolved since TWRP has include support for Samsung TouchWiz based encryption in 2.4 and that works well.
For those interested, the only remaining issues I have with TWRP regarding encryption are that if you want to format /data from TWRP (say, to remove encryption) it will fail unless you _do not_ enter the password at boot, and the TWRP formated /data cannot be re-encrypted (you must use stock recovery to factory reset/wipe the device or else the encryption step will sit deat in the water doing nothing). I suppose the second one is a bug that will be fixed in a later version.
I will check Online Nandroid out anyway, being able to make a backup from a live system sounds good!
François
Click to expand...
Click to collapse
I have a similar issue. I had the device encrypted and decided to ROOT (using CF-AutoRoot). Unfortunately I cannot bypass the password screen now, although I know that I'm entering the right password. You are saying that if I flash TWRP everything will be fine?
ludovicianul said:
I have a similar issue. I had the device encrypted and decided to ROOT (using CF-AutoRoot). Unfortunately I cannot bypass the password screen now, although I know that I'm entering the right password. You are saying that if I flash TWRP everything will be fine?
Click to expand...
Click to collapse
Two separate things:
Root messing up encrypted touchwiz devices and twrp not handling touchwiz encrypted partitions properly.
The 2nd one, as much as I can tell, is fixed since before 2.5 so if youwork with the latest (2.6) you should be fine.
The first one I haven't played with in a while, but my finding is that you don't want to root a device once it's been encrypted. I've tried several different methods including rooting as you flag as is possible with twrp and all end up the same:the password is not recognised anymore!
The only thing that works for me is rooting before encrypting or only flashing pre-rooted ROMs.
frankieGom said:
Two separate things:
Root messing up encrypted touchwiz devices and twrp not handling touchwiz encrypted partitions properly.
The 2nd one, as much as I can tell, is fixed since before 2.5 so if youwork with the latest (2.6) you should be fine.
The first one I haven't played with in a while, but my finding is that you don't want to root a device once it's been encrypted. I've tried several different methods including rooting as you flag as is possible with twrp and all end up the same:the password is not recognised anymore!
The only thing that works for me is rooting before encrypting or only flashing pre-rooted ROMs.
Click to expand...
Click to collapse
Yes - I had to factory reset the phone and format the SD Card. Never root AFTER encryption :silly:
Since encryption is in the news right now with iPhones perhaps it's time we Android users looked into it more. I'm interested to hear other people's experiences. Did it work at all? Did it affect performance? Were you able to do upgrades after?
Search button, ~20 results, filter the useful ones, leave out the misleading ones...
Tayyab.Hasan said:
Disk encryption is working flawless. (Phone restarted in first attempt and wont show decrypt screen after first reboot otherwise no problem).
allangoing said:
Disk Encryption on Jan 26 is working correctly.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
llenp said:
Tested encryption and can verify it works 100%. But, there is a catch. It's always going to be a one-way street. Typically, when you encrypt a regular Android phone, the only way to decrypt it is to do a factory reset.
The only way to go back to an unencrypted state with our Fire Phones would be to format data (not wipe data) in Safestrap.
Unfortunately, this means you lose EVERYTHING. So you will definitely want to store any TWRP backups you have on your computer first.
Fortunately though, you will end up with a clean CM11 install after formatting data. Then all you have to do is go back and restore whatever TWRP backups you made before encrypting in the first place.
Click to expand...
Click to collapse
it's working on slimkit, suppose working on CM11, but yes, you have to do factory reset for decryption.
When I encrypted, the encryption itself was fine, but Safestrap can't access /media that I know of. I put .zips in /cache and it worked like a charm. You'll need root to do that, though.
--EDIT--
If you also want to perform a NAND dump while encrypted, Onandroid seems to do a fantastic job at it.