Related
I have used the INTEROP-UNLOCK and sorted the GRPS connection....
My question is what are the limitations of this unlock?
I have not been able to get MMS working even after reloading the network profile, I have a locked phone to 3UK network.
I believe that when a phone is carrier unlocked MMS does not function, isn't is the INTEROP-UNLOCK similar?
I cant use the official Samsung Network profile app in the market place as I am locked to 3UK, but if I carrier unlock the phone, will I be able to use this official app to reconfigure (as a new phone) the 3G settings and the MMS settings to work as a stock phone.
Also, for carrier unlocked phones, via a 3rd party when we get an unofficial update from Microsoft, does it re configure the settings to work with the official Samsung network app.
I have posted a couple of times to find info on one of the above items, and have been told to to look at the forums, I have spent a lot of time reviewing them and I dont think the above points have been answered concisely....
Your help would be greatly appreciated.
http://www.wpxap.com/thread-171460-1-1.html
here you can see
Even when the page was translated from simplified Chinese, the link didn't explain any of the questions raised above...
Search for Samsung Tools in this forum. Install it and run it. Checkmark the prevent device from relocking, unlock, and run adc checkmarks. Press ok, after it reboots it will fix your mms issue
Sent from my SGH-i917 using XDA Windows Phone 7 App
W99DEY said:
I have used the INTEROP-UNLOCK and sorted the GRPS connection....
My question is what are the limitations of this unlock?
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=1265321
A Quote from it... Dont forget to hit thanks !
Heathcliff74 said:
On WP7 there are already a lot of different unlocks:
Developer-uplock/ChevronWP7 unlock: This will allow you to side-load apps from your desktop to your phone. A legit developer-unlock costs $99 per year (this will also allow you to deploy your apps in the Marketplace). ChevronWP7 made an unlock tool, which allows you to dev-unlock your phone for free. This method only works on WP7 version 7.0.7004.0 and 7.0.7008.0. It does not work anymore since version 7.0.7355.0 (pre NoDo). But it is possible to unlock your phone on version 7.0.7008.0 and then use some tricks to upgrade your phone and keep the unlock. You can even upgrade to Mango RTM and still have the unlock. Look in this thead to get full instructions. Also the ChevronWP7 team will release an unlock-method that will only cost a few bucks and will apply an official dev-unlock on any version of WP7, but it won't allow you to release apps to the Marketplace.
Interop-unlock: On RTM and NoDo versions of WP7 it was possible to run apps with native code. These apps would use a COM-Interop-Bridge to transit between managed and native code. These apps need to be tagged with the Interop-capability called "ID_CAP_INTEROPSERVICES". These apps don't seem to run on Mango. Not even when you have a legit Developer Unlock. There are two reasons for that. The first reason is that most native libraries need some modifications to run on Mango. I found out how to do this and modified WP7 Root Tools so that it is compatible with Mango. The other reason is a deployment-restriction. That is the Interop-Lock that needs to be Unlocked. If you have a normal Dev-unlock on Mango and you try to deploy an app with that uses COM interop, the deployment will fail with error 0x81030120. contable and Marvin_S found out that the MaxUnsignedApp registry-value is responsible for the Interop-Lock. I did more research and I identified the code that checks this value. In fact, if you have the MaxUnsignedApp value set to 300 or higher, your interop will be unlocked. The value of MaxUnsignedApp is determined by the type of developer-unlock you have. A normal AppHub account will have it set to 10 and a student account will have it set to 3. So a value of 300 or higher is not a realistic value for a normal developer account. It is probably only set to this value for Microsoft employees and OEM developers. Until now, the only way to do an INTEROP-UNLOCK for MANGO meant that you have to downgrade to NoDo first, then prepare your device by loading provxml files to your device, upgrade to MANGO and then use OEM tools to execute the provxml files and do the necessary unlocks. But that is a lot of work and for some devices not even possible, because there are simply no ROM's available. But I have found an exploit that works on Samsung and HTC devices, which allows you to UNLOCK INTEROP your MANGO device. For it to work, it must already be developer-unlocked! Read this guide for instructions.
FullUnlock: This a type of unlock which allows you to run Native Executables. Normally you can only compile Silverlight apps, which will be run in a sandbox. The app is compiled as a DLL, which will be run in TaskHost.exe. I you would like to compile Test.exe, you won't be able to run it, because there is a policy-system and certificate-system that prevent you from running it. Cotulla already cooked a ROM with FullUnlock, but unfortunately this is not yet working as expected. I also did research on this together with fiinix. Thanks go out to him for working with me on that matter. We did not get it working back then, but I think I now have enough exploits to get this working. I will do some more testing on this later on. WP7 Root Tools does not need FullUnlock to be able to run.
Full Root Access: As stated previously, Silverlight apps and system executables have their own sandbox, which is defined by a Least Privilege based policy system. Even when you break into native code, you are still running in your sandbox. For example, you can try to copy a file in managed code. You will only have access in Isolated Store. If you use COM interop to call native code and you try to use the FileCopy() API, you can still only copy files in your Isolated Store. To break out of the sandbox, there are a couple of possible exploits. But they are still limited in their possibilities. To get unrestricted access to the API's and Resources on your device you will need to completely bypass the policies that the system has defined for your app. YukiXDA and I have in close contact with eachother for a period of time and we learned a lot from eachother. I found some of the exploits, thanks to him! YukiXDA unfortunately has left the community. A very big thanks to YukiXDA for working with me on this matter. Before he left he cooked a ROM for HTC HD2 which has Full Root Access cooked into it. The way he did it was to effectively shut down the policy-sytem. Although this opens up a lot of possibilities for homebrew, this is also kind of risky, because the system is also open to malware. And this technique only works on devices which have an unlocked bootloader (currently HTC HD2 and most HTC WP7 devices have unlocked bootloaders). I developed another type of Full Root Access. I can enable Full Root Access for the entire device (differt than what YukiXDA did, but effectively the same). But I can also enable/disable this per app. So the user can decide which app is trusted enough to get Full Root Access. Other apps will still run in their predefined sandbox. I am currently developing a new version of WP7 Root Tools which will support Full Root Access. To do this I will apply Full Root Access for WP7 Root Tools first. A user can use WP7 Root Tools to enable Full Root Access for another app. So if a developer wants to create an app that needs Full Root Access (for example some type of backup-app), the user of the app must use a ROM which has Full Root Access cooked into it, or the user must run WP7 Root Tools to allow Full Root Access for the app. There are two disadvantages. WP7 Root Tools must first install Full Root Access for itself. Obviously WP7 Root Tools does not have Full Root Access at that moment yet. So there are other exploits necessary to apply this. Currently I have exploits for this, but they use some device-specific features. I have exploits for Samsung, HTC and LG. Other brands, or possibly a device-independent exploit, may follow later. This means that WP7 Root Tools only works on these devices, and with that also the apps that need Full Root Access will only work on these devices. The other disadvantage is that, with the current state of Interop-unlocking, all users of WP7 Root Tools, and with that also all users of the apps that need Full Root Access, will need to be on dev-unlocked-NoDo first, in order to apply an Interop-Unlock for Mango. Because WP7 Root Tools and all apps that use Full Root Access need Interop Unlock. When I have the version of WP7 Root Tools with Full Root Access finished I will release an SDK, which will make access to the system a lot easier. The SDK will consist of a native library and a managed wrapper library. Developers will be able to access the Registry and Filesystem using only managed code and the libraries from the SDK. The app will of course need to be unlocked, using WP7 Root Tools on the device. But using the SDK is mandatory. You can also write your own native code. I will write a guide on how to do that later on. An app that has Full Root Access (provided by ROM or by WP7 Root Tools does not need any device-specific libraries. All API's can be used. For API's that are not in the SDK libraries you need to write your own COM wrapper.
Click to expand...
Click to collapse
Hi W99DEY
I had the same problem as you - I am on the three uk network, with a samsung omnia 7, updated to mango, interop unlocked, reset mms/internet settings and the mms does not work.
I spent a while trying to figure this out, but I found a solution as to how to get mms working after interop unlock.
Here's how you do it:
1. Revert to your last back up of your phone - this needs to be pre interop unlock and your mms should be working at this point. Do this by connecting to zune, going to update and clicking backup.
2. Install mango updates.
3. Once zune says you can unplug your phone after the updates, unplug it and use heathcliffs method of interop unlock: http://forum.xda-developers.com/showthread.php?t=1271963
But stop at stage 10 - don't try and repair your mms yet.
4. Deploy any other provxml you may want. May I suggest this one, to enable tethering:
http://forum.xda-developers.com/showthread.php?t=1238519
Don't try to repair the mms yet.
5. ***This is the important bit*** Currently your mms won't work, and there is only one method which will get it to work:
Run the Diagnosis app and dial this to enable auto configure sim setting: *#94765#
It will ask you to restart the device. Confirm that.
Other methods like - setting apn, using samsung tools, etc. do not work so don't try them.
6. Plug your phone back into zune, it should want to update again (mine did) Saying it needed to install Samsung updates. Install them.
7. You're done and your mms should now work - make sure you're not connected to the wifi when trying to send a mms as it may not work.
------
***Important*** After you've applied the fix and got the mms to work do not run any more provxml files as that will screw your settings again, and this method only works once for some reason.
Also don't run any other methods of fixing mms settings like using samsung tools etc. as this will not work, and if you try these before using the diagnosis method, then the diagnosis method will not work. And the diagnosis method will only work once.
If anyone has any ideas as to how to make this fix work more than once for 3uk samsung omnia 7's please let me know.
If this was helpful please say thanks
Cheers Parsl for the response.... More or less did what you did, think I tried Samsung Tools 1st.... ;-)
Yeah, I used Samsung tools and that didn't work. I found the only thing that worked was the diagnosis method. But only once - as the first time round I then applied the tethering provxml and then the diagnosis method didn't work a second time, so rebooted and then did it all in the order I mentioned.
Have you got your mms working now?
Sent from my OMNIA7 using XDA Windows Phone 7 App
If you just switched from iPhone or BB or this is ur first android. Read this thoroughly and see ur questions get eliminated by this guide. if you find this helpful than show your appreciation and hit that thnx button.
Little in-depth information about Android. Must Read. Thank You Pirateghost.
Pirateghost said:
Android itself is OPEN. you can go and build your very own version of 4.0 ICS right now from source code. there are very few phones you can STABLY and RELIABLY run it on though.
The NEXUS line of phones exists for a reason. they are untouched by carriers (verizon teabagged the Galaxy Nexus a little), and do not have some stupid overlay on them. they are developer devices in that it is the first phone to get android updates straight from google (no manufacturer interference required).
every other phone is tainted with a manufacturer's UI. Touchwiz on Samsung phones (galaxy nexus is a samsung but they provided the hardware not the software), Sense on HTC, 'non-blur' on Motorola, whatever Sony calls theirs...lol, LG, etc
on top of that tainted Android interface is a carrier branding or lockdown (doesnt apply to the entire world, but im only referring to US here)
so google releases new version of Android
manufacturers build phone, and customize android to fit their model (this is where android almost stops being OPEN)
carriers get a hold of the manufacturers build of android and tweak and modify it themselves (more than likely they just tell the manufacturers what they want), as you know they love to include bloat and lock it down from the user
you receive your android phone after it has gone through all those steps....long process huh? we dont get updates to newer versions as quickly because of that long process...and they would rather us buy new phones instead of improving perfectly good hardware.
Android is open in the sense that manufacturers can use it however they wish, within reason. it is not necessarily meant to be 'open' to the average end user, and manufacturers dont want you messing with the phone they built. its the reason XDA is what it is today, albeit with roots deep in WinMo hacking.
Click to expand...
Click to collapse
ADB → Android Debug Bridge (adb) is a versatile command line tool that lets you communicate with an emulator instance or connected Android-powered device..
Android →Unveiled on 5 November 2007, Android is a mobile operating system running on the Linux kernel developed by Google.
AOSP → Android Open Source Project
Apps2SD → Move applications from the internal NAND memory on the device to a removable SD Card.
BLN → BackLight Notification
Bloatware → Software bloat is a process whereby successive versions of apps include an increasing proportion of unnecessary features that are not used by end users, or generally use more system resources than necessary, while offering little or no benefit to its users. Like all the crap that comes from At&t
Brick → When used in reference to consumer electronics, "brick" describes a device that cannot function in any capacity (such as a device with damaged firmware). This usage derives from the fact that some electronic devices (and their detachable power supplies) are vaguely brick-shaped, and so those which do not function are useful only as actual bricks. The term can also be used as a verb. For example, "I bricked my phone when I tried to modify its firmware."[
Hard Brick → When your phone does not turn on at all. When you can’t get in to CWR/CWM Or Stock recovery. You are basically screwed.
Soft Brick → When your phone bootloops. When you can get into CWR/CWM. When You can use jigtag to get into download mode.
Busybox → BusyBox provides several stripped-down Unix tools in a single executable. It runs in a variety of POSIX environments such as Linux, Android, FreeBSD and others, such as proprietary kernels, although many of the tools it provides are designed to work with interfaces provided by the Linux kernel. It was specifically created for embedded operating systems with very limited resources. Platforms counterparts, but they are pretty close and useful nonetheless.
CWR OR CWM ClockworkMod Recovery →A custom recovery for Android phones and tablets that allows you to perform several advanced recovery, restoration, installation and maintenance operations on your Android device that aren’t possible with the stock recovery.
DEODEX → Apk files have respective odexes that devs use to supposedly save space. Deodexing means you convert it back to a .dex file and put it back inside the apk. This allows you to easily replace file (not having to worry about odexes), but the main point was to deodex services.jar so that you can change all text to different colors (such as the clock color to white) and to deodex services.jar, you need to deodex everything.
Flashing → The process of applying a firmware image (or ROM) to a device. It generally entails a very specific order of steps. Failing to complete any one of these steps properly may result in bricking the device.
Firmware → is a term often used to denote the fixed, usually rather small, programs and/or data structures that internally control various electronic devices. Programs stored in the ROM, EPROM, or flash memory that usually control various internal electronic devices (Hard Drives, Keyboards, Displays, etc). Firmware is typically 'fixed' software that is not updated in consumer devices, however it is often updated (or 'flashed') by advanced users to fix bugs or add features to the device. Flashing firmware designed for one device onto a different device, or not following a specific procedure while flashing will often render the device unusable.
Kernel → is the main component of most computer operating systems; it is a bridge between applications and the actual data processing done at the hardware level. The kernel's responsibilities include managing the system's resources (the communication between hardware and software components
Radio → The cellular radio on the device which needs control software called firmware to control it.
ROM → Read Only Memory. In the context of an Android device, ROM is the internal flash memory where the core operating system resides. It can also refer to a specific version firmware that can be applied to a device through a process usually referred to as flashing. An improperly flashed ROM can often brick the device, rendering it unusable.
Superuser→ A program, which gives unlimited access privileges to perform any or all operations on the operating system.
ODIN → Odin is the Samsung software used to update Samsung phones. It does not work with any other devices other than official Samsung phones.
OTA or FOTA → (F)OTA stands for (Firmware) Over The Air and is the process by which required updates and enhancements to your phone's basic operating system can be sent to you through the cellular network. The Galaxy S II software update will be sent via FOTA and is available through Samsung Kies mini.0
ODEX → In Android file system, applications come in packages with the extension .apk. These application packages, or APKs contain certain .odex files whose supposed function is to save space. These ‘odex’ files are actually collections of parts of an application that are optimized before booting. Doing so speeds up the boot process, as it preloads part of an application. On the other hand, it also makes hacking those applications difficult because a part of the coding has already been extracted to another location before execution.
SDK → Software Development Kit.
Logcat → A debugging tool built into Android devices that displays system logs as they occur. See Logcat.
NANDroid → A set of tools that will enable anyone who has root on their Android device to make FULL system backups, in case something goes wrong or you want to try out that new experimental ROM/theme. NANDroid will backup (and restore) /system, /data, /cache, and /boot partitions.
Recovery Mode → A special environment that you can boot into for troubleshooting and upgrading purposes.
Kang → The process of creating a code based of someone else's code or reapplying code that someone else created into your own code (e.g. git cherry-pick)
Rooting → is a process that allows users of mobile phones and other devices running the Android operating system to attain privileged control (known as "root access") within Android's Linux subsystem with the goal of overcoming limitations that carriers and manufacturers put on some devices.
How to root ANY US VERSION ON MAC
How To root At&t Samsung Galaxy S III I747 No Tripping Flash Counter
How TO ROOT USING SNAPDRAGON TOOL KIT!
How To Install ClockWorkMod Recovery!
How To upgrade ClowckWorkMod Recovery!
HOW TO UNROOT & FACTORY RESET YOUR SGSIII
How TO Flash ROMS!
How TO Back up Rom on Samsung Galaxy III
How to flash themes
MOD FEEL FREE TO STICKY IT, AS IT WILL BE FILLED UP & THIS THREAD WILL BE NOOB HANG OUT PLACE!
Legit!
Thanks for this thread...this will be my first android phone
I'm switching from iphone 4 to the SGS3, although i'm still eagerly awaiting my phone to arrive at my local BB, i've been reading up on all this stuff as much as i can...
+1 to sticky
send2amrish said:
Thanks for this thread...this will be my first android phone
I'm switching from iphone 4 to the SGS3, although i'm still eagerly awaiting my phone to arrive at my local BB, i've been reading up on all this stuff as much as i can...
+1 to sticky
Click to expand...
Click to collapse
Same here. Nice to have all of this info to read up one while I wait for my phone. Hopefully bb will come through soon. Thanks for the Thread!
heya AppDroid.
i lol every time i see my quote in your guides...
Appreciate the effort here....if only there was a way to make the noobs read all this before being allowed to post on the board
Sup Pirateghost!
Well Your Quote explains why we no get update like GNex! SO its great Explanation to NOOBS! lol
But hope you get this phone/already have it! Looking forward to flashing your stuff!
Pirateghost said:
heya AppDroid.
i lol every time i see my quote in your guides...
Click to expand...
Click to collapse
appdroid said:
Sup Pirateghost!
Well Your Quote explains why we no get update like GNex! SO its great Explanation to NOOBS! lol
But hope you get this phone/already have it! Looking forward to flashing your stuff!
Click to expand...
Click to collapse
Sorry, I don't have it and don't plan on buying another device off contract until the next nexus.
Sent from my HTC One X using Tapatalk 2
Noob here. I plan on switching from a 3gs iPhone (AT&T) I've had for about 2.5 years. Had a few questions.
What's the deal with the micro sim? Will I just need to cut my old one down to size (i've seen the tutorials) or will I need to transfer to the new one they provide?
I don't plan on doing any rooting but I did see a thread about removing unnecessary processes to free up RAM and would like to do this if it is simple. Any advice/recommendations on how to do this without getting too detailed?
Lastly, for those that may have already done the switch or anyone else who would know, what are some of the most important changes I will have to get used to coming from the iPhone? What is the coolest thing I didn't have before? What are some of the first things a noob should do to his phone to make it "better" without getting crazy. I'm not a developer or specialized in computers or code or anything. Just someone looking for a few ideas. Thanks!!
PS thanks for the noob forum
If you're referring to this thread, then you would need to root the device to accomplish what he's detailing there.
http://forum.xda-developers.com/showthread.php?t=1726842
Not sure how I missed that. Guess I'll have to look into rooting.
Spoonman87 said:
Not sure how I missed that. Guess I'll have to look into rooting.
Click to expand...
Click to collapse
If that's your only reason for rooting, then it may interest you to know that in Android 4.0 they introduced the concept of disabling system apps. It'll still take up disk space (which is negligible compared to the 16 or 32 GB availalbe), but it won't be allowed to run (no RAM usage) and it will be removed from the app list. So, it will be as if it's uninstalled.
So that's probably a better option if this was your only reason for rooting.
There are plenty of other reasons to root though, but I'll leave you to discover those for yourself. Personally, I value my 1 year Verizon warranty. So I wait until my second year to root.
demarcmj said:
If that's your only reason for rooting, then it may interest you to know that in Android 4.0 they introduced the concept of disabling system apps. It'll still take up disk space (which is negligible compared to the 16 or 32 GB availalbe), but it won't be allowed to run (no RAM usage) and it will be removed from the app list. So, it will be as if it's uninstalled.
So that's probably a better option if this was your only reason for rooting.
There are plenty of other reasons to root though, but I'll leave you to discover those for yourself. Personally, I value my 1 year Verizon warranty. So I wait until my second year to root.
Click to expand...
Click to collapse
Good to know. Thanks!
Where is the ...
Okay, on a very serious note ...
Where is the post on what to do in case you run out of toilet paper? Well? Well? Come on, this is very important.
Peter
A brief history:
Several weeks ago my stock Gingerbread G2's touchscreen started dying. Replacing the touchscreen didn't solve the problem. I was able to continue using it via the keyboard for a little while and, in the meantime, enabled USB Debugging (thank the stars!) while I waited for a replacement phone to arrive. I could still access some functions using the keyboard & thumbpad, although usability was limited due to the inability to back out of an application. Cue lots of battery pulls to restart at the homescreen (a pox on designers who forget one of the fundamental rules of UI: It should always be possible to go back using the current input device!).
Then the screen started a somewhat frazzled HTC image loop during boot, shortly after I started testing ADB & fastboot. Curiously it was still booting the underlying OS, as evidenced by the various chimes telling me I had messages etc, and I could still access it via ADB.
My new phone arrived (a Sony Xperia Z3 Compact. I still would prefer a proper keyboard though. Another pox on designers/manufactures who focus on marketing fads instead of functionality. I don't give a rat's arse if my phone is only 2.48291mm thick and has a screen the size of my 1st laptop. I want something small enough to use in one hand, and that has a hardware keyboard) & happily downloaded my contacts from the Borg....I mean, Google, but not notes or SMS/MMS etc. Leading to today....
I tried Sony's transfer app, but without screen viewing let alone touchscreen ability it wouldn't work (PC version, due Android version on the problem phone wasn't acceptable). Ditto problems with other root exploits. Even trying to use a recovery image on the SD card wouldn't work due to the non-root status. The recovery menu would only accept a stock image. An overriding consideration was that I didn't want to just gain root by what ever method, but I wanted to preserve my notes & sms/mms data, so fastbooting a factory image wasn't satisfactory - as far as I could tell, that would delete everything. After over a week of 0300, 0400, 0530 bed times while reading & trying the methods given in some huuuge number of XDA threads and some other websites, last night I was able to get temp root using the fre3vo exploit! Yay! At one point I had 70 threads open. It was an XDA-dev. thread that gave me the exploit though. Still couldn't do a simple Linux/Unix cp command in ADB shell to save the data but at least the file system was accessible now. Bloody frustrating!
Anyway, a bit more Googling & XDA-ing to find file locations & command formats and tonight I was able to use the ADB pull command to download the whole of the /data directory to my PC. Data saved! Even better, the Linux distro on my PC already has SQlite software to open the files. Even more yay!
I haven't tried to upload to my Xperia Z3C, but I will soon. Meanwhile my data is now available in my PC so phone access isn't as important anymore.
Some thoughts on what I went through:
Manufacturers: You do your customers a vast dis-service by making it so hard to salvage the data.
Service providers: Ditto, due to your insistance on locking down the system on the phones you sell
XDA contributers: I couldn't have done this without you, however.....it would have been easier if you *always* specified what would change/be wiped when you describe your exploit/change/recovery process. I was hesitant to try some methods due to not knowing if my data would be wiped in the process.
And after all that: Who the hell would ever want a phone that wasn't rooted? I don't even install Linux OS on my systems unless root can be gained (Ubuntu & Mint, I'm looking at you! Sudo isn't sufficient...) so I've learnt a lesson on my phone. If only I'd rooted it while it was still fully functional!
Next task? Rooting my Z3C before something goes ' bzzzzt!' on it!
I need help with my pixel (taimen), and I don't know what to do. In attempt of resizing partitions with help of parted, I somehow deleted all the partitions (even though it showed they were recreated successfully), and now the phone won't even boot to fastboot. Is there any way how to repair it? I've had it for long time and I don't feel like loosing it today.
There are a couple of other threads where a user posted firebase files that could be used with existing firmware. Those files and a copy of MiFlash on the PC may be able to restore the device, but only if it shows up as a Qualcomm USB loader in Windows. The only other alternatives are to pay Google to fix the problem or sell the unit for parts.
Hello everyone! It's been six years since my last post and it is truly fantastic that this community is still going strong
A while back I installed LineageOS on a Motorola device. I am very impressed and very grateful to all the developers and the free software community for this amazing piece of software. I like to secure my devices as much as possible and I am wondering about the implications that an unlocked bootloader might present.
Some time ago I came across a post somewhere on the internet (unfortunately cannot find that link anymore) where someone claimed that if the bootloader of an Android device is unlocked, one could boot a TWRP recovery image, delete the encryption keyfiles and as a result the encryption keys would be reset to the default values and this would allow to bypass any screenlocks.
Unfortunately I don't have spare device to conduct tests, therefore I am hoping that someone could shed some light on this. Is it really possible to bypass FBE so easily with an unlocked bootloader?
From this answer on a different forum:
The main issue with LineageOS is that you will have an unlocked bootloader. That allows an attacker to load a custom recovery and brute force your encryption completely bypassing LineageOS all together.
Click to expand...
Click to collapse
An alternative would be conducting an Evil maid attack since Lineage is by default built in userdebug and allows flashing any (unsigned) packages from the ADB. Nothing is stopping anyone from flashing a keylogger or some kind of a remote access on your device using this method.
The questions remain how likely are such attacks and how likely will a potential thief invest his time and resources in getting access to your data. These are questions everyone has to answer depending on his own individual situation and risk factors.
Feel free to correct me
Thanks for the reply. You made some good points, I also think that if a device has been in the wrong hands even for a short period of time, it is compromised, even if the bootloader is locked down and USB debugging is disabled. Unlocked bootloader is a great gateway for bruteforce or dictionary attacks but a strong password can mitigate the risk and prevent even state actors from accessing the information, at least for couple of years
However the question still remains - Can LineageOS's FBE be bypassed if the encryption keyfiles are simply deleted?
Reacan said:
However the question still remains - Can LineageOS's FBE be bypassed if the encryption keyfiles are simply deleted?
Click to expand...
Click to collapse
No. Unless LineageOS's (or Android's) crypto is horribly broken, this shouldn't be possible. So far, the only way to bypass the drisk encryption is to brute force the passphrase. You are probably referring to erasing user data by removing encryption headers -- TWRP can do this, but then all your data is lost.
However, encryption only protects user data, not system. Hence, the latter can be backdoored without you knowing.
Reacan said:
However the question still remains - Can LineageOS's FBE be bypassed if the encryption keyfiles are simply deleted?
Click to expand...
Click to collapse
Afaik FBE works by generating a random key and encrypting the target parition(s) on the first boot. Then it uses your passphrase to encrypt that key.
From my understanding, deleting the key (stored in an encrypted form) would make the data encrypted with that key essentially unrecoverable. Unless someone had the resources to bruteforce the key. As of today that would require state level amount of resources.
Another theoretical possibility would be performing a Cold boot attack to get the encryption keys from RAM.
Feel free to correct me
Also remember if you are using a phone with a Qualcomm chipset, and you are really up against a state level actor, you also have to deal with EDL mode: you can dump the entire phone with it (no need to compromise or exploit the image on the phone itself), take it back to your seekret lair, and spend your gazillions on brute force hardware.
Bottom line, even if every senior hacker on this board told you "no, not that easy", they still could be wrong somehow. Zero days wouldn't be a thing if it worked that way. If you've got something truly worth protecting, put it in a [software] vault with solid, audited encryption.
If it isn't /that/ important, some phones will let you do the entire trusted boot thing if you want to compile LOS (or any AOSP based distro) from source, and futz around with the build scripts.
That said, remember there are social engineering attacks. If I were a l33t CIA agent, I'd probably wait till you were somewhere where I could watch you carefully (or had a 8 billion megapixel camera watching you carefully), send you a text message (marketing spam would work nicely), and then watch you type your password on the screen to read it... boom, pwn3d.
Many vectors of attack here.
If someone *GOT* your phone (to launch TWRP et al), you'd know about it, right? Consider a remote wipe package? Or try to keep them from getting it in the first place with physical security (vault, firearms, martial arts, etc)?