So now that the Z2 is out and being worked over I have a question that'll apply specifically to those of us who are still running the first gen Z Force. Is flashing the firmware from the Z2 Force able to be done onto the first gen Z Force? I was talking with some friends about doing some phone mods and this actual question was raised. Due to there being some differences right off the bat is this a feasible thing to try and do. My phone already did another forced update and is now 8.0, but if it's possible to change the phones firmware to the newer version that can be rooted would be great. I'm still learning as I go and hope I posed this correctly.
You should never attempt to flash firmware for one device onto another type of device. You're asking for a one way ticket to brick city by doing so. There are major differences between the two devices that make the software for one incompatible for the other.
phuqingA said:
So now that the Z2 is out and being worked over I have a question that'll apply specifically to those of us who are still running the first gen Z Force. Is flashing the firmware from the Z2 Force able to be done onto the first gen Z Force? I was talking with some friends about doing some phone mods and this actual question was raised. Due to there being some differences right off the bat is this a feasible thing to try and do. My phone already did another forced update and is now 8.0, but if it's possible to change the phones firmware to the newer version that can be rooted would be great. I'm still learning as I go and hope I posed this correctly.
Click to expand...
Click to collapse
Firmware runs the hardware abstraction layer. I.E. let's the software know how to send information across the chips. We have different CPU/GPU/screen/etc. It won't work if it even does flash.
Short answer: no, sorry.
Long answer: There's some ambiguity to what you refer to when you say firmware, because it can apply to many things in the boot stack, but it doesn't matter. If you could get it to flash, it wouldn't run, and if you could get it to run, it almost certainly wouldn't help you root unlock.
If you're interested in the subject and the distinctions between the different things you can call firmware, here is an elevator ramble about their functions (for OP and anyone new to the scene):
Check out this graphic here for a non comprehensive overview of what's what, what's called what, where whats sit in the boot stack and most importantly, what is firmware. If we're being so so so so so technical, The Firmware is the ROM on your snapdragon's die, who's only real job that we care about right now is to start the SBL, which is where things really get going. This firmware is called the PBL (primary bootloader) and is - quite literally - set in stone, ingrained into the die on your SoC (cpu/gpu/modem) It's pretty lax on security and once it's done its job, it hands over the responsibilities of "being firmware" to other items in the stack. Often, people casually talk about firmware to refer to anything kernel level downward, but I find this vague and hard to understand when you're getting started. OEMs like to refer to the entire stack as the device's firmware. You could make a good argument that the android/application bootloader (aboot) is the firmware since it's verifying the integrity of your boot image, manages fastboot, and is generally responsible for booting android in the first place (when you go from major android versions, like 7 -> 8, aboot generally gets an update too, and usually makes old roms not boot anymore). It's what you unlock when you "bootloader unlock" your phone. Aboot is signed, and verified by the SBL.
You push the power button -> hardware turns on, PBL runs -> PBL loads the SBL -> SBL loads aboot -> aboot loads the boot.img or recovery.img -> the boot image contains a kernel and a method to load important things into ram (like, android).
This varies by manufacturer, but most of them are variations on this process (except devices with intel processors, which are hilarious).
Thank you for the information on the primary question I posted, and for the ancillary too. I'm learning more each day and the posters here, all of you, are helping me more than you may know.
I don't know how long it's going to take me to even be close enough in knowledge on these phones as any of you are, but I am enjoying the journey.
Thank you again for the info and the continued education.
Related
Quick question to the community here – could someone post or direct me to some information on the architecture of the phone / hardware? What I’m referring to is:
There is a primary boot loader, secondary programming boot loader, the core OS image, the external storage, over the air updates etc…. Then looking into the software information section of the EVO, I see firmware version , baseband version, kernel version, build number, software number, browser version, PRI and PRL version.
Kernel, build, software number and browser version are self-explanatory. However, firmware and baseband are a bit unclear, also PRI / PRL – what exactly are those?
When OTA update is initiated, which elements can be updated?
I have rooted my phone by following the instructions, what I don’t fully understand is what exactly transpired while it was being rooted, and what will happen during the next (2.2) update.
Today I have 0.72 engineering build hboot (which acronym does it fit comparing to all of the text above?). So, if I were (yes, I know, I should not) update the phone over the air, would the very first bootloader be replaced with the newer version or would be out of scope and only the software/build number would change?
Along the way, I’m planning to try to write some code for the android platform and see where it takes me (good with C , fluent in .NET, can read java code, ok with linux [gentoo], fluent in networking and other IT R&D components) – any development pointers that anyone can offer?
this should probably be in q and a
and, you should probably change the title of your thread to reflect exactly what it is that you want, lol
and, you can google or wiki most of the things you want to know about.
Thread moved to Q&A.
timothydonohue said:
this should probably be in q and a
and, you can google or wiki most of the things you want to know about.
Click to expand...
Click to collapse
Suggestions to google for something are always useful, I'm not sure why you 'd assume I didn't
for exampel , -- the primary and secondary boot/application loaders, -- most of the information available is about rooting phones, not too much ont he theory on how it works.
I'm still figuring out a lot of this, but I think it is more like boot loader with an os on top of it, like a pc. In a normal boot the white screen with no animation (just the htc logo) is kinda like bios, self test and stuff. Then once you see the animated sprint 4g screen, the bios is done and the loaded rom is running.
Booting into recovery isn't a separate boot loader, it is just another partition in the nand.
I wish there was a little more information about this out there. I kinda feel like there aren't good resources for this. The developers that know this kind of stuff don't hang out in q&a or general, but this kind of question isn't really appropriate for the development section.
I think one of the best things would be to grab the aosp source and build android, I just don't have much time right now.
Sent from my PC36100 using XDA App
laydros said:
I'm still figuring out a lot of this, but I think it is more like boot loader with an os on top of it, like a pc. In a normal boot the white screen with no animation (just the htc logo) is kinda like bios, self test and stuff. Then once you see the animated sprint 4g screen, the bios is done and the loaded rom is running.
Booting into recovery isn't a separate boot loader, it is just another partition in the nand.
I wish there was a little more information about this out there. I kinda feel like there aren't good resources for this. The developers that know this kind of stuff don't hang out in q&a or general, but this kind of question isn't really appropriate for the development section.
I think one of the best things would be to grab the aosp source and build android, I just don't have much time right now.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
The recovery image seems to be stored on SD card and not in non volatile memory. So between HBOOT, Primary loader and secondary loader, and (what indicated on the phone as) firmware: is HBOOT is the same as the primary loader and secondary loader loads up the firmware that pulls the image?
HBOOT seems to be similar to bios
SPL seems to be the thing that bootstraps the device (i.e. lilo, grub etc...)
What exactly is the firmware then? if SPL is a secondary software loader, is HBOOT = Primary Loader?
this is a good place to start http://tjworld.net/wiki/Android
I'm sure a year later this was resolved, I'll even go out on a limb and say it was resolved before your join date.
blizzard1017 said:
I'm sure a year later this was resolved, I'll even go out on a limb and say it was resolved before your join date.
Click to expand...
Click to collapse
That's a really good way to discourage people trying to help, especially when they are actually helpful. This forum is getting a bad rap for comments like that (and "google it" being the default answer). I do tech support and understand how aggravating it is to deal with people who don't get it, but without people a forum is an empty place... and largely useless.
AllanonMage said:
That's a really good way to discourage people trying to help, especially when they are actually helpful. This forum is getting a bad rap for comments like that (and "google it" being the default answer). I do tech support and understand how aggravating it is to deal with people who don't get it, but without people a forum is an empty place... and largely useless.
Click to expand...
Click to collapse
Actually the bad rap is from people that over analyze things and start going off the handle about it. It was a joke, obviously a joke. He/she pulled up a thread from exactly a year ago that I assume was misread as current. I don't think I barraged them with belittling comments or suggestions of selling their phone and pc and moving to a cave did I. If you care to hit my little name and then tap on that little post history you'll see I actually help. I think I have in ONE thread actually called someone an ass and they actually deserved it based on the other 100+ post doing so as well.
"Sense of humor" google it lol
I don't have the experience to know if this is possible, which is why I ask because I'm curious. I post here because I want devs to see it, and think "that could work" or "idiot"
As we know the defy bootloader will probably never be unlocked, now I was thinking would it not be possible to somehow isolate the bootloader from a rom, and run some kind of virtual one in a seperate partition to run a fully custom kernel? It's probably crazy but I'm dying to know what people think, don't be too hard on me I have no coding experience :/ however all opinions are welcome I think anything is possible
Sent from the real world by hacking into the matrix
I don't want that this will become another dead Bootloader-Hacking-Thread but I want to give you an answer with the facts:
1) There currently is no known way to execute code before booting the kernel because everything is well protected though signing code.
2) The only way to boot a kernel after kernel-boot are tools like kexec or 2ndboot. But a phone's RIL is a heavy stone on that way because it's not that easy to reinitialize this part of hardware and without RIL a phone is useless. The main-developers canceled this project due to this reason.
Other "non-phone"-devices with locked bootloader (like Sony's google-tv) are using this method without problems.
3) You can use kexec/2ndboot to load a full bootloader instead of an kernel only, too. But because we don't have the source we would have to reverse engineer it to disable the signature check of the kernel otherwise you would load another useless protected bootloader This was also an project but I don't think it's still alive...
Additional note: You can't directly flash a modified bootloader because our chipset has built-in OMAP3-security features. This means the CPU will only boot signed Code from NAND.
You can find many helpful information about this topic on this page:
http://and-developers.com/partitions:cdt#cdt_table_of_droid_x
Thanks that clarifies things quite a bit, however I mean loading not just a second kernel but a WHOLE bootloader that would handle the phones entire functions independently, or is it completely hardwired so its impossible for something to override it? (Sorry if you have already answered in the above). Another thing, has noone tried to compile custom fixed sbf? Maybe the bootloader could be replaced that way? In software almost anything done can be undone in some way, although perhaps this is the rare case where it isn't
Sent from the real world by hacking into the matrix
I edited my post to have everything at one place.
I hope this answers your questions.
The bootloader is like the bios in a pc (actually is part of the bios), it's what initializes the device and loads the rest of the code. to load it again or another one you had to reinitialize the device. the issue with the RIL is that when reset or restarted it "panics" and resets the whole device (I think, read it somewhere).
also the second unlocked bootloader that you want to load does not exist anyway.
it's better to just help the developers with bug reports and testing than daydream.
sorry mate!
m11kkaa said:
I edited my post to have everything at one place.
I hope this answers your questions.
Click to expand...
Click to collapse
So its all been tried before, damn! XD at least the devs here have done a fine job of making good roms even with this limitation, guess I will do my research before I buy my next phone as I love playing with roms, the more custom, the better
Sent from the real world by hacking into the matrix
***This is not a bootloader unlock. This is only a discussion about a possible bootloader unlock***
So I've been following this blog for the past couple of weeks. The owner of the blog describes an exploit to run arbitrary code in trustzone kernel in msm8974 chipsets (post1, post2, post3).
Trustzone is responsible for stuff like android keystore, decoding audio and video with DRM and has absolute control over every bit of hardware inside the chipset.
Most importantly the Qfuses checked by the bootloader to determine if it's unlocked or not.
Now, I've been looking at the deassemblies of trustzone images extracted from firmware versions 4.3.6, 3.5 AT&T, 3.6.2T-MobileDE.
The bug caused this exploit is in fact fixed in firmware 4.6.3. I didn't test 4.6.1 because probably it is fixed.
Anyway, In firmware versions 3.5 and 3.6.2 the bug is still present. Meaning that we would probably be able to run arbitrary code on the devices with old firmware, or if we can downgrade our phones to 3.6.2 firmware.
The first problem we have is, the exploit needs a slight kernel driver modification to run. (that is if we are not going to use his "zero write primitive" to blow a Qfuse).
But in our devices we can't even boot a custom kernel! (fastboot kernel hotbooting complain even if you pass a signed boot image, saying "boot not allowed in locked HW").
So we might need to find a way to use "kexec" to hotswap a kernel at runtime. Which in turn might need a modified kernel module to be loaded.
We still don't know if we can load unsigned kernel modules to the stock kernel.
The next problem is to find the correct Qfuse to blow, If we blow a wrong one, We can say our device goodbye.
This would need an analysis of aboot partition image (emmc_appsboot.mbn) to find which Qfuse aboot check for bootloader unlocked. (take a look here to know more about this)
So a very simple outline of what we have to do is,
1)Find a way to downgrade to firmware/trustzone 3.6.2
2)Get kexec to run a custom kernel
3)Run the trustzone exploit to blow the correct Qfuse
Now, I'm not very good at reverse engineering stuff since I'm still a newbie, I need help from everyone.
Reply if you have any ideas and contributions. any kind of feedback is appreciated.
Hello @madushan1000,
Here seemed an appropriate place to reply to your PM
Some points to consider:
- Safestrap doesn't use kexec, it uses 2nd init which hijacks the boot process to load a different ramdisk
- Therefore you won't be able to use anything from Safestrap including 2nd init to enable loading a new kernel
- Also note kexec is not enabled on stock kernel builds so at least the exec part is out the window.
- I checked the aboot of 3.5.x and 4.6.1 and noted that the exploit used on the Kindle HDX tabs to bypass/unlock the bootloader have been patched up.
- Other than that: It seems the bootloader is going to remain locked on our devices - Though I hope I am wrong.
More info on the trustzoon exploit can be found in the posts I linked above.
Anyway, I don't think we can use HDX bugs even if the aboot bug was present because there is no unlock partition found on the device and flashing to any kind of partition is absolutely prohibited.
We are going to do what described in this post (http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html) using the trustzoon exploit.
As per kexec, there is a kexec kernel module developed at Xperia forums, I can try to port it to fire phone. Probably wouldn't be too hard because it was built for msms8974 kernel too.
Anyway, Does anyone had gone back to 3.6.2 from 4.6.1 without bricking the device?
Wow, I just found out you can't load unsigned kernel modules too.
madushan1000 said:
***This is not a bootloader unlock. This is only a discussion about a possible bootloader unlock***
So I've been following this blog for the past couple of weeks. The owner of the blog describes an exploit to run arbitrary code in trustzone kernel in msm8974 chipsets (post1, post2, post3).
Trustzone is responsible for stuff like android keystore, decoding audio and video with DRM and has absolute control over every bit of hardware inside the chipset.
Most importantly the Qfuses checked by the bootloader to determine if it's unlocked or not.
Now, I've been looking at the deassemblies of trustzone images extracted from firmware versions 4.3.6, 3.5 AT&T, 3.6.2T-MobileDE.
The bug caused this exploit is in fact fixed in firmware 4.6.3. I didn't test 4.6.1 because probably it is fixed.
Anyway, In firmware versions 3.5 and 3.6.2 the bug is still present. Meaning that we would probably be able to run arbitrary code on the devices with old firmware, or if we can downgrade our phones to 3.6.2 firmware.
The first problem we have is, the exploit needs a slight kernel driver modification to run. (that is if we are not going to use his "zero write primitive" to blow a Qfuse).
But in our devices we can't even boot a custom kernel! (fastboot kernel hotbooting complain even if you pass a signed boot image, saying "boot not allowed in locked HW").
So we might need to find a way to use "kexec" to hotswap a kernel at runtime. Which in turn might need a modified kernel module to be loaded.
We still don't know if we can load unsigned kernel modules to the stock kernel.
The next problem is to find the correct Qfuse to blow, If we blow a wrong one, We can say our device goodbye.
This would need an analysis of aboot partition image (emmc_appsboot.mbn) to find which Qfuse aboot check for bootloader unlocked. (take a look here to know more about this)
So a very simple outline of what we have to do is,
1)Find a way to downgrade to firmware/trustzone 3.6.2
2)Get kexec to run a custom kernel
3)Run the trustzone exploit to blow the correct Qfuse
Now, I'm not very good at reverse engineering stuff since I'm still a newbie, I need help from everyone.
Reply if you have any ideas and contributions. any kind of feedback is appreciated.
Click to expand...
Click to collapse
How do you know there's a bit in the QFPROM dedicated to unlocking the bootloader? Doesn't that seem kind of like an oversight since there's one you blow to lock it in the first place? Blowing a random fuse will just brick your phone and I'll tell you right now there's no bit to unlock it. The bug has been patched for quite a while and even if it did work, I'm doubtful you'd find what you're looking for.
Well, I don't know. That's why this is still work in progress. But still, As pointed out in the original post, the is one qfuse which is blown after first factory flash to mark the device as bootloader locked. Then there is another one (which is not blown in almost all the msm chipsets in case vendor change their mind and offer a unlock in the future) which mark the device as permanently unlockable. Even if this fuse is blown, by gaining arbitrary code execution in trustzoon we might be able to trick the bootloader in to thinking device is unlocked.
Don't worry, I'm not going to start blowing qfuses up blindly. First I'm going to identify if there is such a qfuse at all by looking at the aboot drassembly. Then try reading their values first to verify it is in fact not blown. Then I'm going to blow stuff up when I can afford a new phone
Even before that, I have to find a way to downgrade trustzoon and find a way to load unsigned kernel modules. I have no illusions, I'm very very far away from unlocking this thing.
And which bug you are referring to? The new trustzoon bug I mentioned or the previous trustzoon bug?
kaboom away
madushan1000 said:
Don't worry, I'm not going to start blowing qfuses up blindly. First I'm going to identify if there is such a qfuse at all by looking at the aboot drassembly. Then try reading their values first to verify it is in fact not blown. Then I'm going to blow stuff up when I can afford a new phone
Click to expand...
Click to collapse
With the current fire sale on these phones, you can probably afford to blow up as many as you want. I cannot believe the prices on these babies right now, that is, if you are into Prime, or don't mind reselling the Prime. I am almost ready to buy a third one.
LNRrgB said:
With the current fire sale on these phones, you can probably afford to blow up as many as you want. I cannot believe the prices on these babies right now, that is, if you are into Prime, or don't mind reselling the Prime. I am almost ready to buy a third one.
Click to expand...
Click to collapse
The sad thing is, Amazon prime is not available, let alone fire sales I would definitely love to get my hands on few more.
madushan1000 said:
The sad thing is, Amazon prime is not available, let alone fire sales I would definitely love to get my hands on few more.
Click to expand...
Click to collapse
it's $124.99 in ebay, brand new, prime and warranty.
Yup, ebay has the 32GB and the 64GB for sale right now, with Prime ! Seller is qualitycellz .
litan1106 said:
it's $124.99 in ebay, brand new, prime and warranty.
Click to expand...
Click to collapse
Now $119
Perhaps, after all stock containing Prime is depleted, we will get a bootloader unlock...
Wow, If I only had the money. Wish the stock will hold untill I graduate next month and get a job.
I just want to make sure that everything is crystal clear. I have spent weeks and many, many hours pouring over numerous, differing guides on how to root the 910V and run a custom 6.0+ ROM - all of them missing different vital chunks of information. Correct me if I am wrong:
You have to temp-root the device and quickly run an unlocking script written by an unknown source before the phone completely locks up and reboots itself. Then if you're lucky and the script is successful after 17 attempts and 4 battery re-charges, the stock 5.1.1 ROM will refuse to boot and you'll only be able to access the stock recovery with an "unlocked" flag on it. Then you'll go to install TWRP, try and flash a custom MM ROM only to find that wifi, camera, and all sensors don't work on any MM ROM without flashing the updated CPD1 bootloader firmware (this is not explicitly mentioned in multiple different guides for rooting and unlocking, including the official): Example here and here. Oh, and good luck using the thread search tool to find replies that mention this wifi issue in any of the 500 pages of replies that follow the official rooting and unlocking guide! The search tool has been broken for weeks and you'll get: "Sorry, we encountered an error processing your request. Please go back and retry or wait a minute. The Administrators have been notified of this error". Clearly Admins either aren't being contacted or don't care.
Then if you are repeatedly unsuccessful in flashing the updated bootloader firmware using the BPA1-CPD1 Hybrid Lollipop ROM developed by hsbadr in this guide, you might try and flash the stock 6.0+ bootloader firmware found here, (because you can't find anything with the broken search tool, it seems like a logical thing to do, and there are absolutely NO write-ups that mention extremely simple things - (like whether or not the updated stock VZW bootloader firmware will re-lock the bootloader.) However, if you do this, the bootloader re-locks itself, the phone bricks itself into a boot loop, and you have to factory flash VZW's MM ROM. If you manage to do that without completely losing your sanity, then you have to flash VZW's 5.1.1 ROM while on 6.0.1 firmware, which will take 6+ tries to get working and might not work at all. Then you have to boot into 5.1.1, re-temp root, quickly re-run the shady bootloader unlocker script before the phone force-restarts, go back to having an unbootable ROM, re-flash TWRP, then flash a custom 6.0+ ROM.
Am I understanding all of this right? I just want to make sure that I am not unaware of something, because god forbid anyone ever be unaware of something, lest this YOU DIDN'T READ!!! YOU DIDN'T READ!!!!! mantra get thrown around - as if any of you could seriously have the audacity to claim that these cluttered, fragmented guides on 15 different links represent some sort of fool-proof cohesive and coherent guide in your warped minds.
So am I missing anything? Some crucial step that I still might be unaware of? No? Great. Rant done. TL;DR: This process is waaaaaay too complicated for most people. I put myself in this category as a professional engineer that's rooted and flashed custom ROMs on many different phones.
notedroidbrokedroid said:
I just want to make sure that everything is crystal clear. I have spent weeks and many, many hours pouring over numerous, differing guides on how to root the 910V and run a custom 6.0+ ROM - all of them missing different vital chunks of information. Correct me if I am wrong:
You have to temp-root the device and quickly run an unlocking script written by an unknown source before the phone completely locks up and reboots itself. Then if you're lucky and the script is successful after 17 attempts and 4 battery re-charges, the stock 5.1.1 ROM will refuse to boot and you'll only be able to access the stock recovery with an "unlocked" flag on it. Then you'll go to install TWRP, try and flash a custom MM ROM only to find that wifi, camera, and all sensors don't work on any MM ROM without flashing the updated CPD1 bootloader firmware (this is not explicitly mentioned in multiple different guides for rooting and unlocking, including the official): Example here and here. Oh, and good luck using the thread search tool to find replies that mention this wifi issue in any of the 500 pages of replies that follow the official rooting and unlocking guide! The search tool has been broken for weeks and you'll get: "Sorry, we encountered an error processing your request. Please go back and retry or wait a minute. The Administrators have been notified of this error". Clearly Admins either aren't being contacted or don't care.
Then if you are repeatedly unsuccessful in flashing the updated bootloader firmware using the BPA1-CPD1 Hybrid Lollipop ROM developed by hsbadr in this guide, you might try and flash the stock 6.0+ bootloader firmware found here, (because you can't find anything with the broken search tool, it seems like a logical thing to do, and there are absolutely NO write-ups that mention extremely simple things - (like whether or not the updated stock VZW bootloader firmware will re-lock the bootloader.) However, if you do this, the bootloader re-locks itself, the phone bricks itself into a boot loop, and you have to factory flash VZW's MM ROM. If you manage to do that without completely losing your sanity, then you have to flash VZW's 5.1.1 ROM while on 6.0.1 firmware, which will take 6+ tries to get working and might not work at all. Then you have to boot into 5.1.1, re-temp root, quickly re-run the shady bootloader unlocker script before the phone force-restarts, go back to having an unbootable ROM, re-flash TWRP, then flash a custom 6.0+ ROM.
Am I understanding all of this right? I just want to make sure that I am not unaware of something, because god forbid anyone ever be unaware of something, lest this YOU DIDN'T READ!!! YOU DIDN'T READ!!!!! mantra get thrown around - as if any of you could seriously have the audacity to claim that these cluttered, fragmented guides on 15 different links represent some sort of fool-proof cohesive and coherent guide in your warped minds.
So am I missing anything? Some crucial step that I still might be unaware of? No? Great. Rant done. TL;DR: This process is waaaaaay too complicated for most people. I put myself in this category as a professional engineer that's rooted and flashed custom ROMs on many different phones.
Click to expand...
Click to collapse
The processes were easy enough...and some like me had temp root on first or second try. If you've spent weeks and weeks trying to figure this all out, I'm not sure anyone can help you. There are people in these threads that have answered every question you've brought up, and helped people get through. I know you must be some kind of troll with your "one post" and claiming you've been rooting blah blah blah....engineer...blah blah blah, you should be embarrassed by your lack of understanding and ability to root and unlock. Go read some of the dopey posts by people who can't follow instructions or put a sentence together, yet were successful! I guess what I'm saying is stfu and go away.
Sent from my SM-N910V using XDA-Developers mobile app
gcounts said:
The processes were easy enough...and some like me had temp root on first or second try.
Click to expand...
Click to collapse
You can follow all of the links I posted and verify that the information I have claimed is missing, is indeed missing. I have pointed out what is missing from where and concisely explained exactly why the process for this particular phone is dangerous without said information.
Congrats on your effortless unlock and custom ROM flash. Your anecdotal success and unsubstantiated claims regarding the successes of others does not make the process objectively "easy", nor straightforward. I have flashed custom ROMs onto many devices, and this one is the most complicated, convoluted, and frustrating of them all.
gcounts said:
you should be embarrassed by your lack of understanding and ability to root and unlock.
Click to expand...
Click to collapse
Ahhh, the "YOU DIDN'T READ!!!!" mantra begins! I don't know if you're aware of this, but failure is how things are learned. It's how more cohesive, better written guides surface, and it's how people like you enjoy a successful root and custom ROM. There are lots and lots of people who have ruined phones from attempting this process. I'd be willing to bet money that the people who developed these hacks certainly went through a couple.
notedroidbrokedroid said:
You can follow all of the links I posted and verify that the information I have claimed is missing, is indeed missing. I have pointed out what is missing from where and concisely explained exactly why the process for this particular phone is dangerous without said information.
Congrats on your effortless unlock and custom ROM flash. Your anecdotal success and unsubstantiated claims regarding the successes of others does not make the process objectively "easy", nor straightforward. I have flashed custom ROMs onto many devices, and this one is the most complicated, convoluted, and frustrating of them all.
Ahhh, the "YOU DIDN'T READ!!!!" mantra begins! I don't know if you're aware of this, but failure is how things are learned. It's how more cohesive, better written guides surface, and it's how people like you enjoy a successful root and custom ROM. There are lots and lots of people who have ruined phones from attempting this process. I'd be willing to bet money that the people who developed these hacks certainly went through a couple.
Click to expand...
Click to collapse
You know what? The people that wrote the guides did so out of the goodness of their hearts as have all of the people here that have helped others to root their phones. There's nothing like you coming in here and slapping those people in the face.
Perhaps they're not the best writers. I think it unlikely that writing is what they do for a living. But you know what? If you'd taken the time to read the entire threads, you would have seen every possible way to **** up and how to deal with it. But no. Assholes like you think there should be a one touch root because you're too ****ing lazy to learn a little bit about your phone. Sorry, bub. It didn't happen with this phone. It took almost 18 months to discover and develop the exploits that allowed us without developer editions to root our phones.
I should apologize. I should be sorry that you're too ****ing stupid to read through hundreds of posts on how to unlock a bootloader and root your phone.
Have you sent any money to the guys that developed the exploit? How much are you paying for any of what's here on this forum? STFU.
douger1957 said:
You know what? The people that wrote the guides did so out of the goodness of their hearts as have all of the people here that have helped others to root their phones. There's nothing like you coming in here and slapping those people in the face.
Perhaps they're not the best writers. I think it unlikely that writing is what they do for a living. But you know what? If you'd taken the time to read the entire threads, you would have seen every possible way to **** up and how to deal with it. But no. Assholes like you think there should be a one touch root because you're too ****ing lazy to learn a little bit about your phone. Sorry, bub. It didn't happen with this phone. It took almost 18 months to discover and develop the exploits that allowed us without developer editions to root our phones.
I should apologize. I should be sorry that you're too ****ing stupid to read through hundreds of posts on how to unlock a bootloader and root your phone.
Have you sent any money to the guys that developed the exploit? How much are you paying for any of what's here on this forum? STFU.
Click to expand...
Click to collapse
- Has anybody bothered to state that 40% of the battery charge disappears every time you run Kingoroot? Nope. Nowhere in the guides.
- Has anybody mentioned that the CPD1 VZW bootloader firmware is also locked and will not boot a ROM flagged as custom? Nope! Nowhere. You heard it here first!
- Has anyone examined the content of the BPA1-CPD1 hybrid 5.1.1 ROM to determine whether it contains OEM VZW firmware or a custom firmware revision developed by someone on this forum? No. Nobody has done that.
You don't have to "write full-time" to have good written communication skills. I could write a very respectable COMPREHENSIVE guide on the process involved, but do you know what would happen to it? The admins would never sticky it and it would get buried under a thousand other threads. Somebody decided that there can be ONLY ONE ["Official"] guide, even though the current one is a stupid, incoherent mess that's maintained by an OP who refuses to amend or add anything to it.
And lazy? At least I perused the source code before I blindly copied a script claiming to unlock my bootloader. I doubt you have the slightest clue on either how to look at it or what malicious code looks like.
Lastly and most importantly, you're a fool for being content with giving your money to a phone manufacturer that rails you in the ass for wanting more control over it. After I brought my Note 4 back from the grave, I bought a Nexus. You think donating your change to the Devs is going to fix this problem long-term when you give Samsung $800 to continue doing this to you? I don't have enough crayons to further explain to you what an idiot you are.
Ok as this really is nothing more then a rant I will close this up with a few passing thoughts.
Things like this are not meant to be done by the average guy. This is a developers site. So yes you are expected to do lots of research before you do anything.
Next. No one in their right mind uses that root process. The battery drain is it connecting to the internet and downloading what ever it is they use to root the device after then get your imei and store it.
Also lets leave the name calling for the playground or the next name that will be called is banned.
I really hate asking this type of question as it makes me sound like a choosy beggar, but is there an all in one tool in the works for unlocking/rooting/flashing/etc? As I grow older, I desire rooting and tinkering, however I also value my free time a lot more lately (can't have both, right?).
Apologies if this is a silly question, however I thought I'd ask anyway! Thanks!
CacheOnlyPlease said:
I really hate asking this type of question as it makes me sound like a choosy beggar, but is there an all in one tool in the works for unlocking/rooting/flashing/etc? As I grow older, I desire rooting and tinkering, however I also value my free time a lot more lately (can't have both, right?).
Apologies if this is a silly question, however I thought I'd ask anyway! Thanks!
Click to expand...
Click to collapse
As far as I know, only the original Pixel 1 has an all-in-one tool* ("click button, wait, have fun - even though the P1 tool only came years after release!"), it has always been the culmination of a couple ADB steps/commands in a certain order, plus some manual flashing/magisk file creation incl. copying a couple files from your phone to your PC or vice versa.
Especially since Google changed alot of stuff with Android 11 and Android 12, it's a bit more complicated to root since the days of the original Pixel.
That doesn't mean that there can be no all-in-one root tool here, but as of now we have none and I don't see how one could be created in the foreseeable future.
*https://forum.xda-developers.com/t/...ck-twrp-factory-image-stock-recovery.3730227/
Morgrain said:
As far as I know, only the original Pixel 1 has an all-in-one tool* ("click button, wait, have fun - even though the P1 tool only came years after release!"), it has always been the culmination of a couple ADB steps/commands in a certain order, plus some manual flashing/magisk file creation incl. copying a couple files from your phone to your PC or vice versa.
Especially since Google changed alot of stuff with Android 11 and Android 12, it's a bit more complicated to root since the days of the original Pixel.
That doesn't mean that there can be no all-in-one root tool here, but as of now we have none and I don't see how one could be created in the foreseeable future.
*https://forum.xda-developers.com/t/...ck-twrp-factory-image-stock-recovery.3730227/
Click to expand...
Click to collapse
For sure, that's actually the All in One tool that I remember using with my Oneplus 7 Pro. This is my first Pixel phone (does the Nexus 6P count?) so I wasn't sure if developers would be all over it, or if Google has made things more complicated over the past couple of years. Either way I appreciate the reply and will probably dive into unlocking/rooting over the holiday weekend.
CacheOnlyPlease said:
For sure, that's actually the All in One tool that I remember using with my Oneplus 7 Pro. This is my first Pixel phone (does the Nexus 6P count?) so I wasn't sure if developers would be all over it, or if Google has made things more complicated over the past couple of years. Either way I appreciate the reply and will probably dive into unlocking/rooting over the holiday weekend.
Click to expand...
Click to collapse
If you want to read a bit about complication, take a search engine and find out what
Android 11 scoped storage
Android 12 Dm-verity (device-mapper-verity)*
Android 12 Vbmeta verification**
SafetyNet Android
Android Hardware Attestation
means.
*is a method by which an image on block devices (the underlying storage layer of the file system) can be checked to determine if it matches an expected configuration, using a cryptographic hash tree. If the hash doesn't match, dm-verity prevents the stored code from loading.
**is the other half of this - it provides a cryptographically signed reference hash which is used to verify the integrity of /boot, /system, and /vendor partitions. The vbmeta image is only used to verify /boot, while vbmeta-system is used to verify /system.
Click to expand...
Click to collapse
Google has been actively working - for a couple of years now - at making the modding/rooting communities life harder. We have always found a workaround, some require work (spoofing device ID, forcing software attestation, et cetera) or don't work that well at all, but it's a constant struggle.
Every firmware update is a small struggle and you got to pray to the man above that your device will still boot up, even if you have those pesky magisk modules disabled.
Morgrain said:
Google has been actively working - for a couple of years now - at making the modding/rooting communities life harder. We have always found a workaround, some require work (spoofing device ID, forcing software attestation, et cetera) or don't work that well at all, but it's a constant struggle.
Click to expand...
Click to collapse
I think Google's goal was to make our devices more secure, not making modding/rooting harder.
CacheOnlyPlease said:
I really hate asking this type of question as it makes me sound like a choosy beggar, but is there an all in one tool in the works for unlocking/rooting/flashing/etc? As I grow older, I desire rooting and tinkering, however I also value my free time a lot more lately (can't have both, right?).
Apologies if this is a silly question, however I thought I'd ask anyway! Thanks!
Click to expand...
Click to collapse
Not sure if this fits the bill of what you're looking for
Android Flash Tool
Perhaps this
Android Dollhouse (Flashtool) | TESTERS REQUIRED
Android Dollhouse The Definitive Android Flashtool. This is the support thread for Pixel 6 Pro. If you have another device, please check the other threads: Pixel 2XL: Support Thread Pixel 6: Support Thread I'm releasing the first user-facing...
forum.xda-developers.com
Az Biker said:
Not sure if this fits the bill of what you're looking for
Android Flash Tool
Click to expand...
Click to collapse
Sort of. Like I mentioned, I haven't dove into the details yet of rooting my Pixel 6 Pro yet, however can this tool you linked get me out of a potentially sticky situation if I ever need to load the stock firmware (ROM) onto it? That's really my biggest concern is messing something up. If I have a tool handy to get me back to stock, even if it wipes the whole phone, then I'm much more likely to dive in, you know.
For an all-in-one tool... what's wrong with fastboot?
CacheOnlyPlease said:
Sort of. Like I mentioned, I haven't dove into the details yet of rooting my Pixel 6 Pro yet, however can this tool you linked get me out of a potentially sticky situation if I ever need to load the stock firmware (ROM) onto it? That's really my biggest concern is messing something up. If I have a tool handy to get me back to stock, even if it wipes the whole phone, then I'm much more likely to dive in, you know.
Click to expand...
Click to collapse
If you haven't already looked them over, check the 6 PRO link in my sig, Step by step directions, pretty much each and every detail to make it easy for people like me who aren't rooting gurus.
Fastboot is the tool to pull you back from the abyss should you screw the pooch. Plenty of places you can find commands to help you out in a pinch, usually bringing you back to a factory fresh image.
Fastboot, update, and root a few times and it'll become much less concerning and tedious.