My goal is to create a system backup (including Android OS) of my Galaxy S9 (SM-G960F), just like I can do on my PC using Acronis True Image or other similar programs, because now I have Pie but Android 10 is available, and I want to be able to roll back in case of bugs.
I've found out one of the best ways of doing this is using TWRP. Flashing a custom recovery means making changes (editing recovery partition), but some say TWRP can be run even without being installed, and that was my intent. I tried on my old Galaxy S5 mini and I could successfully run TWRP without rewriting recovery partition.
However, it turned out that bootloader unlocking is needed. No problem, I thought: I'll unlock it, backup system, and lock it again. But when I tried to switch the 'OEM unlock' item, a dialog appeared saying that my device would have been formatted and Samsung Knox services would stop working.
I was wondering:
- if I do enable OEM unlock and erase data, setting OEM unlock to off would reactivate Knox services?
- is there a way to actually unlock bootloader without erasing data?
- is there any hidden method to boot TWRP without unlocking bootloader?
- is there any better way to backup whole system and data?
I may have already partially answered the last question: using adb backup I backup as much data as possible, and by downloading OS image from Sammobile.com I have an OS backup. Can it work? If I decide to "restore" that kind of backup there would be any kind of data that would be lost during this particular roll back procedure?
Thanks in advance.
If my English is odd or incorrect, that's because it isn't my primary language. I'm from Italy - land of Pizza and Coronavirus.
Related
Hi,
I made some mistake when trying to get the Oreo soak to flash. I flashed back the stock boot.img (since the backup made by Magisk caused some error) and WiFi wasn't working. It showed to be disabled woke searching for WiFi without possibility to turn it on, so I tried to reflash the latest official ROM.
RSD lite can't find my device and all the manual methods either and in since error or include bootloader locking or going back from a custom ROM (and most likely wiping /data for compatibility). I found one that separated out a few files that could wile internal storage but it would be stuck on that back/white Motorola logo (the one you get unlocking bootloader and hiding the warning). A different one wanted to flash that gpt file but that gave me an error in terminal.
I was able to get everything running by restoring boot image and something else from TWRP, the only thing remaining is that when I bootup/reboot my phone it automatically boots into fastboot so I have to hit the power button on,"start", which is a bit annoying.
But also for the future: is there any simple way to flash from the .xml.zip files like with Googles image files or Samsung's .tar.md5 through ODIN or something like that? Or at least a working manual method not including bootloader lock or loosing any data?
It seems like I've found a working manual myself that includes creating a bat file and explains what you have to do to either keep or whipe data. Don't know what it's doing that much different, I just know that it doesn't give me any (real) errors.
Hey all, hopefully not too lame of a question...
But, I want to test some of the Treble Roms, but also would like to return to current configuration of my Mate SE, if desired.
Have the unlock code, adb etc etc.
So I guess the question is, if I wanted to get back to my configuration (same apps removed, installed, etc), which partitions should I back up? I'd like to use 'adb backup' instead of twrp, and then flash the image(s) with fastboot to return.
I've already flashed the open kirin Lineage, and used the oem system.img to go back, but then had to reconfigure everything of course. Do I need to backup more than 'User' (and Data) partition to get back without all the reconfiguration hassle?
Thanks!
Hello
About securing your device after having an unlocked bootloader. Using TWRP you can easily delete whatever lockscreen is installed by removing a few files from /data/system, the gatekeeper files and the three locksettings files.
You might as well not have a lockscreen at all if a potential phone thief has any idea what he's doing. How would you secure your device?
Encryption isn't possible on Lineage 14, and 15 still has too many bugs for me to consider using it. The only other option is staying stock and having a massively outdated Android security patch.
Are there any other security options I'm missing?
a tiny ant said:
Hello
About securing your device after having an unlocked bootloader. Using TWRP you can easily delete whatever lockscreen is installed by removing a few files from /data/system, the gatekeeper files and the three locksettings files.
You might as well not have a lockscreen at all if a potential phone thief has any idea what he's doing. How would you secure your device?
Encryption isn't possible on Lineage 14, and 15 still has too many bugs for me to consider using it. The only other option is staying stock and having a massively outdated Android security patch.
Are there any other security options I'm missing?
Click to expand...
Click to collapse
Install a stock recovery to avoid the easy deletion of files in TWRP.
But...as long as you have a LP or MM bootloader stack you can still boot a TWRP image by fastboot boot when having physical access. To avoid this you need the bootloader stack for N which is available only for h815 devices and denies fastboot boot commands. While fastboot flash is still available for flashing TWRP...
Another option:
Install any ROM which has working encryption. Encrypt the device.
Flash the ROM of your choice over it. The issue we had in 14.1 was about enabling(!) encryption. The decrypt of a previous one worked fine. Just ensure that you do not use format data as that would remove encryption.
Even when you have encrypted your device your bootloader unlock will let a door open which can allow the modification of system files (which never gets encrypted). Means: I can place a malware in system, you will boot next time android and activate my malware after you have entered your pass for the decrypt.
So all the above can make things harder for an attacker while not impossible to break.
TLDR;
Once unlocked there is always a way to allow access. The warnings of the vendors are there for a reason
Sent from my LG-H815 using XDA Labs
steadfasterX said:
Install a stock recovery to avoid the easy deletion of files in TWRP.
But...as long as you have a LP or MM bootloader stack you can still boot a TWRP image by fastboot boot when having physical access. To avoid this you need the bootloader stack for N which is available only for h815 devices and denies fastboot boot commands. While fastboot flash is still available for flashing TWRP...
Another option:
Install any ROM which has working encryption. Encrypt the device.
Flash the ROM of your choice over it. The issue we had in 14.1 was about enabling(!) encryption. The decrypt of a previous one worked fine. Just ensure that you do not use format data as that would remove encryption.
Even when you have encrypted your device your bootloader unlock will let a door open which can allow the modification of system files (which never gets encrypted). Means: I can place a malware in system, you will boot next time android and activate my malware after you have entered your pass for the decrypt.
So all the above can make things harder for an attacker while not impossible to break.
TLDR;
Once unlocked there is always a way to allow access. The warnings of the vendors are there for a reason
Sent from my LG-H815 using XDA Labs
Click to expand...
Click to collapse
Thanks! Very informative post. I think the risks of having an unlocked bootloader are acceptable if the phones' data can be encrypted.
I have tried encrypting on stock Nougat and then flashing LineageOS over it, however it resulted in the LineageOS installation not recognizing my pattern and refusing to boot past the boot prompt. Maybe deleting the keyguard files right after flashing? I will try this later.
So the next step was disabling the pattern altogether and then trying to use TWRP again, but then it asks for a password, which technically shouldn't exist since there isn't any lock on the screen.
**Well I've actually figured this one out, apparently Android defaults to "default_password". It almost seems too silly to be true but it has to be something I guess. Will try flashing LOS later over an encrypted storage.
steadfasterX said:
Another option:
Install any ROM which has working encryption. Encrypt the device.
Flash the ROM of your choice over it. The issue we had in 14.1 was about enabling(!) encryption. The decrypt of a previous one worked fine. Just ensure that you do not use format data as that would remove encryption.
Click to expand...
Click to collapse
I've actually tried this, encrypting from stock Nougat and flashing Lineage over it, except then Lineage refuses to boot, asking for a password instead. "default_password" doesn't work even though no actual password is set.
It seems to be dependant on what setting it was on stock nougat, as it could also ask for a pattern which then won't be accepted.
I also cannot find any lockscreen or keyguard related files in /data/system after flashing stock Nougat. Are there any other options I could try? The device is decrypted in TWRP before rebooting, but afterwards the encryption activates making it no longer possible to enter the system.
Another bit of a strange/interesting thing. The only way out was to format data, thus removing encryption. I then restore a TWRP backup where encryption was enabled, deleted the lockscreen files and upon booting the device appeared to be fully encrypted again. Is this a bug or something?
Hello there! I'm looking for help regarding unlocking the bootloader on my Xiaomi 11 Lite 5G NE. I specifically wanted to do it without erasing my entire phone, because I've spent days on tweaking settings and mostly making it look aesthetically pleasing. Some of you might ask me about just backing it up, but the problem is that I don't really have enough storage on my SD Card to back it up entirely. Thanks for any answers beforehand! For now, have a great rest of your day/night.
You will not be able to unlock bootloader without erasing data that process is automated and cannot be changed
You can't do a complete backup or see files in folders with protected access if your bootloader is locked. But when unlocking, the data that you want to backup or look into gets erased.
This is why my first action when getting a new phone is to unlock the bootloader.
This is not a question of space. You can backup to an USB stick or to network with a booted TWRP. But you can only boot TWRP if your bootloader is unlocked ...
Sadly my phone is corrupt and cant start anymore ... I want to use Newsflasher to rescue my Phone.
Before I want to use TWRP to make a backup. But I cannot enter TWRP.
As far as I understood TWRP cannot be installed on XZ2 compact, but it can be temporarily flashed (as I of course did to get my LineageOS Android 11).
But now when I flash it TWRP asks for a Password.
I just have my regular Screen Unlock Password - but if I type it in it tells me PASSWORD FAILED.
How can that be? Which other Password could it be? I dont know any ...
Obviously I would just remove the screen lock in Android. But it's corrupt x(
I want to do this before I have to do the wipe with Newflasher
If I ignore data encryption then it tells me when booting system that I have no OS installed ...
So then I will never be able to get my data back because encryption with password is still active and I cannot boot to turn it off?
And TWRP is bugged so it does not accept my real password? (How can that be omg ...)
Nothing can done now u have to flash flash a fastboot rom on your device without backup
That is
the_arxyn said:
Nothing can done now u have to flash flash a fastboot rom on your device without backup
Click to expand...
Click to collapse
That is what I was already thinking but yes let it be :/
I will use the old file that I used 2 years ago and also worked when I had to do the same.
For a strange reason it does not work when executing in the original created folder (by Xperifirm), but only if I push it on a external Hard Drive?
Otherwise it will tell FINISHED but it just took 3 seconds, which it will also do if it is played in any other folder ...
Anyways it asked me for a weird reason if I want to keep my userdata. I was thinking that there is no way to install a new OS but still keep the old data. I did it but then at the end of the Flashing it told the Sync did not work. I still booted up and it tells that it cant load the Android. So I dont know if this happened because I either left the user data intact or because that sync at the end did not work.
I'm just now scared to erase it when trying again, just in case that indeed I could safe my data.
So what is the story behind that *Erase User data Y / N*. Can I indeed keep my files this way?