Related
Hi All,
I finally decided to update to Widevine L1 because I thought why not. It was a quick and painless process as I was able to reflash my TWRP backup and was back up and running in minutes. Come to find out though I am having issues playing netflix.... When I try to open netflix I get the error, "Sorry, we could not reach the Netflix service. Please try again later. [-9]." I couldn't find much on it until I stumbled across this thread
https://forum.xda-developers.com/showthread.php?t=2527627&page=4
Is anyone aware of a workaround this? I did a reset and was able to get netflix back but as soon as I got Magisk on there it seems, the error came back. I know I can run stock without root but that would just make me want to ditch this phone. If anyone has any experience or ways to get around this please share. The forum above references a file to rename which I was unable to actually find.
Thanks!
Try hiding root from Netflix using Magisk hide root option
abeysoft said:
Try hiding root from Netflix using Magisk hide root option
Click to expand...
Click to collapse
I have hidden it and it doesn't work. Not sure if it is a Magisk thing that needs updating or a OnePlus issue. To be clear I have hidden Google Pay and Netflix, both of which now act funny when I try to use them. I am otherwise on the latest version of OOS with latest Magisk. Safteynet passes without a problem.
To those that run into this issue, the Magisk module liboemcrypto disabler will fix issues with Netflix not launching. It essentially just takes your device back to Widevine L3 which means no HD Netflix streaming still, but it will at least work :crying:
boricuastock said:
To those that run into this issue, the Magisk module liboemcrypto disabler will fix issues with Netflix not launching. It essentially just takes your device back to Widevine L3 which means no HD Netflix streaming still, but it will at least work :crying:
Click to expand...
Click to collapse
Can I undo going back to Widevine L3 by myself once this issue is fixed or do I have to send my phone again to oneplus or does this "fix" let netflix think I'm on L3 while my phone stays on L1?
charlie.. said:
Can I undo going back to Widevine L3 by myself once this issue is fixed or do I have to send my phone again to oneplus or does this "fix" let netflix think I'm on L3 while my phone stays on L1?
Click to expand...
Click to collapse
You will not need to send the phone back in. I don't know much about widevine but all this does is remove or mask a file on the filesystem that is needed as part of the check. If you reset the device or put the file back, the Widevine L1 is back. By using the module or moving the file you are just temporarily undoing the certification. Basically I think of it as there is a hardware and software fix for the update to L1. You are undoing the software and oneplus did the hardware side. When put together you get L1 otherwise you only get L3.
I did just disable the module and got L1 back after reboot, fyi.
Netflix has implemented a new way to "protect" their Widevine L1 content (AKA HD Content) that doesnt work with unlocked phones even if it is stock but only unlocked (it is protected by signed bootloaders). The only way right now to get Netflix working is by removing or renaming the file "/system/lib/liboemcrypto.so" it may also be in "/vendor/lib/". But by doing that you of course lose access to HD content protected with Widevine, Note that also other services uses this and if i remember correctly Amazon's video service for an example.
Im hoping netflix comes to their senses sometime soon but right now this is the situation unfortunately.
Issue with prime video 1080p on android
Thank you for your explainations. With amazons "prime video" content is another problem to get it in 1080p, because just a few devices are supported. I think they are all on widevine L1 but are additional special supported by amazon (I don't know why).
Those are the devices:
Streaming Video Quality: UHD/HDR/HD on Sony Xperia XZ Premium mobile devices; HDR /HD on Samsung Galaxy Note 7, Galaxy 8, 8+, Galaxy Tab S3, Sony Xperia XZ1 ; SD on all other Android devices
Source
Misanful said:
Netflix has implemented a new way to "protect" their Widevine L1 content (AKA HD Content) that doesnt work with unlocked phones even if it is stock but only unlocked (it is protected by signed bootloaders). The only way right now to get Netflix working is by removing or renaming the file "/system/lib/liboemcrypto.so" it may also be in "/vendor/lib/". But by doing that you of course lose access to HD content protected with Widevine, Note that also other services uses this and if i remember correctly Amazon's video service for an example.
Im hoping netflix comes to their senses sometime soon but right now this is the situation unfortunately.
Click to expand...
Click to collapse
Is there a certain version of the apk that will work before Netflix pushed this patch?
harpin14789 said:
Is there a certain version of the apk that will work before Netflix pushed this patch?
Click to expand...
Click to collapse
Dont quote me on this but i THINK there is some version before May 2017 that works without changing the liboemcrypto.so but if i remember correctly the HD support is still not going to work. :crying:
Hi, I rooted my pixel, after that I tried to install Netflix all from the web but it says that my device is not supported. I tried to hide magisk and even google play and google play services and it didn't worked. How can I install the latest Netflix app on my device ? Thanks
You can't at the moment. It looks like the Play Store is seeing something that neither Magisk Hide or even a cloaked unlocked bootloader can hide. My guess is that it is an attestation similar to how Google Pay is working to fight root and unlocked bootloaders. Clearly, the Netflix help page that claims that certification is the kicker is dead wrong at this point and as of a moth or two ago. Maybe a return to stock, re-lock of your bootloader and facory reset (which locking your BL would do anyways) might get you there, but I am not about to do that. For now, sideload the most recent one off of APK Mirror and if you need to update due to some lost functionality, use one from there when it becomes available.
install netflix then root
pacman photog said:
install netflix then root
Click to expand...
Click to collapse
True, but Play Store will not update Netflix after that one time. I have 4 devices installed that way, and since the Play Store version with 3.14 in it the updates will not show. One of the devices hadn't got 3.14 when the others had and it got the Netflix update two ago. The others didn't get it. That device did not get the last update nor did the others. I suggested in another thread possibly uninstalling the Play Store o get it to revert to the original version and then checking to see if Netflix is available. Even if it works, I am not about to keep an older version of Play Store or have to do that every time Netflix updates. The older version of Netflix is working fine.
My Netflix is on version 7. Not sure what you speaking about version 3
pacman photog said:
My Netflix is on version 7. Not sure what you speaking about version 3
Click to expand...
Click to collapse
I was talking about the Play Store version itself (Play Store>settings).
#1 wait for final q and root.
#2 Netflix doesn't need update lol
#3 my bad lol
What I find fascinating about this is I assumed it was because the bootloader was unlocked. But, flashing the Android Q Beta, allows you to install Netflix with no issues unlocked. But, if you go back and flash P? It's no longer an option. So my theory is out the window..
jbarcus81 said:
What I find fascinating about this is I assumed it was because the bootloader was unlocked. But, flashing the Android Q Beta, allows you to install Netflix with no issues unlocked. But, if you go back and flash P? It's no longer an option. So my theory is out the window..
Click to expand...
Click to collapse
Rooted both ways, neither way? Safetynet?
sliding_billy said:
Rooted both ways, neither way? Safetynet?
Click to expand...
Click to collapse
Rooted, and non rooted. SafetyNet passes fine. I observed this on fresh installations. If I do a fresh factory install of P, I can't install Netflix even before rooting. If I flash stock P, and lock the bootloader? I can install Netflix.
Now with Q? Bootloader unlocked, factory flash Q, can install Netflix. It's very interesting that this doesn't happen with a factory flash of P..
jbarcus81 said:
Rooted, and non rooted. SafetyNet passes fine. I observed this on fresh installations. If I do a fresh factory install of P, I can't install Netflix even before rooting. If I flash stock P, and lock the bootloader? I can install Netflix.
Now with Q? Bootloader unlocked, factory flash Q, can install Netflix. It's very interesting that this doesn't happen with a factory flash of P..
Click to expand...
Click to collapse
This is leading me to believe my previous thoughts about Netflix on the Play Store. I think the Play Store is looking at SafetyNet/Device Certified 1st regardless of device. If that passes, move to the device/OS and see if it is listed for additional checking. Since Q has not been released publicly yet, I am guessing that the check goes no further and shows Netflix. This will probably change at public Q release if not sooner, and updates will cease even if the program is installed already. I believe my Tab S2 713 simply is not listed for additional checking since it is rooted and has an unlocked BL but passes SafetyNet. Play Store shows available and provides updates.
The big question is what additional testing is being performed. I doubt it is checking for unlocked BL unless the kernel masking of unlocked BL simply doesn't work anymore. I tend to think it is a database attestation check similar to what GPay does. Finding that or using MagiskHide Props Config module to set a working fingerprint might work long term, but since older versions of Netflix (already installed on all of my devices) are working OK without updating I am in no hurry to do too much testing.
sliding_billy said:
This is leading me to believe my previous thoughts about Netflix on the Play Store. I think the Play Store is looking at SafetyNet/Device Certified 1st regardless of device. If that passes, move to the device/OS and see if it is listed for additional checking. Since Q has not been released publicly yet, I am guessing that the check goes no further and shows Netflix. This will probably change at public Q release if not sooner, and updates will cease even if the program is installed already. I believe my Tab S2 713 simply is not listed for additional checking since it is rooted and has an unlocked BL but passes SafetyNet. Play Store shows available and provides updates.
The big question is what additional testing is being performed. I doubt it is checking for unlocked BL unless the kernel masking of unlocked BL simply doesn't work anymore. I tend to think it is a database attestation check similar to what GPay does. Finding that or using MagiskHide Props Config module to set a working fingerprint might work long term, but since older versions of Netflix (already installed on all of my devices) are working OK without updating I am in no hurry to do too much testing.
Click to expand...
Click to collapse
Same here.. it's not a deal breaker, it's just frustrating. There's another app from the Playstore that does this from T-Mobile. T-Mobile Device Unlock (or whatever it's called). What made me really raise my eye-brows is during the initial setup of the phone after a fresh flash. In P, during initial setup, when you get to 'install additional apps' it's not listed. If I flash Q, go through setup, it's listed in additional apps.. It's very strange.
jbarcus81 said:
Same here.. it's not a deal breaker, it's just frustrating. There's another app from the Playstore that does this from T-Mobile. T-Mobile Device Unlock (or whatever it's called). What made me really raise my eye-brows is during the initial setup of the phone after a fresh flash. In P, during initial setup, when you get to 'install additional apps' it's not listed. If I flash Q, go through setup, it's listed in additional apps.. It's very strange.
Click to expand...
Click to collapse
Too funny about the T-Mobile device unlock. I had that show up on my phone a few weeks ago, and I deleted it. I have 5 devices on T-Mobile, and that was the only one that it showed up on. I have seen that app before since my boys had a prepaid T-Mobile phone years ago that had that app. The app not showing in additional apps makes sense since it doesn't show up in Play Store from the device and if you search it on the PC it will say not compatible with any of your devices or compatible with some of your devices. I actually chatted with Netflix a little while ago and played stupid about the whole thing. The agent seemed to think that as long as your device was certified the app would show.
jbarcus81 said:
Rooted, and non rooted. SafetyNet passes fine. I observed this on fresh installations. If I do a fresh factory install of P, I can't install Netflix even before rooting. If I flash stock P, and lock the bootloader? I can install Netflix.
Now with Q? Bootloader unlocked, factory flash Q, can install Netflix. It's very interesting that this doesn't happen with a factory flash of P..
Click to expand...
Click to collapse
Glad I found you. That's exactly what I came on here to find -- glad someone else noticed like I did.
vonDubenshire said:
Glad I found you. That's exactly what I came on here to find -- glad someone else noticed like I did.
Click to expand...
Click to collapse
Where did you get the Netflix app? Play store says not compatible with my device. Rooted QB5.
Sent from my [device_name] using XDA-Developers Legacy app
---------- Post added at 07:43 PM ---------- Previous post was at 07:27 PM ----------
Daisymae said:
Where did you get the Netflix app? Play store says not compatible with my device. Rooted QB5.
Sent from my [device_name] using XDA-Developers Legacy app
Click to expand...
Click to collapse
Forget above. My bad.
Sent from my [device_name] using XDA-Developers Legacy app
yeh appareently APK Mirror doesn't host the Netflix app anymore either, so get it from another site.
Something interesting... Did a clean install of July Pie.. Was using Q but was having some random issues with GPS.. Anyways, I installed the APK and now I'm being told by the application itself that it's not compatible with my device.. WTH!?!?!?? Can't even side-load now??
Pretty sure the Android DRM (Digital Rights Management) Framework does the Netflix locking. There's a magisk module for DRM Bypassing for Netflix
jbarcus81 said:
Something interesting... Did a clean install of July Pie.. Was using Q but was having some random issues with GPS.. Anyways, I installed the APK and now I'm being told by the application itself that it's not compatible with my device.. WTH!?!?!?? Can't even side-load now??
Click to expand...
Click to collapse
You also may need to spoof the device fingerprint. I am on Q so it lets me download right now no matter what. I just spoofed fingerprint for G Pay on top of the database
Just stumbled upon this thread and just wanted to comment. I'm rooted with an unlocked bootloader and I've had no issues with installing Netflix of having it update when needed. I've even had to uninstall and reinstall once with no issue.
Has anyone been able to get Netflix to work on a rooted device?
does anyone have any tricks for getting Netflix to work? I am on 10. 0.9, 1905 variant. Rooted with magisk
I'm rooted and Netflix works fine?
ChongoDroid said:
I'm rooted and Netflix works fine?
Click to expand...
Click to collapse
Really? I get an error saying not compatible with this device
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
I forgot to mention I'm on aosip so maybe that's why.
Go into magisk hide and select Netflix from the list. Then go into magisk settings and click hide magisk manager from list.
Then wipe cache and data on Netflix and try that.
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
while opening the app or in playstore?
Working here with rooted oos op7t for past 5 months.
Both, I keep getting an error saying it is not compatible with my device
Cowbell_Guy said:
Both, I keep getting an error saying it is not compatible with my device
Click to expand...
Click to collapse
Strange that it don't work for you, working without a problem on my latest oos beta 7t.
Have you tried latest builds from apkmirror.com or try a older build and test
Regards ysco..
Disable netflix app in setting and install another netflix via apk file, it will work
For me (European version) Netflix was pre-installed. In general: to see and install Netflix you need to pass SafetyNet. This means enabling Magisk Hide, clearing the data of the Play Store (then it should way "official device" in the Settings menu and maybe a patched custom kernel though I'm not sure if the latter is necessary. After that, I can see Netflix and also install it.
1 - Make sure you're aren't tripping the safetynet test.
2 - Make sure you have hidden magisk manager and magisk from detections
If you still find netflix incompatible, clear data and cache of play store and Google play services and reboot.
Macusercom said:
For me (European version) Netflix was pre-installed. In general: to see and install Netflix you need to pass SafetyNet. This means enabling Magisk Hide, clearing the data of the Play Store (then it should way "official device" in the Settings menu and maybe a patched custom kernel though I'm not sure if the latter is necessary. After that, I can see Netflix and also install it.
Click to expand...
Click to collapse
This worked with me, w/o the customer kernel - also EU version. Thanks!
Netflix(release 4.16.0) is working on my Galaxy S8 rooted by Magisk.
You need to add a 'liboemcrypto disabler' module to your device using Magisk. And the latest release of Netflix may not be working on rooted device.
Recommended to use 4.x
The most important is SafetyNet.
(After rooting with Magisk my test fails so I used MagiskHide Props Config and got new fingerprint certificat which allowed me to pass test)
As long as you still pass SafetyNet you are going to "see" Netflix in PlayStore and get updates. Of course use also Magisk Hide and select Google Play services.
Netflix latest, updated from store 7.73.1
Tapatalk via OnePlus 7T
good !!!
Sent from my iPhone using Tapatalk
What widevine level are you getting? Are you L1 or L3? Even if you can get Netflix installed you may be stuck with 480p due to Widevine L3.
Exactly, Netflix and other OTT apps work fine but Widevine drops to L3 bringing down the max supported resolution to just 480p.
L3+root isn't possible IMO.
Lost Dog said:
What widevine level are you getting? Are you L1 or L3? Even if you can get Netflix installed you may be stuck with 480p due to Widevine L3.
Click to expand...
Click to collapse
It's impossible to get L1 on a 7T with an unlocked bootloader as of now... As a general rule of thumb, a bootloader unlock will break the L1 certification. There are some exceptions to this rule though. Some Xiaomi devices and the OnePlus 8 series (on newer firmware) are able to maintain it.
I'm on an LG v20 that I just flashed LineageOS 17.1, and I couldn't get SafetyNet passing. I followed this process for props :
Oh and I'm running Gamma Kernel v20.0, if that matters to anyone. Hope this helps! (This is in addition to MagiskHide stuff of course).
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
same
vibraniumdroid said:
It's impossible to get L1 on a 7T with an unlocked bootloader as of now... As a general rule of thumb, a bootloader unlock will break the L1 certification. There are some exceptions to this rule though. Some Xiaomi devices and the OnePlus 8 series (on newer firmware) are able to maintain it.
Click to expand...
Click to collapse
Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.
flotsch1 said:
Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.
Click to expand...
Click to collapse
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.
GuyInDogSuit said:
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.
Click to expand...
Click to collapse
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?
flotsch1 said:
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?
Click to expand...
Click to collapse
Correct, by default it will change to a "default" app icon and rename itself to "Settings" but you can easily still tell it from the device's own system Settings app.
one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.
flotsch1 said:
one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.
Click to expand...
Click to collapse
If you are leery of using someone else's boot.img, feel free to do that if you'd like. But regardless, be sure to boot the image, don't flash it. Booting it not only gives you the temporary root access to install Magisk yourself, but also ensures that the patched boot.img is actually valid.
v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.
GuyInDogSuit said:
v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.
Click to expand...
Click to collapse
V23?
flotsch1 said:
V23?
Click to expand...
Click to collapse
Latest stable Magisk build. I'm saying you won't need to mess with canary/debug.
When you turn on hide then hide the app the in the settings then your allowed to do anything you like but also hide it in the menu of magisk then your all done don't flash to much crap and magisk hide module is not really finished yet for this device good luck
I rooted it the second i got it
And don't use canary builds of magisk only if you want to run your phone very unstable i recommend the stable version
thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?
Wildvine L1 is not always retained when unlocking the bootloader. If I unlock mine, I go to L3 every single time, but when I lock it back, I go back to L1. I've tested this 3 times and it happened all 3 times.
flotsch1 said:
thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?
Click to expand...
Click to collapse
Well to be honest I never had that problem and i need to have my binance hidden as well and everything works well but with some games like slime hunter i really need to hide magisk it self too from the settings but when you do they everything will be working okay. And so far I have seen with magisk hide module what you can download is that there are no keys yet for using in op9p (could be changed didn't check it for a while now)
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Nice find! Too bad I used the Indian MSM on my T-Mobile variant so I can't cross-flash anymore.
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
razercortex said:
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
Click to expand...
Click to collapse
Do you think it'll work for me when though I use the OP9 Indian MSM?
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check.
razercortex said:
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check
Click to expand...
Click to collapse
I'm already unlocked. It doesn't really matter though since I haven't given a yit about L1 since, ever. Just didn't know if you knew or not.
Thanks! Worked!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Worked!
Thanks
I didn't use your method to get to c.63 (a12) for my TMobile OnePlus 9 pro. i dont know i can back to tmobile stock. Now I currently rooted and using magisk. All video apps work but I can't get L1 widedine. Is there another way?
Thanks for this. I have a 9 pro coming.
Edited
Thanks
I've had success using this method to keep L1 up to A12, but any attempt to upgrade to A13 downgrades Widevine to L3.
What is l1? What is widevine?
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
It is the security level of the firmware. It effects the certain apps like banking apps etc...
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Appreciative said:
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Click to expand...
Click to collapse
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Reznor7 said:
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Click to expand...
Click to collapse
Have you surveyed others on a13 to see their Widevine state? I have heard some users on custom roms (In crDroid group) using 13, claiming they're L1. I haven't verified that first hand, just saw it in threads and telegram groups.
If it's true that I can't retain or regain L1 in regular stock oos13, I will never make the move to 13
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
yanggame said:
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
Click to expand...
Click to collapse
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Reznor7 said:
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Click to expand...
Click to collapse
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
yanggame said:
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
Click to expand...
Click to collapse
I've done enough flashing for a while. I'll leave it to someone else to try.
I got L1 with unlocked bootloader and Magisk.
I have LE2110. I used MSM tool (Global) to get back to OOS 11. It locked the bootloader; it always does. So I set up the phone offline (without connecting to WiFi or Mobile Data). Then I upgraded to OOS 11.2.10.10 version through local upgrade. Then opened Developer Options for OEM Unlocking. The option was greyed out and it asked to connect to internet. So I connected my WiFi for a minute or two until that OEM Unlocking was available. I enabled it, and disconnected WiFI. I DID NOT login to my Google account or opened Play Store. I rebooted to fastboot, and unlocked bootloader. Then rebooted. Then did the initial setup again (without connecting to WiFi or Mobile Data). Then I turned off and got the boot.img through MSM tool's readback option. (I was on slot_b so I got boot_b from MSM). Patched this boot.img with Magisk. Booted it temporarily and then through Magisk app, gainded permanent root by Direct Install. Rebooted. Enabled Zygisk from Magisk and Enforce Denylist, and rebooted again. Installed Universal SafetyNet Fix through Magisk and rebooted again. Opened Magisk and hid the Magisk app (just named it Settings; it installed and then showed root lost, but I just closed the app, and reopened new hidden Magisk again). Rebooted. Then I went ahead and connected to WiFi, logged in to my Google account and stuff. Checked from YASNAC and DRM Info and found that Safety Net passed as well as got L1.
I did not put any Google related app to Denylist.