I have read about people getting widevine L1 on their rooted devices and custom roms, i tried it too with copying "a" partition to the "b" partition before flashing anything (recovery is a live boot) but the moment mu bootloader is unlocked i have widevine L3 no matter what (using "fastboot oem unlock " and "fastboot flashing unlock")... Even when i pass safetynet and such i never get back to L1
Is there anyone that knows how to do it?
safetynet fix?
financeledger said:
safetynet fix?
Click to expand...
Click to collapse
If you mean universal safetynet fix.zip then yes it was the first thing i installed after magisk
I have mine rooted, magisked, some audio-, Adblocker-, busybox- and the swift installer- modules. Its a global version from Switzerland and still L1.
I got L3 the first time. I re locked bl and started over. Got L1. I think it can be done
mac796 said:
I got L3 the first time. I re locked bl and started over. Got L1. I think it can be done
Click to expand...
Click to collapse
I tried it for about 4 hours locking and unlocking the bootloader but still got L3, so either my device doesn't like me or i'm really unlucky... What command did you use to unlock the bootloader? Did you install a custom rom?
VoidedKN0X said:
I tried it for about 4 hours locking and unlocking the bootloader but still got L3, so either my device doesn't like me or i'm really unlucky... What command did you use to unlock the bootloader? Did you install a custom rom?
Click to expand...
Click to collapse
No custom ROM just stock, rooted. I can't remember which command I used. I think I tried both. But first time I did get L3. I think I used msm then tried again. Got L1
Stock and rooted with Magisk.
I'm showing Widevine L1. I'm also passing safety net and able to use GPay (Oxygen OS 11.2.9.9)
Ok I will tell what helped me gaining L1 from L3,
1. First just flash oos 11 using msm tool, please do this step is a must.
2. Now update to the latest available firmware using OTA. (11.2.9.9 or above)
3. Now reboot to bootloader
4. Use this command only to unlock
"Fastboot flashing unlock" for this you need latest fastboot and adb older adb and fastboot fails for l1.
5. Now boot (your data will be wiped)
6. Do not install DRM info app at this point.
7. Now enable usb debugging enable adb and connect to pc
8. Remove 2 Netflix apps that are pre install either by pm uninstall command if you dont know donwload debloater from here and then remove:
[2022-07-03] [v0.5.1] Universal Android Debloater
Universal Android Debloater This is a complete rewrite in Rust of the UAD bash script. DISCLAIMER : Use this software at your own risk. I am not responsible for anything that could happen to your phone. Summary I try to maintain a...
forum.xda-developers.com
9. After removal of netflix reboot your phone.
10. Now install Drm info and check your phone should be L1.
11. Now root using magisk canary enable zygisk and enable deny list, select google play services (all from sublist), and install safetynet-fox 2.2.0 from here: "https://github.com/kdrag0n/safetynet-fix"
12. Clear data for google play services reboot.
13. Enjoy l1 and play store certified device...
VoidedKN0X said:
I have read about people getting widevine L1 on their rooted devices and custom roms, i tried it too with copying "a" partition to the "b" partition before flashing anything (recovery is a live boot) but the moment mu bootloader is unlocked i have widevine L3 no matter what (using "fastboot oem unlock " and "fastboot flashing unlock")... Even when i pass safetynet and such i never get back to L1
Is there anyone that knows how to do it?
Click to expand...
Click to collapse
Mine went to L3 after I unlocked. I gave up trying to fix it, but now it's L1. It might just take time.
I get L1 using newest canary branch of Magisk. I have systemless hosts and google services added to deny list in zygisk. Banking apps, gpay and McDonalds (I found it more sensitive than banking apps! ) work great.
l_mike said:
I get L1 using newest canary branch of Magisk. I have systemless hosts and google services added to deny list in zygisk. Banking apps, gpay and McDonalds (I found it more sensitive than banking apps! ) work great.
Click to expand...
Click to collapse
I tried with canady magisk too but no luck as it turned to L3 on bootloader unlock... Can you provide a link with the magisk version you used? And maybe a guide on how you rooted your phone? The tutorials i followed didn't work for L1
I have 23015 version. Installed via twrp (previous version) than updated by direct install with Magisk. Bootloader unlocked. Custom arter's kernel onboard.
Make sure you have all of these checked in Magisks deny list.
DevilRockr said:
Ok I will tell what helped me gaining L1 from L3,
1. First just flash oos 11 using msm tool, please do this step is a must.
2. Now update to the latest available firmware using OTA. (11.2.9.9 or above)
3. Now reboot to bootloader
4. Use this command only to unlock
"Fastboot flashing unlock" for this you need latest fastboot and adb older adb and fastboot fails for l1.
5. Now boot (your data will be wiped)
6. Do not install DRM info app at this point.
7. Now enable usb debugging enable adb and connect to pc
8. Remove 2 Netflix apps that are pre install either by pm uninstall command if you dont know donwload debloater from here and then remove:
[2022-07-03] [v0.5.1] Universal Android Debloater
Universal Android Debloater This is a complete rewrite in Rust of the UAD bash script. DISCLAIMER : Use this software at your own risk. I am not responsible for anything that could happen to your phone. Summary I try to maintain a...
forum.xda-developers.com
9. After removal of netflix reboot your phone.
10. Now install Drm info and check your phone should be L1.
11. Now root using magisk canary enable zygisk and enable deny list, select google play services (all from sublist), and install safetynet-fox 2.2.0 from here: "https://github.com/kdrag0n/safetynet-fix"
12. Clear data for google play services reboot.
13. Enjoy l1 and play store certified device...
Click to expand...
Click to collapse
Does this work on the c.63 build?
L1 with 8/31 nameless. Nameless is the only one I can get L1 on rooted/unlocked bl, etc. Only had L1 on stock once.
TheKnux said:
L1 with 8/31 nameless. Nameless is the only one I can get L1 on rooted/unlocked bl, etc. Only had L1 on stock once.
Click to expand...
Click to collapse
I'm good on TMO 11.2.9.9 with unlocked bootloader, total root, custom systemwide fonts and custom bootanimation!
Related
Has anyone been able to get Netflix to work on a rooted device?
does anyone have any tricks for getting Netflix to work? I am on 10. 0.9, 1905 variant. Rooted with magisk
I'm rooted and Netflix works fine?
ChongoDroid said:
I'm rooted and Netflix works fine?
Click to expand...
Click to collapse
Really? I get an error saying not compatible with this device
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
I forgot to mention I'm on aosip so maybe that's why.
Go into magisk hide and select Netflix from the list. Then go into magisk settings and click hide magisk manager from list.
Then wipe cache and data on Netflix and try that.
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
while opening the app or in playstore?
Working here with rooted oos op7t for past 5 months.
Both, I keep getting an error saying it is not compatible with my device
Cowbell_Guy said:
Both, I keep getting an error saying it is not compatible with my device
Click to expand...
Click to collapse
Strange that it don't work for you, working without a problem on my latest oos beta 7t.
Have you tried latest builds from apkmirror.com or try a older build and test
Regards ysco..
Disable netflix app in setting and install another netflix via apk file, it will work
For me (European version) Netflix was pre-installed. In general: to see and install Netflix you need to pass SafetyNet. This means enabling Magisk Hide, clearing the data of the Play Store (then it should way "official device" in the Settings menu and maybe a patched custom kernel though I'm not sure if the latter is necessary. After that, I can see Netflix and also install it.
1 - Make sure you're aren't tripping the safetynet test.
2 - Make sure you have hidden magisk manager and magisk from detections
If you still find netflix incompatible, clear data and cache of play store and Google play services and reboot.
Macusercom said:
For me (European version) Netflix was pre-installed. In general: to see and install Netflix you need to pass SafetyNet. This means enabling Magisk Hide, clearing the data of the Play Store (then it should way "official device" in the Settings menu and maybe a patched custom kernel though I'm not sure if the latter is necessary. After that, I can see Netflix and also install it.
Click to expand...
Click to collapse
This worked with me, w/o the customer kernel - also EU version. Thanks!
Netflix(release 4.16.0) is working on my Galaxy S8 rooted by Magisk.
You need to add a 'liboemcrypto disabler' module to your device using Magisk. And the latest release of Netflix may not be working on rooted device.
Recommended to use 4.x
The most important is SafetyNet.
(After rooting with Magisk my test fails so I used MagiskHide Props Config and got new fingerprint certificat which allowed me to pass test)
As long as you still pass SafetyNet you are going to "see" Netflix in PlayStore and get updates. Of course use also Magisk Hide and select Google Play services.
Netflix latest, updated from store 7.73.1
Tapatalk via OnePlus 7T
good !!!
Sent from my iPhone using Tapatalk
What widevine level are you getting? Are you L1 or L3? Even if you can get Netflix installed you may be stuck with 480p due to Widevine L3.
Exactly, Netflix and other OTT apps work fine but Widevine drops to L3 bringing down the max supported resolution to just 480p.
L3+root isn't possible IMO.
Lost Dog said:
What widevine level are you getting? Are you L1 or L3? Even if you can get Netflix installed you may be stuck with 480p due to Widevine L3.
Click to expand...
Click to collapse
It's impossible to get L1 on a 7T with an unlocked bootloader as of now... As a general rule of thumb, a bootloader unlock will break the L1 certification. There are some exceptions to this rule though. Some Xiaomi devices and the OnePlus 8 series (on newer firmware) are able to maintain it.
I'm on an LG v20 that I just flashed LineageOS 17.1, and I couldn't get SafetyNet passing. I followed this process for props :
Oh and I'm running Gamma Kernel v20.0, if that matters to anyone. Hope this helps! (This is in addition to MagiskHide stuff of course).
Cowbell_Guy said:
Really? I get an error saying not compatible with this device
Click to expand...
Click to collapse
same
vibraniumdroid said:
It's impossible to get L1 on a 7T with an unlocked bootloader as of now... As a general rule of thumb, a bootloader unlock will break the L1 certification. There are some exceptions to this rule though. Some Xiaomi devices and the OnePlus 8 series (on newer firmware) are able to maintain it.
Click to expand...
Click to collapse
Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.
flotsch1 said:
Hello!
I will receive a oneplus 9 pro next week and wonder if i shall root it or not. I want to use titanium backup and a few other apps that need root permission, but i also dont want to loose widevine level 1 for netflix and amazon video in hd, want to use my banking app and mcdonalds app.
i havent followed the magisk/root discussion for maybe a year or two (used a unrooted stock phone), so i am not up to date how things are at the moment.
just to be clear, please can someone answer the following questions:
1.) is unlocking bootloader (no root afterwards) enough to loose widevine level 1? can level 1 be gained again when bootloader is locked again or is lost permanent (like triggering knox with samsung).
2.) any problems with mcdonalds app and magisk? google pay?
after reading to the internet on the subject totday, i get the impression that rooting nowadays causes more problems thn benefits, but maybe i get a wrong impression.
Click to expand...
Click to collapse
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.
GuyInDogSuit said:
Use the canary builds of Magisk, enable MagiskHide, and toggle the apps in question, and you're golden. Also, just to be sure, toggle it on for Google stuff like the Google app, Google Play Store, Google Play Services, Google Services Framework, Netflix, McDonald's, GPay, and any other banking or streaming subscription apps. Might want to have Magisk hide its self by changing the app name and signature as well.
Click to expand...
Click to collapse
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?
flotsch1 said:
thank you for the information.
so i will definitely not loose widevine l1 with unlocking bootloader and root?
to hide magisk itself (change name and signature), i just need to turn this option on in magisk and not need to do this in a manual way?
Click to expand...
Click to collapse
Correct, by default it will change to a "default" app icon and rename itself to "Settings" but you can easily still tell it from the device's own system Settings app.
one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.
flotsch1 said:
one last question.
following this root instruction https://forum.xda-developers.com/t/guide-magisk-unlock-root-keep-root-oos-11-2-7-7.4252373/ , do i have to use the provided boot images? i feel safer to download the full ota from oneplus official site and extract payload.bin and then use payload dumper to get a boot.img.
Click to expand...
Click to collapse
If you are leery of using someone else's boot.img, feel free to do that if you'd like. But regardless, be sure to boot the image, don't flash it. Booting it not only gives you the temporary root access to install Magisk yourself, but also ensures that the patched boot.img is actually valid.
v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.
GuyInDogSuit said:
v23 has a fix for SafetyNet API. It looks like that supersedes anything from the last canary/debug builds, so it's probably safe to stick with that. Everything else is the same, though.
Click to expand...
Click to collapse
V23?
flotsch1 said:
V23?
Click to expand...
Click to collapse
Latest stable Magisk build. I'm saying you won't need to mess with canary/debug.
When you turn on hide then hide the app the in the settings then your allowed to do anything you like but also hide it in the menu of magisk then your all done don't flash to much crap and magisk hide module is not really finished yet for this device good luck
I rooted it the second i got it
And don't use canary builds of magisk only if you want to run your phone very unstable i recommend the stable version
thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?
Wildvine L1 is not always retained when unlocking the bootloader. If I unlock mine, I go to L3 every single time, but when I lock it back, I go back to L1. I've tested this 3 times and it happened all 3 times.
flotsch1 said:
thanks alot for the information.
i still hazzle to root. i had a oneplus 3 2 years ago and had magisk root/custom rom/twrp, but i also had issues on regular basis and spent alot of time on xda and with flashing. dont know if i want this again or just a phone that works.
and just to be sure:
in case i loose my widevine level 1 because of root or bootloader unlock: will it come back when locking bootloader again and/or unroot. or will it be level 3 forever?
Click to expand...
Click to collapse
Well to be honest I never had that problem and i need to have my binance hidden as well and everything works well but with some games like slime hunter i really need to hide magisk it self too from the settings but when you do they everything will be working okay. And so far I have seen with magisk hide module what you can download is that there are no keys yet for using in op9p (could be changed didn't check it for a while now)
Hi there.
I have an unrooted realme 6 pro. 2 days ago I tried to use Google pay and it did not work. It said that "You can´t pay contactless using this device. It may be rooted or running uncertified software.
I went to google play and I saw that my device is certified. After running some SafetyNet checks it says that CTS profile match failed. evakuation type: BASIC HARDWARE_BACKED. And then after reading some blogs I saw that on Google Play my netflix isn´t supported on my device although I have already installed it.
Any help or advice?
Thanks
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
I have also checked that. It has always been locked. I do not know if the problem is caused due to the new android update since is now running on android 11. Plus I dont want to root my phone
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
You can, you just have to set a custom root of trust. See Android Boot Flow
V0latyle said:
You can, you just have to set a custom root of trust. See Android Boot Flow
Click to expand...
Click to collapse
Oops I misstated. I meant custom rom on locked bootloader**.
manu3732 said:
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
Click to expand...
Click to collapse
Same problem with my OnePlus Nord.
oOEDGUYOo said:
Same problem with my OnePlus Nord.
Click to expand...
Click to collapse
Did you find any fix yet... Am having the same issue
happy619 said:
Did you find any fix yet... Am having the same issue
Click to expand...
Click to collapse
I ended up installing the Pixel Experience rom. It was the only way to fix it
oOEDGUYOo said:
I ended up installing the Pixel Experience rom. It was the only way to fix it
Click to expand...
Click to collapse
I have been on custom ROMs for over 6 months on nord ... Some have bad update cycles .. Some are unstable and many more issues although my Device was certified
I have the same problem, bootloader is normally unlocked and I have Universal SafetyNet Fix and MagiskHide Props Config installed, using lineage 18.1 on my redmi 9 pro device
I have flashed both ...( Magisk hide prop conf & universal safety net )
But still "CTS failed, can somebody help me please....
I have this problem too. Any solutions ? I tried magisk with prop conf and safety net-fix and still have cts failed...
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Mrlama112 said:
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Click to expand...
Click to collapse
The regular instructions:
Magisk with zygisk , hide app , configure deny list and then as i said in the previous post
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thank you! Worked like a charm! IDK why my CTS Profile suddenly started failing, but this seemed to have fixed it.
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thanks so much it worked well. Am I able to update the Google Wallet without it affecting the mod 3.0?
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Nice find! Too bad I used the Indian MSM on my T-Mobile variant so I can't cross-flash anymore.
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
razercortex said:
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
Click to expand...
Click to collapse
Do you think it'll work for me when though I use the OP9 Indian MSM?
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check.
razercortex said:
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check
Click to expand...
Click to collapse
I'm already unlocked. It doesn't really matter though since I haven't given a yit about L1 since, ever. Just didn't know if you knew or not.
Thanks! Worked!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Worked!
Thanks
I didn't use your method to get to c.63 (a12) for my TMobile OnePlus 9 pro. i dont know i can back to tmobile stock. Now I currently rooted and using magisk. All video apps work but I can't get L1 widedine. Is there another way?
Thanks for this. I have a 9 pro coming.
Edited
Thanks
I've had success using this method to keep L1 up to A12, but any attempt to upgrade to A13 downgrades Widevine to L3.
What is l1? What is widevine?
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
It is the security level of the firmware. It effects the certain apps like banking apps etc...
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Appreciative said:
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Click to expand...
Click to collapse
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Reznor7 said:
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Click to expand...
Click to collapse
Have you surveyed others on a13 to see their Widevine state? I have heard some users on custom roms (In crDroid group) using 13, claiming they're L1. I haven't verified that first hand, just saw it in threads and telegram groups.
If it's true that I can't retain or regain L1 in regular stock oos13, I will never make the move to 13
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
yanggame said:
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
Click to expand...
Click to collapse
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Reznor7 said:
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Click to expand...
Click to collapse
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
yanggame said:
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
Click to expand...
Click to collapse
I've done enough flashing for a while. I'll leave it to someone else to try.
I got L1 with unlocked bootloader and Magisk.
I have LE2110. I used MSM tool (Global) to get back to OOS 11. It locked the bootloader; it always does. So I set up the phone offline (without connecting to WiFi or Mobile Data). Then I upgraded to OOS 11.2.10.10 version through local upgrade. Then opened Developer Options for OEM Unlocking. The option was greyed out and it asked to connect to internet. So I connected my WiFi for a minute or two until that OEM Unlocking was available. I enabled it, and disconnected WiFI. I DID NOT login to my Google account or opened Play Store. I rebooted to fastboot, and unlocked bootloader. Then rebooted. Then did the initial setup again (without connecting to WiFi or Mobile Data). Then I turned off and got the boot.img through MSM tool's readback option. (I was on slot_b so I got boot_b from MSM). Patched this boot.img with Magisk. Booted it temporarily and then through Magisk app, gainded permanent root by Direct Install. Rebooted. Enabled Zygisk from Magisk and Enforce Denylist, and rebooted again. Installed Universal SafetyNet Fix through Magisk and rebooted again. Opened Magisk and hid the Magisk app (just named it Settings; it installed and then showed root lost, but I just closed the app, and reopened new hidden Magisk again). Rebooted. Then I went ahead and connected to WiFi, logged in to my Google account and stuff. Checked from YASNAC and DRM Info and found that Safety Net passed as well as got L1.
I did not put any Google related app to Denylist.
I have rooted phone with miui global 12.0.5 with twrp recovery and magisk 24.3. This summer I started experiencing problems with some banking apps and google pay/wallet detecting root and firefox not working properly (firefox does not open or opens only in background).
Also I can't update or use Tier scooter app because play store says it's no longer compatible with my device...
Can all this be fixed with flashing stock rom and unrooting phone? What should I do?
Roro666 said:
I have rooted phone with miui global 12.0.5 with twrp recovery and magisk 24.3. This summer I started experiencing problems with some banking apps and google pay/wallet detecting root and firefox not working properly (firefox does not open or opens only in background).
Also I can't update or use Tier scooter app because play store says it's no longer compatible with my device...
Can all this be fixed with flashing stock rom and unrooting phone? What should I do?
Click to expand...
Click to collapse
Did you use magisk hide?
Have you a Begonia or Begoniain?
Latest Stock rom are 2022 A11
normally it should work but you have to lock the bootloader.
Unroot before use Miflash and reboot.
https://forum.xda-developers.com/t/flash-tool-guide-use-xiaomi-flash-tool.4262425/
NOSS8 said:
Did you use magisk hide?
Have you a Begonia or Begoniain?
Latest Stock rom are 2022 A11
normally it should work but you have to lock the bootloader.
Unroot before use Miflash and reboot.
https://forum.xda-developers.com/t/flash-tool-guide-use-xiaomi-flash-tool.4262425/
Click to expand...
Click to collapse
I used magisk hide and I also have both universal safetynet fix and zygisk. And I have begonia.
If I remember correctly some apps can detect unlocked bootloader nowadays so locking the bootloader might be the only way to fix things
Roro666 said:
I used magisk hide and I also have both universal safetynet fix and zygisk. And I have begonia.
If I remember correctly some apps can detect unlocked bootloader nowadays so locking the bootloader might be the only way to fix things
Click to expand...
Click to collapse
Maybe try a newer or older version of Magisk.
NOSS8 said:
Maybe try a newer or older version of Magisk.
Click to expand...
Click to collapse
Updated magisk but it only fixed the tier app... What are the worst downsides of unrooting? I've found non-root ad blocker and I'm using YouTube Vanced so ads shouldn't be a problem but I might get all the removed xiaomi bloatware back?
Roro666 said:
Updated magisk but it only fixed the tier app... What are the worst downsides of unrooting? I've found non-root ad blocker and I'm using YouTube Vanced so ads shouldn't be a problem but I might get all the removed xiaomi bloatware back?
Click to expand...
Click to collapse
the disadvantage you know, to add the risks brick.
some apps can be disabled.
Try this tool (no longer updated but works great)
https://szaki.github.io/XiaomiADBFastbootTools/