Question Rooting has become a pain - Google Pixel 6 Pro

I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?

mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
Were you running a custom kernel and you tried to update to March? Did you get the phone is corrupt and it wouldn't boot screen? If that ever happens again, you don't have to wipe, Just go on the Android flashing tool uncheck everything flash and you'll be good to go again. At least it's worked for me every time so far.

mac796 said:
Were you running a custom kernel and you tried to update to March? Did you get the phone is corrupt and it wouldn't boot screen? If that ever happens again, you don't have to wipe, Just go on the Android flashing tool uncheck everything flash and you'll be good to go again. At least it's worked for me every time so far.
Click to expand...
Click to collapse
No custom Kernel, it came to a point where the only screen I was given was Android Recovery screen.

mkhcb said:
No custom Kernel, it came to a point where the only screen I was given was Android Recovery screen.
Click to expand...
Click to collapse
I ended up going to stable magisk

mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
I disagree with you...
Coming from the OnePlus 6T, and previous phones you can't really beat just pulling the boot.img from the factory image, patching it with magisk, then fastboot boot that img then install directly in the magisk app. It's actually that simple. Really is that black and white to be up front about it.
That's how I have been doing it for a while now...and...no problems for me! But this IS JUST ME.

mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
No. It really comes down to reading instructions and knowing what you're supposed to do when it comes to rooting. I can't tell you how many times I read folks spewing instructions that are out of date or they're patching the wrong files for their device that inevitably cause a problem.
I have not had any issues with root since the P6 came out. I have followed directions exactly as they've been written and I've been fine.

mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
Did you update magisk and then faced a bootloop?
That was a bug/is a bug introduced with the latest magisk update (monday), Magisk kind of "lost" the ability to handle a certain amount of modules/certain modules. We are all waiting for a fix. The temporary solution was/is to press down Lower Volume rocker when the Google logo appeared when booting, that way you activate safe mode and all Magisk modules get deactivated. Discord says 4 modules are max right now, some say it's "just" certain audio modules that are incompatible.

I wouldn't say it's become a pain but you really need to "do your homework" and make sure to read before attempting stuff. Same old, same old I'd say.
If you're unsure, just ask. There's plenty of people here who are willing to help out.

I was on regular A12 and tried to update from the app. The device rebooted and didn't appear to be rooted (I know that ryhmed) tried to direct install but got an error, can not remember the error.
Then I decided to update to the A13 DP2 beta and used canary magisk , updating via flashtool and fastboot flashing the patched image and voila! Couldn't be happier.

Seems like people have had some issues lately

I don't know about harder, but maybe more haphazard. February update I did the uninstall magisk method and it worked as described. Did it again for March and this time it took me three tries to get the phone to boot and at that point I lost root. Had to download the image from Google, extract boot, patch it and flash it. Not the end of the world but still no idea what happened.

There was some glitchyness at the beginning with the vbmeta nonsense, but that's all sorted out now. The tools available are so simple to use now that its hard to imagine that anyone could have any trouble with it.
FWIW: for privacy/security reasons, I run GrapheneOS. It would normally do its own update procedures, but when you need root (I need for conducting proper backups since the built-in misses a lot), it freaks out with the unmatched boot.img. The update solution then is to download the full "factory" update package, extract the boot.img, patch it with magisk, edit the "flash-all.sh" script to remove the "-w", run the flash-all.sh, then finally fastboot flash the magisk-patched boot.img.

Ghisy said:
I wouldn't say it's become a pain but you really need to "do your homework" and make sure to read before attempting stuff. Same old, same old I'd say.
If you're unsure, just ask. There's plenty of people here who are willing to help out.
Click to expand...
Click to collapse
^^^This 100%
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
While there are many ways to skin this cat, I follow the step by step instructions in my sig every update, and haven't had an issue yet.
I will admit that rooting is loosing it's allure for me as it seems cust Rom development on the phones I prefer is waning (remember the day when every device had a dozen cust Roms to choose from). That coupled with I'm no longer the guy who tries to squeeze an extra 30 min of battery life, who over/underclocked cpu's and gpu's to get a 100 pt higher benchmark score.
Root is something I still do because I like having the OPTION of customizing beyond a cust kernel and some "root required" apps, and jumping through a few hoops to make magisk work is worth it IMHO.

Az Biker said:
Root is something I still do because I like having the OPTION of customizing beyond a cust kernel and some "root required" apps, and jumping through a few hoops to make magisk work is worth it IMHO.
Click to expand...
Click to collapse
This 100% as well!!
The stock Google ROM is perfectly fine with some tweaks!

96carboard said:
There was some glitchyness at the beginning with the vbmeta nonsense, but that's all sorted out now. The tools available are so simple to use now that its hard to imagine that anyone could have any trouble with it.
FWIW: for privacy/security reasons, I run GrapheneOS. It would normally do its own update procedures, but when you need root (I need for conducting proper backups since the built-in misses a lot), it freaks out with the unmatched boot.img. The update solution then is to download the full "factory" update package, extract the boot.img, patch it with magisk, edit the "flash-all.sh" script to remove the "-w", run the flash-all.sh, then finally fastboot flash the magisk-patched boot.img.
Click to expand...
Click to collapse
Root renders half of the purpose of grapheneos moot though... It's "security hardened". Hand a rooted "security hardened" android phone to anyone who can watch a YouTube video and has a computer that has a USB port or wifi and they could be dumping your system files in in a matter of minutes.
What sort of privacy do you imagine you gain? Are you under the assumption that Googleplayservices is the only method by which your traffic can be singled out of the background internet swarms? Hopefully you're not replying on it to not be physically tracked. Or worse, trust it to go dark and do dirt with.
I'm asking because because I generally don't understand the motivations of users such as yourself. Using a flagship device, attempting to de-google/brand it, and then openly say it's for X privacy or X security usecase. It's simply not true. To me it's like someone buying a Porsche, throwing Ford stickers on it's and saying it's because they get better traction.

erktheerk said:
Root renders half of the purpose of grapheneos moot though... It's "security hardened". Hand a rooted "security hardened" android phone to anyone who can watch a YouTube video and has a computer that has a USB port or wifi and they could be dumping your system files in in a matter of minutes.
Click to expand...
Click to collapse
Maybe in the hands of an incompetent, but no, you can't just "walk in". Said compromising individual would have to somehow unlock the device in order to authorize the USB debugging session or whatever type of compromise they're attempting.
erktheerk said:
What sort of privacy do you imagine you gain? Are you under the assumption that Googleplayservices is the only method by which your traffic can be singled out of the background internet swarms? Hopefully you're not replying on it to not be physically tracked. Or worse, trust it to go dark and do dirt with.
Click to expand...
Click to collapse
You are mistaking absolute security for mitigating known and easy to close holes. Bad mistake, which will always make you look like a fool.
erktheerk said:
I'm asking because because I generally don't understand the motivations of users such as yourself. Using a flagship device, attempting to de-google/brand it, and then openly say it's for X privacy or X security usecase. It's simply not true. To me it's like someone buying a Porsche, throwing Ford stickers on it's and saying it's because they get better traction.
Click to expand...
Click to collapse
While root control of a device can provide a high degree of access to a system, it only does so in the hands of an incompetent. Every single server running connected with the public internet has a root account. If it was so terrifyingly and absolutely dangerous, it would be pretty obvious. But the reality is that those systems are administered, in large part, by competent system administrators, who know how to safely make use of the increased access without guaranteeing that some hostile entity will walk in and take control.
Conversely, consumer electronics are assumed to be placed in the hands of nitwits who will install applications that promise to deliver jiggling lady parts that are published in hostile countries, and even worse, will hit the "ok" button when a root authorization prompt pops up. Yes, consumers, by and large, are a security DISASTER waiting to happen.
So don't you dare make the claim that root access is a violation of sane security measures. There is nothing wrong with root, as long as it is used responsibly by someone competent to make use of it.

No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.

96carboard said:
Maybe in the hands of an incompetent, but no, you can't just "walk in". Said compromising individual would have to somehow unlock the device in order to authorize the USB debugging session or whatever type of compromise they're attempting.
You are mistaking absolute security for mitigating known and easy to close holes. Bad mistake, which will always make you look like a fool.
While root control of a device can provide a high degree of access to a system, it only does so in the hands of an incompetent. Every single server running connected with the public internet has a root account. If it was so terrifyingly and absolutely dangerous, it would be pretty obvious. But the reality is that those systems are administered, in large part, by competent system administrators, who know how to safely make use of the increased access without guaranteeing that some hostile entity will walk in and take control.
Conversely, consumer electronics are assumed to be placed in the hands of nitwits who will install applications that promise to deliver jiggling lady parts that are published in hostile countries, and even worse, will hit the "ok" button when a root authorization prompt pops up. Yes, consumers, by and large, are a security DISASTER waiting to happen.
So don't you dare make the claim that root access is a violation of sane security measures. There is nothing wrong with root, as long as it is used responsibly by someone competent to make use of it.
Click to expand...
Click to collapse
No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.

erktheerk said:
No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.
Click to expand...
Click to collapse
There's nothing "crippled" about it. Its just AOSP with some hardening.
Yeah briefly looking at that link, their explanations are irrelevant. The bottom line is that they don't want morons who don't know what they're doing modifying the crap out of it, and either (a) having to be supported, or failing that (b) making the project look bad.
Nothing about it makes it "less customizable" than any other AOSP. Magisk/root or anything else installs on it and works just like it does on any other AOSP distribution. It just doesn't have all the broken junk thrown in willy nilly without taking a careful look at the implementation first, i.e., is it actually a *useful* feature, and can it be implemented in a secure manner? As a clear example, take a look at the call recording feature request; https://github.com/GrapheneOS/os-issue-tracker/issues/868 -- clearly a useful feature. The "lineageos" implementation has been brought forward, not as something to pull straight in, but as a point of study and/or somewhere to start building a good implementation -- their implementation is unsatisfactory in terms of security and maintainability.

Rooting this device is so easy compared to attempting to root a z fold 3 or any other recent Samsung flagship

Related

[Q] can someone explain how a root works?

to start yes i used the search bar, for a while. and quite frankly it didn't help one bit
im just curious as to how it works so i could try to figure it out on my own evo as im very impatient to find a way to root my 2.2 phone.
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
063_XOBX said:
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
Click to expand...
Click to collapse
just because someones an expert doesnt make them perfect...
but i work in the satellite industry and commonly do things similar to rooting a phone and am willing to try my hand at doing it on my phone
063_XOBX said:
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
Click to expand...
Click to collapse
Actually your wrong. We use magical beans to empower the very essence of one self, thus making root possible. Ok back to reality its not something you can learn over night trust me. I have been working on some solutions got real close just to get thrown further back. Patience is key to anything in life.
Basically, root is like being the "master administrator" of the file system on your phone. Without root, the phone just recognizes you as an ordinary user and will only give you the ability to read and write to certain parts of the system. Once you find a way for the system to recognize you as "root", you then have access to everything. You can read and write and do almost whatever you want. This could be pretty dangerous if you don't know what you're doing, but that's why we have the SU app to control what is getting full access and what isn't. If you haven't already had experience with a Linux OS to know this, your chances of finding an exploit to root 2.2 are pretty much .00485% .
Root is akin to the networking term "full administrator access". The Android filing system is setup with permission requirements for accessing certain areas. Root means you have been granted read/write access instead of just read-only.
I believe root is also a Linux term denoting the lowest directory on any particular storage device. By rooting, you gain read/write access to this area of your phone's sdcard and the internal storage.
Sent from my PC36100 using XDA App
Roots are constantly growing and digging into the soil for more nutrients and water to feed on. Roots use time and pressure to find water. The penetration may start as an almost microscopic root end, but over time the root grows thicker and pushes its way in deeper, growing more tendrils along the way.​
garyfunk said:
Roots are constantly growing and digging into the soil for more nutrients and water to feed on. Roots use time and pressure to find water. The penetration may start as an almost microscopic root end, but over time the root grows thicker and pushes its way in deeper, growing more tendrils along the way.​
Click to expand...
Click to collapse
---Like---
I've seen some replies as to what what is, but not how you get there. To answer the OP, to get to root, you have to be able to find an exploit in the software that allows you to flash recovery. Once you're able to flash recovery, that can be used to flash su permissions bootloaders, roms, etc. The last exploit was found in how the phone uses flash, and some root methods had you actually opening the browser and going to any site that was running something in flash - this would open the loophole and allow access to things that are normally blocked.
This loophole/exploit has been plugged with 2.2, so now a whole new rood method has to be discovered.
thank you pikkon and fachadick you two have been the most helpful in this.
but also so what your saying is theres no ##xxxxxx# code i could put in to find the administration change menu or anything like that?
If you really want to learn, get some books on Linux and read everything about root access and how to hack the root user.
Sent from my PC36100 using XDA App
envoykrawkwarrior7 said:
thank you pikkon and fachadick you two have been the most helpful in this.
but also so what your saying is theres no ##xxxxxx# code i could put in to find the administration change menu or anything like that?
Click to expand...
Click to collapse
Supposedly there is some sort of code to get access, but its supposed to be impossible to crack. Wiser men than I have discussed the possibility of using brute force attacks to crack the code, but those ideas were discounted when the numbers were crunched and it was determined that it would take a ridiculously long time, using state of the art equipment. As I understand it, the only way to get a crack at the code is if the key is leaked, and it was agreed that the odds of that happening are pretty much nil.
Your best bet if you're serious, is probably to pick up some books on the subject, like the other post mentioned. Try and see if anything in your day-to-day can be transferred over to solving the problem. The way I see it, the more people working on it, the better.
Sent from my blah blah blah blah
I can see 100,000 Iphones Evos working together to crack the SU password. SETI @ Evo team maybe?
fachadick said:
Supposedly there is some sort of code to get access, but its supposed to be impossible to crack.
Click to expand...
Click to collapse
It is the root password. Find out the password and you are in.
weidnerj said:
I can see 100,000 Iphones Evos working together to crack the SU password. SETI @ Evo team maybe?
Click to expand...
Click to collapse
LOVE IT! +1!
Sent from my blah blah blah blah
No offense... but if you don't even know what "root" is, and aren't familiar with the Unix-based software platform, and think you can just fiddle with something in a hidden menu on your phone, you have absolutely no chance at discovering a root method. Zero. It'd be nice if it could work that way though...
Obtaining root is essentially hacking into your own phone. In order to do that, you have to know what potential vulnerabilities there are in the software running on the phone, and how to exploit them to give you precisely what you want. It's a lot of trial and error, reverse engineering, and sometimes, just plain educated guessing backed by experience.
Also, this comment baffles me:
but i work in the satellite industry and commonly do things similar to rooting a phone and am willing to try my hand at doing it on my phone
Click to expand...
Click to collapse
You claim you do things similiar to rooting a phone because you work in the satellite industry, but you don't even know what rooting involoves?? I admire your confidence, but I wish it was more well-placed...
sohr said:
You claim you do things similiar to rooting a phone because you work in the satellite industry, but you don't even know what rooting involoves?? I admire your confidence, but I wish it was more well-placed...
Click to expand...
Click to collapse
well the difference im working on already administrator devices running through a root menu commonly, and to me, technology is technology, no matter how different the usage or device its still just a chip computing algorithms the way it was set up by someone else, which means that anyone else can change what someone else did.

has there ever been a security breech on a custom Rom?

So yes basically I know things on xda are supposedly safe in terms of security and roms. But have there ever been a case of a Rom having something like a keystroke logger or any type of hack to gather information or gain access to your personal stuff? And if it had never happened on xda maybe from one of the other sites?
I suppose I'm just trying to address how safe custom roms are I have been using various ones recently so I do trust them some what of course and I assume if a roms been on xda for months and has many posts it's been checked but I still wonder if someone was clever they could wait for the right moment to strike if you know what I mean. Thanks.
Yea, in a way, you are trusting that the devs have no added anything sinister to their custom ROMs. But in the time I've been here (a long time!) I haven't seen anything like this added to any ROMs. You could always do a full scan of the ROM before flashing it to be sure.
the_scotsman said:
Yea, in a way, you are trusting that the devs have no added anything sinister to their custom ROMs. But in the time I've been here (a long time!) I haven't seen anything like this added to any ROMs. You could always do a full scan of the ROM before flashing it to be sure.
Click to expand...
Click to collapse
What would you scan it with though? Pc viruses and malware different to mobile no? And anyway surely a clever hacker would make there own hack etc. And maybe they just add it to the update add well . Anyway good to hear no ones reported one yet!
Well I will try a pc scanner...phone scanners seem to just check.apk's so that's useless...done some full scans all the same just for the hell off it. Guess I don't have any money anyway so I'm safe . But like I say if they are clever they will write their own code so the scanners won't find it .
Still no one reported ok that's given me more confidence...a bit :s ...
Only thing I new of was start of the year I had a xperia z ultra and the mostly only way to gain root at the time was to use kingo root. It wasn't a XDA developed root tool is was from a Chinese website and it was suspect as it took your phone details like imei number. Not sure what happened in the end. But if you get a phone and you trust the recognised devs you should be OK.
Golly, I sho hope not!
:good::good::good:
How about as of late and the security involved when you have a rooted phone? I have not been able to locate any substantial info concerning the legitimacy of or about the claim. Do I need to UN root my phone after the new flash or no? Or, am I way of base here and obviously don't fully understand the weekness of having a rooted phone? In other words, a rooted phone is just as safe as a non rooted phone?
Thanks in advance
Edit
Randy L said:
How about as of late and the security involved when you have a rooted phone? I have not been able to locate any substantial info concerning the legitimacy of or about the claim. Do I need to UN root my phone after the new flash or no? Or, am I way of base here and obviously don't fully understand the weekness of having a rooted phone? In other words, a rooted phone is just as safe as a non rooted phone?
Thanks in advance
Click to expand...
Click to collapse
No, a rooted phone is not as secure as an unrooted phone. You've opened up access to the system when you rooted, and therefore made it vulnerable.
Not that an unrooted phone is completely secure either, but with root access, a malicious app could do much damage.
What would you suggest since I plan to flash a newer, stable ROM with a newer radio binary? I need to ensure my phone is locked up right as possibly allowable without over taxing the system.
Thanks again
Randy L said:
What would you suggest since I plan to flash a newer, stable ROM with a newer radio binary? I need to ensure my phone is locked up right as possibly allowable without over taxing the system.
Thanks again
Click to expand...
Click to collapse
It's all a trust and common sense game. If you flash a rom you are putting the trust in others hands. No way around that. As for keeping it locked down. Your best bet would be to stay on stock. Root is a security hole and that's why Google is starting to allow apps to check for root and if found disable the app or features of the app.
Luckily most of our ROMS don't come from people stand to gain anything from that info and are probably like-minded when it comes to how we want our phones to work.
To answer some of these questions, it might help to fully understand what we're talking about.
What kind of security issues face an Android phone?
Well, for one, there are network-level attacks. This are fake cell towers (sometimes called Stingrays) that can collect the sort of data a cell tower might be able to collect, your location, your messages, and your data.
A third-party ROM or a rooted phone is not intrinsically more vulnerable to this. In fact, there are some apps that help detect this kind of attack, and those apps will generally require root access. This kind of attack is less likely to be a random skiddie, and more likely to be the police or a government.
Another kind of attack is a malicious app. Think of it like a trojan horse, something you willingly let into your phone, and it has a secret malicious payload. Maybe it's a browser that actually skims all your activity to sell to marketers. Maybe it's a widget that shows a neat clock on your lock screen, but it actually collects all of your contacts so they can be spammed later.
Since this would be an app that you've willingly downloaded, a third-party ROM doesn't make you much more susceptible, but granting this app Root could make it much more damaging, since it could hide itself from uninstallation or even modify other apps to do bad things.
Note, though, that certain third-party ROMs and apps that require root can help protect against this. If you download an app, and it says it needs permissions that don't make sense (why does a clock app need access to my camera, or my contact list?), that should be a red flag to not install it. But some ROMs actually let you revoke/block individual permissions., so if a baddie app was trying to access stuff it shouldn't, you can stop that from happening.
But there's a slightly more insidious kind of malicious app. Imagine third-party app that accesses Twitter, or Snapchat, or Instagram. Now this app actually saves all of the things you're doing elsewhere before it punts them off to the service you're trying to access. This app could be appearing to function completely honestly, hoarding your Snaps and your snapchat password, until one day they decide to leak all your snaps, or upload all the images you sent to your private Instagram to a public site.
You're not intrinsically more vulnerable to this kind of attack with a third-party ROM or a rooted phone. These apps will likely be come from a non-Play store source, which can happen even stock/unrooted. An app like this with root access can do more bad stuff, but their wheelhouse is in doing bad things with the data you've already willingly given them, so it's moot.
Then there's the issue you seem to be most worried about, which is malware baked into a ROM. This is by far the biggest danger in terms of risk, because it could be doing all sorts of nasty stuff relatively invisibly. What prevents someone from doing this, though? Well, for one, with an open source project, everyone can see the code. If there is something flagrantly wrong, it could be spotted by other people. It's possible to try to hide it, though, and some smaller ROMs don't attract a ton of eyeballs, so not that many people might be looking.
Then again, plenty of major ROMs could have the same thing going on, just in very clever or subtle ways. Look at how pervasive the Heartbleed issue was, and that was in code that tons of very smart people had the chance to look over.
Third-party ROMs do present more danger in this regard. What do we consider third-party, though? Major carriers lay tons of extra code on top of vanilla Android. And plenty of them may be doing unseemly things with your data, either for marketing reasons or at the behest of someone like the NSA. In that case, you're best but would be to stick strictly to AOSP ROMs, but even then, it's not a sure thing.
Truth be told, the best thing you can do for security is just pay attention to what you're letting onto your phone, and what you're letting those apps do. Your choice of ROM and root status is a part of it, but being generally aware is by far the most important thing.

OOS 3.2.2 and Safetynet

Hi developers!
Since the OOS 3.2.2 update, systemless root is now failing to pass googled safetynet checks, meaning Android pay no longer works :/ if I roll back to 3.2.1 then it works fine. I'm using the safetynet helped app from the play store to test this. I wondered if any developers or knowledgeable people would know if this is a change in the rom causing this, or just a SuperSU incompatibility?
OOS 3.2.2 validates with no root. I just flash SuperSU when needed and then unroot when finished. (TWRP as recovery) Some of my banking apps will not work with root installed.
Google made server side change that somehow now detects systemless root around 25th July.
spetrie said:
OOS 3.2.2 validates with no root. I just flash SuperSU when needed and then unroot when finished. (TWRP as recovery) Some of my banking apps will not work with root installed.
Google made server side change that somehow now detects systemless root around 25th July.
Click to expand...
Click to collapse
That might have been why then. Worked momentarily before the 3.2.2 update. Cheers for the info
manor7777 said:
Hi developers!
Since the OOS 3.2.2 update, systemless root is now failing to pass googled safetynet checks, meaning Android pay no longer works :/ if I roll back to 3.2.1 then it works fine. I'm using the safetynet helped app from the play store to test this. I wondered if any developers or knowledgeable people would know if this is a change in the rom causing this, or just a SuperSU incompatibility?
Click to expand...
Click to collapse
It's working for you on 3.2.1.? It stopped working for me on that version just prior to 3.2.2. coming out.
Google made changes sever side to prevent it from working. IT is getting to the point of having to pick. Root or android pay. We all knew this was coming.
Mit Hipster said:
It's working for you on 3.2.1.? It stopped working for me on that version just prior to 3.2.2. coming out.
Click to expand...
Click to collapse
It did momentarily but not for long. might have been a glitch or a slow-rollout on googles part. It's not working now!
zelendel said:
Google made changes sever side to prevent it from working. IT is getting to the point of having to pick. Root or android pay. We all knew this was coming.
Click to expand...
Click to collapse
Yeah we were waiting. Someone on XDA will find a way round at some point i bet, but we all knew it was coming!
manor7777 said:
Yeah we were waiting. Someone on XDA will find a way round at some point i bet, but we all knew it was coming!
Click to expand...
Click to collapse
If it was done server side there will be no work around. Plus with the new security measures in the linux kernel (XDA portal post) Things like this will be even harder if not impossible.
zelendel said:
If it was done server side there will be no work around. Plus with the new security measures in the linux kernel (XDA portal post) Things like this will be even harder if not impossible.
Click to expand...
Click to collapse
That's a fair point. Someone made a workaround before that worked for about 6 months through xposed, but to be honest I have twrp so I can flash what I need anyway, no biggie.
manor7777 said:
That's a fair point. Someone made a workaround before that worked for about 6 months through xposed, but to be honest I have twrp so I can flash what I need anyway, no biggie.
Click to expand...
Click to collapse
Yeah that will be the next thing they start looking for. Agreed doesnt really matter to me either. Mobile payments are banned everywhere I go and since I have to legally carry my ID around I also have my cards so even if it wasnt banned I still wouldnt use it.
zelendel said:
Yeah that will be the next thing they start looking for. Agreed doesnt really matter to me either. Mobile payments are banned everywhere I go and since I have to legally carry my ID around I also have my cards so even if it wasnt banned I still wouldnt use it.
Click to expand...
Click to collapse
That's a shame! Where are you based? Its EVERYWHERE in the UK!
manor7777 said:
That's a shame! Where are you based? Its EVERYWHERE in the UK!
Click to expand...
Click to collapse
I am in the US. It is available in most places just not in my town. After it was proven that it could be intercepted and the fact that stores are making their own alt to the pay apps, they decided to just block them.Even my Credit union has removed the chip from their cards due security concerns.
Like I said even if it was I still wouldnt use it. I am smarter then keeping things like my credit card info stored on a device that is always sending data everywhere. Mainly when you think about the fact that keyboards can record every keystroke.
Also I have to keep my ID on me at all times so it is just faster to take my card out and hand it to the cashier.
zelendel said:
I am in the US. It is available in most places just not in my town. After it was proven that it could be intercepted and the fact that stores are making their own alt to the pay apps, they decided to just block them.Even my Credit union has removed the chip from their cards due security concerns.
Like I said even if it was I still wouldnt use it. I am smarter then keeping things like my credit card info stored on a device that is always sending data everywhere. Mainly when you think about the fact that keyboards can record every keystroke.
Also I have to keep my ID on me at all times so it is just faster to take my card out and hand it to the cashier.
Click to expand...
Click to collapse
It's only stealable (like with card skimming) whilst the screen is on, at least on a phone. I have a card that I transfer money too whenever I use it (its actually my PayPal card) so I don't have too much of a risk there. They have done a few things like that over here in the UK too but I'm still cautious about it. I have a few measures in place to prevent some of that
manor7777 said:
It's only stealable (like with card skimming) whilst the screen is on, at least on a phone. I have a card that I transfer money too whenever I use it (its actually my PayPal card) so I don't have too much of a risk there. They have done a few things like that over here in the UK too but I'm still cautious about it. I have a few measures in place to prevent some of that
Click to expand...
Click to collapse
Thats all it really takes. When checked they found that the majority of the card readers had some sort of extra device installed on it. Like I said it is not a big deal for me as I wouldn't use it if it was available.
I was using systemless root for a while, it passed system checks just fine. But the funs over now, they've patched it. :/

Anyone go back to stock from rooted?

I have been finding myself only using Magisk for EmojiOne, but noticing I don't use Emoji like I used to anymore and am thinking since I only use Substratum with a Center Clock mod and have stopped using it for Dark theming, maybe going back to a stock based setup would be fine. I can use the Andromeda thing with Substratum which is an extra step but can do my center clock and possibly emoji one via substratum... not sure what else I would want root for... Updating is a touch of a pain for me. What do yo guys think, and have any of you gone back to stock?
I went back to stock just because I didn't want to have the uncertainty of being rooted.
Nothing wrong with rooting but I love this phone the way it is.
Sent from my Pixel 2 XL using Tapatalk
For myself Rooting was a necessity. The devices sold in the past had so much Crapware.
It was nice to get the latest and greatest ROM and tweak the device to run faster because at that time they were just plain old slow.
Today, depending on where you bought a device devices are very fast. It seems to me that every ROM has an issue that influences the character of the device.
If your device comes from a carrier such as Verizon you should Root it to get rid of their crapware.
It seems their attitude is you only have the right to buy their device not the ability to control, I mean really you think you own it or something? ( yes I'm a VZW hater)
What was the question?
kdkinc said:
For myself Rooting was a necessity. The devices sold in the past had so much Crapware.
It was nice to get the latest and greatest ROM and tweak the device to run faster because at that time they were just plain old slow.
Today, depending on where you bought a device devices are very fast. It seems to me that every ROM has an issue that influences the character of the device.
If your device comes from a carrier such as Verizon you should Root it to get rid of their crapware.
It seems their attitude is you only have the right to buy their device not the ability to control, I mean really you think you own it or something? ( yes I'm a VZW hater)
What was the question?
Click to expand...
Click to collapse
Lol, I agree 100%. I can simply disable gMail and Calculator, the only 2 APPs pre-installed on my Pixel 2 XL that I don't need. I use Inbox by Google for eMails and a Calculator Widget for that. Aside from the EmojiOne and CenterClock, I don't even dark-theme anymore, especially not on this device with the "black crush" all the OLEDs have an issue with. I was rooted fro KCal, but am finding the Boosted setting works just fine and oddly my Blue Tint has weakened since my first few days where it was really bad. Almost like the display is wearing in and getting better? It's still there, but just not as much as that first fresh opening, so warming up the display isn't needed much for me now either.
I like to see where people's heads are at with each device, and this is one the extra input is nice to read.
I'm actually on the fence about rooting. Just received my phone this weekend and I can't decide. Going to unlock bootloader before fully setting up, but I have been playing with it a little. I've always rooted and ran custom ROMs as well as adaway. With PureNexus on my N6 I stopped flashing for over a year except the occasional ROM update. I simply like Android in it's simplest form.
I will always root, no matter what. The only downside is like you said, having to mess with getting OTAs in an unnatural way. However, seeing as how I flash all factory images, I get them sooner than those waiting on an OTA to hit their phone. Plus once you have all the tools ready to go, it literally only takes a few minutes to flash an update.
I always root because I usually run stock. And while stock on a Pixel 2 XL is damn near close to perfection, it will never be what "I" consider perfect. Which means I have to mess with the /system files to get things "perfect." I've modded the stock launcher, which I couldn't do if I was rooted. I've switched out fonts. I've changed the navbar, status bar, and quick settings. And of course, there's always AdAway which requires root. Granted some of those things can be achieved with third party apps, but I'd rather get it done "internally" whenever possible.
I used to have it for years, then more and more companies (Google and banks) made their apps check for root, and I tired of the cat and mouse game with SuperSU and Magisk. So I unrooted over a year ago. Didn't miss it at all until yesterday, when I wanted to do something with Tasker that requires root. But what I wanted to do falls into the category of "it would be nice" as opposed to "I have/need to do this", so I remain unrooted. I haven't really missed it much.
I am stuck without root since I have the Verizon model which was given to me free from work so I cannot complain too much. I have always rooted and messed with ROMs. The only thing I would need root for with the 2 XL is ad blocking with Chrome. I am trying the Samsung browser and ABP which work pretty well together.
If I didn't have the noise cancellation mic issue on my 6P I think I would have given up root a long time ago...
I rotate between stock and rooted daily lol
Sent from my Pixel 2 XL using Tapatalk
I am sort of glad I found this thread. I'm not a XDA regular but I've been following root guides from here since my Razr Mazz HD. I chose the Pixel in part for the ease of getting root and for Project Fi. Now that I have the phone, I'm not sure I want to root. I've never had a phone with quick updates before. I LOVE AdAway, but is it really worth the tradeoff? AdGuard is just as good if you don't use your VPN slot but if you DO use a VPN and need it.... not rooting forces me to choose between PIA and AdGuard. But do I even need a VPN anymore with Project Fi? Probably... Firefox with uBlock works pretty well too but doesn't work on apps. Oh the decisions.
Ruraltech said:
I am sort of glad I found this thread. I'm not a XDA regular but I've been following root guides from here since my Razr Mazz HD. I chose the Pixel in part for the ease of getting root and for Project Fi. Now that I have the phone, I'm not sure I want to root. I've never had a phone with quick updates before. I LOVE AdAway, but is it really worth the tradeoff? AdGuard is just as good if you don't use your VPN slot but if you DO use a VPN and need it.... not rooting forces me to choose between PIA and AdGuard. But do I even need a VPN anymore with Project Fi? Probably... Firefox with uBlock works pretty well too but doesn't work on apps. Oh the decisions.
Click to expand...
Click to collapse
If you like it the way it is, then I'd just leave it. It's a great device on stock. However, having root, AdAway, TiBu, kernels, and mods, is a lot of fun as well. As long as you know adb and fastboot fairly well, rooting and flashing monthly updates is pretty easy :good:
I was rooted from the get go!!
I'm going to try to live without root for a bit but already hating not having AdAway. I just know I won't keep up with updates if I have to do them. I sure wish AdAway didn't need root
Ruraltech said:
I am sort of glad I found this thread. I'm not a XDA regular but I've been following root guides from here since my Razr Mazz HD. I chose the Pixel in part for the ease of getting root and for Project Fi. Now that I have the phone, I'm not sure I want to root. I've never had a phone with quick updates before. I LOVE AdAway, but is it really worth the tradeoff? AdGuard is just as good if you don't use your VPN slot but if you DO use a VPN and need it.... not rooting forces me to choose between PIA and AdGuard. But do I even need a VPN anymore with Project Fi? Probably... Firefox with uBlock works pretty well too but doesn't work on apps. Oh the decisions.
Click to expand...
Click to collapse
I'm not regretting going back to stock from rooted as the only things I no longer have is center clock and emojione, which I 'could' get using Andromeda / Substratum but heard you have to reconnect to the computer anytime you reboot the phone and decided that's just not worth it for me. I am interested in ad blocking if possible without Root for Chrome. Only Ads that get in my way are via "News" and articles I touch from the Google Feed. Sadly many lately are blatant click-bait, page-hopping crap and slideshows that I refuse to go past the first page on.
Edit: Well, just ran across something known as DNS66 and have that up and running without Root and sure enough, it's blocking Ads on everything, even in Chrome without issue.
sharkie405 said:
I will always root, no matter what. The only downside is like you said, having to mess with getting OTAs in an unnatural way. However, seeing as how I flash all factory images, I get them sooner than those waiting on an OTA to hit their phone. Plus once you have all the tools ready to go, it literally only takes a few minutes to flash an update.
I always root because I usually run stock. And while stock on a Pixel 2 XL is damn near close to perfection, it will never be what "I" consider perfect. Which means I have to mess with the /system files to get things "perfect." I've modded the stock launcher, which I couldn't do if I was rooted. I've switched out fonts. I've changed the navbar, status bar, and quick settings. And of course, there's always AdAway which requires root. Granted some of those things can be achieved with third party apps, but I'd rather get it done "internally" whenever possible.
Click to expand...
Click to collapse
Whats your few minute process? Do you only have a few apps to restore with data?
plisskenn said:
Whats your few minute process? Do you only have a few apps to restore with data?
Click to expand...
Click to collapse
Flash without wiping data.
plisskenn said:
Whats your few minute process? Do you only have a few apps to restore with data?
Click to expand...
Click to collapse
See below. ?
jrbxx7 said:
Flash without wiping data.
Click to expand...
Click to collapse
Sent from my Pixel 2 XL using XDA Labs
First thing I did with my unlocked XL 2 was to unlock the bootloader. I then rooted once Magisk was available. I root so I can do pain-free full TiBu of my apps and for AdAway. Even though I have corporate email on my phone, the Magisk Hide bypasses their restrictions in the email app.
I'm actually kind of shocked we don't have more ROMs for this phone, though I'm not a Dev and don't know how complex it may be. If more Devs release custom ROMs, I'll be trying some out for sure.
I never buy android phone unless it's bootloader-unlockable and root-able
Too many handicap applied without root.
I hate dns/vpn based adblock, it cluttering my status bar and notification. So, yes, i need root for adaway,
Google limit Tethering frequency option for my country (No 5Ghz) so, yes, i need root to enable it,
I like the ability to background play youtube, and see youtube without ads, so yes, i root my phone for that. Sure, no root option is available, but lot of problem with google account cant sign in, and this and that.
I like the ability to use Brevent, Edge Sense Plus, Greenify etc without the need of plugging my phone to PC and do adb command. So, yes, i rooted my phone for that.
The phone will never be 100% yours, unless you have total control over anything inside it
So,
There's no way am back to stock. Especially with xposed working so well right now.
otonieru said:
I like the ability to background play youtube, and see youtube without ads, so yes, i root my phone for that. Sure, no root option is available, but lot of problem with google account cant sign in, and this and that.
Click to expand...
Click to collapse
Assuming you are using Magisk, how did you get YouTube Red without subscribing? (You can PM me if you don't want to hijack this thread...)

To root or not to root

I've had my Pixel 2 XL for 2 weeks now and am very impressed with all of the customizations. Quick question: is it worth it to root it? My bootloader is unlocked, BTW. What are some additional benefits it I choose to root it?
t4duzan said:
I've had my Pixel 2 XL for 2 weeks now and am very impressed with all of the customizations. Quick question: is it worth it to root it? My bootloader is unlocked, BTW. What are some additional benefits it I choose to root it?
Click to expand...
Click to collapse
The "worth it" part is up to you. What is it you want to achieve? If you want to....
Flash custom roms and kernels..
Use add blocking and themes..
Install sound mods...
Or just customize the crap outa it.....then yes.
However, a word of caution, do your research into flashing procedures, and become very familiar with fastboot just in case something goes wrong, and you need to recover your device.
Also, if you use certain banking apps, they may not work if your rooted. If you have anymore questions, feel free to ask. There are bunches of helpful people on XDA that are happy to help you. :good:
Badger50 said:
The "worth it" part is up to you. What is it you want to achieve? If you want to....
Flash custom roms and kernels..
Use add blocking and themes..
Install sound mods...
Or just customize the crap outa it.....then yes.
However, a word of caution, do your research into flashing procedures, and become very familiar with fastboot just in case something goes wrong, and you need to recover your device.
Also, if you use certain banking apps, they may not work if your rooted. If you have anymore questions, feel free to ask. There are bunches of helpful people on XDA that are happy to help you. :good:
Click to expand...
Click to collapse
Thanks for the advice and info Badger50. I think I'll do as you recommend and research it for awhile.
Also insurance apps detect root also and some games
Magisk is a great app for hiding root from these apps most of the time.
If you want to keep up to date on the monthly Google updates it can be a bit of a pain as you have to replace your boot image and kernel and even then can have issues with the way pixel handles the rom.
But with that said it's good to at least do it learn a bit about what goes into it see if it is good for you.
Good to have a backup phone and or know your restore procedures.
Pretty hard to brick a phone with the pixel phones.
Just have to follow some steps exactly the way they tell you.
I stay stock now because of the updates some times it takes me a day to get time to fix the phone to accept the update and work properly and I like having accu battery have history from start of the phone
Sent from my Pixel 2 XL using Tapatalk
Taimen_#1
Without a doubt, hands down, currently I need Root. If the device has no solution then it's the last one I would pick. Currently I'm running Havoc with Magisk 18. I have the viper/Dolby sound benefits with my favorite Sony features & apps. Also I'm running lawnchair w/ quickswitch module. All in all I guess you could say I have a problem. Every since I learned I could update to KitKat instead of being stuck on stock gingerbread I've been rooting. Thanks:good:
If you have a warranty (sounds like you bought it used) or you have have insurance they will be void if you are unable to restore to stock.
That's why I don't root.
Just something to be aware of.
One of the best and ultimate reasons to root is to be able to take a nandroid backup that's better than any non-rooted backup method! It will literally backup and remember everything (due to all of this residing in the /data partition)! Your homescreen, settings, app and its data,down to every little thing!
Being able to move the clock back to the right, modify so it's better on battery life and cpu quickness, enjoy extra features in apps, and many other "tweaks" are secondary but very enjoyable and satisfactory...
it's an interesting question to me, because this is the first phone that I have decided not to bother rooting. It is also my first pixel/Nexus which I think is part of the reason. In the past getting rid of bloat and many of the controlling aspects from carriers was important to me. With the pixel, there is very little of that. Plus it just works, I'm not working around issues.
maybe I'm getting old, but to me the phone is now something I want to use not something I want to play with. When I root the phone, I have to keep up with security updates and I'm usually also fixing and patching things from trying different mods. So far the pure Android experience from Google has proven reasonably reliable and stable, and it just doesn't seem worth the hassle anymore. I will continue to buy phones I can root, how's that may change at some point.
Right now, my opinion is, for me, there is no need to root
I haven't unlocked my bootloader or rooted since the first pixel. I use adguard premium and YouTube vanced. Currently, absolutely no need for root anymore. Just my two cents.
simplepinoi177 said:
One of the best and ultimate reasons to root is to be able to take a nandroid backup that's better than any non-rooted backup method! It will literally backup and remember everything (due to all of this residing in the /data partition)! Your homescreen, settings, app and its data,down to every little thing!
Being able to move the clock back to the right, modify so it's better on battery life and cpu quickness, enjoy extra features in apps, and many other "tweaks" are secondary but very enjoyable and satisfactory...
Click to expand...
Click to collapse
Everything related to apps and app data. Anything on the internal sdcard, not so much.
Sent from my [device_name] using XDA-Developers Legacy app

Categories

Resources