As stated in the title, Adaway after reboot will be disabled, have to re-enable it each time, have read sometimes it's device specific, reference to the HTC I believe, because of how it's partitioned. Wonder if the same for Moto X?
Wondering if anyone else has figured it out. Thanks
M973 said:
As stated in the title, Adaway after reboot will be disabled, have to re-enable it each time, have read sometimes it's device specific, reference to the HTC I believe, because of how it's partitioned. Wonder if the same for Moto X?
Wondering if anyone else has figured it out. Thanks
Click to expand...
Click to collapse
Are you rooted, booting into recovery to disable write protection, and then running AdAway?
That's all you should need to do. Then reboot normally and the .hosts file changes should stick. This is what I've been doing and it works every time.
Pretty sure this is because the system partition isn't normally mounted read/write. AdAway works by editing the hosts file, which lives in the system partition.
Are you rooted with MotoRoot, or PwnMyMoto? The only way AdAway settings could stick through a reboot is to boot into PwnMyMoto's write protection bypass mode (recovery mode), and run it there.
I rooted with PwnMyMoto, installed xposed framework for Motoxposed, rebooted only then into recovery to enable write so motoxposed would work, which is running fine. I'll have to look at how I run the app Adaway from within recovery.
Thanks
Edit: so meaning, if I reboot, I need to reboot from recovery, as opposed to other rooted apps that stay set even with a normal reboot, I may need to reboot recovery each time? Otherwise, I find after a normal reboot, just launching Adaway and "enabling" does fine, too, no reboot after needed.
I have the same issue, but if I boot from recovery, wifi will not work. So, I can either choose no ad block or no wifi and no idea how to fix either.
Sent from my SAMSUNG-SM-N900A using Tapatalk
I'm an AT&T unlimited plan user trying to figure out the least painful way to enable tethering, preferably without wiping the device, and then unroot it. The story is I can't root permanently because my employer uses a nasty MDM (MaaS360) that checks for root. You can use Xposed to mask it, but don't think that's an option yet on Lollipop. Is there any way to root, edit build.props, and unroot all without wiping? I know you can temporarily flash something like TWCR, but that requires unlocking the bootloader, which wipes the device. Thoughts?
Thanks a ton!
PS: Keeping OTA updates working would be amazing ☺
Settings -> More - > Tethering & portable hotspot.
No root required.
knitler said:
Settings -> More - > Tethering & portable hotspot.
No root required.
Click to expand...
Click to collapse
Won't work for those of us with AT&T unlimited plans. Should have mentioned that... Will update.
1. Use the Nexus Multitool to root your phone
2. Download Root Browser
3. Go to /System/ and open your build.prop file - it will give you the option to open in a text editor
4. At the end of the file, add "net.tethering.noprovisioning=true" (without quotations)
5. Reboot and test the hotspot by going to your settings app, more, then tethering & mobile hotspot
6. Use the Multitool to unroot your phone
Nevermind, I'm an idiot. You'll lose the build.prop edit when you un-root.
Won't unrooting require flashing to stock and loss of user data?
mtpease said:
1. Use the Nexus Multitool to root your phone
2. Download Root Browser
3. Go to /System/ and open your build.prop file - it will give you the option to open in a text editor
4. At the end of the file, add "net.tethering.noprovisioning=true" (without quotations)
5. Reboot and test the hotspot by going to your settings app, more, then tethering & mobile hotspot
6. Use the Multitool to unroot your phone
I don't have an AT&T Sim to test it, but it should work for you
Click to expand...
Click to collapse
gsmm0n said:
Won't unrooting require flashing to stock and loss of user data?
Click to expand...
Click to collapse
You're right. I don't know what I was thinking. I can't think of any way to un-root without losing the build.prop edit.
Sorry.
Why not just do the edits needed and stay rooted? Its not like being rooted causes anything bad to your device. You'll still get OTAs, and even if you did get a OTA. The OTA script would fail because you performed a modification on /system/build.prop which would need you to undo the added line.
You can always just go into SuperSU and uncheck "Enable SuperSU" if you don't want root.
Only reason I'm avoiding it is because my employer uses a MDM that will stop my corporate access from working if rooted... I suppose that might work though, but thinking it may still detect SuperSU...
zephiK said:
Why not just do the edits needed and stay rooted? Its not like being rooted causes anything bad to your device. You'll still get OTAs, and even if you did get a OTA. The OTA script would fail because you performed a modification on /system/build.prop which would need you to undo the added line.
You can always just go into SuperSU and uncheck "Enable SuperSU" if you don't want root.
Click to expand...
Click to collapse
gsmm0n said:
Only reason I'm avoiding it is because my employer uses a MDM that will stop my corporate access from working if rooted... I suppose that might work though, but thinking it may still detect SuperSU...
Click to expand...
Click to collapse
Could always give it a try, you'd have to wait for Xposed to work with ART and then you can use RootCloak
http://repo.xposed.info/module/com.devadvance.rootcloak
gsmm0n said:
Won't unrooting require flashing to stock and loss of user data?
Click to expand...
Click to collapse
You don't need root to make changes to your phone. All you need is an unlocked bootloader. Copy the file on to storage where it can be edited and make the changes. Then boot into bootloader and boot twrp by executing "fastboot boot twrp.IMG" or whatever image name it came with. This will just boot and not actually install twrp. Once in recovery, use the explorer to copy the newly edited file back to original location.
Check permissions on the old file before you do it and if needed make them the same as the new version. Also, make sure you do a backup while you're there in case you mess up something.
By the way if you have sprint or tethering doesnt work you have to edit more then just that line in build.prop
Check here for more details http://forum.xda-developers.com/showthread.php?t=2949024
hey guys i have one problem with supersu.
i installed clean master and do cleaning **** and startup cleaning things and after reboot all apps that have granted root permission( foldermount, gmd gestures, lightflow, etc), these apps shows no toast popup after boot and to make them grant permissions i have to open them. Same thing when i installed boot manager and did not do anything but boot and again no supersu toast popups about root permissions after boot.
is there a way to keep the root grants after the boot? ( i have checked default acces to grant in supersu app)
I'm having problems with clean master working with SuperSu too.
clean master is so powerfull that disables supersu permissions.
They probably change some file permissions that SuperSU frowns at.
Chainfire said:
They probably change some file permissions that SuperSU frowns at.
Click to expand...
Click to collapse
i want to maintain supersu permissions after every boot no matter what. is there some option in supersu to be activated for that?
i'm on note 3 rooted with stock tw.
''enable supersu during boot''
please explain to me for what is this option
thx :good:
bump
dancapitan said:
''enable supersu during boot''
please explain to me for what is this option
thx :good:
Click to expand...
Click to collapse
This option has a summary that's pretty unclear. I've emailed the dev, hope to receive an answer soon. Fact is apps running during the boot_completed seem to get root randomly if this option is not enabled! Let me insist on the random fact, as my apps get root on boot frequently but not all the time. Other users have reported the same random behavior. Once the option is enabled everything works as expected!
However the option seem to imply that any root request on boot will be granted!? Regardless of user choice????
To make it short, check the option "enable supersu during boot" and root apps will receive root on boot as they used to!
3c said:
This option has a summary that's pretty unclear. I've emailed the dev, hope to receive an answer soon. Fact is apps running during the boot_completed seem to get root randomly if this option is not enabled! Let me insist on the random fact, as my apps get root on boot frequently but not all the time. Other users have reported the same random behavior. Once the option is enabled everything works as expected!
However the option seem to imply that any root request on boot will be granted!? Regardless of user choice????
To make it short, check the option "enable supersu during boot" and root apps will receive root on boot as they used to!
Click to expand...
Click to collapse
You should turn this into a proper bug report in the proper thead (either the beta or its own new thread) with all the useful information you think may be relevant. There is no email support, all support is here.
The option itself is for apps that run before Android is fully up and running, or su from adb shell during a bootloop, etc. I thould not influence apps running su from bootcomplete receivers, and if it does, then that needs to be investigated.
Is there currently any way to enable this feature via ADB on a boot looped phone? I really wish I would have known about this! I wouldn't be stuck where I'm at if I had only checked this option. Device is stuck at LG logo, no download or recovery, but has access to ADB. SU was installed, but I don't have root via ADB since the phone isn't finished booting...thus I'm not able to copy over the proper system.img or change the recovery/laf. Dang!
I have the problem too, when I install Fake Wifi, the automatic SuperSU granted is not working. Please help some advance. Thank's.
Hey guys why root required apps request for root access after installing super su
I have the same problem, have to add a task in tasker, auto open supersu and root granted apps once after boot,
So I have a problem here. I rooted my X1049 with kingroot, to get temp root, removed write protection with the remount command on the terminal emulator, and installed Safestrap. It installed just fine. But when I reboot my phone to enter Safestrap, it doesn't show up, because when my phone boots up and I check the system partition with my file explorer, both Su and Safestrap have been removed. I have also tried to replace Kingroot with SuperSU, which doesn't work as when I open SuperSU it says I need to upgrade the Su binaries which fails. And when I reboot my phone, Su is removed, yet again. So to me it seems like the main problem is Android rolling back my changes to /system. I really need help with this, so plz respond as soon as possible.
Sent from my XT1049 using Tapatalk
Write protection cannot be turned off yet, all changes to /system will always rollback.
If anybody finds any way to disable write protection on the Moto X 4.4.4 please post here.
Sent from my XT1049 using Tapatalk
I know that some root methods have it so that when you enter recovery from the bootloader, android boots into write protection off. Does anyone know how this is done? And is it possible to do something like this on 4.4.4?
Given the situation that I needed to unlock bootloader and install TWRP inorder to be able to do full image backup (i.e. Nandroid), I have been wondering what are the underlying security issues to be faced after unlocking and installing TWRP (without moving onto root) in a specific situation where the device is lost or stolen?
Lets say if I am on stock OOS with encryption enabled + Fingerprint and password/pin set on lock screen + USB debugging disabled + locked bootloader + stock recovery, in the unfortunate event where my device were to get lost or stolen, I can expect my personal data to be safe from prying eyes since the person who has gotten a hold of my phone will have to do a factory reset to get into the phone or unlock bootloader which all meant my personal data will be wipe. So that's a good outcome in an unfortunate one.
But let's say if now I were to (i) unlock my bootloader and (ii) install TWRP (but retaining it as read only without system modification), (iii) restore all app, data and settings, and go on to (iv) perform a nandroid backup. And after that, proceed to (v) disable USB debugging and (vi) re-enable encryption and (vii) set fingerprint and password on lock screen. And I shall stopped there without rooting or flashing dm verity. Can I still expect my personal data to be safe from prying eyes in the event of lost or stolen? Meaning that whoever gets a hold of my device will likewise need to wipe it clean before he/she is able to use it? Is this the case or can the person access my data using some hacks now that the device runs custom recovery?
An interesting guide I had came across contained various means of accessing personal data (read - https://forum.xda-developers.com/showthread.php?t=2620456) by bypassing android password, patterns, etc set on the locked screen, and some methods required USB debugging to be enabled while some required custom recovery installed.
To be sure if I am still able to protect my personal data when device is stolen/lost with an unlocked/TWRP installed device, my curiosity took me on an investigative path using an old Samsung Note 3 to unlock bootloader and install TWRP, then proceed to enable encryption and disable USB debugging and set lockscreen password. And now for the next couple of days where I can find free time, I will try out all 7 methods to see if an unlocked Note3 with TWRP is susceptible to these security compromise. I will come back to this thread later to update my findings.
I really welcome any information or inputs too!
To summarize, the state of my old Note 3 used in this investigation is as follows:
1) Bootloader unlocked
2) TWRP (3.0.2) installed as "read only" without system modification
3) ROM (CM13) encryption enabled
4) Locked screen password set
5) Device not rooted
6) USB debugging disabled
When I boot into TWRP, I realized that even if I set it to read only, any person who has gotten hold of my device can set it to system modification since TWRP is not password or pin protected. Therefore setting to "read only" is sort of irrelevant in this investigation to find out how vulnerable the device is right now.
The second thing I realized, is TWRP will ask me for android password to mount my internal sdcard since my ROM is encryption enabled. This is a good thing, since in this case TWRP internal file manager will not be able to access my device internal sdcard containing some of my personal data.
The 1st method I tried is:
METHOD I
Solution For Everyone With Recovery (Cwm, Twrp, Xrec,Etc...) Installed:
INSTRUCTIONS:
1. Download this zip Pattern Password Disable (Download from attachments) on to your sdcard (using your PC, as you cant get into your phone, right )
2. Insert the sdcard into your phone
3. Reboot into recovery mode
4. Flash the zip
5. Reboot
6. Done!
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
The steps I took:
A) Set TWRP to system modification
B) When TWRP asked me for password to mount partition, I choose "cancel" since I am trying to imitate the person who has gotten hold of my device won't be able to guess my password
C) Flashed the pattern password disable zip file
And voila!... my password on locked screen is still intact. Meaning that entering any random password does not gain access into android. Only the original password can.
Good news certainly. Don't know why this hack doesn't work, probably it is outdated or probably due to my system is still encrypted when I flashed the hack zip file.
As to the 2nd method, I didn't try out as I don't know how to use Cygwin...
METHOD 2
Solution For Everyone Without Recovery Installed - ADB :
What You Need:
=>A computer running a Linux distro or Windows+Cygwin
=>USB cable to connect your phone to the PC
=>Adb installed
How to install adb:
1. Open Terminal
2. Type:
Code:
sudo apt-get install android-tools-adb
Hit [Enter]
3. Follow the instructions until everything is installed.
INSTRUCTIONS:
1. Connect you (turned on) Phone to the Computer via USB.
2. Open a terminal window.
3. Type:
Code:
adb devices
adb shell
cd data/system
su
rm *.key
4. Done...Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 3 is irrelevant to this investigation therefore it has been omitted.
METHOD 3
Solution For Everyone Before Lock Accident :
SMS Bypass - Download Link - Install It On Your Device (Download from attachments)
This App Allows You To Remotely Bypass Your Phone's Screen Lock By Sending A SMS.
It Removes Your Gesture Pattern Or Password After Receiving A Preset Keyword Along With A Secret Code Via SMS.
SMS Bypass App Requires Root.
INSTRUCTIONS:
1.First, make sure you give permanent root access to the app.
2.Change the secret code to your preferred choice. The default password is : 1234
3.To reset your screen lock, send the following message from another phone:
Code:
secret_code reset
Example:
Code:
1234 reset
Note 1 : There is a space between your secret code and reset. Also the secret code is case sensitive.
Note 2 : There is an option available to change the preset keyword. Default is : reset - Your phone will restart and your lock screen will be reset.
Note 3 : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Given that method 5 is in fact similar to method 2 therefore it has been omitted as well.
METHOD 5
Solution For Everyone Via Adb - File Removal :
INSTRUCTIONS:
=>Type This Command In Your Terminal (CMD Prompt) :
Code:
adb shell rm /data/system/gesture.key
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 6 will not work since that hack required USB debugging to be enabled.
METHOD 6
Solution For Everyone With USB Debugging Enabled :
INSTRUCTIONS:
Primary Step for all method:
Download & Extract to anywhere - Bypass Security Hack (Download from attachments)
Open SQLite Database Browser 2.0.exe in SQLite Database Browser.
Run pull settings.db.cmd inside By-pass security Hacks folder to pull out the setting file out of your phone.
Drag settings.db and drop to SQLite Database Browser 2.0.exe program.
Navigate to Browse data tab, At table there, click to list down the selection & selete secure
Instruction To Remove Pattern Lock:
Now, find lock_pattern_autolock, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove PIN Lock:
Now, Find Or Create lockscreen.password_type, double-click & change it's value to 65536, Apply changes!
Now, find lock_pattern_autolock, Delete Record, If doesn't exist, Ignore
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove Password Lock:
Now, find lockscreen.password_salt, Delete Record
Now, find lockscreen.password_type, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
I then tried out method 7 using the Aroma file manager however all these 3 versions (Version 2.00 [BETA1]- KACAPI, aromafm-1.91, and aromafm-1.90) does not open up after flashing the zip with system modification enabled on TWRP. Mostly likely these outdated versions of the Aroma file manager are not supported by the latest version of TWRP (3.0.2) since the developers have ceased all work related to it.
METHOD 7
Solution For Everyone With Recovery Installed :
INSTRUCTIONS:
1.Download and Copy Aroma File manager.zip (Download from attachments or http://forum.xda-developers.com/show....php?t=1646108) to your memory card.
2. Open your recovery (press volume Down + Power button or it can be different according to the phones. Generally the phones who have press able button on the middle they have to press all three buttons. Google for you pattern there are lots)
3. There’ll b an option in recovery called “mount”. Go in that option and then mount all the cache and everything it is there.
4. Then select “update” and select “apply update from SD/external” and select aroma file manger.zip file that you downloaded using above QR code above.
5. After Flashing or updating, the aroma file manger will open. Use volume keys for up/down and power button 2 select like you use to get into recovery.
6. In aroma File manager , Go to menu , which is located in bottom strip and then select Settings.
7. Go to bottom n select “mount all partition in startup ” then exit from aroma file manger.
8. Now after exit , re-update that aroma file again and it will open again.
9. Go to data >> and then System.
Then find ‘gesture.key’ (for pattern lock) and ’password.key’ (for password lock) then long touch on gesture.key or password.key and sum option will be prompted , choose delete and delete that file and restart.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
And now onto the last method which is method 4 using SQL command. After starting adb daemon, adb devices are not found and hence the following steps could not be taken. I think this could be due to the device having USB debugging disabled. Hmmm...
METHOD 4
Solution For Everyone Via Adb - SQL Command :
INSTRUCTIONS:
=>Type This Commands Separated In Your Terminal (CMD Prompt) :
Code:
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit
=>Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
After going through all these methods, I am inclined to think that personal data is still protected in an unlocked/TWRP installed device as long as USB debugging is DISABLED and ROM is encrypted and fingerprint/password set on lock screen. What do you think?
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
Click to expand...
Click to collapse
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Click to expand...
Click to collapse
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
The main security risk is that it allows anyone to flash something harmful without you knowing on to your system. Your data may be encrypted and protected but they can still flash something onto another partition.
You could be happily using your phone unaware there's a rogue app capturing and sending data to someone.
Zegnalabel said:
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
Click to expand...
Click to collapse
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Michalko5896 said:
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Click to expand...
Click to collapse
Thank you so much! Found the data usage setting and updated to 4.0. :laugh:
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
...
Click to expand...
Click to collapse
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
xclub_101 said:
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
Click to expand...
Click to collapse
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Michalko5896 said:
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Click to expand...
Click to collapse
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
xclub_101 said:
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
Click to expand...
Click to collapse
well, google is stating, that unlocking bootloader will turn off the dm-verity.
This is an interesting discussion- I have a Nexus 5X, but I use a custom configuration:
1) locked bootloader
2) verity turned on for the system partition so that I can check the key fingerprint and verify integrity.
3) customized cm recovery - I installed my adb keys so I can connect to it. I also changed the signing keys, so I have to sign any roms that get flashed.
4) encrypted userdata with pattern protection. I think a password would be stronger, but I'm using a larger, complex pattern. Fingerprint unlock is turned on, which has its own attack surface.
I think the fingerprint sensor is the biggest risk. This is mitigated at reboot since the pattern will be required. If I built the recovery properly, the only way to flash anything would be to have access to my signing keys or adb keys. Of course, this is all still vulnerable to any unpatched exploits.