Related
Quick question, I'm seeing the few ROM's available to DL and flash now all have decryption built in do you think there will be any ROM'S that devs might develop that have same encryption as stock or am I inevitably going to have to decrypt? Thanks!
Some of the roms give you the option to be encrypted or decrypted, it is not forced upon you. Its based on the kernel that you're using so you'll have to look into them.
DSinfinite said:
Quick question, I'm seeing the few ROM's available to DL and flash now all have decryption built in do you think there will be any ROM'S that devs might develop that have same encryption as stock or am I inevitably going to have to decrypt? Thanks!
Click to expand...
Click to collapse
The roms have encryption but is not enforced. If your encrypted you'll stay encrypted. If your decrypted you'll stay that way.... If you want to encrypt just simply format your data and you will encrypt upon boot
The Pure Shamu ROM for example, I'm still encrypted just like stock and when I flashed it I was required to enter a password yet the dev states the ROM comes with stock kernel - I guess I'm confused w/ this whole encryption scenario..
I have had some issues with my phone since unlocking with sunshine. See separate thread http://forum.xda-developers.com/droid-turbo/help/help-bricked-xt1254-unlocking-to-t3279581 for description. I have a theory about this now and would like some opinions from folks with more experience.
I used device encryption on my Turbo before the OTA update to Lollipop. After encrypting the phone I would be prompted to enter my PIN to decrypt the data partition before the phone would boot, and then I'd have to enter the PIN again after boot to unlock it. After the OTA I no longer had to enter my PIN when booting the phone, but I would still have to enter it after boot to unlock. After the OTA the phone still reported that it was encrypted in the system security settings even though it didn't need a PIN to decrypt at boot time. That makes sense from what little I know because encrypting the device re-writes the data partition, and the OTA didn't touch the data partition and could not un-encrypt it. I was baffled by this, but I didn't want to factory reset and wipe the data partition to let me re-encrypt the phone.
So after the OTA, the data partition of my phone was still encrypted, but magically the phone was able to decrypt data and boot without my PIN. I don't know why. But one clue is that after unlocking and installing TWRP I looked at TWRP log and saw a log message saying something about decrypting with default PIN. Anyway, I never wiped data, but my phone somehow manages to boot. Re-flashing system and recovery caused problems at first, but now it seems to be back to the way it was. I haven't flashed a new ROM yet, but I expect that when I do I'll have to wipe data and that will get everything back to normal.
My question is has anyone else experimented with device encryption and is this behavior expected?
Thanks.
Not having to enter a PIN with the factory image was a bug I initially discovered, and reported, during the *initial* Android L SOAK test. Needless to say, they never fixed the bug (plus one of the Stagefright CVEs) during the second SOAK rollout. I reported it then, too. They did nothing. That second SOAK was the straw that broke the camel's back, for me. I will never participate in another.
As far as this bug goes, what I would do, is an FDR, and re-encrypt your device to wipe the key store and start over.
Sent from my DROID Turbo via Tapatalk. Now with that cyanogenmod goodness.
I got notifications that the SU4TL-49 OTA was ready to install on my phone, and I had read that if you try to install it with anything but stock recovery that you get into a boot loop. I figured it was a matter of time before I ended up accidentally installing the OTA upgrade and so decided to wipe my phone and go back to stock, and I would use that opportunity to re-encrypt the phone. It took me a couple of tries before I discovered that factory reset isn't enough to remove the encryption, and that I had to reformat the data partition. This took a few hours of going back and forth between reverting to stock, upgrading, rooting, configuring and starting over before I finally got it right, but eventually the phone said that it wasn't encrypted and gave me the option to encrypt. What a pain. After setting up all my apps for the third or fourth time I thought I was done. Whenever I rebooted I was prompted for my PIN before android booted. I even had to enter my PIN to run TWRP.
At least that's the way it was for a few hours. Now when I reboot it just starts up android with no password again. All the effort to un-encrypt and re-encrypt seems to have been a waste. Oh well, at least I avoided getting into boot loop hell.
Hopefully this unencrypting without requiring password/PIN thing gets fixed when (if) they come out with M for the turbo.
This just keeps getting better and better. I decided to flash the Unofficial CM13 ROM this afternoon just for fun. I got it all set up when I found that the GPS receiver wasn't working. Searching the thread I found a link to a flash-able radio image to fix that, and when I rebooted to TWRP it prompted me for a password to decrypt the data partition! Unfortunately it didn't like my PIN no matter how many times I entered it. I don't know if there's something about entering a numerical PIN on the qwerty keyboard, but it had worked earlier in the day before it stopped prompting for passwords. After a bunch of tries and reboots I gave up and downloaded a fastboot flashable version of the same. I've spent most of the day screwing around with this phone already and I'm not going to reformat the data partition again today for sure! Maybe it just needs a good night's sleep.
Astrobrewer said:
This just keeps getting better and better. I decided to flash the Unofficial CM13 ROM this afternoon just for fun. I got it all set up when I found that the GPS receiver wasn't working. Searching the thread I found a link to a flash-able radio image to fix that, and when I rebooted to TWRP it prompted me for a password to decrypt the data partition! Unfortunately it didn't like my PIN no matter how many times I entered it. I don't know if there's something about entering a numerical PIN on the qwerty keyboard, but it had worked earlier in the day before it stopped prompting for passwords. After a bunch of tries and reboots I gave up and downloaded a fastboot flashable version of the same. I've spent most of the day screwing around with this phone already and I'm not going to reformat the data partition again today for sure! Maybe it just needs a good night's sleep.
Click to expand...
Click to collapse
Encryption is totally broken on CM13. The issue is that our version of TWRP cannot decrypt it. I contacted the maintainer of TWRP for our device about this issue and he said that he tried to fix the issue, but he failed.
Also, official CM13 has been out for a while now for the Turbo. No need to go with the unofficial version.
Thanks for the info @TheSt33v, but I'm not sure that it's totally broken.
The strange thing is that I was using TWRP 3.0.2 just fine after encrypting phone while on stock ROM, and it worked for a while even after flashing CM13. Then it just stopped liking my PIN. But CM13 takes my PIN and decrypts data just fine. So my phone is usable for now, and the problem of it decrypting without asking for a PIN is solved for now. I just went to cyanogenmod and see that there's a CM13 recovery. Based on your post I'm guessing that's what is broken, so no point in flashing that. Oh well, at least my phone is secure.
Astrobrewer said:
Thanks for the info @TheSt33v, but I'm not sure that it's totally broken.
The strange thing is that I was using TWRP 3.0.2 just fine after encrypting phone while on stock ROM, and it worked for a while even after flashing CM13. Then it just stopped liking my PIN. But CM13 takes my PIN and decrypts data just fine. So my phone is usable for now, and the problem of it decrypting without asking for a PIN is solved for now. I just went to cyanogenmod and see that there's a CM13 recovery. Based on your post I'm guessing that's what is broken, so no point in flashing that. Oh well, at least my phone is secure.
Click to expand...
Click to collapse
Just FYI, our TWRP maintainer has fixed decryption. You can get the latest version here: https://www.androidfilehost.com/?w=files&flid=39562 (version 3.0.2-0 mod 02 as of this writing). I still had trouble decrypting a partition that was previously formatted using the stock recovery menu, but once I formatted the data partition using this version of TWRP and re-encrypted, it decrypted fine.
TheSt33v said:
Just FYI, our TWRP maintainer has fixed decryption...
Click to expand...
Click to collapse
Yes they have fixed it! I found TWRP Mod 2 over the weekend and saw from the change log that decryption was fixed. I flashed it and it works great. No problems decrypting my previously encrypted data partition since I flashed mod 2. The funny thing about it is that basic TWRP 3.0.2 (no mod) worked well enough for long enough for me to flash CM13, and it even seemed to work for a little while after that. But then it decided that it didn't know how to decrypt my phone anymore and I was stuck until Mod 2. I can't explain why it worked for a while and then stopped, but I'm very happy that mod 2 fixed it.
Thanks for your help and support. Sometimes I feel like I'm the only user who encrypts his phone. There don't seem to be a lot of threads about encryption/decryption issues.
Astrobrewer said:
Yes they have fixed it! I found TWRP Mod 2 over the weekend and saw from the change log that decryption was fixed. I flashed it and it works great. No problems decrypting my previously encrypted data partition since I flashed mod 2. The funny thing about it is that basic TWRP 3.0.2 (no mod) worked well enough for long enough for me to flash CM13, and it even seemed to work for a little while after that. But then it decided that it didn't know how to decrypt my phone anymore and I was stuck until Mod 2. I can't explain why it worked for a while and then stopped, but I'm very happy that mod 2 fixed it.
Thanks for your help and support. Sometimes I feel like I'm the only user who encrypts his phone. There don't seem to be a lot of threads about encryption/decryption issues.
Click to expand...
Click to collapse
Most people don't seem to think it's worth the impact that it has on performance.
I was worried about the performance hit too before I tried it. But I don't notice any real difference in performance. Of there is a hit it's too small for me to tell.
Sent from my DROID Turbo using XDA-Developers mobile app
Astrobrewer said:
I was worried about the performance hit too before I tried it. But I don't notice any real difference in performance. Of there is a hit it's too small for me to tell.
Sent from my DROID Turbo using XDA-Developers mobile app
Click to expand...
Click to collapse
This is a very interesting thread. I would like to encrypt so I can setup my work exchange email as its a requirement. Just to clarify what is the order to do this in? Currently I am running RR 6.01 but have run CF's 1.3.6 ROM most of the time as its awesome.
Can I encrypt using RR or do I need to switch back to CFs ROM or to stock Lollipop after installing the upgraded TWRP in place of the standard version I am running now?
thanks for the help and information.
oldidaho said:
This is a very interesting thread. I would like to encrypt so I can setup my work exchange email as its a requirement. Just to clarify what is the order to do this in? Currently I am running RR 6.01 but have run CF's 1.3.6 ROM most of the time as its awesome.
Can I encrypt using RR or do I need to switch back to CFs ROM or to stock Lollipop after installing the upgraded TWRP in place of the standard version I am running now?
thanks for the help and information.
Click to expand...
Click to collapse
You can encrypt on RR. Just make sure you're running TWRP version 3.0.2-0 mod 2: https://www.androidfilehost.com/?w=files&flid=39562
If encryption fails, you'll need to format your data partition (aka do a factory reset) using this version of TWRP. Then it will work.
TheSt33v said:
You can encrypt on RR. Just make sure you're running TWRP version 3.0.2-0 mod 2: https://www.androidfilehost.com/?w=files&flid=39562
If encryption fails, you'll need to format your data partition (aka do a factory reset) using this version of TWRP. Then it will work.
Click to expand...
Click to collapse
thanks so much for the clarification! Being encrypted, how does that affect installing future updates or restores? Can I still flash ROMS and other ZIPS from TWRP the same as now?
oldidaho said:
thanks so much for the clarification! Being encrypted, how does that affect installing future updates or restores? Can I still flash ROMS and other ZIPS from TWRP the same as now?
Click to expand...
Click to collapse
The only difference is that you'll have to enter your password/pin every time you boot twrp. Don't try to use a pattern lock. Everything else will be the same.
TheSt33v said:
The only difference is that you'll have to enter your password/pin every time you boot twrp. Don't try to use a pattern lock. Everything else will be the same.
Click to expand...
Click to collapse
thank you for the help! I was able to encrypt my RR MM install without having to wipe the data partition. It now prompts me to put my PIN in when booting up and when going into the modded version of TWRP. It then is able to decrypt the partition in TWRP so as you said just like before. Only difference is a little longer boot up time. Performance seems the same to me.
oldidaho said:
thank you for the help! I was able to encrypt my RR MM install without having to wipe the data partition. It now prompts me to put my PIN in when booting up and when going into the modded version of TWRP. It then is able to decrypt the partition in TWRP so as you said just like before. Only difference is a little longer boot up time. Performance seems the same to me.
Click to expand...
Click to collapse
Guess I spoke too soon. phone was working fine for a day. Yesterday at work I'm looking at my phone as it reboots on its own (just sitting there). I then get cant decrypt partition message. Cant do anything and it wont boot up into the OS WO giving this error. In TWRP still cant do anything because it cant decript the partition. So I formatted the data partition and started over. I had saved a recent backup to my PC so I was able to get back to that. Now running CFs latest instead of RR. I need my phone, cant take a chance on this happening again as I was instantly dead in the water. Just wont encrypt.
oldidaho said:
This is a very interesting thread. I would like to encrypt so I can setup my work exchange email as its a requirement. Just to clarify what is the order to do this in? Currently I am running RR 6.01 but have run CF's 1.3.6 ROM most of the time as its awesome.
Can I encrypt using RR or do I need to switch back to CFs ROM or to stock Lollipop after installing the upgraded TWRP in place of the standard version I am running now?
thanks for the help and information.
Click to expand...
Click to collapse
oldidaho said:
thank you for the help! I was able to encrypt my RR MM install without having to wipe the data partition. It now prompts me to put my PIN in when booting up and when going into the modded version of TWRP. It then is able to decrypt the partition in TWRP so as you said just like before. Only difference is a little longer boot up time. Performance seems the same to me.
Click to expand...
Click to collapse
oldidaho said:
Guess I spoke too soon. phone was working fine for a day. Yesterday at work I'm looking at my phone as it reboots on its own (just sitting there). I then get cant decrypt partition message. Cant do anything and it wont boot up into the OS WO giving this error. In TWRP still cant do anything because it cant decript the partition. So I formatted the data partition and started over. I had saved a recent backup to my PC so I was able to get back to that. Now running CFs latest instead of RRI need my phone, cant take a chance on this happening again as I was instantly dead in the water. Just wont encrypt.
Click to expand...
Click to collapse
Well, just as you used CM13 Marshmallow and RR Marshmallow just fine without encryption, not sure why you went to CF Lollipop instead of RR just because encryption didn't work. It just seems you were implying it's CM13 or RR at fault when you used them just fine before, and even now on CF you are NOT using encryption.
But it's your phone, so you can run what you want.
I do commend you for having a recent backup on your PC.
ChazzMatt said:
Well, just as you used CM13 and RR just fine without encryption, not sure why you went to CF instead of RR just because encryption didn't work. But it's your phone.
Just not sure why you are implying it's CM13 or RR at fault when you used them just fine before, and even now on CF you are NOT using encryption.
I do commend you for having a recent backup on your PC.
Click to expand...
Click to collapse
I should have clarified, I dont think RR had anything to do with my issue. I actually really liked RR, it has some great features, great performance and good battery life too. I just missed the Moto features in the stock and CFs ROMs.
oldidaho said:
I should have clarified, I dont think RR had anything to do with my issue. I actually really liked RR, it has some great features, great performance and good battery life too. I just missed the Moto features in the stock and CFs ROMs.
Click to expand...
Click to collapse
Strange. I've been using RR M encrypted for several weeks now with no issues. Oh well. If you're happy with modified stock, that's all that matters. You can encrypt that too if you like. I'm a big fan of the Moto features as well, and RR M has basically all of them built in besides Voice (chop chop flashlight was removed for a while, but it has been added back). Although I've never understood what Voice offers that Google Now does not.
Mystery solved!
Astrobrewer said:
... At least that's the way it was for a few hours. Now when I reboot it just starts up android with no password again. All the effort to un-encrypt and re-encrypt seems to have been a waste. Oh well, at least I avoided getting into boot loop hell.
Hopefully this unencrypting without requiring password/PIN thing gets fixed when (if) they come out with M for the turbo.
Click to expand...
Click to collapse
I have been running the CM13 ROM for the past few months and it's been great, but now that Verizon came out with official Marshmallow I decided to go back to a stock-based ROM again because I've been missing VOLTE. So I flashed ComputerFreak274_MM. After flashing and rooting I was back in the stupid state of the phone saying that it was encrypted but booting without a PIN. It seemed unreal that Moto/Verizon would have left this bug in MM too. So I reformatted data, re-flashed and rooted the ROM and tried encrypting. Then I discovered that it won't encrypt if it's rooted. So back to wiping, re-formatting and flashing again, but this time I am able to successfully encrypt before rooting. Success! Now root and start setting up the phone. Now I have to enter my PIN before it will boot into the system or into TWRP. Yay! By now it's 1:00am and I have to be at work early, so I let it sit overnight while my apps download. In the morning I flash SuperSU and notice that I wasn't prompted for a password to decrypt when I booted into TWRP and I wasn't prompted for password when booting system after flashing SuperSU. WTF!!! More time wasted. It seemed that stock ROMs just don't like encryption. :crying:
Anyway, after stewing about it all day I randomly chanced into the solution. In the Security settings menu there's an option under Encryption called "Secure start-up" which only becomes available when phone is encrypted. The Secure start-up options says:
"You can further protect this device by requiring your PIN before it starts up. Until the device starts up, it can't receive calls, messages, or notifications, including alarms. This helps protect data on lost or stolen devices."​Secure start-up defaults to disabled for some reason, and when it's disabled the phone automatically decrypts itself when it boots without requiring PIN entry. So you can encrypt your phone and still be totally unprotected. What a dumb-ass default!
But when I enable Secure start-up then encryption works the way it should -- with phone prompting for PIN before booting. Maybe I just didn't notice it, but I didn't see anything when I encrypted the phone saying to enable Secure start-up to actually protect the phone. I'm guessing that this option was there in Lollipop too; but who knew???
Hey there.
I got my 3t in the day, 4.0.0 was released. So I unlocked my bootloader after upgrading.
At the time, dm-verity was new to me and so I ignored it.
By now I read up on it and guess I get it. What doesn't fit to what I read is the fact, that I modified my system in many ways. By flashing TWRP, by modifying system with super su and things like ad blockers (hosts file) and pixel launcher.
Yet I never installed the verity fix. I also use encrypted data partition.
How can that be?
My only guess is, I never installed a custom kernel yet or another Rom. But then again verity should be triggered way earlier. Did 4.0 not fully implement it?
mad-murdock said:
Hey there.
I got my 3t in the day, 4.0.0 was released. So I unlocked my bootloader after upgrading.
At the time, dm-verity was new to me and so I ignored it.
By now I read up on it and guess I get it. What doesn't fit to what I read is the fact, that I modified my system in many ways. By flashing TWRP, by modifying system with super su and things like ad blockers (hosts file) and pixel launcher.
Yet I never installed the verity fix. I also use encrypted data partition.
How can that be?
My only guess is, I never installed a custom kernel yet or another Rom. But then again verity should be triggered way earlier. Did 4.0 not fully implement it?
Click to expand...
Click to collapse
They say (in twrp thread and in oneplus forums) if you flash supersu, you are fine...
ram4ufriends said:
They say (in twrp thread and in oneplus forums) if you flash supersu, you are fine...
Click to expand...
Click to collapse
When am I not fine? Protection only triggers if kernel is exchanged?
It's not that I don't want to flash it, but I am eager to know.
*bump* - trying a last time, to see if anyone knows details
The whole point of dm verity is to make sure phone is not rooted or modified in any way that could compromise app security, luckily it doesn't work quite 100% as we can still root without triggering it, even though it should.
I guess, the answer to my question is, TWRP automatically applies the dm-verity patch on first install. I overlooked that feature to be honest, but it makes total sense to do so and protect custom recovery users from locking out of your phone
I have this questions too. And I can't decrypt Data even if I input the right password. I can't use recovery anymore with TWRP or the stock rec.
Here is some details about the dm-verity. https://source.android.com/security/verifiedboot/verified-boot.html
I only know Android N will encrypt Data by using f2fs file system.........
If you have some effective methods, please tell me. Thanks a lot!
mad-murdock said:
I guess, the answer to my question is, TWRP automatically applies the dm-verity patch on first install. I overlooked that feature to be honest, but it makes total sense to do so and protect custom recovery users from locking out of your phone
Click to expand...
Click to collapse
It's my understanding that SuperSU applies the dm-verity patch when it's installed.
napetost said:
I have this questions too. And I can't decrypt Data even if I input the right password. I can't use recovery anymore with TWRP or the stock rec.
Here is some details about the dm-verity. https://source.android.com/security/verifiedboot/verified-boot.html
I only know Android N will encrypt Data by using f2fs file system.........
If you have some effective methods, please tell me. Thanks a lot!
Click to expand...
Click to collapse
flash TWRP 3.0.3-1-beta1 and try again
I have found the right way!
First, you should flash back to OOS3.5 6.0, then set the pin password. And then copy OOS4.0 to /sdcard ,then using system update.Then you will update to OOS4.0 and you won't see any dm-verity problems.
napetost said:
I have found the right way!
First, you should flash back to OOS3.5 6.0, then set the pin password. And then copy OOS4.0 to /sdcard ,then using system update.Then you will update to OOS4.0 and you won't see any dm-verity problems.
Click to expand...
Click to collapse
That's one way. Using the TWRP beta is another. It's in the TWRP post, page 55, bottom. Post 550. Actually the last few pages of that post discuss this issue right now. Might be worth reading.
Hi guys,
I tried a couple of years ago disabling encryption on my Nexus 6 and the performance was great, but as updates were released it turned out to be a pain to keep up always having to manually update the phone. My nexus 6 now is crawling and I'm thinking about trying to disable encryption. I could not find any sort of reports if it can be done on 7.1.1
Has anyone tried? Is there any guide? Thanks!
Mephisto_POA said:
Hi guys,
I tried a couple of years ago disabling encryption on my Nexus 6 and the performance was great, but as updates were released it turned out to be a pain to keep up always having to manually update the phone. My nexus 6 now is crawling and I'm thinking about trying to disable encryption. I could not find any sort of reports if it can be done on 7.1.1
Has anyone tried? Is there any guide? Thanks!
Click to expand...
Click to collapse
It's no different. If your bootloader is not unlocked, unlocking it will wipe the user data partition. If the bootloader is already unlocked, you'll need to wipe the user data partition.
*IN EITHER CASE YOU WILL LOSE YOUR DATA. DO A BACKUP FIRST
Then flash a ROM with an included kernel that doesn't force encrypt. Or, just flash a kernel that doesn't force encrypt.
Now that I've answered your question, IMHO, it's not worth the effort. If your phone is crawling, do a factory reset. On a stock ROM, go to Settings > Backup & Reset and make sure you have your Google backup settings enabled. Use the Factory Data Reset button to actually reset. READ through the information and confirm. This will cause your phone to reboot with a wiped system partition.
If your on a custom ROM I'm going to assume you know how to wipe through recovery.
ktmom said:
...., IMHO, it's not worth the effort. If your phone is crawling, do a factory reset.....
Click to expand...
Click to collapse
My 7.1.1 uses the lite stock rom of Danvdh.
I think you're right about the hassle. Only decrypting is not enough. But debloating and removing unused stuff and decrypting the data partition did raise performance on my N6.
Yeah, I know it is a bit of a hassle, but considering there will be no more updates after 7.1.1 it should be a once only process right? Is possible to disable encryption on 7.1.1. without rooting?
I'm happy to unlock the bootloader and wipe the phone, not a problem.
Mephisto_POA said:
Yeah, I know it is a bit of a hassle, but considering there will be no more updates....
Click to expand...
Click to collapse
Don;t forget the monthly security updates.
I am using the lite stock room of Danvdh. It's a pre-rooted stock room.
But I think updates can be dirty flashed because the system, radio and bootloader will not change anymore.
So root and install TWRP to flash the updates
the problem with rooting is that many apps will not work, I'm cool staying without root and vanilla android, I just want to get rid of the encryption
Mephisto_POA said:
the problem with rooting is that many apps will not work, I'm cool staying without root and vanilla android, I just want to get rid of the encryption
Click to expand...
Click to collapse
In that case the post of @ktmom is applicable.
I am on 7.1.1 and have used the fed patcher mentioned on this site and it has worked nicely on custom and stock ROMs. But u have to be rooted.
NLBeev said:
In that case the post of @ktmom is applicable.
Click to expand...
Click to collapse
I'm a bit illiterate in this aspect, apologies. but I could not find a vanilla android for nexus 6 with just encryption disabled and no root. I would really appreciate if you could give me some directions?
The NEXUS 6 ANDROID DEVELOPMENT and NEXUS 6 ORIGINAL ANDROID DEVELOPMENT seems both to have only modified versions. I'm a bit confused
Mephisto_POA said:
I'm a bit illiterate in this aspect, apologies. but I could not find a vanilla android for nexus 6 with just encryption disabled and no root. I would really appreciate if you could give me some directions?
The NEXUS 6 ANDROID DEVELOPMENT and NEXUS 6 ORIGINAL ANDROID DEVELOPMENT seems both to have only modified versions. I'm a bit confused
Click to expand...
Click to collapse
Plain vanilla unencrypted would be google factory image plus a non forced enforcing kernel. B14CKB1RD, Franco there are others.
Custom ROM that is close to vanilla but comes with a non forced encrypting kernel would be Pure Nexus.
Mephisto_POA said:
I would really appreciate if you could give me some directions?
Click to expand...
Click to collapse
I have only one direction for you and that's the lite stock rom of Danvdh.
The kernel is the modified part. (no forced encryption).
After flashing this rom, you can unroot by uninstalling supersu.
https://forum.xda-developers.com/showthread.php?p=59561445/
NLBeev said:
I have only one direction for you and that's the lite stock rom of Danvdh.
The kernel is the modified part. (no forced encryption).
After flashing this rom, you can unroot by uninstalling supersu.
https://forum.xda-developers.com/showthread.php?p=59561445/
Click to expand...
Click to collapse
Hi, I also want to remove encryption from my Nexus 6 Stock as it is a stuttering mess.
I have rooted and installed the stock rom of Danvdh, but to my disappointment on boot up the phone is still showing as encrypted.
Have I done something wrong?
saltyzip said:
Hi, I also want to remove encryption from my Nexus 6 Stock as it is a stuttering mess.
I have rooted and installed the stock rom of Danvdh, but to my disappointment on boot up the phone is still showing as encrypted.
Have I done something wrong?
Click to expand...
Click to collapse
That was an answer to a different question.
The ROM you installed I believe has a non-force encrypting kernel. But just installing a non-force encrypting kernel isn't enough. You need to wipe user data and install a kernel that doesn't force encrypt.
Please read back a page to two for the whole recent conversation that has more details, like the fact that you'll lose all of your data in this process.
saltyzip said:
Hi, I also want to remove encryption from my Nexus 6 Stock as it is a stuttering mess.
I have rooted and installed the stock rom of Danvdh, but to my disappointment on boot up the phone is still showing as encrypted.
Have I done something wrong?
Click to expand...
Click to collapse
Got it working, just followed this:
Just because forced encryption is disabled doesn't mean it decrypts you. You have to do that yourself by formatting data either through TWRP (TWRP > Wipe > Format Data button) or through fastboot (fastboot format userdata), which will wipe out your app data and your internal storage partition so make the appropriate backups.
saltyzip said:
Got it working, just followed this:
Click to expand...
Click to collapse
You going to take credit, you should at least use your own words ?
I've gone with your guys suggestion with stock lite, working like a charm, very snappy. The phone feels indeed light, and multitasking is way smoother now, thanks!!!
just on a side note, after you install the rom you need to wipe the data partition to get rid of the encryption
Installed twrp on bn Nexus 6 os 5.1 OTA for 7.1.1 encrypted it
No clue how to fix this I'm a noob unlocked bootloader unencrypted Android 5 then it OTA updated to 7.1.1 and now can't get to twrp to wipe encryption how can I get this going again phones working just can't use cable to computer have the SD card reader micro SD any help would be appreciated
kudabee61 said:
...just can't use cable to computer...
Click to expand...
Click to collapse
Get your phone's USB port fixed, then you can fix the ROM issue.
The question probably sounds stupid but after almost a year of just forgetting about using root or unlocking bootlader i forgot many things.
I remember i used to have a mi 9 with encryption on and everytime i open twrp you will need to decrypt the data.
Now with the MI 9T Pro i had to format data in order to boot into Evolution X ROM that of course left me with a decrypted phone and i dont really like it in case my phone gets stole or something.
Do you guys know if i can use the option inside teh ROM to encrypt and what else i wuld need to do?
Thanks in advance to whoever takes the time to respond
PriPhaze said:
The question probably sounds stupid but after almost a year of just forgetting about using root or unlocking bootlader i forgot many things.
I remember i used to have a mi 9 with encryption on and everytime i open twrp you will need to decrypt the data.
Now with the MI 9T Pro i had to format data in order to boot into Evolution X ROM that of course left me with a decrypted phone and i dont really like it in case my phone gets stole or something.
Do you guys know if i can use the option inside teh ROM to encrypt and what else i wuld need to do?
Thanks in advance to whoever takes the time to respond
Click to expand...
Click to collapse
If all you did was format data, then encryption is still enabled. As soon as you setup lock-screen security, i.e. PIN, password, pattern, etc., for the first time your phone will automatically be encrypted.
Robbo.5000 said:
If all you did was format data, then encryption is still enabled. As soon as you setup lock-screen security, i.e. PIN, password, pattern, etc., for the first time your phone will automatically be encrypted.
Click to expand...
Click to collapse
No I couldn't boot until I flashed the DM verity.
So the encryption is now gone, but do you know if I can encrypt and then flash DM verity again with the force encryption on?.
PriPhaze said:
No I couldn't boot until I flashed the DM verity.
So the encryption is now gone, but do you know if I can encrypt and then glad DM verity again with the force encryption on?.
Click to expand...
Click to collapse
Ordinarily you shouldn't need to flash dm-verity. And as far as I'm aware, there is still no need to.
Normally it's just a case of formatting data to temporarily remove encryption, if flashing over MIUI.
As to your specific question, I couldn't say, as I've never needed to flash a dm-verity, disable force encrypt, or vbmeta file/script.
Personally, I would flash the latest fastboot MIUI ROM for the phone, then reinstall EvoX.
Before installing the ROM, in TWRP do the factory reset and then format data (There is no need to wipe anything else). Then reboot into TWRP to ensure the newly formatted data partition is properly mounted and flash as normal.
This has worked for me every time.
Yeah, some roms aren't booting without dfe.
to remove decrypt you can just wipe vendor and flash it again. you'll get encrypted. (however, some users confirm it puts them back into recovery, and they needed to reflash vendor+dfe for them.) Currently investigating if this is a RIN or RCN problem or for every device.
alternatively. If you are scared about having your device stolen. May I suggest you stay decrypted. Use ofox. and under ofox settings add a recovery password?
In the event you get stolen, they won't be able to access your recovery.
also, I'm looking for someone to test if wiping the data partition and not flashing dfe (after a rom has booted for the first time) and rebooting causes encyrption. (as you desired.) If you're willing to test. Try the above 3 methods?
Sandeeep Kiran said:
Yeah, some roms aren't booting without dfe.
to remove decrypt you can just wipe vendor and flash it again. you'll get encrypted. (however, some users confirm it puts them back into recovery, and they needed to reflash vendor+dfe for them.) Currently investigating if this is a RIN or RCN problem or for every device.
alternatively. If you are scared about having your device stolen. May I suggest you stay decrypted. Use ofox. and under ofox settings add a recovery password?
In the event you get stolen, they won't be able to access your recovery.
also, I'm looking for someone to test if wiping the data partition and not flashing dfe (after a rom has booted for the first time) and rebooting causes encyrption. (as you desired.) If you're willing to test. Try the above 3 methods?
Click to expand...
Click to collapse
BS. There is zero 'need' to flash dfe scripts. People are not formatting data when they need to, then when they cannot boot into a newly flashed ROM, they search and find solutions telling them to format data and flash dfe scripts. The thing is, people do not realise that it is the formatting data that fixes the problem, and they believe it is the dfe patch that is the fix. In all these cases formatting data alone would have been enough to fix the problem.
Also Orange Fox is only preferential if you stay with MIUI, as it's extra features are all about working with MIUI. If you are going with an AOSP ROM, stick with mauronofrio's latest TWRP, it is by far the best recovery for this phone.
As far as your 'test' is concerned, twice I have had bootloops after flashing a ROM, that have been fixed by formatting data alone.
The first time was when I first flashed an AOSP based ROM over MIUI before knowing that formatting data was required in this scenario. The second time was flashing AOSiP over LOS, when I still thought that going from one AOSP ROM to another never needed to format data when flashing.
Robbo.5000 said:
BS. There is zero 'need' to flash dfe scripts. People are not formatting data when they need to, then when they cannot boot into a newly flashed ROM, they search and find solutions telling them to format data and flash dfe scripts. The thing is, people do not realise that it is the formatting data that fixes the problem, and they believe it is the dfe patch that is the fix. In all these cases formatting data alone would have been enough to fix the problem.
Also Orange Fox is only preferential if you stay with MIUI, as it's extra features are all about working with MIUI. If you are going with an AOSP ROM, stick with mauronofrio's latest TWRP, it is by far the best recovery for this phone.
As far as your 'test' is concerned, twice I have had bootloops after flashing a ROM, that have been fixed by formatting data alone.
The first time was when I first flashed an AOSP based ROM over MIUI before knowing that formatting data was required in this scenario. The second time was flashing AOSiP over LOS, when I still thought that going from one AOSP ROM to another never needed to format data when flashing.
Click to expand...
Click to collapse
We've had numerous cases for specific devices not booting without dfe despite formatting for some roms. I believe they are aosp roms that face this. Some when using oss, I vaguely remember. or when moving from LOS fod to mi9 fod or which flashing a different kernel.
(Do note. There are over 50+ roms for our device. 6 variants of the phone. 7 vendors (and separate modified vendors). 2 kinds of fod implementations. and about 95% of the cases arent asked on xda. 25% of the roms aren't posted either. None of the experimental builds are provided on xda.
There are tons of combos users use.)
I have not seen you on telegram. Only on xda. Who are you btw?
twrp is great. Ofox has a better ui and more features. Also, mauronofrio doesn't own a k20p btw. Just FYI. But he has the experience to still update twrp.
updated twrp is still not official, and gives error 7 for some raphaelin users who haven't updated updater-script.
recoveries are subjective. I mean, we have like 6 different recoveries now so.
Sandeeep Kiran said:
We've had numerous cases for specific devices not booting without dfe despite formatting for some roms. I believe they are aosp roms that face this. Some when using oss, I vaguely remember. or when moving from LOS fod to mi9 fod or which flashing a different kernel.
(Do note. There are over 50+ roms for our device. 6 variants of the phone. 7 vendors (and separate modified vendors). 2 kinds of fod implementations. and about 95% of the cases arent asked on xda. 25% of the roms aren't posted either. None of the experimental builds are provided on xda.
There are tons of combos users use.)
I have not seen you on telegram. Only on xda. Who are you btw?
twrp is great. Ofox has a better ui and more features. Also, mauronofrio doesn't own a k20p btw. Just FYI. But he has the experience to still update twrp.
updated twrp is still not official, and gives error 7 for some raphaelin users who haven't updated updater-script.
recoveries are subjective. I mean, we have like 6 different recoveries now so.
Click to expand...
Click to collapse
Numerous cases? Who's we? What roms on what devices need dfe then? Only seen 2 roms ask for dfe, everything else it's as easy as 'going to and from miui, format data and reboot recovery' works every single time.
Sandeeep Kiran said:
We've had numerous cases for specific devices not booting without dfe despite formatting for some roms. I believe they are aosp roms that face this. Some when using oss, I vaguely remember. or when moving from LOS fod to mi9 fod or which flashing a different kernel.
(Do note. There are over 50+ roms for our device. 6 variants of the phone. 7 vendors (and separate modified vendors). 2 kinds of fod implementations. and about 95% of the cases arent asked on xda. 25% of the roms aren't posted either. None of the experimental builds are provided on xda.
There are tons of combos users use.)
I have not seen you on telegram. Only on xda. Who are you btw?
twrp is great. Ofox has a better ui and more features. Also, mauronofrio doesn't own a k20p btw. Just FYI. But he has the experience to still update twrp.
updated twrp is still not official, and gives error 7 for some raphaelin users who haven't updated updater-script.
recoveries are subjective. I mean, we have like 6 different recoveries now so.
Click to expand...
Click to collapse
Try this next time you see somebody saying they have tried may things and always get bootloops when trying to flash an AOSP ROM and you want to advise them to flash dfe.
Instead tell them to flash the latest MIUI fastboot ROM for their device, then install TWRP, in TWRP do a factory reset followed by format data, then reboot into TWRP and flash the ROM.
I bet they will come back and tell you it worked.
Again there should be zero need to flash dfe scripts.
If there are any AOSP ROMs out there that genuinely won't boot without flashing dfe (and here I'm talking about all users of such ROM), then the dev had done something stupid and everyone should seriously avoid the ROM.
At least half of the 50+ ROMs are no longer actively maintained.
The vast majority of Orange Fox extra features are specific to MIUI and so are redundant for AOSP ROMs. Mauronifrio's latest TWRP is the most stable for this phone, so if you're going with AOSP ROMs then the extra stability makes most sense.
I've been aware that mauronifrio does not own this phone ever since his initial build. I was also aware back then that he is also an official TWRP maintainer for other devices and so would mostly likely become the maintainer of the official version for this phone, which has now happened. If you go to the official TWRP site and download for this phone, it is by mauronifrio. You can also download the official version from the OP of his TWRP thread.
I would suggest that in most cases, people getting error 7 issues are not on the latest mauronofrio TWRP build.
Are you aware that all these different recoveries are just TWRP with a fancy dress. This is the great thing about TWRP. It was designed to be extensible, to allow others to build on it, in terms of functionality and design. So really there is only TWRP, just many different flavours.