HI Guys,
After an interesting day , getting to grips with my Xperia Z , I'm now left wondering about my missing DRM Certificates.
Have anyone successfully managed to get Sony to restore their files by means of an out of warranty repair?
Obviously by unlocking the boot loader we confirm that we are foregoing our warranty coverage , but I would have thought that Sony would have the original DRM Keys on a server somewhere?
Any thoughts , experiences or advice would be great.
Also what does NOT having DRM Keys prevent you from doing on the Experia Z ? , Reading the Sony FAQ it would seem that it stops high end devices like the Z3 from using image enhancement algorithms , but how does it effect the Z ?
Many thanks guys , for a warm welcome to this board , it's a great place to be.
Sixx :laugh:
I've never heard of anybody getting Sony to restore DRM keys to their device. They normally refuse to touch anything caused by unlocking the bootloader, even if you offer to pay. Also, it's not as simple as Sony pulling them from a server and copying them to your phone, as they're specific to your particular device and stored on an encrypted partition (the TA partition).
On the Xperia Z, loss of the DRM keys stops Bravia Engine 2 working, as well as screen mirroring. As far as I know, that's it. Someone correct me if I forgot something else that's affected.
Sent from my C6603 using Tapatalk
Ahhhh I see , oh well no huge loss then.
It's a shame that they don't enable DRM restoration , as they give the option to unlock the boot loader
Thanks for the reply.
Sixx
sixxdog_uk said:
Ahhhh I see , oh well no huge loss then.
It's a shame that they don't enable DRM restoration , as they give the option to unlock the boot loader
Thanks for the reply.
Sixx
Click to expand...
Click to collapse
You're welcome. Happy to help.
I'm not sure why they have the system of erasing DRM keys when unlocking the bootloader. On one hand they boast of being open by officially offering unlock keys (and it's great that they do!) but on the other hand they then remove functionality permanently if you take advantage of that openness. Confusing to say the least!
Sent from my C6603 using Tapatalk
DRM how to check?
Well this is interesting...............
Earlier today before I repaired and stock ROM flashed my Xperia Z I had one set of Certificates which was for Live Application.
Now after refreshing and locking the boot loader then reloading the latest ROM including 4.4.4 Android I have 4 Sets , Application , Platform , Shared & Media ??
Now I might be grasping at straws , but could this mean that my MEDIA DRM has been restored in some way? or maybe it was never gone?
Is there a simple test to check if DRM is still present?
I doubt it is , but as i have no idea about what was done to the phone before I bought it , maybe just maybe the DRM is still there?
Hope this isn't something that has been covered already , but i doubt there is anything really new
Cheers,
Sixx
(Note: Bravia Engine 2 & Screen Mirroring both seem to be working.)
You can check your DRM keys by following this procedure -
Enter *#*#7378423#*#* in the dialler.
Select "Service tests".
Select "Security".
If any keys have an error, then they're lost.
Sent from my C6603 using Tapatalk
Test Results
kingvortex said:
You can check your DRM keys by following this procedure -
Enter *#*#7378423#*#* in the dialler.
Select "Service tests".
Select "Security".
If any keys have an error, then they're lost.
Sent from my C6603 using Tapatalk
Click to expand...
Click to collapse
Ok so i tested the security keys and got this.....
MARLIN [Unknown Error][Active]
WMLA [Unknown Error][Active]
HUK : xxxxxxxxxxxxxxxx [Key OK][Active]
PRODID_AID : 0001 [Key OK][Active]
OTP_LOCK_CONFIG : xxxxxxxxxxx[Key OK][Active]
OTP_LOCK_STATUS : xxxxxxxxxx[Key OK][Active]
AUTH_ENABLE : 01 [Key OK][Active]
DEVICE_ID : xxxxxxxxxxx[Key OK][Active]
So I'm guessing the top two are the result of the missing DRM? , But what are the others? anything interesting?
Cheers,
Sixx
Yes, the Marlin and WMLA keys are what's erased when unlocking the bootloader.
As for the other keys, I don't know what they're for, to be honest.
Sent from my C6603 using Tapatalk
Thanks
kingvortex said:
Yes, the Marlin and WMLA keys are what's erased when unlocking the bootloader.
As for the other keys, I don't know what they're for, to be honest.
Sent from my C6603 using Tapatalk
Click to expand...
Click to collapse
Ok thats that then , thanks for the advice.
Sixx
You're welcome.
Sent from my C6603 using Tapatalk
Related
Hello.
Im abit new to the forum but here goes.
Ive read tons of posts everywhere and there aint any exact answers anywhere to find.
In the past ive never known about the TA and DRM so happy as i am i just unlocked the bootloader on all the phones and still happy. The latest phone is the Xperia Z1. It has been abit buggy to say the least but im hoping software updates will cure this.
Anyway, i rooted my phone and unlocked the bootloader on the .681 firmware and now i am on .757 firmware. Using Doomlords kernel. I thought id check if i could backup my TA partition after unlocking the bootloader. And from what ive read its suppose to be wiped when you unlock the bootloader.
Well it was no problem backing up the TA partion. All files were there and it came out with no errors. So the question, how is this possible ?
I posted this same thing in General, sorry for that but i posted it here now so if a moderator finds this post in general then please delete it.
/Jonas740
If you Unlocked your Bootloader without Backup TA (DRM keys) first, then your DRM Keys are lost forever and you can Backup TA how much you want but there is no DRM Keys at all. The application to Backup TA do not give errors because you can backup partitions with or without DRM Keys, in the case you want switch between Locked and Unlocked Bootloader.
So long story short, you don't have DRM Keys, your warranty is lost forever, you cannot Update via OTA,PC Companion or SUS.
eclyptos said:
If you Unlocked your Bootloader without Backup TA (DRM keys) first, then your DRM Keys are lost forever and you can Backup TA how much you want but there is no DRM Keys at all. The application to Backup TA do not give errors because you can backup partitions with or without DRM Keys, in the case you want switch between Locked and Unlocked Bootloader.
So long story short, you don't have DRM Keys, your warranty is lost forever, you cannot Update via OTA,PC Companion or SUS.
Click to expand...
Click to collapse
The one time I had to use my warranty there was no problem with missing TA.
So there is hope for people without it
Sent from my C6903 using XDA Premium 4 mobile app
well.
HellRoot said:
The one time I had to use my warranty there was no problem with missing TA.
So there is hope for people without it
Sent from my C6903 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
dunno if the previous author saw what i wrote in my post but when i relocked my Xperia V using flashtool i could update with the pc companion or sony update or whats it called nowdays
And funny thing is, i actually have a case at Sony about this phone since i do have some issues with it but i think thats software related since ppl have been getting all sorts of errors from the KitKat firmwares. But i said how it was that i have unlocked bootloader and all that and she replied that my warranty was still valid and i could send it in for them to test it.
And i need to say this. Since sony posts an official way on their webpage, for ANYONE to read about how to unlock the bootloader and they also supply the code for unlocking it. Then i think it shouldnt affect the phone in any way or brake the warranty. (Sure it does say something about that, but all aint reading stuff like that). So if a developer wanted to unlock the phone. Why not have them contacting sony instead.
And surley, DRM keys (i just think sony shouldnt even bother having them) can be put back in if you let Sony do it. They put it there in the first place you know. And in the lovely electronic world we live in we all know that, if Sony can put thoose there, anyone could do it with the knowhow. But since the keys dont really mean anything, not that ive noticed you could really think about what use they actually do. And Sony knows that if ppl cant have the phone it was meant to be even with a unlocked bootloader, they will probably get some other phone or just whine hard enough so that Sony makes a software where everything works the same way with locked or unlocked. Camera stopped to work if you unlocked before 4.3 right ? What can you read about that like everywhere ? Loads of whining and Sony released a software that works just as good with locked or unlocked.
God damn this became a long post. So with this said im just saying. Why even bother in the first place having DRM keys if the rules dont apply anyway ? An everyday user doesent even need them either, he or she doesent even know what rooting or unlocking is anyway. And the ones that do know about it, also know about how to whine to get sony to fix the errors wich an unlock will produce
Jonas740 said:
dunno if the previous author saw what i wrote in my post but when i relocked my Xperia V using flashtool i could update with the pc companion or sony update or whats it called nowdays
And funny thing is, i actually have a case at Sony about this phone since i do have some issues with it but i think thats software related since ppl have been getting all sorts of errors from the KitKat firmwares. But i said how it was that i have unlocked bootloader and all that and she replied that my warranty was still valid and i could send it in for them to test it.
And i need to say this. Since sony posts an official way on their webpage, for ANYONE to read about how to unlock the bootloader and they also supply the code for unlocking it. Then i think it shouldnt affect the phone in any way or brake the warranty. (Sure it does say something about that, but all aint reading stuff like that). So if a developer wanted to unlock the phone. Why not have them contacting sony instead.
And surley, DRM keys (i just think sony shouldnt even bother having them) can be put back in if you let Sony do it. They put it there in the first place you know. And in the lovely electronic world we live in we all know that, if Sony can put thoose there, anyone could do it with the knowhow. But since the keys dont really mean anything, not that ive noticed you could really think about what use they actually do. And Sony knows that if ppl cant have the phone it was meant to be even with a unlocked bootloader, they will probably get some other phone or just whine hard enough so that Sony makes a software where everything works the same way with locked or unlocked. Camera stopped to work if you unlocked before 4.3 right ? What can you read about that like everywhere ? Loads of whining and Sony released a software that works just as good with locked or unlocked.
God damn this became a long post. So with this said im just saying. Why even bother in the first place having DRM keys if the rules dont apply anyway ? An everyday user doesent even need them either, he or she doesent even know what rooting or unlocking is anyway. And the ones that do know about it, also know about how to whine to get sony to fix the errors wich an unlock will produce
Click to expand...
Click to collapse
closed for being a duplicate.
use this link for other thread.
http://forum.xda-developers.com/showthread.php?t=2730169
Is there any way to check drm keys status. I think I lost them..I want to confirm weather I have keys or not...
By repairing it with pc companion will DRM KEYS get restore automatically.????
pathanraj said:
Is there any way to check drm keys status. I think I lost them..I want to confirm weather I have keys or not...
By repairing it with pc companion will DRM KEYS get restore automatically.????
Click to expand...
Click to collapse
Nope.
Once unlocked, they are gone forever, unless you have backup them up with TA-backup software.
Enviado desde mi C6603 mediante Tapatalk
pathanraj said:
Is there any way to check drm keys status. I think I lost them..I want to confirm weather I have keys or not...
Click to expand...
Click to collapse
Type *#*#7378423#*#* on your phone and go to Service Test > Security, if you have [Unknown Error] instead of [Key OK] they are lost, to restore them the only way is to use Backup of your TA. If you have all [Key OK] they are OK!
pathanraj said:
By repairing it with pc companion will DRM KEYS get restore automatically.????
Click to expand...
Click to collapse
No. If you Unlocked Your Bootloader without Backup TA you have lost DRM Keys forever. If you have Bacup TA then in the same mode you have to restore them.
keys are active
When I went to service menu then security keys are active all..marlin and wmla like..is this all ok
pathanraj said:
When I went to service menu then security keys are active all..marlin and wmla like..is this all ok
Click to expand...
Click to collapse
Yes, also Thanx button at the bottom, left side.
Mine is unlocked and shows all keys as active, no matter it's unlocking status.
It also shows the two on first as error, wichever it is unlocked or with proper DRM keys restored...
One more thing, if you plan to restore another phone 's TA partition, forget about it.
It will hard brick your device, and render it as an expensive doorstop...
You have been warned!
Enviado desde mi C6603 mediante Tapatalk
I want to restore mine itself..I restore then phone got dead..I flash. 257
I want to restore mine itself..I restore then phone got dead..I flash. 257 with flashtool and repaired my phone with pc companion..now I am on. 257 again don't know y but my bootloader is locked and dry keys are active...all is fine..IS THERE ANY OTHERWISE SONY SERVICE CENTER CAUGHT ME
worf_1977 said:
Mine is unlocked and shows all keys as active, no matter it's unlocking status.
It also shows the two on first as error, wichever it is unlocked or with proper DRM keys restored...
Click to expand...
Click to collapse
They are Active, like mine, but they are not there, Unknown Error mean that the system cannot read them as they are lost. See my Pic. BTW, post yours, to be clear.
---------- Post added at 09:40 PM ---------- Previous post was at 09:36 PM ----------
pathanraj said:
I want to restore mine itself..I restore then phone got dead..I flash. 257 with flashtool and repaired my phone with pc companion..now I am on. 257 again don't know y but my bootloader is locked and dry keys are active...all is fine..IS THERE ANY OTHERWISE SONY SERVICE CENTER CAUGHT ME
Click to expand...
Click to collapse
Just send it to repair. Hardware problems are not related to Software.
Just as I imagined. THANKS!!! My Z must be of the first rotundo, because it shows always ERROR on the first two Keys LOL
Enviado desde mi C6603 mediante Tapatalk
worf_1977 said:
Just as I imagined. THANKS!!! My Z must be of the first rotundo, because it shows always ERROR on the first two Keys LOL
Enviado desde mi C6603 mediante Tapatalk
Click to expand...
Click to collapse
No rotundo, Vagabundo! LOL.. If your Bootloader is locked then something wrong with your device, still Z not Z1.
Is it OK??
I can't see WMLA.
I think yes, your Good brah
I got the same problem as hzr34. Is there a solution for the "no WMLA-issue"
znyting said:
I got the same problem as hzr34. Is there a solution for the "no WMLA-issue"
Click to expand...
Click to collapse
got the same problem as hzr34. Is there a solution for the "no WMLA-issue tank
DRM key Ok and photos with granules and excessive noise in the dark
Good evening , I'm intact DRM keys, but the pictures are grainy and noisy , almost impossible to photograph the night . What could do to solve the problem?
Excuse the bad English
Thiagosound said:
Good evening , I'm intact DRM keys, but the pictures are grainy and noisy , almost impossible to photograph the night . What could do to solve the problem?
Excuse the bad English
Click to expand...
Click to collapse
hi, i got the same problem like you after rooting.maybe something went wrong ?!? i dont know. just downgraded, rooted and after this a ta backup.after this the cam gets hot and grainy pictures. terrible. i thought this has something to do with the bravia engine and the drm keys. only solution was sending to repair after flashing a stock firmware back.(after this flash cam was also not working)
I got my Device after 2 Weeks back and now i have Android 5.1.1 but without root -.- can i root the z1 without loosing this drm keys ? and pls how. have read alot tutorials about it but i dont understand the process how to get root and a custom firmware without touching or damaging camera or drm keys. any help would be smart from you guys.
Is that possible ; losing keys with locked bootloader ?
i have unlocked my z5's bootloader and all of my drm keys are intact, photos look completely fine and track-id works
Hi folks,
I've upgraded/replaced the original TMobile firmware (14.5.B.0.247) on my Xperia Z1s (c6916) by c6906 Customized US (14.6.A.0.368). Everything works fine except few things like:
1) screen rotation - when i try to rotate the screen into the landscape mode - it turn the screen in opposite direction/backwards. Looks like the sensor readings get reversed? It was working fine before the upgrade, hence it looks like a software issue. Any ideas how to fix it?
2) device memory is twice less but it is kind of expected because original Z1 has only 16 Gb of storage onboard. Is there any way to fix that?
Thanks.
shefys said:
Hi folks,
I've upgraded/replaced the original TMobile firmware (14.5.B.0.247) on my Xperia Z1s (c6916) by c6906 Customized US (14.6.A.0.368). Everything works fine except few things like:
1) screen rotation - when i try to rotate the screen into the landscape mode - it turn the screen in opposite direction/backwards. Looks like the sensor readings get reversed? It was working fine before the upgrade, hence it looks like a software issue. Any ideas how to fix it?
2) device memory is twice less but it is kind of expected because original Z1 has only 16 Gb of storage onboard. Is there any way to fix that?
Thanks.
Click to expand...
Click to collapse
ok, here is a "solution":
The C6906 "/etc/sensor_def_qcomdev.conf" must be replaced by C6916 version. The same applies to CyanogenMod 12.1. C6916 have different settings for few things.
I downloaded TMO firmware, extracted system.sin and replaced the file on my phone running CyanogenMod 12.1 - after reboot rotation works perfectly but it will get broken as soon as i upgrade the firmware
how did nobody catch that this dude managed to flash a different firmware on a phone that is supposedly NOT unlockable? Shefys, you need to explain exactly what you did. In another thread you said you unlocked your Z1s c6916 on developer.sony.com and i tried it, but there was no Z1s option. Followed the steps anyways by selecting Xperia Z1 but the unlock command failed citing not allowed.
shefys said:
Hi folks,
I've upgraded/replaced the original TMobile firmware (14.5.B.0.247) on my Xperia Z1s (c6916) by c6906 Customized US (14.6.A.0.368). Everything works fine except few things like:
1) screen rotation - when i try to rotate the screen into the landscape mode - it turn the screen in opposite direction/backwards. Looks like the sensor readings get reversed? It was working fine before the upgrade, hence it looks like a software issue. Any ideas how to fix it?
2) device memory is twice less but it is kind of expected because original Z1 has only 16 Gb of storage onboard. Is there any way to fix that?
Thanks.
Click to expand...
Click to collapse
How you did this? I hard bricked my Xperia Z1S putting the 5.1.1 fimware, I needed to buy a new board because I had no solution.
Ksix007 said:
How you did this? I hard bricked my Xperia Z1S putting the 5.1.1 fimware, I needed to buy a new board because I had no solution.
Click to expand...
Click to collapse
hi, i wasn't aware that you cannot unlock z1s booloader. I just went to the developer site, registered, submitted my imei (as a Z1) and got a link/key to unlock it.... maybe my imei was lucky. Sorry, folks. Right now I'm running CM12 on my Z1s. Can provide photos if you want to
Before unlocking the bootloader, i was running C6906 official firmware on my phone because it was newer.
shefys said:
hi, i wasn't aware that you cannot unlock z1s booloader. I just went to the developer site, registered, submitted my imei (as a Z1) and got a link/key to unlock it.... maybe my imei was lucky. Sorry, folks. Right now I'm running CM12 on my Z1s. Can provide photos if you want to
Before unlocking the bootloader, i was running C6906 official firmware on my phone because it was newer.
Click to expand...
Click to collapse
I tried to use the C6943 firmware .368 and hard bricked..... I will try on Sony's site unlock my bootloader...
Yes please post pics. I tried unlocking my z1s as a z1 just like that but it didn't work. The fastboot command to process the unlock returned a "not allowed" error.
If you can get to the service screen, there is a section where it says "unlockable: no". (Or yes). Can you post a picture of that?
How did you get on the 6906 firmware?
How to unlock with flashtool
Helgaiden said:
Yes please post pics. I tried unlocking my z1s as a z1 just like that but it didn't work. The fastboot command to process the unlock returned a "not allowed" error.
If you can get to the service screen, there is a section where it says "unlockable: no". (Or yes). Can you post a picture of that?
How did you get on the 6906 firmware?
Click to expand...
Click to collapse
after you take the link and after that you take the unlock code just have to unlock with flashtool:
1.) create a folder in the flashtool folder with your device code ... mine is : D:\Android\Flashtool\custom\mydevices\CB5A1WPPTA
2.) inside the folder, create a file called ulcode.txt , in the file just copy the unlock code
3.) open flashtool (be sure that your phone have enable usb debug and connected) and press BLU (bootloader Unlock)
4.) after that a window will appear with your code and the phone id, you select unlock and now you have the xz1s unlocked...
BE AWARE: in my case, the camera doesnt focus after unlocked and video just doesnt work...
for the rom, i think you could take it using xperifirm and installing with flashtool
https://www.youtube.com/watch?v=bbAfxL-oGjk
I'll have to try this and report back. I understand that unlocking the bootloader causes issues with the camera, but does the issue get resolved by flashing a ROM? Or does it stay broken?
Helgaiden said:
I'll have to try this and report back. I understand that unlocking the bootloader causes issues with the camera, but does the issue get resolved by flashing a ROM? Or does it stay broken?
Click to expand...
Click to collapse
So, Did You tried? I have fear of lose my Xperia more one time.... :crying:
Ksix007 said:
So, Did You tried? I have fear of lose my Xperia more one time.... :crying:
Click to expand...
Click to collapse
No my z1s would not unlock.
Hey fellow xda members,i want to share an idea about how to disable the latest security check or even drm check ( in case of unlocked bootloader) .
We all know sony have a TA partition which contains certificates which are used to start the functioning of xreality/ bionz engine and noise cancellation engine. Which when we unlock the bootloader will wipe away by wiping the Ta partition or parts of it..
So after wiping it,when the phone boots the os will be doing some security checks which involves the checking of certificates and if the certificate is not available ,the os will disable certain functional parts and binaries which are responsible for starting xreality/bionz and noise cancellation. So if we are able to stop that security check or interface the returning value ( just like what xposed does) then we can possibly stop these problems .
Another point to be noted that,is we cant use any any apps or such things to stop these things. Becoz this check is one of the first things that happens when os boots. For those who have examined the logcat will always see a TA certificate check that happens at several instances especialy ,it happens when the os boots.
Now we have a similar situation before,sony's RIC policy. That too was running at boot time ,even before os boots . But we are able to disable it ( huge thanks to the cleaver developer) . So my point is... if we can analyse and kill the drm check or pass a verification true value to corresponding check via some scripts similar to " RIC killer script" , cant we possibly disable this condition?
Any discussions are welcome. And ideas and trial and error scripts are also welcome.. you dont need a particular device to check this.. as far as i know all z series ( just because i had only owned z,z1, z2, z3 so far ) have this. But the bad thing is , i dont own a sony now. Switched to edge plus for now. But once if this can be done.. i will swich back to z series again.. becoz i just love sony.
Request to Moderator:- I have created this thread here because to catch more attention for this development. But if you feel this thread belongs to some where else ( as this can be a cross platform hack) you can move to corresponding section.
Thanks all
is it worth the effort?
You can hack anything if you have the resources.
Most important are (in decreasing order):
- knowledge
- time
- determination
- documentation (preferably official - unlikely for breaking DRM)
- tools (debugger sw, maybe even special hardware for debugging ROMs)
e.g. noise cancellation
If it is "in" the software and just disabled when a certain check fails:
Then you could monitor the software in the debugger and patch the check to deliver your desired outcome each time the check runs.
This is a very simple scenario.
There are anti reverse engineering measures available that - see resources esp. point 1 - can be overcome. SONY use some of them and stacks them one over the other.
With each update of any involved component the cycle must be repeated as the crafted patch probably won't work anymore ...
DHGE said:
You can hack anything if you have the resources.
Most important are (in decreasing order):
- knowledge
- time
- determination
- documentation (preferably official - unlikely for breaking DRM)
- tools (debugger sw, maybe even special hardware for debugging ROMs)
e.g. noise cancellation
If it is "in" the software and just disabled when a certain check fails:
Then you could monitor the software in the debugger and patch the check to deliver your desired outcome each time the check runs.
This is a very simple scenario.
There are anti reverse engineering measures available that - see resources esp. point 1 - can be overcome. SONY use some of them and stacks them one over the other.
With each update of any involved component the cycle must be repeated as the crafted patch probably won't work anymore ...
Click to expand...
Click to collapse
ya , that is the case to be considered. but you know, the thing is, if we find the suitable patch once, we can make it work on future versions also. and it is 100% true that these loopholes will be patched once they got notified. that may be the exact thing happend with sony's lastest security procedures.
Sony reads our development, testing & achievements on XDA with greedy eyes.
They can learn & join us.
This to listen to their customers & improve their products.
One hand washes the other
Sent from my E6653 @ XDA Portal
Noise reduction and noise cancellation are two different things. Noise cancellation (as in audio) is not affected by unlocking the bootloader.
blakwhite said:
Noise reduction and noise cancellation are two different things. Noise cancellation (as in audio) is not affected by unlocking the bootloader.
Click to expand...
Click to collapse
DRM function hack is a pretty complex procedure. But it can be done. @jimRnor actually did it from Z - Z3, but seems it doesnt work for Z5. (Not sure about the Z3+/Z4, which doesnt even seem to exist in the world)
Please don't get excited about my example .
To clarify what I mean with stacked measures:
In the boot process the device checks the signatures of the system software. Once you patch any bit there the device does not not boot anymore. You cannot just calculate another signature since this is signed by SONY's private key. You'd have to steal it, they revoke it ...
So you have to (thanks SONY we can!) unlock the bootloader to flash a new kernel that disabled the checking (search here or on the web for DM_VERITY).
SONY have another proprietary measure: RIC (on top of DM_VERITY which is an Android/Linux feature since KitKat; universely in use since Lollipop).
Then you have SELinux...
DHGE said:
Please don't get excited about my example .
To clarify what I mean with stacked measures:
In the boot process the device checks the signatures of the system software. Once you patch any bit there the device does not not boot anymore. You cannot just calculate another signature since this is signed by SONY's private key. You'd have to steal it, they revoke it ...
So you have to (thanks SONY we can!) unlock the bootloader to flash a new kernel that disabled the checking (search here or on the web for DM_VERITY).
SONY have another proprietary measure: RIC (on top of DM_VERITY which is an Android/Linux feature since KitKat; universely in use since Lollipop).
Then you have SELinux...
Click to expand...
Click to collapse
Ya i know that, i know exactly what happens just because i have been with sony devices since 4 years.
What i said is not about altering the original signature or changing any thing from TA partition. This is about disabling the drm check. ( sure it can be disabled) and nothing happens with boot ( if something happens with boot, there is no way we can work with a device having unlocked bootloader) .
If you have checked the logcats and compared... then you can see that the drm check actualy does not stops in an unlocked bootloader. It is still fuctioning. Only difference is the values it passes to the os.
In a simple way the values will be:-
1 for locked boot loader
0 for unlocked boot loader.
So i was thinking of stopping that check... or just edit that drm check binary to pass a value 1 for any condition.
Sure these values are accepted by the os and not by kernel or partition or something else. Its just like a condition check by os..
Something like:-
If value == this
Do this ; else
Do something else...
( lol this is the badest programing condition discription ever happend on earth!!!)
So there is a 3rd possibilty too.. alter / patch system files or services.
Also the point to be noted that is, this is just all software based.. sure we cant crack an encripted signature checksum. But we can surely crack some codes..
Let's clarify some points:
- You unlock BL you lose TA partition contents.
- Although you patch the DRM check binary, the DRM keys are needed to make the stuff work so it won't matter if you return a 1.
I own a Z3 and a Z5 and I know a locked bl root method is the only way, unlocked BL voids the warranty and it will make the phone less valuable in terms of selling it, you can try to lock BL but you will never restore the TA.
But that's my opinion.
Enviado desde mi E6653 mediante Tapatalk
McQueen said:
Let's clarify some points:
- You unlock BL you lose TA partition contents.
- Although you patch the DRM check binary, the DRM keys are needed to make the stuff work so it won't matter if you return a 1.
I own a Z3 and a Z5 and I know a locked bl root method is the only way, unlocked BL voids the warranty and it will make the phone less valuable in terms of selling it, you can try to lock BL but you will never restore the TA.
But that's my opinion.
Enviado desde mi E6653 mediante Tapatalk
Click to expand...
Click to collapse
I think thats not fully correct. Because even though there is a wipe happens to TA partition , the partition itself may not be erased. And TA partition is not empty even if you unlock.. there may be still something avilable in it, like imei, mac id, or some other hardware ids ( the reason behind this guess is, beacuse of the reason that IF YOU RESTORE THE WRONG TA FROM ANOTHER SIMILAR PHONE TO YOUR TA, IT WILL HARD BRICK YOUR PHONE, THAT MAY BE BECAUSE OF SOME UNMATCHING HARDWARE ID'S.) so i guess even after the wipe happens, the kernel or the os copies something back into TA partiton on next boot. And then there is only one thing missing in TA. That is the certificates.
In case of keys... yes digital signature keys are used to decript certificate condents . ( google about digital certificate signing) . And since there will be no cretificate avilable to decript, there is no use of keys, even if it is present or not in case of unlocked bootloader. But i am thinking about the possibilites of hacking into the procedures after the certificate check happens.
Ie, it is possible that, the drm check binaries will get and return a value to os to notify it about the presence / absence of certificate. So if we can hack into that returning value .. we can possibly make the os think that, everything is still intact.
Thats the whole idea behind this. I hope u understand.
Guys check this... As i told you always... There are still people out there who can make things happen... This is all you need for now.. Start unlocking your bootloaders...
http://forum.xda-developers.com/xpe...-credentials-restore-unlocking-t3296383/page1
hi guys
I have a sony xperia xz2. Stock rom is on it.
I have wonderings about the TA partition. Im intented to use lineageos, to be a bit an ungafamnted phone. In the idea, I saw lately that unblock bootloader removes the TA keys (not partition?)
I unlocked it, but :
I still have the xperia stock rom
I had a message at startup saying bootloader is corrupted, but it starts stock rom anyway
in the "phone hidden menu", "suntory bloobs" is the only thing saying "error"
I never flashed anything on it yet.
I'd like to know :
is it possible to backup keys, in a way I dont see how unlock bootloader may wipe keys (as files on a specific partition?)?
what do I lose by going to LineageOS (except more privacy) regarding features/components
if it's possible to refresh to get new keys or regenerate one (with xperia companion?)
how could I check that keys are still alive (I dndt flashed anything), to backup them?
are they some users whom can describe if loss of keys are really shame or it's just a secondary issue?
thank you for feedback and answers