Related
Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?
That's always a risk. Read playstore comments before installing anything.
Has nothing to do with being rooted or not...or boot loader state.
Sent from my Moto X cellular telephone...
Cozume said:
Does it present any security issues to unlock a bootloader without rooting? I don't mean if you lose your phone, I mean is there a security issue with any apps you install?
Click to expand...
Click to collapse
You could have asked at AC and I would answer it over there.
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified. I can flash custom recovery to your phone. Custom recovery give full root access to the phone. It is then easily possible to copy all your data from the phone and also disable the lock for your phone. Although if you encrypt your phone, then custom recovery will require the password to give access to the /data partition, which is where all the user datas are. I guess if someone is determine enough, then they can make an image copy of your phone and try to decrypt it.
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader. However, if the phone brick then you can't get back your data in the phone.
eksasol said:
Unlocking bootloader and/or running custom recovery is a big risk. When you unlocked bootloader, all the partitions in your phone can be accessed and modified.
Click to expand...
Click to collapse
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
eksasol said:
If you want to keep your data safe, disable USB Debugging (because exploits can be used with ADB to gain access to the phone), use stock recovery and lock bootloader.
Click to expand...
Click to collapse
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.
Cozume said:
but can an app do this? And if so, what permissions would the app need to do this. Also, I am not talking about flashing a custom recovery; just an unlocked bootloader.
Click to expand...
Click to collapse
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system. Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
but can an app do harm to your phone if you have USB debugging enabled? I know a person who finds your phone can. I am asking about apps.
Click to expand...
Click to collapse
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
If you have an older Android phone, you don't need to do anything except to enable USB Debugging and run a program to install root. But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection. But KitKat is much safer now.
You don't need root to install malware and virus to your phone. Just download an infected app or use unreliable app stores like Aptoide. Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Point I'm trying to make is, if the phone have unlocked bootloader, or even locked bootloader with custom recovery, and someone else have a hold of it, then all bets are off.
eksasol said:
If the phone isn't root, then probably not, unless there is some security holes it can exploit. With root it is possible to modify the whole system.
Click to expand...
Click to collapse
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
eksasol said:
Motorola and HTC have an extra layer to prevent simple root to modify the system partition, but as you can see, just visit dev section if you want to remove it.
Click to expand...
Click to collapse
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
eksasol said:
It is possible for apps to get access to sensitive data and change system settings with USB Debugging enabled. Helium required it turned on to make backup of your contacts, sms and apps data for example.
Click to expand...
Click to collapse
good to know!
eksasol said:
But we're trusting apps like SuperUser and SuperSU to control apps access to root, so that's a layer of protection.
Click to expand...
Click to collapse
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
eksasol said:
But KitKat is much safer now.
Click to expand...
Click to collapse
why is this?
eksasol said:
Also if you have the option "Unknown sources" enabled, which almost all of us do, the app can utilize it to automatically install other apps in the background.
Click to expand...
Click to collapse
thanks, Amazon app store required that to be enabled to load apps from their app store.
Cozume said:
great, that is what I want to know. I knew a human being in possession of your phone could do more damage if it were unlocked, which is why I got rid of the bootloader unlocked warning message.
Click to expand...
Click to collapse
BTW - do you know if flashing the original kit kat boot logo to replace the bootloader warning message presents a problem for accepting the OTA update to 4.4.2?
Ok so then on my Moto X, since flashing a new logo doesn't even require root, it shouldn't have affected any system files and then it would be safe to take the OTA after removing the bootloader unlocked warning?
Click to expand...
Click to collapse
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA.
ok, that is how I understand it. Unless I give the app access to root through SuperSU, it can't.
Click to expand...
Click to collapse
Yes. The actual component of root isn't the SuperSU app, but a 'su' binary. Without the SuperSU app, anything can have full fledged root access. You need SuperSU to control that access.
why is this?
Click to expand...
Click to collapse
For many reason, I'm not a developer so I can only talk about what I know and seen from a user perspective. It used to be that you can flash an exploited update.zip to modify the stock recovery of Android, in order to make it ignore the package signatures, so the recovery could flash any package without the correct signature. Now there are no such exploits for latest stock recovery. With USB Debugging enabled in Android 4.3 or newer, it would not even allow access when connected to a PC unless you accept to trust that PC in a pop up dialog in the phone, I'm not sure if it's mean the phone is totally invulnerable to exploits (like memory overflow), you'll have to ask someone smarter. Also apps like Framaroot that I just linked won't work anymore.
eksasol said:
That depend on the checking that the dev put in the OTA package. On the Nexus device, if you are missing any original system APK, modify the radio partition, modify GPS setting file, or modify the build.prop, etc, the OTA will fail. So I assume the same with Moto X OTA. The safest bet is to make sure all the partition are original first (except the /data partition where your data resides) before receiving an OTA. My guess is if you tried it with modified logo it will either fail or overwrite it.
Click to expand...
Click to collapse
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.
Cozume said:
OK, I think I am going to unroot and flash back to stock just to be sure.
Thanks again! I would hit the thanks button but I used up all my thanks today and it won't let me.
Click to expand...
Click to collapse
You already gave me enough thanks at AC.
eksasol said:
You already gave me enough thanks at AC.
Click to expand...
Click to collapse
what is your user name there?
Cozume said:
what is your user name there?
Click to expand...
Click to collapse
someguy
Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Sent from my Moto X cellular telephone...
eksasol said:
someguy
Click to expand...
Click to collapse
ok great!
kj2112 said:
Why so paranoid? Have you read any posts on xda of such things....I haven't.
If you are sideloading apps the risk increases for sure. But apps on the play store would have tonnes of comments about it if the app was screwing up the system.
Click to expand...
Click to collapse
I am just trying to understand how all of this works.
Okay one thing why are you trying to unlock the bootloader without rooting?? Or did I read everything wrong? And yes unlocking the bootloader allows you to write to every partition of the phone. Except when HTC and you're s-on you have to manually flash the boot.img via fastboot. But with moto. There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty. Three it can disable functions on your phone like features, camera options I think and yeah etc. But if you follow instructions you won't have any problems ever rooting or shouldn't if you semi have a brain and know how to follow instructions if not well you can somewhat brick :$ I don't mess with moto much but I have. Sorry this thread was in my latest and scrolling through xda. Lol. You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Sent from my Rezound using xda-developers app. CyanogenMod 11. S-off
I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
edit: link: http://forum.xda-developers.com/showthread.php?t=2575586&page=2
pball52998 said:
Okay one thing why are you trying to unlock the bootloader without rooting??
Click to expand...
Click to collapse
I rooted but a friend of mine is unlocked but not rooted. She wanted to be unlocked because it wipes your device so wanted to do it before she got the phone all set up. She is afraid of rooting. Anyhow, maybe she shouldn't have unlocked but she did.
pball52998 said:
There is no point in unlocking the bootloader if you're not doing anything. Two it voids your warranty.
Click to expand...
Click to collapse
She has the dev ed so it doesn't void her warranty. And she may want to Wifi tether in the future so I told her she needs to unlock and root for that so get the dev ed. She did and unlocked but is afraid to go any further.
pball52998 said:
You can unlock you're phone straight from the moto website. But if you're not rooting. Eh no point.
Click to expand...
Click to collapse
It increases the phone's resale value to unlock it.
eksasol said:
I just read this thread, particularly page 2 why we can't relock the Motorola bootloader (yet it seems), unlike Nexus devices, I think it's really bad for security.
Click to expand...
Click to collapse
I thought I saw a thread where someone could relock the Moto X bootloader.
And what about this?
Re-Lock Your Bootloader
It should just be a command like fastboot_oem_lock or something but idk. And two if she has the dev edition. Root that thing!!! XD that's what it's for!! Just install twrp via goo manager. Wipe factory reset all that good stuff. After making a back up. Notice after backing up. Then flashing rom and gapps In that order. I mean its a lot easier than htc rezound or htc one, htc in general and such lol.
Sent from my crappy apple iPad.....
pball52998 said:
Wipe factory reset all that good stuff. After making a back up.
Click to expand...
Click to collapse
well, I didn't wipe and do a factory reset when I rooted so I guess I did it wrong, lol! That is what she is afraid of - not doing it right and messing up her phone.
And I don't have a backup, but do I really need one if I can flash the factory images?
I was just Google searching hoping for some good news... And came across this posted yesterday...
http://www.youmobile.org/blogs/entry/Root-Moto-X-KitKat
... Any truth to that? And is it for any carrier, i.e att?
Sent from my XT1058 using Tapatalk
Links to a thread on here.
Yea I saw that, but they are not the same...
Sent from my XT1058 using Tapatalk
They want you to dl this http://www.cydiaimpactor.com/
Anyone know what it is?
Maybe it works for root....but write protection will be enabled. So all root changes will be lost on reboot or power down.
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
kj2112 said:
Maybe it works for root....but write protection will be enabled. So all root changes will be lost on reboot or power down.
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
Click to expand...
Click to collapse
So here's my "dumb" question? Would apps like Greenify and Ti backup still possibly work since they just need root permissions, where as Xposed and other apps that need a reboot would be basically worthless?
jbaumert said:
So here's my "dumb" question? Would apps like Greenify and Ti backup still possibly work since they just need root permissions, where as Xposed and other apps that need a reboot would be basically worthless?
Click to expand...
Click to collapse
There's other threads where this stuff gets talked about, but im pretty sure for things like that it would probably work. But any actual changes to anything would get reversed.
I've always been unlocked....so I don't have firsthand experience though.
Sent from my N5, N7, Moto X, G Tab 3 or S2.....
I'm not too sure about that root method.
Step 11 tells you to downgrade the Bootloader (MOTOBOOT.IMG) and GPT.BIN which is part of the security stuff. Correct me if I'm wrong, but aren't those the main components involved with bricking when trying to downgrade from 4.4.2 to 4.4 and lower?
But again, with a locked bootloader, as @kj2112 said, Write Protection will still be enabled.
KidJoe said:
I'm not too sure about that root method.
Step 11 tells you to downgrade the Bootloader (MOTOBOOT.IMG) and GPT.BIN which is part of the security stuff. Correct me if I'm wrong, but aren't those the main components involved with bricking when trying to downgrade from 4.4.2 to 4.4 and lower?
But again, with a locked bootloader, as @kj2112 said, Write Protection will still be enabled.
Click to expand...
Click to collapse
I've been a bit confused by allusions to rooting without write protection. Everyone says similar stuff to what you guys have said--well, without write protection disabled you'll lose root on reboot. I'd be okay with that, just avoid rebooting my phone and using stuff that requires a reboot to take effect. The only thing I really want root for is to see my partial wakelocks to be able to properly troubleshoot battery issues. I really like the stock Moto X ux. If I could, I'd probably use some Xposed modules too, but all I really really want is to get better insight into my wakelock situation. Elsewhere, though, I read that root is totally impossible on 4.4.2, unless you have an unlocked bootloader (which I obviously don't). So, is it possible to get root, even if it doesn't survive a soft reset?
Jumnhy said:
I've been a bit confused by allusions to rooting without write protection. Everyone says similar stuff to what you guys have said--well, without write protection disabled you'll lose root on reboot. I'd be okay with that, just avoid rebooting my phone and using stuff that requires a reboot to take effect. The only thing I really want root for is to see my partial wakelocks to be able to properly troubleshoot battery issues. I really like the stock Moto X ux. If I could, I'd probably use some Xposed modules too, but all I really really want is to get better insight into my wakelock situation. Elsewhere, though, I read that root is totally impossible on 4.4.2, unless you have an unlocked bootloader (which I obviously don't). So, is it possible to get root, even if it doesn't survive a soft reset?
Click to expand...
Click to collapse
Please see my response to you in the 4.2.2 to 4.4.2 thread.
kj2112 said:
Please see my response to you in the 4.2.2 to 4.4.2 thread.
Click to expand...
Click to collapse
Thanks, didn't realize until afterward it was the same voice in both threads.
Jumnhy said:
I've been a bit confused by allusions to rooting without write protection. Everyone says similar stuff to what you guys have said--well, without write protection disabled you'll lose root on reboot. I'd be okay with that, just avoid rebooting my phone and using stuff that requires a reboot to take effect. The only thing I really want root for is to see my partial wakelocks to be able to properly troubleshoot battery issues. I really like the stock Moto X ux. If I could, I'd probably use some Xposed modules too, but all I really really want is to get better insight into my wakelock situation. Elsewhere, though, I read that root is totally impossible on 4.4.2, unless you have an unlocked bootloader (which I obviously don't). So, is it possible to get root, even if it doesn't survive a soft reset?
Click to expand...
Click to collapse
take a read of -> http://mark.cdmaforums.com/MotoX-LockedRoot.html
Root itself is not lost on reboot, only changes done to the /system folder and other protected places.
But yes, if you already have 4.4.2 on your phone, and can't unlock your bootloader, you won't be able to root.
Jumnhy said:
Thanks, didn't realize until afterward it was the same voice in both threads.
Click to expand...
Click to collapse
Where you found another same threads ?
DANIEL AMBRUSO said:
Where you found another same threads ?
Click to expand...
Click to collapse
It was just kj2112 explaining a similar issue to me. Check it out, but essentially my understanding is that there's no root for 4.4.2 if the phone never had root previously (ie, if you naively took the OTA like me without thnking about implications for root.
---------- Post added at 10:01 PM ---------- Previous post was at 09:56 PM ----------
KidJoe said:
take a read of -> http://mark.cdmaforums.com/MotoX-LockedRoot.html
Root itself is not lost on reboot, only changes done to the /system folder and other protected places.
But yes, if you already have 4.4.2 on your phone, and can't unlock your bootloader, you won't be able to root.
Click to expand...
Click to collapse
Solid, thanks for the concise summary. I'd read jcase's posts a while back about a potential exploit--something about using it in a teaching session at BlackHat? He even says though, that the exploit he has will probably never be useful for the average user insofar as it would be too hard to implement and n00bz like myself would end up bricking our phones. So I'm not holding my breath on that one. Ugh. Sad I missed the window for the Chinese connection. Should have jumped on it.
The Tallest said:
Links to a thread on here.
Click to expand...
Click to collapse
Works with 4.4 and post-camera 4.2.2, but if you take the OTA to 4.-4-.2 it upgrades your bootloader and you lose the ability to turn write protection off ; root is pretty much useless at that point.
I have the Republic Wireless XT1049 and did the upgrade shown here and have 4.4.2 with write protect off.
Do not attempt this if you are already running 4.4.2!!!!!!!!!!!!!!! Your bootloader is already changed and you run a big risk of bricking if you try to downgrade to the 4.2.2 bootloader!!!
http://forum.xda-developers.com/mot...ireless-moto-x-kitkat-4-t2738233/post52348028
As usual, read the instructions carefully.
Then read through the posts! Different rooters had different issues!
AFAIK no one bricked though.
glarepate said:
Works with 4.4 and post-camera 4.2.2, but if you take the OTA to 4.-4-.2 it upgrades your bootloader and you lose the ability to turn write protection off ; root is pretty much useless at that point.
I have the Republic Wireless XT1049 and did the upgrade shown here and have 4.4.2 with write protect off.
Do not attempt this if you are already running 4.4.2!!!!!!!!!!!!!!! Your bootloader is already changed and you run a big risk of bricking if you try to downgrade to the 4.2.2 bootloader!!!
http://forum.xda-developers.com/mot...ireless-moto-x-kitkat-4-t2738233/post52348028
As usual, read the instructions carefully.
Then read through the posts! Different rooters had different issues!
AFAIK no one bricked though.
Click to expand...
Click to collapse
The steps in the thread you link to are how to use use 4.4.2 via Safestrap, which does add a layer of complexity. It is the only option to take 4.4.2 IF you have a locked bootloader and are rooted and write protection disabled. And many do have good luck with it, so it is an option IF your phone is still on 4.4.
If I understand correctly, each safestrap rom is unique for the carrier.. in other words, you can't use the Republic Wireless SS rom if you are on Verizon. You can't use the Verizon SS rom if you are on ATT, etc. (for example, they were waiting on the ATT 4.4.2 SBF to create a SS Rom for the ATT X).
KidJoe said:
The steps in the thread you link to are how to use use 4.4.2 via Safestrap, which does add a layer of complexity. It is the only option to take 4.4.2 IF you have a locked bootloader and are rooted and write protection disabled. And many do have good luck with it, so it is an option IF your phone is still on 4.4.
If I understand correctly, each safestrap rom is unique for the carrier.. in other words, you can't use the Republic Wireless SS rom if you are on Verizon. You can't use the Verizon SS rom if you are on ATT, etc. (for example, they were waiting on the ATT 4.4.2 SBF to create a SS Rom for the ATT X).
Click to expand...
Click to collapse
Yes, if you have already gone to 4.4.2 you are out of luck.
I'm using the T-Mobile SafeStrap Recovery with my RW Moto X. This was done by a Franken-ROM process that uses the 4.4.2 ROM without using the 4.4.2 bootloader and using the SS recovery to flash a zip file with some components of the 4.4.2 ROM and then flashing SuperSU. Whether or not it should be working, it is. Nothing I can, or want to, do about that.
But I am sure you are right that this resultant ROM would not work on phones from other carriers. Versions for other carriers are being developed though. It may simply be a matter of time and interest by motivated individuals until this is available for just about everyone.
So I actually don't have the S5, or any Samsung device for that matter, but a friend of mine does, and really wants to root their phone. I had no idea the AT&T S5 was so secure, but it's pretty interesting too. I've been researching for over 15 hours. I may not have been able to root his phone, but I think I have learned a couple things and maybe some possible root methods.
1.) Since using ODIN to downgrade would soft brick the phone, would it be possible to download the stock Lollipop update onto a computer, give the update super user access, replace the recovery with a custom one, or unlock the bootloader from the computer, then flash it through ODIN?
2.) Intercept any sort of OTA update, then alter it to flash a custom recovery or unlock bootloader? I don't know how you would go around this though.
3.) If someone hasn't taken the OTA update that patched the Stagefright exploit, could someone purposely use the exploit to allow installation of a custom recovery or even to unlock the bootloader since the Stagefright bug has super user access (or so I've heard).
Also, I'm sorry if these are stupid ideas. I know close to nothing about Samsung so everything I'm basing this off of is what I've read in the past 15 hours.
jsmithfms said:
So I actually don't have the S5, or any Samsung device for that matter, but a friend of mine does, and really wants to root their phone. I had no idea the AT&T S5 was so secure, but it's pretty interesting too. I've been researching for over 15 hours. I may not have been able to root his phone, but I think I have learned a couple things and maybe some possible root methods.
1.) Since using ODIN to downgrade would soft brick the phone, would it be possible to download the stock Lollipop update onto a computer, give the update super user access, replace the recovery with a custom one, or unlock the bootloader from the computer, then flash it through ODIN?
2.) Intercept any sort of OTA update, then alter it to flash a custom recovery or unlock bootloader? I don't know how you would go around this though.
3.) If someone hasn't taken the OTA update that patched the Stagefright exploit, could someone purposely use the exploit to allow installation of a custom recovery or even to unlock the bootloader since the Stagefright bug has super user access (or so I've heard).
Also, I'm sorry if these are stupid ideas. I know close to nothing about Samsung so everything I'm basing this off of is what I've read in the past 15 hours.
Click to expand...
Click to collapse
The issue is that AT&T (and Verizon) use an encrypted signature key to verify they are the correct unaltered files as well as the means to unlock the bootloader to allow the OTA. Without that key, the tasks you mention are near impossible. They are not stupid ideas at all..just very difficult with all the security checks included.
KennyG123 said:
The issue is that AT&T (and Verizon) use an encrypted signature key to verify they are the correct unaltered files as well as the means to unlock the bootloader to allow the OTA. Without that key, the tasks you mention are near impossible. They are not stupid ideas at all..just very difficult with all the security checks included.
Click to expand...
Click to collapse
Crap... well does anyone know how that encyption key is generated? Like, could I theoretically get an algorithm from a ROM?
Honestly for the time being I wouldn't bother with ROMS for that Device and carrier at the moment. Especially being that its someone elses device. Towelroot should be a good start. If Im not mistaken I don't think its supposed to trip knox.
Sent from my HTCEVODesign4G using XDA Free mobile app
jsmithfms said:
Crap... well does anyone know how that encyption key is generated? Like, could I theoretically get an algorithm from a ROM?
Click to expand...
Click to collapse
This is the riddle of the Sphinx my friend. I am sure the super devs have tried their best so far to crack it. It has been an ongoing effort to make phones more and more secure, not against the amateur developers and rooters, but against the hackers. These smartphones are now our personal computers, diaries, personal assistants, financial operator, and more. They basically are a person's (and business's) life. AT&T and Verizon have taken the big steps to appeal to the Exchange clients, corporate, government and military contracts. Even the general public want to know their phone is secure. This is what keeps me stuck on the Sprint network.
Have you tried Kingroot?
I successfully rooted my wife's AT&T S4 on OC3 lollipop (supposedly unrootable) with the desktop version. Mobile version didn't work but desktop did without a hiccup. Maybe it'll work on the S5.
http://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461
Rockin' a l337 with Goldeneye v49.1 + Wanam Xposed and loving life on AT&T's 4G LTE network
S5 on lollipop has a new nasty boot loader.... it was a miracle on its own that they ever came up with safestrap to duck the boot loader on earlier versions of android
This is the place to discuss anything and everything related to SuperSU and SafetyNet / Android Pay.
To clarify, I am not currently actively doing any development on having SuperSU pass SafetyNet detection, or having Android Pay work; the same way I put no effort into beating other root detection methods such as various enterprise security tools.
In case any SuperSU-rooted device passes SafetyNet, that is a bug in SafetyNet, not a feature of SuperSU.
While I may not agree with Google's stance, I'm not about to go messing with payment systems. Is it possible though? Probably yes.
This thread has been created because you guys simply cannot stop talking about this, so these posts can now go here, where I don't ever have to see them.
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
0.0 said:
Will v2.50 cause Android Pay not to work in 6.0? If so, I am guessing there is no way around it?
Click to expand...
Click to collapse
Root is a no no with android pay and I think custom ROMs are also out at the moment
Sent from my A0001 using Tapatalk
Pure Drive GT said:
Hey, thanks for your continued support for root on Android, was just wondering, is google making it harder to achieve decent root privileges, as in they don't want rooted devices or are they just unrelatedly changing up things which forces you guys to adapt?
On another note, is there any progress on root without the modded boot? This is by no means an ETA, just wanted to know if you think it's possible or the situation looks rather dire.
Thanks again for your many efforts!
Click to expand...
Click to collapse
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Many banking and financial apps restrict access on rooted devices; it's not just Google.
It makes sense in some ways: root access allows running things in the background to either circumvent, monitor, or interrupt program transactions. They're being paranoid, and I don't blame them.
I don't like the Google Pay concept (or Apple's either); like every other encryption or security system, it's destined to eventually be hacked.
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
Yep, I was able to add my debit card but not credit.
VZW LG G4
mdamaged said:
Well, just look at Android Pay, it will not allow one to add a credit card if it detects the device is rooted. So yeah, Google definitely wants to stop root, or at least make sure there is a strong dissuasion towards same. It's not a bad thing persae, as Google is just making the devices more secure for the masses. We 'power users' are lucky to have those such as Chainfire working so hard to get us what they can.
Click to expand...
Click to collapse
http://www.androidpolice.com/2015/0...hy-android-pay-doesnt-support-rooted-devices/
shaggyskunk said:
Yet the Note 5 has been rooted for at least a couple of weeks
Click to expand...
Click to collapse
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Srandista said:
On Lollipop... And you also have to unlock your bootloader to do that, right? If yes, then you will trip the KNOX, and that mean you will loose some of your device functionality (Samsung Pay for example), without option to take it back. On the Nexus on the other hand, when you want to use Android Pay on Nexus, you can restore your phone to completely stock condition, without any trace of previously used root.
Also, all of this is completely irrelevant to carried device users, since they have a locked bootloaders.
Click to expand...
Click to collapse
I believe that it's only at&t and Verizon that locks the bootloader - And none in Canada and many other Countries.
Sent From my SM-N910W8 Running SlimRemix V5.1
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
NYZack said:
Had an interesting event, on 2.52.
I unchecked "Enable Superuser" in Settings, to attempt to use Android Pay (Android Pay still wouldn't work). Then, when I rechecked "Enable Superuser", the re-installation of the binary failed, and I was prompted to reboot to try again. However, then I got a boot loop (never even got the opportunity to enter my encryption code). The only way I was able to boot was to re-flash the modified boot.img and re-install SuperSU from the zip (no idea whether both steps were necessary).
I have a Marshmallow Nexus 6, encrypted. For what it's worth, I was previously rooted on 5.1.1, and, after updating to 6.0 and until I re-rooted, I always got a "Your device is corrupt" message on startup, despite being all stock.
Click to expand...
Click to collapse
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Lrs121 said:
Root doesn't have to be enabled for pay to fail. Any time the system partition is modified pay will not work. There was an xda news article on it. A quick Google search involving Android pay and root should find it.
Click to expand...
Click to collapse
I also found that having an unlocked bootloader will stop Pay working. When MM released I decided to go fully back to stock but kept the bootloader unlocked so I could flash MM. Pay still failed, so I've given up and gone rooted again.
Sent from my Nexus 6 using Tapatalk
Ch3vr0n said:
@Chainfire if you actually are able to pull off fully working stable root WITHOUT modifying the /system does that mean you MIGHT have opened the door into having root AND still being able to get OTA's?
Click to expand...
Click to collapse
osm0sis said:
Yup, all you'd need to do is reflash stock kernel to pass the boot partition EMMC check, or, we could automate restoring the previous stock kernel, flashing the OTA and then injecting the new stock kernel with root after flashing (à la AnyKernel2 or MultiROM). So many exciting possibilities there where custom recoveries are concerned.
Click to expand...
Click to collapse
Chainfire said:
Honestly it's not so different from using FlashFire to flash re-flash system, then OTA, then re-root. But it is easier, yes.
Click to expand...
Click to collapse
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Andrew Morykin 12:24
This should retain Android Pay, right?
Click to expand...
Click to collapse
Chainfire 12:58
+Andrew Morykin if it does, then it's by accident and not by design, and Android Pay will be updated to block it.
Click to expand...
Click to collapse
https://plus.google.com/+Chainfire/posts/aJbqUZ8PEP4
also, I was confused by this:
Chainfire said:
- I have not tested with encrypted devices
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=63197935
Aren't
Nexus 6P / angler
angler-mdb08k-boot-systemless.zip
Click to expand...
Click to collapse
and
Nexus 5X / bullhead
bullhead-mdb08i-boot-systemless.zip
Click to expand...
Click to collapse
encrypted out of the box?
dabotsonline said:
This is indeed exciting. However, I noticed that @Chainfire posted this downside on Google+ :
Click to expand...
Click to collapse
How is that a downside?
It's exactly the same with every other form of root you will ever see. They don't want to support Android Pay (and some other stuff) on rooted devices. If we find a root that allows it, they will update their system to detect and block it. That cat and mouse game will not end as long as Google doesn't want Android Pay on rooted devices.
Maybe someone will make apps/modules that help circumvent this, but it certainly will not be me.
also, I was confused by this:
Aren't
Nexus 6P / angler
and
Nexus 5X / bullhead
encrypted out of the box?
Click to expand...
Click to collapse
Still can't test what I don't have.
russlowe73 said:
Factory images
Click to expand...
Click to collapse
So basically I have to go back to 100% stock using ADB, and then flash the new SuperSU stuff with any custom ROM? If so, what are the benefits of this other than getting Android Pay while rooted?
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of root on the Nexus 6!!
efrant said:
Starting with Android 5.0, OTA updates are now block-based rather than file-based, so any modification to the system partition will cause the OTA to fail, even mounting the system partition as r/w.
Click to expand...
Click to collapse
Just to add to this, it's a whole-partition /system patch OTA if the device launched with Lollipop or later, anything that launched with KitKat is still receiving the old file-based patch OTAs. Modifying Settings.apk would likely trip either method for a lot of OTAs though, since it's a pretty central component.
galaxyuserx said:
I use Galaxy s6 G9200 HK with Kernel compiled by me, but i have problem with root 5.1.1 and i think in future too 6.0
These root method is integrated in kernel source or i can integrate with those "boot.img systemless" my selfcompiled kernel?(repack boot.img with kernel compiled by me)
Is possible to work this new root method to android 5.1.1?
I have problem with gain root when i use kernel compiled by me ( STOCK kernel have too this problem BOOTLOOPs and FREEZEs on boot system) and i don't know how slove it :/
I found on chineese forums root integrated in boot.img it working good and isn't comunicat "KERNEL is not SEandroid enforced" but when i try integrate my kernel with this boot.img error with boot system :/
Click to expand...
Click to collapse
Yup, it's all ramdisk changes so should be workable on any version of Android. Chainfire left instructions outlining the ramdisk changes in the WIP thread if you want to give it a try.
phishfi said:
I'm not sure if anyone has specifically mentioned this, but Android Pay still works with this form of on the Nexus 6!!
Click to expand...
Click to collapse
Yup, seems to be the case with most banking and root-detecting apps... for now.
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
secguy said:
Can someone with the non-system SU use this app: https://play.google.com/store/apps/details?id=com.cigital.safetynetplayground and post the results?
This app is supposed to do the SafetyNet checks cleanly, the same way Android Pay does them.
Would be interesting to see if it succeeds on devices with this new supersu version.
Click to expand...
Click to collapse
Just ran it and it passed.
Went ahead and installed su on a stock nexus 5, so far working well, android pay does not work but that was me being stupid and changing the host file and dpi before setting it up
I do notice a little input lag after this, not enough to even make me consider removing root, but it is noticeable, anybody else with this?
I really want to root my Droid Turbo, but I use Android Pay pretty frequently. I read once the phone is rooted, Android Pay will no longer work. I've read a few different things on the site and I'm just looking for some clarity. What exactly causes it to stop working? Is it rooting, unlocking the bootloader, both?
Since you have to unlock the bootloader for the Turbo root, and it sounds like once I unlock it there's no way to safely re-lock it, if I go through with the root, there's really no going back to Android Pay ever again because unlocking the bootloader.
Is there no shot of this working if I root my Droid Turbo? If this has explicitly been discussed and defined, I apologize, but I couldn't find an definitive answer to it.
hyphy88 said:
I really want to root my Droid Turbo, but I use Android Pay pretty frequently. I read once the phone is rooted, Android Pay will no longer work. I've read a few different things on the site and I'm just looking for some clarity. What exactly causes it to stop working? Is it rooting, unlocking the bootloader, both?
Since you have to unlock the bootloader for the Turbo root, and it sounds like once I unlock it there's no way to safely re-lock it, if I go through with the root, there's really no going back to Android Pay ever again because unlocking the bootloader.
Is there no shot of this working if I root my Droid Turbo? If this has explicitly been discussed and defined, I apologize, but I couldn't find an definitive answer to it.
Click to expand...
Click to collapse
Getting Android Pay to work on a modified device is a constant cat and mouse game. A few workarounds were found and promptly patched by Google in Android Pay/Google Play Services/ Google App updates. If you use it frequently, unlocking is a bad idea. Android Pay might still work on an unlocked device, but any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Even if you managed to root without unlocking (via moforoot or through the terrible kingroot method), you would break Android Pay because root is one of the first things that it looks for, and none of the apps/xposed modules designed to fool it are successful at doing so.
TheSt33v said:
Getting Android Pay to work on a modified device is a constant cat and mouse game. A few workarounds were found and promptly patched by Google in Android Pay/Google Play Services/ Google App updates. If you use it frequently, unlocking is a bad idea. Android Pay might still work on an unlocked device, but any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Even if you managed to root without unlocking (via moforoot or through the terrible kingroot method), you would break Android Pay because root is one of the first things that it looks for, and none of the apps/xposed modules designed to fool it are successful at doing so.
Click to expand...
Click to collapse
Thank you, I rooted, it doesn't work. Now I'm free to flash custom roms and make modifications without the worry of breaking Android Pay. Whatever, small loss to gain so much. Thanks again for your reply.
TheSt33v said:
...any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Click to expand...
Click to collapse
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
syphix said:
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
Click to expand...
Click to collapse
Makes sense. You didn't add any additional files to the system partition. I think as long as that's the case, Android Pay will work.
syphix said:
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
Click to expand...
Click to collapse
did you have android pay PRIOR to root/unlock? I've read somewhere that a work-around is to disable root, reboot, setup android pay, then re-establish root.
thanks...
jco23 said:
did you have android pay PRIOR to root/unlock? I've read somewhere that a work-around is to disable root, reboot, setup android pay, then re-establish root.
thanks...
Click to expand...
Click to collapse
That workaround will allow you to add cards, but paying will fail if you try to use them.
TheSt33v said:
That workaround will allow you to add cards, but paying will fail if you try to use them.
Click to expand...
Click to collapse
I think that changing the system is the only act preventing Android Pay to work properly. Neither unlocking bootloader nor rooting (as long as it is the systemless) does that. I believe that method used by GPS is just checking system hash (MD5 signature). Every system change brakes it. Safetynet test shows you authentically whether Android Pay could work or not. To date I haven't seen a single proof otherwise.
Jj
Has anyone done the systemless root for the turbo? I tried but either missed a step or it didn't work for my device
Sent from my XT1254 using XDA-Developers mobile app