Hey folks!
I followed the instructions posted by allcaps33 at http://forum.xda-developers.com/showthread.php?p=53549710 to get provisioning disabled, and the native hotspot app is working for me now! I just wanted to confirm if this was an operation similar to running Wifi Tether Router on an unlocked/rooted device (I had an S2Sky prior that I tethered off of regularly). I've got one of those too-rare Unlimited Data plans and am traveling cross-country, made possible by being able to tether my laptop to my phone to work. Just wanting to confirm that this was relatively as secure as using the Wifi Tether Router on my S2Sky. On a semi-related note, that app doesn't seem to want to run properly on my S5; when I click Enable Router it turns on the Wifi, which immediately connects to the house's wired router. It still broadcasts but doesn't send data, and it's hit or miss if a device can even connect to it from there.
Next question - I'm used to flashing a CM ROM within the first couple days of getting a new phone, which doesn't seem feasible just yet with the S5 (from what I can tell anyway; I'm not used to having a current-gen device). I've heard about the myriad evils of OTA updates, and was hoping to get help on how to disable them. I would like to avoid my device upgrading to a point where my above-stated desired functionality is disabled. Ideally, I'd like to get rid of the various bloatware apps as well, though am not sure how to go about that.
I appreciate your time and support, and thanks for being a community that's always been there for me as I derp along with my fancy internet boxes!
Hi!
The absolute easiest way is to use Rom Toolbox. I have the pro version, but I believe it's available in the lite version as well.
Download and open up RTB.
Tap on "App Manager"
Then scroll down until you see "AT&T Software Update"
Tap on it.
A popup will display. Swipe from right to left, and you will be on the "Advanced" tab.
Scroll down and tap on "Advanced Freeze."
You will come to a screen which shows you the Activities, Recievers, Services, and Providers. Tap on EACH box/line. This will Disable OTA services.
We're not done yet!
Go back to the App Manager screen again, and repeat the process for an app called "LocalFOTA"
Finished!
I also Disable most of the bloatware and Knox this way.
Have fun!
---------- Post added at 12:58 PM ---------- Previous post was at 12:49 PM ----------
Now for the hard part...
Yes this can be as secure as the other the tether. Ensure you use and change the password service with the app.
As for the tether turning your wifi on, it is supposed to do that. The best way to get this to work is to turn the tether on and off (then on again). If this does not work, try emptying the data/cache for the built-in tether app. And start from scratch.
allcaps33 said:
I also Disable most of the bloatware and Knox this way.
Click to expand...
Click to collapse
KNOX - What is it? I'm under the impression it's some sort of security for the phone, to protect from malicious activity that you might not be aware of, but also that it'll "tattle" on you if you mod your phone in a way AT&T doesn't approve.
Knox is two things.
1) It is a security container for apps. It works as both a license/drm type software for Samsung official apps.
And
2) Android contains a root environment at all times. This is what makes SU possible. It used to be quite easy to invoke Android system calls as root.
Root is actually separate from super user. Knox, like SEPolicy, helps dev companies detect, halt, and/or hinder apps, not su itself, but apps that that use these root system calls.
Be wise, even though Knox itself does not "report" these types of actions, it still logs them. And there are other apps that can read these logs and send out these reports. I should say (and I'm only guessing) that only work/company issued phones are setup like this. Not your personal phone.
In fact, our phones actually contain a file which logs all root system calls. It has nothing to do with Knox but, I believe this binary is what hinders us open devs, but makes it easy for Samsung and AT&T to restore/repair our phones.
For more info on Knox:
https://www.samsungknox.com/en/partners/app-developers
Hello all, I hope all is well. I received the update to 4.4.4 a few weeks ago. However, all i got from the update was all the ATT bloatware(Uber,Kids Mode,etc). I am curious as to why I didn't get Knox 2.0, while a my friends were able to. I contacted samsung about it and all i was told was the application "Knox application has been stopped from this version."
So i guess my question to the community is, is there a work around for this? I have tried downloading the apk but even so after installing it I cant open the app on my phone, only the icon is there. I like my phone as is so I would prefer not to root it, but is that my only option at this point if I want the Knox app?
Thanks in advance for any input.
~Azure
Why would you ever want Knox?.. Tr....
Some of us like having a 2nd locked screen for work and for home... our like me that uses my phone for fire/ems/home/work
I understand what knox does with profiles and different containers...But the 90% of us have no choice, Many users get worried when installing perhaps a camera app from market and the permission says "location"..Sometimes they won't even download it then...But "Knox" is "Highest Admin" And can virtually do anything on demand to our phones...And we have "No" choice to except or not...It's just there...
The Op stated that he doesn't have "Knox" 2.0 ?
Your not Rooted otherwise you could check to see if you have it installed.
> In "System/App/FixmoISA.Apk
Do you see that file? That's one of many files or apps hiding withing your phone and the manifest files says its currently active and running. And my rom supposedly has Knox remvoed...lol
wish777 said:
I understand what knox does with profiles and different containers...But the 90% of us have no choice, Many users get worried when installing perhaps a camera app from market and the permission says "location"..Sometimes they won't even download it then...But "Knox" is "Highest Admin" And can virtually do anything on demand to our phones...And we have "No" choice to except or not...It's just there...
The Op stated that he doesn't have "Knox" 2.0 ?
Your not Rooted otherwise you could check to see if you have it installed.
> In "System/App/FixmoISA.Apk
Do you see that file? That's one of many files or apps hiding withing your phone and the manifest files says its currently active and running. And my rom supposedly has Knox remvoed...lol
Click to expand...
Click to collapse
Hello, as zaptear posted I would like to have the 2nd locked screen for work. I checked and I do have the aforementioned FixmoIsa apk on my phone.
Hi I have a note 4 (marshmallow 6.0.1).
If I tripped knox by either rooting or flashing a custom rom, and then if I decided to revert back say i unrooted and re-flashed the stock rom.
Assuming everything is back normal except that
now you have "knox warrnety void 0*1"
Will I still be able to:
-Enable Knox active protection from Samsung's "smart manager" app.
-Use "Samsung my knox" app
-Use Samsung pay or android pay
-Do OTA updates
Or is having a "stock non-rooted rom" still not enough and you won't be able to do all of the above as long as you have already tripped knox?
(Also apparently you cannot enable it while "rooted" even if you have managed to root it without tripping Knox).
Thanks in advance :good:
I cant confirm things like Android/Samsung Pay, But you cannot use the Knox App anymore. Smart Manager still says protected on mine, and yes OTA updates will work (assuming your not rooted). I'm on stock 6.0.1 rooted myself and I find no issues. Once I got rid of all the bloat. TW actually seems pretty decent. However I do throw on Nova if I want a change.
cash2387 said:
I cant confirm things like Android/Samsung Pay, But you cannot use the Knox App anymore. Smart Manager still says protected on mine, and yes OTA updates will work (assuming your not rooted). I'm on stock 6.0.1 rooted myself and I find no issues. Once I got rid of all the bloat. TW actually seems pretty decent. However I do throw on Nova if I want a change.
Click to expand...
Click to collapse
Amazing thanks for your helpful reply, so you can't use my Samsung knox app. Don't really care about it.
And what happens when you try tp activate "knox active protection" if you have already triggered knox? assuming of course you're not rooted
Does it give like an error?
mandroid email said:
Amazing thanks for your helpful reply, so you can't use my Samsung knox app. Don't really care about it.
And what happens when you try tp activate "knox active protection" if you have already triggered knox? assuming of course you're not rooted
Does it give like an error?
Click to expand...
Click to collapse
I'm rooted at the moment. I don't have exact error right now, but it basically tells me the phone isn't "secure" and cannot use the Knox app. Which for most users it isn't an issue, The Knox app is for someone who wants security for certain things. But overall its for a BYOD environment. A company may want to set up a secure workspace for the email and company files. Then if you ever leave (or lose your phone) they can blow away that information without touching your personal info.
cash2387 said:
I'm rooted at the moment. I don't have exact error right now, but it basically tells me the phone isn't "secure" and cannot use the Knox app. Which for most users it isn't an issue, The Knox app is for someone who wants security for certain things. But overall its for a BYOD environment. A company may want to set up a secure workspace for the email and company files. Then if you ever leave (or lose your phone) they can blow away that information without touching your personal info.
Click to expand...
Click to collapse
Aha I understand now, thank you very much for your helpful response, appreciated.
Reactivation lock will not work if knox is 0x1 - not sure if that's a deal breaker though.
Hi,
I used to root my phone but since I bought the S10 I found myself using Samsung Pay instead of using my cards all the time.
Before I used to root in order to have:
- Spotify mod, but now you can hack Spotify without root installing a modded version
- adaway but you can still use adhell
- YouTube vanced worked on non-root device
So do you think it's worth rooting the phone to maybe removing some bloating and add some minor customisations but lose Samsung Pay?
ValouSydney said:
Hi,
I used to root my phone but since I bought the S10 I found myself using Samsung Pay instead of using my cards all the time.
Before I used to root in order to have:
- Spotify mod, but now you can hack Spotify without root installing a modded version
- adaway but you can still use adhell
- YouTube vanced worked on non-root device
So do you think it's worth rooting the phone to maybe removing some bloating and add some minor customisations but lose Samsung Pay?
Click to expand...
Click to collapse
i think yeah, debloating is the first thing to pushed me to root, but more reasons exist, like tweaks to systemui, backups, also this time i use it to be able to mock locations on pokemongo hehe.
The only thing stopping me to root my s10 was securefolder, because the warranty doesn't mind if you break,wet,loose the phone and since someone found a way to use it theres no other reason to not root for me
Chuytl said:
i think yeah, debloating is the first thing to pushed me to root, but more reasons exist, like tweaks to systemui, backups, also this time i use it to be able to mock locations on pokemongo hehe.
The only thing stopping me to root my s10 was securefolder, because the warranty doesn't mind if you break,wet,loose the phone and since someone found a way to use it theres no other reason to not root for me
Click to expand...
Click to collapse
I DO NOT ROOT ANYMORE!
Debloating is NO LONGER an excuse either!! Infact the phones are SUPER EASY to remove ALL the bloatware from!!!
Just flash a stock "unlocked" firmware and boom, bloatfree.. you dont even need to sim unlock!!!
Modded Apks are good enough for me, and work fine on unrooted devices.
You maintain ALL features...
AND YOU KEEP YOUR WARRANTY INTACT!!!
Some apps only work with root. Root also gives you access to install a custom recovery which can be used to make nandroid backups of the phone. Something stock recovery can't do unless you use the flash fire app in which case you need root to use it.
psynetkilla said:
I DO NOT ROOT ANYMORE!
Debloating is NO LONGER an excuse either!! Infact the phones are SUPER EASY to remove ALL the bloatware from!!!
Just flash a stock "unlocked" firmware and boom, bloatfree.. you dont even need to sim unlock!!!
Modded Apks are good enough for me, and work fine on unrooted devices.
You maintain ALL features...
AND YOU KEEP YOUR WARRANTY INTACT!!!
Click to expand...
Click to collapse
if thats your choice thats ok...
warranty is not a deal with because probably I'll break my phone before any factory issue also a full debloated stock firmware?
im not telling you to root but for me is not a need is because i like to do it. manually debloting a rom, use of apps that need device admin without grant it, backups,kernel wireless and framework tweaks, ui customization and a lot of things you can do with root only
Couple of reasons why I have it rooted:
- Replace the ugly Samsung Emoji for any other (I use the legacy but updated blobs).
- Full disable Google if you care "a bit" about privacy.
- Remove Bixby and remap without accepting their contract.
- Full VPN, Android by default don't tether internet with VPN
In overall, rooting is needed if you want to own your device and care about privacy. People have more usage for rooting, but that's why I prefer rooting.
The main reasons I used to root were
-Install black theme. These days every manufacturer offers black themes and Google also offers black themes.
-Adaway for ads removal. There are many alternatives for non rooted devices.
-Viper 4 Android for superior sound. I bought an external DAC which is much better.
-Debloating. Nowdays we are able to remove most of the apps we don't want.
I like my rooted LG G4 a lot, but I need my S10 to use my bank apps without hassle, so I will probably never root it.
Not any real important reasons that usually can't be done some other way, sometimes because their friends are doing it.
Tel864 said:
Not any real important reasons that usually can't be done some other way, sometimes because their friends are doing it.
Click to expand...
Click to collapse
Rooting is cool, only cool kids root :good:
I root my phone just because I want to have the freedom to do what I want.
I like to modify config files for apps (whatsapp for example - better photo quality, larger videos and so on).
Adhell isn't working anymore and non-root adblockers including AdGuard DNS are either sucking battery or you need to disable it often to enter websites. You can't add filters to the DNS. Adaway works great on root.
Also Substratum or similar is great and I like the Swift Black theme.
For me it's more the principe. Before I switched to Android I used to have jailbroken iPhones, only - and I loved the freedom.
But since my warranty's void and my USB port got destroyed by fake moisture I'm thinking about to suppress my thoughts of "Android freedom" - the repair shop wanted 400€ for switching the mainboard. I let them send my S10 back and now VaultKeeper prevents booting...and without USB I don't have any chance to use the phone.
So, rooting is great but if your device got damaged it gets expensive.
It's annoying that the phone brands are working so hard to prevent rooting without any logical reason...VaulKeeper and KNOX are just two examples just by Samsung. Huawei, for example, disabled the unlocking of their devices completely, this was the reason for me to switch to Samsung.
My Pixel 3 is having power button/battery-life issues, so I took advantage of the inflated Google trade-in values and pre-ordered the 7 (ugh, hope it goes better than the 6 launch, especially since with my trade-in I'll be stuck if I have issues).
My Pixel and Pixel 3, I unlocked the bootloader and rooted, but with the Pixel 3, seemed like I was spending more and more time trying to read and make sure that I was going to be able to get the updates installed and re-root with Magisk, and still be able to pass SafetyNet and Play store certification with a different kernel, such that I was skipping updates because I just didn't have time.
My main reason for rooting these days was to use AdAway and to freeze apps that I wasn't using regularly (like Uber, Lyft, store apps needed to get coupons but rarely used which I didn't want waking up and siphoning data in the background) with Titanium Backup. And to migrate a few apps and app data using Titanium Backup (though I think most apps/data transferred successfully using the Pixel transfer wizard when I went Pixel->Pixel 3?- can't remember the last time I had to do this, after 3 years on the P3)
When setting up the P7, I'm thinking about not unlocking the bootloader and just trying to use an adblock DNS, but wonder if anyone else is having similar thoughts? Have you been able to backup/restore apps and app data when necessary using ADB or Helium? Do you freeze apps or just uninstall ?
If I have forgotten some other reason why I really needed to be rooted with unlocked BL, do you think I'll be able to take an ADB backup, unlock BL and wipe and restore all apps/data?
Would be interested to know what everyone else is planning on doing...
Nateg900t said:
My Pixel 3 is having power button/battery-life issues, so I took advantage of the inflated Google trade-in values and pre-ordered the 7 (ugh, hope it goes better than the 6 launch, especially since with my trade-in I'll be stuck if I have issues).
My Pixel and Pixel 3, I unlocked the bootloader and rooted, but with the Pixel 3, seemed like I was spending more and more time trying to read and make sure that I was going to be able to get the updates installed and re-root with Magisk, and still be able to pass SafetyNet and Play store certification with a different kernel, such that I was skipping updates because I just didn't have time.
My main reason for rooting these days was to use AdAway and to freeze apps that I wasn't using regularly (like Uber, Lyft, store apps needed to get coupons but rarely used which I didn't want waking up and siphoning data in the background) with Titanium Backup. And to migrate a few apps and app data using Titanium Backup (though I think most apps/data transferred successfully using the Pixel transfer wizard when I went Pixel->Pixel 3?- can't remember the last time I had to do this, after 3 years on the P3)
When setting up the P7, I'm thinking about not unlocking the bootloader and just trying to use an adblock DNS, but wonder if anyone else is having similar thoughts? Have you been able to backup/restore apps and app data when necessary using ADB or Helium? Do you freeze apps or just uninstall ?
If I have forgotten some other reason why I really needed to be rooted with unlocked BL, do you think I'll be able to take an ADB backup, unlock BL and wipe and restore all apps/data?
Would be interested to know what everyone else is planning on doing...
Click to expand...
Click to collapse
The very first thing I will do is unlock the bootloader and root. Not really a hassle for me and I don't use banking apps.
Lughnasadh said:
The very first thing I will do is unlock the bootloader and root. Not really a hassle for me and I don't use banking apps.
Click to expand...
Click to collapse
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Nateg900t said:
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Click to expand...
Click to collapse
Adaway root version
YouTube & YouTube Music Vanced
Substratum
Repainter
JamesDSP
Pixel Launcher Mod
Shortcutter app
Swift Backup
App Manager
To name a few..
Thanks, from your list Adaway root is the big pull for me.
Nateg900t said:
Thanks, from your list Adaway root is the big pull for me.
Click to expand...
Click to collapse
How about a VPN with ad blocking? Kill two birds..Proton is awesome for me. Do a backup, save it then try without root for a bit. You can't stand it then root.
bobby janow said:
How about a VPN with ad blocking? Kill two birds..Proton is awesome for me. Do a backup, save it then try without root for a bit. You can't stand it then root.
Click to expand...
Click to collapse
Have thought about that- use a VPN to a VPS when traveling on wifi, and a VPN to access my home network, but don't like the idea of leaving it connected all the time (battery drain, keeping the radios active to keep the connection) or the idea of having to constantly connect/disconnect it when I want to use the phone. And I would have to create new profiles for adblock to use on mobile while maintaining no-adblock for other devices.
That's why DNS or Adaway hosts seems like the best options for me.
I think I might do your idea of starting without and see how it works. Just looking for any reports from others who have been able to successfully fully backup and restore apps/data to unlock the bootloader. If I have to setup everything from scratch, it's a larger barrier to doing the BL unlock later.
I unlock the bootloader right away so I can use the Android Flash Tool for quick updates via my work computer. I don't like waiting for OTA updates and the optimization process that follows. Root and AdAway is another benefit, also better theme possibilities.
Nateg900t said:
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Click to expand...
Click to collapse
I used to root for the adblocking, but found setting the private dns to dns.adguard.com is just as effective. As for backups, I used Titanium Backup, but have found Google's backup is just as effective. For those apps not installed from the play store, I use swift backup running on top of Shizuku. For ad-free Youtube, you can find a modified youtube (vanced) apk, but as always, modified apks come with risks.
mruno said:
I used to root for the adblocking, but found setting the private dns to dns.adguard.com is just as effective. As for backups, I used Titanium Backup, but have found Google's backup is just as effective. For those apps not installed from the play store, I use swift backup running on top of Shizuku. For ad-free Youtube, you can find a modified youtube (vanced) apk, but as always, modified apks come with risks.
Click to expand...
Click to collapse
Thanks for sharing your experience! Have been reading more about the private DNS options, just trying to figure out whether connecting to my OpenVPN profiles will override the phone settings and cause me to have to change server config settings in OpenVPN server (seems like OpenVPN will override if doing server push, and the iOS and Android OpenVPN clients don't listen to the pull-filter commands to ignore server config DNS which would be needed to allow non-adguard profile option with a client profile instead of running a second server instance on a different port). I'm probably just going to have to experiment and figure out some combination of settings that allows me to use adguard Private DNS when on mobile/wifi when not using VPN, and also adguard Private DNS when on my own VPN, with the option to use a non-adguard DNS profile if something isn't working/loading and I need to disable the adguard.
Was also reading about using Shizuku and Hail to freeze/disable apps without root, which is my other biggest use-case.
Have a family YoutubeMusic account that costs $2.50/month and includes no-ad Youtube, so thankfully don't have to worry about Youtube ads.
chopt51 said:
I unlock the bootloader right away so I can use the Android Flash Tool for quick updates via my work computer. I don't like waiting for OTA updates and the optimization process that follows. Root and AdAway is another benefit, also better theme possibilities.
Click to expand...
Click to collapse
Do you play the game of trying to maintain Gpay compatibility and Play store certification to install Netflix and other apps, or that's just not something that matters for your use case?
Nateg900t said:
Do you play the game of trying to maintain Gpay compatibility and Play store certification to install Netflix and other apps, or that's just not something that matters for your use case?
Click to expand...
Click to collapse
I honestly don't have to worry about those instances. My use might be different than others.
I'm thinking about getting a Pixel 7 (non Pro), and if I get one I'll keep the BL locked I guess. Right now I got a Realme GT2 Pro, and it's locked running stock color OS. I got a virtual credit card and various banking apps, so I don't want to mess around anymore. For blocking unwanted stuff I use personalDNSfilter (got that running on my PC and my smartphone and it's great) and adblocking browsers. During the last years I used less custom ROMs and kernels, because I don't need that stuff anymore. It rather annoyed me testing ROMs and getting problems because of root.
Immediately unlock the bootloader and leave it unlocked. You can decide to go with root at any time it suits you after that without losing all your data -- can be as simple as fastboot'ing the modified boot image, and as temporary as its gone the next time you reboot.
96carboard said:
Immediately unlock the bootloader and leave it unlocked. You can decide to go with root at any time it suits you after that without losing all your data -- can be as simple as fastboot'ing the modified boot image, and as temporary as its gone the next time you reboot.
Click to expand...
Click to collapse
I haven't unlocked for some time and when I did I didn't use GP or my banking apps. Does Pay and all banking apps work with an unlocked bootloader. Perhaps before telling someone to immediately unlock the bootloader you could inform them of the drawbacks as well as the benefits you provided. Maybe suggest a few articles on the security risks of an unlocked bootloader as a start. The person you are quoting has numerous financial apps on the device and is security conscience. Blanket statements of "immediately unlock the bootloader and leave it unlocked" can be shortsighted for some people.
bobby janow said:
I haven't unlocked for some time and when I did I didn't use GP or my banking apps. Does Pay and all banking apps work with an unlocked bootloader. Perhaps before telling someone to immediately unlock the bootloader you could inform them of the drawbacks as well as the benefits you provided. Maybe suggest a few articles on the security risks of an unlocked bootloader as a start. The person you are quoting has numerous financial apps on the device and is security conscience. Blanket statements of "immediately unlock the bootloader and leave it unlocked" can be shortsighted for some people.
Click to expand...
Click to collapse
Everything will work perfectly with an unlocked bootloader. It will just give you an annoying warning screen briefly when powering on.
If you want to know about security risks, they're fairly small, and ONLY apply if your phone is handled physically by someone untrusted for an extended period of time, in which the only thing they could actually do is install a modified boot image. Under those circumstances, the device security has to be assumed compromised whether the bootloader is unlocked or not.
An unlocked bootloader will NOT allow a 3rd party to access data on the device, since it is encrypted and requires your security code to unlock.
Now, you can actually tell if they've rebooted the device, which they would HAVE to do in order to install a different boot image; the unlock screen (which they are NOT able to modify without resulting in boot failure) will tell you!
And I absolutely disagree that it is shortsighted to advise immediate unlocking. Nothing of real benefit comes from having a locked bootloader. Any sense of security you gain from it is smoke and mirrors. It can only be tampered with if someone has physical access, and if somebody has physical access, it has to be assumed compromised regardless of whether it is unlocked or not. If anything, your security is improved because it is now on your mind that it could potentially be tampered with, and you are reminded of it with the id10t warning every time it reboots.
96carboard said:
Everything will work perfectly with an unlocked bootloader. It will just give you an annoying warning screen briefly when powering on.
If you want to know about security risks, they're fairly small, and ONLY apply if your phone is handled physically by someone untrusted for an extended period of time, in which the only thing they could actually do is install a modified boot image. Under those circumstances, the device security has to be assumed compromised whether the bootloader is unlocked or not.
An unlocked bootloader will NOT allow a 3rd party to access data on the device, since it is encrypted and requires your security code to unlock.
Now, you can actually tell if they've rebooted the device, which they would HAVE to do in order to install a different boot image; the unlock screen (which they are NOT able to modify without resulting in boot failure) will tell you!
And I absolutely disagree that it is shortsighted to advise immediate unlocking. Nothing of real benefit comes from having a locked bootloader. Any sense of security you gain from it is smoke and mirrors. It can only be tampered with if someone has physical access, and if somebody has physical access, it has to be assumed compromised regardless of whether it is unlocked or not. If anything, your security is improved because it is now on your mind that it could potentially be tampered with, and you are reminded of it with the id10t warning every time it reboots.
Click to expand...
Click to collapse
Everything will not work perfectly. Let's be honest here. Look it up, some banking apps work mine doesn't. Pay will work one day and not the next. And if your bank finds out your account was hacked and your phone is unlocked and/or bypasses bank security protocols who will pay for the missing funds when they find out?
A missing device can be booted into a custom recovery and adb commands will be available to take everything on your device bypassing any security you have. With a locked bootloader that is not possible. So if you know your phone can be compromised you feel more secure? That is ludicrous and really doesn't make sense. I mean talk about smoke and mirrors.
Now that being said there are a lot of folks in your camp that say you're living a pipe dream if you think the phone is more easily hacked or info stolen. I understand that argument entirely and it's possibly correct to a certain degree. But to summarily say immediately unlock your bootloader if you don't plan on rooting because.. well just in case, is really disingenuous to a great many individuals. At the very least look up some articles on why to keep your bootloader locked, especially for someone that hasn't done it in some time, if ever. The beauty of Android is the possibility if you so desire. Just be conscience of the advice you give. Many years ago Chainfire said in his blog that if you have an unlocked bootloader and have financial apps on your device you're asking for trouble and you might want to rethink that. (not in so many words) That weekend I locked my bootloader and never looked back. I haven't missed anything.. well other than flashing MVK kernel for my 6a. ;-) But then I'd need root and that brings a host of other issues.
Good points about unlocked BL. Every phone I've had with an unlocked bootloader, I also had root. If I have an unlocked bootloader but run a stock image, I see bobby and 96cardboard are offering different reports of whether that will result in apps like banking apps, Play Store certification, and GPay deciding that they won't allow normal functioning. Anyone else have recent experience on this?
If I can run stock with unlocked bootloader, then I might be more in the camp to have the unlocked BL but not root, at least initially. I like the idea that if somehow an update or some other Android bug borks the OS and/or boot partitions, I could potentially fastboot install a stock copy of the OS and have a chance of recovering my data, whereas with the locked bootloader, it seems the options are limited/none, correct (sorry, haven't had to try and recovery from that situation in the past, so maybe I just don't know/understand the tools available)? I just know from past experience that it seemed like an unlocked bootloader was required and also know that unlocking wipes all data in the process. Not sure if there's a reliable way to get a phone to back up user data to a computer via ADB that can be restored even when the OS isn't working, but also don't have experience trying to use ADB backup with a functioning phone (used to do nandroid backups and they saved my butt a time or two).
@Nateg900t You're not going to trash the os with an update. You might with root if you don't know what the new root process is. But why not just make a backup with an app or two and keep it offline. No adb needed. And copy your important pics too. But I do understand what possibilities there are with an unlocked bl.
What I sometimes do is make a full Google backup and an SMS, call log backup. Then I'll flip the OEM switch just in case I need to unlock. I actually have it flipped now because I'm on QPR1 b2. Now that can bork something. If I needed to wipe I could recover about 90+% within about 30 minutes. If you want to bl lock due to some app or something then a full wipe is needed. Oh how I miss nandroid backups.
Keep asking your questions all over and make an informed decision. Enjoy the device it's pretty awesome.
Ahh, good call on flipping the oem unlock switch.
What app are you using to make app backups? Helium? I don't do full Google backup because I don't pay for extra cloud storage. But I was going to try making the full adb backup and seeing if I can use that and restore my old pixel 3 (once it is transfered to the new 7, just before I wipe it for trade in... At that point it won't matter if the restore doesn't work and it will be nice to test and get the experience for backing up the 7 via adb..
For pics, already using an app that uploads pics to my NAS each night overnight.
Going to give private dns via adguard a try instead of adaway and with that and backup/restore capabilities, I think that will cover my root needs these days.