Related
I have an ATT S5 (SM-G900A), completely stock, unrooted, updated to the latest 5.0 OTA update. My requirements for my phone are that it be able to pass Airwatch checks and that it be able to be encrypted (Personal device used at work). Some background first:
Last time I tried to play around with rooting, other mods, and whatnot was on my ATT S3 (I think I747?) and I discovered that an unspecified combination of rooting, installing a custom loader (CWM in my case) and installing a custom mod (Cyanogenmod at the time) made my phone unable to encrypt. At the time I was not required to use Airwatch, but encryption was required for my phone to connect to work, so I gave up on the whole lot.
I have now discovered that ATT, in their infinite wisdom, has replaced the S Voice drive mode with their own "ATT Drive Mode", and it's been verified they went so far as to remove the related APKs from the phone entirely. For those unaware, S Voice Drive mode is an feature of S Voice that (when turned on) reads out all callers and text messages, and then verbally prompts you for actions; reply, answer, ignore, etc. It allows fully hands free functionality. ATT Drive Mode, on the other hand, automatically kicks in whenever speeds of 20 MPH are detected (even if you're a passenger), rejects all calls and texts excluding a user-defined 5 person list, and essentially makes your phone useless anytime you're in a car. The goal is to "reduce texting and distracted driving", but as I'm on-call as part of my job and need to at least be aware of texts that come in within 10 minutes of receipt, it actually makes my drive much more dangerous. ATT Drive mode is a good idea for teens, perhaps, but i'm not a teen.
This brings me to my question: What are my options?
--Does rooting break my ability to encrypt? I know airwatch will flag, but I'm thinking there's a possibility of being able to root, put a custom loader on my phone, and then restore stock with that custom loader, whereupon I can try to install the drive mode APK...which leads me to my next question:
--Does having a custom loader (like safestrap or CWM or whatever is in use nowadays) break my ability to encrypt?
--Does anyone know of a way to install the S Voice drive mode in the G900A? I tried searching, but the only references involved being rooted, or ended with something vague like "download a stock rom and find the apk using root explorer" as the solution (which is vague to me because I don't know which stock rom to use, what apk to look for, and last time I used root explorer on my s3, it needed root...)
Honestly, the ideal solution would be something like the stock rom from the international version that would run on my ATT version...but I don't know if such a thing exists or is possible. I don't mind Samsung's cruft, but I do dislike ATT's lobotomizing of my phone to push their own little product that treats me like a kid. I know that I am less safe as a driver without the S Voice drive mode than I was with it.
I take it I have no options? And that no one knows how rooting affects encryption?
Sent from my SAMSUNG-SM-G900A using XDA Free mobile app
sheaiden said:
I take it I have no options? And that no one knows how rooting affects encryption?
Sent from my SAMSUNG-SM-G900A using XDA Free mobile app
Click to expand...
Click to collapse
I will make it easy for you. Since you took the 5.0 OTA update rooting is not possible anymore. Also there is no way to downgrade to KitKat which was rootable. Sorry. Not much you can do until someone finds a way to root 5.0. If you find the S Voice Drive app, you can side load it and see if it works.
Waiting4MyAndroid said:
I will make it easy for you. Since you took the 5.0 OTA update rooting is not possible anymore. Also there is no way to downgrade to KitKat which was rootable. Sorry. Not much you can do until someone finds a way to root 5.0. If you find the S Voice Drive app, you can side load it and see if it works.
Click to expand...
Click to collapse
Actually, while I greatly appreciate the fact that you took the time to reply (seriously! at least you took the time!), this is neither easy nor related to the questions I asked. If you look at my post, I'm not asking "how can I root", I'm asking three rather different questions:
--Does rooting break my ability to encrypt? I know airwatch will flag, but I'm thinking there's a possibility of being able to root, put a custom loader on my phone, and then restore stock with that custom loader, whereupon I can try to install the drive mode APK...which leads me to my next question:
--Does having a custom loader (like safestrap or CWM or whatever is in use nowadays) break my ability to encrypt?
--Does anyone know of a way to install the S Voice drive mode in the G900A? I tried searching, but the only references involved being rooted, or ended with something vague like "download a stock rom and find the apk using root explorer" as the solution (which is vague to me because I don't know which stock rom to use, what apk to look for, and last time I used root explorer on my s3, it needed root...)
In fact, I am unable to remain rooted (Airwatch; it's part of the post title), and the whole point and thrust of my question lies in the fact that I am looking to find out what affects encryption and what options I have as far as getting S Voice Drive mode on my phone while staying Airwatch compliant (not rooted). In addition, "if you can find the s voice drive app" is part of the problem too, as evidenced by the third question I asked above; I don't know where to find said app.
Does anyone know anything regarding what I was actually asking?
Everything that you want to do requires ROOT! Safstrap needs root, CWM will brick you phone since the bootloader is locked. Again, there is no way as of now to root the S5 with 5.0 att OTA.
Here is the link to download the GS4 S Voice app. You can try and side load it,
https://www.dropbox.com/s/oe7i2g81iuhjv38/S-Voice_Android_phone_J.apk?dl=0
Waiting4MyAndroid said:
Everything that you want to do requires ROOT! Safstrap needs root, CWM will brick you phone since the bootloader is locked. Again, there is no way as of now to root the S5 with 5.0 att OTA.
Here is the link to download the GS4 S Voice app. You can try and side load it,
Click to expand...
Click to collapse
Awesome, I'll start with that sideloading, and test it out. Thanks! As far as the rest, I suppose that does clarify some things (that I admittedly already knew), so I do appreciate it, but it still does leave the answers to the other questions. I can infer, of course, that the answer to whether having a custom bootloader on the Galaxy S5 breaks encryption will be dependent on whether root breaks the encryption, since as you pointed out custom bootloaders need root to install, but the fantasy I entertained for a little while was rooting when there's a method (hope springs eternal, so I'm hoping it will eventually be possible), installing a custom bootloader so I can do things like backups and sideload, getting the proper apk's installed for the drive app, and then unrooting it so I can connect it via airwatch to my work's network. Perhaps I should have marked this as a solidly theoretical question, since as you said, there currently exists no root. I just want to know, with the unique way that Samsung implemented Knox and the encryption on the S5, what will break encryption and what won't?
Of course, there is a side question brought up by all this...how possible is it to load another firmware on my phone? as in, use Odin to put the tmobile image on my phone. That is likely a bad example, since I'm fairly certain there are actual hardware differences between the ATT and the tmobile models, but the concept still stands. At what level are the hardware configurations different between phone companies?
sheaiden said:
Awesome, I'll start with that sideloading, and test it out. Thanks! As far as the rest, I suppose that does clarify some things (that I admittedly already knew), so I do appreciate it, but it still does leave the answers to the other questions. I can infer, of course, that the answer to whether having a custom bootloader on the Galaxy S5 breaks encryption will be dependent on whether root breaks the encryption, since as you pointed out custom bootloaders need root to install, but the fantasy I entertained for a little while was rooting when there's a method (hope springs eternal, so I'm hoping it will eventually be possible), installing a custom bootloader so I can do things like backups and sideload, getting the proper apk's installed for the drive app, and then unrooting it so I can connect it via airwatch to my work's network. Perhaps I should have marked this as a solidly theoretical question, since as you said, there currently exists no root. I just want to know, with the unique way that Samsung implemented Knox and the encryption on the S5, what will break encryption and what won't?
Of course, there is a side question brought up by all this...how possible is it to load another firmware on my phone? as in, use Odin to put the tmobile image on my phone. That is likely a bad example, since I'm fairly certain there are actual hardware differences between the ATT and the tmobile models, but the concept still stands. At what level are the hardware configurations different between phone companies?
Click to expand...
Click to collapse
You will not be able to change your bootloader period... At this point the locked bootloader is unbreakable. That leads to your next question about tmobile and that's a no as well due to the locked down bootloader.
Even with root you won't be able to do anything you've suggested due to the locked bootloader.
OPOfreak said:
You will not be able to change your bootloader period... At this point the locked bootloader is unbreakable. That leads to your next question about tmobile and that's a no as well due to the locked down bootloader.
Even with root you won't be able to do anything you've suggested due to the locked bootloader.
Click to expand...
Click to collapse
Interesting. I had been under the impression that I had seen people referring to installing clockworkmod or some similar thing on an S5, but I think I may be getting caught up in terminology; those are recoveries, aren't they? not bootloaders? Or perhaps people were posting about the other S5s with unlocked bootloaders. 15 different versions of S5, and I get stuck with the most apple-like of all the carriers....(in the sense of "you take what we give you and don't play with it!")
So, assuming I don't manage to get it installed via the link Waiting4MyAndroid was kind enough to post, I think that rules out anything other than the method of:
--wait for a root method to be established for the new OTA
--root, install the drive apk
--unroot, so I can encrypt and pass airwatch
Does anyone know if the old method of rooting broke encryption? and whether encryption was able to be performed after unrooting again?
Edit: Attempted to Sideload. Sadly, it is telling me "App not installed" (other sideloads do work; it's not the unknown sources setting). I'm thinking either the apk is marked for s4, and it's not compatible, or it's trying to overwrite files from the established svoice system, and that's not allowed. I suppose if someone has the drive apks from a tmobile S5 image or some such thing (same model, different carrier), then I could try again, but unfortunately this apk doesn't work. Thanks for the attempt, Waiting4MyAndroid!
So I actually don't have the S5, or any Samsung device for that matter, but a friend of mine does, and really wants to root their phone. I had no idea the AT&T S5 was so secure, but it's pretty interesting too. I've been researching for over 15 hours. I may not have been able to root his phone, but I think I have learned a couple things and maybe some possible root methods.
1.) Since using ODIN to downgrade would soft brick the phone, would it be possible to download the stock Lollipop update onto a computer, give the update super user access, replace the recovery with a custom one, or unlock the bootloader from the computer, then flash it through ODIN?
2.) Intercept any sort of OTA update, then alter it to flash a custom recovery or unlock bootloader? I don't know how you would go around this though.
3.) If someone hasn't taken the OTA update that patched the Stagefright exploit, could someone purposely use the exploit to allow installation of a custom recovery or even to unlock the bootloader since the Stagefright bug has super user access (or so I've heard).
Also, I'm sorry if these are stupid ideas. I know close to nothing about Samsung so everything I'm basing this off of is what I've read in the past 15 hours.
jsmithfms said:
So I actually don't have the S5, or any Samsung device for that matter, but a friend of mine does, and really wants to root their phone. I had no idea the AT&T S5 was so secure, but it's pretty interesting too. I've been researching for over 15 hours. I may not have been able to root his phone, but I think I have learned a couple things and maybe some possible root methods.
1.) Since using ODIN to downgrade would soft brick the phone, would it be possible to download the stock Lollipop update onto a computer, give the update super user access, replace the recovery with a custom one, or unlock the bootloader from the computer, then flash it through ODIN?
2.) Intercept any sort of OTA update, then alter it to flash a custom recovery or unlock bootloader? I don't know how you would go around this though.
3.) If someone hasn't taken the OTA update that patched the Stagefright exploit, could someone purposely use the exploit to allow installation of a custom recovery or even to unlock the bootloader since the Stagefright bug has super user access (or so I've heard).
Also, I'm sorry if these are stupid ideas. I know close to nothing about Samsung so everything I'm basing this off of is what I've read in the past 15 hours.
Click to expand...
Click to collapse
The issue is that AT&T (and Verizon) use an encrypted signature key to verify they are the correct unaltered files as well as the means to unlock the bootloader to allow the OTA. Without that key, the tasks you mention are near impossible. They are not stupid ideas at all..just very difficult with all the security checks included.
KennyG123 said:
The issue is that AT&T (and Verizon) use an encrypted signature key to verify they are the correct unaltered files as well as the means to unlock the bootloader to allow the OTA. Without that key, the tasks you mention are near impossible. They are not stupid ideas at all..just very difficult with all the security checks included.
Click to expand...
Click to collapse
Crap... well does anyone know how that encyption key is generated? Like, could I theoretically get an algorithm from a ROM?
Honestly for the time being I wouldn't bother with ROMS for that Device and carrier at the moment. Especially being that its someone elses device. Towelroot should be a good start. If Im not mistaken I don't think its supposed to trip knox.
Sent from my HTCEVODesign4G using XDA Free mobile app
jsmithfms said:
Crap... well does anyone know how that encyption key is generated? Like, could I theoretically get an algorithm from a ROM?
Click to expand...
Click to collapse
This is the riddle of the Sphinx my friend. I am sure the super devs have tried their best so far to crack it. It has been an ongoing effort to make phones more and more secure, not against the amateur developers and rooters, but against the hackers. These smartphones are now our personal computers, diaries, personal assistants, financial operator, and more. They basically are a person's (and business's) life. AT&T and Verizon have taken the big steps to appeal to the Exchange clients, corporate, government and military contracts. Even the general public want to know their phone is secure. This is what keeps me stuck on the Sprint network.
Have you tried Kingroot?
I successfully rooted my wife's AT&T S4 on OC3 lollipop (supposedly unrootable) with the desktop version. Mobile version didn't work but desktop did without a hiccup. Maybe it'll work on the S5.
http://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461
Rockin' a l337 with Goldeneye v49.1 + Wanam Xposed and loving life on AT&T's 4G LTE network
S5 on lollipop has a new nasty boot loader.... it was a miracle on its own that they ever came up with safestrap to duck the boot loader on earlier versions of android
I really want to root my Droid Turbo, but I use Android Pay pretty frequently. I read once the phone is rooted, Android Pay will no longer work. I've read a few different things on the site and I'm just looking for some clarity. What exactly causes it to stop working? Is it rooting, unlocking the bootloader, both?
Since you have to unlock the bootloader for the Turbo root, and it sounds like once I unlock it there's no way to safely re-lock it, if I go through with the root, there's really no going back to Android Pay ever again because unlocking the bootloader.
Is there no shot of this working if I root my Droid Turbo? If this has explicitly been discussed and defined, I apologize, but I couldn't find an definitive answer to it.
hyphy88 said:
I really want to root my Droid Turbo, but I use Android Pay pretty frequently. I read once the phone is rooted, Android Pay will no longer work. I've read a few different things on the site and I'm just looking for some clarity. What exactly causes it to stop working? Is it rooting, unlocking the bootloader, both?
Since you have to unlock the bootloader for the Turbo root, and it sounds like once I unlock it there's no way to safely re-lock it, if I go through with the root, there's really no going back to Android Pay ever again because unlocking the bootloader.
Is there no shot of this working if I root my Droid Turbo? If this has explicitly been discussed and defined, I apologize, but I couldn't find an definitive answer to it.
Click to expand...
Click to collapse
Getting Android Pay to work on a modified device is a constant cat and mouse game. A few workarounds were found and promptly patched by Google in Android Pay/Google Play Services/ Google App updates. If you use it frequently, unlocking is a bad idea. Android Pay might still work on an unlocked device, but any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Even if you managed to root without unlocking (via moforoot or through the terrible kingroot method), you would break Android Pay because root is one of the first things that it looks for, and none of the apps/xposed modules designed to fool it are successful at doing so.
TheSt33v said:
Getting Android Pay to work on a modified device is a constant cat and mouse game. A few workarounds were found and promptly patched by Google in Android Pay/Google Play Services/ Google App updates. If you use it frequently, unlocking is a bad idea. Android Pay might still work on an unlocked device, but any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Even if you managed to root without unlocking (via moforoot or through the terrible kingroot method), you would break Android Pay because root is one of the first things that it looks for, and none of the apps/xposed modules designed to fool it are successful at doing so.
Click to expand...
Click to collapse
Thank you, I rooted, it doesn't work. Now I'm free to flash custom roms and make modifications without the worry of breaking Android Pay. Whatever, small loss to gain so much. Thanks again for your reply.
TheSt33v said:
...any change that you make to any system files will cause it to not work, so there's no point in unlocking.
Click to expand...
Click to collapse
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
syphix said:
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
Click to expand...
Click to collapse
Makes sense. You didn't add any additional files to the system partition. I think as long as that's the case, Android Pay will work.
syphix said:
I have an unlocked bootloader, TWRP recovery, and even flashed an emoji mod and the volume boost mods and haven't lost Android Pay.
Just earlier today, I used Sunshine for temp root and used AdAway to modify the hosts file and block ads. Once I rebooted (to disable the Sunshine temp root), Android Pay worked just fine.
Sent from my XT1254 using XDA-Developers mobile app
Click to expand...
Click to collapse
did you have android pay PRIOR to root/unlock? I've read somewhere that a work-around is to disable root, reboot, setup android pay, then re-establish root.
thanks...
jco23 said:
did you have android pay PRIOR to root/unlock? I've read somewhere that a work-around is to disable root, reboot, setup android pay, then re-establish root.
thanks...
Click to expand...
Click to collapse
That workaround will allow you to add cards, but paying will fail if you try to use them.
TheSt33v said:
That workaround will allow you to add cards, but paying will fail if you try to use them.
Click to expand...
Click to collapse
I think that changing the system is the only act preventing Android Pay to work properly. Neither unlocking bootloader nor rooting (as long as it is the systemless) does that. I believe that method used by GPS is just checking system hash (MD5 signature). Every system change brakes it. Safetynet test shows you authentically whether Android Pay could work or not. To date I haven't seen a single proof otherwise.
Jj
Has anyone done the systemless root for the turbo? I tried but either missed a step or it didn't work for my device
Sent from my XT1254 using XDA-Developers mobile app
Hi I've been using a custom rom for quite some time now but I decided to go back to stock as I don't really see the benefits.
the issue I'm having is despite flashing a stock rom in Odin and seemingly completely unrooting the device, apps like google pay aren't allowing me to use them as they say the device has been rooted or modified in some way.
in the settings it clearly says my device is official status, does anyone know how to overcome this issue please? I prefer to use google pay to my cards as I often lose them if I take them out
thanks
Drizzy xS said:
Hi I've been using a custom rom for quite some time now but I decided to go back to stock as I don't really see the benefits.
the issue I'm having is despite flashing a stock rom in Odin and seemingly completely unrooting the device, apps like google pay aren't allowing me to use them as they say the device has been rooted or modified in some way.
in the settings it clearly says my device is official status, does anyone know how to overcome this issue please? I prefer to use google pay to my cards as I often lose them if I take them out
thanks
Click to expand...
Click to collapse
well it was probably written in every thread when you downloaded twrp and followed the guide to root that this was going to happen. its pretty wide spread knowledge if you'd care to have investigate a bit before jumping ship. been like this for years and years so nothing new or "hidden".
reading goes a long way. even now if you'd have taken a minute to investigate you'd see the futility of what you want to accomplish. ( going to stock and expecting it to be as it once was before knox was tripped)
moreover there are guides on how to hide google pay and installing a version that does not detect root or a modified system.
search is your friend.
edit
there is one thing that i just though of that you might have forgotten to do and just might work though.
during the rooting/twrp process you had to go to dev options and toggle the OEM unlock.
go there and lock back OEM. this will wipe device so beware.
also when you fully flashed back the 4 md5 files with odin, was data wiped?
I've read all over the place about not being possible to unlock the bootloader when it says no. That's fine. I assume I can still root it, using a specialist tool. I'll look into that bit spearately.
My question is, if I can root it, delete everything I don't want and make it as stock as possile without installing a custom rom, then just block Google Play Services ever using the internet with a firewall, will it work and give me the privacy I want from Android? I don't want to go back to Apple, or buy another device, so any help much appreciated.
If it's now possible to bypass the unlock bootloader allowed: no, even better!
TIA.
No way so no.
Unless you find a hack.
When you decide to buy a phone it is good to read about it beforehand , xda forum can give you all the details you want , but the most important thing is not to buy a phone as soon as it appears, it is good to spend some time so you can collect all the data about it