Bootloader shipped unlocked? How do I verify for compromise? - Nexus 6 Q&A, Help & Troubleshooting

Hi, (spent some time searching for answers; if this is covered elsewhere I missed it, sorry)
So, I'm a bit late to the party but I went and found a site still offering Nexus 6 "Factory new" XT1103 unit still in stock after so long, and bought myself one.
(1) I love it, and totally understand why so many people love it
(2) I'm a little concerned in that the bootloader seems to ALREADY be *unlocked*. I certainly didn't do it. Did Google ship these out with the bootloader pre-unlocked? (I tried to google this and found nothing; it strikes me as unlikely). And when booting into the fastboot mode, I don't see any entry saying "secure boot", which bothers me a bit since my Nexus 4 has this (is this deprecated and I missed the news?).
So, I assume that I can just download factory images off Google and flash them myself in order to be sure about my firmware (a little quicker since the bootloader is already unlocked, yeah?). But how do I verify that the bootloader *itself* isn't compromised in any way such that there's no issue with persistent malware, say?
(why yes, people HAVE said that I'm pretty paranoid, why do you ask? Have you been following me around?)

If you download the full firmware image and run the flash-all.bat command, it will overwrite the bootloader and erase everything on the phone. So even if the bootloader were somehow compromised (I really doubt it) this will take care of the problem.

Thanks, I'll do that. On the Google Nexus download page I see both "factory" and "OTA" images - I presume I should use the "factory" image?
I'm really spooked as to WHY the bootloader is unlocked, though, since I certainly did not do it and the box was shrinkwrapped. Does anybody know if anyone else has ever received a Nexus 6 "pre-unlocked"?

New and refurbished units from Motorola did not come shrink-wrapped. In order to open the box you needed to cut the label at the dotted line on the back of the box. Yours could not have been new nor a factory refurb, not just because the box wouldn't have been shrink-wrapped, but also because a refurbished unit would have had the motherboard refurbished so the bootloader status code would be set to 1 (Locked). A previously unlocked bootloader that has been locked would have a status code of 2, with unlocked having a status code of 3.

Strephon Alkhalikoi said:
New and refurbished units from Motorola did not come shrink-wrapped. In order to open the box you needed to cut the label at the dotted line on the back of the box. Yours could not have been new nor a factory refurb, not just because the box wouldn't have been shrink-wrapped, but also because a refurbished unit would have had the motherboard refurbished so the bootloader status code would be set to 1 (Locked). A previously unlocked bootloader that has been locked would have a status code of 2, with unlocked having a status code of 3.
Click to expand...
Click to collapse
...
ok the first time I ever looked, my status code was 3.
I definitely was not the guy who unlocked it.
argggggghhhhhhhhhhh
ok, so would flashing with the full factory image (per the first reply above) be sufficient for me to not have to worry about persistent malware lurking in e.g. a compromised bootloader? I'm not in a position to get a different unit and I'm just really bummed out about this now (especially since I've already logged in with my google account on the phone).
How could I check/verify (some kind of hash) after a full flash that everything is "as it should be"?

weilt said:
...
ok the first time I ever looked, my status code was 3.
I definitely was not the guy who unlocked it.
argggggghhhhhhhhhhh
ok, so would flashing with the full factory image (per the first reply above) be sufficient for me to not have to worry about persistent malware lurking in e.g. a compromised bootloader? I'm not in a position to get a different unit and I'm just really bummed out about this now (especially since I've already logged in with my google account on the phone).
How could I check/verify (some kind of hash) after a full flash that everything is "as it should be"?
Click to expand...
Click to collapse
Simply flash one of the factory images from Google's pages and all your concerns will be eliminated. But, you're being needlessly paranoid regarding the bootloader. All the bootloader does is transfer control from the low level firmware of the device to the Android kernel. Once it does that it sits quietly until the next time you boot. It has no contact with the outside world that I'm aware of so any malware in the bootloader would be useless.

got it, thanks so much for the help!
(I don't know enough about the android bootchain so was envisioning there'd be e.g. enough space allocated for the bootloader such that it would be possible to put in some sort of persistent malware that could be injected into subsequent boots; if it's just a tiny thing (especially if it gets overwritten anyhow when there's a full flash!) then alrighty I'm already safe since I already nuked the firmware twice

Related

Re-locking bootloader on ATT N6, get error.

My last phone was a OnePlus and it was/is a great phone, however I like the Nexus line and the pure android experience. I thought I would try the N6 and see what I thought. I was not able to find it on Motorola or Google, so being I have a bunch of upgrades figured I would grab a ATT one, de-ATT it and done.
So I boot unlocked, rooted , TWRP and got rid of any ATT taint. But something was calling me back to the OPO. So, day 14 of the 14 day return policy comes and I put in a return. I cleaned up the phone, re-installed stock, unrooted and last locked my bootloader. However, and I would reboot and check after each step, when I re-locked the bootloader, it would go to status = 2, say its locked, but would basically boot-loop no matter how many times or what I did. I would unlock and it worked just fine. I tried everything and nothing worked. If anything, it would flash to the Google screen 2x then hit the recovery (android with the blue star belly). I could power/up-volumn and it would show clear data sometimes, but still nothing.
Any ideas why? Is there any way to change that status 2, which I think shows it was unlocked once, to just 0 or 1? Think this had anything at all to do with ATT?
And just FYI, I cancelled the return and love my N6. I didn't realize how attached I grew to the real estate.

Nexus 6 (rooted, stock rom) won't turn on anymore. Please help

Hello everyone,
I'm experiencing a pretty tough issue mith my beloved (and, so far, flawless) Nexus 6. It had root and a stock rom on it, 6.0.1 (MMB29V). I had unlocked the bootloader and rooted the phone right after buying it more than a year ago and I've been flashing new factory images a couple times (specifically when 6.0.0 and 6.0.1 were released). I usually do everything via Wugfresh's NRT, not because I can't use adb and fastboot, just because it works fine and I'm lazy.
Yesterday, while I was working, I used "Tiny Scanner Pro" to scan a document (legit copy bought on the store, as any other premium app in my phone) and it got stuck for a while, then a popup about Google Play Services came up. I dismissed it and another appeared, and it kept going like that. I was at a client's and I was in a hurry, so I took the pic with my tablet and forced the phone off. Later I turned it on, it seemed to boot regularly, but when the SIM unlock screen appeared and I entered the (right!) PIN, it said that no SIM was found, then the home screen appeared but after a while the screen went black and it started rebooting. Recovery (TWRP) and fastboot were working, so I decided to take it home and re-flash the stock rom: it had been a while since the last time anyway, a new version was out and the OTA update notification was getting annoying. I connected to my PC in recovery mode and transfered my pics and data via adb while I downloaded the latest stock rom (6.0.1 MOB30D). Then I user NRT to flash it (selecting "Soft-bricked/Bootloop" as current status). It appeared to work fine as it went through the usual copying and unpacking. Then, when the phone was supposed to reboot, it just blacked out. I waited a long time, in fact I went out and came back a few hours later, and it was still that way. Now it doesn't power up, no matter how long or hard I press any combination of the three buttons, adb and fastboot do not detect it in any way, of course, and it doesn't seem to charge either (i.e. I left it plugged to its original charger overnight and it still feels dead cold). By the way, the phone warranty shouldn't have expired, but I'm afraid it wouldn't cover this since it should still have the custom recovery and unlocked bootloader in its comatose body.
I've taken a look at similar threads but none of them describes the very same situation. Is there something, anything I can try to do before giving up? I hope somebody can help me. I thank you all very much in advance.
lupus
lupusyon said:
.... I'm afraid it wouldn't cover this since it should still have the custom recovery and unlocked bootloader in its comatose body.
Click to expand...
Click to collapse
Bricked!. When the phone is still under warranty send it for repair. Do not use arguments.
Just: phone will not switch on and does not charge.
Because this is a Nexus device, the custom recovery shouldn't affect your warranty. It is however, a moot point. The device is totally dead, and a call to Motorola is in order.
lupusyon, I had a discussion with Google about an 18-month-old Nexus 5 on which the radio had died - the "no SIM found" error that seems very popular. They asked me what I'd done to try to fix it. I told them that I'd tried several different radios, half a dozen different ROMs (not just Google stock), in short I'd messed around with it over a long period (it had been rooted with custom recovery pretty much since I bought it).
Response? No quibbles. "Here's a refurbished N5. Just send the broken one back in the enclosed pre-addressed pre-paid bag."
Go for it...
dahawthorne said:
lupusyon, I had a discussion with Google about an 18-month-old Nexus 5 on which the radio had died - the "no SIM found" error that seems very popular. They asked me what I'd done to try to fix it. I told them that I'd tried several different radios, half a dozen different ROMs (not just Google stock), in short I'd messed around with it over a long period (it had been rooted with custom recovery pretty much since I bought it).
Response? No quibbles. "Here's a refurbished N5. Just send the broken one back in the enclosed pre-addressed pre-paid bag."
Go for it...
Click to expand...
Click to collapse
I bought it on Amazon Italy Marketplace, I'm not sure if they're supposed to handle the thing or if I should contact Motorola. I'll just check with them first. Thank you everybody for the kind advice, I'll let you know how this turns out. :good:
I confirm what dahawthorne wrote above: it took them about a month but Motorola repaired my Nexus under warranty, no questions asked. It seems they replaced the Mainboard PCB.
Thanks everybody!

Request: Remove "Bootloader unlocked"-warning

After unlocking the bootloader on each boot a message shows up with the message, that the device ist unlocked and cant' be trusted anymore. ist there any way to make this message disappear? (relocking the bootloader is no way! )
Same question exists in the OnePlus 3 section (with no solution)
Link to OnePlus 3 thread --> http://forum.xda-developers.com/oneplus-3/help/request-remove-bootloader-unlocked-t3405485
As far as I know there is no way to change it
It has been happening from OnePlus 3 and there is no way to remove it
but how can this be fixed on other devices? I've reat about some moto devices, where this message was "fixed".
Yes maybe someone will be able to do in near future
rUmtifUsel said:
but how can this be fixed on other devices? I've reat about some moto devices, where this message was "fixed".
Click to expand...
Click to collapse
I've already put up pretty much the similar post for the 3t not only here but also in the oneplus forums (3t), where I was actually contacted by a oneplus person asking for some details. I've fixed this on pretty much every single android phones I've ever had until now but this is clearly a new quirkier way of doing the logo that doesn't follow any tradition.
I'm guessing that it's been looked at by non-Oneplus people (here, other places) about a million times without finding where that partition, file, ramdisk, lives, and will stay that way until someone has incredible luck or intuition about it, or .. a oneplus engineer decides to reply to me (or you) and tell us the answer. They obviously know since they stuck it there to begin with. I've kind of hit the point where I just ignore it , push the on button (speeds by the screen) and go about my business. The only positive thing I've noted is that over on the oneplus forums, once someone at oneplus notices your post, you often get results, or at least, that's your best shot.
Cheers.
Hi there,
well, my guess that this is part of the IPL (Initial program loader; not boot.img) since the message appears pretty early in the boot-chain. It would make sence since it also checks the LOCK-status and decides if it allows booting unsigned boot.img images (which include kernel and ramdisk). The logic might look something like
if (bootloader.isUnlocked()) {
showMessage();
bootUnsignedImage();
} else {
bootSignedImage();
}
rUmtifUsel said:
but how can this be fixed on other devices? I've reat about some moto devices, where this message was "fixed".
Click to expand...
Click to collapse
This is a standard on Nexus devices and isn't "fixed" on them. Doubt it's going to be different on this.
http://www.droidforums.net/threads/bootloader-unlocked-warning-cant-be-removed-on-nexus-6p.286627/
Pretty sure it's a standard in all new Android phones, and really doubt it will ever be removed.
gladiac said:
Hi there,
well, my guess that this is part of the IPL (Initial program loader; not boot.img) since the message appears pretty early in the boot-chain. It would make sence since it also checks the LOCK-status and decides if it allows booting unsigned boot.img images (which include kernel and ramdisk). The logic might look something like
if (bootloader.isUnlocked()) {
showMessage();
bootUnsignedImage();
} else {
bootSignedImage();
}
Click to expand...
Click to collapse
I think that's somewhere near the truth. I've got build-able source for the 3t (3.5.3) and just finished getting the prebuilts from the phone as well, so here goes a most-likely fruitless search for something resembling a clause that I can figure out where the actual screen is coming from. If I can string together a well enough constructed $find | $grep -i {whatever} | {as many other cmds as needed}, then when I get back from work today, I can find out (well, probably) nothing at all , but it's worth a shot since I don't have to watch it and wait.. ;
gladiac said:
Hi there,
well, my guess that this is part of the IPL (Initial program loader; not boot.img) since the message appears pretty early in the boot-chain. It would make sence since it also checks the LOCK-status and decides if it allows booting unsigned boot.img images (which include kernel and ramdisk). The logic might look something like
if (bootloader.isUnlocked()) {
showMessage();
bootUnsignedImage();
} else {
bootSignedImage();
}
Click to expand...
Click to collapse
I found this code in the file listed after the code:
Code:
#if FBCON_DISPLAY_MSG
display_bootverify_menu_thread(DISPLAY_MENU_ORANGE);
wait_for_users_action();
#else
dprintf(CRITICAL,
"Your device has been unlocked and can't be trusted.\nWait for 5 seconds before proceeding\n");
mdelay(5000);
#endif
}
#endif
Filename in build tree: ~/sandbox/oneplus3t/bootable/bootloader/lk/app/aboot/aboot.c
------------------
So:: There's quite a bit more text for that screen in that file, and it's not as simple as just replacing the entire file with a single line that (e.g.) sets a = 0;
The thing is that the file does a lot of checks and I suspect the boot process won't even get it's feet wet if the file is actually damaged, but ::
The code above could pretty easily just be slightly modified not to print a message or to print a nice message, or a pretty little graphic, and the delay has no reason to exist. As soon as I can get 3.5.3 to built without errors (I just downloaded it again since my first try was from a 3rd party git repo), I'll see if it can be tampered with. The real problem is "Is this worth screwing around with?" . How many people (and I'm not even one of them) would want to blow away their setups just to install a new OS that has this crazy change in it.
Anyway, now that I've found it, I'll see if I can find some better way to handle it, but many have fallen on this sword so I probably will follow in their footsteps.
edit: As I was staring at the filename, it dawned on me that it's where all the stock & custom recoveries are made and is the next tree over called bootloader. That "might" (really doubt it) make this more doable. If we only had to change one partition to get rid of this thing, it'd be more like flashing a logo partition to get rid of it. My guess is that they're way to smart to allow someone to slap a different bootloader in there without there being a price to pay. (like no longer booting because of dm-v*). We'll see.
If it ain't broke
don't fix it
obamadictator said:
If it ain't broke
don't fix it
Click to expand...
Click to collapse
What're you? An insurgent? lol. This is XDA, the home of breaking things that ain't broke. ;
OK, the way I see it is that this problem is pretty much the same everywhere. What differ is the type of message it convey. To me and maybe the initial poster as well is not that it have some sort of language saying it's unlock, but it also has 5-sec delay which is annoying. In my opinion, say a Nexus device which only show a picture of a padlock "unlocked" is a much nicer way to me. That said, that little padlock may not enough to tell a normal person looking at a phone and for them to know it's boot-loader unlocked and it could have "extra stuff" hiding in the system. Originally Nexus and OP device serve different market. OP were aim at the mass, the normal people, while Nexus served the dev. So if we start with that point, then it make more sense that the OP device bootloader unlocked message need to be more clear. Even though it's annoying, but it's a phone to me and I intend to have a stable ROMs on it and I don't have a need for it to reboot every day or many time a day on the normal usage. So, if I'm not going to see that majority of the time, I'm ok with that. If it need to be fixed, I think at least the language on the message could be better, and maybe tell us what is going to load after the 5-sec delay, eg: system or recovery.
To clear things up:
The security warning is displayed by what lives in the aboot partition. It is a part of the boot chain and the piece that loads the kernel. Each part of the boot chain verifies the next one using RSA certs and signatures, starting at the bootrom, which is read-only. Aboot is also responsible for fastboot, the splash screen, and everything else you see on your device which is not recovery or OS (except hsusb 9008 mode, which kicks in in case the cert chain described above fails). Whilst some part of it source code may be included in the OOS device tree all magic is left out. The partition itself contains an somewhat corrupted elf file you could analyze. (If you do, remove the two "NULL" and the "EDIDX" program header). Maybe some qfuse or toggled bit somewhere can remove the warning. If you are good at reverse-engineering low-level arm and know some quallcomm internal stuff, go ahead. Otherwise, please stop confusing things and repeating things that are wrong or irritating.
justibasa said:
This is a standard on Nexus devices and isn't "fixed" on them. Doubt it's going to be different on this.
http://www.droidforums.net/threads/bootloader-unlocked-warning-cant-be-removed-on-nexus-6p.286627/
Pretty sure it's a standard in all new Android phones, and really doubt it will ever be removed.
Click to expand...
Click to collapse
it's fixed on nexus 5x
https://forum.xda-developers.com/showthread.php?p=70567187
What's the variable "FBCON_DISPLAY_MSG" set to?
If the code is written in c (which from the looks of it; it is)
Couldn't you just set a global variable = to whatever the default value is? Or for example if something is changing that value when you unlock the bootloader, just set it back to default after that.
If it's in the aboot.c file, then it must be part of the boot.img right?
Also the boot.img file isn't the whole OS. As long as you don't tamper with the actual calling functions for the system it should be fine "theoretically". My OP3T should be coming in tomorrow, so maybe I can take a look at this as well when I have some time.
EDIT: I just read Jo_Jo_2000's response after what I wrote. That actually makes sense, and that's probably what makes this more difficult to do because you have to re-sign the files using valid certs, otherwise if it fails who knows what could happen since you're modifying the boot partition
any update on this issue?
As I understand the problem there really isn't a way to "fix" it that doesn't involve disabling more security. the dm-verity feature is built in and verifies that the boot process hasn't been tampered with. Once you unlock the bootloader, that isn't the case and dm-verity will always alert. Until you reflash a completely stock "factory" setup and re-lock it in that state. There could be some minor differences necessary to make this happen, but the gist of it should be correct.
I'm hoping against all odds that this isn't the case and that someone will eventually figure out how to re-enable dm-verity for a specific build... such as OOS_Beta + Magisk. But I'm pretty sure that's a futile hope. Google's been waging war on root for a while now and they're winning. Since they ultimately control the platform, it's my prediction that they're going to win.
This wouldn't bother me so much if I thought the ad networks were malware-free. I shouldn't have to expose my personal data or security for advertising. I don't care how passionately you argue on behalf of the content creators.
You really can't without someone customizing their own boot.img with that out. Even then you will see a black screen for a second before it advances to actually boot. Once the bootloader has been modified in any way, this trips and tells you basically you cannot use safetynet stuff. Its not a big deal, OnePlus 3t allows you to skip it pretty quick. Unlike my last phone i had to look at that screen for the entire 5 seconds it asked me too even if i asked it to boot immediately. Its just a warranty and security thing its not a big deal. Can be ignored just like the dm verity warning. Trust me, you dont have it as bad. I get both the bootloader and dm verity warning in the same boot. I do actually enjoy them though because they let you use the volume up and down option to go to fastboot or bootloader or recovery or just turn the thing off without needing to do the stupid button presses which i never remember which one does what. Theyre a nice blessing on this phone i must say. a few vol down clicks and im in twrp. Its nice.
In the oneplus 5 has been done!
https://forum.xda-developers.com/oneplus-5/themes/mod-bootloader-changer-t3800862

Custom Binary blocked due to remaining installment payment?

Hello, I have a Note 8 that I have previously rooted a few months ago, then came back to stock OS. I have been wanting to install a custom rom now, but the OEM unlock switch is not in settings despite waiting a week. I rebooted into download mode, and there it shows OEM lock: off, along with RMM: Normal. I attempted to install TWRP to it, but it gets blocked with "Custom binary blocked due to remaining installment payment". I've also noticed that there is a entry in about phone > status that shows "Installment payments: Outstanding". Does that mean I have to pay off my phone fully, or pay the current balance on the carrier account? Does CRHA have the same issue? Or is there a workaround that I don't know off?
Edusa said:
Hello, I have a Note 8 that I have previously rooted a few months ago, then came back to stock OS. I have been wanting to install a custom rom now, but the OEM unlock switch is not in settings despite waiting a week. I rebooted into download mode, and there it shows OEM lock: off, along with RMM: Normal. I attempted to install TWRP to it, but it gets blocked with "Custom binary blocked due to remaining installment payment". I've also noticed that there is a entry in about phone > status that shows "Installment payments: Outstanding". Does that mean I have to pay off my phone fully, or pay the current balance on the carrier account? Does CRHA have the same issue? Or is there a workaround that I don't know off?
Click to expand...
Click to collapse
Not familiar with this message, but just based on the wording alone it sounds like your carrier blocked it until it's paid off. Maybe part of an update somewhere along the way? I would probably phone them for more info and then go from there.
sefrcoko said:
Sounds like your carrier blocked it until it's paid off. Maybe part of an update somewhere along the way? Suggest phoning them for more info.
Click to expand...
Click to collapse
It was only happening in the recent updates when the installment payment showed up in settings, but I doubt the customer service will even know what a bootloader is. Otherwise I would have to wait 2 more years to be able to unlock it, and by then I'll probably have a Note 11 or whatever is out by then. Did the CRHA firmware have that feature?
Edusa said:
It was only happening in the recent updates when the installment payment showed up in settings, but I doubt the customer service will even know what a bootloader is. Otherwise I would have to wait 2 more years to be able to unlock it, and by then I'll probably have a Note 11 or whatever is out by then. Did the CRHA firmware have that feature?
Click to expand...
Click to collapse
Hmm I googled the error message and found a bunch of sites and posts describing the issue. Seems like it's actually another message related to RMM state, which would also explain why you don't see the OEM unlock toggle at the moment. I never had this particular message before, but if I did my next step would likely be trying a factory reset and reflashing latest original stock firmware for the device and seeing if OEM toggle appears in 7 days (or using the date-change trick to speed it up, if that still works). Maybe someone else has other suggestions too.
sefrcoko said:
Hmm I googled the error message and found a bunch of sites and posts describing the issue. Seems like it's actually another message related to RMM state, which would also explain why you don't see the OEM unlock toggle at the moment. I never had this particular message before, but if I did my next step would likely be trying a factory reset and reflashing latest original stock firmware for the device and seeing if OEM toggle appears in 7 days (or using the date-change trick to speed it up, if that still works). Maybe someone else has other suggestions too.
Click to expand...
Click to collapse
I'll try it during the weekend then. Odd that it happens even with a unlocked CSC (BTU)
Same problem
Bought my phone off of Swappa, which they claimed was good.
To date - I have installed 2 different factory firmwares to no avail. Have the same message and same status. Get stuck on Factory Binary screen trying to run combination ROM.
Bought this phone specifically to root and use on AT&T. Glad I paid little more than 1/2 of new...and tried calling Samsung support but they are of no help!
Definitely looking forward to any suggestions on what to do, to help determine what the problem is.
Thanks in advance, as well.
---------- Post added at 09:39 PM ---------- Previous post was at 09:35 PM ----------
sefrcoko said:
Hmm I googled the error message and found a bunch of sites and posts describing the issue. Seems like it's actually another message related to RMM state, which would also explain why you don't see the OEM unlock toggle at the moment. I never had this particular message before, but if I did my next step would likely be trying a factory reset and reflashing latest original stock firmware for the device and seeing if OEM toggle appears in 7 days (or using the date-change trick to speed it up, if that still works). Maybe someone else has other suggestions too.
Click to expand...
Click to collapse
The RMM state is listed as off, not prenormal, which is what I am guessing you are referring to.
Flashing latest firmware takes this to V4 bootloader which may/may not be something OP is interested in.
Might be a bit of a bump
On the Android Pie betas for the Note8, the OEM unlock button shows, and it toggles as expected, and the installment balance entry also does not show anymore in settings. However, it still won't let me flash TWRP or any binary, showing the exact same message as above. Has a fix been found for this issue, or am I stuck unrooted? Could the S10 have the same issue?

New Pixel comes with Bootloader unlocked and it's unable to lock

Hi everyone,
I just bought a Google Pixel 5 with Android 11 that was declared "new" and when I got it, from the first time powering it on, I got the security alert that the bootloader is unlocked, see photo attached. For several personal reasons I cannot easily send it back, so I tried to understand what this means but I am no developer. I tried an entire day to install ADB, put the phone in developer mode and download the firmware image from the official source, I got to the point where the ADB devices command showed the phone as connected but then nothing else worked. In every video or guide online, the steps varied from what I had in front of me, or did not yield the same results, or how the files looked was different (I downloaded the same firmware version that is installed on the phone from the official Google page but never had an image file, just various other very non-descript files in it). As I am pretty clueless, I tried googling my way around the error codes I got but everything I tried didn't work. I either got more error codes, answers like the ADB server is already killed, or that flashing command that just returned something like "waiting for available device" and got stuck on it, or nothing happened at all. Then I figured out that the option in the developer menu "Allow OEM unlocking" is greyed out and I read then that there are phones where you simply cannot lock or unlock the bootloader. However, all online guides I see are from people who have a locked bootloader and want to unlock it, and in my case it's exactly the other way around, it came unlocked and I want to lock it. I also tried a normal reset of the phone from the settings menu, deleting all data, and it didn't work. When I got into fastboot mode, I only could choose between Recovery Mode, Rescue Mode and Restart Bootloader, I tried all of them and none worked, and often the last thing that happened was that the screen turned into a small Android with an open chest, and a line "No command" and the only way to get the phone out of this was by pressing the power button for more than 10 seconds. Every time it restarts, the bootloader unlocked safety advice is showing.
After reading all day long about this, I suspect that the phone was probably refurbished. I wondered whether they maybe accidentally forgot to lock it or whether it was intentional, and in case it was intentional, if there is any way someone would have digital access to the phone. I want to understand if it would be possible for me to keep it without having security issues. I read that the unlocked bootloader is a physical problem, if your phone gets stolen or you physically lose it, someone might hack your PIN easier, or get easier access to your data. However, the PIN code and the standard data encryption also seem to protect my data enough. And tbh, as soon as my phone would be lost or stolen, I would delete all data via Find My Device. So I wondered... if it's impossible for me to lock the bootloader, can I still safely keep the phone and use it, with all standard security apps installed like an anti virus app, Google Play Protect and standard security features like PIN and fingerprint unlock and encryption and be safe, or is there any danger I am not aware of? Or is there any way to enable OEM lock or fix this somehow that I would be able to get done as a non-developer? As mentioned before, sending it back is too difficult at the moment so I am just trying to understand what this bootloader unlocked means for me and if it poses a threat to my security as a normal user? (Watching videos, online banking, emails, sending work-related but not highly data sensitive documents, paying with NFC..)
Thanks in advance! I really appreciate any insights to help me understand what this is, if there is any solution to it or if it actually poses no danger if I secure my data another way.
wehramausi said:
Hi everyone,
I just bought a Google Pixel 5 with Android 11 that was declared "new" and when I got it, from the first time powering it on, I got the security alert that the bootloader is unlocked, see photo attached. For several personal reasons I cannot easily send it back, so I tried to understand what this means but I am no developer. I tried an entire day to install ADB, put the phone in developer mode and download the firmware image from the official source, I got to the point where the ADB devices command showed the phone as connected but then nothing else worked. In every video or guide online, the steps varied from what I had in front of me, or did not yield the same results, or how the files looked was different (I downloaded the same firmware version that is installed on the phone from the official Google page but never had an image file, just various other very non-descript files in it). As I am pretty clueless, I tried googling my way around the error codes I got but everything I tried didn't work. I either got more error codes, answers like the ADB server is already killed, or that flashing command that just returned something like "waiting for available device" and got stuck on it, or nothing happened at all. Then I figured out that the option in the developer menu "Allow OEM unlocking" is greyed out and I read then that there are phones where you simply cannot lock or unlock the bootloader. However, all online guides I see are from people who have a locked bootloader and want to unlock it, and in my case it's exactly the other way around, it came unlocked and I want to lock it. I also tried a normal reset of the phone from the settings menu, deleting all data, and it didn't work. When I got into fastboot mode, I only could choose between Recovery Mode, Rescue Mode and Restart Bootloader, I tried all of them and none worked, and often the last thing that happened was that the screen turned into a small Android with an open chest, and a line "No command" and the only way to get the phone out of this was by pressing the power button for more than 10 seconds. Every time it restarts, the bootloader unlocked safety advice is showing.
After reading all day long about this, I suspect that the phone was probably refurbished. I wondered whether they maybe accidentally forgot to lock it or whether it was intentional, and in case it was intentional, if there is any way someone would have digital access to the phone. I want to understand if it would be possible for me to keep it without having security issues. I read that the unlocked bootloader is a physical problem, if your phone gets stolen or you physically lose it, someone might hack your PIN easier, or get easier access to your data. However, the PIN code and the standard data encryption also seem to protect my data enough. And tbh, as soon as my phone would be lost or stolen, I would delete all data via Find My Device. So I wondered... if it's impossible for me to lock the bootloader, can I still safely keep the phone and use it, with all standard security apps installed like an anti virus app, Google Play Protect and standard security features like PIN and fingerprint unlock and encryption and be safe, or is there any danger I am not aware of? Or is there any way to enable OEM lock or fix this somehow that I would be able to get done as a non-developer? As mentioned before, sending it back is too difficult at the moment so I am just trying to understand what this bootloader unlocked means for me and if it poses a threat to my security as a normal user? (Watching videos, online banking, emails, sending work-related but not highly data sensitive documents, paying with NFC..)
Thanks in advance! I really appreciate any insights to help me understand what this is, if there is any solution to it or if it actually poses no danger if I secure my data another way.
Click to expand...
Click to collapse
When the bootloader is unlocked, "allow oem unlocking" is greyed out.
You use fastboot commands when flashing firmware and locking the bootloader
Code:
fastboot devices
The factory image downloaded from this page includes a script that flashes the device, typically named flash-all.sh (On Windows systems, use flash-all.bat
Click to expand...
Click to collapse
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
Once the script finishes, your device reboots. You should now lock the bootloader for security:
Start the device in fastboot mode again, as described above.
Execute:
fastboot flashing lock
or, for older devices, run:
fastboot oem lock
Locking bootloader will wipe the data on some devices. After locking the bootloader, if you want to flash the device again, you must run fastboot oem unlock again, which will wipe the data.
Click to expand...
Click to collapse
wehramausi said:
Hi everyone,
I just bought a Google Pixel 5 with Android 11 that was declared "new" and when I got it, from the first time powering it on, I got the security alert that the bootloader is unlocked, see photo attached. For several personal reasons I cannot easily send it back, so I tried to understand what this means but I am no developer. I tried an entire day to install ADB, put the phone in developer mode and download the firmware image from the official source, I got to the point where the ADB devices command showed the phone as connected but then nothing else worked. In every video or guide online, the steps varied from what I had in front of me, or did not yield the same results, or how the files looked was different (I downloaded the same firmware version that is installed on the phone from the official Google page but never had an image file, just various other very non-descript files in it). As I am pretty clueless, I tried googling my way around the error codes I got but everything I tried didn't work. I either got more error codes, answers like the ADB server is already killed, or that flashing command that just returned something like "waiting for available device" and got stuck on it, or nothing happened at all. Then I figured out that the option in the developer menu "Allow OEM unlocking" is greyed out and I read then that there are phones where you simply cannot lock or unlock the bootloader. However, all online guides I see are from people who have a locked bootloader and want to unlock it, and in my case it's exactly the other way around, it came unlocked and I want to lock it. I also tried a normal reset of the phone from the settings menu, deleting all data, and it didn't work. When I got into fastboot mode, I only could choose between Recovery Mode, Rescue Mode and Restart Bootloader, I tried all of them and none worked, and often the last thing that happened was that the screen turned into a small Android with an open chest, and a line "No command" and the only way to get the phone out of this was by pressing the power button for more than 10 seconds. Every time it restarts, the bootloader unlocked safety advice is showing.
After reading all day long about this, I suspect that the phone was probably refurbished. I wondered whether they maybe accidentally forgot to lock it or whether it was intentional, and in case it was intentional, if there is any way someone would have digital access to the phone. I want to understand if it would be possible for me to keep it without having security issues. I read that the unlocked bootloader is a physical problem, if your phone gets stolen or you physically lose it, someone might hack your PIN easier, or get easier access to your data. However, the PIN code and the standard data encryption also seem to protect my data enough. And tbh, as soon as my phone would be lost or stolen, I would delete all data via Find My Device. So I wondered... if it's impossible for me to lock the bootloader, can I still safely keep the phone and use it, with all standard security apps installed like an anti virus app, Google Play Protect and standard security features like PIN and fingerprint unlock and encryption and be safe, or is there any danger I am not aware of? Or is there any way to enable OEM lock or fix this somehow that I would be able to get done as a non-developer? As mentioned before, sending it back is too difficult at the moment so I am just trying to understand what this bootloader unlocked means for me and if it poses a threat to my security as a normal user? (Watching videos, online banking, emails, sending work-related but not highly data sensitive documents, paying with NFC..)
Thanks in advance! I really appreciate any insights to help me understand what this is, if there is any solution to it or if it actually poses no danger if I secure my data another way.
Click to expand...
Click to collapse
Trade you for a locked 4a 5g...
sipotek said:
Hey Bro can you share a method that how can I root Google Pixel 5, I tried a lot but i can't update the recovery mode? can you share some simple method like with the help of any Apk, or recovery file.
Click to expand...
Click to collapse
Lots of threads and guides online that show how to root

Categories

Resources