Related
Is there an application that can password protect certain apps that I choose?
And please do not say Kids Corner as it does not do what I am asking.
It's probably possible (though far from easy), but I'd actually be more inclined to help if you hadn't opened a duplicate thread about this.
Only made second thread about this to attract some attention, 7 months passed since that guy opened his thread and nobody could give a good answer.
To me it's weird that nobody tried to make an app like this still, it would be very popular and help users very much.
Anyways, thank you for replying.
Really, just bumping the other thread was enough, but since we're here anyhow... my idea for how to approach it (and this would take a *lot* of hacking) goes something like this:
1. Create an app (call it X) that has the capability to launch other apps, and filesystem write access.
2. Have X take another app (call it Y) and encrypt its binaries. This prevents anybody from launching it by any means.
3. Tweak the app database to make it so that when you try to launch Y, it instead launches X and passes the id of Y as a parameter to the launcher.
4. X prompts the user for a password to Y. On getting the right one, it decrypts Y's binaries and writes them back to the correct location, then launches Y.
5. When the user (or OS) closes Y, a background process of X notes that Y is closed and re-encrypts it.
Currently we know how to do... well, some of #1, and we think the rest is possible. Given that, #2 isn't too hard. #3 is something I don't have the least notion how to do *right now* but I'm sure it's possible. #4 shouldn't be too hard given #1 and #2. #5 will be a trick - currently, apps have no way to know what other apps are running - but I'm sure it can be done.
It's a large engineering problem blocked by an even bigger research and hacking problem, though. Nothing we'll have soon. You'd never be able to publish it in the store, either, and it would only work for people with hacked phones. It's exactly the kind of *useful* thing that would be possible if Microsoft were willing to let up the restrictions on third-party developers a bit, of course, But for the time being, there are *reasons* nobody has done it yet.
Well the word that I actually was thinking after reading your post was "crap".
It seems only with time (and a whole [email protected]#$ing lot of it) will wp become a true competitor to android, but to be honest I don't think it will come to that.
Thanks for replying GoodDayToDie, I'm freakin' sad that there is no app that can suit my needs, I even tried with kids corner but the screen still needs the password entered like the normal one. Nothing really can make up for what I have in mind.
Cheers mate.
as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...
tfBullet said:
as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...
Click to expand...
Click to collapse
You're right tfBullet! I need it for whatsapp, photos, message and games app, mostly to prevent from friends but gf too.
I was thinking it might be possible to mod an app and add password before it can be accessed, although I have no experience in this domain. Many apps in store have this function, like wallet or prive photo apps.
My phone is dev-unlocked as I started a few days ago to study and try to create a simple app for me and my friends.
Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running. The encryption thing really isn't too hard, although you could skip it anyhow too.
If there was a way to run a program in the background that monitors when certain apps are selected and then prompts when its activated would work, but it would need an unlocked phone. And even under home brew I don't know if its possible to run apps in the background. Yet.
Sent from my Nokia 521 using XDA Windows Phone 8 App
The encryption thing really isn't too hard
Yea, but that's a little extreme. If you can create that password program that runs in the background you could probably have it watch files, apps or pretty much anything. You'd have to password protect the cofig file. And maybe if you can't remember the password after so many attempts you can have the program email the passwords to your email. Just some ideas.
Sent from my Nokia 521 using XDA Windows Phone 8 App
Running software in the background is actually shockingly easy. The trick is getting it to run with better-than-app-sandbox privileges. We're still working on that one. In the meantime, apps can't even read, much less write, to the install location of other apps.
GoodDayToDie said:
Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running.
Click to expand...
Click to collapse
@GoodDayToDie: actually these .NET apps are pretty easy to decompile, if you're willing to fix the bugs that the decompiler leaves you with...
so there is not really a need for a valid signature, if you're able to compile & sideload the app yourself
the only thing is: you need the decrypted XAP, as far as i know these get decrypted while installation and can be pulled from a interop unlocked device?!
It would be nice to get my fingers on some OEM (Nokia etc..) XAPs, to see if we can find any exploit in them
I know better than probably 95% of this forum what it takes to decompile managed code; I have reverse engineered huge numbers of apps. However, you are missing several important points.
1) Modifications like you suggest are very complicated to automate. It's certainly possible, but it's not simple.
2) Re-installing the app would be a pain. You would really want to do this as an in-place modification, and that means (for store apps) that it would still be signature-checked.
3) Not all apps are managed code; WP8 supports purely native code.
4) Even with managed code, obfuscation can make tinkering with the binary nigh-impossible.
It's just so incredibly stupid that WP is so limited. I know it's under Android big time, but I think even iOS more customizable, right?
Also, is there a message app in the store that has pass option? I searched but found nothing...
I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.
GoodDayToDie said:
I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.
Click to expand...
Click to collapse
But with the jailbreak and MobileSubstrate, iOS is extremely customizable, and there are tons of tweaks, that's where Apple gets its new features from
Back to topic, I think the OP would be happy with a solution that locks the "normal" user of his phone out of some apps, so it wouldn't be necessary to modify anything of it, just making the standard launcher (I don't know how it's called, but I mean when you launch the app via home screen or with a toast) ask for a password should be enough.
Is there anyone for whom the OEM Unlock option in developer options is not grayed out?
So far from my research, it's always grayed out, so I'm trying to gather information about it, and see if there are any situations in which it is not grayed out.
Tested so far:
European Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Demo Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Chinese Mate 20 Pro - No such option, so bootloader can be unlocked successfully.
i thought it was huaweis new policy to not allow anyone to unlock the BL
Will the Mate 20 Pro sell in Southeast Asia to be grayed out too? Hopefully not, since I wont upgrade my Mate 10 Pro to this flagship if I cannot root the device (fully owned the device system).
Hmm this is a concern to me. As much as this device is amazing, root at the very least is important let alone custom roms! Hmm
**** this is a serious problem !! if they all start to block the bootloader is a real peoblema!
What do you guys root for? Genuine question, I'm sure you have valid use cases, I've just never had a need to.
daz_2000 said:
What do you guys root for? Genuine question, I'm sure you have valid use cases, I've just never had a need to.
Click to expand...
Click to collapse
Macrodroid (for automation tasks etc.), system wide ad blocking (directly mod the hosts file without any battery draining app or vpn), titanium backup for app backups, uninstalling system apps/debloating, system app/user app themes (black, making most of that oled screen). Shortcutter, as app that adds loads more quick settings.
With magisk manager, custom modules such as vanced YouTube and the amazing viper4android a system wide equaliser. Some developers create custom performance/battery enhancement scripts that vastly improve stock performance. Plus some custom features roms have app ops which greatly allows app level permission.
Not to mention custom roms with additional features bringing to the user experience. But I'm fearful at present!
I'm awaiting the Mate 20 Pro arriving on Friday and listed my Pixel 2 XL for sale. I've messaged @topjohnwu who seemingly may be the only person who could help with making root possible. But with the bootloader unlock situation this may prove rather difficult. Especially given hearing about the greyed out OEM unlock option, but perhaps full retail releases will allow it, here's hoping anyways....
cd993 said:
Macrodroid (for automation tasks etc.), system wide ad blocking (directly mod the hosts file without any battery draining app or vpn), titanium backup for app backups, uninstalling system apps/debloating, system app/user app themes (black, making most of that oled screen). Shortcutter, as app that adds loads more quick settings.
With magisk manager, custom modules such as vanced YouTube and the amazing viper4android a system wide equaliser. Some developers create custom performance/battery enhancement scripts that vastly improve stock performance. Plus some custom features roms have app ops which greatly allows app level permission.
Not to mention custom roms with additional features bringing to the user experience. But I'm fearful at present!
I'm awaiting the Mate 20 Pro arriving on Friday and listed my Pixel 2 XL for sale. I've messaged @topjohnwu who seemingly may be the only person who could help with making root possible. But with the bootloader unlock situation this may prove rather difficult. Especially given hearing about the greyed out OEM unlock option, but perhaps full retail releases will allow it, here's hoping anyways....
Click to expand...
Click to collapse
That was some great info man, well written, cant believe we are both coming to same phone from xl2, do u use aod all the yourself? And like double tap to wake the screen on pixie?
misiokicio said:
That was some great info man, well written, cant believe we are both coming to same phone from xl2, do u use aod all the yourself? And like double tap to wake the screen on pixie?
Click to expand...
Click to collapse
Thanks mate!
Nagh I'm not that fussed about AOD ill use the notification led, I like having that e.g. Red for missed call, green for WhatsApp etc and I don't use double tap to wake either
duraaraa said:
Is there anyone for whom the OEM Unlock option in developer options is not grayed out?
So far from my research, it's always grayed out, so I'm trying to gather information about it, and see if there are any situations in which it is not grayed out.
Tested so far:
European Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Demo Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Chinese Mate 20 Pro - No such option, so bootloader can be unlocked successfully.
Click to expand...
Click to collapse
try with this solution!
You have to reset your device while the sim card is in the device , then in the setup you have to log in to your both google and samsung accounts , then wait 7 days , and it should appear , if it doesnt appearing simply use google to check how to fix the missing OEM Unlock option
I remember the days with the Xperia Z3, where the bootloader was also locked. Still it was possible to unlock it after someone found a way. We know that nothing is secure, so I hope for out great developers to fix this in the future!
Or do you think it will be simply imposssible without the Code?
Maddinuser said:
I remember the days with the Xperia Z3, where the bootloader was also locked. Still it was possible to unlock it after someone found a way. We know that nothing is secure, so I hope for out great developers to fix this in the future!
Or do you think it will be simply imposssible without the Code?
Click to expand...
Click to collapse
See attached for my email conversation with Funky Huawei.
Seems that so long as we can check that setting then perhaps they can generate an unlock code with our IMEI number. I've used their service before for firmware flashing, they're reputable.
Just hope it's possible....
We can now offer bootloader unlock codes for all Huawei models (including recent models like P20, P20 Pro, Honor Play, and so on.)
These unlock codes can be provided for free to customers who purchase an unlimited pass from today.
See details here:
(https://twitter.com/FunkyHuawei/status/1050739731443544064?s=03)
So we would just need a hack that enables the tick in developer options.
Maddinuser said:
So we would just need a hack that enables the tick in developer options.
Click to expand...
Click to collapse
I guess so yeah, but also I remain hopeful that perhaps retail devices (as opposed to the early release ones that people seem to have early) may have the option....
@BurningRain, you have a retail verison, can please check if you can tick/untick the OEM unlock option in the developer settings?
duraaraa said:
Is there anyone for whom the OEM Unlock option in options is not grayed out?
So far from my research, it's always grayed out, so I'm trying to gather information about it, and see if there are any situations in which it is not grayed out.
Tested so far:
European Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Demo Mate 20 Pro - Grayed out, so bootloader can't be unlocked with code.
Chinese Mate 20 Pro - No such option, so bootloader can be unlocked successfully.
Click to expand...
Click to collapse
On older huawei devices (Honor9, Honor10, HuaweiP20), I noticed after the device is totally erased (low level format, cache wiped and settings to factory defaults) : you had to connect to internet to get the OEM Unlock option to not be greyed out.
So maybe it will be enabled on huawei's server side in a few days...
ventu87 said:
try with this solution!
You have to reset your device while the sim card is in the device , then in the setup you have to log in to your both google and samsung accounts , then wait 7 days , and it should appear , if it doesnt appearing simply use google to check how to fix the missing OEM Unlock option
Click to expand...
Click to collapse
I'm guessing you meant 'google playstore account' by 'samsung account'...
Did you enable it yourself on your Mate 20 Pro ? which cust variant ?
Interesting...
Just watched this video:
4 Reasons I SWITCHED to the Huawei Mate 20 Pro | The Tech Chap
And at 3:10 I noticed that the option (on his presumably prelease device, given he is from the UK but has a 2 pin charger and not UKL 3 pin) is greyed out and interestingly says "connect to the internet or contact your network provider" under the OEM unlock option - see attached screen snip
Hmm.....!
cd993 said:
Interesting...
Just watched this video:
4 Reasons I SWITCHED to the Huawei Mate 20 Pro | The Tech Chap
And at 3:10 I noticed that the option (on his presumably prelease device, given he is from the UK but has a 2 pin charger and not UKL 3 pin) is greyed out and interestingly says "connect to the internet or contact your network provider" under the OEM unlock option - see attached screen snip
Hmm.....!
Click to expand...
Click to collapse
That's is an interesting one
Reuben_skelz92 said:
That's is an interesting one
Click to expand...
Click to collapse
I guess all will be revealed Friday eh...!
cd993 said:
Interesting...
Just watched this video:
4 Reasons I SWITCHED to the Huawei Mate 20 Pro | The Tech Chap
And at 3:10 I noticed that the option (on his presumably prelease device, given he is from the UK but has a 2 pin charger and not UKL 3 pin) is greyed out and interestingly says "connect to the internet or contact your network provider" under the OEM unlock option - see attached screen snip
Hmm.....!
Click to expand...
Click to collapse
Yes, I have the phone in Spain and I have the same message in oem unlock
How to Remove FRP Lock From Android Device ?
The FRP feature is always enabled on your device as long as you have an active Google account. To disable FRP, you must remove your Google account.
To remove your Google account, follow these steps:
1 : From any Home screen, touch Apps > Settings.
2 : Touch Accounts > Google.
3 : Touch your Google account, and then touch MORE > Remove account.
Important: If you are sending your device in for service, selling your device, or giving it away, it is very important that you remove your Google account and reset your device.
Share it.
Wanheda-Klaus said:
How to Remove FRP Lock From Android Device ?
The FRP feature is always enabled on your device as long as you have an active Google account. To disable FRP, you must remove your Google account.
To remove your Google account, follow these steps:
1 : From any Home screen, touch Apps > Settings.
2 : Touch Accounts > Google.
3 : Touch your Google account, and then touch MORE > Remove account.
Important: If you are sending your device in for service, selling your device, or giving it away, it is very important that you remove your Google account and reset your device.
Share it.
Click to expand...
Click to collapse
How do you get around it if you bought a refurbished android moto XT1650-02 on FB and they didn't do what they should have done here in this post?
TonyDaTorch said:
How do you get around it if you bought a refurbished android moto XT1650-02 on FB and they didn't do what they should have done here in this post?
Click to expand...
Click to collapse
Have a look at my posts on this subject.
Currently I'm looking into whether I can side load some code via a FAT32 formatted SD card, and if possible, I need to locate where the flag is stored which sets this FRP. Now this could be stored on a rom chip of sorts and at this stage I dont want to break open the device to desolder chips, so this blog could be useful at giving clues into what needs to be looked at. Although the device is a Blink Mini camera, the technique can be applied on other devices, like smart phones.
Blink Mini RE, Part 3 -- Staring into the eye of the binary
If we stare at a binary for long enough, we will intimidate it into giving us its little secrets
astrid.tech
Ideally, I'd have a working device, dump the rom contents, then trigger the FRP and then dump the roms again to compare whats been changed, which would hilight areas for further investigation and maybe even the bit flag in question.
The other area of interest currently is Wireshark with the USB packet sniffer. Lenovo's/Motorola's Rescue and Smart Assist program aka LRMA can interrogate the device via a USB cable and detect the firmware. LRMA also suggests enabling the Developer mode/USB debugging which is enabled by clicking the build number seven times in the Google Android settings. So the question is can LRMA detect the FRP has been set? If it can, Ghidra https://ghidra-sre.org/ can be used to detect the FRP bit flag. I say bit Flag, it could be multiple bit flags in a variety of locations. Never under estimate your enemy.
I've used the Emergency Contact select a photo trick, to gain access to all apps, where I've gone straight for the Settings and Build number, tapped it 7 times as per LRMA's instructions but its not unhidden the developer mode and USB debugging options. This could be disabled once FRP is triggered, but its why I say it could be more than one bit flag which is set. Like you see with UEFI bios on some pc motherboards, there could actually be a two or more locations which could be used.
Like I said earlier, having a working device, dumping roms and then triggering FRP would be ideal, but when you dont have any money, it forces you to use your brain as you can't just step out and buy a new device mirrored in every way.
At this stage I dont know if this FRP flag can be undone. It might be like these RaspberryPi One Time Programmable switches as seen here, but I have been able to toggle some of those as well! https://github.com/raspberrypi/docu...asciidoc/computers/raspberry-pi/otp-bits.adoc
I've so far been unsuccessful in finding out if there is an equivalent of vcgencmd otp_dump for Android phones as this could be another way I might be able to find the FRP flag without having to dump the roms.
This is all new to me so I might be looking in the wrong area's as I'm just an unqualified out of work for decades boring old penniless windows programmer so I'm learning as I go along. But you might find what I've put is useful if you fancy a Thanksgiving, Xmas & New Year challenge for a change.
Hi everyone, I'm trying to help out a friend whose phone is now locked by a scammer.
1. My friend has online store at Shop*e (One of the largest E-Commerce apps in South East Asia). The scammer called, claiming they're from Shop*e, and described some of the data of my friend's store in Shop*e, hence the scammer managed to convince my friend that it's from Shop*e.
2. Instead of personal Gmail account, my friend has a separate Gmail for this online store business, so his Galaxy S21 Ultra is logged into that Gmail for the main google account of his phone.
3. The scammer asked for his Google's Security Code which contains Code 1 & Code 2. (Settings -> Google -> Manage your Google Account -> Security (tab) -> Security Code (under 'Signing in to Google).
4. My friend gave out the security codes, now his Galaxy S21 Ultra is locked, and it requires PIN to unlock the phone, and only the hacker knows that PIN. There's no alternative unlock method offered.
5. My friend also checked that his compromised Google account is now logged in to the scammer's phone, Vivo.
Please help, what should I suggest my friend to do beside factory resetting his phone? How can he unlock his phone?
Thank you.
A factory reset won't help; Google FRP is active.
Google it for solutions. Their other problem is their lost Google account. Good luck with that.
Any other accounts/passwords they better have already reset
No saving dumb bunnies... no offense but that is beyond completely inept. So much so I'm hesitant to believe it.
blackhawk said:
A factory reset won't help; Google FRP is active.
Google it for solutions. Their other problem is their lost Google account. Good luck with that.
Any other accounts/passwords they better have already reset
No saving dumb bunnies... no offense but that is beyond completely inept. So much so I'm hesitant to believe it.
Click to expand...
Click to collapse
Thanks for the answer. I also couldn't believe it, very dumb mistake indeed.
When Google FRP is on, we also can't factory reset from Android Bootloader interface? @blackhawk
alfin97 said:
Thanks for the answer. I also couldn't believe it, very dumb mistake indeed.
When Google FRP is on, we also can't factory reset from Android Bootloader interface? @blackhawk
Click to expand...
Click to collapse
I think your totally locked out except for round about procedures.
Never been there... that's going to be fun.
Do you have access to google account?
What's the value for the scammer stealing the account? Maybe he's hoping for information stored in Google Cloud which can be exploited? Getting some paid apps for free in the Google Store? If the victim has payment options which auto populate during an online purchase, these methods should be revoked. What other factors would motivate the theft?
varcor said:
What's the value for the scammer stealing the account? Maybe he's hoping for information stored in Google Cloud which can be exploited? Getting some paid apps for free in the Google Store? If the victim has payment options which auto populate during an online purchase, these methods should be revoked. What other factors would motivate the theft?
Click to expand...
Click to collapse
Motivation doesn't really matter in this context; some people simply enjoy harming others.
OP, I think your buddy's best recourse at this point is to factory reset the device, then recover his Google account if possible, and change all passwords that may have been on the device. He should also monitor his bank accounts for fraudulent activity.
Edit: Is the bootloader unlocked?
An ounce of prevention is worth a pound, or sometimes a ton of cure. NEVER, EVER give out any security information, ESPECIALLY to someone you don't know on the Internet.
V0latyle said:
Motivation doesn't really matter in this context; some people simply enjoy harming others.
OP, I think your buddy's best recourse at this point is to factory reset the device, then recover his Google account if possible, and change all passwords that may have been on the device. He should also monitor his bank accounts for fraudulent activity.
An ounce of prevention is worth a pound, or sometimes a ton of cure. NEVER, EVER give out any security information, ESPECIALLY to someone you don't know on the Internet.
Click to expand...
Click to collapse
FRP is active so without the Google account he'll be locked out after factory reset...
No easy fix.
Will Google help? Don't count on it.
blackhawk said:
FRP is active so without the Google account he'll be locked out after factory reset...
Click to expand...
Click to collapse
Not even from recovery mode or bootloader? Edit: apparently not, FRP lock might as well be a hardware lock
Might be able to bypass if bootloader is unlocked
blackhawk said:
No easy fix.
Will Google help? Don't count on it.
Click to expand...
Click to collapse
Depends, proving identity can be difficult, and it's true the Big G's customer service is not known for their efficiency or expediency...
If it's an unlocked phone this allegedly should work.
Every other solution is complicated and likely against forum rules to post.
Using the Developer Option:Go to the settings Menu > then About Device > tap on the “Build Number” more than 5 times > go back to settings menu > Now tap on the Developer option > check to Enable OEM Unlock > Done! Now you can reset your phone without facing the FRP lock
My Note 10+'s are unlocked so this solution helps me. I loathe FRP.
alfin97 said:
5. My friend also checked that his compromised Google account is now logged in to the scammer's phone, Vivo.
Click to expand...
Click to collapse
How is he able to check this info without access to that Google account?
My Pixel 3 is having power button/battery-life issues, so I took advantage of the inflated Google trade-in values and pre-ordered the 7 (ugh, hope it goes better than the 6 launch, especially since with my trade-in I'll be stuck if I have issues).
My Pixel and Pixel 3, I unlocked the bootloader and rooted, but with the Pixel 3, seemed like I was spending more and more time trying to read and make sure that I was going to be able to get the updates installed and re-root with Magisk, and still be able to pass SafetyNet and Play store certification with a different kernel, such that I was skipping updates because I just didn't have time.
My main reason for rooting these days was to use AdAway and to freeze apps that I wasn't using regularly (like Uber, Lyft, store apps needed to get coupons but rarely used which I didn't want waking up and siphoning data in the background) with Titanium Backup. And to migrate a few apps and app data using Titanium Backup (though I think most apps/data transferred successfully using the Pixel transfer wizard when I went Pixel->Pixel 3?- can't remember the last time I had to do this, after 3 years on the P3)
When setting up the P7, I'm thinking about not unlocking the bootloader and just trying to use an adblock DNS, but wonder if anyone else is having similar thoughts? Have you been able to backup/restore apps and app data when necessary using ADB or Helium? Do you freeze apps or just uninstall ?
If I have forgotten some other reason why I really needed to be rooted with unlocked BL, do you think I'll be able to take an ADB backup, unlock BL and wipe and restore all apps/data?
Would be interested to know what everyone else is planning on doing...
Nateg900t said:
My Pixel 3 is having power button/battery-life issues, so I took advantage of the inflated Google trade-in values and pre-ordered the 7 (ugh, hope it goes better than the 6 launch, especially since with my trade-in I'll be stuck if I have issues).
My Pixel and Pixel 3, I unlocked the bootloader and rooted, but with the Pixel 3, seemed like I was spending more and more time trying to read and make sure that I was going to be able to get the updates installed and re-root with Magisk, and still be able to pass SafetyNet and Play store certification with a different kernel, such that I was skipping updates because I just didn't have time.
My main reason for rooting these days was to use AdAway and to freeze apps that I wasn't using regularly (like Uber, Lyft, store apps needed to get coupons but rarely used which I didn't want waking up and siphoning data in the background) with Titanium Backup. And to migrate a few apps and app data using Titanium Backup (though I think most apps/data transferred successfully using the Pixel transfer wizard when I went Pixel->Pixel 3?- can't remember the last time I had to do this, after 3 years on the P3)
When setting up the P7, I'm thinking about not unlocking the bootloader and just trying to use an adblock DNS, but wonder if anyone else is having similar thoughts? Have you been able to backup/restore apps and app data when necessary using ADB or Helium? Do you freeze apps or just uninstall ?
If I have forgotten some other reason why I really needed to be rooted with unlocked BL, do you think I'll be able to take an ADB backup, unlock BL and wipe and restore all apps/data?
Would be interested to know what everyone else is planning on doing...
Click to expand...
Click to collapse
The very first thing I will do is unlock the bootloader and root. Not really a hassle for me and I don't use banking apps.
Lughnasadh said:
The very first thing I will do is unlock the bootloader and root. Not really a hassle for me and I don't use banking apps.
Click to expand...
Click to collapse
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Nateg900t said:
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Click to expand...
Click to collapse
Adaway root version
YouTube & YouTube Music Vanced
Substratum
Repainter
JamesDSP
Pixel Launcher Mod
Shortcutter app
Swift Backup
App Manager
To name a few..
Thanks, from your list Adaway root is the big pull for me.
Nateg900t said:
Thanks, from your list Adaway root is the big pull for me.
Click to expand...
Click to collapse
How about a VPN with ad blocking? Kill two birds..Proton is awesome for me. Do a backup, save it then try without root for a bit. You can't stand it then root.
bobby janow said:
How about a VPN with ad blocking? Kill two birds..Proton is awesome for me. Do a backup, save it then try without root for a bit. You can't stand it then root.
Click to expand...
Click to collapse
Have thought about that- use a VPN to a VPS when traveling on wifi, and a VPN to access my home network, but don't like the idea of leaving it connected all the time (battery drain, keeping the radios active to keep the connection) or the idea of having to constantly connect/disconnect it when I want to use the phone. And I would have to create new profiles for adblock to use on mobile while maintaining no-adblock for other devices.
That's why DNS or Adaway hosts seems like the best options for me.
I think I might do your idea of starting without and see how it works. Just looking for any reports from others who have been able to successfully fully backup and restore apps/data to unlock the bootloader. If I have to setup everything from scratch, it's a larger barrier to doing the BL unlock later.
I unlock the bootloader right away so I can use the Android Flash Tool for quick updates via my work computer. I don't like waiting for OTA updates and the optimization process that follows. Root and AdAway is another benefit, also better theme possibilities.
Nateg900t said:
What are your biggest reasons to root? I don't mind just using banking websites, and I suppose I could do check deposits with a different device like an iPad... Back in the day was also using Xprivacy but now there is more control over app permissions too. Just trying to decide if there's still a reason to go through the hassle for my use cases.
Click to expand...
Click to collapse
I used to root for the adblocking, but found setting the private dns to dns.adguard.com is just as effective. As for backups, I used Titanium Backup, but have found Google's backup is just as effective. For those apps not installed from the play store, I use swift backup running on top of Shizuku. For ad-free Youtube, you can find a modified youtube (vanced) apk, but as always, modified apks come with risks.
mruno said:
I used to root for the adblocking, but found setting the private dns to dns.adguard.com is just as effective. As for backups, I used Titanium Backup, but have found Google's backup is just as effective. For those apps not installed from the play store, I use swift backup running on top of Shizuku. For ad-free Youtube, you can find a modified youtube (vanced) apk, but as always, modified apks come with risks.
Click to expand...
Click to collapse
Thanks for sharing your experience! Have been reading more about the private DNS options, just trying to figure out whether connecting to my OpenVPN profiles will override the phone settings and cause me to have to change server config settings in OpenVPN server (seems like OpenVPN will override if doing server push, and the iOS and Android OpenVPN clients don't listen to the pull-filter commands to ignore server config DNS which would be needed to allow non-adguard profile option with a client profile instead of running a second server instance on a different port). I'm probably just going to have to experiment and figure out some combination of settings that allows me to use adguard Private DNS when on mobile/wifi when not using VPN, and also adguard Private DNS when on my own VPN, with the option to use a non-adguard DNS profile if something isn't working/loading and I need to disable the adguard.
Was also reading about using Shizuku and Hail to freeze/disable apps without root, which is my other biggest use-case.
Have a family YoutubeMusic account that costs $2.50/month and includes no-ad Youtube, so thankfully don't have to worry about Youtube ads.
chopt51 said:
I unlock the bootloader right away so I can use the Android Flash Tool for quick updates via my work computer. I don't like waiting for OTA updates and the optimization process that follows. Root and AdAway is another benefit, also better theme possibilities.
Click to expand...
Click to collapse
Do you play the game of trying to maintain Gpay compatibility and Play store certification to install Netflix and other apps, or that's just not something that matters for your use case?
Nateg900t said:
Do you play the game of trying to maintain Gpay compatibility and Play store certification to install Netflix and other apps, or that's just not something that matters for your use case?
Click to expand...
Click to collapse
I honestly don't have to worry about those instances. My use might be different than others.
I'm thinking about getting a Pixel 7 (non Pro), and if I get one I'll keep the BL locked I guess. Right now I got a Realme GT2 Pro, and it's locked running stock color OS. I got a virtual credit card and various banking apps, so I don't want to mess around anymore. For blocking unwanted stuff I use personalDNSfilter (got that running on my PC and my smartphone and it's great) and adblocking browsers. During the last years I used less custom ROMs and kernels, because I don't need that stuff anymore. It rather annoyed me testing ROMs and getting problems because of root.
Immediately unlock the bootloader and leave it unlocked. You can decide to go with root at any time it suits you after that without losing all your data -- can be as simple as fastboot'ing the modified boot image, and as temporary as its gone the next time you reboot.
96carboard said:
Immediately unlock the bootloader and leave it unlocked. You can decide to go with root at any time it suits you after that without losing all your data -- can be as simple as fastboot'ing the modified boot image, and as temporary as its gone the next time you reboot.
Click to expand...
Click to collapse
I haven't unlocked for some time and when I did I didn't use GP or my banking apps. Does Pay and all banking apps work with an unlocked bootloader. Perhaps before telling someone to immediately unlock the bootloader you could inform them of the drawbacks as well as the benefits you provided. Maybe suggest a few articles on the security risks of an unlocked bootloader as a start. The person you are quoting has numerous financial apps on the device and is security conscience. Blanket statements of "immediately unlock the bootloader and leave it unlocked" can be shortsighted for some people.
bobby janow said:
I haven't unlocked for some time and when I did I didn't use GP or my banking apps. Does Pay and all banking apps work with an unlocked bootloader. Perhaps before telling someone to immediately unlock the bootloader you could inform them of the drawbacks as well as the benefits you provided. Maybe suggest a few articles on the security risks of an unlocked bootloader as a start. The person you are quoting has numerous financial apps on the device and is security conscience. Blanket statements of "immediately unlock the bootloader and leave it unlocked" can be shortsighted for some people.
Click to expand...
Click to collapse
Everything will work perfectly with an unlocked bootloader. It will just give you an annoying warning screen briefly when powering on.
If you want to know about security risks, they're fairly small, and ONLY apply if your phone is handled physically by someone untrusted for an extended period of time, in which the only thing they could actually do is install a modified boot image. Under those circumstances, the device security has to be assumed compromised whether the bootloader is unlocked or not.
An unlocked bootloader will NOT allow a 3rd party to access data on the device, since it is encrypted and requires your security code to unlock.
Now, you can actually tell if they've rebooted the device, which they would HAVE to do in order to install a different boot image; the unlock screen (which they are NOT able to modify without resulting in boot failure) will tell you!
And I absolutely disagree that it is shortsighted to advise immediate unlocking. Nothing of real benefit comes from having a locked bootloader. Any sense of security you gain from it is smoke and mirrors. It can only be tampered with if someone has physical access, and if somebody has physical access, it has to be assumed compromised regardless of whether it is unlocked or not. If anything, your security is improved because it is now on your mind that it could potentially be tampered with, and you are reminded of it with the id10t warning every time it reboots.
96carboard said:
Everything will work perfectly with an unlocked bootloader. It will just give you an annoying warning screen briefly when powering on.
If you want to know about security risks, they're fairly small, and ONLY apply if your phone is handled physically by someone untrusted for an extended period of time, in which the only thing they could actually do is install a modified boot image. Under those circumstances, the device security has to be assumed compromised whether the bootloader is unlocked or not.
An unlocked bootloader will NOT allow a 3rd party to access data on the device, since it is encrypted and requires your security code to unlock.
Now, you can actually tell if they've rebooted the device, which they would HAVE to do in order to install a different boot image; the unlock screen (which they are NOT able to modify without resulting in boot failure) will tell you!
And I absolutely disagree that it is shortsighted to advise immediate unlocking. Nothing of real benefit comes from having a locked bootloader. Any sense of security you gain from it is smoke and mirrors. It can only be tampered with if someone has physical access, and if somebody has physical access, it has to be assumed compromised regardless of whether it is unlocked or not. If anything, your security is improved because it is now on your mind that it could potentially be tampered with, and you are reminded of it with the id10t warning every time it reboots.
Click to expand...
Click to collapse
Everything will not work perfectly. Let's be honest here. Look it up, some banking apps work mine doesn't. Pay will work one day and not the next. And if your bank finds out your account was hacked and your phone is unlocked and/or bypasses bank security protocols who will pay for the missing funds when they find out?
A missing device can be booted into a custom recovery and adb commands will be available to take everything on your device bypassing any security you have. With a locked bootloader that is not possible. So if you know your phone can be compromised you feel more secure? That is ludicrous and really doesn't make sense. I mean talk about smoke and mirrors.
Now that being said there are a lot of folks in your camp that say you're living a pipe dream if you think the phone is more easily hacked or info stolen. I understand that argument entirely and it's possibly correct to a certain degree. But to summarily say immediately unlock your bootloader if you don't plan on rooting because.. well just in case, is really disingenuous to a great many individuals. At the very least look up some articles on why to keep your bootloader locked, especially for someone that hasn't done it in some time, if ever. The beauty of Android is the possibility if you so desire. Just be conscience of the advice you give. Many years ago Chainfire said in his blog that if you have an unlocked bootloader and have financial apps on your device you're asking for trouble and you might want to rethink that. (not in so many words) That weekend I locked my bootloader and never looked back. I haven't missed anything.. well other than flashing MVK kernel for my 6a. ;-) But then I'd need root and that brings a host of other issues.
Good points about unlocked BL. Every phone I've had with an unlocked bootloader, I also had root. If I have an unlocked bootloader but run a stock image, I see bobby and 96cardboard are offering different reports of whether that will result in apps like banking apps, Play Store certification, and GPay deciding that they won't allow normal functioning. Anyone else have recent experience on this?
If I can run stock with unlocked bootloader, then I might be more in the camp to have the unlocked BL but not root, at least initially. I like the idea that if somehow an update or some other Android bug borks the OS and/or boot partitions, I could potentially fastboot install a stock copy of the OS and have a chance of recovering my data, whereas with the locked bootloader, it seems the options are limited/none, correct (sorry, haven't had to try and recovery from that situation in the past, so maybe I just don't know/understand the tools available)? I just know from past experience that it seemed like an unlocked bootloader was required and also know that unlocking wipes all data in the process. Not sure if there's a reliable way to get a phone to back up user data to a computer via ADB that can be restored even when the OS isn't working, but also don't have experience trying to use ADB backup with a functioning phone (used to do nandroid backups and they saved my butt a time or two).
@Nateg900t You're not going to trash the os with an update. You might with root if you don't know what the new root process is. But why not just make a backup with an app or two and keep it offline. No adb needed. And copy your important pics too. But I do understand what possibilities there are with an unlocked bl.
What I sometimes do is make a full Google backup and an SMS, call log backup. Then I'll flip the OEM switch just in case I need to unlock. I actually have it flipped now because I'm on QPR1 b2. Now that can bork something. If I needed to wipe I could recover about 90+% within about 30 minutes. If you want to bl lock due to some app or something then a full wipe is needed. Oh how I miss nandroid backups.
Keep asking your questions all over and make an informed decision. Enjoy the device it's pretty awesome.
Ahh, good call on flipping the oem unlock switch.
What app are you using to make app backups? Helium? I don't do full Google backup because I don't pay for extra cloud storage. But I was going to try making the full adb backup and seeing if I can use that and restore my old pixel 3 (once it is transfered to the new 7, just before I wipe it for trade in... At that point it won't matter if the restore doesn't work and it will be nice to test and get the experience for backing up the 7 via adb..
For pics, already using an app that uploads pics to my NAS each night overnight.
Going to give private dns via adguard a try instead of adaway and with that and backup/restore capabilities, I think that will cover my root needs these days.