Related
Given the situation that I needed to unlock bootloader and install TWRP inorder to be able to do full image backup (i.e. Nandroid), I have been wondering what are the underlying security issues to be faced after unlocking and installing TWRP (without moving onto root) in a specific situation where the device is lost or stolen?
Lets say if I am on stock OOS with encryption enabled + Fingerprint and password/pin set on lock screen + USB debugging disabled + locked bootloader + stock recovery, in the unfortunate event where my device were to get lost or stolen, I can expect my personal data to be safe from prying eyes since the person who has gotten a hold of my phone will have to do a factory reset to get into the phone or unlock bootloader which all meant my personal data will be wipe. So that's a good outcome in an unfortunate one.
But let's say if now I were to (i) unlock my bootloader and (ii) install TWRP (but retaining it as read only without system modification), (iii) restore all app, data and settings, and go on to (iv) perform a nandroid backup. And after that, proceed to (v) disable USB debugging and (vi) re-enable encryption and (vii) set fingerprint and password on lock screen. And I shall stopped there without rooting or flashing dm verity. Can I still expect my personal data to be safe from prying eyes in the event of lost or stolen? Meaning that whoever gets a hold of my device will likewise need to wipe it clean before he/she is able to use it? Is this the case or can the person access my data using some hacks now that the device runs custom recovery?
An interesting guide I had came across contained various means of accessing personal data (read - https://forum.xda-developers.com/showthread.php?t=2620456) by bypassing android password, patterns, etc set on the locked screen, and some methods required USB debugging to be enabled while some required custom recovery installed.
To be sure if I am still able to protect my personal data when device is stolen/lost with an unlocked/TWRP installed device, my curiosity took me on an investigative path using an old Samsung Note 3 to unlock bootloader and install TWRP, then proceed to enable encryption and disable USB debugging and set lockscreen password. And now for the next couple of days where I can find free time, I will try out all 7 methods to see if an unlocked Note3 with TWRP is susceptible to these security compromise. I will come back to this thread later to update my findings.
I really welcome any information or inputs too!
To summarize, the state of my old Note 3 used in this investigation is as follows:
1) Bootloader unlocked
2) TWRP (3.0.2) installed as "read only" without system modification
3) ROM (CM13) encryption enabled
4) Locked screen password set
5) Device not rooted
6) USB debugging disabled
When I boot into TWRP, I realized that even if I set it to read only, any person who has gotten hold of my device can set it to system modification since TWRP is not password or pin protected. Therefore setting to "read only" is sort of irrelevant in this investigation to find out how vulnerable the device is right now.
The second thing I realized, is TWRP will ask me for android password to mount my internal sdcard since my ROM is encryption enabled. This is a good thing, since in this case TWRP internal file manager will not be able to access my device internal sdcard containing some of my personal data.
The 1st method I tried is:
METHOD I
Solution For Everyone With Recovery (Cwm, Twrp, Xrec,Etc...) Installed:
INSTRUCTIONS:
1. Download this zip Pattern Password Disable (Download from attachments) on to your sdcard (using your PC, as you cant get into your phone, right )
2. Insert the sdcard into your phone
3. Reboot into recovery mode
4. Flash the zip
5. Reboot
6. Done!
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
The steps I took:
A) Set TWRP to system modification
B) When TWRP asked me for password to mount partition, I choose "cancel" since I am trying to imitate the person who has gotten hold of my device won't be able to guess my password
C) Flashed the pattern password disable zip file
And voila!... my password on locked screen is still intact. Meaning that entering any random password does not gain access into android. Only the original password can.
Good news certainly. Don't know why this hack doesn't work, probably it is outdated or probably due to my system is still encrypted when I flashed the hack zip file.
As to the 2nd method, I didn't try out as I don't know how to use Cygwin...
METHOD 2
Solution For Everyone Without Recovery Installed - ADB :
What You Need:
=>A computer running a Linux distro or Windows+Cygwin
=>USB cable to connect your phone to the PC
=>Adb installed
How to install adb:
1. Open Terminal
2. Type:
Code:
sudo apt-get install android-tools-adb
Hit [Enter]
3. Follow the instructions until everything is installed.
INSTRUCTIONS:
1. Connect you (turned on) Phone to the Computer via USB.
2. Open a terminal window.
3. Type:
Code:
adb devices
adb shell
cd data/system
su
rm *.key
4. Done...Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 3 is irrelevant to this investigation therefore it has been omitted.
METHOD 3
Solution For Everyone Before Lock Accident :
SMS Bypass - Download Link - Install It On Your Device (Download from attachments)
This App Allows You To Remotely Bypass Your Phone's Screen Lock By Sending A SMS.
It Removes Your Gesture Pattern Or Password After Receiving A Preset Keyword Along With A Secret Code Via SMS.
SMS Bypass App Requires Root.
INSTRUCTIONS:
1.First, make sure you give permanent root access to the app.
2.Change the secret code to your preferred choice. The default password is : 1234
3.To reset your screen lock, send the following message from another phone:
Code:
secret_code reset
Example:
Code:
1234 reset
Note 1 : There is a space between your secret code and reset. Also the secret code is case sensitive.
Note 2 : There is an option available to change the preset keyword. Default is : reset - Your phone will restart and your lock screen will be reset.
Note 3 : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Given that method 5 is in fact similar to method 2 therefore it has been omitted as well.
METHOD 5
Solution For Everyone Via Adb - File Removal :
INSTRUCTIONS:
=>Type This Command In Your Terminal (CMD Prompt) :
Code:
adb shell rm /data/system/gesture.key
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 6 will not work since that hack required USB debugging to be enabled.
METHOD 6
Solution For Everyone With USB Debugging Enabled :
INSTRUCTIONS:
Primary Step for all method:
Download & Extract to anywhere - Bypass Security Hack (Download from attachments)
Open SQLite Database Browser 2.0.exe in SQLite Database Browser.
Run pull settings.db.cmd inside By-pass security Hacks folder to pull out the setting file out of your phone.
Drag settings.db and drop to SQLite Database Browser 2.0.exe program.
Navigate to Browse data tab, At table there, click to list down the selection & selete secure
Instruction To Remove Pattern Lock:
Now, find lock_pattern_autolock, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove PIN Lock:
Now, Find Or Create lockscreen.password_type, double-click & change it's value to 65536, Apply changes!
Now, find lock_pattern_autolock, Delete Record, If doesn't exist, Ignore
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove Password Lock:
Now, find lockscreen.password_salt, Delete Record
Now, find lockscreen.password_type, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
I then tried out method 7 using the Aroma file manager however all these 3 versions (Version 2.00 [BETA1]- KACAPI, aromafm-1.91, and aromafm-1.90) does not open up after flashing the zip with system modification enabled on TWRP. Mostly likely these outdated versions of the Aroma file manager are not supported by the latest version of TWRP (3.0.2) since the developers have ceased all work related to it.
METHOD 7
Solution For Everyone With Recovery Installed :
INSTRUCTIONS:
1.Download and Copy Aroma File manager.zip (Download from attachments or http://forum.xda-developers.com/show....php?t=1646108) to your memory card.
2. Open your recovery (press volume Down + Power button or it can be different according to the phones. Generally the phones who have press able button on the middle they have to press all three buttons. Google for you pattern there are lots)
3. There’ll b an option in recovery called “mount”. Go in that option and then mount all the cache and everything it is there.
4. Then select “update” and select “apply update from SD/external” and select aroma file manger.zip file that you downloaded using above QR code above.
5. After Flashing or updating, the aroma file manger will open. Use volume keys for up/down and power button 2 select like you use to get into recovery.
6. In aroma File manager , Go to menu , which is located in bottom strip and then select Settings.
7. Go to bottom n select “mount all partition in startup ” then exit from aroma file manger.
8. Now after exit , re-update that aroma file again and it will open again.
9. Go to data >> and then System.
Then find ‘gesture.key’ (for pattern lock) and ’password.key’ (for password lock) then long touch on gesture.key or password.key and sum option will be prompted , choose delete and delete that file and restart.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
And now onto the last method which is method 4 using SQL command. After starting adb daemon, adb devices are not found and hence the following steps could not be taken. I think this could be due to the device having USB debugging disabled. Hmmm...
METHOD 4
Solution For Everyone Via Adb - SQL Command :
INSTRUCTIONS:
=>Type This Commands Separated In Your Terminal (CMD Prompt) :
Code:
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit
=>Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
After going through all these methods, I am inclined to think that personal data is still protected in an unlocked/TWRP installed device as long as USB debugging is DISABLED and ROM is encrypted and fingerprint/password set on lock screen. What do you think?
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
Click to expand...
Click to collapse
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Click to expand...
Click to collapse
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
The main security risk is that it allows anyone to flash something harmful without you knowing on to your system. Your data may be encrypted and protected but they can still flash something onto another partition.
You could be happily using your phone unaware there's a rogue app capturing and sending data to someone.
Zegnalabel said:
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
Click to expand...
Click to collapse
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Michalko5896 said:
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Click to expand...
Click to collapse
Thank you so much! Found the data usage setting and updated to 4.0. :laugh:
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
...
Click to expand...
Click to collapse
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
xclub_101 said:
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
Click to expand...
Click to collapse
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Michalko5896 said:
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Click to expand...
Click to collapse
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
xclub_101 said:
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
Click to expand...
Click to collapse
well, google is stating, that unlocking bootloader will turn off the dm-verity.
This is an interesting discussion- I have a Nexus 5X, but I use a custom configuration:
1) locked bootloader
2) verity turned on for the system partition so that I can check the key fingerprint and verify integrity.
3) customized cm recovery - I installed my adb keys so I can connect to it. I also changed the signing keys, so I have to sign any roms that get flashed.
4) encrypted userdata with pattern protection. I think a password would be stronger, but I'm using a larger, complex pattern. Fingerprint unlock is turned on, which has its own attack surface.
I think the fingerprint sensor is the biggest risk. This is mitigated at reboot since the pattern will be required. If I built the recovery properly, the only way to flash anything would be to have access to my signing keys or adb keys. Of course, this is all still vulnerable to any unpatched exploits.
Hi all, i just flashed LineageOS 16 on my S5 Mini SM-G800F variant.
I like the Rom and i wanna keep it, so i want to get or activate the root access on it, but i don't know how since i've searched everywhere, but there's no solution so i decided to make post here.
1- Flashed rom
2- Flashed GApps ARM 9.0 nano.
3- Flashed Magisk v17.1.zip
4- Rebooted.
Everything works fine, but the Magisk is missing.
I enabled Developer Options but there is no option for the root access.
I find an option for the root access only when i open Settings app and type "root" in the searchbar.
What i get when i hit "root access" , the "Trust" app opens and there is two sections and few more options in it which is:
Status
SELinux
(Disabled)
Root Access
(Disabled)
Android Security Patches
Platform: up to date
Vendor: up to date
Encryption
(Disabled)
When i hit on Root Access, i get following message:
"Root access allows the bypassing of security restrictions.... etc.. which can cause damage to your device or OS.
Can someone help, please?
I don't know what to do.
Hi!
The lineage developers recommend this:
https://www.lineageosrom.com/2018/09/lineage-os-16-root-android-pie-90-super.html?m=1
I have been using Google Pay on my Galaxy S8 (SM-G950F) for year with Magisk, I was still able to use Google Pay no problem on Feb 28. I noticed on March 1 when I try pay with Google Pay I got message saying "You can no longer pay in stores with Google Pay". I checked Magisk to make sure it still pass SafetyNet and check was success yet I try to add the credit card again on Google Pay I got message "Couldn't finish setup to pay in stores - This phone can't be used to pay in stores. This may be because it is rooted or altered in some other way.
henban89 said:
I have been using Google Pay on my Galaxy S8 (SM-G950F) for year with Magisk, I was still able to use Google Pay no problem on Feb 28. I noticed on March 1 when I try pay with Google Pay I got message saying "You can no longer pay in stores with Google Pay". I checked Magisk to make sure it still pass SafetyNet and check was success yet I try to add the credit card again on Google Pay I got message "Couldn't finish setup to pay in stores - This phone can't be used to pay in stores. This may be because it is rooted or altered in some other way.
Click to expand...
Click to collapse
I am getting this error too. Working fine until a few days ago. SafetyNet reports all true, Magisk Hide set to Google Pay, Play, etc.
The same on my Galaxy S5
Same here on my OnePlus 6t
Same with my xiaomi 6, magisk 18.1 + manager 7.0. Safetynet is passed
same with my note-9 using bank applications as magisk failed to hide root
No one mentions what ROM they are using
fwiw Google Play works fine on My Note 4 with unofficial LOS 16 (Pie) and Magisk 18.1
Used it last 2 hours ago...
Google Pay never worked on the previous LOS 15.1 (Oreo) on ANY build/version of Magisk, it was a ROM issue.....only worked on stock ROM for the Note 4
So i got quite the surprise when i flashed Pie and it was workies....
73sydney said:
No one mentions what ROM they are using
fwiw Google Play works fine on My Note 4 with unofficial LOS 16 (Pie) and Magisk 18.1
Used it last 2 hours ago...
Google Pay never worked on the previous LOS 15.1 (Oreo) on ANY build/version of Magisk, it was a ROM issue.....only worked on stock ROM for the Note 4
So i got quite the surprise when i flashed Pie and it was workies....
Click to expand...
Click to collapse
I am running on stock rom, my S8 is still running on Android 7.0 and as I said Gpay was working just fine until March 1. I thought about upgrading to latest stock rom with Android 9.0 but currently there isn't any instruction on how to root Android 9.0 on S8 yet.
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Or
1. Upgrade to Magisk Canary by following steps here:
https://forum.xda-developers.com/apps/magisk/dev-magisk-canary-channel-bleeding-edge-t3839337
Not recommended for daily use!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - works on Magisk 18.2 Canary
JarlPenguin said:
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - not working, downgrade to 14.7.99
Click to expand...
Click to collapse
Thanks! I can use google pay again!
Thank you and backing up and protecting backup of Google Play Services version
JarlPenguin said:
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - not working, downgrade to 14.7.99
Click to expand...
Click to collapse
Thank you so much for this. Your instructions were followed to the letter and it worked. I had to use a terminal emulator, su, and "pm uninstall com.google.android.gms" to uninstall updates for Google Play Services for steps 2 & 3 on my OnePlus 6T.
Now that it's working I used Titanium Backup to backup this version of Google Play Services and protected the backup.
Again, thanks.
JarlPenguin said:
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - not working, downgrade to 14.7.99
Click to expand...
Click to collapse
Yeah, thanks it work though install older version of Google Play service didn't seen to helped which Google Pay wouldn't work at all without update Google Pay service to latest version. Even though I updated Google Play service to latest version my Google Pay work again somehow. For the time being Gpay seen to work again hopefully it will continue to work or at least long enough until I upgrade to S10 later this year.
I don't have the three dots to uninstall Google Play Services updates.
OnePlus 3T, Resurrection Remix rom.
Help w/ downgrading Google Play Services
anotherxdauser said:
I don't have the three dots to uninstall Google Play Services updates.
OnePlus 3T, Resurrection Remix rom.
Click to expand...
Click to collapse
If you have already disabled device admin for Google Play Services and Google Pay, you can downgrade Google Play Services like this:
1. Open a terminal emulator on your Android OR an adb shell on your PC connected to your Android.
2. Use "su" to root your shell.
3. Use "pm uninstall com.google.android.gms" to downgrade Google Play Services.
You can then proceed with the remaining steps.
---------- Post added at 10:04 AM ---------- Previous post was at 09:56 AM ----------
JarlPenguin said:
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - not working, downgrade to 14.7.99
Click to expand...
Click to collapse
While these steps worked for me, I'm having a problem with Google Play Services updating itself back to the newest version each night (even w/ background data services disabled for Play Services and for Pay).
Any advice on a way to prevent updates to Google Play Services until I want it updated?
If I open Google Pay without checking to see if Play Services is still downgraded to 14.7.99, I lose all my payment methods.
OnePlus 6T, stock rooted ROM, 2019 Jan Update, Magisk 18.1.
JarlPenguin said:
The new Google Play services update caused this.
Temporary workaround:
1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.
2. Search "Google Play services" in the Settings search bar.
3. Press the three dots and press "Uninstall previous updates".
4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
Pick your needed edition (arm or arm64, etc.), download it and install it.
5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.
6. Download Google Pay from the Play Store.
7. Set up your cards. Enjoy!
Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.
Tested Google Pay versions:
2.79.x-2.83.235070858 - working
Tested Google Play services versions:
14.7.99 - working
14.8.49-15.0.10 - not working, downgrade to 14.7.99
Click to expand...
Click to collapse
Worked for me, thanks for including the bit about version 14.7.99.
chriv said:
If you have already disabled device admin for Google Play Services and Google Pay, you can downgrade Google Play Services like this:
1. Open a terminal emulator on your Android OR an adb shell on your PC connected to your Android.
2. Use "su" to root your shell.
3. Use "pm uninstall com.google.android.gms" to downgrade Google Play Services.
You can then proceed with the remaining steps.
Click to expand...
Click to collapse
Thanks for the instructions but I just can't get this to do anything.
I have no dots so I have to use the above method.
Using terminal emulator I get errors about uninstall from pm command asks to ruin as user 1 but is calling from user 0 blah blah blah
Also the APK link has so many different options....any idea what would be the right one for note 4 910F?
Any help would be appricated, googling the error message I get no results.
Only a guess
MatsyLR said:
Thanks for the instructions but I just can't get this to do anything.
I have no dots so I have to use the above method.
Using terminal emulator I get errors about uninstall from pm command asks to ruin as user 1 but is calling from user 0 blah blah blah
Also the APK link has so many different options....any idea what would be the right one for note 4 910F?
Any help would be appricated, googling the error message I get no results.
Click to expand...
Click to collapse
This is only a guess, but it sounds a little like Linux namespace separation might be related to the problem. Is Magisk your "su" program, or did you use something else to root?
My skills with some types of Linux security are limited, so I might not be any help.
chriv said:
This is only a guess, but it sounds a little like Linux namespace separation might be related to the problem. Is Magisk your "su" program, or did you use something else to root?
My skills with some types of Linux security are limited, so I might not be any help.
Click to expand...
Click to collapse
Yes I am using magisk on Resurrection Remix Pie note 4.
The terminal has root access.
I've tried a few different things like manually uninstalling the Google play services and installing the one from the link but doesn't work.
I've tried other variants like pm uninstall --user 0 com.google.android.gms.apk but I always get the user 0 user 1 error
Full error is
:/ $ pm uninstall com.google.android.gms
Security exception: Permission Denial: runUninstall from pm command asks to run as user -1 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL
java.lang.SecurityException: Permission Denial: runUninstall from pm command asks to run as user -1 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL
at com.android.server.am.UserController.handleIncomingUser(UserController.java:1527)
at com.android.server.am.ActivityManagerService.handleIncomingUser(ActivityManagerService.java:20661)
at android.app.ActivityManager.handleIncomingUser(ActivityManager.java:3904)
at com.android.server.pm.PackageManagerShellCommand.translateUserId(PackageManagerShellCommand.java:2402)
at com.android.server.pm.PackageManagerShellCommand.runUninstall(PackageManagerShellCommand.java:1464)
at com.android.server.pm.PackageManagerShellCommand.onCommand(PackageManagerShellCommand.java:193)
at android.os.ShellCommand.exec(ShellCommand.java:103)
at com.android.server.pm.PackageManagerService.onShellCommand(PackageManagerService.java:21468)
at android.os.Binder.shellCommand(Binder.java:634)
at android.os.Binder.onTransact(Binder.java:532)
at android.content.pm.IPackageManager$Stub.onTransact(IPackageManager.java:2821)
at com.android.server.pm.PackageManagerService.onTransact(PackageManagerService.java:3922)
at android.os.Binder.execTransact(Binder.java:731)
255|:/ $
Click to expand...
Click to collapse
So today i finally hit the issue
Nothing short of removing gms via TWRP file manager, booting and installing (as a user app) the earlier build worked
Im assuming those with "three dots" are on stock ROMS?
Also pm uninstall com.google.android.gms just error-ed out as above
Hopefully the magisk folks figure out a far easier fix for this
Regardless i made a google pay purchase just an hour ago...
Hit the same issue. I could fix it by disconnecting PayPal from GPay, blocking GPay as device administrator, hiding it and GPlay in Magisk hide and then reconnecting PayPal and re-activating contactless payments. It did not have to remove any GPlay Services Updates or anything.
Hey guys,
I got myself a new Tab S5E LTE ( to have data connection). However I dont find "Call and message continuity" anywhere. Supposing its only for the wifi version. Which is pointless as LTE doesnt mean phone if you have a dataonly card.
Is there any way to get the feature to the LTE s5e tablet? I rooted it and tried installing APK but it still says "failed"
Thanks!
Robin
copying APK to system app worked. However I cant login to Samsung account . - login failed.
Howto get Call and Message Continuity on S5E LTE
Hey,
I finally got this working.
First you have to root your S5E ( Instructions here: https://forum.xda-developers.com/ga...samsung-galaxy-tab-s5e-sm-t725-t3926742/page2 )
Then download the APK for call and message continuity from internet, copy it to device.
Boot your tablet in "Rooted mode"(vol up and power)
Install the APK via "FX Explorer" with root addon enabled (click on open with and then select FX Root installer, will fail ). Then in FX Explorer copy the app to /system/app/ ( create a new folder, mine is called . CMC). Reboot phone into magisk mode again - it should be visible in settings now. However if you click to enable it you cant as you currently cant add your samsung account.
Reboot your tablet once more, this time in "normal" unrooted mode - add samsung account - done.
See post #3 for in depth guide !
->insert usual general disclaimer of liability
Required:
Odin3_v3.14.1 flash tool
Samsung USB Driver installed
Frija or something else, to download stock files
7zip or similar
1: Unlock bootloader (will wipe your precious data, void warranty, break Knox e-fuse and who knows what else !)
-unlock dev option (just harass your Build number in settings)
-be connected to the internet (WiFi or 5g)
-allow USB debugging
-OEM unlock
-be warned that this might cause WWIII
-Power off your device. Press Volume Up + Volume Down THEN plug your Tablet lnto a PC to boot into download mode.
-Release buttons immediately when the blue screen shows itself.
-Long press volume up to unlock the bootloader. This will wipe your data and automatically reboot
-Go through the initial setup.
-Skip through all the steps except wifi or 5g
-sign into your Google or Samsung account
-Enable Developer options & USB debugging
-reboot
-You have an unlock bootloader and have control over your device, (it is unfair that this voids your warranty as you should be able to use your hardware as you please).
2: Root install:
-Install Magisk
-use frija or something else to get the latest file according to your device and your CSC :
-patch the whole AP file with magisk (transfer of big files can be tricky, using SD card to transfer file from computer to tablet and vice versa seems like one if the easiest way)
-use odin to flash AP (the patched one), CP, BL and CSC (will wipe once again and reboot)
-Open magisk to finish install (reboot)
-You have root
3: Root update:
-use Frija or something else to get the latest file according to your device and your CSC :
-patch the whole AP file with magisk
-use Odin to flash AP (the patched one), CP, BL and Home_CSC (using CSC will wipe)
-Press and hold Vol-down and Power let go of all buttons once the screen turn on.
-You have root, data kept and update
Please let me know if something should be added or edited.
Hi @Vinsang! Thanks for the nice post. I'd like to suggest you edit the type of thread this is and make it a "How To Guide" instead of "Question" thread. That will help it stand out, especially if anyone uses the Quick Filters at the top of the list of threads in this section.
Edit: Thanks for changing it. Cheers!
How to Root (or update an already-rooted device)Prereqs
Install the USB driver from https://developer.samsung.com/android-usb-driver
Get the latest Odin from https://odindownloader.com/category/download and unzip it
Get the latest Frija from https://github.com/SlackingVeteran/frija/releases and unzip it
Start Frija and begin downloading the latest firmware for your Model and CSC:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Model Numbers
S8 Ultra 5G: SM-X906
S8 Ultra Wifi: SM-X900
S8+ 5G: SM-X806
S8+ Wifi: SM-X800
S8 5G: SM-X706
S8 Wifi: SM-X700
CSC: Settings > About Tablet > Software Information > Service provider software version
Step 1 - Prepare your Tablet (only necessary for first install on unrooted device)
While Frija is downloading the firmware, prepare your device by doing the following:
Settings > About Tablet > Software Information > Click Build Number 7 times quickly
Developer Options (just below About Tablet on the left column)
Turn on USB Debugging
Turn on OEM unlocking
NOTE: If the OEM Unlocking option doesn't appear, connect the device to the internet, wait a few minutes, then try again
Power tablet completely off (Hold volume down + power button if you haven't changed the Bixby settings)
While holding volume up and volume down, plug the tablet into your PC via USB
Let go of volume keys as soon as the blue-green screen shows up
Press and hold volume up for 5 seconds, the screen will change to a confirmation prompt
Press volume up again to confirm, the tablet will reboot
Unplug your tablet from USB
Go through initial setup. Don't bother copying files or installing anything.
Skip signing in to your Google account and Samsung account. You won't be using them for this step.
Settings > About Tablet > Software Information > Click Build Number 7 times quickly
Developer Options (just below About Tablet on the left column)
Turn on USB Debugging
Reboot the tablet
Step 2 - Patch the stock firmware to make it rooted
Frija should have finished downloading by now, unzip the file (remember where you unzipped it to)
Plug your tablet in to your computer via USB and click Allow if it prompts to allow data access
If this is your first install / you're rooting the tablet for the first time:
Download Magisk-vXX.XX.apk from the topmost release at https://github.com/topjohnwu/Magisk/releases
Copy the Magisk-vXX.XX.apk and the AP_xxx_xxx_tar.md5 from the zip file Frija downloaded to:
This PC > Galaxy Tab S8 Ultra > Internal Storage > Download
Open the My Files app on the tablet and browse to Downloads
Click the Magisk-vXX.XX.apk and it will prompt you to click Settings
In Settings, turn on My Files, then it will give you a prompt to Install
When Magisk is done installing, click Open
If your tablet was already rooted, and you're just updating:
Copy the AP_xxx_xxx_tar.md5 from the zip file Frija downloaded to:
This PC > Galaxy Tab S8 Ultra > Internal Storage > Download
After the file is done copying, unplug your tablet from USB
In Magisk, click Install in the top Magisk area, then the option for Select and Patch a file
Click My Files > Downloads, select the AP_XXX_XXX.tar.md5 file and click Done at the bottom
Click Lets Go -> After a few moments, it should display this (ignore 'Installation failed' at the top, it always does that):
Step 3 - Apply the rooted firmware
Plug your tablet back in to USB, then on your PC, go back to This PC > Galaxy Tab S8 Ultra > Internal Storage > Download and copy the magisk_patched-xxx.tar file back to the folder where you unzipped the zip file from Frija
After the copy is finished, unplug your tablet from your PC and completely power off your tablet
While holding volume up and volume down, plug the tablet into your PC via USB
Let go of volume keys as soon as the blue-green screen shows up
Click volume up (the side of volume nearest the power) briefly (don't hold it) to go into download mode
Start Odin and accept the disclaimer prompt
Click BL and select the BL_XXX_XXX.tar.md5 file where you unzipped the zip file from Frija
Click AP and select the magisk_patched-XXX.tar file
If this is your first install / you're rooting the tablet for the first time (this WILL wipe your data):
Click CSC and select the CSC_XXX_XXX.tar.md5
If your tablet was already rooted, and you're just updating (this WILL NOT wipe your data):
Click CSC and select the HOME_CSC_XXX_XXX.tar.md5
Odin should now look like this:
Click Start. When it's finished, Odin will display "PASS!" and the tablet will automatically reboot.
Step 4 - Verify and finalize
Go through the normal setup, signing in to your Google and Samsung accounts this time
Click on Magisk that is now pre-installed, and go through the Settings step to allow it to install again
It should prompt you that your device needs additional setup and one more reboot, click OK
After rebooting, your device should be fully rooted. Use a root checker app if you want to verify.
Step 5 (optional) - Get Netflix (and banking apps etc) working with root
Install https://github.com/Fox2Code/FoxMagiskModuleManager/releases and run it
Search for Universal Safetynet Fix by kdrag0n and install it
In Magisk settings click Systemless hosts, turn on Zygisk, turn on Enforce Denylist
Click Configure Denylist, then the 3 dot menu and Show System Apps
Search for Google Play Store, click it, check the check and turn on all options underneath
Search for Google Play Services, click it, turn on .gms and .gms.unstable ONLY
Search for Netflix, click it, check the check and turn on all options underneath
(optional) Add your bank / pay app, etc here if you'd like
In Settings > Apps, search for Google Play Services and Google Play Store and clear all data (not just cache) for each
Reboot
NOTE - This is currently only passing Widevine level 3, so Netflix is limited to SD. I'm still trying to figure out how to get L1 / full HD.
Is there currently any way to make nandroid backups without TWRP since there isn't a build of it for the Tab S8 line yet?
SavXL said:
Is there currently any way to make nandroid backups without TWRP since there isn't a build of it for the Tab S8 line yet?
Click to expand...
Click to collapse
Not you can't make a full nandroid back up without TWRP for the moment. You can use Swift backup or something similar to backup some things in particular, Google backup is also pretty convenient.
Anyone work out how to get Netflix working with root yet? Also, is Magisk manager showing any modules to download in the Magisk app for you guys? I can install from file, but the downloading functionality doesn't seem to be working.
Dunno about Netflix, but this worked for banking apps:
Add this module : https://github.com/kdrag0n/safetynet-fix
Zigisk and enforced denylist on and add Netflix (or other) in the deny list. Reboot and tryout.
It seemed that the download section isn't there anymore on the latest magisk, same on other devices. You gotta download them separately.
skrowl said:
Anyone work out how to get Netflix working with root yet? Also, is Magisk manager showing any modules to download in the Magisk app for you guys? I can install from file, but the downloading functionality doesn't seem to be working.
Click to expand...
Click to collapse
Not sure when, but somewhere in an update, the ability to download modules from magisk directly was removed. You can download them using an app called Fox's Magisk Module Manager. You can search for modules just like you could on Magisk, and they'll be added once you install them and reboot. Also, for the netflix thing, your device may not be passing safetynet. Checking this was also remove in an update, but you can check it with YASNAC.
Edit: I just did this with my rooted Tab S7+, but it should work with the S8+ and S8U as well. Doing this should let you pass safetynet and be able to use Netflix.
1. Enable Zygisk in Magisk settings, then reboot.
2. Enable Enforce DenyList in Magisk settings, then go to Configure DenyList.
3. Enable show system apps with the menu on the top-right, then search "google play services".
4. Enable DenyList for com.google.android.gms & com.google.android.gms.unstable, then reboot.
5. Open YASNAC to run safetynet attestation, you should be passing basic integrity but failing cts profile match.
6. Download and install the latest version of the safetynet fix for zygisk module, then reboot.
7. Check YASNAC again, you should now be passing basic integrity and cts profile match.
8. Go to settings > apps, find google play service & google play store, clear data for both of them, reboot.
9. Go to the play store > settings, play protect certification should now say "device is certified".
10. Open Magisk > Configure DenyList, search for Netflix (enable show system apps if you need to), enable DenyList for everything, reboot.
11. Update Netflix if it's not up to date. If the play store is allowing you to update Netflix at all, then you're good to go.
Now you have Netflix running on your rooted tab!
Edit 2: Accidentally saved my first edit before I finished the instructions, my bad.
skrowl said:
Prereqs
Install the USB driver from https://developer.samsung.com/android-usb-driver
Get the latest Odin from https://odindownloader.com/category/download and unzip it
Get the latest Frija from https://github.com/SlackingVeteran/frija/releases and unzip it
Start Frija and begin downloading the latest firmware for your Model and CSC:View attachment 5574197
Model Numbers
S8 Ultra 5G: SM-X906
S8 Ultra Wifi: SM-X900
S8+ 5G: SM-X806
S8+ Wifi: SM-X800
S8 5G: SM-X706
S8 Wifi: SM-X700
CSC: Settings > About Tablet > Software Information > Service provider software version
Step 1 - Prepare your Tablet
While Frija is downloading the firmware, prepare your device by doing the following:
Settings > About Tablet > Software Information > Click Build Number 7 times quickly
Developer Options (just below About Tablet on the left column)
Turn on OEM unlocking
Turn on USB Debugging
Power tablet completely off (Hold volume down + power button if you haven't changed the Bixby settings)
While holding volume up and volume down, plug the tablet into your PC via USB
Let go of volume keys as soon as the blue-green screen shows up
Press and hold volume up for 5 seconds, the screen will change to a confirmation prompt
Press volume up again to confirm, the tablet will reboot
Unplug your tablet from USB
Go through initial setup. Don't bother copying files or installing anything.
Skip signing in to your Google account and Samsung account. You won't be using them for this step.
Settings > About Tablet > Software Information > Click Build Number 7 times quickly
Developer Options (just below About Tablet on the left column)
Turn on USB Debugging
Reboot the tablet
Step 2 - Patch the stock firmware to make it rooted
Frija should have finished downloading by now, unzip the file (remember where you unzipped it to)
Plug your tablet in to your computer via USB and click Allow if it prompts to allow data access
If this is your first install / you're rooting the tablet for the first time:
Download Magisk-vXX.XX.apk from the topmost release at https://github.com/topjohnwu/Magisk/releases
Copy the Magisk-vXX.XX.apk and the AP_xxx_xxx_tar.md5 from the zip file Frija downloaded to:
This PC > Galaxy Tab S8 Ultra > Internal Storage > Download
Open the My Files app on the tablet and browse to Downloads
Click the Magisk-vXX.XX.apk and it will prompt you to click Settings
In Settings, turn on My Files, then it will give you a prompt to Install
When Magisk is done installing, click Open
If your tablet was already rooted, and you're just updating:
Copy the AP_xxx_xxx_tar.md5 from the zip file Frija downloaded to:
This PC > Galaxy Tab S8 Ultra > Internal Storage > Download
Open Magisk
In Magisk, click Install in the top Magisk area, then the option for Select and Patch a file
Click My Files > Downloads, select the AP_XXX_XXX.tar.md5 file and click Done at the bottom
Click Lets Go ->. After a few moments and it should give you a screen like this:View attachment 5574199
Step 3 - Apply the rooted firmware
On your PC, go back to This PC > Galaxy Tab S8 Ultra > Internal Storage > Download and copy the magisk_patched-xxx.tar file back to the folder where you unzipped the zip file from Frija
After the copy is finished, unplug your tablet from your PC and turn the tablet off
While holding volume up and volume down, plug the tablet into your PC via USB
Let go of volume keys as soon as the blue-green screen shows up
Click volume up briefly (don't hold it) to go into download mode
Start Odin and accept the disclaimer prompt.
Click BL and select the BL_XXX_XXX.tar.md5 file where you unzipped the zip file from Frija
Click AP and select the magisk_patched-XXX.tar file
If this is your first install / you're rooting the tablet for the first time:
Click CSC and select the CSC_XXX_XXX.tar.md5
If your tablet was already rooted, and you're just updating:
Click CSC and select the HOME_CSC_XXX_XXX.tar.md5
Odin should now look like this:View attachment 5574201
Click Start. When it's finished, Odin will display "PASS!" and the tablet will automatically reboot.
Step 4 - Verify and finalize
Go through the normal setup, signing in to your Google and Samsung accounts this time
Click on Magisk that is now pre-installed, and go through the Settings step to allow it to install again
It should prompt you that your device needs additional setup and one more reboot, click OK
After rebooting, your device should be fully rooted. Use a root checker app if you want to verify.
Edit - Thanks OP, but I don't think of this as a better guide. I just took really careful notes of what I was doing, so that I'd be able to reproduce it in 6 months when my brain had completely forgotten all the buttons!
Click to expand...
Click to collapse
Excellent guide. I just had my OOBI this morning & I forgot about having to change the date to an earlier one, check for a software update, etc before being able to see OEM unlock in developer settings. But that's a one & done.
skrowl said:
Anyone work out how to get Netflix working with root yet? Also, is Magisk manager showing any modules to download in the Magisk app for you guys? I can install from file, but the downloading functionality doesn't seem to be working.
Click to expand...
Click to collapse
To download magisk modules use this app; https://github.com/Fox2Code/FoxMagiskModuleManager
To hide root you can try this:
1. Magisk -> Settings -> Hide the Magisk app (It will get a new random package name so other apps won't see that it's actually Magisk and additionally you can choose a new name for the app as well.)
2. Open the newly created magisk app, install extra files when prompted and tab will reboot automatically.
3. Flash MagiskHide Props Config https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/releases
4. Reboot
5. Flash Universal Safetynet Fix https://github.com/kdrag0n/safetynet-fix/releases
6. Reboot
7. Add any app you want to hide root from to DenyList: Google Play Store, Google Play Services, Google Services Framework, Netflix, banking apps etc.
8. Enforce DenyList MUST stay turned off!
9. Flash Shamiko module to hide root properly.
Releases · LSPosed/LSPosed.github.io
Contribute to LSPosed/LSPosed.github.io development by creating an account on GitHub.
github.com
10. Reboot
After checking Frija, found that an update was available fro my SM-X906B EUX, Just updated to X906BXXU1AVCD/X906BOXM1AVCD/X906BXXU1AVCD using step 3 of the guide without issue (root and data kept).
Is there a way to be notify when an update is out ? Or do i have to manually check every month?
Do we have changelog or something similar?
Vinsang said:
After checking Frija, found that an update was available fro my SM-X906B EUX, Just updated to X906BXXU1AVCD/X906BOXM1AVCD/X906BXXU1AVCD using step 3 of the guide without issue (root and data kept).
Is there a way to be notify when an update is out ? Or do i have to manually check every month?
Do we have changelog or something similar?
Click to expand...
Click to collapse
Someone else had given the link to this site (for your model) https://samfw.com/firmware/SM-X906B.
No automatic notifications, but I use a Windows program that checks sites for updates (https://samfw.com/firmware/SM-X900 for my model, which won't arrive for another 12 days).
Might also be able to use https://www.sammobile.com/firmwares/
Somewhere on this site might occasionally be generic changelogs https://www.sammobile.com/news/galaxy-tab-s8-ultra-february-2022-security-update-released/#
Samsung Galaxy Tab S8 Ultra
Introduction Samsung is making no secret of the fact that it wants to offer the best Android tablet on the market. ...
www.sammobile.com
Samsung Galaxy Tab S8+
Introduction Prior to the Galaxy Tab S8 series, the
www.sammobile.com
Samsung Galaxy Tab S8
Introduction Samsung's flagship tablet lineup was due for a major refresh and the company came through with the Galaxy Tab S8 ...
www.sammobile.com
Quick question. If another software update were to come out, could I update it and still have magisk and root access afterwards? My Tab S8+ says its device status is official, and it doesn't tell me that my device is rooted when I connect to the server to check for updates. So, if I updated this way, would that remove the whole patching the AP file with magisk and flashing it with Odin thing? It'd be awesome to have the latest updates and such while maintaining root access.
To keep root and your data while updating, follow the step 3 of the guide in post #1( it requires that you look manually for updates).
I wouldn't advise to update via OTA while rooted. I don't even think you'll get the prompts.
Vinsang said:
To keep root and your data while updating, follow the step 3 of the guide in post #1( it requires that you look manually for updates).
I wouldn't advise to update via OTA while rooted. I don't even think you'll get the prompts.
Click to expand...
Click to collapse
That's odd because I got the prompt to update on my rooted Tab S7+ (it also says the device status is official) when the OneUI 4.1 update came out for it. I haven't tested to see if that would change anything, but since the S7+ has TWRP, I can just restore a backup Incase something doesn't turn out well.
Hi all. I purchased a SM-X900 from the Samsung website(UK). I am having a serious problem with getting the OEM unlocking option to display in the developer options menu. I have tried the known workarounds (change date/disable automatic updates, etc) but had no success. Does anyone have any other methods/ideas? I previously had the tab s7+ and had no problems with this.
Any tips would be much appreciated!
brunosilvauk said:
Hi all. I purchased a SM-X900 from the Samsung website(UK). I am having a serious problem with getting the OEM unlocking option to display in the developer options menu. I have tried the known workarounds (change date/disable automatic updates, etc) but had no success. Does anyone have any other methods/ideas? I previously had the tab s7+ and had no problems with this.
Any tips would be much appreciated!
Click to expand...
Click to collapse
I've had some issues where after enabling OEM Unlocking and going through the process, after Unlocking and resetting, the option disappears, but OEM is still unlocked. Not sure what causes this, but after rebooting for some root-required things and checking again, the option was there and changeable. I actually went throught the normal initialization process on my Tab S7+ and Tab S8+ (wifi, clock, samsung account, etc) and never had any issues. Maybe try either factory resetting again or flashing latest stock firmware (you can flash official firmware even if oem is locked). YMMV though. This specific issue of the option not showing up at all never happened for me, so I'm not sure how much help my suggestions will be.
SavXL said:
I've had some issues where after enabling OEM Unlocking and going through the process, after Unlocking and resetting, the option disappears, but OEM is still unlocked. Not sure what causes this, but after rebooting for some root-required things and checking again, the option was there and changeable. I actually went throught the normal initialization process on my Tab S7+ and Tab S8+ (wifi, clock, samsung account, etc) and never had any issues. Maybe try either factory resetting again or flashing latest stock firmware (you can flash official firmware even if oem is locked). YMMV though. This specific issue of the option not showing up at all never happened for me, so I'm not sure how much help my suggestions will be.
Click to expand...
Click to collapse
Thanks, in my case, I have not seen this OEM option at all, since I received the device. I have not been able to root it.
brunosilvauk said:
Thanks, in my case, I have not seen this OEM option at all, since I received the device. I have not been able to root it.
Click to expand...
Click to collapse
Well, something I can recommend is downloading the latest firmware update for your specific device (use either frija or samfw), going into download mode by holding vol+ and vol- while connecting the device to a PC, and flashing it with Odin, or you can update officially since your device hasn't been rooted yet. Maybe the current version you're on is affecting it somehow? No clue man. This issue is brand new to me.
SavXL said:
Well, something I can recommend is downloading the latest firmware update for your specific device (use either frija or samfw), going into download mode by holding vol+ and vol- while connecting the device to a PC, and flashing it with Odin, or you can update officially since your device hasn't been rooted yet. Maybe the current version you're on is affecting it somehow? No clue man. This issue is brand new to me.
Click to expand...
Click to collapse
No joy, have no idea how to fix this. Thank you for your input anyway! Maybe someone else has any other ideas?