Hi,
I hope somebody can give me a hint.
I just got a used p20 pro with open bootloader but stock rom.
Unfortunately the Google security check has some "problems" with this situation and doesn't allow me to use several apps like Netflix, Google pay, etc.
So I'm looking for a way to easily fix this problem, the phone will be used by my parents.
Either lock the bootloader or "hide" it probably.
But how - I don't have the bootloader code - and I'm not too much into android rooting...
Usefull hints are appreciated.
Merry xmas
Mounty
You're on thin ice my pedigree chum..
Avoid flashing anything that would allow a block of any kind which is an absolute reality.
Having used absolutely every ROM and OS from 8.1 to 10
My advice. Flash AOSIP and then ask in thread to get safety net working.
Literally nothing else it worth your time.
Unless you're strange and like EMUI.
In such case, stuck with stock.
Just be aware you're in a position that a lot of people would kill for.
Google have done some **** stuff to make people who have unlocked bootloader a nightmare. I don't think there is a way to hide it unless you use Magisk
mounty77 said:
the phone will be used by my parents.
Click to expand...
Click to collapse
If they are not some kind of advanced users, unlocked bootloader has exactly 0 added value for them. Search the forum for flushing methods, the ones that will warn you that this method re-locks the bootloader, flush the latest stock ROM for your region and live a happy and calm life.
As a suggestion.. Use Magisk with Safety patch and you're done. You can keep the bootloader unlocked and still bypass google restrictions. (Install apps like netflix, etc.)
My phone is on 9.0.1.328 and works fine.
Horayken said:
As a suggestion.. Use Magisk with Safety patch and you're done. You can keep the bootloader unlocked and still bypass google restrictions. (Install apps like netflix, etc.)
My phone is on 9.0.1.328 and works fine.
Click to expand...
Click to collapse
Hi,
Thx so far, I think I'll try the magisk thing.
Are there any downsides on this? Will Ota updates still work?
I already downloaded and installed magisk manager, but I was not able to install magisk via magisk manager.
I downloaded the zip file and tried to install it.
But I only got the attached error.
I think I have to patch something?!
Any advise?
Thx
Mounty
mounty77 said:
Hi,
Thx so far, I think I'll try the magisk thing.
Are there any downsides on this? Will Ota updates still work?
I already downloaded and installed magisk manager, but I was not able to install magisk via magisk manager.
I downloaded the zip file and tried to install it.
But I only got the attached error.
I think I have to patch something?!
Any advise?
Thx
Mounty
Click to expand...
Click to collapse
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
abyssq said:
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
Click to expand...
Click to collapse
Hi,
thx for your offer/advise. I’ll try this way - it sounds most promising to me.
Can I do this on the mobile only, or do I need a pc?
Where / How do I find the ramdisk recovery?
BL Lock
I can lock (yes, lock) your bootloader for free.
Contact me at Telegram (@AntiEngineer), you don't need to open up your device.
abyssq said:
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
Click to expand...
Click to collapse
Hi,
unfortionatly I wasn´t sucessfull till now.
At https://openkirin.net/ is a very usefull description availaible but I´m still searching for the RAMDISK Extract. I found that database where you can donwload several versions, but mine wasn´t provided there
https://pro-teammt.ru/en/online-firmware-database/
My Version is:
CLT-L29
10.0.0.138 (C432E3R1P3log)
Anybody knows where I can download that`?
Best regards
mounty
@mounty77
You are on Android 10 Beta?
Root on Android 10 Beta not working for me.
You are on Android 10 Beta?
Root on Android 10 Beta not working for me.
Click to expand...
Click to collapse
No Root, just unlocked bootloader... I want to hide the unlock of the bootloader
mounty77 said:
No Root, just unlocked bootloader... I want to hide the unlock of the bootloader
Click to expand...
Click to collapse
Installing a "RECOVERY_RAMDIS.img" patched with Magisk is rooting the phone.
I´m fine if i have to root it to hide the open bootloader
Related
UPDATE – 07.03.2017
This patch is no longer required to have Google Device Certification.
After install ROM B594 no further actions are required.
Thanks to "who" did this correction … and I hope somehow this thread helped to speed up solving this mismatching.
Note:
I created a new flashable zip to set original B594 local.prop in case of someone want revert the patch without install the complete ROM
_____________________________
_____________________________
WARNING: I'M NOT RESPONSIBLE FOR SCREWING UP YOUR PHONE
If you are not used to solve soft-brick don't play with this.
After installation of new stock ROM ALE-L21C432B594
- Device become uncertified
- SaftyNet status fail, due to CTS profile mismatch
How to get back device certification and CTS profile match?
- You have to change Fingerprint from B594 to B588 (at least worked to me)
- File to change => local.prop
- Location => /cust/hw/eu/prop
- See image enclosed how to change it
- After you aplied this, unroot your device, run the Safety Net test, check Play Store Settings and check if it works
- I created flashable zip in case your device is not rooted but you have TWRP installed
Thanks, it worked for me
Btw. You can root with magisk to pass SafetyNet with root.
Ok, if we don't have open bootloader, we should wait until certificated automatically? It's just the number, so it's maybe just not documented by Google, right? Hope so
If you're not rooted and do not have a custom recovery, how do you apply this?
I've extracted CUST.img from the UPDATE.APP, edited the file and rebuilt the image. Can I just use fastboot to flash it?
@proze.za
Try first without this patch. I have changed this line back and I can still pass SafetyNet. What's more my device is certified...
You need unlocked bootloader to flash cust.img and if you have unlocked bl you can just flash TWRP.
dominj97 said:
@proze.za
Try first without this patch. I have changed this line back and I can still pass SafetyNet. What's more my device is certified...
You need unlocked bootloader to flash cust.img and if you have unlocked bl you can just flash TWRP.
Click to expand...
Click to collapse
You're right. I just checked and my device is certified with B594.
proze.za said:
You're right. I just checked and my device is certified with B594.
Click to expand...
Click to collapse
So B594 it's certified? Or you did something?
Azzureux said:
So B594 it's certified? Or you did something?
Click to expand...
Click to collapse
I just installed the full B594 update (placed UPDATE.APP in dload on an sdcard, etc). And it says it is certified.
Now CTS is passed without change anything. SafetyNet-Check completly passed, but in Play Store uncertificated. No problems at all
First post updated
After full rom reflash I get no "uncertified" message
Audriuskins said:
After full rom reflash I get no "uncertified" message
Click to expand...
Click to collapse
You want tell us that we just have to update from B594 to B594 to get certificated back?
Edit: I have tried, but that isn't working. So I have to live with that.
dominj97 said:
Thanks, it worked for me
Btw. You can root with magisk to pass SafetyNet with root.
Click to expand...
Click to collapse
Thanks for the hint :good:
I tried and it works
Works, too. Closed Bootloader, no root. Uncertificated is shown on Play Store, but everything is passed since monday.
allrightlite said:
Works, too. Closed Bootloader, no root. Uncertificated is shown on Play Store, but everything is passed since monday.
Click to expand...
Click to collapse
Monday! I thought it was on Tuesday, but anyway, what was tested this time was only if SafetyNet passed on the device with root.
Like dominj97 mention on his post it works if I make root with Magisk.
I tested with SuperSU, Suhide, Superuser, but in my case only worked with Magisk.
Thread closed as per OP request.
Forum moderator,
Matt
can i flash magisk using twrp and get root?
It worked for me using twrp from https://forum.xda-developers.com/p10/development/recovery-twrp-3-2-1-0-emui-8-0-4-04-2018-t3773449 and magisk 16.0 on oreo firmware.
Quick answer...yes.
On Oreo (VTR-L09C432B360), I installed the 15.4 version from here... https://forum.xda-developers.com/p10-plus/development/magisk-p10-p10plus-t3752482 (it's for the P10 Plus but works on P10's as well)
You can then update to the latest version (v16) via the Magisk Manager app.
Nougat here... https://forum.xda-developers.com/p10/how-to/guide-huawei-p10-root-magisk-magisk-t3625151
colthekid said:
Quick answer...yes.
On Oreo (VTR-L09C432B360), I installed the 15.4 version from here... https://forum.xda-developers.com/p10-plus/development/magisk-p10-p10plus-t3752482 (it's for the P10 Plus but works on P10's as well)
You can then update to the latest version (v16) via the Magisk Manager app.
Nougat here... https://forum.xda-developers.com/p10/how-to/guide-huawei-p10-root-magisk-magisk-t3625151
Click to expand...
Click to collapse
It's doable on any p10's right like I have the dual sim version.
One more question....to get the treble ROM I have to root right?
Those have flashed successfully, did your SafetyNet pass completely? ctsProfile is the only issue I'm having right now
naeemomr said:
It's doable on any p10's right like I have the dual sim version.
One more question....to get the treble ROM I have to root right?
Click to expand...
Click to collapse
Works on all P10's as far as I'm aware. Don't know about Treble, I'm on stock.
MrDanMak said:
Those have flashed successfully, did your SafetyNet pass completely? ctsProfile is the only issue I'm having right now
Click to expand...
Click to collapse
Yes SafetyNet passes fine
colthekid said:
Works on all P10's as far as I'm aware. Don't know about Treble, I'm on stock.
Yes SafetyNet passes fine
Click to expand...
Click to collapse
Damn, didn't work for me. Just the ctsProfile: False issue I'm having. On the B360 firmware using the latest TWRP that works for the P10 as well. Know of anything else I can do to fix this perhaps?
Try Magisk in core only mode and turn on Magisk Hide, other than that I don't know I'm afraid.
-i instaled magisk manager (16)
-patched the original boot parition (you have to untrigger both options in magisk manager..."keep force encryption" "keep AVB 2.0/dm-verity)
-flashed modified boot parition with TWRP
-all OK, safetynet OK
DallasCZ said:
-i instaled magisk manager (16)
-patched the original boot parition (you have to untrigger both options in magisk manager..."keep force encryption" "keep AVB 2.0/dm-verity)
-flashed modified boot parition with TWRP
-all OK, safetynet OK
Click to expand...
Click to collapse
Hi DallasCZ,
May I ask you to be more specific?
I just ordered a P10 and I would like root it with Magisk (I alrady have a Lenovo Tab3 8Plus (TB-8703F) and successfully routed with Magisk (Safety Net check is green))
So, what are the steps? Can I use the original Magisk, or should I use a P10 specific? And how the OTA updates work with the Magisk? Eg.: Do you have to disable it before update? I hope not, since Magisk is systemless and the Oreo ROM is Treble "compatible". Oh, and could you give me a link to a working TWRP, which is compatible with the latest Oreo?
Thanks everything in advance!
So, is it not possible to flash ramdisk without unlocking bootloader?
cesedy said:
So, is it not possible to flash ramdisk without unlocking bootloader?
Click to expand...
Click to collapse
Yes you jave to unlock bootloader first.
Finally I got my phone. Now I'm testing, and getting familiar with it. But after that, I really need some help / advice ...
So my questions are the follows:
If I open the bootloader (no root, no other modifications), will I get OTA updates, and will they work?
Which TWRP is recommended? twrp 3.2.1-0 OREO or TWRP 3.2.1-0 for EMUI 8.0 or another one? What is the difference between the first two?
Can I use the official Magisc? I'm on VTR-L29 8.0.0.360(C432)
And the "really big" question: Is it possible to have OTA updates and Magisk at the same time? If yes, how?
Dexterova said:
Finally I got my phone. Now I'm testing, and getting familiar with it. But after that, I really need some help / advice ...
So my questions are the follows:
If I open the bootloader (no root, no other modifications), will I get OTA updates, and will they work?
Which TWRP is recommended? twrp 3.2.1-0 OREO or TWRP 3.2.1-0 for EMUI 8.0 or another one? What is the difference between the first two?
Can I use the official Magisc? I'm on VTR-L29 8.0.0.360(C432)
And the "really big" question: Is it possible to have OTA updates and Magisk at the same time? If yes, how?
Click to expand...
Click to collapse
Guys, don't bother with answering my question. It seems that Huawei removed the possibility to get unlock code. So, right now it seems I'll never be able to root my device
Dexterova said:
Guys, don't bother with answering my question. It seems that Huawei removed the possibility to get unlock code. So, right now it seems I'll never be able to root my device
Click to expand...
Click to collapse
Apparently you can contact customer service and receive the unlock code after a couple of days.
M1chiel said:
Apparently you can contact customer service and receive the unlock code after a couple of days.
Click to expand...
Click to collapse
Are you sure? How? Just write an e-mail to [email protected]? But why they shut down the request page / site? This does not make any sense.
Dexterova said:
Are you sure? How? Just write an e-mail to [email protected]? But why they shut down the request page / site? This does not make any sense.
Click to expand...
Click to collapse
Huawei Reddit
M1chiel said:
Huawei Reddit
Click to expand...
Click to collapse
OK, I'll give it a try...
... (other) question(s):
If I open (no root) the bootloader, will I get OTA updates?
In other words: you guys, with Magisk, how do you update your devices?
Because we do not make a list of which modules work 100% in magisk in P10, since for example xposed produces a hard brick.
Sorry my bad english
Is this still available [email protected]?
I got this error message:
The response from the remote server was:
550 5.1.1 Error: invalid recipients is found from 209.85.216.178
Since the sources are out, is there a kernel with dm-verity disabled?
I want to be able to root and keep TWRP, make some changes (hosts, restore some titaniumbackup files), unroot and still pass the checks, which normally fails due to safetynet detecting the unlocked bootloader. If I understood correctly, disabling dm-verity will allow safetynet to pass even with unlocked BL?
Or is that outdated info?
I pass safetynet with an unlocked bootloader,TWRP and root (Magisk). Just install the MagiskHide Props Config module via Magisk Manager->Modules and in a terminal type:
su
props
and apply the fix and select mate 10 as device
I'm trying to avoid using magisk to avoid losing safetynet access when an update comes. I really only need root once.
I believe you can fully uninstall magisk and pass safetynet as it was stock again
No, unfortunately not, since safetynet detects the unlocked bootloader.
Arak0n said:
No, unfortunately not, since safetynet detects the unlocked bootloader.
Click to expand...
Click to collapse
Oh sorry didn't knew that, thought maybe just using unsu.zip would do the trick
When I get onto huawei with a legal threat of GPL violation, hopefully the kernel sources will build a working bootable image, rather than the broken, unbootable one I have installed right now. Side note: I need the working stock kernel & ramdisk if anyone has it.
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
When I get onto huawei with a legal threat of GPL violation, hopefully the kernel sources will build a working bootable image, rather than the broken, unbootable one I have installed right now. Side note: I need the working stock kernel & ramdisk if anyone has it.
Sent from my kminiltexx using XDA Labs
Click to expand...
Click to collapse
Can't you use Huawei Firmware Finder and Huawei Update Extractor to get stock kernel & ramdisk? I could send you these extracted from an full OTA update.zip. What I can't do is send you these files extracted from my phone because it took a long time going back to stock and get safetynet running, so I don't want to risk that by unlocking the bootloader and flashing twrp again. Just tell me if the extracted files would be enough for you.
kaiomatico said:
Can't you use Huawei Firmware Finder and Huawei Update Extractor to get stock kernel & ramdisk? I could send you these extracted from an full OTA update.zip. What I can't do is send you these files extracted from my phone because it took a long time going back to stock and get safetynet running, so I don't want to risk that by unlocking the bootloader and flashing twrp again. Just tell me if the extracted files would be enough for you.
Click to expand...
Click to collapse
The files are great, but, sorry to tell you, someone else already sent them to me.
However, there's good news, I got Honor Support to escalate my request to a supervisor so maybe someone will actually give me sources now! Yay.
I have TA-1046 with unlocked bootloader (and uninstalled Magisk before try Pie update)...
Pie stable i installed before using adb sideload OTA file (B2N-322C-0-00WW-B01-update.zip) from this thread
Before some days i have notification with OTA October update, but instalation after download failed(screenshot), tryed several times and on more different wifi connection...
Then i also try adb sideload file B2N-322D-0-00WW-B01-update.zip (from same thread as before install Pie stable) and too failed, this method show more info(screenshot):
"Package is for source build 00WW_3_22C but expected 0001_3_22C
Installation aborted"
In Settings/System/AboutPhone/AndroidVersion i have right build_number: 00WW_3_22C (screenshot)
I read in some other threads that someone have same problem, but without reaction, then a create rather this dedicated thread...
Anyone have same problem? And anyone have please sollution for this?
Please don't write if don't have this problem or tips for sollution, keep this thread clean for finding sollution, thanks
UPDATE: Thanks to TomThePhysicist is problem solved, here is howto...
Same problem and I didn't find any solution yet.
Try this : (works for a similar error in 6.1+):
Rename the package to B2N-322D-0-00WW-B01-322C-0-00WW-B01-update.zip
Put in root of internal storage, go to dialer and dial *#*#874#*#*
If it can't find the file, use the original name and re-dial.
I hope it works, please confirm so others can use it.
Broadcasted from Zeta Reticuli
It worked for me mate! Thank you
k3dar7 said:
I have TA-1046 with unlocked bootloader (and uninstalled Magisk before try Pie update)...
Pie stable i installed before using adb sideload OTA file (B2N-322C-0-00WW-B01-update.zip) from this thread
Before some days i have notification with OTA October update, but instalation after download failed(screenshot), tryed several times and on more different wifi connection...
Then i also try adb sideload file B2N-322D-0-00WW-B01-update.zip (from same thread as before install Pie stable) and too failed, this method show more info(screenshot):
"Package is for source build 00WW_3_22C but expected 0001_3_22C
Installation aborted"
In Settings/System/AboutPhone/AndroidVersion i have right build_number: 00WW_3_22C (screenshot)
I read in some other threads that someone have same problem, but without reaction, then a create rather this dedicated thread...
Anyone have same problem? And anyone have please sollution for this?
Please don't write if don't have this problem or tips for sollution, keep this thread clean for finding sollution, thanks
Click to expand...
Click to collapse
It happened with me but at that time my device was restoring applications after hard reset. Once the restoration was completed, it auto installed.
Gravemind2015 said:
Try this : (works for a similar error in 6.1+):
Rename the package to B2N-322D-0-00WW-B01-322C-0-00WW-B01-update.zip
Put in root of internal storage, go to dialer and dial *#*#874#*#*
Click to expand...
Click to collapse
thanks, tried but not success...
update file is found and update process is starting, but after small wait in 17% is stoped and show error window...
tried with dialing and also keep on root of internal storage and reboot, this show notify about system update (not ota notify) with same behavior as dialer method...
jaskiratsingh said:
It happened with me but at that time my device was restoring applications after hard reset. Once the restoration was completed, it auto installed.
Click to expand...
Click to collapse
thanks, i not yet try hard reset now, only before ~month while sideload Pie 3.22C, try wait ~week if find or someone sollution without HR...
proteus119 said:
It worked for me mate! Thank you
Click to expand...
Click to collapse
you have unlocked bootloader?
Worked for me too, thanks!
k3dar7 said:
you have unlocked bootloader?
Click to expand...
Click to collapse
Are you rooted? It's weird, it works for some people but not for others.
I'm trying to guess it it's variant specific or maybe having root is the issue (it's expected on a rooted system).
Broadcasted from Zeta Reticuli
Gravemind2015 said:
Are you rooted? It's weird, it works for some people but not for others.
I'm trying to guess it it's variant specific or maybe having root is the issue (it's expected on a rooted system).
Click to expand...
Click to collapse
i have rooted (using install official Magisk zip release in only booted TWRP) before, when i see first OTA update notification, then i unroot using MagiskManager Uninstall Complete...
then all update i trying (OTA wireless, adb sideload, dial and reboot with file in root with your filename) is without Magisk/MagiskManager installed, "only" with unlocked bootloader
wriggler_ said:
Worked for me too, thanks!
Click to expand...
Click to collapse
you have unlocked bootloader?
k3dar7 said:
you have unlocked bootloader?
Click to expand...
Click to collapse
Nope.
Hard reset won't solve it. Do not bother
k3dar7 said:
thanks, i not yet try hard reset now, only before ~month while sideload Pie 3.22C, try wait ~week if find or someone sollution without HR...
Click to expand...
Click to collapse
I might have a clue on this. I upgraded to Pie from a rooted state (the OTA allowed me exceptionally to upgrade from Oreo to Pie and I said why not!). Now after installing Magisk Manager I noticed that Magisk is already installed! This might be the reason behind this annoying error.
whoknowshimself said:
I might have a clue on this. I upgraded to Pie from a rooted state (the OTA allowed me exceptionally to upgrade from Oreo to Pie and I said why not!). Now after installing Magisk Manager I noticed that Magisk is already installed! This might be the reason behind this annoying error.
Click to expand...
Click to collapse
ok, i go try OTA dial update after install Magisk
edit: same as without Magisk, failed at 17%...
Of course it should fail. What I mean is it fails because we don't have stock boot. Like in Oreo when it was not possible to use OTA with patched boot, it is not available for Pie. They just made it available for Oreo to Pie update and that has messed everything up.
k3dar7 said:
ok, i go try OTA dial update after install Magisk
edit: same as without Magisk, failed at 17%...
Click to expand...
Click to collapse
I was on an unlocked bootloader with Magisk installed and encountered the same update failed error. I tried uninstalling Magisk via total uninstall and ended up soft bricking the phone, unable to apply any OTA update. The firmware flashing tool also did not work. The good news was I was still able to access Download Mode and Fastboot mode. I ended up sending it to the service center after relocking the bootloader and they flashed the official firmware at no charge. The phone then updated to Pie on first boot after downloading the update, and then wanted to update to the October update after a restart. The weird thing is the October update failed again, inspite of locked bootloader and no root! However, when I checked the phone few hours later, the update seems to have gone thru just fine. Not sure why this October update is a bit wonky. I agree with the above poster; not having patched boot is the issue here. However, we should be able to get this by extracting payload.bin and using magisk to patch the file.
For now, I am back on a locked bootloader and no root. Awaiting more stability in the unlocking/rooting scene before I try again. Unless Nokia releases official bootloader unlock, I will have to firmware flash back to Oreo, as both A/B partitions are occupied by Pie and the hack used to unlock the bootloader has already been patched on Pie.
Hi. Thanks for the input and your detailed comment. The thing is there is no service centre here in my country! So I should do everything my own. But may I ask how you relocked the bootloader?
ganja_guru said:
I was on an unlocked bootloader with Magisk installed and encountered the same update failed error. I tried uninstalling Magisk via total uninstall and ended up soft bricking the phone, unable to apply any OTA update. The firmware flashing tool also did not work. The good news was I was still able to access Download Mode and Fastboot mode. I ended up sending it to the service center after relocking the bootloader and they flashed the official firmware at no charge. The phone then updated to Pie on first boot after downloading the update, and then wanted to update to the October update after a restart. The weird thing is the October update failed again, inspite of locked bootloader and no root! However, when I checked the phone few hours later, the update seems to have gone thru just fine. Not sure why this October update is a bit wonky. I agree with the above poster; not having patched boot is the issue here. However, we should be able to get this by extracting payload.bin and using magisk to patch the file.
For now, I am back on a locked bootloader and no root. Awaiting more stability in the unlocking/rooting scene before I try again. Unless Nokia releases official bootloader unlock, I will have to firmware flash back to Oreo, as both A/B partitions are occupied by Pie and the hack used to unlock the bootloader has already been patched on Pie.
Click to expand...
Click to collapse
whoknowshimself said:
Hi. Thanks for the input and your detailed comment. The thing is there is no service centre here in my country! So I should do everything my own. But may I ask how you relocked the bootloader?
Click to expand...
Click to collapse
Sure, I followed the instructions here https://www.techmesto.com/lock-nokia-android-bootloader/ . However, if there is no service center in your country and you don't plan to do a warranty claim, I've read that relocking the bootloader will prevent you from using the firmware flashing tool.
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
I have not heard of any other means (for our phone) to hide unlocked bootloader form SafetyNet checking service, except Magisk with "Magisk Hide" option on.
If you are afraid of root: just do not grant root rights to any applications.
If you are afraid to tamper phone, just do not install any Magisk Modules (but, for example, using embedded "Systemless Host" module and a file manager with root rights I can avoid 99% of ads to my phone copying meaningful "hosts" file to /data/adb/modules/hosts/system/etc without tampering system and raising no problems with OTAs);
If you are afraid to loose ability of OTAs, just patch boot.img on phone, thus saving stock /boot image for "uninstalling Magisk", and do not tamper /system.
Note: since March, 2020, security updates Google can bypass Magisk Hide tricks at their will at any moment, and if they enforce this security rule, those who need SafetyNet would be forced to lock phones until Magisk developers could find a way to bypass Google's bypasses. It is like "armor vs shell" big game of XIX century.
If Google goes ahead with what it is considering, most of us will be in despair. In plain words Magisk, as it stands, will be able to hide root but not the unlocked bootloader status. So CTS / device integrity will fail.....
Yes, that's how I see it too. If Google enforces new "unlocked state" checks, those of us who do not want to lock (due to buggy OTAs from Xiaomy) and still want to use MiA2 and SafetyNet, will either have to "freeze" at a stock ROM version tricked to pass checks, or look towards a custom ROM and also freeze it, and thus live without security updates.
Khep said:
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
Click to expand...
Click to collapse
you can not flash android 6
if you dont want root why unlock your bootloader ?
just lock your bootloader using fastboot ( it is silly unless you are going to flash custom stuff )
* if it is to enable camera API2 there are methods without unlocked bootloader
**like others have told yoy and as you have read you can bypass it for now using Magisk
---------- Post added at 10:44 PM ---------- Previous post was at 10:43 PM ----------
Khep said:
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
Click to expand...
Click to collapse
you can not flash android 6
if you dont want root why unlock your bootloader ?
just lock your bootloader using fastboot ( it is silly unless you are going to flash custom stuff )
* if it is to enable camera API2 there are methods without unlocked bootloader
**like others have told yoy and as you have read you can bypass it for now using Magisk
the lowest version you can downgrade to is Oreo ....
Update: With new EdXposed 0.4.6.3 (4537)-YAHFA module for Magisk 20.4 I have fully passing SafetyNet checks under Android 10 again.
Just do not forget to switch on Magisk Hide and include into EdXposedManager BlackList:
- Google Pay Services and Google Pay - mandatory,
- Google Service Framework and Google Play Market - optionally, for future ?,
- Bank apps.
Also do not forget to preliminary uninstall previous EdXposed and Reboot, then update magisk-Riru-core module and Reboot (I have 19.8), then update to latest EdXposedManager app (I have 4.5.7).
This version (4537) is somehow still missing in GitHub, got from here..