Related
Ok so i have read many posts on XDA about bricked nexus 5x's and many others, sometimes the main probelm is the oem isnt unlocked. I myself have a Nexus 5x that is completely stock no custom recovery no root no nothing, i just update the phone, right now on Nougat 7.0 sep security update.
So my question is, should i check the OEM unlocking in the settings ? i will never install any recovery or root but i think by reading the posts, it seems like its a major problem if this is not checked, should i check it just to be safe ?
U_Midrar said:
Ok so i have read many posts on XDA about bricked nexus 5x's and many others, sometimes the main probelm is the oem isnt unlocked. I myself have a Nexus 5x that is completely stock no custom recovery no root no nothing, i just update the phone, right now on Nougat 7.0 sep security update.
So my question is, should i check the OEM unlocking in the settings ? i will never install any recovery or root but i think by reading the posts, it seems like its a major problem if this is not checked, should i check it just to be safe ?
Click to expand...
Click to collapse
If you have issues in your current state they will most likely be hardware related and unfixable via software. But even locked you can completely reinstall the OS via sideloading an OTA or using the TOT method.
Enabling OEM unlock disables Factory Reset Protection (FRP). FRP is a security feature that prevents a stolen device from being activated. There is allot of info about it online if you wish to learn more.
So you need to decide if you want FRP or the ability to flash the factory images.
Sent from my XT1650 using Tapatalk
PiousInquisitor said:
If you have issues in your current state they will most likely be hardware related and unfixable via software. But even locked you can completely reinstall the OS via sideloading an OTA or using the TOT method.
Enabling OEM unlock disables Factory Reset Protection (FRP). FRP is a security feature that prevents a stolen device from being activated. There is allot of info about it online if you wish to learn more.
So you need to decide if you want FRP or the ability to flash the factory images.
Click to expand...
Click to collapse
ok thx dude for the reply, nah i dont care about the FRP. so flashing factory images is easier right ? rather than sideloading or whatever this TOT method is...., and do most mobiles have a oem locked or unlocked ?
U_Midrar said:
ok thx dude for the reply, nah i dont care about the FRP. so flashing factory images is easier right ? rather than sideloading or whatever this TOT method is...., and do most mobiles have a oem locked or unlocked ?
Click to expand...
Click to collapse
Sure, flashing the factory images is probably slightly easier than the other methods. Note that in your case you would need to actually unlock the bootloader to flash the images. With those added steps it's probably faster to sideload.
The Allow OEM unlock toggle has been around since LP I think. An pretty sure it's in phones that shipped with LP. It didn't automagically mean that the phones bootloader can be unlocked though. It should stop disable FRP though.
Sent from my XT1650 using Tapatalk
Yes, most, I think all OEMs leave the possibility to unlock the bootloader.
By default the bootloader is locked on most OEMs (Sony, Samsung, HTC, Motorola, even Nexus devices).
For Nexus devices it's a simple one liner to unlock/lock the bootloader which will also trigger a data wipe but. On Nexus devices it doesn't void your warranty.
For most other OEMs phones you have to follow some steps and usually get some kind of code in order to unlock the bootloader the first time. This will void your warranty!
If you don't know whether or not you should unlock/lock the bootloader, the answer is: NO!
It seems you're not modifying your phones software (Custom Kernel, Custom Rom, Root etc) and you seem to have no intention doing so. So it's not needed and even less "secure" than with locked bootloader. If you do, you should know that you have to unlock the bootloader in order to change the phones software.
Why would you want to unlock the bootloader when the only reason to do so is to modify the software and you do not plan to do this?
On a stock nexus there is no need to unlock the bootloader, you can even reflash your phone with locked bootloader with the stock software image.
creambyemute said:
Yes, most, I think all OEMs leave the possibility to unlock the bootloader.
By default the bootloader is locked on most OEMs (Sony, Samsung, HTC, Motorola, even Nexus devices).
For Nexus devices it's a simple one liner to unlock/lock the bootloader which will also trigger a data wipe but. On Nexus devices it doesn't void your warranty.
For most other OEMs phones you have to follow some steps and usually get some kind of code in order to unlock the bootloader the first time. This will void your warranty!
If you don't know whether or not you should unlock/lock the bootloader, the answer is: NO!
It seems you're not modifying your phones software (Custom Kernel, Custom Rom, Root etc) and you seem to have no intention doing so. So it's not needed and even less "secure" than with locked bootloader. If you do, you should know that you have to unlock the bootloader in order to change the phones software.
Why would you want to unlock the bootloader when the only reason to do so is to modify the software and you do not plan to do this?
On a stock nexus there is no need to unlock the bootloader, you can even reflash your phone with locked bootloader with the stock software image.
Click to expand...
Click to collapse
yo dude thx for the reply, as i said in my first post, i saw some bricked nexus 5x (they didnt mod anything i think) that couldnt be repaired cause he had the option unchecked about OEM, that is why i was asking for like a safety precaution that if something goes wrong it would be okay cause oem could be unlocked then... what do u say now ? (and yea im not gonna ever mod anything in the phone, learned fom my last phone which i somehow bricked and a man fixed it for for 5$ )
U_Midrar said:
yo dude thx for the reply, as i said in my first post, i saw some bricked nexus 5x (they didnt mod anything i think) that couldnt be repaired cause he had the option unchecked about OEM, that is why i was asking for like a safety precaution that if something goes wrong it would be okay cause oem could be unlocked then... what do u say now ? (and yea im not gonna ever mod anything in the phone, learned fom my last phone which i somehow bricked and a man fixed it for for 5$ )
Click to expand...
Click to collapse
That catch is if if you checked OEM unloking and chose to not perform oem unlock command now.
When something did went wrong afterward, you are able to perform oem unlock but it will wipe your data.
There is no point for doing it.
HebeGuess said:
That catch is if if you checked OEM unloking and chose to not perform oem unlock command now.
When something did went wrong afterward, you are able to perform oem unlock but it will wipe your data.
There is no point for doing it.
Click to expand...
Click to collapse
so i shouldnt do it like just leave it be ?
F IT I DID IT
i just read this site and also got to know a bootloop can occur with OTA update so yea i have done it.
Site: http://android.wonderhowto.com/news...ting-before-modding-anything-android-0167840/
I am concern about access to user data (pictures, videos, emails, app data, etc.) on my unlocked bootloader phone if phone is lost or stolen,. As I understand it, with the bootloader unlocked, one can install custom rom and thus bypass screen lock. Does this mean that with the new OS it can access the user data? Does phone being encrypted make a difference?
robchow said:
I am concern about access to user data (pictures, videos, emails, app data, etc.) on my unlocked bootloader phone if phone is lost or stolen,. As I understand it, with the bootloader unlocked, one can install custom rom and thus bypass screen lock. Does this mean that with the new OS it can access the user data? Does phone being encrypted make a difference?
Click to expand...
Click to collapse
If you don't need root lock it.
Sent from my Pixel using XDA-Developers Legacy app
robchow said:
I am concern about access to user data (pictures, videos, emails, app data, etc.) on my unlocked bootloader phone if phone is lost or stolen,. As I understand it, with the bootloader unlocked, one can install custom rom and thus bypass screen lock. Does this mean that with the new OS it can access the user data? Does phone being encrypted make a difference?
Click to expand...
Click to collapse
there is Android Device Manager to control phone remotely then you can erase it and keep your personal data safe.
:good:
robchow said:
I am concern about access to user data (pictures, videos, emails, app data, etc.) on my unlocked bootloader phone if phone is lost or stolen,. As I understand it, with the bootloader unlocked, one can install custom rom and thus bypass screen lock. Does this mean that with the new OS it can access the user data? Does phone being encrypted make a difference?
Click to expand...
Click to collapse
They would need to know your password to get into TWRP to decrypt the storage(assuming you're encrypted) They don't need to flash a custom rom to see your stuff, they can view it by connecting the phone to their computer and enable mtp mode in TWRP. If you are that concerned, you probably should lock your bootloader after making sure you are 100% stock.
I really dont see any reason for concern.
Say your phone has a password, but your bootloader is unlocked, here are the only things you can really do.....
A: Use fastboot to flash twrp. however, once they get into twrp, they will still need to know your password. And twrp will not allow
mtp or adb access until it is has decrypted.
B: Use fastboot to Flash a factory image. But once they boot the phone, it will ask for the email and password
of the original account that was on the phone, and all data will be gone.
C: Use fastboot to flash a factory image without the -w paramter. All data will still be there, and they really have gained nothing.
i dont see any real risk.
noidea24 said:
I really dont see any reason for concern.
Say your phone has a password, but your bootloader is unlocked, here are the only things you can really do.....
A: Use fastboot to flash twrp. however, once they get into twrp, they will still need to know your password. And twrp will not allow
mtp or adb access until it is has decrypted.
B: Use fastboot to Flash a factory image. But once they boot the phone, it will ask for the email and password
of the original account that was on the phone, and all data will be gone.
C: Use fastboot to flash a factory image without the -w paramter. All data will still be there, and they really have gained nothing.
i dont see any real risk.
Click to expand...
Click to collapse
No matter the path, if your data is intact they still need your pattern.
Thank you all for your input and knowledge dissemination on how a unlocked bootloader affect user data.
noidea24 said:
I really dont see any reason for concern.
Say your phone has a password, but your bootloader is unlocked, here are the only things you can really do.....
A: Use fastboot to flash twrp. however, once they get into twrp, they will still need to know your password. And twrp will not allow
mtp or adb access until it is has decrypted.
B: Use fastboot to Flash a factory image. But once they boot the phone, it will ask for the email and password
of the original account that was on the phone, and all data will be gone.
C: Use fastboot to flash a factory image without the -w paramter. All data will still be there, and they really have gained nothing.
i dont see any real risk.
Click to expand...
Click to collapse
Not using the -w parameter will keep the user data intact; understood, thank you. If that is the case, will the theft be able to access user data if user data partition is encrypted?
By removing -w even your lock screen will still be there, so no. No security concerns.
If you want it to be secure then lock your bootloader, otherwise it will be insecure. It's a trivial matter to someone knowledgeable to get into your files.
Sent from my Pixel XL using Tapatalk
superchilpil said:
If you want it to be secure then lock your bootloader, otherwise it will be insecure. It's a trivial matter to someone knowledgeable to get into your files.
Click to expand...
Click to collapse
I guess the question is how if they cannot decrypt the file system?
pcriz said:
I guess the question is how if they cannot decrypt the file system?
Click to expand...
Click to collapse
If the right person stole you're phone and wanted to waste the resources needed to decrypt the info, they could. Since it's possible, it's considered a security risk. Although let's be real. It's highly unlikely that it would ever happen. Unless you're some vip or something crazy like that.
toknitup420 said:
If the right person stole you're phone and wanted to waste the resources needed to decrypt the info, they could. Since it's possible, it's considered a security risk. Although let's be real. It's highly unlikely that it would ever happen. Unless you're some vip or something crazy like that.
Click to expand...
Click to collapse
In that case I doubt even a bootloader would matter.
pcriz said:
In that case I doubt even a bootloader would matter.
Click to expand...
Click to collapse
Yes it would. You can't access anything unless you factory reset. Then it's all gone, decrypting won't do a thing. Reset is a total wipe. Brand new device.
Sent from my Pixel using XDA-Developers Legacy app
bobby janow said:
Yes it would. You can't access anything unless you factory reset. Then it's all gone, decrypting won't do a thing. Reset is a total wipe. Brand new device.
Click to expand...
Click to collapse
I think you are missing the context of my statement. No information system is 100% impenetrable, so even with a bootloader if someone really really wanted in a system and had the means they can crack it. That's just general rule of security.
The other side of the discussion is how safe is the data. Well if you factory reset the data is plenty safe because it's wiped.
Seem what your statement is talking about is basically can someone use the phone they aquired, in that instance yes but that's also why we have insurance.
pcriz said:
I think you are missing the context of my statement. No information system is 100% impenetrable, so even with a bootloader if someone really really wanted in a system and had the means they can crack it. That's just general rule of security.
The other side of the discussion is how safe is the data. Well if you factory reset the data is plenty safe because it's wiped.
Seem what your statement is talking about is basically can someone use the phone they aquired, in that instance yes but that's also why we have insurance.
Click to expand...
Click to collapse
Well multiple things going on now. If data can be extracted from a locked bootloader device I'd like to see proof of concept. I'm not saying it can't be done.
By the time a person wiped the device you'd probably have the IMEI blacklisted so the device will be useless.
Sent from my Pixel using XDA-Developers Legacy app
bobby janow said:
Well multiple things going on now. If data can be extracted from a locked bootloader device I'd like to see proof of concept. I'm not saying it can't be done.
By the time a person wiped the device you'd probably have the IMEI blacklisted so the device will be useless.
Sent from my Pixel using XDA-Developers Legacy app
Click to expand...
Click to collapse
Data extracted from a bootloader locked device, data decrypted from an encrypted device, same argument when it comes to proof of concept.
Not to mention you realize bootloaders have been defeated before, its the whole reason bootloader bounties exist. Frankly given some of the exploits that have gotten around bootloaders, it seems in some cases defeating a boot loader would be easier than decrypting.
Every google bootloader probably has the same signed key (in relation to BL version)
pcriz said:
Data extracted from a bootloader locked device, data decrypted from an encrypted device, same argument when it comes to proof of concept.
Not to mention you realize bootloaders have been defeated before, its the whole reason bootloader bounties exist. Frankly given some of the exploits that have gotten around bootloaders, it seems in some cases defeating a boot loader would be easier than decrypting.
Every google bootloader probably has the same signed key (in relation to BL version)
Click to expand...
Click to collapse
Is it really the same thing or proof of concept? How do you extract data from a locked bootloader device even pre-decryption? Whereas if you have encrypted data then decrypting is a matter being able to hack that encryption algorithm. I see that as two distinct operations.
If you mean defeating bootloaders so you can unlock, I'm not arguing that point at all although if you recall the Samsung S4 could not be unlocked after the first firmware update no matter how much they tried. I think they were able to get around it by some other method but the bootloader was never unlocked again. (btw I have the original S4 still unlocked and never updated the firmware) The Verizon bootloader is not unlockable either on their OEM device. I'm not sure if it's possible but no one is even working on it afaik. But I digress. Even if you manage to unlock the Pixel VZW bootloader or any locked bootloader for that matter, the device is wiped clean on the unlock. So there is no data to decrypt thus making accessing it moot as far as compromising your data.
That is why I keep the bootloader locked and the oem switch off. (On my 5x since my VZW oem switch is grayed out) With a start-up pin and ADM at the ready in case it's lost I feel pretty safe storing my data on the device. Pretty safe, not perfectly safe.
bobby janow said:
Is it really the same thing or proof of concept? How do you extract data from a locked bootloader device even pre-decryption? Whereas if you have encrypted data then decrypting is a matter being able to hack that encryption algorithm. I see that as two distinct operations. )
Click to expand...
Click to collapse
You don't simply "hack an encryption algorithm", you can hypothetically "hack" or exploit a BL. That's not how it works when are you using randomly generated keys tied to the unlock method. Essentially you would need their unlock method and how it translates into the keys generated on the device.
You ask for a proof of concept, the concept of bootloader broken has been proven time and time again.
I'm still looking for am instance where a BL unlocked device has been stripped of it information and decrypted so it can be read by another device.
You could also lock your device away in a safe and it would be safer than any device created but you lose certain experiences.
Essentially your implication as I read it is this guy wide open for his data to be stolen if his bootloader is unlocked and encryption provides no protection.
pcriz said:
You ask for a proof of concept, the concept of bootloader broken has been proven time and time again.
Click to expand...
Click to collapse
No that's not what I was saying or asking. I know a bootloader can be broken and unlocked, I've seen that. The concept I was referring to was unlocking a bootloader with OEM unlock turned off and then, after unlocking it, accessing the data that was there before the unlock. That to me is the security of a locked bootloader.
pcriz said:
I'm still looking for am instance where a BL unlocked device has been stripped of it information and decrypted so it can be read by another device.
Click to expand...
Click to collapse
That would be interesting to me as well.
pcriz said:
You could also lock your device away in a safe and it would be safer than any device created but you lose certain experiences.
Click to expand...
Click to collapse
Be great on battery life too.
pcriz said:
Essentially your implication as I read it is this guy wide open for his data to be stolen if his bootloader is unlocked and encryption provides no protection.
Click to expand...
Click to collapse
Well not really. If the bootloader is unlocked then the security is compromised as far as I'm concerned. You can flash a new rom without wiping data and I'd say that would be an easy target. You'd still need to decrypt but the challenge would be multiples of easier.
But one thing I'm not entirely clear on since I'm not unlocked or rooted. Someone mentioned that you couldn't log into the phone if you don't have the proper account credentials. How exactly does that work? On my 5x I can wipe the system but keep the data intact and have full access. What am I missing?
bobby janow said:
But one thing I'm not entirely clear on since I'm not unlocked or rooted. Someone mentioned that you couldn't log into the phone if you don't have the proper account credentials. How exactly does that work? On my 5x I can wipe the system but keep the data intact and have full access. What am I missing?
Click to expand...
Click to collapse
Hello,
Do you have OEM unlock enabled?
I have an unlocked bootloader and i usually leave OEM unlock enabled. This way, when i wipe clean and want to test some features or modifications, i simply reinstall and can skip the setup part.
If OEM unlock is disabled, you'll have to add the same account used before the phone has been wiped.
Is that what you were referring to?
Cheers...
If you have no plans to root the phone is there any reason to unlock the bootloader?
It would probably break Safety net and Android pay. BUT if you're unlocked, you have ability to flash factory images. That could be beneficial something goes really bad and your device won't boot up. You're also less secure with it unlocked.
Sent from my marlin using XDA Labs
You can always lock and unlock the bootloader when you want.
I would say you should at least have the option checked on in the Developer settings.
So just in case something happened and you can't fully boot the phone. you can still get into it and unlock the bootloader and do what you need to do.
This happened to a friend of mine where something happened and couldn't fully boot and couldn't unlock bootloader cause the option was never checked.
I don't believe the unlock option stays enabled after it boots up.
I would argue why WOULDN'T you unlock the bootloader? Regardless of rooting, an unlocked bootloader is a safety net for when things go south. Phone decides to bootloop tomorrow? No big deal, flash the latest images via fastboot and start from scratch.
Sure there's the counter argument of the phone being much less secure and vulnerable in the hands of a person who is tech savvy and stole/found your device. I'm not worried about my phone being stolen so I ALWAYS unlock my bootloader.
Pain-N-Panic said:
I would argue why WOULDN'T you unlock the bootloader? Regardless of rooting, an unlocked bootloader is a safety net for when things go south. Phone decides to bootloop tomorrow? No big deal, flash the latest images via fastboot and start from scratch.
Sure there's the counter argument of the phone being much less secure and vulnerable in the hands of a person who is tech savvy and stole/found your device. I'm not worried about my phone being stolen so I ALWAYS unlock my bootloader.
Click to expand...
Click to collapse
or just flash the full OTA image without an unlocked bootloader.
mngdew said:
You can always lock and unlock the bootloader when you want.
Click to expand...
Click to collapse
Does re-locking the bootloader wipe the phone?
foosion said:
Does re-locking the bootloader wipe the phone?
Click to expand...
Click to collapse
Yes, it does. That's why you should unlock or lock the bootloader when flashing factory images.
mngdew said:
Yes, it does.
Click to expand...
Click to collapse
Thanks
mngdew said:
That's why you should unlock or lock the bootloader when flashing factory images.
Click to expand...
Click to collapse
I don't understand what you mean by this.
You have to unlock the bootloader to flash a factory image and you can eliminate the w flag so that flashing the factory image won't wipe the phone.
uicnren said:
or just flash the full OTA image without an unlocked bootloader.
Click to expand...
Click to collapse
Very true. If the phone goes into booploop due to a bad zip or whatever other reason you have a bricked device with no options to recover.
It's healthy for me to unlock my Bootloader ASAP on XDA!
Unlocking the bootloader was always the very first thing I did when I got a new phone. However, I use Android Pay all the time, and Google seems very determined to break AP for unlocked bootloaders with every new patch. Sure, someone usually finds a way to get it working again, but that sometimes takes time, and I simply use AP too much to deal with it. As long as AP won't work officially with an unlocked bootloader, mine stays locked unless I'm flashing an image, and even then, gets locked right after. Luckily, OTAs are posted by Google now, often at the same time as the Factory Images, so it hasn't really been an issue for me.
akenis said:
It would probably break Safety net and Android pay. BUT if you're unlocked, you have ability to flash factory images. That could be beneficial something goes really bad and your device won't boot up. You're also less secure with it unlocked.
Sent from my marlin using XDA Labs
Click to expand...
Click to collapse
Thank you what actually is compromised when phone is unlocked?
uicnren said:
or just flash the full OTA image without an unlocked bootloader.
Click to expand...
Click to collapse
How can you flash with a locked bootloader?
painfree said:
Thank you what actually is compromised when phone is unlocked?
Click to expand...
Click to collapse
Data?
https://www.google.com/amp/s/www.ho...unlocking-your-android-phones-bootloader/amp/
Sent from my marlin using XDA Labs
painfree said:
If you have no plans to root the phone is there any reason to unlock the bootloader?
Click to expand...
Click to collapse
If you ever contemplate going onto the Verizon network, when you first boot up after placing VZN sim into the phone,
the ability to ever unlock again is eliminated. You could relock it, but it will have the Unlock option in Developer
Option greyed out forever after that. I would unlock it maybe because of Verizon thing, but also to be able to flash factory a image in case I ever mess up the phone.
michaelbsheldon said:
If you ever contemplate going onto the Verizon network, when you first boot up after placing VZN sim into the phone,
the ability to ever unlock again is eliminated. You could relock it, but it will have the Unlock option in Developer
Option greyed out forever after that. I would unlock it maybe because of Verizon thing, but also to be able to flash factory a image in case I ever mess up the phone.
Click to expand...
Click to collapse
As long as you have the Google version it should never grey out on you at least that's how it was with the first pixels. I have Verizon I've never had it grey out.
jt3 said:
Unlocking the bootloader was always the very first thing I did when I got a new phone. However, I use Android Pay all the time, and Google seems very determined to break AP for unlocked bootloaders with every new patch. Sure, someone usually finds a way to get it working again, but that sometimes takes time, and I simply use AP too much to deal with it. As long as AP won't work officially with an unlocked bootloader, mine stays locked unless I'm flashing an image, and even then, gets locked right after. Luckily, OTAs are posted by Google now, often at the same time as the Factory Images, so it hasn't really been an issue for me.
Click to expand...
Click to collapse
This. Android Pay is pretty convenient and I always told myself I didn't need it compared to unlock+root. Wish Google would allow AP with unlocked bootloader but I can understand why they don't from a security standpoint.
Sent from my Pixel 2 XL using Tapatalk
foosion said:
Thanks
I don't understand what you mean by this.
You have to unlock the bootloader to flash a factory image and you can eliminate the w flag so that flashing the factory image won't wipe the phone.
Click to expand...
Click to collapse
When you unlock the bootloader, phone is wiped automatically.
Hello, I purchased a Pixel 3 XL off craigslist and it is working fine, but the bootloader is unlocked therefore I am receiving a warning when restarting the phone and Google Pay does not work. How can I re-lock the bootloader? Do I need to flash the latest standard google image? The build number is: "crosshatch-userdebug 9 PQ1A.181105.013 5027108 dev-keys". When in bootloader the bootloader version is: b1c1-0.1-5004167. Obviously a n00b here, please be gentle. Thank you for any help.
Do you have a computer? If so what OS do you use?
Sent from my Pixel 3 XL using Tapatalk
superchilpil said:
Do you have a computer? If so what OS do you use?
Sent from my Pixel 3 XL using Tapatalk
Click to expand...
Click to collapse
I do have a computer, a Windows 10 Pro
Are you planning on rooting? If so, you can use Magisk Hide (after using Magisk to root of course) to get Google Pay to work. I would be hesitant to re-lock the BL unless you are certain that it is completely stock otherwise. Re-locking a modified phone can brick the device. Better to just learn how to root, etc and keep it unlocked. You have come to the right place to learn.
sliding_billy said:
Are you planning on rooting? If so, you can use Magisk Hide (after using Magisk to root of course) to get Google Pay to work. I would be hesitant to re-lock the BL unless you are certain that it is completely stock otherwise. Re-locking a modified phone can brick the device. Better to just learn how to root, etc and keep it unlocked. You have come to the right place to learn.
Click to expand...
Click to collapse
No, I don't plan on rooting. But I am afraid of bricking the phone since I don't know what has been done to it. Is there a way to determine what was done to unlock the bootloader? Otherwise I will follow your recommendation of using Magisk Hide. I would prefer to keep the phone stock. Thanks.
eec007 said:
No, I don't plan on rooting. But I am afraid of bricking the phone since I don't know what has been done to it. Is there a way to determine what was done to unlock the bootloader? Otherwise I will follow your recommendation of using Magisk Hide. I would prefer to keep the phone stock. Thanks.
Click to expand...
Click to collapse
If you live in Denver I'll trade you my Verizon one for yours. It has a locked bootloader.
eec007 said:
No, I don't plan on rooting. But I am afraid of bricking the phone since I don't know what has been done to it. Is there a way to determine what was done to unlock the bootloader? Otherwise I will follow your recommendation of using Magisk Hide. I would prefer to keep the phone stock. Thanks.
Click to expand...
Click to collapse
The two obvious things you can check are that you have stock recovery and that the phone is not rooted. Manually power on to bootloader (hold volume down and press power then use the volume keys to select recovery and press power. you should get a no command android screen if in stock recovery. assuming you don't have a Magisk icon, you are probably not rooted but you can confirm by installing and running a root app like root checker. likely, the previous owner did nothing but unlock the BL given how recently it came out, but if someone where really creative they could have done work in the other partition. there are no exploites, so doing it normally (running fastboot flashing unlock from a prompt) is pretty much all that would have been done other than enabling developer options and OEM unlocking in settings.
Personally, I think you have a good chance to learn your device, root (you need to be rooted for Magisk hide) and keep the bootloader unlocked. Besides rooting, being able to install a full factory image instead of an OTA is so much better in my opinion. The amount of work it would take to be 100% confident that the only thing done was the BL unlock would take as much work as at least getting a working knowledge of rooting and reinstalling the OS.
P.S. Keeping a phone "stock and rooted" has advantages. That is how I run my 3 XL and how I ran my OG XL. No custom OS. Not even a kernel.
coolhandz said:
If you live in Denver I'll trade you my Verizon one for yours. It has a locked bootloader.
Click to expand...
Click to collapse
lol, what I don't get is that I thought the google edition could have the bootloader unlocked in the developer options. So why go to this hassle of unlocking the bootloader from fastboot? FYI, in the Developer options the OEM unlocking is greyed out and says "Bootloader is already unlocked".
sliding_billy said:
The two obvious things you can check are that you have stock recovery and that the phone is not rooted. Manually power on to bootloader (hold volume down and press power then use the volume keys to select recovery and press power. you should get a no command android screen if in stock recovery. assuming you don't have a Magisk icon, you are probably not rooted but you can confirm by installing and running a root app like root checker. likely, the previous owner did nothing but unlock the BL given how recently it came out, but if someone where really creative they could have done work in the other partition. there are no exploites, so doing it normally (running fastboot flashing unlock from a prompt) is pretty much all that would have been done other than enabling developer options and OEM unlocking in settings.
Personally, I think you have a good chance to learn your device, root (you need to be rooted for Magisk hide) and keep the bootloader unlocked. Besides rooting, being able to install a full factory image instead of an OTA is so much better in my opinion. The amount of work it would take to be 100% confident that the only thing done was the BL unlock would take as much work as at least getting a working knowledge of rooting and reinstalling the OS.
P.S. Keeping a phone "stock and rooted" has advantages. That is how I run my 3 XL and how I ran my OG XL. No custom OS. Not even a kernel.
Click to expand...
Click to collapse
Thank you! Root Checker says that "root access is not properly installed on this device". The recovery mode screen just has a warning about the bootloader is unlocked and a link to a google help page. I figure that I can always unlock the bootloader again if I need to later, but for now I just want everything to work (bank and pay app) and not worry about updating anything myself. I think I may try fastboot to lock the bootloader for now. Thanks for all the help.
Hope it all works out for you. I assume you did a factory reset on the device since you got it used. Re-locking will do another factory reset.
sliding_billy said:
Hope it all works out for you. I assume you did a factory reset on the device since you got it used. Re-locking will do another factory reset.
Click to expand...
Click to collapse
Yeah, so I locked using "fastboot flashing lock" but then it doesn't start, saying that there is no operating system or something like that. I freaked out and was able to unlock again using "fastboot flashing unlock". Now all is wiped. I guess I need to flash the oem rom first, then lock. I'll have to do this all later tonight. Just glad that I didn't brick it yet.
eec007 said:
Thank you! Root Checker says that "root access is not properly installed on this device". The recovery mode screen just has a warning about the bootloader is unlocked and a link to a google help page. I figure that I can always unlock the bootloader again if I need to later, but for now I just want everything to work (bank and pay app) and not worry about updating anything myself. I think I may try fastboot to lock the bootloader for now. Thanks for all the help.
Click to expand...
Click to collapse
I haven't rooted or bl unlocked in some time now so if I make a mistake someone please correct me. After buying it from a 3rd party I'd wipe the device entirely. Download the correct image and install the latest platform tools for Windows (here) https://developer.android.com/studio/releases/platform-tools and make sure you can connect with adb devices and fastboot devices commands. Then extract the latest full image from here https://developers.google.com/android/images to your platform-tools directory and run the flashall.bat command if you wish to wipe the entire device and get rid of anything the previous owner might have "inadvertently" installed. (this is what I would do but not necessarily what you should do if you want to keep the current apps and system intact) This will reset your device and then you can lock the bootloader with no worry and you'll have a stock system.
I agree that since you can unlock it at any time and you don't need it now then relock it. But there are those here that disagree with me and fight with Magisk and OTAs constantly. But they are not noobs and know what they're doing. If you want to learn there is a wealth of information here so it's your call. Just my 2 cents. But please check my steps before you do anything that might cause issues.
edit: darn, sorry I just saw above that you already tried to lock it. I hope what I said to do will get you out of the predicament.
bobby janow said:
I haven't rooted or bl unlocked in some time now so if I make a mistake someone please correct me. After buying it from a 3rd party I'd wipe the device entirely. Download the correct image and install the latest platform tools for Windows (here) https://developer.android.com/studio/releases/platform-tools and make sure you can connect with adb devices and fastboot devices commands. Then extract the latest full image from here https://developers.google.com/android/images to your platform-tools directory and run the flashall.bat command if you wish to wipe the entire device and get rid of anything the previous owner might have "inadvertently" installed. (this is what I would do but not necessarily what you should do if you want to keep the current apps and system intact) This will reset your device and then you can lock the bootloader with no worry and you'll have a stock system.
I agree that since you can unlock it at any time and you don't need it now then relock it. But there are those here that disagree with me and fight with Magisk and OTAs constantly. But they are not noobs and know what they're doing. If you want to learn there is a wealth of information here so it's your call. Just my 2 cents. But please check my steps before you do anything that might cause issues.
edit: darn, sorry I just saw above that you already tried to lock it. I hope what I said to do will get you out of the predicament.
Click to expand...
Click to collapse
Your steps are basically what I will try tonight. Currently the phone is working again, so there was no harm done yet (just the restore of all apps and such). But I'm going to flash the oem image tonight and start all over again.
eec007 said:
Your steps are basically what I will try tonight. Currently the phone is working again, so there was no harm done yet (just the restore of all apps and such). But I'm going to flash the oem image tonight and start all over again.
Click to expand...
Click to collapse
One thing I would do before I relocked the bl would be to do the full login procedure, email everything other than apps. Then make sure you're on the Nov update in about phone, I'm sure you will be, and then fastboot relock the bl with the proper command. It will wipe the device again but it's a small price to pay for about 10 minutes of work. Then once it reboots and there is no more error message you'll be fully stock. Enable dev options again and make sure the oem switch is active allowing bl unlock. Then you're done. I've gotten to the point on my 5X where I even flip the oem switch so it can't be bl unlocked until I go in and flip it back. Dangerous if you're flashing stuff but not so much if you're just taking OTAs. That's of course your call entirely. Good luck.
eec007 said:
lol, what I don't get is that I thought the google edition could have the bootloader unlocked in the developer options. So why go to this hassle of unlocking the bootloader from fastboot? FYI, in the Developer options the OEM unlocking is greyed out and says "Bootloader is already unlocked".
Click to expand...
Click to collapse
That will stay grayed out until you relock the bootloader. That slider "allows" unlocking. Then you boot into fastboot and unlock it.
So you would reverse the process, hit fastboot and relock the bootloader. Then you can toggle the slider back to not allow unlocking.
Relocking the bootloader will wipe your phone.
You should not do this until you first flash the full factory image to make sure the phone is 100 percent stock. And if it were my phone I would wait for the next OTA update after flashing it back to stock to make sure it goes ok. Then lock it.
And then I would wait awhile before hitting the slider.
You are playing with fire here, if you mess it up and lock it and hit the slider you will not be able to fix it. And no offense, but since you have not done this all before on this phone chances are good you will mess it up.
So, flash to stock and leave it unlocked.
Then wait for the next OTA.
Then lock it.
Then wait a bit more before you hit the slider.
And remember, since you are not the original buyer you will not be able to warranty it.
eec007 said:
Hello, I purchased a Pixel 3 XL off craigslist and it is working fine, but the bootloader is unlocked therefore I am receiving a warning when restarting the phone and Google Pay does not work. How can I re-lock the bootloader? Do I need to flash the latest standard google image? The build number is: "crosshatch-userdebug 9 PQ1A.181105.013 5027108 dev-keys". When in bootloader the bootloader version is: b1c1-0.1-5004167. Obviously a n00b here, please be gentle. Thank you for any help.
Click to expand...
Click to collapse
They're right to mention that relocking a modified device can result in a brick.
Your best bet is to go to https://developers.google.com/android/images#taimen
Follow the directions to the "T", then relock it if you are really really sure that the unlock screen bothers you.
Would suggest to do this anyway, no matter future unlock status.
TonikJDK said:
That will stay grayed out until you relock the bootloader. That slider "allows" unlocking. Then you boot into fastboot and unlock it.
So you would reverse the process, hit fastboot and relock the bootloader. Then you can toggle the slider back to not allow unlocking.
Relocking the bootloader will wipe your phone.
You should not do this until you first flash the full factory image to make sure the phone is 100 percent stock. And if it were my phone I would wait for the next OTA update after flashing it back to stock to make sure it goes ok. Then lock it.
And then I would wait awhile before hitting the slider.
You are playing with fire here, if you mess it up and lock it and hit the slider you will not be able to fix it. And no offense, but since you have not done this all before on this phone chances are good you will mess it up.
So, flash to stock and leave it unlocked.
Then wait for the next OTA.
Then lock it.
Then wait a bit more before you hit the slider.
And remember, since you are not the original buyer you will not be able to warranty it.
Click to expand...
Click to collapse
I agree with most of your post other than waiting for the next OTA before you lock the bootloader. Why would he need to do that? If he's stock, and he'll see that immediately, then relock it. He doesn't want root or Magisk but only wants banking and Pay. With the slider allowing bl unlock he's in no danger whatsoever. Lock and relock whenever he wants. OTA will not disallow the slider once it's set.
TonikJDK said:
That will stay grayed out until you relock the bootloader. That slider "allows" unlocking. Then you boot into fastboot and unlock it.
So you would reverse the process, hit fastboot and relock the bootloader. Then you can toggle the slider back to not allow unlocking.
Relocking the bootloader will wipe your phone.
You should not do this until you first flash the full factory image to make sure the phone is 100 percent stock. And if it were my phone I would wait for the next OTA update after flashing it back to stock to make sure it goes ok. Then lock it.
And then I would wait awhile before hitting the slider.
You are playing with fire here, if you mess it up and lock it and hit the slider you will not be able to fix it. And no offense, but since you have not done this all before on this phone chances are good you will mess it up.
So, flash to stock and leave it unlocked.
Then wait for the next OTA.
Then lock it.
Then wait a bit more before you hit the slider.
And remember, since you are not the original buyer you will not be able to warranty it.
Click to expand...
Click to collapse
Thank you for explaining this. I had thought that the Developer Option slider was to unlock the bootloader, but your explanation clarifies it, the slider is to allow the bootloader to be unlocked...
Ok, so I tried to flash the factory image using adb flash-all and it keeps getting the error:
Sending sparse 'vendor_a' 2/2 (193888 KB) FAILED (Error reading sparse file)
Now the phone is not working at all and says that "device is corrupt" and will not boot past the white google screen. I can try again using adb, but it is the same error each time. I tried to download the image again and same sparse error. I can also fastboot in TWRP, but not sure what to do in there. What am I doing wrong? I guess I should've rooted and used Magisk like others have said.
turns out changing to a different cable resolved my sparse error and I was then successfully able to apply the factory image and lock the device. Thanks everyone for the help.
Hello,
I'll keep this quick, I got a Pixel 3 XL 128GB White from Reddit, beautiful condition, very happy with that, however, when I turned it on, it gave me a warning that "the Bootloader was unlocked":
1. Is this a stolen phone? Should I be concerned that it has its bootloader unlocked? Is there a way to check that the phone is not a leased phone or stolen?
2. How do I relock the bootloader? Do I want to relock the bootloader?
Cheers
EasyEz1 said:
Hello,
I'll keep this quick, I got a Pixel 3 XL 128GB White from Reddit, beautiful condition, very happy with that, however, when I turned it on, it gave me a warning that "the Bootloader was unlocked":
1. Is this a stolen phone? Should I be concerned that it has its bootloader unlocked? Is there a way to check that the phone is not a leased phone or stolen?
2. How do I relock the bootloader? Do I want to relock the bootloader?
Cheers
Click to expand...
Click to collapse
No need to worry. People actually pay extra money for unlocked bootloaders! It just means you can root your phone if you want to. You can lock it up again if you wish. Do a Google search for procedures on how to lock it up again. But don't dear. You are good.
Sent from my Pixel 3 XL
Eudeferrer said:
No need to worry. People actually pay extra money for unlocked bootloaders! It just means you can root your phone if you want to. You can lock it up again if you wish. Do a Google search for procedures on how to lock it up again. But don't dear. You are good.
Sent from my Pixel 3 XL
Click to expand...
Click to collapse
Okay. Thank you. I figured it was fine.
Is there anything different about it since it's unlocked? Can I not update my phone regularly or OTA?
You can update even with an open bootloader. Just leave it like that if someday you need to fix your phone for a software issue. Check what version of Android it has and update if you can.
Unlocked bootloaders are highly desierable. U got the good stuff.
If you are here on xda, that means you are into custom rims and rooting. Search Ip on it
EasyEz1 said:
Hello,
I'll keep this quick, I got a Pixel 3 XL 128GB White from Reddit, beautiful condition, very happy with that, however, when I turned it on, it gave me a warning that "the Bootloader was unlocked":
1. Is this a stolen phone? Should I be concerned that it has its bootloader unlocked? Is there a way to check that the phone is not a leased phone or stolen?
2. How do I relock the bootloader? Do I want to relock the bootloader?
Cheers
Click to expand...
Click to collapse
One caveat no one mentioned with an unlocked bootloader is that Google Pay wont work, and perhaps some other apps.
There is no harm with it unlocked, unless you wish to use Google Pay, etc. In which case you would either need to root and hide root so they work, or relock the bootloader.
ALWAYS, enable developer options by going to settings > about phone >build number, tap on the build number at least 7 times and follow the prompts on the screen.
Once done with that immediately, go to settings > system > advanced > developer options > OEM unlocking and be sure it is enabled. (this should be done already in your case, but check to be sure.)
If you decide to re-lock the bootloader, make sure the phone is 100% completely stock by flashing the factory images after you have important data backed up. Follow the procedures here: https://developers.google.com/android/images
uicnren said:
One caveat no one mentioned with an unlocked bootloader is that Google Pay wont work, and perhaps some other apps.
There is no harm with it unlocked, unless you wish to use Google Pay, etc. In which case you would either need to root and hide root so they work, or relock the bootloader.
ALWAYS, enable developer options by going to settings > about phone >build number, tap on the build number at least 7 times and follow the prompts on the screen.
Once done with that immediately, go to settings > system > advanced > developer options > OEM unlocking and be sure it is enabled. (this should be done already in your case, but check to be sure.)
If you decide to re-lock the bootloader, make sure the phone is 100% completely stock by flashing the factory images after you have important data backed up. Follow the procedures here: https://developers.google.com/android/images
Click to expand...
Click to collapse
ccalixtro said:
You can update even with an open bootloader. Just leave it like that if someday you need to fix your phone for a software issue. Check what version of Android it has and update if you can.
Click to expand...
Click to collapse
trim81 said:
Unlocked bootloaders are highly desierable. U got the good stuff.
If you are here on xda, that means you are into custom rims and rooting. Search Ip on it
Click to expand...
Click to collapse
Thank you all. I will proceed to use it with the bootloader unlocked. I have no need for Google Pay.