Related
I need some help and I've looked all over but the information is fragmented and there is too many unfamiliar acronyms used which make it incredibly difficult for some like myself to catch up. So for the benefit of others who may be new I wanted to get some additional guidance.
I got the Pixel XL Google Version
Objectives:
1. Root with the ability to hide root so other apps will work
2. Native Mobile Hotspot
3. The ability to easily receive android updates without having to reflash etc..
4. Stay close to stock if possible, but willing to explore other options as long as security is trusted, and has good
compatibility.
5. Security is a concern, I tried a rom in the past with a Galaxy S4 and swear it had a backdoor installed in the rom.
What do you guys recommend? And how do I go about doing it?
Thank you!
If security is truly a concern you will not unlock your bootloader and root your phone.
Otherwise it all depends on which version phone you have, Verizon or Google?
1. You need magisk root for that.
3. No updates when you are rooted
4.5. Never heard of any custom rom with a backdoor. That's absolutely bull****. More likely it was an app you installed.
Unlocked bootloader is a security issue, so better to stay on full stock.
Root is a big security issue so better stay on full stock.
Jokes aside the only security issue is your phone gets stolen or you install apps outside playstore.
If you stay encrypted and use a hard pattern with fingerprint you are fine and there is always the way to delete your phone when it gets stolen.
mikaole said:
1. You need magisk root for that.
3. No updates when you are rooted
4.5. Never heard of any custom rom with a backdoor. That's absolutely bull****. More likely it was an app you installed.
Unlocked bootloader is a security issue, so better to stay on full stock.
Root is a big security issue so better stay on full stock.
I have the Pixel XL - Google Version
Jokes aside the only security issue is your phone gets stolen or you install apps outside playstore.
If you stay encrypted and use a hard pattern with fingerprint you are fine and there is always the way to delete your phone when it gets stolen.
Click to expand...
Click to collapse
My point about security really was that it's quite possible a ROM could have a backdoor. That a side..
Root is not a big security issue for me as long as the rom is trusted etc..
Shouldn't I be able to turn root off then be able to update and turn it back on again?
jadensmith said:
1. Root with the ability to hide root so other apps will work
Click to expand...
Click to collapse
It's possible to root to one slot with SuperSU while the other slot remains unrooted, and then the phone can be switched between slots with TWRP or fastboot commands. Kernels have been posted with safetynet patches, to hide that the bootloader is unlocked, but I'm not sure if any are available with the software version on my phone's current slot. As noted, Magisk can also hide root and that the bootloader is unlocked, so it's probably less hassle than trying to root and hide using SuperSU.
3. The ability to easily receive android updates without having to reflash etc.
Click to expand...
Click to collapse
FlashFire can use the OTA to update and stay rooted with SuperSU. The past couple months I've used FlashFire to update my phone, and it seems quicker and easier than the sideloading and reinstalling process I had been using. I'm not aware of anything similar to FlashFire for Magisk users, so to me it seems like you would have to decide if 1 or 3 is more personally important.
jadensmith said:
Shouldn't I be able to turn root off then be able to update and turn it back on again?
Click to expand...
Click to collapse
While reading I got the impression that I might be able to uninstall SuperSU and use the OTA update, but that didn't work with SuperSU the times I tried it, so I presume something SuperSU changed or something I did with root must have caused the update to fail. I haven't read the Magisk threads as much, yet I've seen that other SuperSU users also indicate that OTA updates no longer worked for them after rooting the phone.
alluringreality said:
It's possible to root to one slot with SuperSU while the other slot remains unrooted, and then the phone can be switched between slots with TWRP or fastboot commands. Kernels have been posted with safetynet patches, to hide that the bootloader is unlocked, but I'm not sure if any are available with the software version on my phone's current slot. As noted, Magisk can also hide root and that the bootloader is unlocked, so it's probably less hassle than trying to root and hide using SuperSU.
FlashFire can use the OTA to update and stay rooted with SuperSU. The past couple months I've used FlashFire to update my phone, and it seems quicker and easier than the sideloading and reinstalling process I had been using. I'm not aware of anything similar to FlashFire for Magisk users, so to me it seems like you would have to decide if 1 or 3 is more personally important.
That didn't work with SuperSU the times I tried it, so I presumed that something I did with root must have caused the update to fail to install.
Click to expand...
Click to collapse
Wow thanks for the great reply! It's so refreshing!
What do you mean by root one slot?
The phone has two "slots" for Android. The basic idea is that you have two copies of Android on the phone that share the same user data. On a stock phone it's intended to allow for less noticeable updates, and it also can allow the phone to fall back to the previous software version if something goes wrong with an update. On the May update my phone did automatically switch between slots, due to what is discussed in the second link below. The first link below gives some information and additional links to discussion about the slots on these phones.
http://www.androidpolice.com/2016/1...-partition-changes-and-new-fastboot-commands/
https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
Is it possible to keep stock or near stock and just have root with the ability to hide root, and hotspot?
That's all I really need. What would be the best way to to do this?
Hi guys, I finally decided to replace my good old Galaxy S7 edge and I came to the conclusion that I wanted, after using Samsung, OnePlus and Sony phones for years, the most streamlined Android experience possible without having to deal with OEM bloat, delayed updates, etc. anymore.
Result: I made the most obvious choice and I got an unlocked white 128GB Pixel 2 XL from the Google Store directly (I can't wait to receive it!).
I have a few questions though...
1) Will unlocking the bootloader alone (without actually rooting the phone) cause OTA updates to fail?
2) It's now possible to root your phone with Magisk without installing a custom Recovery (TWRP). Once installed, Magisk allows you to temporarily restore the stock, unrooted "boot.img". Is it enough for OTA updates to install properly or will they fail as soon as Magisk has been installed, even if the stock boot.img has been restored?
3) Does the Pixel 2 have an "e-fuse" that will get triggered once the bootloader is unlocked that will cause features to not work properly anymore, like on Samsung phones?
4) Any other recommendations or things I should be aware of?
Thanks guys
Only other thing I would read up on is how to work around the whole dual slots "feature" that these Pixel phones have. The last couple times I've tried to update to the latest security update, I get a "your device is corrupt and cannot be trusted" message and the phone won't boot. I end up have to scramble to flash stock boot.img to both slots A and B, flash the factory image to both slots, and hold my breath as to whether or not it's going to work. I wish there was an idiot's guide to updating firmware for this phone. Everyone that posts on this subject has a different opinion on how to do it properly. Going form any given security update rooted with Magisk, how does one update to the next month's firmware, without temporarily bricking the phone or wiping data? I've been unlocking phones and flashing custom roms since before Android was even invented. So I'm no stranger to this stuff, but it has become quite a production to keep up to date with this stuff.
Phazonclash said:
Hi guys, I finally decided to replace my good old Galaxy S7 edge and I came to the conclusion that I wanted, after using Samsung, OnePlus and Sony phones for years, the most streamlined Android experience possible without having to deal with OEM bloat, delayed updates, etc. anymore.
Result: I made the most obvious choice and I got an unlocked white 128GB Pixel 2 XL from the Google Store directly (I can't wait to receive it!).
I have a few questions though...
1) Will unlocking the bootloader alone (without actually rooting the phone) cause OTA updates to fail?
2) It's now possible to root your phone with Magisk without installing a custom Recovery (TWRP). Once installed, Magisk allows you to temporarily restore the stock, unrooted "boot.img". Is it enough for OTA updates to install properly or will they fail as soon as Magisk has been installed, even if the stock boot.img has been restored?
3) Does the Pixel 2 have an "e-fuse" that will get triggered once the bootloader is unlocked that will cause features to not work properly anymore, like on Samsung phones?
3) Any other recommendations or things I should be aware of?
Thanks guys
Click to expand...
Click to collapse
To answer your questions.....
1. No
2. Yes. But you'll have to unroot and completely uninstall magisk to take the OTA.
3. No
4. There are several guides to explain how to unlock the bootloader, install twrp, kernels, and root. Let me know if you'd like links, or you can search on your own if you'd like. Welcome to the P2XL. We hope you enjoy your stay ??
https://www.xda-developers.com/dirty-pipe-root-demo-samsung-galaxy-s22-google-pixel-6-pro/
March 15, 2022 7:40am Comment Skanda Hazarika
PSA: Dirty Pipe, the Linux kernel root vulnerability, can be abused on the Samsung Galaxy S22 and Google Pixel 6 Pro
What happens when a Linux privilege-escalation vulnerability that also affects Android gets disclosed publicly? You got it! Security researchers and Android enthusiasts around the world try to take advantage of the newly found problem to create an exploit, which can be used to gain advanced access to your device (such as root or the ability to flash custom images). On the other hand, device makers and a few determined third-party developers quickly take the responsibility to patch the backdoor as soon as possible.
This is exactly what happened to CVE-2022-0847, a vulnerability dubbed “Dirty Pipe” in Linux kernel version 5.8 and later. We talked about the exploit in detail last week but didn’t explicitly cover the potential abusing scenarios on Android. Now, XDA Member Fire30 has demonstrated an exploit implementation around the kernel flaw that can give the attacker a root shell on the Samsung Galaxy S22 and the Google Pixel 6 Pro.
The key point here is that you don’t need any kind of unlocking or other trickery to make it work – the Dirty Pipe exploit allows the attacker to gain root-level access on the target device through a reverse shell via a specially crafted rogue app. At the time of writing, flagships like the Google Pixel 6 Pro and the Samsung Galaxy S22 are vulnerable to the attack vector even on their latest software releases, which shows the exploit’s potential. Since it can also set SELinux to permissive, there is virtually no hurdle against unauthorized control over the device.
From the perspective of the Android modding scene, Dirty Pipe might be useful to gain temporary root access on otherwise difficult-to-root Android smartphones, e.g., some regional Snapdragon variants of the Samsung Galaxy flagships. However, the window won’t last long as the vulnerability has already been patched in the mainline Linux kernel, and OEMs will probably roll out the fix as part of the upcoming monthly security updates. Nonetheless, stay away from installing apps from random sources for the time being to protect yourself. In the meantime, we expect that Google will push an update to the Play Protect to prevent the vulnerability from being exploited via rogue apps.
Source: Fire30 on Twitter
Via: Mishaal Rahman
Click to expand...
Click to collapse
This isn't necessarily bad news if the exploit is used non-maliciously. Could be beneficial for Verizon customers looking for a way to gain root.
westhaking said:
This isn't necessarily bad news if the exploit is used non-maliciously. Could be beneficial for Verizon customers looking for a way to gain root.
Click to expand...
Click to collapse
Could, yes. I'll remain pessimistic that it'll actually happen, and of course, it'll take someone willing to actually do the work. A very limited time to do it doesn't help unless someone with a spare Verizon device keeps it off the network/internet until something is implemented.
westhaking said:
This isn't necessarily bad news if the exploit is used non-maliciously. Could be beneficial for Verizon customers looking for a way to gain root.
Click to expand...
Click to collapse
I was just reading about this & that exact thought came to mind. The root access gained seems to be temporary, but if you can write to usually read only file system, could you not theoretically write a Magisk boot image (using dd, or in Magisk Manager itself?) or even toggle the OEM unlock switch via a SU shell command unlock the phone?
I'm not very well versed on how the mechanics behind OEM unlock switch in developer settings works & or how Verizon locks these phones down (UK based), but I would assume that it could be useful to help find a exploit for phones running any pre-April 22 update.
Edit: from my limited knowledge, can you not sideload a earlier OTA on Verizon devices? I know you could do so with Pixel 3 and earlier, but I haven't been following it too closely with later devices.
DanielF50 said:
or even toggle the OEM unlock switch via a SU shell command unlock the phone?
Click to expand...
Click to collapse
I've never heard of a shell command that could toggle the OEM unlock. That doesn't mean it hasn't existed, but I doubt it, otherwise, I would think on all the Verizon devices I used to have, and just root threads in general I should remember anyone making the suggestion, even if it required temporary root first.
DanielF50 said:
Edit: from my limited knowledge, can you not sideload a earlier OTA on Verizon devices? I know you could do so with Pixel 3 and earlier, but I haven't been following it too closely with later devices.
Click to expand...
Click to collapse
I was under the impression that all phones with the bootloader locked that you could never, ever downgrade via any method. Also, OTAs generally use deltas/differencing to patch known good files of version A to version B, and B to C, so applying a version B OTA to a device that's on version C would fail because the files on the device are the wrong version.
Like (let version A be represented with the value 1, B with 4, and C with 9):
Device is on version B, so "4".
OTA to go from B to C comes.
OTA says is device file "4"?
Yes! Add 5 to the file, it's now "9".
and then
Device is on version C, so "9".
Try to put the B to C OTA on the device.
OTA says is device file "4"?
No! It's "9", quit OTA process.
This might be simplified, and anyone correct me if I'm wrong, but this has definitely been the case some and I believe almost all, if not all, the time. The OTA files can be smaller that way because they don't contain replacement files. They only contain what the difference is between the old file and the new, which is usually much smaller than the entire file.
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Nice find! Too bad I used the Indian MSM on my T-Mobile variant so I can't cross-flash anymore.
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
razercortex said:
It also seems to survive MSM flashing, updates, custom ROMs, and bootloader locking/relocking
Click to expand...
Click to collapse
Do you think it'll work for me when though I use the OP9 Indian MSM?
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check.
razercortex said:
Not sure. You'd have to unlock bootloader first, then do a full system upgrade to check
Click to expand...
Click to collapse
I'm already unlocked. It doesn't really matter though since I haven't given a yit about L1 since, ever. Just didn't know if you knew or not.
Thanks! Worked!
razercortex said:
Hi guys,
Just made a breakthrough discovery!
To gain Widevine:
Crossflash EU firmware to your device with craznazn's MSM here https://androidfilehost.com/?fid=14943124697586337355, unlock bootloader but DO NOT update yet! Then, you want to flash magisk, reboot and turn on Zygisk and do whatever you need to pass SafetyNet.
Afterwards, you can upgrade, it should be a FULL system upgrade, not an incremental. It should detect root and download ~3000 MB. Install the update and reboot, you should get L1 now!
Click to expand...
Click to collapse
Worked!
Thanks
I didn't use your method to get to c.63 (a12) for my TMobile OnePlus 9 pro. i dont know i can back to tmobile stock. Now I currently rooted and using magisk. All video apps work but I can't get L1 widedine. Is there another way?
Thanks for this. I have a 9 pro coming.
Edited
Thanks
I've had success using this method to keep L1 up to A12, but any attempt to upgrade to A13 downgrades Widevine to L3.
What is l1? What is widevine?
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
It is the security level of the firmware. It effects the certain apps like banking apps etc...
immortalwon said:
What is l1? What is widevine?
Click to expand...
Click to collapse
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Appreciative said:
L1 is a drm (digital rights content management) state. L1 means the content is being digitally decoded or decrypted in a trusted environment. (I believe some of these are done in hardware with hardware verification only). It is the highest protection level.
In short, some apps will not work or will not play HD content without L1 state of drm. For us, when we lose L1, we go to L3. This could mean apps won't work at all, or they could be reduced in functionality.
Netflix for example, with L3, is limited to 480p video (however some bypass this with casting and get to 720p resolution).
Typically, when you unlock the bootloader of a phone, it will drop drm to L3 as it's considered a not-trusted environment.
This behavior is mixed by device, firmware versions and sometimes region (I have read some devices have shipped without Widevine keys to certain areas). This is bypass-able in some devices. For example, my 9P on oos11 is L1 with bootloader unlocked and rooted, using the standard magisk modules for Safetynet and clearing system cache.
Some phones will not regain L1 with unlocked bootloader (and maybe some versions of firmware also). They will be stuck with L3 Widevine until they relock the bootloader or unroot. And some firmwares are broken and will not have L1 because they implemented drm wrong.
On my 10T, netflix would not launch with unlocked bootloader. That may have been resolved by now but I was limited to L3 in drm checker (play store app) anyway.
For my 9P, I lost L1 (to L3) when I flashed Eu conversion to 11.2.2.2 - someone said that was an issue with early OnePlus firmwares where they implemented drm wrong or the key was problematic somehow. Whether that's true or not, I regained L1 when I temporarily unrooted and took the OTA.
This is likely going to be an increasing problem going forward as more devices go to hardware (only) attestation for everything. I suspect we will eventually see a magisk method of patching these apps and running them as modded apks. There used to be some patched netflix apks around. I think forced updates and signature checking made these obsolete. We may eventually see someone modify the individual apks, perhaps injecting a software mechanism for drm. Like taking the entire process of decoding, from an older device, into the apk itself. That might be overkill for the situation but eventually these bypasses we have currently, will not work anymore. We will be relying on some form of device spoofing, patching apks, standalone or redirected drm decoding, or a combination of all of those things.
That's assuming someone with that much skill is interested in doing all or any of that work.
Perhaps we will reach a point where unlocked bootloader or rooting breaks regular use so much that it's no longer worth the headache. It seems that's what they're going for. 'They' being app developers and phone manufacturers.
Here's a link to drm checker (DRM info) in play store if you'd like to find your current state: https://play.google.com/store/apps/details?id=com.androidfung.drminfo
Click to expand...
Click to collapse
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Reznor7 said:
Excellent summary of Widevine! I've tested extensively using every method I could find on XDA, and I've come to the conclusion that it isn't possible to attain L1 status in A13 with an unlocked bootloader on my OP 9 Pro.
Click to expand...
Click to collapse
Have you surveyed others on a13 to see their Widevine state? I have heard some users on custom roms (In crDroid group) using 13, claiming they're L1. I haven't verified that first hand, just saw it in threads and telegram groups.
If it's true that I can't retain or regain L1 in regular stock oos13, I will never make the move to 13
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
yanggame said:
1. https://github.com/Displax/safetynet-fix/releases/tag/v2.3.1-MOD_2.0
2. https://github.com/LSPosed/LSPosed.github.io/releases/tag/shamiko-126
3. In Magisk, hide Magisk, enable Zygisk, Configure DenyList (make sure all Google apps and Netflix are selected) and DO NOT enforce DenyList (for Shamiko to work). The Mount Namespace Mode should be Isolated Namespace.
4. Google Play Services, Google Play Store, and Netflix, clear storage. Restart your phone and give it some time. You should be able to search and find Netflix in Google Play Store (may need to try few times to force Google to check your phone), the Netflix should pass L1 too.
5. DO NOT use MagiskHide Props Config, it's not working at all.
Click to expand...
Click to collapse
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Reznor7 said:
I'm on stock A13 unlocked and rooted with Magisk. I did all of this exactly as listed and am still stuck at L3.
Click to expand...
Click to collapse
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
yanggame said:
You can try to reset you phone and finish all steps without login your account first. See if there is any difference. But it's probably will not work.
The best solution is to go back to stock OOS11 and flash Omega or Arter97 kernel since the leak is probably kernel side and only custom kernels can hide it.
Click to expand...
Click to collapse
I've done enough flashing for a while. I'll leave it to someone else to try.
I got L1 with unlocked bootloader and Magisk.
I have LE2110. I used MSM tool (Global) to get back to OOS 11. It locked the bootloader; it always does. So I set up the phone offline (without connecting to WiFi or Mobile Data). Then I upgraded to OOS 11.2.10.10 version through local upgrade. Then opened Developer Options for OEM Unlocking. The option was greyed out and it asked to connect to internet. So I connected my WiFi for a minute or two until that OEM Unlocking was available. I enabled it, and disconnected WiFI. I DID NOT login to my Google account or opened Play Store. I rebooted to fastboot, and unlocked bootloader. Then rebooted. Then did the initial setup again (without connecting to WiFi or Mobile Data). Then I turned off and got the boot.img through MSM tool's readback option. (I was on slot_b so I got boot_b from MSM). Patched this boot.img with Magisk. Booted it temporarily and then through Magisk app, gainded permanent root by Direct Install. Rebooted. Enabled Zygisk from Magisk and Enforce Denylist, and rebooted again. Installed Universal SafetyNet Fix through Magisk and rebooted again. Opened Magisk and hid the Magisk app (just named it Settings; it installed and then showed root lost, but I just closed the app, and reopened new hidden Magisk again). Rebooted. Then I went ahead and connected to WiFi, logged in to my Google account and stuff. Checked from YASNAC and DRM Info and found that Safety Net passed as well as got L1.
I did not put any Google related app to Denylist.
For mods: please move this discussion to the section where it belongs to, if this isn't the section for this
Chainfire's supersu was the best super user app and binary but there is no way to flash it without having a TWRP for these new devices like Samsung galaxy M02 SM-M022G. Chainfire's CF Auto root is also not ported for these devices. Even if i flash that out dated supersu.zip using TWRP on this device, i don't think it will work. So it's painful.
When it comes to magisk systemless root, it is just something that named as a root method or app but it's not. Magisk is just a app for me because that magisk never let us to modify system files or flash things into the system. So it's not a root access tool. That's why i call it useless than saying systemless.
Those old days with chainfire's super su was the greatest. But today, It is sad to say this there is no such perfect method to gain root access as those old days. I'm tired of this. I think we should be together and make some new rooting method for these new devices to gain full root access through it.
Thanks to those who reading this.
I don't have a current Samsung device, though I have used one in the distant past. Magisk IS a root method. The issue you are encountering is the protections put in place for the system partitions. I'm fairly sure Samsung does the same thing as Google does for its Pixel devices in that the system partitions are not only set to read-only, but are also dynamically resized so as to prevent read-only from ever being removed (search for "dedup" flag for more details).
Chainfire's SuperSU stopped being updated because he no longer owned the software. It was sold to a Chinese company that essentially screwed the entire community over with their antics. It wouldn't have mattered anyway, as all the old Superuser apps injected a modified su binary into the system, which cannot be done on newer devices (see above for why). If Chainfire had continued updating SuperSU the app would have eventually had to adopt a systemless root in order to continue being functional.
I won't disagree with your opinion that there is no perfect method for root access, but it isn't because of us, but because of Google ramping up the security of Android. I do agree that there needs to be alternatives to root other than Magisk, as if something catastrophic happens to Magisk itself root will still be possible. However any root solution proposed from this point on will not be able to modify the system, and that is simply something you will have to get used to.
P. S. This really isn't about a Samsung phone so perhaps it should be moved into the Magisk forum, but that's a moderator's call.
I won't buy their android devices anymore.
Strephon Alkhalikoi said:
I don't have a current Samsung device, though I have used one in the distant past. Magisk IS a root method. The issue you are encountering is the protections put in place for the system partitions. I'm fairly sure Samsung does the same thing as Google does for its Pixel devices in that the system partitions are not only set to read-only, but are also dynamically resized so as to prevent read-only from ever being removed (search for "dedup" flag for more details).
Chainfire's SuperSU stopped being updated because he no longer owned the software. It was sold to a Chinese company that essentially screwed the entire community over with their antics. It wouldn't have mattered anyway, as all the old Superuser apps injected a modified su binary into the system, which cannot be done on newer devices (see above for why). If Chainfire had continued updating SuperSU the app would have eventually had to adopt a systemless root in order to continue being functional.
I won't disagree with your opinion that there is no perfect method for root access, but it isn't because of us, but because of Google ramping up the security of Android. I do agree that there needs to be alternatives to root other than Magisk, as if something catastrophic happens to Magisk itself root will still be possible. However any root solution proposed from this point on will not be able to modify the system, and that is simply something you will have to get used to.
P. S. This really isn't about a Samsung phone so perhaps it should be moved into the Magisk forum, but that's a moderator's call.
Click to expand...
Click to collapse
Yes. that's the truth.