Hi there.
I have an unrooted realme 6 pro. 2 days ago I tried to use Google pay and it did not work. It said that "You can´t pay contactless using this device. It may be rooted or running uncertified software.
I went to google play and I saw that my device is certified. After running some SafetyNet checks it says that CTS profile match failed. evakuation type: BASIC HARDWARE_BACKED. And then after reading some blogs I saw that on Google Play my netflix isn´t supported on my device although I have already installed it.
Any help or advice?
Thanks
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
I have also checked that. It has always been locked. I do not know if the problem is caused due to the new android update since is now running on android 11. Plus I dont want to root my phone
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
You can, you just have to set a custom root of trust. See Android Boot Flow
V0latyle said:
You can, you just have to set a custom root of trust. See Android Boot Flow
Click to expand...
Click to collapse
Oops I misstated. I meant custom rom on locked bootloader**.
manu3732 said:
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
Click to expand...
Click to collapse
Same problem with my OnePlus Nord.
oOEDGUYOo said:
Same problem with my OnePlus Nord.
Click to expand...
Click to collapse
Did you find any fix yet... Am having the same issue
happy619 said:
Did you find any fix yet... Am having the same issue
Click to expand...
Click to collapse
I ended up installing the Pixel Experience rom. It was the only way to fix it
oOEDGUYOo said:
I ended up installing the Pixel Experience rom. It was the only way to fix it
Click to expand...
Click to collapse
I have been on custom ROMs for over 6 months on nord ... Some have bad update cycles .. Some are unstable and many more issues although my Device was certified
I have the same problem, bootloader is normally unlocked and I have Universal SafetyNet Fix and MagiskHide Props Config installed, using lineage 18.1 on my redmi 9 pro device
I have flashed both ...( Magisk hide prop conf & universal safety net )
But still "CTS failed, can somebody help me please....
I have this problem too. Any solutions ? I tried magisk with prop conf and safety net-fix and still have cts failed...
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Mrlama112 said:
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Click to expand...
Click to collapse
The regular instructions:
Magisk with zygisk , hide app , configure deny list and then as i said in the previous post
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thank you! Worked like a charm! IDK why my CTS Profile suddenly started failing, but this seemed to have fixed it.
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thanks so much it worked well. Am I able to update the Google Wallet without it affecting the mod 3.0?
Related
Hi, my Mix2 arrived few days ago and I find MiUI quite nice, yet lacking few things. Those are easily available via xposed, hence I need to root. I'm also not so lucky in these matters so before I start to tinker with it I'd like to learn few things.
What are least dangerous ways to unlock and root phone? (heard sth about magisk, its quite new for me, haven't been rooting phones for couple years now) Is it good?
Suppose I succeed unlocking, rooting and flashing xposed, can I relock bootloader? I want that because ie AndroidPay needs that to work, and I haven't found any working rootcloack or similar (at least on Note2)
How reliable is 'the most official tool' for xiaomi flashing (from eu.xiaomi.com ?)? I mean can it bring back the dead or revert phone back to where I started, without any trace of tinkering?
As a new xiaomi owner are there any critical things I need to know?
Thanks!
If you flash magisk, which is the best thing ever btw, you won't have to relock bootloader to get Android pay working.
yeyeoke said:
If you flash magisk, which is the best thing ever btw, you won't have to relock bootloader to get Android pay working.
Click to expand...
Click to collapse
Thanks, I read about that and intend to use it. Though, there might be some issues with magisk and different versions. What features does it have?
So far, need to wait 3 days to unlock bootloader.
Mighty_Ahti said:
Thanks, I read about that and intend to use it. Though, there might be some issues with magisk and different versions.
So far, need to wait 3 days to unlock bootloader.
Click to expand...
Click to collapse
I've been using magisk on my Note 3 Pro since release and I've never had an issue. Yes, I got my mix 2 today and I'm also waiting for 3 days..
Mighty_Ahti said:
Hi, my Mix2 arrived few days ago and I find MiUI quite nice, yet lacking few things. Those are easily available via xposed, hence I need to root. I'm also not so lucky in these matters so before I start to tinker with it I'd like to learn few things.
What are least dangerous ways to unlock and root phone? (heard sth about magisk, its quite new for me, haven't been rooting phones for couple years now) Is it good?
Suppose I succeed unlocking, rooting and flashing xposed, can I relock bootloader? I want that because ie AndroidPay needs that to work, and I haven't found any working rootcloack or similar (at least on Note2)
How reliable is 'the most official tool' for xiaomi flashing (from eu.xiaomi.com ?)? I mean can it bring back the dead or revert phone back to where I started, without any trace of tinkering?
As a new xiaomi owner are there any critical things I need to know?
Thanks!
Click to expand...
Click to collapse
It's generally considered to be dangerous to relock a bootloader with anything other than perfectly stock/factory firmware installed. It may be ok to do this technically but it sort of "ties your hands" in some ways after making an unofficial modification and makes it a bit harder to recover from a botched situation.
You can have an unlocked bootloader and still use Android Pay. This can be achieved either with a ROM that is built to accomplish this (Epic ROM is an example of this) or by using Magisk, which allows root without any sort of SafetyNet trip in many cases. I don't believe there's *any* way to install Xposed and also use Android Pay or any other SafetyNet apps...the best alternative if you really want Xposed is to use Magisk and then install the Xposed Magisk module...you still can't pass SafetyNet with this setup but Magisk allows you to disable Xposed if you're willing to uncheck it in the Magisk Manager app and reboot the phone, after which time SafetyNet should pass ok...at least with this setup you'll be able to kind of have your cake and eat it too, though it's not ideal as you'll have to reboot if you want to change the status of Xposed.
https://forum.xda-developers.com/xposed/unofficial-systemless-xposed-t3388268
Thank you for detailed answer. I didn't know that.
flyer_andy said:
the best alternative if you really want Xposed is to use Magisk and then install the Xposed Magisk module...you still can't pass SafetyNet with this setup but Magisk allows you to disable Xposed
Click to expand...
Click to collapse
I tried AndroidPay few times past few days and it didn't work at all. Perhaps terminals were not compatibile. So lets say I gave up on AndroidPay - can I use regular Xposed along with Magisk? Or does it have to be that module?
Mighty_Ahti said:
Thank you for detailed answer. I didn't know that.
I tried AndroidPay few times past few days and it didn't work at all. Perhaps terminals were not compatibile. So lets say I gave up on AndroidPay - can I use regular Xposed along with Magisk? Or does it have to be that module?
Click to expand...
Click to collapse
Oh! I think I may be able to help you with the Android Pay issue - my phone didn't work right with Android Pay until I made sure *all* Google apps' permissions were allowed via the Apps menu in Settings (along with "Autostart" via the security app)...and also toggled the NFC setting where it lets you select between "embedded secure element" and "HCE Wallet." It probably is on "HCE Wallet" but try toggling to "embedded secure element" and then back to "HCE Wallet" a couple of times. My Mix 2 would not make a terminal connection until I did this...it would just say "card read error." Seems like a firmware bug. Let me know if that helps!
But yeah if you don't want to use Android Pay then normal Xposed should be fine...you wouldn't need Magisk I don't think. Though, I'm not sure but I think the Magisk Xposed module probably functions the same as normal Xposed so I'm not sure there's an advantage in doing so. But of course it's all about personal preference!
Whoah, I'm still new to xiaomi/android7+ policies, where each app's permissions are reduced to bare minimum (messenger not being able to show notifications for example). I will definitely try this tomorrow.
So far I just managed to unlock BL, flash recovery and install magisk. SafetyNet checks ok. Will try xposed tomorrow after some payments ;D Thanks!
HCE wallet worked for me (I had it set to SIM wallet).
If I understand correctly here is the possible solution to xposed+magisk+androidPay.
I'd need phh's su binaries for that and keep crossing fingers for it to work on 7.1
I need to learn more about that stuff before I break something
So as I was expecting I experience troubles in installing Xposed.
I followed official way as in here And got bootloop.
I removed magisk stuff in recovery and fixed bootloop, then installed v89.0 (not .1) and also bootloop.
Im using SDK25, and miui 9 - 7.1.1 so it should be ok I think
Mighty_Ahti said:
So as I was expecting I experience troubles in installing Xposed.
I followed official way as in here And got bootloop.
I removed magisk stuff in recovery and fixed bootloop, then installed v89.0 (not .1) and also bootloop.
Im using SDK25, and miui 9 - 7.1.1 so it should be ok I think
Click to expand...
Click to collapse
Disable hooks from the xposed apps settings before flashing xposed
What hooks? I dont have any modules yet
Mighty_Ahti said:
What hooks? I dont have any modules yet
Click to expand...
Click to collapse
It's a toggle in the settings under experimental, disable resource hooks
Boot took longer but it works. Thanks! Do I have to keep it on all the time ?
Mighty_Ahti said:
Boot took longer but it works. Thanks! Do I have to keep it on all the time ?
Click to expand...
Click to collapse
Yeah, phone won't boot with it on. Don't think it makes much difference anyway
Hi @Mighty_Ahti, how much time was "longer"? it's been loading for over 5 minutes already. Thanks
Certainly below 5 minutes.
Hi there,
It might be a dumb question, but im kinda clueless.
I have my device not rooted and the SavetyNet-Check of Magisk says ctsProfile: false.
My bootloader is unlocked since the beginning. Could that be the reason for it? And if so how could I avoid it? Rooting or Relocking the bootloader?
Background:
Because I experience problems with a couple of banking apps that they dont start/crash on startup and one of them saying it might be of having my device rooted.
So thats why I thought maybe SafetyNet Check is not good and checked it and figured out one check is not passing.
wsjoke said:
Some kernels lack the feature needed to pass cts without magisk installed you can either
1. install magisk to pass CTS
2. Use a kernel that has the patch (loki and my own kernel "chunchunmaru" should have it but both are for Q only as off now)
Click to expand...
Click to collapse
First, in what rom you are? Why u install magisk manager if u don't have root? What apps don't open? We aren't magicians or clairvoyants, please always mention more details
wsjoke said:
Hi there,
It might be a dumb question, but im kinda clueless.
I have my device not rooted and the SavetyNet-Check of Magisk says ctsProfile: false.
My bootloader is unlocked since the beginning. Could that be the reason for it? And if so how could I avoid it? Rooting or Relocking the bootloader?
Background:
Because I experience problems with a couple of banking apps that they dont start/crash on startup and one of them saying it might be of having my device rooted.
So thats why I thought maybe SafetyNet Check is not good and checked it and figured out one check is not passing.
Click to expand...
Click to collapse
I assume that you are from stock. It is the problem from Mi A2 Lite's device fingerprint that somehow it is not certified. Probably for reasons:
1. Magisk manager is present
2. Unlocked bootloader
3. Usually, it will pass when fingerprint has the same value from 10.0.1.0. After that, it fails for no reason. One theory suggests it might have to do with vulnerabilities present from our device (the System Toolkit app, when you dial *#*#64663#*#*), thus revoking certification from Play Store.
If you're on custom ROM, that would be it, except from POSP that has passed CTS. Also it could be the GApps you are using.
Os_Herdz said:
First, in what rom you are? Why u install magisk manager if u don't have root? What apps don't open? We aren't magicians or clairvoyants, please always mention more details
Click to expand...
Click to collapse
Stock rom, I previously had my phone rooted, thats why I still have installed magisk.
Various Banking Apps doesnt work as intended. For example https://play.google.com/store/apps/details?id=de.commerzbanking.mobil&hl=de cant unlock with fingerprint anymore. https://play.google.com/store/apps/details?id=com.starfinanz.mobile.android.dkbpushtan&hl=de doesnt open at all and opens a website which says a rooted phone could cause this issue.
Hey everyone,
So with pokemon GO dropping support for 32-bit devices soon (and Motorola decided to give us a 32-bit OS on 64-bit hardware....), I was wondering if there was any way I could flash a 64-bit ROM and still pass the SafetyNet CTS check? I guess I'd have to flash something without built in root, and then re-lock the bootloader, has anyone done this before?
Currently running stock ROM on my XT1676.
Thanks in advance,
J.e.v.a
Jimmy_The_Squid said:
Hey everyone,
So with pokemon GO dropping support for 32-bit devices soon (and Motorola decided to give us a 32-bit OS on 64-bit hardware....), I was wondering if there was any way I could flash a 64-bit ROM and still pass the SafetyNet CTS check? I guess I'd have to flash something without built in root, and then re-lock the bootloader, has anyone done this before?
Currently running stock ROM on my XT1676.
Thanks in advance,
J.e.v.a
Click to expand...
Click to collapse
Why would you want to re-lock the bootloader? You couldn't do that anyway without flashing a stock unmodified firmware image and even then its not advisable because if something happens in the future you may not be able to reflash firmware as the bootloader is locked
Anyway to answer your question - most 64bit roms pass safetynet by default (lineage 17.1 & AOSP for example) as they contain a hack that changes the device fingerprint (you will get a message on boot about contacting the manufacturer due to the mismatch of fingerprints but this can be ignored)
If you want root flash magisk and then hide pokemon go in magisk hide assuming magisk still supports hiding of root as I haven't tested it for a while
Also no roms should be rooted by default - you need to root it yourself if you want to
Jimmy_The_Squid said:
Hey everyone,
So with pokemon GO dropping support for 32-bit devices soon (and Motorola decided to give us a 32-bit OS on 64-bit hardware....), I was wondering if there was any way I could flash a 64-bit ROM and still pass the SafetyNet CTS check? I guess I'd have to flash something without built in root, and then re-lock the bootloader, has anyone done this before?
Currently running stock ROM on my XT1676.
Thanks in advance,
J.e.v.a
Click to expand...
Click to collapse
Just use MintOS with Magisk
It will work out of the box
Thanks for the advice both, I wanted to relock the bootloader as I believe the CTS check fails if it is detected as being unlocked. I'll have a go with one of the recommended ROMs and let you know how it turns out. I don't have any need for Root.
J.e.v.a.
Jimmy_The_Squid said:
Thanks for the advice both, I wanted to relock the bootloader as I believe the CTS check fails if it is detected as being unlocked. I'll have a go with one of the recommended ROMs and let you know how it turns out. I don't have any need for Root.
J.e.v.a.
Click to expand...
Click to collapse
The bootloader tripping CTS does not work on this phone, it's too old
And you ironically need Magisk to pass SafetyNet! Magisk Hide hides Custom ROM things too that will trap SafetyNet.
nift4 said:
The bootloader tripping CTS does not work on this phone, it's too old
And you ironically need Magisk to pass SafetyNet! Magisk Hide hides Custom ROM things too that will trap SafetyNet.
Click to expand...
Click to collapse
Ah good to hear having an old phone works in my favour sometimes.
I'm in same boat : wanted to flash the Lineage OS 64 bit version on the G5.
I don't understand why we need to use Magisk, I used to do the same last year on a Samsung J3 and flash a Lineage 14.1 (32bits and without root).
And it pass Safetynet checks wihout Magisk, is Magisks reaaly required on the G5 if we don't root the phone ?
Thanks
foosee said:
I'm in same boat : wanted to flash the Lineage OS 64 bit version on the G5.
I don't understand why we need to use Magisk, I used to do the same last year on a Samsung J3 and flash a Lineage 14.1 (32bits and without root).
And it pass Safetynet checks wihout Magisk, is Magisks reaaly required on the G5 if we don't root the phone ?
Thanks
Click to expand...
Click to collapse
It depends if the rom passes safetynet by default
If it doesn't you need magisk to either flash a safetynet module or change device fingerprint in order to pass cts
You also need it to hide the fact you're rooted from apps using magisk hide
So to clarify - if the rom passes basic integrity & cts there shouldn't be a need to root
If it doesn't you need to use magisk to help you pass these things and to hide root
foosee said:
I'm in same boat : wanted to flash the Lineage OS 64 bit version on the G5.
I don't understand why we need to use Magisk, I used to do the same last year on a Samsung J3 and flash a Lineage 14.1 (32bits and without root).
And it pass Safetynet checks wihout Magisk, is Magisks reaaly required on the G5 if we don't root the phone ?
Thanks
Click to expand...
Click to collapse
Try it. You can unroot and root your phone with the zips.
Thought I read we getting a final December update.
We are, according to Google.
As for custom ROMs after the fact, most of the Android 11 versions seem to not want to include Active Edge support because it's proprietary. This is despite Active Edge functions being reverse engineered (which is, if I recall, totally legal). While a bit of a bummer, I'll have to get used to it: the 2020 Pixel models don't have Active Edge at all.
That happened rather silently, I was kind of expecting some sort of notification. Guess now I need to work out how to put a custom ROM on this thing so I get security updates, without disclosing its rooted thus breaking all my banking apps. Hopefully that's still an option, haven't rooted in years...
TheRealWhoop said:
That happened rather silently, I was kind of expecting some sort of notification. Guess now I need to work out how to put a custom ROM on this thing so I get security updates, without disclosing its rooted thus breaking all my banking apps. Hopefully that's still an option, haven't rooted in years...
Click to expand...
Click to collapse
Heres the basics of the steps forward
Going forwards only fastboot TWRP, do not install it
Backup your loved stuff on internal storage
1) unlock bootloader (instructions here)
2) reboot bootloader (at command prompt with platform tools installed: adb reboot bootloader)
3) at command prompt: fastboot boot twrp-xxxx.img
TWRP:
Walleye (Pixel 2)
Taimen (Pixel 2XL)
You want to download the latst .img file
4) wipe/factory reset accordign to ROM instructions and flash ROM (& G-Apps if needed - depending on ROM) and setup
5) reboot to bootloader adb reboot bootloader
6) fastboot twrp again fastboot boot twrp-xxxx.img
7) flash magisk (then enable MagiskHide in Magisk Manager - good enough for *most* banks - otherwise hide Magisk Manager itself, or other specific help in Magisk threads)
8) if need be (depending on ROM, some pass Safetynet out of box) use Magiskhide Props Config also in the magisk repo, to pass safetynet
9) if using Google Pay, theres a magisk module for that that i maintain. its NOT in the magisk repo (dont ask why)
TheRealWhoop said:
Guess now I need to work out how to put a custom ROM on this thing so I get security updates, without disclosing its rooted thus breaking all my banking apps.
Click to expand...
Click to collapse
You do know that installing a custom ROM doesn't require root? You simply need to unlock the bootloader, if you're not using a Verizon device that is.
Strephon Alkhalikoi said:
You do know that installing a custom ROM doesn't require root? You simply need to unlock the bootloader, if you're not using a Verizon device that is.
Click to expand...
Click to collapse
To pass safetynet and for banking (depending on the ROM), will probably need root....
Strephon Alkhalikoi said:
You do know that installing a custom ROM doesn't require root? You simply need to unlock the bootloader, if you're not using a Verizon device that is.
Click to expand...
Click to collapse
I did, long ago, but forgot Thanks for the reminder. Although as 73sydney says, sounds like I'm going to need root to get Google Pay and banking apps etc working.
TheRealWhoop said:
I did, long ago, but forgot Thanks for the reminder. Although as 73sydney says, sounds like I'm going to need root to get Google Pay and banking apps etc working.
Click to expand...
Click to collapse
I did say depending on the ROM, some ROM's will pass safetynet out of the box, others not so much
73sydney said:
I did say depending on the ROM, some ROM's will pass safetynet out of the box, others not so much
Click to expand...
Click to collapse
Interesting, was unaware of that, is this dependant on whether its a fork of the stock ROM or not? I was considering LineageOS, so presumably need the full works there.
TheRealWhoop said:
Interesting, was unaware of that, is this dependant on whether its a fork of the stock ROM or not? I was considering LineageOS, so presumably need the full works there.
Click to expand...
Click to collapse
HentaiOS, EvoX, ProtonAOSP.. all are rocking the safetynet hurdle in A11, LOS 17.1 for A10. All is not gloomy for Taimen for now atleast. However hardware-wise my device is showing its age - getting warmed up to IM apps and casual browsing , be it A10 or A11.
getting backl into custom ROMs now that the P2XL support is coming to an end - which ROMs are the most stable, most quick to be updated to the monthly security patch, and most stock-like update process (OTA-style ideally)?
2x4 said:
getting backl into custom ROMs now that the P2XL support is coming to an end - which ROMs are the most stable, most quick to be updated to the monthly security patch, and most stock-like update process (OTA-style ideally)?
Click to expand...
Click to collapse
LineageOS.
Hi I've never wanted to root or custom ROM. I read the instructions and they are pages deep and the issues that come up and are discussed in threads have such confusing back and forth discussions using lingo and abbreviations that make my head spin.
However... Oneplus did their last update on my 5t my fourth oneplus phone... With an already old security update.
Is the only way to not throw away a perfectly working, phone with good Ram and a fairly new battery I paid to have installed just months ago?
If I'm wanting to hold on another year or 2 use the only option custom ROMs that contain security updates?
Is there a way to add security updates without a ROM? Or maybe at least just learn to root and then add just updates or is it only in ROMs?
I could probably happily use my phone as is but worried what effect no security updates really is to my use.
I really tried videos on doing so this myself I'm not comfortable if problems happen. Not very techy.
Any help appreciated
Unfortunately you can no longer get security updates once your device is deemed as old.
Your options will be to get an antivirus app on your phone, install a custom ROM (like LOS or pixel exp), or you can get a new phone.
Since you're new to this stuff I highly recommend you just get a new phone or simply install an antivirus.
Not sure which anti virus is better than which. But I'm confident in Avira, McAfee, and Norton. You may want to purchase their plan though.
Hope I helped.
Thanks alot for the reply. I'll start with an antivirus.
Hello,
I have similar issue, since I would need security patch update to keep running company mails and apps.
I have 2 doubts:
- if I root and install Android 11 custom ROM, security patches will be updated too?
- after this, would I be able to unroot and install company mail apps ( if rooted they will not work) ?
Thanks
Personally I think that your company has put an unfair burden on you to run company mail and apps on your personal phone while expecting you to have an updated phone at the same time. An updated phone should have been "given" to you.
That being said, you can actually flash and run a custom rom without root. Root is optional.
Process is as follows: (you'll need a PC for this)
1. Backup ALL your data
2. Unlock the bootloader
3. Install custom recovery and reboot to recovery
4. Wipe cache & system and format internal memory
5. Copy custom rom & gapps to internal memory
6. Flash custom rom & gapps and reboot system
miloinodense said:
Hello,
I have similar issue, since I would need security patch update to keep running company mails and apps.
I have 2 doubts:
- if I root and install Android 11 custom ROM, security patches will be updated too?
- after this, would I be able to unroot and install company mail apps ( if rooted they will not work) ?
Thanks
Click to expand...
Click to collapse
Yes if you install custom ROM you'll have security updates. It doesn't have to be Android 11 and you don't need root to install a custom ROM.
Also make sure to follow a precise guide about it so you don't encounter any issues. Always make a backup even if you're 100% sure you won't need it.
As far as I know mail apps don't check the integrity or do a SafetyNet check, so even if you root or don't it will work fine.
If you mean banking apps then you can install some modules to bypass the check or just completely remove root. Assuming that you rooted the device.
It shows my lack of knowledge never ever did I think you could Flash a ROM without being rooted.
Thanks
I successfully installed custom ROM w/o root.
But regarding company mail apps, I would need to hide bootloader unlocked status.
maybe it's impossible, if someone has a good idea...
miloinodense said:
I successfully installed custom ROM w/o root.
But regarding company mail apps, I would need to hide bootloader unlocked status.
maybe it's impossible, if someone has a good idea...
Click to expand...
Click to collapse
My banking apps working fine without root with crdroid 7.3 and flamegapps. Might work for your company mail app too.
Some roms readily hide bootloader status
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
Hence that's why the burden should be on the company to provide the "up to date" phone
miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
And that's why the burden should be on the company to provide the "up to date" phone
miloinodense said:
Thanks for the hint, but these company mails apps are checking security patch date too. Last available for oneplus 5t are September 2020, and no further support from oneplus.
Click to expand...
Click to collapse
I think if you change build.prop to some other phone with recent security patches you can bypass this.
XDHx86 said:
I think if you change build.prop to some other phone with recent security patches you can bypass this.
Click to expand...
Click to collapse
Today, I was thinking that this could be good way.
Root, change build.prop, and then unroot.
If you have a link for a good tutorial on change bulid.prop would be nice, thanks.
miloinodense said:
Today, I was thinking that this could be good way.
Root, change build.prop, and then unroot.
If you have a link for a good tutorial on change bulid.prop would be nice, thanks.
Click to expand...
Click to collapse
Just for update:
I tried to Root a stock ROM, edit build.prop (security patch date), unroot, and then lock bootloader.
But even if it was a stock ROM, OP5T was not booting.
Booloader was stopping boot since it was detecting a non-stock ROM.
Indeed, I had to unbrick OP5T since I was not possible to unlock bootloader.
So, still not solved
miloinodense said:
Just for update:
I tried to Root a stock ROM, edit build.prop (security patch date), unroot, and then lock bootloader.
But even if it was a stock ROM, OP5T was not booting.
Booloader was stopping boot since it was detecting a non-stock ROM.
Indeed, I had to unbrick OP5T since I was not possible to unlock bootloader.
So, still not solved
Click to expand...
Click to collapse
Just edit build.prop and use magisk hide module from magisk manager.
XDHx86 said:
Just edit build.prop and use magisk hide module from magisk manager.
Click to expand...
Click to collapse
Edit build.prop w/o root and unlock bootloader is not possible...
Moreover, hiding root will not work with more recent android updates and for sure it will not hide unlock bootloader.
miloinodense said:
Edit build.prop w/o root and unlock bootloader is not possible...
Moreover, hiding root will not work with more recent android updates and for sure it will not hide unlock bootloader.
Click to expand...
Click to collapse
Yeah I assumed you would know that you should root first. But seeing you even attempted to lock bootloader after modifying the device, seems I assumed wrong.
Magisk hide is working fine on later android versions like 8+. And for the bootloader it only trips CTS if your bootloader is using hardware backed key - Which is the case with OP5 - as CTS check also has hardware attestation. But it is possible to bypass said check by using SafetyNet Fix module, of course you will also install that from magisk manager.