Out of curiosity, someone please explain to me what we are doing at the hardware level when we flash/root etc. I have an excellent understanding of PCs and Windows hard drives, but I don't understand why Android is much more complicated to modify and how the carriers are able to permanently mess up (in our opinion) our phones using OTA updates when there is not a computer virus that exists that can permanently mess up my computer to the point that a wipe and reinstall wont fix it?
My specific questions are as follows:
1. Most thread instructions usually say to root the phone before installing custom recovery (TWRP). If we are doing an ODIN flash, is rooting actually needed to install TWRP? Is root part of the ROM? Or is it a deeper hardware thing unrelated to the ROM?
2. If we are installing a custom rom (cyanogen mod) and we want root, is it necessary to root with a separate method (superuser.zip etc), or does flashing cyanogen mod give us root automatically?
3. If we are flashing images to the phone's hard drive, why does the current operating system on the phone matter? Why is there a different root/TWRP install method (and .tar images?) for android 4.1.1 than there is for 4.1.2 or 3.x.x? Shouldn't the same ODIN images work regardless of what operating system the phone has on it? As in, why do I even need to look at what is currently installed on the phone? If I have a computer and I want to install a new operating system, the current OS doesn't matter, I just wipe the drive and install the new OS. Why are the phones different? Why is it possible to buy a brand new computer, wipe the drive, and install Windows XP, or even DOS, but I can't buy a brand new phone and install Android 1.0.0?
4. How are the carriers able to cause developers so many problems with their OTA updates? If someone upgraded their i747 to 4.3 why can't they just format the phone's drive and reinstall an older operating system like I can on my computer? Even a computer infected with the worst computer virus can still be wiped and reinstalled with any processor compatible operating system, so how do the OTA updates cause irreversible phone problems when nasty computer viruses can't do this?
Basically explain to me what makes the Android phones different from PCs and makes everything so much more complicated than it is to format a Windows drive and install Linux and then format again and install something totally different? I just don't understand what makes them so different? Lastly, if the carriers encrypt a bootloader, like ATT did with the S4, why can't we just erase the bootloader and flash our own not-encrypted bootloader to the phone? Is the bootloader some sort of chip that we would have to physically remove and replace? Or is it 1's and 0's on the drive that we can format and rewrite?
scubapilot said:
Out of curiosity, someone please explain to me what we are doing at the hardware level when we flash/root etc. I have an excellent understanding of PCs and Windows hard drives, but I don't understand why Android is much more complicated to modify and how the carriers are able to permanently mess up (in our opinion) our phones using OTA updates when there is not a computer virus that exists that can permanently mess up my computer to the point that a wipe and reinstall wont fix it?
My specific questions are as follows:
1. Most thread instructions usually say to root the phone before installing custom recovery (TWRP). If we are doing an ODIN flash, is rooting actually needed to install TWRP? Is root part of the ROM? Or is it a deeper hardware thing unrelated to the ROM?
2. If we are installing a custom rom (cyanogen mod) and we want root, is it necessary to root with a separate method (superuser.zip etc), or does flashing cyanogen mod give us root automatically?
3. If we are flashing images to the phone's hard drive, why does the current operating system on the phone matter? Why is there a different root/TWRP install method (and .tar images?) for android 4.1.1 than there is for 4.1.2 or 3.x.x? Shouldn't the same ODIN images work regardless of what operating system the phone has on it? As in, why do I even need to look at what is currently installed on the phone? If I have a computer and I want to install a new operating system, the current OS doesn't matter, I just wipe the drive and install the new OS. Why are the phones different? Why is it possible to buy a brand new computer, wipe the drive, and install Windows XP, or even DOS, but I can't buy a brand new phone and install Android 1.0.0?
4. How are the carriers able to cause developers so many problems with their OTA updates? If someone upgraded their i747 to 4.3 why can't they just format the phone's drive and reinstall an older operating system like I can on my computer? Even a computer infected with the worst computer virus can still be wiped and reinstalled with any processor compatible operating system, so how do the OTA updates cause irreversible phone problems when nasty computer viruses can't do this?
Basically explain to me what makes the Android phones different from PCs and makes everything so much more complicated than it is to format a Windows drive and install Linux and then format again and install something totally different? I just don't understand what makes them so different? Lastly, if the carriers encrypt a bootloader, like ATT did with the S4, why can't we just erase the bootloader and flash our own not-encrypted bootloader to the phone? Is the bootloader some sort of chip that we would have to physically remove and replace? Or is it 1's and 0's on the drive that we can format and rewrite?
Click to expand...
Click to collapse
Reason being is that the manufacturers have control over everything and completely lock you out.
Its not like you have a bios on these phones or you can install a new hard drive with a different OS on it.
They lock it down so much.
It's also not impossible to root any of the phones.
All you need to do is use uart or jtag to talk to the device straight up.
Rotting is part of the rom.
An odin flash will work great for flashing recovery(For samsung devices only)
And roms.
But odin flashes whole partitions only.
Rotting is not a hardware thing.
Its basically finding a way to place a file on the /system partition in the bin folder.
Then being able to execute that file. (File: su)
The su executable changes your uid(User id) to 0 which indicates the root user giving you full access over the device.
To get the su executable on to the device you will have to find exploits in the software to allow you to write to the /system/bin directory.
One such exploit is zergrush which gave you a root shell where you copy the su binary over to the device.
What is rooting?
Pretty much every rom here will be given root access by default.
Some roms(Usually indicated with stock) have no root.
In which case recovery will allow you to flash a zip putting the su files onto your installed rom.
(Recovery is like running a live cd to repair windows.)
A good place to learn is xda-university
What is recovery?
These phones have flash memory.
Not magnetic.
And like I said Odin flashes whole partitions.
So it would completely wipe whatever partition you are flashing to.
/system would contain android.
So an odin package with a system img would wipe the current OS and flash the contents of your odin package to the place where the old OS was.
To summarize, Odin packages are not dependent upon the installed OS at all.
Now that is an interesting question.
The reason that you can't just install any OS is because we don't just have generic drivers built for generic hardware.
We have millions of different phone models.
There really hasn't been any movement for standard compliant hardware in the phone scene.
So building generic stuff for all of the different kinds of phones would be a nightmare.
And the last one.
Its because we rely on software security bugs to break into devices.
Google has made it easy for us to do anything that we want with our devices with a simple command.
samsung's download mode isn't a sure fire way of doing any modding because you would have to build a rom from stock. (Samsung doesn't release their stuff very often. An exception to this is : sammobile )
And again, you could do this with an underlying knowledge of the hardware using Uart or jtag. (Conneting to the board directly and speaking to the processor)
Seriously think about that for a second, how do you install windows. A cd drive.
How do you configure devices. a bios.
In short : These phones aren't made to be messed with for security reasons and because manufacturers are too lazy to make it easy for modders. (Nexus devices are made in mind for modders though)
Need anymore info just ask. :highfive:
Thank you so much Lgrootnoob. A few more questions.
1. When you say
To get the su executable on to the device you will have to find exploits in the software to allow you to write to the /system/bin directory.
Click to expand...
Click to collapse
Do I understand correctly that this is only true when adding root to a stock rom? If I flash cyanogen mod to the system partition, it does not require an exploit because it just erases and overwrites the entire partition? I have been rooting, and then installing TWRP, and then installing Cyanogen Mod. If I understand you correctly, me rooting the stock rom is an unnecessary step, as I am just erasing and overwriting it with Cyanogen Mod later?
Google has made it easy for us to do anything that we want with our devices with a simple command.
Click to expand...
Click to collapse
2. So modding the Google Nexus does not require that we use the exploits you mentioned are needed to modify the other phone(s)?
3. I understand that Android 4.3 has security features that prevent gaining "true root"? As long as Nexus leaves the "easy access" you mentioned, it will still be possible to flash a custom rom that does allow true root, no matter what security features Google puts into its version of Android?
4. Does the Google Play Edition Galaxy S4 require the exploits? Or do the Google Play edition phones have the same "easy access" you mentioned the Nexus has? Is the "easy access" the fastboot function I've read about?
5. With a carrier that encrypts all of their bootloaders, I will most likely be forced to buy only Nexus products or Google Play edition phones if I want to have Cyanogen Mod with full root? I haven't wanted a Nexus because it doesn't have a removable battery or SD card, but having custom firmware is the most important thing to me.
scubapilot said:
Thank you so much Lgrootnoob. A few more questions.
1. When you say Do I understand correctly that this is only true when adding root to a stock rom? If I flash cyanogen mod to the system partition, it does not require an exploit because it just erases and overwrites the entire partition? I have been rooting, and then installing TWRP, and then installing Cyanogen Mod. If I understand you correctly, me rooting the stock rom is an unnecessary step, as I am just erasing and overwriting it with Cyanogen Mod later?
2. So modding the Google Nexus does not require that we use the exploits you mentioned are needed to modify the other phone(s)?
3. I understand that Android 4.3 has security features that prevent gaining "true root"? As long as Nexus leaves the "easy access" you mentioned, it will still be possible to flash a custom rom that does allow true root, no matter what security features Google puts into its version of Android?
4. Does the Google Play Edition Galaxy S4 require the exploits? Or do the Google Play edition phones have the same "easy access" you mentioned the Nexus has? Is the "easy access" the fastboot function I've read about?
5. With a carrier that encrypts all of their bootloaders, I will most likely be forced to buy only Nexus products or Google Play edition phones if I want to have Cyanogen Mod with full root? I haven't wanted a Nexus because it doesn't have a removable battery or SD card, but having custom firmware is the most important thing to me.
Click to expand...
Click to collapse
1. Well, devices that have no way of flashing at the bootloader must be rooted on the stock rom to flash other roms. (Exception: Nexus devices that have fastboot flash system.img functions) But custom roms come su in /system/bin all the time. (Unless said otherwise in their thread)
2. Yup, google gives exclusive access on the nexus phones.
However, you have to unlock the bootloader to flash anything.
Unlocking the bootloader will use the command:
Code:
fastboot oem unlock
Unlocking the bootloader wipes all data.(/data partition) but leaves the system partition intact.
Reasone being is when someone flashes a recovery:
Code:
fastboot flash recovery.img
They could use recovery to dump your data partition.
3. The way processes work in android 4.3 and above is different from 4.3's ancestors.
Root can be obtained with Supersu
But exploits to gain root on the android system have been pretty much put out of business.
Most exploits are bootloader exploits these days. (Or oem rom exploitsem's theming makes their devices vulnerable usually.[They have less tested code or just don't care.])
So root is still widely available on just about any rom out there thanks to chainfire!
^He is an awesome developer by the way.
4. I would figure that the google play editions have easy access with fastboot that would normally be stumped by samsung.
Google makes everything awesome.
" Is the "easy access" the fastboot function I've read about?" In short yes.
It allows you to flash recovery which can dump the whole system and allow you to modify the system however you like and put it back on the device.
There is even an app for recovery by the way: Aroma fm
5. The removable battery doesn't matter unless you wan't to swap batts on the fly.
But it does have a function for restarting the phone without pulling the battery. Hold power button + volume up until it restarts.
And even if you wanted to replace the battery you could take the nexus device apart and disconnect the battery and find a replacement. (Maybe ordered from the manufacturer.)
The devs here are awesome and find exploits in almost all of the bootloaders or the oem (skinned) android versions.
So the nexus devices aren't the only option, but they usually get more development unless your device is truly a powerhouse like the gs4 international.
Not sure if this is of interest to anyone.
FULL SYSTEM ACCESS ??
But I have just realised that when using linux, if you plug the phone into the system via cable
it pops up a with all of the different partitions on the phone.
Look like system partition, boot partition, backup etc etc. There are 5-6 I think.
These are all system partitions. So far I have only been able to access the main system partition via RarLab's Unrar.
But this is a new development I hope as we can now access all files to do with the phone.
Maybe this can help in developing some Custom Rom's as there is nothing at the moment.
I am not much of a developer, mearly noticed upon a chance to make this phone really good.
:fingers-crossed:
p.s If it doesnt work, maybe I had the bottom volume button held and booted into recovery (not sure).
Hello
I am unsure if this goes here, since this is a generic question that would apply to most Android phones, I decided to put this here or on the General forum
I assume it's also not possible to do what I mention due to the way it's designed.
Let's say I have a new phone and I would like to get a backup of the whole phone partitions and partition table before doing any modification to it, using no root
Would there be a way to get the list of partitions of the phone using cat proc/partitions for example, or any other way
Then use dd to get bin/img files of the device, including bootloader, modem/radio, etc.
Use, let's say, sgdisk command to backup the partition table
I am open to other ideas I might haven't figured out yet.
In short words, I would love to dump my whole device low level data (such as EFS). I usually do this when I am already root, but maybe there's a way to do this without "tampering" the device on first place.
Thanks
So I'm in a scenario where I'll end up needing to install lineage with a custom kernel for around 15 devices or so. Typically the word of the wise on flashing is to obviously just install a custom recovery and install system images through there. However, since I'm going to need to do this in bulk it becomes more of a thing to script out, and flash images via fastboot. Though this shouldn't ever *reasonably* be an issue, I'd like to make a backup of the entire phone's nand, including the partitions associated with actual phone things. Though I believe that this should be reasonably accomplished by dd'ing /dev/block/mmcblk0, I want to make sure there are no other storage mediums on the phone that could be altered by fastboot that I'm overlooking. Thanks!
Hello and sorry for bad english,
I just wanted to ask : is android does partitioning in any similar way to linux? Because they have similar kernels, can I dump emmc contents to something like a virtual hard drive then view partitions and edit them normally?
Because my family has several cheap chinese phones (mostly mtk) and they share in common this annoying system storage issue where apps could only be stored on 2gb (separated from the other 6gb of media storage(sdcard1))where there is only 0.5 gb free for you to install your applications. Custom rom flashing doesnt work, while app2sd works after some trouble, it still not stable and often problematic for the average users these phones belong to, flashing custom layouts brick phone no matter what i tried, while i tried to stay away from rooting i tried it and exposed plugins (or something) dosent even work, i gave up on this already but i would really prefer to expand my knowledge in android.
If phone's Android is rooted you always can dump contents of Android partitions.
See also here:
[GUIDE] Making Dump Files Out of Android Device Partitions - GSM-Forum
Use: The main purpose is to make a file that contains all data in android specific partition. This is really handy in case of dumping leak firmwares.
forum.gsmhosting.com
jwoegerbauer said:
If phone's Android is rooted you always can dump contents of Android partitions.
See also here:
[GUIDE] Making Dump Files Out of Android Device Partitions - GSM-Forum
Use: The main purpose is to make a file that contains all data in android specific partition. This is really handy in case of dumping leak firmwares.
forum.gsmhosting.com
Click to expand...
Click to collapse
Thank you, but can sp flash tool do the above?(does using the combo of wwr_mtk and sp flash tool achieve dumps that can be read in the same way?)
IDK
jwoegerbauer said:
IDK
Click to expand...
Click to collapse
I am away from home for some time so i cant try it, but my suggested method generates img files for everything
Also, can i in any way resize the partitions on the phone(maybe go your way then edit partitions on the pc then flash them back OR modify the sp flash tool scatter file(very unlikely to work, file size and partition size are different))or merge the internal and media partitions, or modify the rom so it stores apps in the media storage then flash it back. Any help would be appreciated.
IDK
jwoegerbauer said:
IDK
Click to expand...
Click to collapse
Ok, thanks anyway