Related
The Ultimate Guide to put Hero Builds and other Builds to your G1/Magic Android Phones by hellogadgetman from Greece
or download from here for best structure and more
http://rapidshare.com/files/2522727..._Builds_and_other_Builds_to_your_G1_best.docx
for ROOTED Phones
I have no responsibility for mistakes and problems through this guide
1) Find your SPL and Radio Versions
• Radio
o Next you will want to confirm your Radio Baseband.
To Confirm this Press Menu - Settings - About Phone - Scroll down till you see Baseband version.
Compare the Baseband value to the value below to see if you are using the correct radio for your build or if you need to update.
o You will need 2.22.19.26I
• Currently there are three SPLs available. The G1 variant is the SPL that is installed in stock T-Mobile G1 phones. The Engineering variant is found in the Android Dev Phone 1. Finally, the HardSPL is a modification of the Engineering variant by cmonex, with additional hacker-friendly functionality.
• HardSPL
• VER: HSPL10.95.3000
• HardSPL is a modification of the Engineering SPL by cmonex. In addition to the functionality of the Engineering SPL, HardSPL also allows NBH files to be used without matching the CID (carrier ID) check.
• Engineering SPL
• VER: HBOOT-0.95.3000
• The Engineering SPL is a custom SPL installed in devices intended for Android development. It has existed since before the launch of the G1 and is now available to the general public as preinstalled on the Android Dev Phone 1.
• G1 Original SPL
• VER: HBOOT-0.95.0000
• This is the original SPL which is installed in a stock G1. It is easily distinguished by the "trademark" red-green-blue bootloader screen which appears in many HTC phones. This SPL does not support the fastboot protocol and thus will not allow the user to flash nand backup images.
2) Update the Radio to the Latest
• Download the Radio zip.
• http://android-roms.googlecode.com/files/ota-radio-2_22_19_26I.zip
• Rename it to "update.zip".
• Copy it to the root of your phone's SD card.
• Turn your phone off.
• Start up in recovery mode by holding Home and pressing Power.
• Press ALT+S to apply the update.
• Once the update is applied press Home+Back to reboot the phone. The Phone will start to boot up and then continue applying the update. Once this is completed the Recovery menu will ask you for the second time to reboot the phone via Home + Back
3) Update the SPL to the Latest
IF YOU HAVE ONE SD CARD:
• Upload new SPL on your microSD and rename to "update.zip"
• Reboot your phone into recovery mode. I ASSUME YOU MEAN HOLDING POWER AND HOME BUTTONS>>>RIGHT?
• THIS IS IMPORTANT (perform a nandroid backup, of course) APPLY THE UPDATE USING ALT-S..., and once complete DON'T DO ANYTHING.. read step 4.
• WITHOUT PRESSING ANY BUTTONS remove your microSD card from your phone, and plug it into your microSD card adapter/SD card reader
• Remove/rename the SPL update (to something other than "update.zip") and upload the update file of the build you are currently using onto your microSD card. Put your microSD card back in your phone AGAIN WITHOUT PUSHING ANY BUTTONS I KNOW THIS IS STUPID, BUT WE RENAME THE BUILD TO UPDATE.ZIP AS WELL
• Press Alt + x to go to the console. If your phone does not reboot automatically, press enter, type "reboot recovery", then press enter again.
• If you boot up in recovery, you have done everything correctly. Now APPLY THE UPDATE USING ALT-S, reboot, and you're done
4) Performing a NANDROID Backup
At this point you should backup your phone via NANDROID
1 Turn your phone off.
2 Hold Home, press Power button to boot into Recovery Mode
3 Press ALT+B to start the backup.
4 Once the backup has completed press Home + Back
Next your phone will reboot and load the OS, at this point you should copy the files your just backed up to your PC incase you need to recover your phone
1 Mount your SDCard to your PC
2 On your SDCard change to the nandroid/HT840GZ30985
3 Inside this folder you will see another folder the first 8 digits of this folder name is the date it was created in the YYYYMMDD format and the last four are the time.
4 Copy this entire folder to your PC and save it. As you make more backups to your phone repeat this process.
5) Format your sd card to Fat32 and Ext2/Ext3 Partitions
• Install the sdsplit executable to your phone. To so this, open the 'terminal' application / ADB Shell and type the following commands at the prompts:$ su
# cd /data
# wget http://64.105.21.209/bin/lib/droid/sdsplit
# chmod 555 sdsplit
# exit
• Decide the size of your FAT partition:
You should use one of two approaches to decide the size of your FAT partition. The first one involves simply directly deciding this size (i.e. I want a 5G FAT partition). In this case, the EXT2 partition will be the remainder of the card.
size_of_fat_partition = size
The second method is based upon the fact that you want to decide the size of the EXT2 partition and would like the FAT partition to be the remainder of the card. In this case, the size of the FAT partition will be based on the size of your sdcard and the size of the EXT2 partition that you want. Use this formula to calculate it:
size_of_sdcard - size_of_ext2_partition = size
So, if you have an 8GB sdcard and want 1GB of space for apps on your EXT2 partition, use 7000M for the FAT size.
No matter which method you use, you will need to specify either bytes (no parameter), kilobytes (K) or megabytes (M) . So, for a 5G partition would use a 5000M size parameter.
Note: The size parameter is currently case sensitive, use 7500M, not 7500m!
• Backup your SDCard onto your PC
Note: To figure out how much data (in K) you have on you FAT partition, you can type the following in your terminal / ADB Shell (the sdcard can not be mounted for this cmd to work):
$ du -s /sdcard
Note: to find out how much free space is left on your /data partition type (see available)
$ df /data
• Run sdsplit. Use the size from step 3 below (do not forget the "M" in size if you are specifying megabytes): (Note: you will need an internet connection on your phone for this step)
Note: If you are using the JF1.5 update, you should put a -nc at the end of the commands below since system configuration is not needed!
Non JF1.5 Build:
$ su
# /data/sdsplit -nd -fs size
# exit
JF1.5 Build:
$ su
# /data/sdsplit -nd -fs size -nc
# exit
Please, remember to record the output of this stage if you run into a problem. There will be a permanent record of it in, /data/sdsplit.log.
• Reboot your phone, via terminal:
reboot
• Restore your data from your PC to your Fat partition of your SDCard.
• You're done! You should have two partitions now on your sdcard. The FAT one mounted at /sdcard and the EXT2 one mounted at /system/sd.
6) Put the Cyanogen Recovery image 1.2
http://n0rp.chemlab.org/android/cm-recovery-1.2.img
To install raw image: copy it to your sdcard and run from a terminal:
flash_image recovery /sdcard/cm-recovery-1.2.img
It is suggested to fully shutdown the device and power it back up.
Check Recovery IMG by rebooting phone and pressing Home + Power to see the new Recovery IMG
If you have problems with a "no space on device" error, try using fastboot and erasing first:
fastboot erase recovery
fastboot flash recovery cm-recovery-1.3.1.img
7) Upload JACHero 2.2.3 or any other to sd card and rename them as update.zip
8)Last steps to finalize
• wipe
• run apps2sd from recovery image menu
• then run fix filesystems
• then run update.zip
• then run apps2sd from recovery image menu again
• then reboot
• when phone reboots, give it about a minute after the screen comes on and chose deny on swapper in SU permissions pop up.
• then go thru the setup for gmail and android..
• after you get logged in to everything, do your settings for backlight and whatever else,
• then go to programs and do the swapper settings -
• SWAPPER SETTING:
/system/sd/swapfile.swp
Change swapper size
i did 20mb / 32mb ( i think thats right )
• then reboot ( after Gmail has finished syncing your contacts )
• when it comes back up choose always allow on swapper ( in su permission popup )
• then do you market and flickr( disable wifi for a sec ) to accept the terms..
• then give it a few seconds, and in about 1 min the phone will be running faster like cupcake
Many thanks to JACHero,Cyanogen,Robpet2,Jesus Freke,Jon Pezz, xmoo, Haykuro, Stericson, dapro, The Dude, Darkrift, and many others!
very nice guide thank you...also very nice guide structure
gonna try this and see if i can really get this to run as fast as cupcake
Just a side note;
Http://twistedumbrella.googlepages.com/index.htm
The guide there has all the resources loaded to the site already and no longer requires you to have to use fastboot because the recovery there has restore built in.
pretty good guide...but this has nothing to do with porting builds -- only installing builds that have already been "ported"
porting (in the context you used it) means to change a build to work on another system / device:
http://en.wikipedia.org/wiki/Porting
also...Recovery 1.3.1 is the latest and greatest
cheers
alapapa said:
pretty good guide...but this has nothing to do with porting builds -- only installing builds that have already been "ported"
porting (in the context you used it) means to change a build to work on another system / device:
http://en.wikipedia.org/wiki/Porting
also...Recovery 1.3.1 is the latest and greatest
cheers
Click to expand...
Click to collapse
I know but 1.2 Cyanogen has Apps to sd and fix filesystems
alapapa said:
pretty good guide...but this has nothing to do with porting builds -- only installing builds that have already been "ported"
porting (in the context you used it) means to change a build to work on another system / device:
http://en.wikipedia.org/wiki/Porting
Click to expand...
Click to collapse
Yes, the title of this post is rather misleading. I was expecting a guide to porting. This is a well organized collection of instructions to prepare your phone for most modern builds, and will surely be useful to some, but the title should really be changed to better reflect the content of the post.
hellogadgetman said:
I know but 1.2 Cyanogen has Apps to sd and fix filesystems
Click to expand...
Click to collapse
1.3.1 does too, but much like fix_permissions its executed through concole instead of menu
If someone made the guide please post his thoughts
Thanks
Anyone or better None
thanx for your instructions!
and, is the Cyanogen Recovery Image the necessary part for flashing Hero roms on G1?
thanx again.
thanx for your instructions!
and, is the Cyanogen Recovery Image the necessary part for flashing Hero roms on G1?
thanx again.
Very good, indeed.
EDIT:
What happens if you miss a step, but still able to flash the latest 2.3.5 hero rom? (Following these steps reduces the lag?)
That's what exactly what I did:
1. I already had the latest radio update (so I didn't bother downloading again)
2. I installed latest SPL, renamed it to "update" in my sd card, turn off phone, turn-on phone (HOME+END button), hit ALT+S.
(I don't have a SD card reader yet.....but I have another phone (T-Mobile Wing), I removed SD card from G1, put it in T-Mobile Wing, opened folder where SD card is, and deleted "update" (SPL file), rename the 2.3.5 HERO rom to "update", took SD card out of T-Mobile Wing, put it in my G1)
3. Turn on G1 (HOME + END), wipe (ALT+W), then flash (ALT+S)
(Waited until it installed new hero ROM, it was installed, then I went to swapper application and changed settings to " /system/sd/swap.swp "
That's it.
I already had partition my SD card before doing this update. I dont know if it's necessary to do it again.
My G1 is working, and I have 72MB free space in internal phone storage (so far).
My question is:
Do I need to follow these steps to make the rom work better? To allow my apps go to my SD card (like it was before).?
By the way, I installed the OVERCLOCKWIDGET app from market and it won't open. (Launch Error, "Overclockwidget (need root) could not be launched")
Any inputs would be greatly appreciated.
Then I wipe, flash new ROM.
ss1271 said:
thanx for your instructions!
and, is the Cyanogen Recovery Image the necessary part for flashing Hero roms on G1?
thanx again.
Click to expand...
Click to collapse
Yes if you want to be a fast Hero ROM
jay22are said:
very nice guide thank you...also very nice guide structure
gonna try this and see if i can really get this to run as fast as cupcake
Click to expand...
Click to collapse
if it is let me lnow to make the change to hero
FAILURE to install
I followed your guide exactly but when I was flashing the hero update an error came back
"E: Cant't chown/mod /system/xbin
(no such file or directory)
E:Failure at line 14:
set_perm_recursive 0 2000 0755 06755 SYSTEM.xbin
Installation aborted."
Any suggestions???
NVM. Problem fixed. had to download the following spl
https://www.digital-bit.ch/g1devel/6.0-spl-signed.zip
Alt+M (apps2sd option) isn't showing up in v1.3.1
Anyone have any idea why Alt+M (apps2sd option) isn't showing up in Cyanogen's Recovery Image when all the other options that were updated in 1.3.1 are?
twistedumbrella said:
1.3.1 does too, but much like fix_permissions its executed through concole instead of menu
Click to expand...
Click to collapse
Thats the reason I put in my guide the 1.2 Cyanogen recovery
DirectMatrix said:
Anyone have any idea why Alt+M (apps2sd option) isn't showing up in Cyanogen's Recovery Image when all the other options that were updated in 1.3.1 are?
Click to expand...
Click to collapse
app2sd is automatic in version 1.3.1, but that's for new apps installation.
All the hero roms (at least that i know) require not the recommended "HardSPL" but Haykuro's updated SPL
This guide is very misleading esp since you bascially c/p from the other posts.
Dont take it personally, but it really needs to be cleaned up
B-man007 said:
All the hero roms (at least that i know) require not the recommended "HardSPL" but Haykuro's updated SPL
This guide is very misleading esp since you bascially c/p from the other posts.
Dont take it personally, but it really needs to be cleaned up
Click to expand...
Click to collapse
But this is the point of somebody who has to read over 500 posts to understand to have all the things straight away.
I have used it and it is fine and some others also ...(over 100 downloads of the document)
Thanks
Defyluks - System encryption for the Defy(+)
Warning: This patch is only intended for people who are familiar with Linux and LUKS and know what they are doing. I take no responsibility for any damage whatsoever resulting from using this patch.
Before applying this patch, I strongly recommend making a full backup of your device. Uninstallation is currently not supported, excepting via flashing back the Stock-ROM via sbf-flash and redoing everything.
Last update: 2012-12-02
== Motivation ==
Until now, there is no working solution for encryption the internal data partition and sdcard of a Defy(+). In theory, Android 3.x+ provides such a possibility, but (afaik) all currently available builds of CM9/CM10/CM10.1 etc. don't implement this feature yet. Apart from that, many users of the Motorola Defy share the opinion that Android 2.3 is more suitable for the device than Android 4.x due to a smaller memory footprint etc. Even in case the standard Android encryption shall become in newer CM releases in the near future, having an alternative for CM7 might be still desirable.
One general problem of the built-in encryption in Android 3.x+ is also the fact that you can't move the data partition on the sd card. In case of hardware damage, you don't have the possibility to pull out your data and send in the device for repairs. Also, you cna't easily mount the data partition from others systems using existing tools like LUKS for Linux or FreeOFTE in Windows.
== Related projects ==
There are a few related projects, but they only work for other devices like the HTC Wildfire or the Nexus One:
LUKS/LuksApp (https://github.com/guardianproject/LUKS)
Luksunlock (https://github.com/guardianproject/luksunlock)
Yaffsunlock (https://github.com/scintill/yaffsunlock)
== What does this patch do? ==
First of all, the patch adds a few new components to CM7:
- the cryptsetup binary (taken from GuardianProject's LUKS porting project)
- kernel modules which provide support for ext4 and jbd2 (taken from Quarx2k's custom kernel for CM10)
- a modified init.rc which is based on the one provided by CM7.2-stable (warning: it replaces the existing one!)
- (temporary) a sample encryption key
After installing this patch, the existing internal data partition in the mtd flash will be ignored during bootup and not mounted anymore! Instead, an encrypted data partion from the sd card will be used.
== Status ==
The patch is currently under heavy development. The current version 0.1 is intended only to give a first preview about this development. Currently, the patch only provides a rudimentary security enhancement in case the hardware breaks, not in case of theft (see the open TODOs below). The performance impact is high for write operations, but negligible for read operations, see the attached benchmark.
== Requirements ==
- Basic knowledge about LUKS
- rooted Defy with CWM and CM7.2-stable
- microSD card in your Defy
== Installation ==
Step 1: Create a key (on your desktop) which will be used for the encryption later on:
dd if=/dev/random of=lukskey bs=1 count=32
Step 2: Mount the sd card externally (via adapter or from CWM) and repartition it. In the following, I assume that the sd card is available as device /dev/sdb. Here is how to repartition it:
/dev/sdb1: the existing FAT32 file system (you can shrink your existing one)
/dev/sdb2: a new partition with fs type (82)
Step 3: Encrypt the second partition of your sd card with the key you created previously:
cryptsetup -c cipher=aes-cbc-plain luksFormat /dev/sdb2 /path/to/lukskey
Step 4: Crypto-mount the partition and create an ext4 fs on it:
cryptsetup --key-file /path/to/lukskey luksOpen /dev/sdb2 encrypteddata
mkfs.ext4 /dev/mapper/encrypteddata
cryptsetup luksClose /dev/mapper/encrapteddata
Step 5: Replace the keyfile in "system/etc/lukskey" in the supplied defyluks.zip archive by your key (that is: unpack the archive, replace the key, pack the archive again)
Step 6: Install the previously packed defyluks.zip archive via CWM on top of CM7.2-stable and boot your device.
== Version history ==
0.1 (02.12.2012): First pre-release
== TODOs (sorted by priority) ==
- cleanly luksClose the mounted data partition in order to prevent data loss
- allow for key entry via some minui (the hardcoded key does not really enhance security greatly. Of course, if someone steals only your sd card but not your phone or if your hardware breaks and you have to send it in it already helps, but apart from that?)
- support loopback-devices on top of the existing vfat filesystem on the sdcard (remove need for repartitioning the card)
- support a more secure cipher like aes-cbc-essiv (the Defy stock kernel lacks support for that, will have to add the proper module)
- make the installation process much easier (i.e. by providing a setup ui like LuksApp does)
- enhance the documentation (provide a real user manual)
- allow for using the internal nand flash (I see some cons here, but okay maybe some people still might want that)
- support other file systems like yaffs2 (does not make sense on sd card, but surely does when using the internal nand flash)
- encrypt the rest of the sd card as well
- support further Defy-ROMs
- replace the precompiled binaries by self-compiled binaries
- replace the current build script (a cruel hack) by a real build system
- support other CM7.2 devices
- make the first bootup faster (currently takes aprox 3 minutes)
Any feedback is warmly welcome!
Hi could You help me with this:
- BlueStacks 0.8.7.3069 (ver 4.0.4), cpu amd, I did all the steps with MultiTool v1.21r1 auto root, superuser, launcher, de-bloat etc. everything works perfect
- changed settings of build.prop many times manually via app and thru multitool update without any problems
- however once i used wrong version of build.prop from BS Tweaker folder 09 (which are (now i know) for BS builds <0.9 (ver 4.4.2) and uploaded it via multitool >>> result: after restart Bluestacks got infinite loop on boot
- unfortunately I didn't make backup of C:\ProgramData\BlueStacks\Android
- so I tired to change back the build.prop , In BS there are 2 locations: //data/bluestacks.prop and //system/build.prop
The 1 under //data is bs-specific file that simulator has priority to use
- I mounted Root.fs via OSF and changed //system/build.prop to good build.prop.BAK
- Now, BS runs but showing only black screen
- When I trying to use Multitool to update build.prop got error: * Checking for system services status.... ERROR: Timed out while waiting for required services.
So, how to repair BS to previous state with all installed apps? How to inject proper build.prop to //data/bluestacks.prop to see if that could help?
//BS Tweaker under BSProp reports me this bad build.prop for 4.4.2.
Best
solved
Hi, I repaired it in a simple way.
- ADB didn't allow me to inject proper build.prop in /data/.bluestacks.prop because of problem with root access - ADB couldn't connect to BS as root, always got [email protected]:/ $ whatever I tired to do.
- I found different tool 'BlueStacks Easy', this allow me to convert file system format from Data.sparsefs folder to Data.fs, so I was able to mount this image via OSFMount and edit .bluestacks.prop using copy&paste method then convert back.
- Result: BlueStacks backed to work, no more black screen :victory:
Ty
Hi,
I was away from Android modding for quite a while (since 4.4) and it turned out that lots have changed since then. I got a new phone (Moto Z Play XT1653-02) and decided to play a bit with it. After reading the forums I found that there is not enough explanation on how the modern security model works.
I am a big fan of SELinux in the enforced mode (as long as you know how to configure and tweak the policy to your specific needs) and I don't need root on the phone itself, but I need the ability to apply changes to the /system hierarchy.
OK, I downloaded TWRP image + MultiScript-MZP-V2 zip. Looked inside the zip file (I would recommend to understand what you are going to side load before commiting to anything) and I did not like a bit the way that zip was operating on the device.
Long story short, I had 2 requirements:
1. to have root access to the device when I am at home - this can be accomplished with any TWRP (other custom recoveries) using `fastboot boot <recovery>.img`
2. to be able to change stuff on the /system filesystem (as a test I was copying /system/media/bootanimation.zip to /tmp and then back and that was rendering the phone unbootable)
I searched the web and found that the modern Android systems are kind of locked with so-called "verifiable boot". There are multiple parts of that solution, but we are interested in the removing the verification of the /system filesystem.
The check is built in to the kernel and cannot be disabled with a kernel command line parameter. However, looking into the documentation to the "verifiable boot" implementation I found that the trigger to do the verification is the "verify" flag set inside the fstab file.
Thanks to the author of the MultiScript-MZP-V2 archive I had all the tools at hand on the device to test my theory, so I `dd`'ed the boot partition into a file, unpacked the resulting boot.img file, unpacked the ramdisk, removed the "verify" flag from /fstab.qcom, repacked the ramdisk back, rebuild the boot.img file, and `dd`'ed it back to the boot partition.
Once I did that, I rebooted the phone to confirm that it is still bootable -- it was. The next step was to boot into the TWRP and replace something on the /system filesystem - I prepared a custom bootanimation.zip file for this (so I could easily see the result ). I booted into the TWRP, mounted /system in read/write and did `cat /tmp/my_boot_animation.zip > /system/media/bootanimation.zip` (the reason for the redirect is that I did not have SELinux tools and wanted to preserve the original SELinux context of the bootanimation.zip file).
After the reboot I saw my custom boot logo and the boot sequence, which confirmed that the theory worked as expected. So, now I have the original kernel from the manufacturer (I do not trust kernels sourced from the net and it is either the one I got from upstream or the one I built myself), have the ability to modify the /system filesystem as I see fit, and do not introduce unnecessary risk of running escalated applications on my phone.
P.S. I struggled with the bootanimation.zip a bit, but in the end I found that the keypoint is to ensure that the zip file is a container for files (i.e. zip with no compression at all - `zip -0 bootanimation.zip file1 file2 ...`)
Interesting..
Sent from my XT1635-01 using Tapatalk
I try to share my experience about this cheap phone (bought I think for 45€ : was the cheapest of the hypermarket, around 2019).
Here are some specs : https://www.gsmarena.com/wiko_sunny3-9733.php
First of all, this is a SPD (Spreadtrum) based device, not MTK (Mediatek). (Surely, it would have been easier on an MTK Wiko like the Jerry...)
My goal was to get root access and finally try to install a big-tech free system alternative.
I confess, I spent about one month on it. Here are my findings and the final result I could achieve.
Long story short : I could not get root (I'll explain it below). But I could "un-google" it as much as it is possible without breaking anything essential.
Here is the story and it's lessons learned, in a hopefully logical order.
1. Tried all (really all!) available "out of the box" rooting apps without any result.
2. However there is an "allow unlock bootloader" switch in the "developper settings" (once taped a couple of times on the "build" of the system menu...)
there was no way to really "unlock" it using any appliable fastboot command (tried really everything).
3. Magisk (latest or any other) could not patch the boot.img (or recovery.img).
As root access means the ability to get at some point a writable filesystem, and as this is mounted by boot/recovery.img, this is the key process here.
4. So I went to linux to modify them : tried again all dedicated tools to unpack, edit and repack the boot and recovery.img.
mkbootimg/unpacbootimg, abootimg, but it turns out, they don't repack the files in an acceptable way for this system.
Independently from change made or not (in some .rc file inside the ramdisk, initrd), those usual dedicated tools just cannot repack the file correctly, at least for this device.
Lastly, when I tried bootimg.exe (for windows) of "cofface" (https://github.com/cofface/android_bootimg/blob/master/bootimg.exe)
I could find out that it extracted an other file that abootimg and others was not even aware of : dt_image (binary having an SPRD header).
And this (avesome) tool is able to repack it with it.
But now, the new boot.img was 12Mo and not 36Mo as before. Turns out there is a huge empty (00 bytes) overlay, and a vbmeta (AVB) signature, somewhere at a precise place and at the end of the file.
So I completed and patched the file by a hex editor, to make it the same as the original one. (There were also some 2 "minor" diffs at the beginning of the file that I tried every combination with to make the device boot with it. No way.
I believe now, fdl2-sign.bin, one of the two mandatory required files to flash anything on the device (that gets allways flashed first), checks the signature of boot.img (and recovery.img), so a modification of these would need a brand new signature. (Tell me if I'm wrong: I'm not a pro) And I gave up at this point.
5. Before (understanding the above), I tried also by just changing system/vendor to make root tools available :
Mounted on Linux : strangely, when the filesystem was rebuilt by "make_ext4fs" the flashing crashed, but just unmounting it and then "img2simg" to get the android "spars" format, worked fine (despite for ex. the record of the mountpoint inside the file).
I tried to add all the necessary files (su, busybox, etc.) to "system "and "vendor"... retoutching everythig back to original time stamps, etc.etc.
but the loaded system denies access to all "new" files (and also to some others). Then I tried to change some "policies" files in /etc/selinux (like plat_sepolicy.cil), only trying to get how it works (I added some lines about my files taking as example a well authorized binary)... if ever the added binaries could be accessed even on a -ro filesystem. But nothing changed.
All file added or modified, such as a new bootanimation.zip, becomes "access denied" as well, despite adding them to policies files.
Same for some "new" sounds to media folder : they will be listed but not played (so you only get silenced wake-up instead .
6. After that I decided to un "big-tech"(BT) everything and replace as much (BT tracked) functions as possible by "clean" FOSS apps from F-Droid.
And this, at my surprise, I could get it through 100% (I believe).
The idea in short :
1 - make a clean firmware flush (perhaps with already reduced preinstalled apps)
2 - uninstall/deactivate on the device anything you want and can, replace needed default apps (by FOSS equivalent), especially the launcher(wiko app starter).
3 - edit system and vendor (on linux), delete unwanted apps (making according changes on some .xml control files doesn't change anything and only might cause problems: just deleting the packages seems enough here)
4 - then reflash only the modified system and vendor (reboot and see)
Now, for those who (I would like to say "hate" BT enough to accept loosing the shiny comfort they offer, but lets say) want to get rid of preinstalled privacy breaking BT apps, here is the howto : (with explanation for also the novice)
a) First, download the latest firmware update :
Wiko Mobile : Customer Area / Connection.
customer-world.wikomobile.com
b) Launch the app and push the start flushing button (play button). This will unpack the boundled .pac file into a temporary directory (into the app folder's "ImageFiles\_DownloadFilesE10_2C10D_0" : the suffix changes at each startup. Save this folder to somewhere else (because quiting the app will erase it).
c) Now you need to launch a linux OS, (that can of course access the saved rom files) mainly to mount and modify system.img and vendor.img.
I will detail this for the novice.
Basically, open any teminal, then install if its not yet done, the following needed tools :
sudo apt-get install e2fsprogs
sudo apt-get install android-tools-fsutils
to use Midnight Commander which will save you a lot of time, make also a
sudo apt-get install mc
Then "sudo mc".
Once in MC, do Ctrl+o to switch (back and forth) to command line
d) Uncompress the system+vendor image files, mount, modify, then umount and recompress them :
Uncompress by : "simg2img vendor.img vendor-whatever.img" (same with system.img)
Then (create some "sys", "ven" folders) and : "mount system-whateweryoucalledit.img sys -rw" (thats all, same for vendor).
It turns out, you can just easyly erase some apps (but not anything!) and they just won't be installed, or will "disappear" if they were...
You can delete already from system: in "app" and "priv-app" folders any Facebook related app or service, plus Youtube, Chrome, Gmail... Duo, Messages, TTS, Calendar, Maps. From vendor: Photos, Music, Contact (and also Chrome vendor overlays). Normally you could only deactivate them from the device, but that way they won't be present at all.
You can also edit /etc/prop.default, as follows, but honestly, I did not recognized anything really working, except the sys.usb config and mock.location (allowing fake gps position app).
ro.secure=0 ---> these 2 doesn't seem to do anything without a patched boot.img
security.perf_harden=0
ro.adb.secure=1 ---> needed, otherwise you won't get adb access dialog
ro.allow.mock.location=1 ---> allows fake gps app
ro.debuggable=0 ---> if 1: will just crash "developper settings" because of its defaults
persist.sys.usb.config=none ---> you will be free to set it
Do not try to "ro.adb.secure=0" because you just won't get confirmation box for trusted adb connection attempts and they just won't work!
Same, don't be tempted by "ro.debuggable=1" bacause you will not even be able to access "developper options" any more as its defaults will conflict with this setting an it will just crash over and over. I did it, I payed the price to start it over again...
Now, it seems, ro.secure=0 and security.perf_harden=0 does just nothing as well, without being able to modify boot.img first.
Changing eventually "ro.build.type=user" (in system/build.prop or anywhere else) to "eng" or to "userdebug" makes just the flashing operation to crash. (same by patching boot/recovery.img in hex mode (which looked attractive at first sight) but led to flush crash as well, mainly for the vbmeta thing I tried to describe above.
When finished, just "umount sys" and "umount ven"
Then recompress the files by "img2simg vendor-whatever.img vendor.img" (same with system).
(This first amputation and further, could be done perhaps later all at once, but thats how I did. Of course its about to avoid first installations but without breaking the setup process.)
e) Flash the new firmware to the device, replacing system and vendor.img by the modified files :
The modified files shouldn't be bigger than the original ones, at least not bigger than their size stated (in Mb) in the k120.xml (system:1400,vendor:300) but there is no reason anyway as after my experience all added files will become "access denied". (Should they become bigger than that you will have to change these values in k120.xml and re-pac them (using spd research tool, that will update k120.xml) before using them again, otherwise the flashing will fail.)
So now, get ready for the flashing:
Un mount the back cover of your Wiko Sunny 3, remove for a few seconds the battery, then replace it.
Now, here is something I had to figure out myself because there isn't anywhere a clear description of it, and this is foundamental to be able to flash :
First thing to do is to launch your flashing software, choose the pac file if necessary and push the action button to get ready for the device's connection.
You can wait some time, while the app unpacks the included .pac file. (spd factory/research tools lets you choose your pac file, the one downloaded refers to it only through its .ini file).
So pushing the "start flashing" still nothing happens, the flashing app (unpacks the pac file and) just waits for the devive to connect... This can last forever, don't worry.
Now, to be able to connect de device in service/flashing mode, it should NOT go into charging mode when you connect it.
Thats why, you have to connect the (computer) USB slot by pressing continuosly volume up on the device (after havig removed and reinserted the battery) AND wait until the app detects it and starts the transfer. Do not release the volume-up until it gets at least 3-4%. (Many guides speak about 3 sec or so, the only thing accurate is that the app starts effectively the transfer.) If you release it too quick, the phone goes into charging mode and the COM port used to flash closes, and you will need to repeat the operation.
(And of course you need all required drivers loaded previously. The driver for flashing is called SPRD or SPD Driver R4.20.4201: seems the latest)
If successful, the device gets rebooted.
---------
Here I'd like to ask some pros of XDA : what signal boots the device after flashing? Can it be reproduced without flashing? In other words, can we start/boot an extincted device by USB signal? If yes, how ?
---------
As the first-time setup launches, just decline/skip ewerything, most of all the final wiko/vendor offer (this keeps you safe from vendor commercial services). Just get to the home screen.
See what you have got.
f) Now, setup your anti big-tech privacy free environment. For example, deactivate google play including its service. (Yes, "big-tech haters" don't rely on this ;-)
To know where are the spies, I installed TrackerControl (version 2022.02.10 from F-droid) which gives enough info on that even without root. You will be surprised. There are "feedbacks" to google, to the vendor, and also to Microsoft, even without launching anything, just the wifi on. Even the caller app has trackers...
The best thing is that this (GPL) app lets you know what package causes the leak. You can just write them down, for later deletion.
It turns out, I could delete all of them (mainly from system.img, monted again on Linux) without that anything breaks.
I replaced the caller/dialer, calender, contact, everything, by new default apps. Replaced the Wiko launcher by the Fairphone launcher (from F-Droid).
I installed ungoogled chromium from https://github.com/wchen342/ungoogled-chromium-android/releases (chrome public). (Strangely could not install other browsers!). I replaced Google TTS by "eSpeak NG" (the final config is a little bit tough : have to download "espeak-ng-data" (voices) and push it to the "sdcard" then, slowly, it finds it and it works. (Well, ok, its not the fine google tts thats far the best actually, but its still a tts...) And yes, there is still the keyboard to tap keywords to look for. ;-)
g) When done, take and mount again the system.img file (you flashed) and take out what (following the list of tracker apps found by "TrackerControl", which are mainly (for me) : (for howto, see d) above)
/system/priv-app/phonesky // playstore : com.android.vending
/system/priv-app/GoogleDialerGo // contains trackers!
/system/priv-app/GmsCore // googleplayservices (yes it works without it)
/system/priv-app/WIKOSetupWizard
/system/priv-app/WIKOLauncher // easyly replaced (by Fairphone's 1/2/3)
/system/priv-app/WIKOInstaller
/system/priv-app/AppCloud // wiko appstarter (77 trackers)
/system/priv-app/SearchSpeachService // (google) tracker by definition
/system/priv-app/AntitheftPlugin
can be removed as well (and still some others, but its more wise to stop here, till it still works ;-)
NB : The 3 "Vital-app", probably commercial boudles, must be really present but they can be uninstalled cleanly (weather, smart-assistance, gaming).
Finally, enjoy your non-rooted, but privacy tuned Wiko Sunny 3, and install clean FOSS apps from F-Droid (or from elswhere).
One more thing: Its not because an app is "free and open source" that it won't track you : choose your apps carefully, observing all permissions they ask for.
For example, there isn't much acceptable explanation for a calculator to claim "full network access" or a game to be "launched at startup" or get "system configuration" rights.
And sadly, as we still do not have root access on this device, there isn't much control available on apps, permissions, network or system. But it is possible now to free it from big-tech trackers, as much as possible.
Of course, as usually in these cases, I cannot guarantie anything. It just worked for me like that (reproduced several times), and I think there is no reason that for anybody else it would produce a differet outcome.
Your comments are allways welcome.