I'd like to root my Kindle Fire (2nd gen, I think - system version is 6.3.4_user4120720). I can't post a link to the method I'm planning to use, but a google search for "techhive how to root your kindle fire pcworld" will take you right to it.
My questions: Which version of the Android OS will I end up with when this process is done? Once the Kindle is rooted, is it then possible to install later (or the latest) versions of the OS, or does the device itself limit what can be installed?
The reason I want to root is that as certain web sites have become more complicated, the Silk browser has become pretty much useless. It's almost impossible to read the news any more. Pages bounce all over the place, or the browser crashes as pages load their nonsensical graphics and animations. I'm hoping that rooting will open up options for installing a better browser. In addition, my Kindle is no longer able to run the current version of Dropbox, which is important to me. And finally, it'll be refreshing to get rid of the stupid carousel!
Hi there,
Rooting a device doesn't change the version of Android.
Please use this forum to ask for help: http://forum.xda-developers.com/kindle-fire-hd/7-inch-help
Good luck.
Thanks. I somehow missed that forum section.
Primokorn said:
Hi there,
Rooting a device doesn't change the version of Android.
Please use this forum to ask for help: http://forum.xda-developers.com/kindle-fire-hd/7-inch-help
Good luck.
Click to expand...
Click to collapse
Hi Guys,
I am new to Android (a noob) - Started with flashing some custom ROMs on my devices and i am bothered by the security of my device, although android is open source, is it possible that a custom ROM is bugged to steal your personal or financial information? I don't have any experience with android development and i don't have time to jump into Android development so even if the ROM is open source i wont be going through the code to check for leaks or potential built-in hacks.
Basically my question is, is it safe to install Unofficial ROMs such as CM unofficial? I understand, the majority of apps store sensitive data on device in encrypted way but still, i don't think it will be hard to just modify the ROM to develop a built-in key-logger OR read username/password from a username/password fields while user is typing using an on-screen keyboard, save it as LOG file and when connected to the internet, send it to the 'unknown' source. I can see so many possibilities, the user wont even have a clue that they are sharing data. it is like Microsoft making windows Open Source and people making their own versions of Windows and users installing them on thier PCs.
Please help me understand - How safe are our devices when running on custom ROMs from developers we don't even know (no disrespect to any dev, all this amazing work is appriciated, I just want to understand the security of android - Please help me understand as after flashing custom ROMs on my devices i am avoiding installation of sensitive apps or even using chrome to type my passwords) - am i paranoid ?
Cheers
It's entirely possible that a malicious custom ROM could steal your data (or worse), and there's really no technical way to mitigate it. You're implicitly trusting the developer of a ROM by flashing it. All you can really do is make sure that whatever ROM you choose is from a well-known, trusted developer.
aliusman999 said:
Hi Guys,
I am new to Android (a noob) - Started with flashing some custom ROMs on my devices and i am bothered by the security of my device, although android is open source, is it possible that a custom ROM is bugged to steal your personal or financial information? I don't have any experience with android development and i don't have time to jump into Android development so even if the ROM is open source i wont be going through the code to check for leaks or potential built-in hacks.
Basically my question is, is it safe to install Unofficial ROMs such as CM unofficial? I understand, the majority of apps store sensitive data on device in encrypted way but still, i don't think it will be hard to just modify the ROM to develop a built-in key-logger OR read username/password from a username/password fields while user is typing using an on-screen keyboard, save it as LOG file and when connected to the internet, send it to the 'unknown' source. I can see so many possibilities, the user wont even have a clue that they are sharing data. it is like Microsoft making windows Open Source and people making their own versions of Windows and users installing them on thier PCs.
Please help me understand - How safe are our devices when running on custom ROMs from developers we don't even know (no disrespect to any dev, all this amazing work is appriciated, I just want to understand the security of android - Please help me understand as after flashing custom ROMs on my devices i am avoiding installation of sensitive apps or even using chrome to type my passwords) - am i paranoid ?
Cheers
Click to expand...
Click to collapse
You are paranoid but that's good!
Yes we are trusting the devs (or Samsung et al with stock) AND hopefully smart coders who regularly check the code (but I suspect checking doesn't happen a lot!). You can use a firewall/packet sniffer to check what servers your phone is connecting to and see (some) of the data being sent to reduce your risk and put your mind at ease. But still it's no guarantee, as I understand it (I'm no expert!).
---
trainsuit said:
If you get a stock android you are also trusting the developer. Just look at these lenovo laptops which had malware served on their stock windows versions. Best is to always start clean when buying any form of product.
Click to expand...
Click to collapse
That's true, but how do you define ”clean”? In theory, you could build AOSP for your device yourself so you're only trusting Google, but that's completely impractical for most people. If you just switch from stock to someone else's custom ROM, you're just changing who you're trusting.
---
Perhaps it's a silly question but I do it: do you think that a XDA Senior Member with one or two thousand of thanks is reliable?
Bach_J said:
Perhaps it's a silly question but I do it: do you think that a XDA Senior Member with one or two thousand of thanks is reliable?
Click to expand...
Click to collapse
Another question for you: if a ROM has malicious code that send personal information to unknown servers, is using a firewall like AFWall+ twhich blocks all system apps sufficient to prevent this malicious ROM to stole data?
Thanks
Bach_J said:
Perhaps it's a silly question but I do it: do you think that a XDA Senior Member with one or two thousand of thanks is reliable?
Click to expand...
Click to collapse
Probably.
Bach_J said:
Another question for you: if a ROM has malicious code that send personal information to unknown servers, is using a firewall like AFWall+ twhich blocks all system apps sufficient to prevent this malicious ROM to stole data?
Thanks
Click to expand...
Click to collapse
No, a custom ROM could make data look like it's coming from any app it wants, or just bypass the firewall completely.
josephcsible said:
No, a custom ROM could make data look like it's coming from any app it wants, or just bypass the firewall completely.
Click to expand...
Click to collapse
Alternatively if the device is on your own network you could wireshark it using a computer and monitor IP addresses that the device attempts to connect to.
LyricalMagical said:
Alternatively if the device is on your own network you could wireshark it using a computer and monitor IP addresses that the device attempts to connect to.
Click to expand...
Click to collapse
This is helpful but not perfect. There's a bunch of ways to stealthily exfiltrate data over a monitored network, and don't forget a malicious ROM might only do its dirty work over cell and not Wi-Fi for this very reason.
josephcsible said:
This is helpful but not perfect. There's a bunch of ways to stealthily exfiltrate data over a monitored network, and don't forget a malicious ROM might only do its dirty work over cell and not Wi-Fi for this very reason.
Click to expand...
Click to collapse
I agree with you it's not a perfect solution; this question is sort of like asking if you can trust someone who has a root account to your computer when you cannot see what they are doing, it's an incredibly disadvantaged situation from the start.
LyricalMagical said:
I agree with you it's not a perfect solution; this question is sort of like asking if you can trust someone who has a root account to your computer when you cannot see what they are doing, it's an incredibly disadvantaged situation from the start.
Click to expand...
Click to collapse
I don't want to flash custom ROMs anymore! :crying:
It can be very dangerous! Or am I paranoid and I can trust xda developers?
Bach_J said:
I don't want to flash custom ROMs anymore! :crying:
It can be very dangerous! Or am I paranoid and I can trust xda developers?
Click to expand...
Click to collapse
Remember, everything I've been saying is reasons not to flash a ROM unless you trust the dev. None of it is saying that devs aren't trustworthy. I don't know of a single instance when a well-respected XDA member's ROM turned out to be malicious.
josephcsible said:
Remember, everything I've been saying is reasons not to flash a ROM unless you trust the dev. None of it is saying that devs aren't trustworthy. I don't know of a single instance when a well-respected XDA member's ROM turned out to be malicious.
Click to expand...
Click to collapse
Thank you for clarifying that but the question comes once more: how to recognize a well-respected XDA member? With the number of thanks? It is obvious that if the smartphone you are interested in is not so famous, there will be few comments on custom ROMs, too. So, how to evaluate the reliability of a xda dev who is developing ROM for not-well-known devices?
Are ROMs in Original development Section trustworthy?
Bach_J said:
Thank you for clarifying that but the question comes once more: how to recognize a well-respected XDA member? With the number of thanks? It is obvious that if the smartphone you are interested in is not so famous, there will be few comments on custom ROMs, too. So, how to evaluate the reliability of a xda dev who is developing ROM for not-well-known devices?
Are ROMs in Original development Section trustworthy?
Click to expand...
Click to collapse
Number of thanks can hardly tell that a dev is reliable or not(in some cases it can), rather it's the quality of their work and their expertise on the related topics that could clarify their position a bit. the recognized contributors, recognized developers, recognized themers you should look at cause
these are given to a member after being checked and passed by moderaters here on XDA. So they are pretty much reliable guys. in cases where there are no recognized developers and hardly any comments. you will have to check and find out yourself
1. ask the dev if he has tested the ROM himself?
2. how did he compiled the ROM? is it a port or just a modified copy of another ROM or a build from source.
3. check the link of the download, if it's to some survey site or ask for a password, stay away from it.
4. if you trust the download link, then download scan with antivirus and unzip the file.
5. generally I look inside app if there are apps which I don't trust and I remove them, then check build.prop, init.d folders. basic things to look for is any references of some other website/ports in between codes. if you're more paranoid you can check bin folder as well and every other you want.
6.don't install the ROM simply Root and debloat.
billysam said:
Number of thanks can hardly tell that a dev is reliable or not(in some cases it can), rather it's the quality of their work and their expertise on the related topics that could clarify their position a bit. the recognized contributors, recognized developers, recognized themers you should look at cause
these are given to a member after being checked and passed by moderaters here on XDA. So they are pretty much reliable guys. in cases where there are no recognized developers and hardly any comments. you will have to check and find out yourself
1. ask the dev if he has tested the ROM himself?
2. how did he compiled the ROM? is it a port or just a modified copy of another ROM or a build from source.
3. check the link of the download, if it's to some survey site or ask for a password, stay away from it.
4. if you trust the download link, then download scan with antivirus and unzip the file.
5. generally I look inside app if there are apps which I don't trust and I remove them, then check build.prop, init.d folders. basic things to look for is any references of some other website/ports in between codes. if you're more paranoid you can check bin folder as well and every other you want.
6.don't install the ROM simply Root and debloat.
Click to expand...
Click to collapse
Thanks for the complete explanation!
billysam said:
Number of thanks can hardly tell that a dev is reliable or not(in some cases it can), rather it's the quality of their work and their expertise on the related topics that could clarify their position a bit. the recognized contributors, recognized developers, recognized themers you should look at cause
these are given to a member after being checked and passed by moderaters here on XDA. So they are pretty much reliable guys. in cases where there are no recognized developers and hardly any comments. you will have to check and find out yourself
1. ask the dev if he has tested the ROM himself?
2. how did he compiled the ROM? is it a port or just a modified copy of another ROM or a build from source.
3. check the link of the download, if it's to some survey site or ask for a password, stay away from it.
4. if you trust the download link, then download scan with antivirus and unzip the file.
5. generally I look inside app if there are apps which I don't trust and I remove them, then check build.prop, init.d folders. basic things to look for is any references of some other website/ports in between codes. if you're more paranoid you can check bin folder as well and every other you want.
6.don't install the ROM simply Root and debloat.
Click to expand...
Click to collapse
I've just unzipped ROM but I can't find what you said. I've only found build.prop and nothing else!
Here a screenshot:
Bach_J said:
I've just unzipped ROM but I can't find what you said. I've only found build.prop and nothing else!
Here a screenshot:
Click to expand...
Click to collapse
That's because lollipop and marshmallow ROM files are further zipped into system.new.dat files which needs another method to extract, https:\\forum.xda-developers.com/android/help/extract-dat-marshmallow-lollipop-easily-t3334117
Just a small correction. When going to aosp you I ly are trusting yourself as you can inspect everything you add and remove what you don't.
Now to add to your paranoia. A custom rom could be made that allows all apps root permission without the users knowing. Add in a Key logger and have e it all headed without you ever knowing. This is common is xiaomi and other china based devices.
Heck there are a few key parts in the playstore with built in Key loggers.
Heck most of the go apps send all their data to China. Things like their Keylogger files, screen recording and device usage. But mind you it is all legal
I discussed this with Forum Admin MikeChannon in advance of posting here. He said the link would be allowed because I'm just asking folk to have a quick look then come back to XDA to discuss it.
I just saw an article over at https://www.androidinfotech.com/moto-g7-power-android-10-ocean/ that details various ways the G7 Power can be upgraded to 10. I am interested in the method that doesn’t require PC support, can this really be true?
zapjb said:
I discussed this with Forum Admin MikeChannon in advance of posting here. He said the link would be allowed because I'm just asking folk to have a quick look then come back to XDA to discuss it.
I just saw an article over at https://www.androidinfotech.com/moto-g7-power-android-10-ocean/ that details various ways the G7 Power can be upgraded to 10. I am interested in the method that doesn’t require PC support, can this really be true?
Click to expand...
Click to collapse
Doesn't look like RetUS is included.
Just Retail, RetEU and RetIN
You don't want to use an ota for a different software channel.
Sent from my Moto E (4) using Tapatalk
Thank you sd_shadow.
I don't think it particularly matters that the web page only shows links to 3 regions - they are just links to lolinet so you should be able to just grab the relevant file from the correct region and use that in the process.
That said, I have tried it and it doesn't seem to work. Whether this is because the process hasn't been tested before publishing, whether different phones/manufacturers use different locations for storing OTA files or something else, I don't know.
I have tried putting the file in many different locations but the update app never detects it in the way that the link implies it should.
I'd be interested to see if anyone has actually been able to use this method.
Sent from my moto g(7) power using Tapatalk
zapjb said:
I discussed this with Forum Admin MikeChannon in advance of posting here. He said the link would be allowed because I'm just asking folk to have a quick look then come back to XDA to discuss it.
I just saw an article over at https://www.androidinfotech.com/moto-g7-power-android-10-ocean/ that details various ways the G7 Power can be upgraded to 10. I am interested in the method that doesn’t require PC support, can this really be true?
Click to expand...
Click to collapse
You can't flash neither a complete firmware build this way nor OTAs.
OTA.zips contain a META-INF folder like a flashable.zip for Custom Recoverys do. But this could be related to the option "apply update from sdcard" in stock recovery.
FW .zips only have a flashfile.xml sheet used for all the flash tools. I don't think you are able to use the updater app while installing a complete new firmware.
mr nick said:
I don't think it particularly matters that the web page only shows links to 3 regions - they are just links to lolinet so you should be able to just grab the relevant file from the correct region and use that in the process.
That said, I have tried it and it doesn't seem to work. Whether this is because the process hasn't been tested before publishing, whether different phones/manufacturers use different locations for storing OTA files or something else, I don't know.
I have tried putting the file in many different locations but the update app never detects it in the way that the link implies it should.
I'd be interested to see if anyone has actually been able to use this method.
Sent from my moto g(7) power using Tapatalk
Click to expand...
Click to collapse
The files need to be in a different format for ota, need a different script to be used with a recovery.
Sent from my Moto E (4) using Tapatalk
PROBLEM:
1. I need to find a forum where I can learn about rooting in a general way, not just a phone specific way. There are too many overlapping problems with my phone and issues that I am too undereducated to pinpoint. I thought learning how to root and flash stock-roms might be the best place to start. Book references or YouTube channels would also be wonderful.
2. I would also like to be pointed in the direction of what the problem might actually be if I am out in left field, and where to find that on this site as well.
HERE'S SOME OF WHAT I WANT TO LEARN IN THE FORUMS:
What is the difference between Rooting and Unlocking the Bootloader? Are they the same thing?
Will re-locking the bootloader resolve the certification issue like I read?
How do I lock the bootloader again?
Can you fix UI crashes by re-flashing a phone's stock ROM?
How is a Factory reset different from a fresh stock-rom flash?
If factory reset doesn't stop the UI Crashes, will re-flashing the stock rom have a different effect?
Etc.
DETAILS:
I purchased a Razer 2 Phone and unlocked the bootloader but it was a long time ago and I don't remember what I did. I did some research and it looks like when I did that my Google Play Store lost its certification. I think that it is causing app bugs and failures but I am not sure because the phone's UI sytem, bluetooth and Wi-fi have been crashing before I tampered with anything when I first bought the phone online. Bluetooth and Wi-fi don't stay on and toggle themselves off. There is also no Bluetooth or Wi-Fi address in the system info. It makes me think that my Door Dash app bugs might be more than one thing.
I work for Door Dash and it's my main income so I need my app to work and I think that the bad certification is causing problems with my Door Dash App. But the Razer also needs a software repair.
Pernilex said:
PROBLEM:
1. I need to find a forum where I can learn about rooting in a general way, not just a phone specific way. There are too many overlapping problems with my phone and issues that I am too undereducated to pinpoint. I thought learning how to root and flash stock-roms might be the best place to start. Book references or YouTube channels would also be wonderful.
2. I would also like to be pointed in the direction of what the problem might actually be if I am out in left field, and where to find that on this site as well.
HERE'S SOME OF WHAT I WANT TO LEARN IN THE FORUMS:
What is the difference between Rooting and Unlocking the Bootloader? Are they the same thing?
Will re-locking the bootloader resolve the certification issue like I read?
How do I lock the bootloader again?
Can you fix UI crashes by re-flashing a phone's stock ROM?
How is a Factory reset different from a fresh stock-rom flash?
If factory reset doesn't stop the UI Crashes, will re-flashing the stock rom have a different effect?
Etc.
DETAILS:
I purchased a Razer 2 Phone and unlocked the bootloader but it was a long time ago and I don't remember what I did. I did some research and it looks like when I did that my Google Play Store lost its certification. I think that it is causing app bugs and failures but I am not sure because the phone's UI sytem, bluetooth and Wi-fi have been crashing before I tampered with anything when I first bought the phone online. Bluetooth and Wi-fi don't stay on and toggle themselves off. There is also no Bluetooth or Wi-Fi address in the system info. It makes me think that my Door Dash app bugs might be more than one thing.
I work for Door Dash and it's my main income so I need my app to work and I think that the bad certification is causing problems with my Door Dash App. But the Razer also needs a software repair.
Click to expand...
Click to collapse
Welcome to XDA,
I would recommend this>
1. Type your desired device for rooting
2. Hit search
3. Once located your device, head to Upgrading and Modifying sub section
4. Be prepared to read a loooot!
5. Practice in your device (try not to brick it)
6. Done!
For this questions there is no general rule you can apply, it will always depend on the device you try to root
What is the difference between Rooting and Unlocking the Bootloader? Are they the same thing?
Will re-locking the bootloader resolve the certification issue like I read?
How do I lock the bootloader again?
Can you fix UI crashes by re-flashing a phone's stock ROM?
How is a Factory reset different from a fresh stock-rom flash?
If factory reset doesn't stop the UI Crashes, will re-flashing the stock rom have a different effect?
Enjoy your stay
Pernilex said:
I need to find a forum where I can learn about rooting in a general way, not just a phone specific way.
Click to expand...
Click to collapse
@Pernilex
Regarding your request. There're quite a few tutorials available like e.g. the ones of @AlaskaLinuxUser. Just use the search function:
[Guide][Video Tutorial] How to build Custom ROMs and Kernels![10,P,O,N,M,L]
Hey everyone! There is also a telegram channel where you can drop in for some help: https://t.me/joinchat/HR_8JgyDBdw_DvmndPl0kg I really hope that you have enjoyed the series, and that it was helpful to you in your Android career! Praise...
forum.xda-developers.com
[Guide][Video Tutorial] Intermediate to Advanced Custom Rom and Kernel Building
Hey everyone! There is also a telegram channel where you can drop in for some help: https://t.me/joinchat/HR_8JgyDBdw_DvmndPl0kg I really hope that you have enjoyed the series, and that it is helpful to you in your Android career! Praise God...
forum.xda-developers.com
[Video Tutorials] XDA Etiquette, Compiling Custom Roms/Kernels
Praise God! A video tutorial about XDA etiquette! These videos express my personal opinion, and are not necessarily the opinion of XDA. I am not speaking on their behalf. This is just a video series that I put together based on a recommendation...
forum.xda-developers.com
or
[GUIDE] [how to] CREATE OWN ROM [FOR ANY ANDROID DEVICE] [FOR N00B] [EASIEST METHODS]
NOTE: THIS GUIDE WILL WORK ANY ANDROID DEVICE BUT HAS FEW EXTRA PRE-SUGGESTED LINKS FOR GALAXY ACE PLUS USERS. Special Thanks to - dsixda for his awesome kitchen. Please Hit Thanks button for him. inspired by isidromxz's thread. Please kindly...
forum.xda-developers.com
The XDA University might also be helpful:
XDA-University
Tutorials, How-To Guides and More. Learn about mobile phone development, hacking, flashing, rooting and many other topics!
forum.xda-developers.com
Regards
Oswald Boelcke
Senior Moderator
Hi there!
I am here to share my experience of using the Android system on kindle 8 gen(not the paperwhite or oasis) AND, most importantly, make a guide for it.
Big thanks to Microsoft and Google and their translator services (I do know Chinese but just a little)
ANYWAYS, here comes the guide...
MOD EDIT:Link removed.
-reserved-
-reserved-
MOD ACTION:
Thread closed and links removed.
@Nicknackpaddywack101
A compilation of links doesn't constitute a guide. A copy/paste job is also not permitted. Please write a proper guide, if you want to.