Captive Portal details (Android 11, LineageOS 18) - General Questions and Answers

Hello Forum,
Samsung Galaxy S4, just flashed MicroG's latest build of LineageOS 18 (Android 11). Using ADB, I wanted to change the value of captive_portal_https_url and associated globals to not ping connectivitycheck.gstatic.com. However, I find that these globals do not exist. They are not in the list of global settings, and commands like:
adb shell 'settings put global captive_portal_https_url "https://captiveportal.kuketz.de"'
do not succeed, the error message was something to the effect that this is inaccessible. I did tell ADB to root and remount, it does work to use similar syntax to change other globals. The captive portal check global is set to 1.
I read that Android 11 changed the handling of captive portal to use an API, but the documentation notes that "If the API is not available, or if no portal is advertised, the system will continue to detect portals and verify internet connectivity using HTTP/HTTPS probes, as before." So why am I not seeing the globals captive_portal_http_url, captive_portal_https_url, etc.?
( I have not actually connected the device to any network yet, as I wished to get rid of the google ping before doing so, if that is relevant.)
Thanks.

Sentient Being said:
Hello Forum,
Samsung Galaxy S4, just flashed MicroG's latest build of LineageOS 18 (Android 11). Using ADB, I wanted to change the value of captive_portal_https_url and associated globals to not ping connectivitycheck.gstatic.com. However, I find that these globals do not exist. They are not in the list of global settings, and commands like:
adb shell 'settings put global captive_portal_https_url "https://captiveportal.kuketz.de"'
do not succeed, the error message was something to the effect that this is inaccessible. I did tell ADB to root and remount, it does work to use similar syntax to change other globals. The captive portal check global is set to 1.
I read that Android 11 changed the handling of captive portal to use an API, but the documentation notes that "If the API is not available, or if no portal is advertised, the system will continue to detect portals and verify internet connectivity using HTTP/HTTPS probes, as before." So why am I not seeing the globals captive_portal_http_url, captive_portal_https_url, etc.?
( I have not actually connected the device to any network yet, as I wished to get rid of the google ping before doing so, if that is relevant.)
Thanks.
Click to expand...
Click to collapse
Did you have any luck figuring this out by any chance?

motomotomotoG said:
Did you have any luck figuring this out by any chance?
Click to expand...
Click to collapse
Did you get it figured out?

Maybe this help?
Enhanced Privacy, Security and Battery Duration! My Measures...
Purpose: To share my personal experiences how I achieved an enhancement of my battery’s life, privacy and security. INDEX: Post #1 - General Statements, ROM and Kernel. Post #2 - Privacy Measures and Considerations. Post #3 – Better Battery...
forum.xda-developers.com

Related

[APP][4.0+][v1.11 - 20150221] OpenConnect - SSL VPN client for Cisco AnyConnect

Highlights
100% open source (GPLv2+)
No ads
One-click connection (batch mode)
Supports RSA SecurID and TOTP software tokens
Keepalive feature to prevent unnecessary disconnections
Compatible with ARMv7, x86, and MIPS devices
No root required
Based on the popular OpenConnect Linux package
Click to expand...
Click to collapse
Requirements
Android 4.0 (ICS) or higher (with working VpnService + tun infrastructure)
An account on a suitable VPN server
Click to expand...
Click to collapse
Downloads
Binaries are attached to this post under the downloads tab.
Google Play: https://play.google.com/store/apps/details?id=app.openconnect
Source code: https://github.com/cernekee/ics-openconnect
F-Droid: https://f-droid.org/repository/browse/?fdid=app.openconnect
Click to expand...
Click to collapse
(note that the F-Droid binaries are signed by a different key than the official releases)
Changelog
Code:
v1.11 - 2015/02/21
- Fix "Unknown compression type 0" errors when CSTP and DTLS use
different compression settings
Older changelogs:
Code:
v1.10 - 2015/02/08
- Fix CSD script problem on Lollipop (bug #1)
- Fix IPv6 address display on status window (bug #2)
- Enable LZ4 compression support
- Identify as a mobile client when Android or iOS is selected
- Update to OpenConnect v7.04+, GnuTLS 3.2.21
v1.02 - 2014/09/02
- Fix regression on certificate handling
v1.01 - 2014/08/29
- Add Spanish translations (thanks to teosoft)
- Fix regression on CSD scripts starting with "#!/bin/sh"
- Improve error messages on broken ROMs that throw exceptions when
starting a VpnService
- Fix intermittent fragment-related crashes on ICS
v1.00 - 2014/08/10
- Fix problems storing >8kB certificates on some ROMs
- Clean up seldom-used menu items and move some options into General Settings
or About
- Integrate Xposed module for bypassing the VPN confirmation dialog
- Switch to ACRA for problem reporting
v0.96 - 2014/07/06
- Force a minimum MTU of 1280 on KK due to bugs in 4.4.3 and 4.4.4 ROMs:
https://code.google.com/p/android/issues/detail?id=70916
- Fix navigation anomalies (weird Back button behavior) seen after
re-entering OpenConnect from one of the Notifications
v0.95 - 2014/06/14
- Show the auth dialog <message> text in case it contains useful information
- Add German translations (thanks to Ingo Zansinger <[email protected]>)
- Add Chinese translations
- Add Advanced options for changing Dead Peer Detection timeout and enabling Perfect Forward Secrecy
- Clean up a bunch of lint warnings and unused strings/files
- Try to generate a human-readable profile name when adding a new VPN
v0.91 - 2014/06/01
- Fix bugs involving saved authgroups
- Fix batch mode error handling
- Update to GnuTLS 3.2.15 to fix GNUTLS-SA-2014-3 / CVE-2014-3466
v0.9 - 2014/04/26
- Add new "Send feedback" screen
- Add new "SecurID info" screen for RSA soft token users
- Allow changing settings and using other menu options (about, SecurID,
send feedback, etc.) while connected
- Update FAQ and provide some links to relevant XDA posts
v0.81 - 2014/04/06
- Fix potential issue recognizing certificates stored in VPN profiles
created with <= v0.7
v0.8 - 2014/04/02
- Fix hangs after reconnect if DTLS is disabled
- Fix incorrect storage of PKCS#12 certificates
- Remove unnecessary passphrase prompts on unencrypted certificates
- Add a workaround for ASA certificate request quirks
- Fix FC when attempting to import an OpenVPN profile
v0.7 - 2014/03/08
- Update GnuTLS to address CVE-2014-0092
- Fix FC and other misbehavior on IPv6 connections
- Update to libopenconnect 5.99+
- Fix/delete several broken translations
- Minor improvements to the auth form UI
- Switch curl from OpenSSL to GnuTLS and remove advertising clauses
v0.6 - 2014/02/09
- First release in Google Play Store
- Change to new "big O" launcher icon
- Avoid displaying error alerts if the user terminated the connection
- Try to make the libopenconnect build process more robust, and strip *.so
files to conserve space
v0.5 - 2014/02/01
- Fix "living dead" connections (can't pass data after reconnection due to
DTLS parameter mismatches)
- Add FAQ tab in response to user feedback
- Move log window into a tab
- Reorganize action bar so that the most important items (Status/Log/FAQ)
are tabs, and less important items (Settings/About) are in the menu
- Fix KeepAlive socket errors on KitKat devices
- Other UI and documentation fixes
- Add split tunnel configuration options
- Improve icons
v0.2 - 2014/01/18
- Allow SecurID token import via URI or text file
- Newly reworked "status" tab with uptime, error alerts, IP addresses,
etc.
- Fix a couple of bugs involving screen rotation / activity redraw on
the log window
- Prompt for hostname instead of profile name when adding a new VPN, to
help avoid "empty hostname" mistakes
- Numerous other UI improvements and fixes
- Remove "reconnect on boot" until it works properly
- Try to accommodate Linux CSD wrapper scripts starting with "#!/bin/bash"
Click to expand...
Click to collapse
FAQ
Q: What is this app used for?
A: OpenConnect is used to access virtual private networks (VPNs) which utilize the Cisco AnyConnect SSL VPN protocol. A typical use case might involve logging into your workplace remotely to check email after hours.
If in doubt, check with your I.T. administrator to see if a suitable service is available.
Q: How do I get started?
A: In most cases, you'll just need to create a profile and enter the hostname of the VPN gateway. The other fields in the profile are all optional and should be left alone unless there is a specific need to change them.
Once you've set up the profile, select the VPN entry and OpenConnect will attempt to establish a new session. If this fails, the "Log" tab may provide helpful diagnostic information.
Q: How do I authenticate using an SSL client certificate?
A: Copy your certificate files to Android's external storage directory (nominally /sdcard or the Downloads folder), then edit the VPN profile and make the following changes:
P12 or PFX file: select "User certificate", pick the file from the list, then touch "select". Leave "Private key" blank.
Single PEM/CRT/CER file: same as above.
Separate PEM/CRT/CER and KEY files: populate "User certificate" with the certificate file, and "Private key" with the key file.
When finished, delete the certificate files from external storage so they cannot be stolen by other apps.
If you are generating your own keys (e.g. for use with your ocserv gateway), some basic CA setup instructions are posted here.
Q: Will OpenConnect work with non-AnyConnect VPNs?
A: Unfortunately the software design is tied very closely to the AnyConnect requirements and the libopenconnect interfaces. Therefore it only works with Cisco AnyConnect and ocserv gateways.
Q: Will OpenConnect work with Cisco IPsec VPNs running on an ASA?
A: OpenConnect supports SSL VPN (CSTP + DTLS) only.
Q: How do I import a SecurID software token?
A: If you have an URL that starts with "com.rsa.securid.iphone://" or "http://127.0.0.1/securid/" in your email, click on it and tell OpenConnect to add it to the desired VPN profile. If you just have a raw token string then write it to a text file, copy it under /sdcard, click "Token string" in the VPN profile editor, then select the filename.
If you have an "sdtid" XML file, copy it to /sdcard and then import it.
Q: Is it possible to skip all login prompts when connecting?
A: If you have saved your username, password, or other credentials, or if you are using SecurID or certificate authentication, you can try enabling "Batch Mode" in the VPN profile to skip the login dialogs. If you need to change your saved password later or have trouble connecting, just disable batch mode.
The VPN warning dialog is a security feature built into the Android OS. It cannot be bypassed by OpenConnect, but if your device is rooted, you can try installing the Xposed Framework and then activating the Auto VPN Dialog Confirm module. Some notes on this are posted here.
Due to the user interaction required by these dialogs, it is not always possible to reliably start up the VPN in the background. So a "start-on-boot" feature is not currently provided.
Q: How do I improve battery life while the VPN is up?
A: One option is to select "Pause when asleep" under Settings. The downside is that VPN access will be temporarily stopped when the screen is off. Also, ASA gateways sometimes get annoyed with constant reconnections and may prematurely terminate your session after a few days.
Another option is to contact your server administrator and request that they disable dead peer detection (DPD), increase the idle timeout to >1hr, and increase the keepalive interval to ~5min or so.
Q: How do I use OpenConnect with AFWall+?
A: There are a few caveats to keep in mind when using an Android firewall with VPN:
* If you run KitKat, use Android 4.4.2 or higher and AFWall 1.2.8 or higher. Android 4.4 and 4.4.1 have a serious TCP MSS bug which causes stalled connections and/or poor performance. AFWall <=1.2.7 does not have the extra logic needed to handle the routing changes in KitKat.
* Always allow traffic from the VPN app on all interfaces. In particular, you should whitelist VPN traffic from OpenConnect, as OpenConnect sends DNS requests over the VPN interface every few minutes to help keep the connection from timing out.
Q: Are any apps incompatible with VPN?
A: Apps which perform their own DNS resolution, such as Firefox, may have issues picking up the latest system DNS settings when connecting to the VPN. This can be a problem if your system DNS servers are not accessible over the VPN's routes, or if you are trying to look up hostnames that do not have public (internet) DNS entries.
Q: Under what circumstances will OpenConnect request root?
A: There are two root-only features shown under Settings; both are disabled by default. One setting works around a ROM bug in CM9 which sets incorrect permissions on /dev/tun, preventing VpnService from passing traffic to the tunnel interface; the other setting loads tun.ko on ROMs that neglect to load it by default.
Based on user feedback and testing, future releases may autodetect these conditions.
Q: How do I send a problem report?
A: Navigate to Log -> (menu) -> Send log file. Please be sure to furnish a complete, accurate description of the issue you are seeing, as the logs do not always show a smoking gun.
Click to expand...
Click to collapse
TODO
Translations - I will set up the necessary infrastructure if there are volunteers
Compatibility testing
Add x509 certificate parsing/validation in the profile editor
Enable Android keystore support
Proxy support
Split tunnel DNS?
Click to expand...
Click to collapse
MISC
Using OpenConnect + ocserv (on a VPS) to bypass China's Great Firewall (GFW): link
XDA:DevDB Information
OpenConnect, App for the Android General
Contributors
cernekee
Source Code: https://github.com/cernekee/ics-openconnect
Version Information
Status: Testing
Created 2014-01-18
Last Updated 2015-02-21
hello cernekee,
I was using smoothconnect on my note3 and It was working just fine, but now after I update my note3 to kitkat it surfs only couple of things like "play store", google search, and whatsup. but all other web sites and programs do not!!
now I tried out this program "open connect" with some hope but nope, I does the same thing. It only opens play store and google search but no other things.
I wonder what cause this problem, any suggestions please??
msm88now said:
hello cernekee,
I was using smoothconnect on my note3 and It was working just fine, but now after I update my note3 to kitkat it surfs only couple of things like "play store", google search, and whatsup. but all other web sites and programs do not!!
now I tried out this program "open connect" with some hope but nope, I does the same thing. It only opens play store and google search but no other things.
I wonder what cause this problem, any suggestions please??
Click to expand...
Click to collapse
Sometimes an MTU or TCP MSS problem could cause this symptom. What kind of gateway are you connecting to? Are you the admininstrator?
Older versions of KitKat did have an MSS problem; I think 4.4.1+ is OK: https://code.google.com/p/android/issues/detail?id=61948
There are a few other outstanding problems on <= 4.4.2: http://www.androidpolice.com/2014/0...n-routing-fixes-are-planned-for-some-of-them/
Do you see the same problem connecting from other systems, like a Windows PC, or even the Cisco AnyConnect Android app?
Hi cernekee,
I have an openSSL Cisco vpn connection provided by my university, I hooked it with D-615 Dlink router through DHCP.
Cisco AnyConnect for andriod does not work on our university network because it asks for a certificate which my uni does not provide. that's why I'm using smoothconnect.
anyways, right now I have a flawless connection on my all devices on my room's wireless like my both Win7 laptops and my galaxy S2 andriod 4.1.2.
all work except my note 3 after I updated it to (4.4.2). I don't know if it's a IPv6 or MTU problem,
I tried to decrease MTU value in smoothconnect but with no success. as Cisco stated in: AnyConnect Android 4.4 (KitKat) Compatibility Update (CSCul28340)
any suggestions please???
msm88now said:
Hi cernekee,
I have an openSSL Cisco vpn connection provided by my university, I hooked it with D-615 Dlink router through DHCP.
Cisco AnyConnect for andriod does not work on our university network because it asks for a certificate which my uni does not provide.
Click to expand...
Click to collapse
I don't see this university's VPN requesting a certificate (i.e. SSL client cert). It just asks for a group/username/password.
Are you getting an error that says that the gateway is not licensed for mobile, after you enter your password?
that's why I'm using smoothconnect.
anyways, right now I have a flawless connection on my all devices on my room's wireless like my both Win7 laptops and my galaxy S2 andriod 4.1.2.
all work except my note 3 after I updated it to (4.4.2). I don't know if it's a IPv6 or MTU problem,
I tried to decrease MTU value in smoothconnect but with no success. as Cisco stated in: AnyConnect Android 4.4 (KitKat) Compatibility Update (CSCul28340)
any suggestions please???
Click to expand...
Click to collapse
Can you grab a packet capture when you're seeing the connectivity failures, and email me the result? e.g.
Code:
adb push tcpdump /data/local/tmp
adb shell
cd /data/local/tmp
su
chmod 755 tcpdump
./tcpdump -n -i tun0 -w out.pcap
yes that's right, Cisco anyconnect asks only for username/ password but when I try to start a connection it ends up with no license error!
that's way I'm using smoothconnect and now openconnect on my both andriod phones.
now for my problem, I didn't get what do you mean by connectivity failure because I'm not getting any connectivity failure messages on my note3 after update to 4.4.2 neither on smoothconnect nor on openconnect. it connects as usual and I can see some traffic packets are being transfered but I can only surf google serch, youtube and some other stuff like play store and whatsup. whenever I try to surf any other website like for example bbc news the browser( chrome, opera, Dolfin..) just waits and then ends up with nothing like there is no internet connection!
did I explain my problem clearly? is it an Ipv6 problem? I'm really confused and frustrated
msm88now said:
yes that's right, Cisco anyconnect asks only for username/ password but when I try to start a connection it ends up with no license error!
Click to expand...
Click to collapse
OK. This is because the Cisco mobile clients look for an "X-CSTP-License: accept" header from the gateway after authenticating, to see if the operator has paid extra to support the Cisco mobile client. libopenconnect-based clients (including SmoothConnect) do not require this header.
now for my problem, I didn't get what do you mean by connectivity failure because I'm not getting any connectivity failure messages on my note3 after update to 4.4.2 neither on smoothconnect nor on openconnect. it connects as usual and I can see some traffic packets are being transfered but I can only surf google serch, youtube and some other stuff like play store and whatsup. whenever I try to surf any other website like for example bbc news the browser( chrome, opera, Dolfin..) just waits and then ends up with nothing like there is no internet connection!
Click to expand...
Click to collapse
I can take a look at this to see what is happening. Just start up tcpdump to capture the tun0 traffic (see above instructions), then try visiting the BBC news site and maybe a few other non-working sites. Then hit control-C to interrupt tcpdump, make sure there is some data in the pcap file, and email me the pcap file.
cernekee said:
I can take a look at this to see what is happening. Just start up tcpdump to capture the tun0 traffic (see above instructions), then try visiting the BBC news site and maybe a few other non-working sites. Then hit control-C to interrupt tcpdump, make sure there is some data in the pcap file, and email me the pcap file.
Click to expand...
Click to collapse
Hi,
I don't know how to make Tcpdump on my note3 not to mention hitting the control-c on andriod. what instruction did you mean?
msm88now said:
I don't know how to make Tcpdump on my note3 not to mention hitting the control-c on andriod. what instruction did you mean?
Click to expand...
Click to collapse
Do you have a friend who is familiar with ADB, rooting phones, etc. who might be able to help out in person?
You could also try something like Shark for Root, or follow this video. Make sure you capture on the tun0 interface so that we can see what is happening on the VPN tunnel. If you capture from the wifi interface you'll still see traffic, but everything will be encrypted so it will not be possible to diagnose the failure.
I got it. first I rooted my note3 then I followed the instruction in the video and here it is, I hope it's what you asked me for. waiting for your diagnosis, fingers crossed
msm88now said:
I got it. first I rooted my note3 then I followed the instruction in the video and here it is, I hope it's what you asked me for. waiting for your diagnosis, fingers crossed
Click to expand...
Click to collapse
According to this trace (partial screenshot attached), the Note 3 is advertising an MSS of 1460 bytes on IPv4 TCP connections. This looks abnormally high for a VPN interface; the other direction is using an MSS of 1380, which looks more realistic. The MSS for IPv4 would normally be the tun0 MTU minus 40 bytes. I am assuming this means the MSS is being computed from the 1500-byte wlan0/eth0 MTU, not the smaller tun0 MTU.
When Google fixed the MSS bug in Android 4.4.1, they left the following comments in the changelog:
Code:
commit ca5b4e8d0d8219273ecf0961ed6e8c47ab5d798a
Author: JP Abgrall <[email protected]>
Date: Wed Nov 20 17:27:01 2013 -0800
SecondaryTableController: force the MSS to match pmtu on TCP SYN
Without this change, the VPN sets up a tun/ppp that needs a small
MTU, and during TCP SYN the MSS will end up matching the outgoing iface
MTU which is potentially too big.
This leads to connection flakiness. The wrong MSS is visible by
tcpdump-ing on the tun/ppp device.
With this change, the MSS now is correct.
[b]It requires the kernel to be configured with
CONFIG_NETFILTER_XT_TARGET_TCPMSS=y
If kernel is not configured, it silently fails.[/b]
Bug: 11579326
Change-Id: I254d8c39435b92dff91931e461e1efb8b35f6b1e
Note the bolded sentences (emphasis mine). I suspect that your device is running the latest AOSP netd code that has the fix (if the ROM is indeed based on AOSP 4.4.1/4.4.2), but the kernel may be missing the TCPMSS target. If you see an error when running this command as root, it probably means that kernel support is missing:
Code:
iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN SYN -d 1.2.3.4 -j TCPMSS --clamp-mss-to-pmtu
Toward the bottom of the page on the original Android 4.4 MSS bug report I see a couple of reports from other Note 3 owners that the problem still isn't fixed for them, so it may be something particular to this device (such as the kernel configuration).
I do not see any evidence of IPv6 usage in your log, which rules out some of the known 4.4.2 VPN issues.
If this does turn out to be a kernel problem, you can try a custom kernel from XDA (assuming you can unlock your bootloader), or you could file a bug report with Samsung asking them to enable CONFIG_NETFILTER_XT_TARGET_TCPMSS=y in the next OTA update. From their end this is a simple, low-risk change.
cernekee;
Note the bolded sentences (emphasis mine). I suspect that your device is running the latest AOSP netd code that has the fix (if the ROM is indeed based on AOSP 4.4.1/4.4.2) said:
iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN SYN -d 1.2.3.4 -j TCPMSS --clamp-mss-to-pmtu
[/code]
Toward the bottom of the page on the original Android 4.4 MSS bug report I see a couple of reports from other Note 3 owners that the problem still isn't fixed for them, so it may be something particular to this device (such as the kernel configuration).
I do not see any evidence of IPv6 usage in your log, which rules out some of the known 4.4.2 VPN issues.
If this does turn out to be a kernel problem, you can try a custom kernel from XDA (assuming you can unlock your bootloader), or you could file a bug report with Samsung asking them to enable CONFIG_NETFILTER_XT_TARGET_TCPMSS=y in the next OTA update. From their end this is a simple, low-risk change.
Click to expand...
Click to collapse
as you can see in the attachment I applied the code with no error message. so in this case I assume I have no problem with the kernel? right?
then what causes the problem? and what can I do in order to solve it?
msm88now said:
as you can see in the attachment I applied the code with no error message. so in this case I assume I have no problem with the kernel? right?
then what causes the problem? and what can I do in order to solve it?
Click to expand...
Click to collapse
Can you connect to the VPN, try to access a few "bad" sites, and then post the full output from:
Code:
su
iptables -t mangle -nxvL
cernekee said:
Can you connect to the VPN, try to access a few "bad" sites, and then post the full output from:
Click to expand...
Click to collapse
here is the output after some bad sites access, I also repeated the provisos code during an openconnect session. hope it will help us.
msm88now said:
here is the output after some bad sites access
Click to expand...
Click to collapse
Hmm, on my KitKat device I have an st_mangle_POSTROUTING chain which does the TCPMSS clamping:
Code:
Chain st_mangle_POSTROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- * tun0 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x06/0x02 TCPMSS clamp to PMTU
I did not see this in your output. Maybe Samsung is using an outdated version of netd.
Try running this command as root after bringing up the VPN and see if you are able to pass traffic with the bad sites:
Code:
iptables -t mangle -A POSTROUTING -p tcp -o tun0 --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
If not, post the new "iptables -t mangle -nxvL" output so we can look at the traffic counters.
Also can you attach your /system/bin/netd binary?
Thanks.
cernekee;
Try running this command as root after bringing up the VPN and see if you are able to pass traffic with the bad sites:
[code said:
iptables -t mangle -A POSTROUTING -p tcp -o tun0 --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Click to expand...
Click to collapse
are kidding me!! it really worked. after I run the the code I tried to access all the bad sites and all of them worked!! but not as fast as my other mobil SG2. I noticed that it takes noticably much longer to access them. but still, It worked and It's fantastic!!
any ways, I rebooted my note3 to see if it will work again but it turned out it didn't! I need to re-enter the code again to make it work. now could you tell me what is my phones problem exactly? despite the re-entering issue I'm very happy that I finally can use internet on my note3 again thanks to you cernekee.
msm88now said:
any ways, I rebooted my note3 to see if it will work again but it turned out it didn't! I need to re-enter the code again to make it work. now could you tell me what is my phones problem exactly?
Click to expand...
Click to collapse
The ROM is supposed to add that rule automatically, but it doesn't.
If you attach your /system/bin/netd binary and output from "getprop" I'll try to figure out why.
cernekee said:
The ROM is supposed to add that rule automatically, but it doesn't.
If you attach your /system/bin/netd binary and output from "getprop" I'll try to figure out why.
Click to expand...
Click to collapse
here I attached them.
I posted a problem report on Samsung's support forum:
http://developer.samsung.com/forum/...&messageId=259244&listLines=15&startId=zzzzz~
Works like a charm with the lastest Slimkat on Nexus 4. Thanks a lot !
Just add a widget to one click connect from the launcher and it will be the best VPN apps that I've use.
Today I've a Tasker task to launch Anyconnect with uri and simulate touchs screen to automate my connection.
@ edit :
Is there a way to don't have the attached screen ?

How to disable ICMP redirects? [Guide]

Surprised nobody did a thread about this, so let me be the first one.
Lets start of what I mean with the title:
http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol#Redirect
The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol Suite. It is used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
Click to expand...
Click to collapse
Now, there is a relatively interesting named attack called "DoubleDIrect".
Link to article :
Link
So what is it? A Man in the middle attack,
“Man-in-the-Middle” attack (MITM) enabling an attacker to redirect a victim’s traffic to the attacker’s device. Once redirected, the attacker can steal credentials and deliver malicious payloads to the victim’s mobile device that can not only quickly infect the device, but also spread throughout a corporate network.
Click to expand...
Click to collapse
There is a trick you can use to disable ICMP redirects to your phone, linux laptop or even windows laptop, to prevent this exploit.
For android you need root and a terminal app.
So, firstly write su
su
then write
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
If you want to check if you have disabled it, all you need to do is write.
cat /proc/sys/net/ipv4/conf/all/accept_redirects
it should answer with 1 if its enabled or 0 if it isnt.
This only works until you restarted your phone. So, best to create a sh file and run it automatically.
I have created a sh, just incase I need to enable or disable it.
The same thing goes for linux if you have a linux machine
For windows, open regedit:
go to HKEY_LOCAL_MACHINE > SYSTEM > currentcontrolset >Services > Tcpip > parameters
and then there is a reg dword called enableICMPredirects, open it and change the value to 0.
The attackers are not only sniffing all the DNS traffic of the victim, but everything that is resolved through it.
Who is at risk?
Quote from the article:
– iOS: The attack works on latest versions of iOS including iOS 8.1.1
– Android: On most Android devices. Including Nexus 5 + Lollipop
– Mac: Mac OS X Yosemite is vulnerable.
Most of GNU/Linux and Windows desktop operating system do not accept ICMP redirect packets.
Click to expand...
Click to collapse
My xperia Z ultra , running 4.4.4 anrdoid kitkat, was vulnerable to this exploit just as my windows 8.1 notebook.
Stay safe!
Edit: if you somehow manage to brick your phone during the rooting process or this, I am not responsible.

[GUIDE][CyanogenOS] Avoid your Cyanogen OS device from getting updated!

Before proceeding any further:
As you may already know, Cyanogen Inc. has shut down the CyanogenMod project, and will end some of the Cyanogen services by the end of this year. However, Cyanogen is still able to supply updates for the elegible devices whose manufacturer partnered with Cyanogen Inc., like Wileyfox, bq, YU, OPPO, OnePlus, ZUK and Smartfren. You can have a look at this extensive article in the XDA Portal for more info. about the CyanogenMod death, and have a look here for a complete list of Cyanogen-supported devices.
The nightmare:
A user on the /r/programming subreddit submitted this great post, explaining the perspective as a former-Cyanogen-employee. There, it's explained that all of the CyanogenOS core developers were already fired, and the rest were either looking for another job or just abandoned the company. That leads to a company with barely any developers in their staff.
After, reading this, the only thing that came to my mind was "Who the f*** is pushing the updates to the devices?", and what's even more, what do those updates exactly contain?
The post responses go into a sort-of AMA, and the former employee comments here that Cyanogen has 2 OTA systems, the one that handles the OS upgrades, just like in CyanogenMod, and the Ambient Updater, that handles silent packages updates, which doesn't notify the user nor ask for permissions to install the new apps. This could be used to update Cyanogen components on demand, based on what the aerios server say it should install.
By the perspective of this former employee, I can only see that Cyanogen is completely broken, and, I'm quite skeptical of what's going to happen with future updates, if they'll try to do something to our devices. Maybe nothing bad happens, they hire new developers and get back to work, who knows... But I, personally, cannot trust them in this state.
How to disable automatic updates on Cyanogen OS devices:
Requirements: Android ADB Drivers (if on pc), or a Terminal Emulator app from Play Store/the built-in Terminal that can be enabled from Developer options, named Local terminal.
Go into Settings, About device, and tap 7 times on Build number. This will unhide the Developer options. Press the back key on your device and enter that menu.
Now find the Root access, or Administrative access setting, and change it to Apps and ADB.
If on PC: Connect your device to your PC, open a command prompt and type in adb shell. Continue to next step.
If you have no access to a PC: Open the Terminal Emulator app. Continue to next step.
Now type in the following commands.
Code:
su
(Now a prompt will appear on the device screen, tap on Remember and hit Allow).
Code:
pm disable [COLOR="DarkOrchid"]com.cyngn.ambient.updater[/COLOR]
pm disable [COLOR="darkorchid"]com.cyngn.fota[/COLOR]
The output for them should be something like:
Code:
Package [COLOR="darkorchid"]com.cyngn.ambient.updater[/COLOR] new state: disabled
However, it's also possible the package's missing in your system, returning an error:
Code:
Error: java.lang.IllegalArgumentException: Unknown package: [COLOR="DarkOrchid"]com.cyngn.ambient.updater[/COLOR]
If that's the case, either the app already self-updated and changed the package name (which is highly improbable), or, it's just not included in your device.
That should do the job, but, if you want to go further, you can go to your system partition, mount it as R/W and fully delete those two apps, named System Updates (Cyanogen Updates sometimes), and Ambient Updater.
Final thoughts / What can I do now?
No one knows what Cyanogen Inc is planning except them, but, if they keep firing their devs and try to make money from advertising malware, as the former employee suggests, I'd want to stay as far away from them as possible.
My personnal recommendation: Go into your device subforum, if it has one, and look up what are the alternative ROMs available for it, unlock your bootloader, flash a custom Recovery and the ROM of your preference, at least until our respective OEM says what happens next with the Stock ROM updates.
Merry Christmas, Cyanogen!

Exposing bluetooth HCI/Link Layer on Pixel 2

Hello,
I am attempting to control HCI commands and events directly from the command line (I have access to a few OS's, so bash/cmd are both an option). My test device specifically is a rooted pixel 2.
I've looked into using hcitool, but its no longer a part of the Android OS.
I've looked into using bluedroid test tool, but its no longer a part of the Android OS.
I've looked into using Android Comm Test Suite, but I am unable to secure root permissions without starting an adb shell, and the scripts run outside of the shell - so that hasn't worked out.
I've looked into using Intents/Activities from the com.android.bluetooth apk, running adb shell am -a (activity) or -n (package./activity) but haven't gotten meaningful results from the available commands.
I want my solution to be as generic and portable as possible (work for as many android devices and versions as possible), but I've only found two 'solutions' to this problem thus far.
Currently my options look like:
1) GUI automation (emulating user input to change parameters via nrfConnect or some similar app that would result in changes to HCI/LL level parameters), but this is device specific to the extreme and might break for even simple updates.
2) Building an application that has many functions controlling different bluetooth parameters and interactions, then creating its AndroidManifest.xml file in such a way as to be able to more or less call these functions from the command line.
If there are simpler ways to control these events and commands (alternatives to the now deprecated hcitool) please let me know.
If there are any problems with the two approaches I've listed above, please let me know.
Thank you in advance for any advice.

How To Guide June 20, 2023 TQ3A.230605.012.A1 Verizon/MVNOs / June 13, 2023 TQ3A.230605.012 Global - Unlock bootloader / Root Pixel 7 Pro [Cheetah] / SafetyNet

Pixel 7 Pro [Cheetah]​
Updated May 13, 2023
Note that more than three users have said that 34.0.1 (even May 10, 2023's binary update of 34.0.1) did not work correctly for them. I recommend sticking with 33.0.3 (just below these quotes)
Someone reported it to Google (added a comment about 34.0.1 to the existing 34.0.0 report).
Spoiler
b0uNz said:
tried to flash the latest build of AncientOS with it, did not work. Back to r33.0.3 and it worked fine
Click to expand...
Click to collapse
Aphex13 said:
platform-tools_r34.0.1-windows is not functioning properly. Back to 33.0.3 we go...
Click to expand...
Click to collapse
budmannxx said:
Add me to the list of users that had a problem with platform-tools 34.0.1. I got into a bootloop after running flash-all.bat. Downgraded to 33.0.3, reran the new (old) flash-all.bat, and was all good.
Using 34.0.1, the phone never even got to the fastbootd part of the process
Click to expand...
Click to collapse
May 10, 2023 binary update of 34.0.1:
Homeboy76 said:
Update
I tested SDK Platform-tools r. 34.0.1 it is not fixed. There are still problems with fastbootd. Use SDK Platform-tools r. 33.0.3
Click to expand...
Click to collapse
The download links for 33.0.3:
Namelesswonder said:
Anyone that updated their platform tools and needs to downgrade can use these links.
Windows
https://dl.google.com/android/repository/platform-tools_r33.0.3-windows.zip
Mac
https://dl.google.com/android/repository/platform-tools_r33.0.3-darwin.zip
Linux
https://dl.google.com/android/repository/platform-tools_r33.0.3-linux.zip
Click to expand...
Click to collapse
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
Google Pixel Update
Android Security Bulletins | Android Open Source Project
source.android.com
Here there be dragons. I am not responsible for anything at all.
VERY IMPORTANT - On the Pixel 7/Pro, we use Magisk to patch init_boot.img, NOT boot.img AND we flash the patched init_boot to the init_boot partition - do not flash it to the boot partition.​Thanks to @edcsxz, @Lughnasadh, and @AndyYan for news about that and confirming it.
Moved @mariusnoor's provided zero-day OTA.zip to Post #8 - Old news from the OP.
Spoiler: Warnings / FYI
Unlocking or locking the bootloader will wipe the device every single time, so be sure to have your data backed up before doing so, or better yet, just unlock it as soon as you get the device.​
Click to expand...
Click to collapse
Keep in mind that unlocking the bootloader or rooting might affect your phone's capability to use banking apps such as Google Pay, your local bank's app, or even the ability to install some apps like NetFlix. See Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers.​
Click to expand...
Click to collapse
If you're going to re-lock the bootloader, make sure the ROM you have on your phone is completely stock (by flashing the latest official firmware) BEFORE re-locking it.​
Click to expand...
Click to collapse
There are no permanent negative consequences if you unlock or re-lock the bootloader other than it will wipe your phone, and while your bootloader is unlocked you get a brief screen when you boot the phone telling you (and anyone who sees your phone at the time) that it's unlocked. You will also continue to receive updates (if you've merely unlocked the bootloader, you can take updates as normal) unlike Samsung, Sony, et cetera, which have permanent major consequences with reduced functionality even if you un-root and re-lock your bootloader. If you're actually rooted (not just bootloader unlocked), you'll have to perform extra steps to manually update each month, and to keep root/re-root.​
Click to expand...
Click to collapse
INDEX:​
Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers:
How to Root the first time / aka How to unlock the Bootloader
Unlocking Bootloader (required in order to root)
How to update each month (and also how to root)[requires an unlocked bootloader for updating via this factory image method]
OPTIONAL: If you want to flash both slots, after this first time, then after do the following
SafetyNet
Optional steps when updating - flashing custom kernels
The two schools of thought on disabling Verity and Verification
ADB/Fastboot and Windows USB Drivers - direct download links and the most recent changelog
Post #3 - Other, most important resources:
A list of other important apps
TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
Factory Images (requires an unlocked bootloader)
Full OTA Images(doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)
@mariusnoor's provided official URL to download the zero-day OTA to TD1A.220804.031.
Check warranty status
Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)
Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.
Find problem apps, Magisk, and LSposed Modules by (three different methods)
Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
How to unroot
Post #4 - Build ID definitions
Post #5 - Blank
Post #6 - Regarding P7P 5G model numbers and capabilities, and how to determine your hardware version
Post #7 - My personal advice for how to get your device back up and running as you had it before a factory reset
Post #8 - Old news from the OP
Thank you to the following users who have all contributed greatly to my knowledge of Pixels since I came back to XDA a year ago after a few years of mostly inactivity. Apologies if I miss anybody. In alphabetical order:
@AndyYan
@anirudhgupta109
@Az Biker
@bosox284
@capntrips
@Chainfire
@DespairFactor
@direwolf1
@Displax
@edcsxz
@Eleo
@flar2
@foobar66
@Freak07
@j4velin
@Jawomo
@Jon8RFC
@jorrik98
@kdrag0n
@[email protected]
@LLStarks
@Lughnasadh
@mariusnoor
@Namelesswonder
@PurppleMonkey
@Quinny899
@rovo89
@siavash79
@Sib64
@simplepinoi177
@StrangerWeather
@tbalden
@topjohnwu
@TotallyAnxious
@Tulsadiver
@Typhus_
@V0latyle
@VR25
@xgerryx
@xike456
@xstefen
And many others from all of the previous years who I thanked in my previous OPs.
Click to expand...
Click to collapse
Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers​
Unlocking Bootloader / Rooting / Updating:​How to Root the first time / aka How to unlock the Bootloader:
Unlocking the bootloader will factory reset your device. There is no way around this. I highly suggest never re-locking your bootloader once you unlock it. If you do ever re-lock the bootloader, only do so after restoring the phone to 100% stock by using the latest Pixel 7 Pro Factory Image or Official Google Android Flash Tool.
Verizon variants:
Will never be able to have their bootloader unlocked. It's like winning the lottery, and just as rare and relatively random. There is nothing that anyone on XDA can do to help you unlock your Verizon variant.
Click to expand...
Click to collapse
T-Mobile and AT&T variants:
Can be unlocked once you pay the phone off, then you contact the carrier and arrange to Carrier unlock the phone. Once the phone is Carrier unlocked, then you can unlock the bootloader with the usual caveats (will wipe the device and there's no way around it).
Click to expand...
Click to collapse
The direct-from-Google (or other retailers who aren't U.S. Carriers), the factory Carrier Unlocked Pixels:
Can be bootloader unlocked at any time. I'd try it first before putting a SIM card in the phone. If OEM unlocking is grayed out, try connecting to Wi-Fi, and reboot if necessary. If it's still grayed out, try with your SIM card, and reboot again. Historically on Pixels, most of the time you can toggle OEM unlocking immediately, but occasionally some users have found it took a little while after being either connected to Wi-Fi or having your SIM card installed in it, and then eventually (hours? day? days?) you can toggle OEM unlocking.
Click to expand...
Click to collapse
The rest of the world's carriers:
No idea. Feel free to ask in the thread and hopefully, someone with specific knowledge will answer.
Click to expand...
Click to collapse
Other than trying the things I mentioned above, there is nothing else that anyone on XDA can do to help get OEM unlocking to be ungrayed.
Unlocking Bootloader (required in order to root)
The one-time first steps are:
Android Settings
About phone
Click on Build number repeatedly, about seven times
Go back to the main Android Settings
System
Developer options
Toggle OEM unlocking on. See @Namelesswonder's tip below (this won't help with variants that are supposed to be bootloader locked):
Namelesswonder said:
Also a little tip for anyone trying to enable OEM unlocking on a device and it is grayed out, you can force the phone to check for eligibility by connecting to the internet in whatever way, going to the dialer, and dialing *#*#2432546#*#* (CHECKIN).
You should receive a notification from Google Play services with "checkin succeeded" and OEM unlocking should be available immediately if the device is eligible.
Google account not needed, SIM not needed, no other setup required. Works on completely-skipped-setup-wizard. Just need to make sure to connect to the internet and select the connection as metered to avoid any updates.
Click to expand...
Click to collapse
Toggle USB debugging on.
[Optional] I highly suggest you also disable Automatic system updates. Note that in a situation such as the Android 12 serious bootloader security issue, this setting will not keep Google from forcing an update to come through anyway.
How to actually root follows the same steps below as how to update each month.
Download the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
Unzip the Platform Tools and Drivers.
NOTE: If you have USB drivers for other Android devices installed, like Samsung, they can alternately sometimes work and not work with Google Pixels. I recommend uninstalling those drivers, or at least updating that driver to Google's driver as instructed below (the Device Manager entry may be different with other OEMs).​
The Windows USB Drivers may have to be installed twice:
The first time while your phone is running and unlocked as normal.
In Windows, right-click on the Start Button and choose Device Manager.
Plug your phone into the computer and look for the new hardware entry in Device Manager. Near the top of Device Manager should be Android Device. Click the drop-down arrow to the left of it.
Below Android Device, it should now show Android Composite ADB Interface
Right-click the Android Composite ADB Interface and choose Update driver
Choose Browse my computer for drivers
Click Browse and navigate to where you unzipped the Windows USB drivers to.
Follow the prompts to install the driver.
Keep Device Manager itself open - you'll need it again in a minute, but you can close any other Device Manager windows after you have installed the driver.
Open a Command Prompt and navigate to the platform-tools folder.
Run command:
Code:
adb devices
On your Android device, you'll get an ADB prompt. Check the box to always give ADB permission and click OK.
Confirm that the command results in a list of Android devices. When doing these producedures, you should only have the one device you want to work on connected, to keep things simple.
The second time to install the driver is while the phone is in Bootloader (fastboot mode), notFastbootD (fastbootd) mode. I know it's confusing.
Run command:
Code:
adb reboot bootloader
Repeat the instructions above starting with "Right-click the Android Composite ADB Interface".
This second time installing the drivers while in Bootloader (fastboot mode), it will show up as "Android Bootloader Interface". Thanks @simplepinoi177 for the suggestion to add this detail.
Run command:
Code:
fastboot flashing unlock
On the phone, press either the up or down volume button once until you see Unlock the bootloader |>| beside the power button.
Press the power button. The phone will go black for a second and then show near the bottom Device state: unlocked.
After these first-time steps to unlock the bootloader, if you want to root, continue below at the step:
Download the latest Pixel 7 Pro Factory Image (at the bottom of the "Cheetah" section).
Click to expand...
Click to collapse
How to update each month (and also how to root) [requires an unlocked bootloader for updating via this factory image method]
These three instructions only apply if you're already rooted and updating from one firmware version to another:
Made sure all Magisk Modules have been updated.
Disable all Magisk Modules.
UNhide Magisk!
If you are going to use the Official Google Android Flash Tool, then skip the steps I indicate with FAB(Flash-All.Bat).
If using the Android Flash Tool to update/dirty flash, you should have the following items notselected:
Deselect Wipe
Deselect Force Flash all partitions (which will also wipe)
Deselect re-lock bootloader
Always use the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
Unzip the Platform Tools.
Download the latest Pixel 7 Pro Factory Image (at the bottom of the "Cheetah" section).
Unzip the factory image to the same platform-tools folder, i.e. so that flash-all.bat and all other files are in the same folder as ADB and Fastboot from the platform-tools.
* FAB VERY important - Edit the flash-all.bat (on Windows) or flash-all.sh (on Linux) and remove the -w from the fastboot update image-cheetah-etcetera.zip line. This will keep the script from wiping your phone when you run it.
Extract only the init_boot.img file from the image-cheetah-etcetera.zip to the same platform-tools folder.
Copy the init_boot.img from the PC to the phone's internal storage.
On the phone: Apply Magisk Stable to the new stock init_boot.img. NOTE: It is always possible that an Android Update (Monthly, QPR [Quarterly Platform Release], new major Android versions, and Beta versions) might need a new version of Magisk Stable, Beta, or Canary from GitHub to work correctly. XDA forum for Magisk is here.
Launch the Magisk app.
Beside "Magisk", click "Install".
Click "Select and Patch a File", and choose the init_boot.img that you just copied to the phone's storage.
Copy the Magisk'd init_boot.img (filename similar to magisk_patched-25200_1a2B3c.img)back over to the computer.
* FAB Run commands:
Code:
adb reboot bootloader
flash-all.bat (on Windows)
or
flash-all.sh (on Linux)
(Note: At least two Apple Macintosh users had trouble using the flash-all.sh - at least one of those users, everything went smooth once they used a Windows PC for this part of the process)
IMPORTANT - The flash-all will take several minutes and reboot on its own several times including to a mode called "FastbootD", and finally reboot into full Android when it's done. Do not interrupt this process. On the FastbootD screen on the phone, do not use any of the manual selection options - let the flash-all script do it's work. Do not unplug your phone until it has fully booted into Android.​ Thanks to @PurppleMonkey and @xgerryx for suggesting a warning about this. Thanks to @simplepinoi177 for suggesting the "FastbootD" clarification.
On the phone:
Wait for the phone to boot normally.
OPTIONAL: If you want to flash both slots, after this first time, then after do the following:
Code:
adb reboot bootloader
fastboot --set-active=other
flash-all.bat
So you're doing the flash-all.bat a second time on the second slot.
On the computer:
Open a Command Prompt and navigate to the platform-tools folder.
Run command:
Code:
adb reboot bootloader
After phone has rebooted into Bootloader (Fastboot) mode, run command:
Code:
fastboot flash init_boot magisk_patched-25200_1a2B3c.img
fastboot reboot
Unlock the phone.
Confirm that the phone boots completely normally.
Cautiously re-enable Magisk Modules.
Reboot.
Confirm everything worked fine.
If the phone won't boot correctly after having enabled Magisk Modules, see either of the two solutions below:
Jon8RFC said:
For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
Code:
adb wait-for-device shell magisk --remove-modules
I like to just do this first:
Code:
adb devices
So the server is running, then I have the long one pasted and ready to go once the phone turns off.
Click to expand...
Click to collapse
Find problem apps, Magisk, and LSposed Modules by (three different methods) section in my next post. After following that link, you may have to scroll up a little bit and the section title will be highlighted.
SafetyNet:​Use whichever of these is newer than the other:
@Displax Universal SafetyNet Fix Mod on XDA.
Official Universal SafetyNet Fix released by @kdrag0n available at XDA.
Launch the Magisk app.
Go to Magisk's Settings (Gear in top right).
Click Hide the Magisk app.
When you hide it, you'll have the optional opportunity to change the Magisk app's name to whatever you wish. It doesn't have to be complex to fool apps that check for Magisk.
Important: When you have the Magisk app hidden or renamed, you can accidentally install a new copy of Magisk. This situation won't work at all - neither copy of Magisk will work with two installed. This is one reason why I don't completely hide Magisk, so I can tell it's installed because I have it renamed as something easily recognizable.
Back to the Magisk app's Settings...
Click Systemless hosts. This adds a Magisk Module to Magisk, which you can verify in a later step.
Toggle Zygisk on.
Toggle Enforce DenyList on.
Click Configure DenyList.
Add every app that you want to explicitly deny root and the existence of root.
You can click the 3-dot menu and choose the options to display system and/or OS apps, if necessary.
Note that for many apps, it is not enough to click the single checkmark to the right of the app name in this list. For many but not all apps, you should click on the app name and you'll see it expand to two or more entries, each with its own toggles. In this expanded state, you can now check the single top checkbox beside the main app name and it'll toggle all individual sub-entries.
Some apps add new entries to this list from time to time, so if you find that an app used to work for you when rooted and doesn't now, check this list again and look for the entries that aren't fully checked. There will be an incomplete horizontal line above the apps that don't have all of their sub-entries toggled.
You can use the Search button at the top of this list to find specific apps quickly.
The most common apps you should definitely fully check in this list are:
IMPORTANT - There are some things, such as Google Play Services which it's fine to add to the DenyList, but it's perfectly normal when used in combination with the Universal SafetyNet Fix (USNF) that it is back to being unchecked the next time you visit the DenyList. Since USNF takes care of Google Play Services, you don't even have to add it to the DenyList in the first place.​
Google Play Store
Google Services Framework
Google Play Protect Service
Wallet
GPay
Any banking apps.
Any streaming apps that use DRM.
Any 2FA apps, especially those for work.
Some of those Google apps might not need denying, but it doesn't hurt to deny them.
Any time you toggle more entries in this list, it may be necessary to reboot the phone for it to take effect.
From the main screen in the Magisk app, go to Modules at the bottom.
Confirm that the Systemless hosts Magisk Module is added to this list, and enabled.
Install the appropriate Magisk Module: Universal SafetyNet Fix referenced above these numbered instructions.
Reboot.
Install from the Play Store:
YASNAC - SafetyNet Checker
Launch it.
Click Run SafetyNet Attestation.
It should say:
Basic integrity: Pass
CTS profile match: Pass
Evaluation type: BASIC
Play Integrity API Checker
Launch it.
Click Check.
It should have the following with a green checkmark:
MEETS_DEVICE_INTEGRITY
MEETS_BASIC_INTEGRITY
It's normal for MEETS_STRONG_INTEGRITY to have a red X.
You don't have to keep these installed, although I keep them handy.
Sometimes, clearing app cache and/or data for apps like the Google Play Store, GPay, Wallet and others (and then rebooting) after these steps may help pass SafetyNet as well.
See @V0latyle's explanation (and further linked post) for why we can't achieve STRONG_INTEGRITY with an unlocked bootloader.
See @V0latyle's [DISCUSSION] Play Integrity API regarding why SafetyNet, per se, is actually defunct and replaced with Play Integrity - and New Official Universal SafetyNet Fix released by @kdrag0n v2.4.0 referenced in the steps above takes care of the latter.
Click to expand...
Click to collapse
Optional steps when updating - flashing custom kernels:
Download the custom kernel of choice on the phone.
Be sure to read the particular installation instructions in the kernel threads' OP - any instructions in their OPs takes priority over anything I say here, which is generalized.​For now even the AK3 Zip versions of custom kernels requires Verity and Verification to be disabled.
How to determine if you already have Verity and Verification disabled - see section in Post #3 - Other, most important resources
The two schools of thought on disabling Verity and Verification:
My post here. If you want to discuss it any, please do so in my thread, or at least not in that custom kernel thread, so as to keep the thread on-topic.
Extract the vbmeta.img file from the inner Zip of the factory image zip and put it in the same folder with the latest extracted platform-tools.
Hook the phone up to your computer and run the following commands:
Code:
adb reboot bootloader
[wait for the phone to reboot to bootloader (fastboot mode)]
Code:
fastboot flash vbmeta vbmeta.img --disable-verity
fastboot reboot
Unlock the phone once it's booted up.
Make sure the Kernel Flasher app is up to date. XDA thread for the Kernel Flasher app is here.
Launch Kernel Flasher.
Select the slot that's mounted.
Choose Flash AK3 Zip.
Select the custom kernel zip just downloaded.
When it's done flashing, head to Android Settings and perform a Factory Reset, as is currently needed for Despair kernel.
If you failed to disable Verity and Verification ahead of time, if you have to, just force the phone off using these instructions: Turn your Pixel phone on & off, then press the Volume Down and Power buttons for a couple of seconds to get into the bootloader (fastboot mode). You'll still have to factory reset after disabling Verity in combination with this kernel, for now.
Whenever you use the flash-all to flash your phone, as long as you want to continue to disable Verity and Verification, you'll have to further modify the flash-all script as such:
Code:
fastboot update image-cheetah-buildnumber.zip --disable-verity --disable-verification
Click to expand...
Click to collapse
ADB/Fastboot & Windows USB Drivers:​Platform Tools was updated in August 2022 to v33.0.3 (don't use the newer v34.0.0 - it has issues):
Namelesswonder said:
Anyone that updated their platform tools and needs to downgrade can use these links.
Windows
https://dl.google.com/android/repository/platform-tools_r33.0.3-windows.zip
Mac
https://dl.google.com/android/repository/platform-tools_r33.0.3-darwin.zip
Linux
https://dl.google.com/android/repository/platform-tools_r33.0.3-linux.zip
Click to expand...
Click to collapse
Release Notes https://developer.android.com/studio/releases/platform-tools:
33.0.3 (Aug 2022)​
adb
Don't retry adb root if first attempt failed.
Fix track-devices duplicate entry.
Add receive windowing (increase throughput on high-latency connections).
More specific error messages in the "more than one device" failure cases.
Reject unexpected reverse forward requests.
Fix install-multi-package on Windows.
fastboot
Remove e2fsdroid as part of SDK platform-tools.
Print OemCmdHandler return message on success.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
You'll need this if you're going to unlock the bootloader on your Pixel 7 Pro: SDK Platform Tools (download links for Windows, Mac, and Linux). Note that you can find links to download the tools elsewhere, but I wouldn't trust them - you never know if they've been modified. Even if the person providing the link didn't do anything intentionally, the tools could be modified without them being aware. Why take a chance of putting your phone security further at risk?
You can alternately use the tools from the SDK Manager, but most of us will want to stick to the basic tools-only without the complications of the full development manager.
Click to expand...
Click to collapse
For Windows, get Google's drivers here Get the Google USB Driver (ADB will likely work while the phone is fully booted, but if you're like me, you'll need these drivers for after you adb reboot-bootloader, to be able to use ADB and Fastboot.
Click to expand...
Click to collapse
Other, most important resources​
A list of other important apps: - be sure to thank the respective OPs:
Here's the Magisk section of XDA's forums, for rooting. Magisk on GitHub.
@[email protected]'s section for Nova Launcher / Nova Launcher Prime - been using this since early 2012!
@capntrips' thread [DEV] Kernel Flasher
[KERNEL] CleanSlate |S2S|AdBlock|VIB|BatterySvr - Thanks @tbalden!
[Kernel] [Android Stable]Kirisakura for Pixel 7/Pro aka "Pantah" - thanks @Freak07!
[KERNEL]Despair Kernel - Thanks @DespairFactor!
Multi Timer StopWatch - this multiple timer app is the bomb. Got widgets, customization like crazy, you name it.
See my review with screenshots about Multi Timer StopWatch here.
@Chainfire's thread [APP][5.0+][2020.12.22] CF.lumen v3.74 - I used to use this app to enable my phones to go extra dim before Android developed the better native capability for that, and the app has been confirmed to work on the Pixel 7 Pro for color control, too
@jorrik98's thread [Themes / Apps / Mods] Better Internet Tiles - Bring back Wi-Fi and mobile data toggles! (non-root)
@VR25's thread Advanced Charging Controller (ACC)
CrazyBoyFeng's ACC Settings
MatteCarra's AccA (Advanced Charging Controller App)
@siavash79's thread [MOD][Xposed+Magisk][Pre-Release] AOSP Mods - System modifications for AOSP-based Android 12+. This is a big one for me, personally.
@Quinny899's thread [APP][ROOT][11+][19/07] Classic Power Menu - Power Menu Replacement w/ Wallet, Controls on Android 11, 12, 13+
Swift Backup
@j4velin's thread [APP] Wallpaper Changer - been using this since mid-2011!
@Jawomo's thread [Themes / Apps / Mods] aodNotify - Notification Light / LED - see my post in that thread here for the proper offsets to use the front camera notification circle on the Pixel 7 Pro.
@Jawomo's thread [APP] dynamicSpot - iPhone 14 Pro Dynamic Island for android!
How to unroot
One of these two options:
Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own).
Select the options to:
Wipe
Force flash all partitions
Re-lock bootloader
Flash the completely stock init_boot.img from the same firmware version that you're on:
Code:
adb reboot bootloader
fastboot flash init_boot init_boot.img
TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
I would guess that this should be the appropriate URL for official TWRP custom recovery for the Pixel 7 Pro, but who knows when/if that will actually be made available, and it may become available unofficially in these forum sections before being made official. I'll adjust this URL as needed. https://twrp.me/google/googlepixel7pro.html.
Click to expand...
Click to collapse
Factory Images (requires an unlocked bootloader)
It's also handy to have to the full official firmware available, whether it's to recover from accidents or for actual development. Note the official link to the general Factory Images for Nexus and Pixel Devices page. The following link goes directly to the Pixel 7 Pro (Cheetah) section: Pixel 7 Pro Factory Images. I prefer to actually bookmark a link to the device listed immediately below the device I want the firmware for, because Google dumbly (in my opinion) puts the latest firmware at the bottom of the list for each particular device, and that ends up making you scroll a lot after a year or two of monthly updates.
Click to expand...
Click to collapse
Full OTA Images (doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)
Full OTA Images for Nexus and Pixel Devices
Click to expand...
Click to collapse
Check warranty status - *may* reveal if a phone is refurbished, only if the phone was refurbished through Google - thanks to @Alekos for making me aware of the site.
Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)
Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.
Find problem apps, Magisk, and LSposed Modules by (three different methods):
Google's Help Page for Find problem apps by rebooting to safe mode - this can be a lifesaver and keep you from having to do a restore to 100% complete stock or even from having to do a factory reset. This will deactivate all Magisk modules, and they'll remain deactivated even after you boot normally after briefly booting to safe mode. You can re-enable the Magisk modules as you wish to try to narrow down the problem if it was caused by a Magisk module. This can even get things working again after a Magisk Module wasn't finished installing and potentially causing a bootloop.
You can also follow @Jon8RFC's advice:
Jon8RFC said:
For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
Code:
adb wait-for-device shell magisk --remove-modules
I like to just do this first:
Code:
adb devices
So the server is running, then I have the long one pasted and ready to go once the phone turns off.
Click to expand...
Click to collapse
Worked for me yesterday when I accidentally tried some old version of a Magisk Module. You have to reinstall your Magisk Modules, but if you're using a third-party widget, it won't disable them like Safe mode does.
(May only be for mis-behaving LSposed modules):
siavash79 said:
In the future try this
adb wait-for-device shell su -c "touch /data/adb/modules/zygisk_lsposed/disable"
adb reboot
Click to expand...
Click to collapse
Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
Lughnasadh said:
OEM unlocking in developer options needs to be toggled on. I don't "believe" you have to actually do the "fastboot flashing unlock" command.
Click to expand...
Click to collapse
How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
capntrips said:
I keep seeing this asked, so I added a Magisk module for it to the linked Github release. With the module installed, you can just run:
Code:
su
avbctl get-verity
avbctl get-verification
I spent way more time debugging that I downloaded Github's HTML of the update-binary script rather than the raw file than I care to admit. Off to bed.
Click to expand...
Click to collapse
Alternative two more manual ways of checking:
Freak07 said:
Since you´re probably already rooted anyway if you plan to flash this kernel, simply reboot your device. After you enter the device immediately take a kernel log with for example EXKM or any other app that allows to do that, terminal, etc.
Look for that line
[ 1.273480] init: [libfs_avb]AVB HASHTREE disabled on: /vendor_dlkm
If you see this line, verity/verification should be disabled.
Click to expand...
Click to collapse
capntrips said:
I've seen several cases where having the ability to check would have been handy, so I pushed an avbctl binary built against the latest aosp sources here.
The simplest way to use it would be the following:
Code:
adb push avbctl /data/local/tmp
adb shell
su
cd /data/local/tmp
chmod +x avbctl
./avbctl get-verity
./avbctl get-verification
Click to expand...
Click to collapse
Build ID definitions​
Build ID definitions: - thanks to @Namelesswonder for linking, quoting, and explanation:
Namelesswonder said:
https://source.android.com/docs/setup/about/build-numbers#build-ids-defined
First character is the version code of the release of Android, in this case Tiramisu (T) which is Android 13.
The second character is the branch of device platform that the build is from.
D: Device specific branch, what the device launches with until the next branch merge.
P: Primary branch, designates release branch for a successive version of Android for the device.
Q: Quarterly platform release, the feature drops that happen every quarter.
The third and fourth characters further define the subbranch. It's only well defined for QPRs, with the number defining which QPR the build is from. The number was "2" for the case of Android 12L.
The date roughly corresponds to when it was branched, but is mainly used to distinguish what the security patch level for release builds. Developers builds are closer to the true time it was branched.
The next three digits relate to versions based on that dated branch, and differ when a telecom needs a larger change, for example in the radio firmware or other larger change.
The last two characters are hotfixes, which usually include small changes for telecoms that need something like their APN changed after the date branch.
In this case TQ1A.230205.002 is Android 13 QPR1 that includes security patch 2023-02-05, and TQ2A.230305.008 is Android 13 QPR2 that includes security patch 2023-03-05.
Click to expand...
Click to collapse
Codenames, Tags, and Build Numbers | Android Open Source Project
source.android.com
Build ID definitions​In Android 8.0.0 (Oreo) and higher, individual builds are identified with the build ID format PVBB.YYMMDD.bbb[.Cn], where:
P represents the first letter of the codename of the platform release, for example, O is Oreo.
V represents a supported vertical. By convention, P represents the primary platform branch.
BB is an alphanumeric code that allows Google to identify the exact code branch the build was made from.
YYMMDD identifies the date when the release is branched from or synced with the development branch. It's not always the exact date at which a build was made as it's common for minor variations added to an existing build to re-use the same date code as the existing build.
bbb identifies individual versions related to the same date code, sequentially starting with 001.
Cn is an optional, alphanumeric that identifies a hotfix on top of an existing PVBB.YYMMDD.bbb build, starting from A1.
Older Android releases use a different, shorter build ID code (for example, FRF85B) where:
The first letter is the codename of the release family, for example, F is Froyo.
The second letter is a branch code that allows Google to identify the exact code branch the build was made from. By convention, R is the primary release branch.
The third letter and following two numbers are a date code. The letter counts quarters (A is Q1 2009, F is Q2 2010, and so on). The two numbers count days within the quarter (F85 is June 24, 2010). The date code isn't always the exact date at which a build was made as it's common for minor variations added to an existing build to re-use the same date code as the existing build.
The last letter identifies individual versions related to the same date code, sequentially starting with A (which is implicit and usually omitted for brevity).
Click to expand...
Click to collapse
Reserved #5.
Regarding P7P 5G model numbers and capabilities, and how to determine your hardware version:
Source 1
Source 2 - Thanks to @xike456 for the additional information
There are two hardware versions in the United States:
GP4BC
5G Sub 6GHz
UMTS/HSPA+/HSDPA: Bands 1,2,4,5,6,8,19
LTE: Bands B1/2/3/4/5/7/8/12/13/14/17/18/19/20/25/26/28/29/30/32/38/39/40/41/46/48/66/71
5G Sub-620: Bands n1/2/3/5/7/8/12/14/20/25/28/30/38/40/41/48/66/71/75/76/77/78
GE2AE
5G mmWave + Sub 6GHz
GSM/EDGE: Quad-band (850, 900, 1800, 1900 MHz)
UMTS/HSPA+/HSDPA: Bands 1,2,4,5,6,8,19
LTE: Bands B1/2/3/4/5/7/8/12/13/14/17/18/19/20/25/26/28/29/30/38/39/40/41/42/46/48/66/71
5G Sub-620: Bands n1/2/3/5/7/8/12/14/20/25/28/30/38/40/41/48/66/71/77/78
5G mmWave20: Bands n257/n258/n260/n261
Two other hardware versions. Not sure where they are distributed - possibly in Canada:
GVU6C
5G Sub 6GHz
GQML3
5G mmWave + Sub 6GHz
No other information is known
Two more hardware versions. Not sure where they are distributed, but Japan is one::
G03Z5 - information comes from here. For some reason lumped in with Model GVU6C above at that link and considered the same model.
5G Sub 6GHz
GFE4J - information comes from here. For some reason lumped in with Model GE2AE above at that link and considered the same model.
5G mmWave + Sub 6GHz
Click to expand...
Click to collapse
Thanks to @xike456 for the additional information above, and provided in their post:
xike456 said:
Here is my 7 pro model number: GFE4J
I found some info about this here.
unroot.
Click to expand...
Click to collapse
Thanks to @xstefen for providing this link:
xstefen said:
Google LLC Device Database
device.report
Click to expand...
Click to collapse
How to determine your hardware version:
Lughnasadh said:
Settings>About Phone>Regulatory Labels
Click to expand...
Click to collapse
Carrier/Color/Storage model numbers (gotten from Best Buy):
Unlocked:
Obsidian
128GB - GA03453-US
256GB - GA03456-US
512GB - GA03459-US
Hazel
128GB - GA03455-US
256GB - GA03458-US
512GB - GA03461-US
Snow
128GB - GA03454-US
256GB - GA03457-US
512GB - GA03460-US
Sprint:
Obsidian - 128GB - GA03443-US
Hazel - 128GB - GA03445-US
Snow - 128GB - GA03444-US
Verizon:
Obsidian
128GB - GA03414-US
256GB - GA03417-US
Hazel - 128GB - GA03416-US
Snow - 128GB - GA03415-US
T-Mobile
Obsidian - 128GB - GA03443-US
Hazel - 128GB - GA03445-US
Snow - 128GB - GA03444-US
No idea about AT&T model numbers - Google's site lists the carrier in their Store, but looks like Best Buy doesn't sell them.
Thanks, @Sib64!
Obsidian - 256GB - GA03465-GB - solded by Sosh France
Click to expand...
Click to collapse
Post #7 Pro
My personal advice for how to get your device back up and running as you had it before a factory reset:
I use Nova Launcher Prime, so I do backups anytime I change my home screen or app drawer/tabs setup, so widgets and app icons and other Nova-specific configurations are easier to restore.
Go to Android Settings and use Settings' search box for Backup. Make sure that your Google account is set up to backup your apps (and app data for the apps that developers have configured to use Google's Backup API). Make sure things are backed up. Note, this doesn't backup the apps themselves, only the list of apps, so only applies to apps installed from the Play Store. As I said in parentheses, developers have to choose to integrate Google's Backup API into their app, and those apps only will get their app data backed up into Google's cloud.
If you're rooted also, then you could use something like Swift Backup to backup to the cloud. I do so, although I still restore as much as possible through Google's backup, and I only restore through Swift on a case-by-case basis, as needed when I discover an app that's tough to set back up doesn't have it's data restored by Google.
If you've used Google Photos to backup your photos to Google's cloud, then hit the button in Google Photos to free up space. This will automatically and only delete your local copies of photos and videos that it's already backed up.
Once that ^ is done, look at your internal storage with your favorite File Manger and see if there's anything left that you want to back up manually, since a factory reset will wipe everything. Copy them to your computer or a flash drive.
When you're just starting the out of the box setup after the reset, when it asks you if you want to use a cable to restore things from an old phone, choose No, and that will lead you to Google's cloud backup where you can choose to restore everything, or you can select what you want to restore.
I think you can figure out the rest.
Also see Post #3 - Other, most important resources:
A list of other important apps
Spoiler: Old news from the OP:
March 9, 2023
Note that over three users have said that 34.0.1 did not work correctly for them.
Spoiler
Windows: https://dl.google.com/android/repository/platform-tools-latest-windows.zip
Mac: https://dl.google.com/android/repository/platform-tools-latest-darwin.zip
Linux: https://dl.google.com/android/repository/platform-tools-latest-linux.zip
SDK Platform Tools release notes | Android Studio | Android Developers
Android SDK Platform-Tools is a component for the Android SDK.
developer.android.com
Platform-Tools v34.0.1 is up!
https://dl.google.com/android/repository/platform-tools-latest-windows.zip
https://dl.google.com/android/repository/platform-tools_r34.0.1-windows.zip
34.0.1 (March 2023)​
adb
macOS: Reverted "unstable connectivity (MacBook high speed cable)" resolution due to adb install hang (issue #270205252).
fastboot
Windows: Fixed "mke2fs: Illegal or malformed device name while trying to determine filesystem size" error introduced in Platform tools 34.0.0 (issue #271039230).
Click to expand...
Click to collapse
February 6, 2023
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
13.0.0 (TQ1A.230205.001.A2, Feb 2023, Telstra)FlashLinkf81c82a2687ee092b675e8329628a00dfc5ce722e47d0603c000a3dd8ddfb68d13.0.0 (TQ1A.230205.001.D2, Feb 2023, T-Mobile, T-Mobile MVNOs)FlashLinkf2c2d91a753f96c45cb7d31c79929eeac408ba4abff9603cf2c786e36aa8704213.0.0 (TQ1A.230205.002, Feb 2023)FlashLink4439927e14a29c71499ed7796756b7197e76096c197c7f43634638ccea89e237
Google Pixel Update - February 2023 - Google Pixel Community
https://support.google.com/profile/79501506
Kush M.
Community Manager•Original Poster
8 min. ago
Google Pixel Update - February 2023​Announcement
Hello Pixel Community,
We have provided the monthly software update for February 2023. All supported Pixel devices running Android 13 will receive these software updates starting today. The rollout will continue over the next week in phases depending on carrier and device. Users will receive a notification once the OTA becomes available for their device. We encourage you to check your Android version and update to receive the latest software.
Details of this month’s security fixes can be found on the Android Security Bulletin: https://source.android.com/security/bulletin
Thanks,
Google Pixel Support Team
Software versions
Global
Pixel 4a: TQ1A.230205.002
Pixel 4a (5G): TQ1A.230205.002
Pixel 5: TQ1A.230205.002
Pixel 5a (5G): TQ1A.230205.002
Pixel 6: TQ1A.230205.002
Pixel 6 Pro: TQ1A.230205.002
Pixel 6a: TQ1A.230205.002
Pixel 7: TQ1A.230205.002
Pixel 7 Pro: TQ1A.230205.002
Canada
Pixel 4a: TQ1A.230205.001.B2
Telstra (AU)
Pixel 7: TQ1A.230205.001.A2
Pixel 7 Pro: TQ1A.230205.001.A2
T-Mobile, Google Fi (US)
Pixel 4a (5G): TQ1A.230205.001.D2
Pixel 5: TQ1A.230205.001.D2
Pixel 5a (5G): TQ1A.230205.001.D2
Pixel 6: TQ1A.230205.001.D2
Pixel 6 Pro: TQ1A.230205.001.D2
Pixel 6a: TQ1A.230205.001.D2
Pixel 7: TQ1A.230205.001.D2
Pixel 7 Pro: TQ1A.230205.001.D2
What’s included
The February 2023 update includes bug fixes and improvements for Pixel users – see below for details.
Accessibility
Fix for issue preventing touch interaction with Braille keyboard in certain conditions
Audio
Fix for issue occasionally causing instability while Clear Calling is enabled in certain conditions *[1]
Bluetooth
Fix for issue occasionally preventing connection with certain Bluetooth devices or accessories
Framework
Fix for issue occasionally preventing Work profile calendar information from updating in the background
---------------------------------------------------------------
Device Applicability
Fixes are available for all supported Pixel devices unless otherwise indicated below.
*[1] Included on Pixel 7, Pixel 7 Pro
Details
Other
Click to expand...
Click to collapse
Pixel Update Bulletin—February 2023 | Android Open Source Project
source.android.com
Pixel Update Bulletin—February 2023​bookmark_border
Published February 6, 2023
The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2023-02-05 or later address all issues in this bulletin and all issues in the February 2023 Android Security Bulletin. To learn how to check a device's security patch level, see Check and update your Android version.
All supported Google devices will receive an update to the 2023-02-05 patch level. We encourage all customers to accept these updates to their devices.
Note: The Google device firmware images are available on the Google Developer site.
Announcements​
In addition to the security vulnerabilities described in the February 2023 Android Security Bulletin, Google devices also contain patches for the security vulnerabilities described below.
Security patches​Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.
Pixel​
CVEReferencesTypeSeveritySubcomponentCVE-2023-20949A-259323133 *IDHighregulator
Qualcomm components​
CVEReferencesSeveritySubcomponentCVE-2022-25711A-235114355
QC-CR#3003049ModerateCameraCVE-2022-33225A-240985973
QC-CR#3138506ModerateBootloader
Functional patches​For details on the new bug fixes and functional patches included in this release, refer to the Pixel Community forum.
Common questions and answers​This section answers common questions that may occur after reading this bulletin.
1. How do I determine if my device is updated to address these issues?
Security patch levels of 2023-02-05 or later address all issues associated with the 2023-02-05 security patch level and all previous patch levels. To learn how to check a device's security patch level, read the instructions on the Google device update schedule.
2. What do the entries in the Type column mean?
Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
AbbreviationDefinitionRCERemote code executionEoPElevation of privilegeIDInformation disclosureDoSDenial of serviceN/AClassification not available
3. What do the entries in the References column mean?
Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
PrefixReferenceA-Android bug IDQC-Qualcomm reference numberM-MediaTek reference numberN-NVIDIA reference numberB-Broadcom reference numberU-UNISOC reference number
4. What does an * next to the Android bug ID in the References column mean?
Issues that are not publicly available have an * next to the Android bug ID in the References column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
5. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?
Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.
Versions​
VersionDateNotes1.0February 6, 2023Bulletin Published
Click to expand...
Click to collapse
January 2023:​
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
13.0.0 (TQ1A.230105.002, Jan 2023)FlashLink34d676ff4d260f02d9ada1f16f24fd7995c9b9ca832410099950d9c510db879313.0.0 (TQ1A.230105.002.A1, Jan 2023, Telstra)FlashLink6632344c9647b04bfce622b0decf3733dfb3bc5c3b2c068ea118f8631c1b39b8
Android Security Bulletin—January 2023 | Android Open Source Project
source.android.com
Android Security Bulletin—January 2023​bookmark_border
Published January 3, 2022
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-01-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version.
Android partners are notified of all issues at least a month before publication. Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. We will revise this bulletin with the AOSP links when they are available.
The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.
Refer to the Android and Google Play Protect mitigations section for details on the Android security platform protections and Google Play Protect, which improve the security of the Android platform.
Note: Information on the latest over-the-air update (OTA) and firmware images for Google devices is available in the January 2023 Pixel Update Bulletin.
Android and Google service mitigations​This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.
Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.
The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.
2023-01-01 security patch level vulnerability details​In the sections below, we provide details for each of the security vulnerabilities that apply to the 2023-01-01 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Devices with Android 10 and later may receive security updates as well as Google Play system updates.
Framework​The most severe vulnerability in this section could lead to local escalation of privilege with no additional execution privileges needed.
CVEReferencesTypeSeverityUpdated AOSP versionsCVE-2022-20456A-242703780EoPHigh10, 11, 12, 12L, 13CVE-2022-20489A-242703460EoPHigh10, 11, 12, 12L, 13CVE-2022-20490A-242703505EoPHigh10, 11, 12, 12L, 13CVE-2022-20492A-242704043EoPHigh10, 11, 12, 12L, 13CVE-2022-20493A-242846316EoPHigh10, 11, 12, 12L, 13CVE-2023-20912A-246301995EoPHigh13CVE-2023-20916A-229256049EoPHigh12, 12LCVE-2023-20918A-243794108EoPHigh10, 11, 12, 12L, 13CVE-2023-20919A-252663068EoPHigh13CVE-2023-20920A-204584366EoPHigh10, 11, 12, 12L, 13CVE-2023-20921A-243378132EoPHigh10, 11, 12, 12L, 13CVE-2022-20494A-243794204DoSHigh10, 11, 12, 12L, 13CVE-2023-20908A-239415861DoSHigh10, 11, 12, 12L, 13CVE-2023-20922A-237291548DoSHigh11, 12, 12L, 13
System​The most severe vulnerability in this section could lead to local escalation of privilege of BLE with no additional execution privileges needed.
CVEReferencesTypeSeverityUpdated AOSP versionsCVE-2022-20461A-228602963EoPHigh10, 11, 12, 12L, 13CVE-2023-20904A-246300272EoPHigh12L, 13CVE-2023-20905A-241387741EoPHigh10CVE-2023-20913A-246933785EoPHigh10, 11, 12, 12L, 13CVE-2023-20915A-246930197EoPHigh10, 11, 12, 12L, 13
Google Play system updates​The following issues are included in Project Mainline components.
SubcomponentCVEMediaProviderCVE-2023-20912
2023-01-05 security patch level vulnerability details​In the sections below, we provide details for each of the security vulnerabilities that apply to the 2023-01-05 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.
Kernel​The most severe vulnerability in this section could lead to remote code execution with no additional execution privileges needed.
CVEReferencesTypeSeveritySubcomponentCVE-2022-42719A-253642087
Upstream kernel [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]RCECriticalmac80211CVE-2022-42720A-253642015
Upstream kernel [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]RCECriticalWLANCVE-2022-42721A-253642088
Upstream kernel [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]RCECriticalMultiple ModulesCVE-2022-2959A-244395411
Upstream kernelEoPHighPipe
Kernel components​The most severe vulnerability in this section could lead to remote code execution with no additional execution privileges needed.
CVEReferencesTypeSeveritySubcomponentCVE-2022-41674A-253641805
Upstream kernel [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]RCECriticalWLANCVE-2023-20928A-254837884
Upstream kernelEoPHighBinder driver
Kernel LTS​The following kernel versions have been updated. Kernel version updates are dependent on the version of Android OS at the time of device launch.
ReferencesAndroid Launch VersionKernel Launch VersionMinimum Launch VersionA-224575820125.105.10.101
Imagination Technologies​This vulnerability affects Imagination Technologies components and further details are available directly from Imagination Technologies. The severity assessment of this issue is provided directly by Imagination Technologies.
CVEReferencesSeveritySubcomponentCVE-2022-20235A-259967780 *HighPowerVR-GPU
MediaTek components​These vulnerabilities affect MediaTek components and further details are available directly from MediaTek. The severity assessment of these issues is provided directly by MediaTek.
CVEReferencesSeveritySubcomponentCVE-2022-32635A-257714327
M-ALPS07573237 *HighgpsCVE-2022-32636A-257846591
M-ALPS07510064 *HighkeyinstallCVE-2022-32637A-257860658
M-ALPS07491374 *Highhevc decoder
Unisoc components​These vulnerabilities affect Unisoc components and further details are available directly from Unisoc. The severity assessment of these issues is provided directly by Unisoc.
CVEReferencesSeveritySubcomponentCVE-2022-44425A-258731891
U-2028856 *HighKernelCVE-2022-44426A-258728978
U-2028856 *HighKernelCVE-2022-44427A-258736883
U-1888565 *HighKernelCVE-2022-44428A-258741356
U-1888565 *HighKernelCVE-2022-44429A-258743555
U-1981296 *HighKernelCVE-2022-44430A-258749708
U-1888565 *HighKernelCVE-2022-44431A-258741360
U-1981296 *HighKernelCVE-2022-44432A-258743558
U-1981296 *HighKernelCVE-2022-44434A-258760518
U-2064988 *HighAndroidCVE-2022-44435A-258759189
U-2064988 *HighAndroidCVE-2022-44436A-258760519
U-2064988 *HighAndroidCVE-2022-44437A-258759192
U-2064988 *HighAndroidCVE-2022-44438A-258760781
U-2064988 *HighAndroid
Qualcomm components​These vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.
CVEReferencesSeveritySubcomponentCVE-2022-22088A-231156521
QC-CR#3052411CriticalBluetoothCVE-2022-33255A-250627529
QC-CR#3212699HighBluetooth
Qualcomm closed-source components​These vulnerabilities affect Qualcomm closed-source components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.
CVEReferencesSeveritySubcomponentCVE-2021-35097A-209469821 *CriticalClosed-source componentCVE-2021-35113A-209469998 *CriticalClosed-source componentCVE-2021-35134A-213239776 *CriticalClosed-source componentCVE-2022-23960A-238203772 *HighClosed-source componentCVE-2022-25725A-238101314 *HighClosed-source componentCVE-2022-25746A-238106983 *HighClosed-source componentCVE-2022-33252A-250627159 *HighClosed-source componentCVE-2022-33253A-250627591 *HighClosed-source componentCVE-2022-33266A-250627569 *HighClosed-source componentCVE-2022-33274A-250627236 *HighClosed-source componentCVE-2022-33276A-250627271 *HighClosed-source componentCVE-2022-33283A-250627602 *HighClosed-source componentCVE-2022-33284A-250627218 *HighClosed-source componentCVE-2022-33285A-250627435 *HighClosed-source componentCVE-2022-33286A-250627240 *HighClosed-source component
Common questions and answers​This section answers common questions that may occur after reading this bulletin.
1. How do I determine if my device is updated to address these issues?
To learn how to check a device's security patch level, see Check and update your Android version.
Security patch levels of 2023-01-01 or later address all issues associated with the 2023-01-01 security patch level.
Security patch levels of 2023-01-05 or later address all issues associated with the 2023-01-05 security patch level and all previous patch levels.
Device manufacturers that include these updates should set the patch string level to:
[ro.build.version.security_patch]:[2023-01-01]
[ro.build.version.security_patch]:[2023-01-05]
For some devices on Android 10 or later, the Google Play system update will have a date string that matches the 2023-01-01 security patch level. Please see this article for more details on how to install security updates.
2. Why does this bulletin have two security patch levels?
This bulletin has two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly. Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level.
Devices that use the 2023-01-01 security patch level must include all issues associated with that security patch level, as well as fixes for all issues reported in previous security bulletins.
Devices that use the security patch level of 2023-01-05 or newer must include all applicable patches in this (and previous) security bulletins.
Partners are encouraged to bundle the fixes for all issues they are addressing in a single update.
3. What do the entries in the Type column mean?
Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
AbbreviationDefinitionRCERemote code executionEoPElevation of privilegeIDInformation disclosureDoSDenial of serviceN/AClassification not available
4. What do the entries in the References column mean?
Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
PrefixReferenceA-Android bug IDQC-Qualcomm reference numberM-MediaTek reference numberN-NVIDIA reference numberB-Broadcom reference numberU-UNISOC reference number
5. What does an * next to the Android bug ID in the References column mean?
Issues that are not publicly available have an * next to the corresponding reference ID. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
6. Why are security vulnerabilities split between this bulletin and device / partner security bulletins, such as the Pixel bulletin?
Security vulnerabilities that are documented in this security bulletin are required to declare the latest security patch level on Android devices. Additional security vulnerabilities that are documented in the device / partner security bulletins are not required for declaring a security patch level. Android device and chipset manufacturers may also publish security vulnerability details specific to their products, such as Google, Huawei, LGE, Motorola, Nokia, or Samsung.
Versions​
VersionDateNotes1.0January 3, 2022Bulletin Published
Click to expand...
Click to collapse
Google Pixel Update - January 2023 - Google Pixel Community
Kush M.
Community Manager•Original Poster
Google Pixel Update - January 2023​Announcement
Hello Pixel Community,
We have provided the monthly software update for January 2023. All supported Pixel devices running Android 13 will receive these software updates starting today. The rollout will continue over the next few weeks in phases depending on carrier and device. Users will receive a notification once the OTA becomes available for their device. We encourage you to check your Android version and update to receive the latest software.
Details of this month’s security fixes can be found on the Android Security Bulletin: https://source.android.com/security/bulletin
This update also includes support for static spatial audio, which will provide surround sound for any connected headset. Another update will roll out to Pixel Buds Pro in the coming weeks that will enable spatial audio with head tracking.
Thanks,
Google Pixel Support Team
Software versions
Global
Pixel 4a: TQ1A.230105.001
Pixel 4a (5G): TQ1A.230105.001
Pixel 5: TQ1A.230105.001
Pixel 5a (5G): TQ1A.230105.001
Pixel 6: TQ1A.230105.002
Pixel 6 Pro: TQ1A.230105.002
Pixel 6a: TQ1A.230105.001.A2
Pixel 7: TQ1A.230105.001.A2
Pixel 7 Pro: TQ1A.230105.002
Canada
Pixel 4a: TQ1A.230105.001.B1
Telstra (AU)
Pixel 7: TQ1A.230105.001.A3
Pixel 7 Pro: TQ1A.230105.002.A1
What’s included
The January 2023 update includes bug fixes and improvements for Pixel users – see below for details.
Audio
Add support for Spatial Audio with certain devices and accessories *[1]
Biometrics
Additional improvements for fingerprint recognition and response in certain conditions *[2]
Bluetooth
Fix for issue occasionally preventing certain Bluetooth Low Energy devices or accessories from pairing or reconnecting
Fix for issue preventing audio from playing over certain headphones or accessories while connected in certain conditions
Camera
Fix for issue occasionally causing captured photos to appear corrupted or distorted while zoomed in *[3]
Display & Graphics
Fix for issue occasionally preventing display from waking or appearing turned off while device is powered on *[3]
User Interface
Fix for issue occasionally causing UI to display in landscape layout while device is held in portrait mode
---------------------------------------------------------------
Device Applicability
Fixes are available for all supported Pixel devices unless otherwise indicated below.
*[1] Included on Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro
*[2] Included on Pixel 6a, Pixel 7
*[3] Included on Pixel 7, Pixel 7 Pro
Details
Other
Click to expand...
Click to collapse
​December 2022:​
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
13.0.0 (TQ1A.221205.011, Dec 2022)FlashLinkb144b4262b6a349efe756a9446c9e9ce9123d839280f5e5b06ebbc661c577b6813.0.0 (TQ1A.221205.012, Dec 2022, O2 UK)FlashLink4406695deca324c94ef49b9be594362e350d45bdf2e7fad40cf147cdcfe5dc89
Google Pixel Update - December 2022 - Google Pixel Community
Kush M.
Community Manager•Original Poster
3 min. ago
Google Pixel Update - December 2022​Announcement
Hello Pixel Community,
We have provided the monthly software update for December 2022. All supported Pixel devices running Android 13 will receive these software updates starting today. The rollout will continue over the next week in phases depending on carrier and device. Users will receive a notification once the OTA becomes available for their device. We encourage you to check your Android version and update to receive the latest software.
Details of this month’s security fixes can be found on the Android Security Bulletin: https://source.android.com/security/bulletin
Thanks,
Google Pixel Support Team
Software versions
Global
Pixel 4a: TQ1A.221205.011
Pixel 4a (5G): TQ1A.221205.011
Pixel 5: TQ1A.221205.011
Pixel 5a (5G): TQ1A.221205.011
Pixel 6: TQ1A.221205.011
Pixel 6 Pro: TQ1A.221205.011
Pixel 6a: TQ1A.221205.011
Pixel 7: TQ1A.221205.011
Pixel 7 Pro: TQ1A.221205.011
Canada
Pixel 4a: TQ1A.221205.011.B1
O2 (UK)
Pixel 6a: TQ1A.221205.012
Pixel 7: TQ1A.221205.012
Pixel 7 Pro: TQ1A.221205.012
What’s included
In addition to new features, the December 2022 software update for Pixel devices includes several fixes and improvements across several areas including device performance, stability, connectivity, and more – see below for some notable improvements.
Apps
Fix for issue causing text input to certain fields in the Phone app to display in a darker color
Fix for issue occasionally causing playback errors when seeking through video content in certain apps
Fix for issue occasionally preventing text messages from restoring from cloud backups during device setup
General improvements for background performance in certain Google apps
Audio
General improvements for USB audio support for various cables or accessories *[1]
General improvements to support various audio codecs with certain devices or accessories *[4]
Battery & Charging
Battery usage in Settings displays information since last full charge (up to 7 days)
Fix for issue occasionally causing device to power off while Battery Share is active *[4]
Fix for issue occasionally causing higher battery usage during media playback with certain apps *[2]
Fix for issue occasionally preventing Adaptive charging from working in certain conditions *[2]
Fix for issue occasionally preventing wireless charging from working with certain accessories *[2]
General improvements for charging, battery usage or thermal performance in certain conditions *[1]
Biometrics
Fix for issue occasionally causing audio to skip when played over certain Bluetooth devices or accessories *[2]
Fix for issue occasionally delaying when the fingerprint icon is displayed on the lock screen *[1]
Fix for issue occasionally preventing fingerprint sensor from detecting touch while always-on display is active *[3]
Fix for issue where fingerprint enrollment may occasionally display visual glitches in certain conditions *[1]
Improvements for face unlock lock screen helper text shown in certain conditions *[2]
Bluetooth
Fix for issue causing music playback to continue without audible sound after ending a call while using certain Bluetooth accessories *[2]
Fix for issue occasionally causing audio to skip when played over certain Bluetooth devices or accessories *[2]
Fix for issue occasionally preventing audio switching between connected Bluetooth devices in certain conditions
Fix for issue occasionally preventing Bluetooth Low Energy devices from displaying a device name during pairing
Fix for issue occasionally preventing connection to car head units using older Bluetooth versions
Fix for issue occasionally preventing discovery of certain Bluetooth devices or accessories
Fix for issue occasionally preventing previously paired Bluetooth devices from reconnecting
General improvements for Bluetooth stability and performance in certain conditions
Camera
Fix for issue occasionally causing Camera app to crash while zoomed in or switching modes *[2]
Fix for issue occasionally causing viewfinder preview to display a blank screen *[2]
Fix for issue where video that is recorded while switching between camera modes occasionally shows gaps in playback *[2]
General improvements for camera stability and performance in certain conditions
Display & Graphics
Fix for issue occasionally causing screen to flicker when waking from always-on display
Fix for issue occasionally causing visual artifacts or glitches while using certain apps or games *[3]
Framework
Fix for issue occasionally causing notifications to display in a different color theme from the system
Fix for issue occasionally causing the wrong character to display after a new line in certain apps or UI elements
Fix for issue occasionally causing Work Profile app notifications to appear even if Work Profile is paused
Fix for issue occasionally preventing certain apps to rotate to landscape orientation
Fix for issue occasionally preventing keyboard from being dismissed while using certain apps
Sensors
Fix for issue occasionally preventing "tap to wake" or "lift to wake" from working in certain conditions *[1]
Fix for issue occasionally preventing Adaptive brightness from activating in certain conditions
Fix for issue occasionally preventing Quick Tap from triggering app or system shortcuts in certain conditions
Fix to improve Adaptive brightness transitions during phone calls in certain conditions *[1]
General improvements for proximity sensor performance under certain lighting conditions *[1]
System
General improvements for system stability and performance in certain conditions
General improvements to optimize device thermal performance in certain conditions or use cases *[1]
Telephony
Fix for issue causing reduced network or call stability under certain conditions *[2]
Fix for issue occasionally preventing network SIM cards from activating in certain conditions *[3]
General improvements for network connection stability and performance in certain conditions
General improvements for network connectivity after toggling airplane mode off
General improvements for switching between 3G to 4G on certain carrier networks
General improvements for VPN connection stability and performance on mobile networks under certain conditions
General improvements for Wi-Fi calling stability and performance for certain carriers or networks
Improve dual SIM network connectivity in certain conditions *[3]
Improve RCS messaging stability under certain conditions *[2]
Touch
General improvements for touch response and performance in certain conditions *[1]
User Interface
Change for home screen search bar behavior to open the Google app when tapping the G logo
Fix for issue occasionally causing "Pause work apps" button display over app drawer or in the wrong position
Fix for issue occasionally causing certain Settings toggles to appear disabled, or set to the wrong state
Fix for issue occasionally causing device color theme to change unexpectedly
Fix for issue occasionally causing home screen app icons to appear duplicated after adjusting grid size
Fix for issue occasionally causing home screen widgets or icons to appear small or scaled down in certain conditions
Fix for issue occasionally causing media player controls to appear invisible or hidden in notification shade
Fix for issue occasionally causing notification overflow dot to overlay app icons on lock screen
Fix for issue occasionally causing notifications to disappear or appear invisible in notification shade
Fix for issue occasionally causing screenshot captures to fail in certain conditions
Fix for issue occasionally causing suggested apps in Search to overlap or display over results
Fix for issue occasionally causing text to appear incorrectly cutoff or truncated at different font sizes
Fix for issue occasionally causing UI to reset after adjusting display resolution
Fix for issue occasionally causing wallpaper to appear black or empty in certain conditions
Fix for issue occasionally enabling touch interaction during the lock screen transition after screen is turned off
Fix for issue occasionally preventing media player album art from updating when content changes
Fix for issue occasionally preventing media player controls from displaying on lock screen
Fix for issue occasionally preventing screen to appear blank or frozen after launching certain apps
Fix for issue where incoming notifications would occasionally display over others listed in the notification shade
Fix to improve responsiveness of At A Glance home and lock screen widget for certain conditions or use cases
Fix to improve spacing for certain UI modals in device setup and Settings
General improvements for performance in certain UI transitions and animationas
Wi-Fi
Fix for issue occasionally preventing hotspot from turning on in certain conditions *[1]
General improvements for Wi-Fi network connection stability & performance in certain conditions *[1]
---------------------------------------------------------------
Device Applicability
Fixes are available for all supported Pixel devices unless otherwise indicated below.
*[1] Included on Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro
*[2] Included on Pixel 7, Pixel 7 Pro
*[3] Included on Pixel 6, Pixel 6 Pro, Pixel 6a
*[4] Included on Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro
Details
Other
Click to expand...
Click to collapse
Click to expand...
Click to collapse
New software features have arrived to the Pixel family - Google Pixel Community
Kush M.
Community Manager•Original Poster
New software features have arrived to the Pixel family​Announcement
Your Pixel devices get a boost of helpfulness with Feature Drops *[1]. They’re automatic software updates that send new and upgraded features to your phone, earbuds, and watch, making them even better as time goes on. With the latest feature drop, your Pixel phone now has clearer incoming calls *[2], next-level audio with Pixel Buds Pro *[3], speaker labels on recordings *[4], a VPN by Google One for online protection *[5], and more. And it all happens over the air, so you get that new-device feeling without needing to get anything new.
The latest features will begin rolling out to Pixel devices starting on December 5, with rollout continuing over the next few weeks. Be sure to update to the latest Android version and update your Android apps, then look out for a notification from the Pixel Tips app to learn more about all of the ways your Pixel just got more helpful.
Hear voices clearly.
Pixel enhances the other caller’s voice and reduces their background noise to help you hear them when they’re in a noisy place *[2].
Surround yourself with sound (coming January 2023).
Feel like you’re at the center of the action in your favorite movies and shows. When paired with Pixel Buds Pro, your Pixel supports spatial audio with head tracking for immersive surround sound all around *[3].
Note taking just got easier.
Pixel helps you keep track of who said what in meetings and lectures with more than one participant. It transcribes recordings of multiple speakers by labeling each one and adding line breaks when speakers change *[4].
Extra protection when you’re online.
With VPN by Google One, Pixel 7 and Pixel 7 Pro help protect your online activity no matter what app or web browser you use. With no added cost to you *[5].
Wallpaper that wows.
Bring your Pixel screen to life with the new Live Bloom wallpaper collection. Explore the latest set of custom designs featuring vibrant images that shift and sway when your phone moves *[6].
New cultural wallpapers.
Keep your Pixel screens culturally relevant with the latest Curated Culture wallpapers. This new installment, illustrated by Morgan Harper Nichols, celebrates the International Day of Persons with Disabilities. Morgan is an artist, poet, podcaster, and author whose work is inspired by real-life interactions and stories.
Find it. Fast.
Bring the power of Google Search to your Pixel to search your entire phone and the web, so you can quickly find what you’re looking for – a contact, app, screenshot, setting, and more. Now available for Pixel 4a and later.
Security and privacy, simplified.
Now Pixel makes it easier to protect your phone, accounts, and passwords by having all your security and privacy settings in one place. This includes new action cards that notify you of any safety risks and provide easy steps to enhance your privacy and security.
More ways to lift language barriers.
Live Translate can now translate texts in your messaging apps into more languages, including Arabic, Persian, Swedish, Vietnamese, and Danish *[7].
Understand how you sleep.
Pixel can help you understand what affects your sleep, like coughing, snoring, or how much you’re on your phone at bedtime *[8], now available for Pixel 6 & Pixel 6 Pro.
Get smarter about your sleep.
Gain a better understanding of your sleep quality with helpful insights from Sleep Profile on Pixel Watch *[9]. It looks beyond your nightly sleep patterns and tracks your habits and trends over a month-long period. You’ll get a sleep analysis based on 10 key metrics, be matched with one of six sleep animals representing distinct sleeper types, and receive education and personalized metric ranges so you can understand what to focus on to get better rest.
Summary of availability per device
† Only available in English (US).
----------------------------------------------------------------
Disclaimers
*[1] Your Pixel will generally receive Feature Drops during the applicable Android update and support periods for the phone. See g.co/pixel/updates for details. Availability of some Feature Drops may vary.
*[2] Available only on Pixel 7 and Pixel 7 Pro. Not available on VOIP calls. Call quality of incoming call depends on the environment, carrier network conditions, and other factors. Actual results may vary.
*[3] Coming in January 2023. Available only on Pixel 6, Pixel 6 Pro, Pixel 7 and Pixel 7 Pro. Requires compatible app and supported content. See g.co/pixelbudspro/help for details. Pixel Buds Pro sold separately.
*[4] Available only on Pixel 6 or newer Pixel phones. Not available in all languages.
*[5] Available only on Pixel 7 and Pixel 7 Pro. Restrictions apply. Some data is not transmitted through VPN. Not available in all countries. All other Google One membership benefits sold separately. This VPN offer does not impact price or benefits of Google One Premium plan. Use of VPN may increase data costs depending on your plan. See g.co/pixel/vpn for details.
*[6] Available only on Pixel 6 or newer Pixel phones.
*[7] Available only on Pixel 6 or newer Pixel phones. Not available in all languages or countries. Not available on all media or apps. See g.co/pixel/livetranslate for more information.
*[8] Not intended to diagnose, cure, mitigate, prevent or treat any disease or condition. Consult your healthcare professional if you have questions about your health. See g.co/pixel/digitalwellbeing for details.
*[9] Requires Fitbit account and mobile app, and Fitbit Premium membership. Not intended for medical purposes. Consult your healthcare professional for questions about your health. Feature not available in all countries or languages.
Details
Other
Click to expand...
Click to collapse
Click to expand...
Click to collapse
Pixel Update Bulletin—December2022 | Android Open Source Project
source.android.com
Pixel Update Bulletin—December2022​bookmark_border
Published December 5, 2022
The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2022-12-05 or later address all issues in this bulletin and all issues in the December 2022 Android Security Bulletin. To learn how to check a device's security patch level, see Check and update your Android version.
All supported Google devices will receive an update to the 2022-12-05 patch level. We encourage all customers to accept these updates to their devices.
Note: The Google device firmware images are available on the Google Developer site.
Announcements​
In addition to the security vulnerabilities described in the December 2022 Android Security Bulletin, Google devices also contain patches for the security vulnerabilities described below.
Security patches​Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.
Framework​
CVEReferencesTypeSeverityUpdated AOSP versionsCVE-2022-20504A-225878553EoPModerate13CVE-2022-20512A-238602879EoPModerate13CVE-2022-20514A-245727875EoPModerate13CVE-2022-20524A-228523213EoPModerate13CVE-2022-20553A-244155265EoPModerate13CVE-2022-20554A-245770596EoPModerate13CVE-2022-20510A-235822336IDModerate13CVE-2022-20511A-235821829IDModerate13CVE-2022-20513A-244569759IDModerate13CVE-2022-20523A-228222508IDModerate13CVE-2022-20530A-231585645IDModerate13CVE-2022-20538A-235601770IDModerate13CVE-2022-20559A-219739967IDModerate13CVE-2022-20543A-238178261DoSModerate13CVE-2022-20526A-229742774EoPLow13
Media Framework​
CVEReferencesTypeSeverityUpdated AOSP versionsCVE-2022-20548A-240919398EoPModerate13CVE-2022-20528A-230172711IDModerate13
System​
CVEReferencesTypeSeverityUpdated AOSP versionsCVE-2021-39771A-224545390EoPModerate13CVE-2022-20503A-224772890EoPModerate13CVE-2022-20505A-225981754EoPModerate13CVE-2022-20506A-226133034EoPModerate13CVE-2022-20507A-246649179EoPModerate13CVE-2022-20508A-218679614EoPModerate13CVE-2022-20509A-244713317EoPModerate13CVE-2022-20519A-224772678EoPModerate13CVE-2022-20520A-227203202EoPModerate13CVE-2022-20522A-227470877EoPModerate13CVE-2022-20525A-229742768EoPModerate13CVE-2022-20529A-231583603EoPModerate13CVE-2022-20533A-232798363EoPModerate13CVE-2022-20536A-235100180EoPModerate13CVE-2022-20537A-235601169EoPModerate13CVE-2022-20539A-237291425EoPModerate13CVE-2022-20540A-237291506EoPModerate13CVE-2022-20544A-238745070EoPModerate13CVE-2022-20546A-240266798EoPModerate13CVE-2022-20547A-240301753EoPModerate13CVE-2022-20549A-242702451EoPModerate13CVE-2022-20550A-242845514EoPModerate13CVE-2022-20556A-246301667EoPModerate13CVE-2022-20557A-247092734EoPModerate13CVE-2022-20558A-236264289EoPModerate13CVE-2022-42542A-231445184EoPModerate13CVE-2022-20199A-199291025IDModerate13CVE-2022-20515A-220733496IDModerate13CVE-2022-20516A-224002331IDModerate13CVE-2022-20517A-224769956IDModerate13CVE-2022-20518A-224770203IDModerate13CVE-2022-20527A-229994861IDModerate13CVE-2022-20531A-231988638IDModerate13CVE-2022-20535A-233605242IDModerate13CVE-2022-20541A-238083126IDModerate13CVE-2022-20552A-243922806IDModerate13CVE-2022-20555A-246194233IDModerate13CVE-2022-42535A-224770183IDModerate13CVE-2022-20521A-227203684DoSModerate13CVE-2022-20545A-239368697DoSModerate13
Kernel components​In addition to the platform fixes described above, Pixel also ingested the upstream kernel security fixes associated with snapping to LTS version 5.10.107.
More information is available at the Android Common Kernels page.
CVEReferencesTypeSeveritySubcomponentCVE-2022-0500A-228560539
Upstream kernelEoPModerateKernelCVE-2022-1116A-234020136
Upstream kernelEoPModerateKernelCVE-2022-1419A-235540888
Upstream kernelEoPModerateKernelCVE-2022-20565A-160818461
Upstream kernelEoPModerateKernelCVE-2022-20566A-165329981
Upstream kernel [2]EoPModerateBluetooth L2CAPCVE-2022-20567A-186777253
Upstream kernelEoPModerateKernelCVE-2022-20568A-220738351
Upstream kernelEoPModerateio_uringCVE-2022-20571A-234030265
Upstream kernelEoPModeratedm-verityCVE-2022-20572A-234475629
Upstream kernel [2]EoPModeratedm-verityCVE-2022-28390A-228694391
Upstream kernelEoPModerateKernelCVE-2022-30594A-233438137
Upstream kernel [2] [3]EoPModerateKernelCVE-2022-34494A-238479990
Upstream kernelEoPModerateKernelCVE-2022-34495A-238480163
Upstream kernelEoPModerateKernelCVE-2022-20573A-235183128
Upstream kernel [2]IDModerateKernel
Pixel​
CVEReferencesTypeSeveritySubcomponentCVE-2022-20582A-233645166 *EoPCriticalLDFWCVE-2022-20583A-234859169 *EoPCriticalLDFWCVE-2022-20584A-238366009 *EoPCriticalTF-ACVE-2022-20585A-238716781 *EoPCriticalLDFWCVE-2022-20586A-238718854 *EoPCriticalLDFWCVE-2022-20587A-238720411 *EoPCriticalLDFWCVE-2022-20588A-238785915 *EoPCriticalLDFWCVE-2022-20597A-243480506 *EoPCriticalLDFWCVE-2022-20598A-242357514 *EoPCriticalLDFWCVE-2022-20599A-242332706 *EoPCriticalPixel firmwareCVE-2022-42534A-237838301 *EoPCriticalTF-ACVE-2022-20498A-249998113 *IDCriticallibfdtCVE-2022-20589A-238841928 *IDCriticalLDFWCVE-2022-20590A-238932493 *IDCriticalLDFWCVE-2022-20591A-238939706 *IDCriticalLDFWCVE-2022-20592A-238976908 *IDCriticalLDFWCVE-2022-20603A-219265339 *RCEHighModemCVE-2022-20607A-238914868 *RCEHighCellular FirmwareCVE-2022-20610A-240462530 *RCEHighPixel cellular modemCVE-2022-20561A-222162870 *EoPHighAudioCVE-2022-20564A-243798789 *EoPHighlibufdtCVE-2022-42531A-231500967 *EoPHighTF-ACVE-2022-20562A-231630423 *IDHighAudio processorCVE-2022-20574A-237582191 *IDHighLDFWCVE-2022-20575A-237585040 *IDHighLDFWCVE-2022-20602A-211081867 *IDHighModemCVE-2022-20604A-230463606 *IDHighExynos FirmwareCVE-2022-20608A-239239246 *IDHighCellular firmwareCVE-2022-42529A-235292841 *IDHighKernelCVE-2022-42530A-242331893 *IDHighPixel firmwareCVE-2022-42532A-242332610 *IDHighPixel firmwareCVE-2022-20563A-242067561 *EoPModerateBootloaderCVE-2022-20569A-229258234 *EoPModeratePixel Thermal Control DriverCVE-2022-20576A-239701761 *EoPModerateTelephonyCVE-2022-20577A-241762281 *EoPModeratesitrilCVE-2022-20578A-243509749 *EoPModeraterild_exynosCVE-2022-20579A-243510139 *EoPModeraterild_exynosCVE-2022-20580A-243629453 *EoPModeratelibufdtCVE-2022-20581A-245916120 *EoPModeratePixel camera driverCVE-2022-20594A-239567689 *EoPModerateWireless ChargerCVE-2022-20596A-239700400 *EoPModerateWireless ChargerCVE-2022-20600A-239847859 *EoPModerateLWISCVE-2022-42501A-241231403 *EoPModeraterild_exynosCVE-2022-42502A-241231970 *EoPModeraterild_exynosCVE-2022-42503A-241231983 *EoPModeraterild_exynosCVE-2022-42504A-241232209 *EoPModeraterild_exynosCVE-2022-42505A-241232492 *EoPModeraterild_exynosCVE-2022-42506A-241388399 *EoPModeraterild_exynosCVE-2022-42507A-241388774 *EoPModeraterild_exynosCVE-2022-42508A-241388966 *EoPModeraterild_exynosCVE-2022-42509A-241544307 *EoPModeraterild_exynosCVE-2022-42510A-241762656 *EoPModeraterild_exynosCVE-2022-42511A-241762712 *EoPModeraterild_exynosCVE-2022-42513A-241763204 *EoPModeraterild_exynosCVE-2022-42518A-242536278 *EoPModeraterild_exynosCVE-2022-42519A-242540694 *EoPModeraterild_exynosCVE-2022-42520A-242994270 *EoPModeraterild_exynosCVE-2022-42521A-243130019 *EoPModeraterild_exynosCVE-2022-42523A-243376893 *EoPModeraterild_exynosCVE-2022-42525A-243509750 *EoPModeraterild_exynosCVE-2022-42526A-243509880 *EoPModeraterild_exynosCVE-2022-20560A-212623833 *IDModerateKernelCVE-2022-20570A-230660904 *IDModerateModemCVE-2022-20593A-239415809 *IDModerategrallocCVE-2022-20595A-239700137 *IDModerateWireless ChargerCVE-2022-20601A-204541506 *IDModerateModemCVE-2022-20605A-231722405 *IDModerateModemCVE-2022-20606A-233230674 *IDModerateModemCVE-2022-20609A-239240808 *IDModerateCellular firmwareCVE-2022-42512A-241763050 *IDModeraterild_exynosCVE-2022-42514A-241763298 *IDModeraterild_exynosCVE-2022-42515A-241763503 *IDModeraterild_exynosCVE-2022-42516A-241763577 *IDModeraterild_exynosCVE-2022-42517A-241763682 *IDModeraterild_exynosCVE-2022-42522A-243130038 *IDModeraterild_exynosCVE-2022-42524A-243401445 *IDModerateModemCVE-2022-42527A-244448906 *DoSModerateModem
Qualcomm components​
CVEReferencesSeveritySubcomponentCVE-2022-25677A-235114749
QC-CR#3122626
QC-CR#3103567ModerateBootloader
Qualcomm closed-source components​
CVEReferencesSeveritySubcomponentCVE-2021-30348A-202032128 *ModerateClosed-source componentCVE-2022-25675A-208302286 *ModerateClosed-source component
Functional patches​For details on the new bug fixes and functional patches included in this release, refer to the Pixel Community forum.
Common questions and answers​This section answers common questions that may occur after reading this bulletin.
1. How do I determine if my device is updated to address these issues?
Security patch levels of 2022-12-05 or later address all issues associated with the 2022-12-05 security patch level and all previous patch levels. To learn how to check a device's security patch level, read the instructions on the Google device update schedule.
2. What do the entries in the Type column mean?
Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
AbbreviationDefinitionRCERemote code executionEoPElevation of privilegeIDInformation disclosureDoSDenial of serviceN/AClassification not available
3. What do the entries in the References column mean?
Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
PrefixReferenceA-Android bug IDQC-Qualcomm reference numberM-MediaTek reference numberN-NVIDIA reference numberB-Broadcom reference numberU-UNISOC reference number
4. What does an * next to the Android bug ID in the References column mean?
Issues that are not publicly available have an * next to the Android bug ID in the References column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
5. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?
Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.
Versions​
VersionDateNotes1.0December 5, 2022Bulletin Published
Click to expand...
Click to collapse
Click to expand...
Click to collapse
November 2022:​Monday & Tuesday, November 7 & 8, 2022: Pixel 7 Pro Factory Images available:
Factory Images for Nexus and Pixel Devices | Google Play services | Google for Developers
developers.google.com
13.0.0 (TD1A.221105.001, Nov 2022)FlashLinkf2793a62a48bc840b892e74dd515739b657d2727c25edd074064e3ab019e73bf13.0.0 (TD1A.221105.003, Nov 2022, Verizon, Verizon MVNOs)FlashLink021be73c7c602de0fdefcd3a4c43d0d745188b7847880a0d4a2ccb6aa64c47a6
Tuesday, November 8, 2022: But I lump it in after the standard day's two images above.
13.0.0 (TD1A.221105.001.A1, Nov 2022, Telia)FlashLink8c02369293402dc629728e0966d2ccc1976f513ed783ea2f64dcd1e55e221b3e
Thanks @Namelesswonder!
Namelesswonder said:
Much newer radio and modem on TD1A.221105.001.A1, even newer than QPR1 Beta 3.1.
Firmware Image​Radio Version​TD1A.221105.001​radio-cheetah-g5300g-220908-220908-b-9040061​TD1A.221105.001.A1​radio-cheetah-g5300g-220908-221031-b-9238462​TD1A.221105.003​radio-cheetah-g5300g-220908-221006-b-9144834​T1B3.221003.003​radio-cheetah-g5300g-220923-221001-b-9127780​T1B3.221003.008​radio-cheetah-g5300g-220923-221028-b-9229469​
Click to expand...
Click to collapse
Click to expand...
Click to collapse
October 2022:​
Monday, October 24, 2022: Two more custom kernels are released for the Pixel 7 Pro:
[KERNEL] CleanSlate T1.4.0 |S2S|AdBlock|VIB|BatterySvr - Thanks @tbalden!
[Kernel][24.10.2022][Android 13.0.0 Stable]Kirisakura for Pixel 7/Pro aka "Pantah" - thanks @Freak07!
Click to expand...
Click to collapse
Sunday, October 23, 2022: Thanks to @xike456 for additional hardware model number information, which you can find in Post #6 - Regarding P7P 5G model numbers and capabilities, and how to determine your hardware version.
Click to expand...
Click to collapse
Saturday, October 15, 2022: New Universal SafetyNet Fix released by @Displax, which is a later minor revision of the test MOD version previously posted in this thread, and of the original MOD 2.0 which apparently had some typos - the latter which didn't work due to the typos but is now fixed if you download the latest one. You can get it either from XDA or on GitHub.
Click to expand...
Click to collapse
Monday, October 14, 2022: A custom kernel is released for the Pixel 7 Pro:
[KERNEL]Despair Kernel - Thanks @DespairFactor!
Click to expand...
Click to collapse
Thursday, October 13, 2022: Pixel 7 Pro Factory Image is up! TD1A.220804.031 is confirmed to be the zero-day update, so is the most recent. Thanks to @bosox284 for confirming.
VersionFlashDownloadSHA-256 Checksum13.0.0 (TD1A.220804.009.A2, Oct 2022)FlashLink8e7393e1bd7f86d76d75cdea988d5e4ebfded3a50fac26d774b9eb07152c1ed513.0.0 (TD1A.220804.009.A5, Oct 2022, JP carriers)FlashLinkc68659bdd1d2b0b9a1740daa1502acbbf1b535be5b7e5bada157c82ef5fbf5c513.0.0 (TD1A.220804.031, Oct 2022)FlashLink6152f6f3d8437be0ef840ed7056f15d0f52ba181a1d029ff84bd9d83c860d49f
Click to expand...
Click to collapse
@roirraW "edor" ehT
You upgraded to the Pixel 7 Pro ?
When will the factory images for the 7 Pro most likely be posted?
Way to go @roirraW "edor" ehT!!
Let's get this party started!!!
Gordietm said:
When will the factory images for the 7 Pro most likely be posted?
Click to expand...
Click to collapse
Editing this post. The Pixel 6 factory images were posted on the same day the phone was released (not when pre-orders started). So maybe Oct. 13? or around there.
Glad to see you in the Pixel 7 pro forums! @roirraW "edor" ehT
Lughnasadh said:
I believe the factory images for the Pixel 6 series were first posted 9 days after the phones were released.
Click to expand...
Click to collapse
9 days after pre orders were announced or when you could buy them?
rester555 said:
9 days after pre orders were announced or when you could buy them?
Click to expand...
Click to collapse
EDIT: I was wrong. The Pixel 6 was released on Oct. 28, 2021 and the factory images were released the same day. Pre-orders for the Pixel 6 began on Oct. 19, if I remember correctly.
Sib64 said:
@roirraW "edor" ehT
You upgraded to the Pixel 7 Pro ?
Click to expand...
Click to collapse
Yes, sir! The USB 3.2 Gen 2 pushed me over the edge, believe it or not. I like to copy hundreds of gigs of FLAC music to my devices all the time.
Ghisy said:
Way to go @roirraW "edor" ehT!!
Let's get this party started!!!
Click to expand...
Click to collapse
rester555 said:
Glad to see you in the Pixel 7 pro forums! @roirraW "edor" ehT
Click to expand...
Click to collapse
Thanks! Would you believe I only one other time upgraded to a next up higher model of any phone - the last time being from the Sprint Samsung Galaxy S2/Epic 4G to the Verizon S3, and both phones had already been out for long enough to be a great deal under contract back then.
Lughnasadh said:
EDIT: I was wrong. The Pixel 6 was released on Oct. 28, 2021 and the factory images were released the same day. Pre-orders for the Pixel 6 began on Oct. 19, if I remember correctly.
Click to expand...
Click to collapse
That is exactly correct from my memory, too.
roirraW edor ehT said:
Yes, sir! The USB 3.2 Gen 2 pushed me over the edge, believe it or not. I like to copy hundreds of gigs of FLAC music to my devices all the time.
Thanks! Would you believe I only one other time upgraded to a next up higher model of any phone - the last time being from the Sprint Samsung Galaxy S2/Epic 4G to the Verizon S3, and both phones had already been out for long enough to be a great deal under contract back then.
That is exactly correct from my memory, too.
Click to expand...
Click to collapse
I/O controllers are so necessary and not many people talk about that with phones. I hate how slow transfer speeds are with subpar hardware.
My next move in house is to convert everything to wifi 7. 6E is not a big enough jump from wifi 5. Also wired 10 gbE everywhere or higher.
I have a NAS video server for the house and there is nothing out there to do better than 2.5 gbE. I am waiting for better hardware to make my house 10 gbE.
rester555 said:
I/O controllers are so necessary and not many people talk about that with phones. I hate how slow transfer speeds are with subpar hardware.
Click to expand...
Click to collapse
Absolutely! Especially these phones without MicroSD card slots, it just makes it worse - not that MicroSD cards are the complete solution, either. Especially if you don't want to take your phone case off, take out the card, put it back in later...
rester555 said:
My next move in house is to convert everything to wifi 7. 6E is not a big enough jump from wifi 5. Also wired 10 gbE everywhere or higher.
Click to expand...
Click to collapse
I went 6E in the last couple of weeks only because all Synology routers including their newest don't work directly with Frontier Fiber's gigabit ONT - they've got a serious bug and I worked with Synology for a month without any progress. I became completely burned out on continuously experimenting with my networking. To Synology's credit, they bent over backward and then even connected me directly with their developers, but I just couldn't take it anymore.
At some point, I felt I should start getting paid to help them debug their product, and at another point, I just have to continue on with life and just use my network without plugging / unplugging / factory resetting, you name it, every day.
I went with two high-end gaming Asus routers (I don't game, though) and they have been the easiest to set up and have no issues at all.
[/mini-rant]
rester555 said:
I have a NAS video server for the house and there is nothing out there to do better than 2.5 gbE. I am waiting for better hardware to make my house 10 gbE.
Click to expand...
Click to collapse
The Asus GT-AXE16000 - which I got a great deal on but it's still super expensive, has 2x10Gb, 1x2.5Gb, and 4x1Gb ports, and you can use any one or two of them as WAN, and it automatically makes the remaining LAN. Great flexibility. My second (mesh) router is their GT-AXE11000 - which I don't even remember if it has 10Gb, but probably does have one, and it definitely has 1x2.5Gb. I used each router's 2.5Gb for the mesh connection, although you can do so with Wi-Fi too if you wish. We have a small house but the opposite side of the house from my computer room can stand to have a little help for the best internet speeds, although the GT-AXE16000 by itself did quite well and much better than Synology's models.
I'd love to see places that can SIM unlock the AT&T version so I can unlock the bootloader. Stuck doing the carrier version - hard to pass up $3 a month with a trade.
roirraW edor ehT said:
Absolutely! Especially these phones without MicroSD card slots, it just makes it worse - not that MicroSD cards are the complete solution, either. Especially if you don't want to take your phone case off, take out the card, put it back in later...
I went 6E in the last couple of weeks only because all Synology routers including their newest don't work directly with Frontier Fiber's gigabit ONT - they've got a serious bug and I worked with Synology for a month without any progress. I became completely burned out on continuously experimenting with my networking. To Synology's credit, they bent over backward and then even connected me directly with their developers, but I just couldn't take it anymore.
At some point, I felt I should start getting paid to help them debug their product, and at another point, I just have to continue on with life and just use my network without plugging / unplugging / factory resetting, you name it, every day.
I went with two high-end gaming Asus routers (I don't game, though) and they have been the easiest to set up and have no issues at all.
[/mini-rant]
The Asus GT-AXE16000 - which I got a great deal on but it's still super expensive, has 2x10Gb, 1x2.5Gb, and 4x1Gb ports, and you can use any one or two of them as WAN, and it automatically makes the remaining LAN. Great flexibility. My second (mesh) router is their GT-AXE11000 - which I don't even remember if it has 10Gb, but probably does have one, but it definitely has 1x2.5Gb, and I used each router's 2.5Gb for the mesh connection, although you can do so with Wi-Fi too if you wish. We have a small house but the opposite side of the house from my computer room can stand to have a little help for the best internet speeds, although the GT-AXE16000 by itself did quite well and much better than Synology's models.
Click to expand...
Click to collapse
Understood on the gt-axe16000, it's great, but Wifi 7 combines all channels 2.4 GHz, 5 GHz, and 6 GHz into a 320 MHz bandpass channel. With 6E, you can only get half that. It's almost there but I can wait another 2 years. Then my desktop, phones, and routers will all be converted.

Categories

Resources