Related
Hi,
i had root my O+7 pro and didn't seen the warning that it's wip datas ...
is there any way to recover theme?
Thanks a lot in advance
You can try disk recovery from the play store and give it root permissions, but I can't say if it will recover anything. But to be fair, there were warnings given when unlocking the bootloader, etc about the wiping of data. So possibly a hard lesson learned
Always backup... Backup... Backup... Even if just doing an update. Since you are rooted now I would get titanium backup and do a backup before any update or flashing that u r not comfortable with and back up to Google drive or push to an OTG also back up ur sdcard files by manually moving to an OTG or use twrp to backup data to an OTG... Preferably before u set a pass code or pin securities. Hope u can recover bud.
i'll try the first solution.
in all the case i'll use a good backup solution after that. and i know, i usualy alaways backup but idn, this way my brain had decided it was useless *facepalml*
hallo dare said:
You can try disk recovery from the play store and give it root permissions, but I can't say if it will recover anything. But to be fair, there were warnings given when unlocking the bootloader, etc about the wiping of data. So possibly a hard lesson learned
Click to expand...
Click to collapse
can't find the app, sorry but do you have the link of the app you have in mind?
thanks a lot for your help in all the cases :good: :highfive:
Zeirman said:
can't find the app, sorry but do you have the link of the app you have in mind?
thanks a lot for your help in all the cases :good: :highfive:
Click to expand...
Click to collapse
https://play.google.com/store/apps/details?id=com.defianttech.diskdigger
hallo dare said:
https://play.google.com/store/apps/details?id=com.defianttech.diskdigger
Click to expand...
Click to collapse
Already tried DiskDigger pro (root allowed), and only finded some icone in JPG and PNG, a blank TIF, 16 .zip, and thousands of SQLITE files (don't know what it is)... i had guess it hadn't work
Any other idea? (and thanks a lot again for your help!)
Zeirman said:
Already tried DiskDigger pro (root allowed), and only finded some icone in JPG and PNG, a blank TIF, 16 .zip, and thousands of SQLITE files (don't know what it is)... i had guess it hadn't work
Any other idea? (and thanks a lot again for your help!)
Click to expand...
Click to collapse
Think you're out of luck.
hallo dare said:
Think you're out of luck.
Click to expand...
Click to collapse
No other idea? even through adb or a soft, even not free solution? :/
i don't understand why nothing work
i had almost writte no data since i had root, and my phone has 256Go
even by writte a little with the root process and install 3 app, i couldn't writte 256Go so... why nothing work? why realy no data is found? that's not strange? :/
Maybe you can dumb and pull your userdata partition to an .img file via adb to your pc and then use softwares like recuva to recover data on windows, i don't guaranty it will work , but it's Worth the shot, i tried it one time when i had the OPO (i changed to f2fs partition without backing up and lost everything) annnnnnnndddddd...... no i found nothing lol, but maybe you can find since it's a different type of format i guess" but worth a try
Chinaroad said:
Maybe you can dumb and pull your userdata partition to an .img file via adb to your pc and then use softwares like recuva to recover data on windows, i don't guaranty it will work , but it's Worth the shot, i tried it one time when i had the OPO (i changed to f2fs partition without backing up and lost everything) annnnnnnndddddd...... no i found nothing lol, but maybe you can find since it's a different type of format i guess" but worth a try
Click to expand...
Click to collapse
i had try this tutorial: https://howtorecover.me/data-recovery-internal-storage-android-phone-guide
but the list_of_partitions.txt file is blank, no matter if i do it from the phone or computer
Zeirman said:
i don't understand why nothing work
i had almost writte no data since i had root, and my phone has 256Go
even by writte a little with the root process and install 3 app, i couldn't writte 256Go so... why nothing work? why realy no data is found? that's not strange? :/
Click to expand...
Click to collapse
There is no data found because it is encrypted.
All phones that ship with Android 6 or higher have user data encrypted by default from first boot, without the user enabling encryption.
This is intentionally designed to protect against data recovery by an attacker.
Even if you don't use a PIN or password, Android creates a random encryption key to secure the data. When the phone is wiped the keys are deleted making it difficult to recover data without said keys.
KemikalElite said:
There is no data found because it is encrypted.
All phones that ship with Android 6 or higher have user data encrypted by default from first boot, without the user enabling encryption.
This is intentionally designed to protect against data recovery by an attacker.
Even if you don't use a PIN or password, Android creates a random encryption key to secure the data. When the phone is wiped the keys are deleted making it difficult to recover data without said keys.
Click to expand...
Click to collapse
I understand better now!
that's a good news that people can't recover datas from a second hand phone
but... does it mean it's impossible for me? 0% chances? or is there a maybe complicated but possible way?
Zeirman said:
I understand better now!
that's a good news that people can't recover datas from a second hand phone
but... does it mean it's impossible for me? 0% chances? or is there a maybe complicated but possible way?
Click to expand...
Click to collapse
Not possible. The encryption keys are protected by what is called hardware-backed encryption. The Snapdragon chip binds the keys to a specific device so the data can't just be copied to a computer and recovered. It would take a major security flaw (that hasn't already been patched) to get through this system.
It is designed to be very secure. It is also used to protect fingerprint data and Netflix DRM.
KemikalElite said:
Not possible. The encryption keys are protected by what is called hardware-backed encryption. The Snapdragon chip binds the keys to a specific device so the data can't just be copied to a computer and recovered. It would take a major security flaw (that hasn't already been patched) to get through this system.
It is designed to be very secure. It is also used to protect fingerprint data and Netflix DRM.
Click to expand...
Click to collapse
You don't give me good news but at least i know why i can't recover theme
Thanks a lot for your help!
My bootloader-unlocked Google Pixel runs Android Pie and it uses file-based encryption. Both system partitions are unmodified.
In an effort to get TWRP to successfully decrypt my Pixel's encrypted data, I performed a combination of:
Renaming these files (i.e., appending .bak to their names):
Code:
/data/system/gatekeeper.password.key
/data/system/gatekeeper.pattern.key
/data/system/locksettings.db
/data/system/locksettings.db-shm
/data/system/locksettings.db-wal
Copying the files back to their original names.
Setting and removing a lock pattern/password/PIN.
Now, my Pixel does not move past the "Pixel is starting" page. I can access Settings, but I have no access to my applications and files. How do I fix this so that I can get it to move past "Pixel is starting"?
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Hang on. Did you skim my post? I'm trying to get it to decrypt or, if the decryption is not the problem, just get past "Pixel is starting" and get to my things on it. Wiping it won't fix that!
Fingerprints are not used to decrypt the device.
Bump.
Anyone else? What could be the cause of this? Would it give an error message if it couldn't find the right files?
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Are you there?
TENN3R said:
I once ran into this issue, it has something to do with fingerprint and encryption, somehow it unlocks but it won't decrypt.
The only solution I've found is to wipe the device. Since you can power on the device, I suggest you to backup what you can with adb or from twrp, and do an advanced wipe, with even "format data" enabled (warning: you lose also /sdcard files), then reflash the stock factory image from fastboot.
This should remove the corrupted lock files and set it up like new.
Click to expand...
Click to collapse
Were you able to recover your data?
Bump.
Unfortunately not. I just wiped the device, maybe there is some way but I really don't know. Wiped and setup again
Bump.
Bump.
Someone please help.
Master Melab said:
Someone please help.
Click to expand...
Click to collapse
Wipe your phone maybe.
what is wrong with you all you needed to do to decrypt in twrp is disable your lock screen security, none of this other bull**** lmao.
Please help.
SnowFuhrer said:
Wipe your phone maybe.
Click to expand...
Click to collapse
That won't achieve the desired result as I'm trying to recover my data.
sudoxd said:
what is wrong with you all you needed to do to decrypt in twrp is disable your lock screen security, none of this other bull**** lmao.
Click to expand...
Click to collapse
First, I got into this mess by trying to get that to work. Second, how is this a solution?
Master Melab said:
First, I got into this mess by trying to get that to work. Second, how is this a solution?
Click to expand...
Click to collapse
it is a solution, unless there is something wrong with your phone which is caused by an entirely different issue, to access your data in twrp all you needed to do was disable your lock screen security
Unfortunately I don't think there's a way you can do it. The issue the OP is facing is that the system is unable to decrypt your user data at all, regardless of whether or not you are in TWRP or Stock Android, Stock Recovery, etc.
Trying to read between the lines on the AOSP File-based encryption https://source.android.com/security/encryption, your data is always encrypted - regardless of whether or not you have some security set (pin, password, etc). It's just a matter of whether or not the pin etc is part of the metadata used in the decryption. When you altered the security files that stored the information, you lost the ability to decrypt (probably the files have additional information that is passed with your pin to unlock the encryption keys). Removal of the files needed to be done within the system by removing the security, not by removing the files whilst it is encrypted. (Sorry if this isn't exactly what happened, it's hard to tell the exact sequence of events from the OP, i.e. whether or not it was all done in system, and when reboots were done.)
I did something like this before, and got the same result. Sorry but you'll have to rely upon the latest Google backups you had...
NZedPred said:
Trying to read between the lines on the AOSP File-based encryption https://source.android.com/security/encryption
Click to expand...
Click to collapse
I've tried, but I am unable to follow all of it.
NZedPred said:
your data is always encrypted - regardless of whether or not you have some security set (pin, password, etc). It's just a matter of whether or not the pin etc is part of the metadata used in the decryption.
Click to expand...
Click to collapse
I'm aware of that.
NZedPred said:
When you altered the security files that stored the information, you lost the ability to decrypt (probably the files have additional information that is passed with your pin to unlock the encryption keys). Removal of the files needed to be done within the system by removing the security, not by removing the files whilst it is encrypted. (Sorry if this isn't exactly what happened, it's hard to tell the exact sequence of events from the OP, i.e. whether or not it was all done in system, and when reboots were done.)
Click to expand...
Click to collapse
The files I touched have nothing to do with decryption, only unlocking.
NZedPred said:
I did something like this before, and got the same result.
Click to expand...
Click to collapse
Could you please explain what you did?
I have a unbranded android phone stuck on kitkat and will encrypt fine but have installed a custom rom marshmallow. This doesnt encrypt at all (green robot, reboot and nothing).
What i would like to do is to hide the data partition from twrp so if it gets lost no one can access data. Should be able to lock unlock from os that way i can atleast ensure data is safe. Ideally i would like to encrypt but it cannot find a custom rom with encryption. I cannot lock BL again as it hangs most likely i think cos it rooted. any info ?
I think you can't really hide a partition - really hide data in a partition, even if a dot is 1st character of name of a directory and/or file or the empty .nomedia file is present in a directory. But, if Android is rooted, there a quick and easy, non-desctructable method to make sure the data can’t be accessed without doing some effort. Useful to hide data from a layperson.
The method is simple: flip the 5th least significant bit of the partition ID. The 0x83 for Linux partitions becomes 0x93. Let’s say we want to hide the partition /dev/sdd1 we run in Terminal window
Code:
su
sfdisk --change-id /dev/sdd 1 93
Note: sfdisk is part of BusyBox
thats what im looking or, any chance theres an app for this ? using commands phone side is a bit tricky, an app could make like work of that. Still its good enough maybe.
Deleted member 1890170 said:
I think you can't really hide a partition - really hide data in a partition, even if a dot is 1st character of name of a directory and/or file or the empty .nomedia file is present in a directory. But, if Android is rooted, there a quick and easy, non-desctructable method to make sure the data can’t be accessed without doing some effort. Useful to hide data from a layperson.
The method is simple: flip the 5th least significant bit of the partition ID. The 0x83 for Linux partitions becomes 0x93. Let’s say we want to hide the partition /dev/sdd1 we run in Terminal window
Code:
su
sfdisk --change-id /dev/sdd 1 93
Note: sfdisk is part of BusyBox
Click to expand...
Click to collapse
can i ask if re installin twrp make the data partition reappear ? if not then this is what i could do rather than encrypt. And do you have a more detailed guide on how to do the sfdisk thanks
androzer said:
I have a unbranded android phone stuck on kitkat and will encrypt fine but have installed a custom rom marshmallow. This doesnt encrypt at all (green robot, reboot and nothing).
What i would like to do is to hide the data partition from twrp so if it gets lost no one can access data. Should be able to lock unlock from os that way i can atleast ensure data is safe. Ideally i would like to encrypt but it cannot find a custom rom with encryption. I cannot lock BL again as it hangs most likely i think cos it rooted. any info ?
Click to expand...
Click to collapse
TWRP has the option to password lock TWRP.
Droidriven said:
TWRP has the option to password lock
Droidriven said:
TWRP has the option to password lock TWRP.
Click to expand...
Click to collapse
i dont think it has but even if it does whats the point ? you could reflash twrp writing over the password. But which twrp has this version or where is this option ?
Click to expand...
Click to collapse
@nidowak653
No, flashing TWRP will not remove the password because the password is stored in data partition, not in recovery.
As far as I know, it is and has always been an option in TWRP.
Also, relocking bootloader would wipe all data on the device, defeating the purpose of trying to encrypt/protect your data.
You are aware that if your device is lost or stolen, you can go to your Google account online and use the "Find My Device" option to remotely wipe your device of all data.
Droidriven said:
@nidowak653
No, flashing TWRP will not remove the password because the password is stored in data partition, not in recovery.
As far as I know, it is and has always been an option in TWRP.
Also, relocking bootloader would wipe all data on the device, defeating the purpose of trying to encrypt/protect your data.
You are aware that if your device is lost or stolen, you can go to your Google account online and use the "Find My Device" option to remotely wipe your device of all data.
Click to expand...
Click to collapse
i cannot find any option in twrp to lock the recovery with password, also read this
Why doesn't TWRP have password protection?
I’ve had people ask enough for a protected TWRP that I’m creating this page as a response so I don’t have to retype. If you’re seeing this page, you’re proba...
twrp.me
i only want encrypt to be able to use the fone for work purposes i dont really care about the data or the phone itself they can be replaced but havin encrypt means i can work on it.
i'm trying to recover data (mostly folders in my internal storage such as screenshots, screecaptures, etc.) but the programs i am using need my phone to be rooted. My phone runs on android 9 and needs it's bootloder to be unlocked but i need to know if there is a way to d this without factory resetting which may overwrite the lost data which i cannot recover when doing so.
A Factoy Reset only wipes files what means it deletes their entries in Android's inode-table , it doesn't overwrite them. The diskspace previously allocated by the now wiped files becomes orphaned, thus can get reused.
Use ADB pull to extract user-data files where a rooted Android isn't needed.
See also here:
How to Download Files to the Computer with ADB Pull - KrispiTech
You can actually copy and download files from your Android smartphone to the PC using some simple ADB Pull commands as long as you enabled USB Debugging.
krispitech.com
so i can still recover files i deleted prior to a factory reset needed to unlock my oem?
please reply
To recover deleted files Android must be rooted and a special commercial forensic software must be used. GIYF ...
xXx yYy said:
To recover deleted files Android must be rooted and a special commercial forensic software must be used. GIYF ...
Click to expand...
Click to collapse
do you know any that i should use?
Your device is encrypted with FDE. the same answer applies. One can't recover data after factory reset. encryption key is gone forever, and so is your data.
edit: if you haven't done factory reset yet, device might still encrypted with same crypto-footer. this leads you to hypothetical option to obtain temporary root shell and pull decrypted block partition /dev/block/dm-0 (or whatever)
assuming you found vulnerability/exploit and managed to get raw dump, still your chances to recover deleted files are low, because of the way android flash translation controller handles eMMC flash storage.
aIecxs said:
Your device is encrypted with FDE. the same answer applies. One can't recover data after factory reset. encryption key is gone forever, and so is your data.
edit: if you haven't done factory reset yet, device might still encrypted with same crypto-footer. this leads you to hypothetical option to obtain temporary root shell and pull decrypted block partition /dev/block/dm-0 (or whatever)
assuming you found vulnerability/exploit and managed to get raw dump, still your chances to recover deleted files are low, because of the way android handles eMMC flash storage.
Click to expand...
Click to collapse
if only i have discovered these posts sooner...
so those recovery apps are useless?
most of the data recovery tools / one-click-rooting apps aren't working anymore since marshmallow. there are however some companies like cellebrite claiming they can still hack. maybe they got somehow access to Samsungs OEM signing keys idk
Don't know if I got you right, you haven't factory reset your device, yet?
This app might help you to find existing files and thumbnails of deleted files. To my understanding it won't undelete anything but some users claim different. It will search for hidden trash can in gallery, maybe you are lucky...
FindMyPhoto – Recover Photos o - Apps on Google Play
A truely free app to recover deleted photos on Android devices.
play.google.com
aIecxs said:
Don't know if I got you right, you haven't factory reset your device, yet?
This app might help you to find existing files and thumbnails of deleted files. To my understanding it won't undelete anything but some users claim different. It will search for hidden trash can in gallery, maybe you are lucky...
FindMyPhoto – Recover Photos o - Apps on Google Play
A truely free app to recover deleted photos on Android devices.
play.google.com
Click to expand...
Click to collapse
i did factory reset...
i should probably give up and move on, shouldn't i?
the app looks really promising, but it has alot of one star reviews
just another useless app..
better root your device, factory reset again and disable encryption. this way you are prepared next time
aIecxs said:
just another useless app..
better root your device, factory reset again and disable encryption. this way you are prepared next time
Click to expand...
Click to collapse
have you actually used the app, seen the reviews, or both?
Best Cellebrite Alternatives & Competitors
Compare the best Cellebrite alternatives in 2023. Explore user reviews, ratings, and pricing of alternatives and competitors to Cellebrite.
sourceforge.net
Besides Cellebrite is there an alternative
Besides Cellebrite is there an alternative to capturing data from a cell phone on the physical side (ie deleted items)? In addition to bypassing the ...
www.forensicfocus.com
https://www.reddit.com/r/computerforensics/comments/a1j43j
These links have cellebrite alternatives and one person said that they use odin + twrp. I hope some of them are freeware/ have free trials. Can someone help me verify if these are legit?
moutsu said:
have you actually used the app, seen the reviews, or both?
Click to expand...
Click to collapse
another user suggested this app. but only helpful to find existing pictures in trash can. read full discussion here
https://android.stackexchange.com/q/231132
moutsu said:
These links have cellebrite alternatives and one person said that they use odin + twrp. I hope some of them are freeware/ have free trials. Can someone help me verify if these are legit?
Click to expand...
Click to collapse
once you factory reset device NOTHING can help you - it's gone. well, technically spoken that's not true, but next to impossible. forensic lab might partially recover old crypto-footer from the lower emmc firmware, and spend some years bruteforcing missing bytes.
TWRP is completely useless for samsung encryption, samsung encryption not supported, yet (although it's possible just a matter of time)
consider: all these tools might still work on quite a few older devices, from the days where exploiting was possible or encryption wasn't hardware-backed. They mainly offer breaking into lock screen and maybe can recover deleted files. They can by-pass locked bootloader, let android do it's work and pull (decrypted) partition image from root shell (for further analysis). They can break into TEE and extract encryption master key for chip-off bruteforce. But none of these tools ever claimed to recover data after factory reset. except for scams (like wondershare Dr. Fone) I don't know anything about iPhone I am talking about Android only.
conclusion:
- if a company offers you JTAG or chip-off they are trying to scam you.
- recovery of deleted files is not the same as recovery after factory reset. encryption is the showstopper here.
Demystifying Android Physical Acquisition
Numerous vendors advertise many types of solutions for extracting evidence from Android devices. The companies claim to support tens of thousands of models, creating the impression that most (if not all) Android devices can be successfully acquired using one method or another. On the other side o
blog.elcomsoft.com
aIecxs said:
once you factory reset device NOTHING can help you - it's gone. well, technically spoken that's not true, but next to impossible. forensic lab might partially recover old crypto-footer from the lower emmc firmware, and spend some years bruteforcing missing bytes.
TWRP is completely useless for samsung encryption, samsung encryption not supported, yet (although it's possible just a matter of time)
consider: all these tools might still work on quite a few older devices, from the days where exploiting was possible or encryption wasn't hardware-backed. They mainly offer breaking into lock screen and maybe can recover deleted files. They can by-pass locked bootloader, let android do it's work and pull (decrypted) partition image from root shell (for further analysis). They can break into TEE and extract encryption master key for chip-off bruteforce. But none of these tools ever claimed to recover data after factory reset. except for scams (like wondershare Dr. Fone) I don't know anything about iPhone I am talking about Android only.
conclusion:
- if a company offers you JTAG or chip-off they are trying to scam you.
- recovery of deleted files is not the same as recovery after factory reset. encryption is the showstopper here.
Demystifying Android Physical Acquisition
Numerous vendors advertise many types of solutions for extracting evidence from Android devices. The companies claim to support tens of thousands of models, creating the impression that most (if not all) Android devices can be successfully acquired using one method or another. On the other side o
blog.elcomsoft.com
Click to expand...
Click to collapse
aww
to let anyone know about how i ended up into this rabbit hole of recovery apps and finding out about xda, heres a backstory: some, if not all, of the folders were deleted in the storage/emulated/0 file directory after possibly me deleting them after they have popped up in an app that accessed your files. this is why i've been asking questions and doing research on how to recover them. i had to root my device according to the answers, but i didnt want to unlock the bootloader but i had to unlock it eventually. i really regret doing that. if this happens to someone in the future, i would ask anyone if it is possible to recover the files in storage/emulated/0 after they were deleted.
aIecxs said:
once you factory reset device NOTHING can help you - it's gone. well, technically spoken that's not true, but next to impossible. forensic lab might partially recover old crypto-footer from the lower emmc firmware, and spend some years bruteforcing missing bytes.
TWRP is completely useless for samsung encryption, samsung encryption not supported, yet (although it's possible just a matter of time)
consider: all these tools might still work on quite a few older devices, from the days where exploiting was possible or encryption wasn't hardware-backed. They mainly offer breaking into lock screen and maybe can recover deleted files. They can by-pass locked bootloader, let android do it's work and pull (decrypted) partition image from root shell (for further analysis). They can break into TEE and extract encryption master key for chip-off bruteforce. But none of these tools ever claimed to recover data after factory reset. except for scams (like wondershare Dr. Fone) I don't know anything about iPhone I am talking about Android only.
conclusion:
- if a company offers you JTAG or chip-off they are trying to scam you.
- recovery of deleted files is not the same as recovery after factory reset. encryption is the showstopper here.
Demystifying Android Physical Acquisition
Numerous vendors advertise many types of solutions for extracting evidence from Android devices. The companies claim to support tens of thousands of models, creating the impression that most (if not all) Android devices can be successfully acquired using one method or another. On the other side o
blog.elcomsoft.com
Click to expand...
Click to collapse
so there IS a way? if it's not impossible then it is possible!
x=1
Kds ld fhud xnt dwzlokd.
Hey guys,
I have a query on recovering data from Android phone's internal storage.
The phone is J7 Pro (SM-J730GM) and I am trying to recover some deleted data from the phone.
I have tried UltData for Android but it only lists the data that is already present on the phone...it does not show the deleted data.
I tried DroidKit and it clearly states that 'Root required for Deep Scan'. Only quick scan available which is same as UltData (lists only data that is already present).
I did some research and it seems that without root, it is not possible to recover lost/deleted data.
I was wondering if anyone here has some knowledge/experience about this topic?
Is there any reliable tool out there that can recover data WITHOUT root? Or using commands via ADB shell ?
Root is the last thing I want to go for as it may sometimes brick the device.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
jwoegerbauer said:
Click to expand...
Click to collapse
mru007 said:
Root is the last thing I want to go for as it may sometimes brick the device.
Click to expand...
Click to collapse
First of all, unlocking the bootloader will erase all data of your internal storage.
To recover deleted files you investigate your storage to find file signatures.
When deleting a file only the corresponding entry in the partition table will be erased. But the data of your file itself remains physically on your storage until it gets overwritten.
Best practice for that is to create an image file of your entire storage. But at least you will need full access to your data partition '/userdata'. That requires an unlocked bootloader to install a custom recovery like TWRP and/or root. Both give you full access to /userdata at all levels, increasing your chances of successfully recovering your files.
Factory reset: Files that have been deleted by a factory reset are due to encryption of internal storage (file based) almost unrecoverable. Wiping all data also deletes the decryption key stored in the system. During the next boot process /userdata (which is empty) gets encrypted again but with different keys.
It's not mandatory to have root permissions but you must have an unlocked bootloader.
An USB connection to your PC is not suitable to recover deleted files. Both, ADB and storage access, won't open your file system directly. There's at least one system service on your phone that manages the data transfer, e.g. MTP.
WoKoschekk said:
First of all, unlocking the bootloader will erase all data of your internal storage.
To recover deleted files you investigate your storage to find file signatures.
When deleting a file only the corresponding entry in the partition table will be erased. But the data of your file itself remains physically on your storage until it gets overwritten.
Best practice for that is to create an image file of your entire storage. But at least you will need full access to your data partition '/userdata'. That requires an unlocked bootloader to install a custom recovery like TWRP and/or root. Both give you full access to /userdata at all levels, increasing your chances of successfully recovering your files.
Factory reset: Files that have been deleted by a factory reset are due to encryption of internal storage (file based) almost unrecoverable. Wiping all data also deletes the decryption key stored in the system. During the next boot process /userdata (which is empty) gets encrypted again but with different keys.
It's not mandatory to have root permissions but you must have an unlocked bootloader.
Click to expand...
Click to collapse
Thanks for the detail info!
When I go to Developer options -> OEM unlocking, it says here "Bootloader already unlocked." So it's a good thing for proceeding further I suppose.
For TWRP installation, I checked the method but it says 'unlocking bootloader will Wipe Data.
Does installing TWRP automatically attempts to unlock bootloader (and hence the risk of wipe data?)
Here is the blog that list steps to root with TWRP and gives a bright red warning -
Root Samsung Galaxy J7 Pro SM-J730GM and Install TWRP Recovery
Easy tutorial to Root Samsung Galaxy J7 Pro SM-J730GM in easy steps. For rooting, you have to flash TWRP Recovery first through the guide.
www.androidweblog.com
So my q. is -
If I just install TWRP, does it pose a risk to automatically wipe data?
Any options in TWRP itself to recover deleted data?
The other way is to root the device using Magisk app which does not require TWRP, but a bit complicated process.
This is the blog I came across to root J7 Pro without TWRP -
Root Samsung Galaxy J7 Pro SM-J730GM/G using Magisk Without TWRP
Easy tutorial to Root Samsung Galaxy J7 Pro SM-J730GM/G in easy steps using Magisk. For rooting, you we have described Magisk method, without installing TWRP.
www.androidweblog.com
Hope TWRP method does not Wipe Data & rooting method does not brick the device.
Even if we follow all the steps properly, there is always a little chance that it may brick the device
WoKoschekk said:
An USB connection to your PC is not suitable to recover deleted files. Both, ADB and storage access, won't open your file system directly. There's at least one system service on your phone that manages the data transfer, e.g. MTP.
Click to expand...
Click to collapse
Interesting.
I also tried mounting the phone internal storage as a 'disk drive' (with letter) using a tool called MTPdrive but then no data recovery software recognizes it as a 'valid' partition. It says invalid.
mru007 said:
If I just install TWRP, does it pose a risk to automatically wipe data?
Click to expand...
Click to collapse
If your bootloader is already unlocked, it is very good news for you. TWRP doesn't unlock bootloader or wipe your data.
mru007 said:
Any options in TWRP itself to recover deleted data?
Click to expand...
Click to collapse
No.
Follow the steps properly with the correct files to root your device.
Once successfully rooted, install a good data recovery app and try to recover your lost files.
Important thing to remember is that the more files you copy or install (i.e. the more changes you make to your file system), the lesser chance there will be to recover data because the system tries to use the space occupied by deleted data to write new files to it.
So do one thing at a time and make as little changes as possible to root your phone and install the data recovery app. Do your research first to find out the best options.
All the best!
mru007 said:
Any options in TWRP itself to recover deleted data?
Click to expand...
Click to collapse
No, but you could do the following when TWRP runs:
1. Download the ADB/Fastboot tools here.
2. Extract the downloaded ZIP to C:\ and open the new created folder C:\platform-tools. You should see single files like adb.exe or fastboot.exe
3. In the address bar of your Explorer windows type cmd and hit Enter.
4. Connect the phone in TWRP mode via USB to your desktop PC and execute
Code:
adb devices
which should give you a output like this:
Code:
C:\platform-tools>adb devices
* daemon not running; starting now at tcp:5037
* daemon started successfully
List of devices attached
<SERIAL_NO> recovery
If any errors then tell us!
5. Execute
Code:
adb pull /dev/block/by-name/userdata
This pulls an image of your data partition right into the current folder C:\platform-tools.
But be aware!! The data image is as big as your total internal storage!
So, make sure there is enough free space on your storage.
If you successfully pulled the image, then I will explain you how to rescue the deleted data on it.
Even if you can recover files... the file and folder structure is lost forever. Jpegs will have no exif data, no time stamp etc. It will be a real mess.
The most you can do then is search for file type, for example jpegs. A sea of juxtaposed jpegs; every bloody jpeg on the drive.
You learned a valuable lesson on how fragile digital data can be, the hard way. Why didn't you use a SD card as the data drive? All critical data should be redundantly backup at least twice in addition to the SD card.
blackhawk said:
Even if you can recover files... the file and folder structure is lost forever. Jpegs will have no exif data, no time stamp etc. It will be a real mess.
The most you can do then is search for file type, for example jpegs. A sea of juxtaposed jpegs; every bloody jpeg on the drive.
You learned a valuable lesson on how fragile digital data can be, the hard way. Why didn't you use a SD card as the data drive? All critical data should be redundantly backup at least twice in addition to the SD card.
Click to expand...
Click to collapse
I learnt my lesson the hard way in 2013 or 2014, but I was eventually lucky after spending 2 sleepless nights. Lost all files on my laptop hard disc by passing a command that I didn't fully understand. After 2 days and 2 nights which looked like eternal, and trying a dozen data recovery softwares that did nothing, I eventually found one that, in hindsight, was Godsend. That software actually recovered almost every single file and was also free back then. It was then that I created a backup plan for myself and it has worked well so far.
But you missed talking about cloud backups. They are actually much more secure since they are managed professionally, although they come with some privacy concerns.
TheMystic said:
I learnt my lesson the hard way in 2013 or 2014, but I was eventually lucky after spending 2 sleepless nights. Lost all files on my laptop hard disc by passing a command that I didn't fully understand. After 2 days and 2 nights which looked like eternal, and trying a dozen data recovery softwares that did nothing, I eventually found one that, in hindsight, was Godsend. That software actually recovered almost every single file and was also free back then. It was then that I created a backup plan for myself and it has worked well so far.
But you missed talking about cloud backups. They are actually much more secure since they are managed professionally, although they come with some privacy concerns.
Click to expand...
Click to collapse
I never use cloud except for Gmail and text messages backups. Otherwise it's backed up at least 3-6 times on different drives, in different locations including time staggered copies. I may lose some data but never all...
blackhawk said:
I never use cloud except for Gmail and text messages backups. Otherwise it's backed up at least 3-6 times on different drives, in different locations including time staggered copies. I may lose some data but never all...
Click to expand...
Click to collapse
That's one reason why you stick with the N10+ which is the last Samsung flagship with an external SD card. Since this feature isn't coming back on future flagships, you'll either have to settle with a budget device going forward, or get the 1 TB variants of Flagships, if you want access to your entire camera roll all the time.
In either case, you'll eventually run out of storage and may have to setup your own personal cloud server, if you have the required expertise to keep it safe for online access.
Cloud is not just about backups. It is also about having access to files all the time on multiple devices.
TheMystic said:
That's one reason why you stick with the N10+ which is the last Samsung flagship with an external SD card. Since this feature isn't coming back on future flagships, you'll either have to settle with a budget device going forward, or get the 1 TB variants of Flagships, if you want access to your entire camera roll all the time.
In either case, you'll eventually run out of storage and may have to setup your own personal cloud server, if you have the required expertise to keep it safe for online access.
Cloud is not just about backups. It is also about having access to files all the time on multiple devices.
Click to expand...
Click to collapse
Samsung. If they can't put out they will be kicked out. Another manufacturer will pick up the slack. Both Samsung and Gookill Android are a mess now; I will continue to use what fullfills my mission for the next 3+ years. No hurry here.
Currently I'm using about 510 gb of my 1tb capacity, plenty of room left. I also have 350/100gb available on internal.
With cloud you're at the mercy of your internet connection/bandwidth, always. It wastes battery and they will charge you for the "privilege" of high capacity storage.
Multiple more layers to cloud introduce new failure modes and vulnerabilities, KISS.
Lol, do you still trust Samsung servers?
In the future you will own nothing and be happy. Not me.
blackhawk said:
With cloud you're at the mercy of your internet connection/bandwidth, always. It wastes battery and they will charge you for the "privilege" of high capacity storage.
Click to expand...
Click to collapse
Internet today is cheap and convenience has a price. So it is okay.
blackhawk said:
Multiple more layers to cloud introduce new failure modes and vulnerabilities, KISS.
Click to expand...
Click to collapse
They have multiple redundancies built-in and I am positive they have systems in place to prevent catastrophe. I do use multiple cloud providers though, just in case.
blackhawk said:
do you still trust Samsung servers?
Click to expand...
Click to collapse
I don't have the expertise to keep a personal cloud server safe online.
blackhawk said:
In the future you will own nothing and be happy. Not me
Click to expand...
Click to collapse
I have local backups too. It's not like I'm completely dependent on them. The local backups are just backups, and I cannot access them online.
TheMystic said:
I have local backups too. It's not like I'm completely dependent on them. The local backups are just backups, and I cannot access them online.
Click to expand...
Click to collapse
If you had an SD card* you don't need to have internet access at all to do a full reload, anytime, anywhere. If you phone OS crashes the data on the SD card usually remains intact as well as in most hard display smashing drops.
A dual drive device trumps a single drive device every time.
*A OTG flashstick can be used but they are much slower. Backups can't be done in real time and one more critical piece of hardware to lose.
blackhawk said:
If you had an SD card* you don't need to have internet access at all to do a full reload, anytime, anywhere. If you phone OS crashes the data on the SD card usually remains intact as well as in most hard display smashing drops.
A dual drive device trumps a single drive device every time.
*A OTG flashstick can be used but they are much slower. Backups can't be done in real time and one more critical piece of hardware to lose.
Click to expand...
Click to collapse
You're focussing only on backups.
I'm also looking at multi-device access to all files. This is possible only with cloud, whether 3rd party or personally hosted one.
blackhawk said:
If you had an SD card* you don't need to have internet access at all to do a full reload, anytime, anywhere. If you phone OS crashes the data on the SD card usually remains intact as well as in most hard display smashing drops.
A dual drive device trumps a single drive device every time.
*A OTG flashstick can be used but they are much slower. Backups can't be done in real time and one more critical piece of hardware to lose.
Click to expand...
Click to collapse
You're focussing only on backups.
I'm also looking at multi-device access to all files. This is possible only with cloud, whether 3rd party or personally hosted one.
TheMystic said:
You're focussing only on backups.
I'm also looking at multi-device access to all files. This is possible only with cloud, whether 3rd party or personally hosted one.
Click to expand...
Click to collapse
Exactly. Android is the only internet portal I use.
My other Android only shares cloud Gmail and texting for security. My laptop internet/wifi access is always offline; completely physically firewalled. You might hack one device but never all three. All backup drives are always physically/electronically separate from the PC unless being used for backup. In the case of malware none of the backups are connected until the victim device is clean.
I've seen a Gmail account get hacked and become unrecoverable. Never had that happen to a backup hdd... in the end the only protection you have is sound data management. If you fail to do this you may lose your whole database.
blackhawk said:
Exactly. Android is the only internet portal I use.
My other Android only shares cloud Gmail and texting for security. My laptop internet/wifi access is always offline; completely physically firewalled. You might hack one device but never all three.
Click to expand...
Click to collapse
This is a very special use case. For most people, multi-device access is pretty common.
blackhawk said:
I've seen a Gmail account get hacked and become unrecoverable.
Click to expand...
Click to collapse
As in all emails got permanently deleted? And Google couldn't help?