Database Info

Any reason not to unlock the bootloader?

Just received my Solar Red U11. Is there any reason not to unlock the bootloader right away?
I'm not planing on rooting it or installing any custom ROMs anytime soon, but I'm also not 100% sure I'm gonna be keeping the phone (few things I need to see if I can get used to).
Should I just unlock it now so I don't have to (potentially) wipe my device at a later date?
Thanks!

techboy10 said:
Just received my Solar Red U11. Is there any reason not to unlock the bootloader right away?
I'm not planing on rooting it or installing any custom ROMs anytime soon, but I'm also not 100% sure I'm gonna be keeping the phone (few things I need to see if I can get used to).
Should I just unlock it now so I don't have to (potentially) wipe my device at a later date?
Thanks!
Click to expand...
Click to collapse
if you decide to unlock at a later date you can back up your stuff to your computer unlock then put it back.all the other stuff is your choice, me, mine is unlocked out of the box.
it only wipes your internal, not the ext_sdcard

At some point, one of the future updates could prevent you from unlocking it. That would eliminate the
ability to modify your phone's software. If you'll never do that, probably doesn't matter if unlockable.
The only downside is the orange reminder splash screen that is displayed on boot-up.

Aldo101t said:
if you decide to unlock at a later date you can back up your stuff to your computer unlock then put it back.all the other stuff is your choice, me, mine is unlocked out of the box.
it only wipes your internal, not the ext_sdcard
Click to expand...
Click to collapse
Aldo, how do you back up data & /or app settings of 3d party apps fm a device w/locked Bootloader & no root?
Also, what & how much boot delay is there if you unlock bootloader - I saw someone post a pic that shows the screen in text mode & a warning abt startup not beginning for 5 seconds.
Also, please clarify, HTC gave warnings about losing the Fingerprint capability if you unlock the bootloader; I just want root,so I can run Titanium B/U & some root-needed apps- put really like the Fingerprint feature- was that an old warning? The posted HTC warning says you can'telock the bootloader- but I just saw someone talk abt re-locking their bootloader bc they want to sell the device as clean.
Any help much appreciated, TIA oldwolf

Boot loader won't effect your fingerprint scanner....never heard of had that.

The warning about losing fingerprint scanner functionality on HTCDev refers to the One Max (2013), and only to that device AFAIK.

Negative effects of unlocked bootloader
Has anybody found HTC U11 losing OEM applications, sound and camera quality or other pre installed applications after unlocking the bootloader? Also please tell me whether the unlocking procedure is same for Android oreo udate.
Thanks.

sudheersharma said:
Has anybody found HTC U11 losing OEM applications, sound and camera quality or other pre installed applications after unlocking the bootloader? Also please tell me whether the unlocking procedure is same for Android oreo udate.
Thanks.
Click to expand...
Click to collapse
Go to developer options ( on setting) and allow unlocked bootloader ,,,ok finish

Unlocking the bootloader has no adverse effects. You can still update ota. If the bootloader is ever unlocked there is no reason to relock it unless you are returning the phone to the store.

How To Guide [ROOT][GAPPS] Root and install GApps on stock Edge S/Chinese version

So you got the Edge S and want GApps? Basically you unlock your bootloader, root with Magisk, then install MagiskGApps.
DISCLAIMER: UNLOCKING YOUR BOOTLOADER MAY VOID YOUR WARRANTY, AND DOING ALL THESE THINGS IN THIS GUIDE MAY RESULT IN DAMAGE/BRICKING YOUR PHONE. I AM NOT RESPONSIBLE FOR ANYTHING YOU DO TO YOUR PHONE. PROCEED AT YOUR OWN RISK.
1. Unlock the bootloader: that should be doable with their global bootloader unlock website here.
2. Download Lenovo Motoroa Smart Assistant (Rescue and Smart Assistant), and follow its instructions to "rescue" your device. It will lead you to boot into bootloader mode and download the firmware. Find the firmware file via the LMSA's downloads (should have a "show folder" button). You'll need the boot.img file for Magisk.
3. Download Magisk, then follow its instructions. You'll have to copy the boot.img to your device, then use Magisk to patch the boot file, then copy the modified one to your PC.
4. You'll need fastboot. If you don't have it already, you can download the Android SDK platform tools here. Then go into the folder, Shift+Right Click the folder, then "Open Command Prompt" or "Open PowerShell," you should have something close to one of those two. Copy your Magisk modified .img file to that folder, then you'll want to input:
fastboot flash boot [modified .img file]
Once that completes, you should see in large text, "Start" on your phone next to the power button. Press the power button, and it should boot, and you should have root now.
5. Download MagiskGApps to your phone, open Magisk on your phone, click the button that looks like a puzzle piece at the bottom of the screen, "Modules." Click "Install from storage," locate the MagiskGApps file, and install it. After that it will ask you to restart your phone, do that, then you'll just have to be patient as it takes time once its restarted to load everything. You also may need to update some or all of the apps, then you should be able to use the notification to finish setting up the phone with Google Setup.
Thanks to Motorola for making it easy to unlock their bootloaders
Thanks to the whole Magisk team for making an easy, awesome root (and more!)
Thanks to Wacko1805 (and team?) for making MagiskGApps. This is really awesome.

unlock the BL and get root is will make some apps fingerprint and face ID fail?

kimker said:
unlock the BL and get root is will make some apps fingerprint and face ID fail?
Click to expand...
Click to collapse
Magisk has a "Magisk Hide" which will allow it to pass SafetyNet, and most things which check on device security will think the device is secure. But unlocking BL and rooting does make the device less secure, and therefore incurs its own risks apart from bricking or damaging the device.

HopelesRomantc91 said:
Magisk has a "Magisk Hide" which will allow it to pass SafetyNet, and most things which check on device security will think the device is secure. But unlocking BL and rooting does make the device less secure, and therefore incurs its own risks apart from bricking or damaging the device.
Click to expand...
Click to collapse
yes, i knew the unlock and root will take risk.. but not sure is Payment business apps using fingerprint will work normal.

kimker said:
yes, i knew the unlock and root will take risk.. but not sure is Payment business apps using fingerprint will work normal.
Click to expand...
Click to collapse
Google Pay works. But according to the Motorola website you should be able to relock the bootloader if yours doesn't work. But there's never any guarantee. If you need your device secure, recommend don't unlock bl or root, or wait to see if there's a root option without bootloader unlock that can be easily undone.

HopelesRomantc91 said:
Google Pay works. But according to the Motorola website you should be able to relock the bootloader if yours doesn't work. But there's never any guarantee. If you need your device secure, recommend don't unlock bl or root, or wait to see if there's a root option without bootloader unlock that can be easily undone.
Click to expand...
Click to collapse
I saw that someone’s edge s had unlocked the BL and Flash G100 firmware and everything worked normally, and then tried to lock the BL again, but it was unsuccessful and the system could not start. The flashing tool does not recognize the machine.

kimker said:
I saw that someone’s edge s had unlocked the BL and Flash G100 firmware and everything worked normally, and then tried to lock the BL again, but it was unsuccessful and the system could not start. The flashing tool does not recognize the machine.
Click to expand...
Click to collapse
That's not good. Hopefully they can restore it back somehow. With this guide to unlock and flash gapps why would you need to flash G100 though? This seems to be itright now without one of rom developer's releases to get root & apps. For me this is all i would look for. Titanium backup on it and restore.. done until PE rom comes out.

kimker said:
I saw that someone’s edge s had unlocked the BL and Flash G100 firmware and everything worked normally, and then tried to lock the BL again, but it was unsuccessful and the system could not start. The flashing tool does not recognize the machine.
Click to expand...
Click to collapse
I would think yes, if you flash different firmware, locking the BL would likely cause problems. It's very difficult to do anything w/o unlocked bootloader, except sometimes rooting is doable. That's pretty much the behavior I expect. If they come to this subforum, we might be able to help.

HopelesRomantc91 said:
I would think yes, if you flash different firmware, locking the BL would likely cause problems. It's very difficult to do anything w/o unlocked bootloader, except sometimes rooting is doable. That's pretty much the behavior I expect. If they come to this subforum, we might be able to help.
Click to expand...
Click to collapse
thank you. They did not ask for help. It seems that the lock BL is a self-verification switch, and then performs a verification system integrity.

HopelesRomantc91 said:
I would think yes, if you flash different firmware, locking the BL would likely cause problems. It's very difficult to do anything w/o unlocked bootloader, except sometimes rooting is doable. That's pretty much the behavior I expect. If they come to this subforum, we might be able to help.
Click to expand...
Click to collapse
I'm curious,If you unlock and flash other firmware and then flash back to the original firmware, can it be locked again?

Mine doesn't let me unlock its BL. I've got unlock code from moto and did a factory reset with SIM card in slot 1. After enabling developer mode and debugging the switch still is greyed out. So no chance to unlock it.
Has anyone got an idea what to try now?
Moto support answered yesterday to my request but also no solution since I told them that it doesn't work
Device is not branded. I got it from Amazon so no provider branding.
If this won't be able to be unlocked and rooted I'll have to return it and switch to a Google Pixel.

kischde said:
Mine doesn't let me unlock its BL. I've got unlock code from moto and did a factory reset with SIM card in slot 1. After enabling developer mode and debugging the switch still is greyed out. So no chance to unlock it.
Has anyone got an idea what to try now?
Moto support answered yesterday to my request but also no solution since I told them that it doesn't work
Device is not branded. I got it from Amazon so no provider branding.
If this won't be able to be unlocked and rooted I'll have to return it and switch to a Google Pixel.
Click to expand...
Click to collapse
I had the same issue, you need to factory reset WITH your sim card in the phone, this will let you open the OEM unlock slide thing in the dev mode.
Then once its done you can fastboot and unlock the bootloader.

I did so, maybe I explained not so well. SIM was inserted and then I did factory reset by starting it from settings. After restart it's still the same - switch / unlock slider greyed out.

kischde said:
I did so, maybe I explained not so well. SIM was inserted and then I did factory reset by starting it from settings. After restart it's still the same - switch / unlock slider greyed out.
Click to expand...
Click to collapse
On my OG Pixel XL, I had to wait 7 days for the slider to become normal. By the time I got around to do it on the Edge S it was about the same time.... could be related

Now as you said that I remember that thingy with another device. Maybe a Xiaomi I think... With that I had to wait several days until the unlock code was delivered.
But there was a message, too, when trying to get it sooner, which said you needed to wait some more time.
Not sure if it's the the same for Moto devices? Then again, when thinking that you experienced the same with a Pixel, too...
Did anyone else make such an experience with his/her g100?

kischde said:
Now as you said that I remember that thingy with another device. Maybe a Xiaomi I think... With that I had to wait several days until the unlock code was delivered.
But there was a message, too, when trying to get it sooner, which said you needed to wait some more time.
Not sure if it's the the same for Moto devices? Then again, when thinking that you experienced the same with a Pixel, too...
Did anyone else make such an experience with his/her g100?
Click to expand...
Click to collapse
Make sure your on the latest OTA, Lenovo made a mistake on previous versions with the OEM Unlocking function not being enabled. They fixed it in latest ota.

RSA tool said the file I uploaded yesterday is the latest one available (and it's exactly the same as the installed version).
The device was released just a few days ago in Europe. Perhaps they fixed the unlock switch in other regions and still need to fix it in Europe..
Will wait until weekend if they come up with a solution. If not I'm afraid I have to return the device as I need it personally AND professionally, too - I'm field agent, so.... :/

HopelesRomantc91 said:
I would think yes, if you flash different firmware, locking the BL would likely cause problems. It's very difficult to do anything w/o unlocked bootloader, except sometimes rooting is doable. That's pretty much the behavior I expect. If they come to this subforum, we might be able to help.
Click to expand...
Click to collapse
The poor guy whose phone turned bricks went to the after-sales department of moto, and the answer was that he needed to replace the phone motherboard. .

kimker said:
The poor guy whose phone turned bricks went to the after-sales department of moto, and the answer was that he needed to replace the phone motherboard. .
Click to expand...
Click to collapse
Ouch...

kimker said:
I'm curious,If you unlock and flash other firmware and then flash back to the original firmware, can it be locked again?
Click to expand...
Click to collapse
I would assume so, but I don't really know why anyone would want to relock.

Buying a used phone. Is the second-hand device trustworthy and safe to use?

[Apologies for being a noob, I tried my best to do the homework]
I want to buy a used Pixel 2 (or Pixel 3). There is some general advice on the internet reminding to check:
(i) for physical damage
(ii) if ESN / IMEI has been blacklisted
(iii) if the device is compatible with a carrier (communication standard, uses SIM and not e-SIM, not carrier locked)
(iv) and warning that the device can break or become blacklisted after the purchase.
All of the above is associated with a risk, which is limited to the amount of money paid.
But my primary concern is the risk from using the second-hand device where privacy is critical (email, online banking, 2FA through SMS). How do I make sure the previous owner hasn't planted a backdoor? If I trust Google, what are the reasonable steps to ensure that the device hasn't been tampered with by someone else? In particular:
(1) How do I check on Pixel 2 that the firmware, bootloader, OS are the original ones?
(2) If the device had been bootloader unlocked and/or rooted, is it possible to restore the original images, re-lock the bootloader to be confident that no one (but Google) will spy on me?
(3) Is there anything I am missing?
(4) Which of these are probably different on Pixel 3 and should be asked on Pixel 3 forum?
I barely understand the difference between the bootlocker and the recovery, and I would appreciate clear answers very much.
Related:
- A related thread mentions telling apart Verizon and unlocked versions of Pixel 2:
Buying Pixel 2 on Craigslist any tips to avoid issues?
Hi, I would like to buy a used Pixel 2 off Craigslist and since I am not familiar with the Pixel 2 I hope you can help me make sure I don't get scammed. I know I need to check that the IMEI is not blacklisted (can run it through the swappa IMEI...
forum.xda-developers.com
- A similar question was asked about Galaxy Note 9. One senior member says "Hell, back in the day we could reset knox counters ... even checking knox isn't a full proof method". Another says "So rest assured if your Warranty Bit is not 0x1 a Custom Binary has never been flashed". I am confused, as there is no concensus.
Bought used. Security concerns?
I had been looking for a new phone for awhile. Settled on a Note 9 because I wanted to try using the S Pen for work and dislike the Note 10 design. However, they are still sold at full price where I live, so I bought one secondhand. Everything...
forum.xda-developers.com
- Here someone says "Really easy to relock" about OnePlus 5. I wonder if the same is true for Pixels 2/3?
Risk of used phone with unlocked bootloader?
Hey guys this is probably a lame question... does any risk come with buying a phone with an unlocked boot loader? I bought an OnePlus 5 from ebay used in great shape. The seller advised the the phone was rooted with Android 10. When i start the...
forum.xda-developers.com

Reboot the phone, and see if the yellow exclamation mark comes up saying the bootloader was modified.
If you don't see that, it means the Pixel 2 bootloader was never unlocked and a custom ROM was never flashed to the device.
Since all Pixel 2 phones would be out of warranty now, the only way to ensure security is to flash a trusty ROM yourself.

kodina said:
Since all Pixel 2 phones would be out of warranty now, the only way to ensure security is to flash a trusty ROM yourself.
Click to expand...
Click to collapse
Thanks for you response, but I am not sure I understand the last bit. Do you mean I would have to flash a trusty ROM myself because there are no certified service centres that would accept the phone, as the warranty has expired? Or do you mean that there are no automatic updates or supported ROMs because of the end of life or something?

up!

wiltingenthusiasm said:
Thanks for you response, but I am not sure I understand the last bit. Do you mean I would have to flash a trusty ROM myself because there are no certified service centres that would accept the phone, as the warranty has expired? Or do you mean that there are no automatic updates or supported ROMs because of the end of life or something?
Click to expand...
Click to collapse
No, I mean even if the bootloader is locked, even if the original owner never flashed a custom ROM, the device (in theory) could still have had been rooted in the past, unknown apps installed, root removed and you would never know. Hoewever, this is all in theory, but it is possible, and only applies if you are paranoid about security.
Otherwise, reboot the phone, no bootlaoder warning = 99% safe to use.

kodina said:
No, I mean even if the bootloader is locked, even if the original owner never flashed a custom ROM, the device (in theory) could still have had been rooted in the past, unknown apps installed, root removed and you would never know. Hoewever, this is all in theory, but it is possible, and only applies if you are paranoid about security.
Otherwise, reboot the phone, no bootlaoder warning = 99% safe to use.
Click to expand...
Click to collapse
Oh, I see. And a factory reset would not help either, because it does not recover the OS from a reserve copy whose integrity can be ensured, but simply deletes all user data and extra apps, while keeping the rest, which could have been compromised via root access. Therefore, there is no guarantee that the factory reset via bootloader really gets the device to the "factory state". Is that correct?
[Many thanks for your explanation.]

wiltingenthusiasm said:
Oh, I see. And a factory reset would not help either, because it does not recover the OS from a reserve copy whose integrity can be ensured, but simply deletes all user data and extra apps, while keeping the rest, which could have been compromised via root access. Therefore, there is no guarantee that the factory reset via bootloader really gets the device to the "factory state". Is that correct?
[Many thanks for your explanation.]
Click to expand...
Click to collapse
In theory, because I have not ready any news, articles, guides or forum threads where people are claiming they have done it.
So, the only option to ensure things are 1% safer, is to unlock the bootloader and flash a custom ROM yourself, trusting that the ROM dev didn't put anything weird in it. Though, as far as I checked, none of the OFFICIAL ROMs for Pixel 2 have a history of putting in something bad.
So, if you want 100% stability, use the default google ROM after a factory reset, but if you want """more""" security, unlock the bootloader and flash the ROM yourself.

Lock Bootloader without Data Loss?

Not sure if it's possible to re-lock the Bootloader without loosing all data.
As more and more apps stopped working with some 'security warning' and finding it more and more difficult to run certain banking and other applications I decided to 'unroot' my Poco F2 Pro.
But, too bad, some Apps still complain about 'security issues' or explicitly about the unlocked bootloader - but now there is no MAGISK Hide or similar to 'cheat the system'
But, even worse, according to many posts in various forums locking the BL will erase all data.
Any idea if it's possible?
Thanks!

Tiemichael said:
Not sure if it's possible to re-lock the Bootloader without loosing all data.
As more and more apps stopped working with some 'security warning' and finding it more and more difficult to run certain banking and other applications I decided to 'unroot' my Poco F2 Pro.
But, too bad, some Apps still complain about 'security issues' or explicitly about the unlocked bootloader - but now there is no MAGISK Hide or similar to 'cheat the system'
But, even worse, according to many posts in various forums locking the BL will erase all data.
Any idea if it's possible?
Thanks!
Click to expand...
Click to collapse
Not possible.
Install a Xiaomi EU rom Certified play store without root.
https://xiaomi.eu/community/

Thanks!
I just saw a post saying it's possible here ... but I don't want to risk loosing my data

Tiemichael said:
Thanks!
I just saw a post saying it's possible here ... but I don't want to risk loosing my data
Click to expand...
Click to collapse
Unroot the phone before flashing rom.

Phone is unrooted and updated with latest Stock, so I want to re-lock the BL.
As too many apps fail working with Magisk installed, and it's a constant search for work-arounds, I decided to stay unrooted. But many apps still fail because of the unlocked BL

Tiemichael said:
Phone is unrooted and updated with latest Stock, so I want to re-lock the BL.
As too many apps fail working with Magisk installed, and it's a constant search for work-arounds, I decided to stay unrooted. But many apps still fail because of the unlocked BL
Click to expand...
Click to collapse
That's why https://xiaomi.eu/community/

Sorry, I am lost ...
what's so special about https://xiaomi.eu/community/? How will it help me?

Tiemichael said:
Sorry, I am lost ...
what's so special about https://xiaomi.eu/community/? How will it help me?
Click to expand...
Click to collapse
You can flash without losing data(use update scrip in the zip rom or twrp) and have a working phone(certified) without locking the bootloader and these roms are better than stock(choice between android 11 or 12).

Got it! Thanks!

Tiemichael said:
Not sure if it's possible to re-lock the Bootloader without loosing all data.
As more and more apps stopped working with some 'security warning' and finding it more and more difficult to run certain banking and other applications I decided to 'unroot' my Poco F2 Pro.
But, too bad, some Apps still complain about 'security issues' or explicitly about the unlocked bootloader - but now there is no MAGISK Hide or similar to 'cheat the system'
But, even worse, according to many posts in various forums locking the BL will erase all data.
Any idea if it's possible?
Thanks!
Click to expand...
Click to collapse
This thread will tell you how to set up Magisk to keep the security conscious apps happy.
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
No it's not possible to re-lock the bootloader without losing your data.
Installing a Xiaomi.eu ROM will still have things complain about an unlocked bootloader, so isn't much of a solution.

try use latest Magisk (24.3) activate zygisk and set deny list all apps that cause problem..
plus install module safetynet-fix 2.2.1 ..

Samsung A03s roo issues

Hey I am trying to root my sm-a037w, fully updated.
I remember having OEM unlocked it using the developer option which is now gone completely.
I'm using Magisk to patch the AP file
Then use ODIN to flash it and it stops at vbmeta with a error.
I'm new to this and have googled alot but now I'm really stuck.
So it fails, corrupt phone, I reflash oem AP and it restarts.
I have adb and fastboot ready to go,
Thank you.

Johnhek said:
Hey I am trying to root my sm-a037w, fully updated.
I remember having OEM unlocked it using the developer option which is now gone completely.
Click to expand...
Click to collapse
This is your problem, right here. If you closely read the Magisk installation instructions:
Unlocking the bootloader on modern Samsung devices have some caveats. The newly introduced VaultKeeper service will make the bootloader reject any unofficial partitions in some circumstances.
Allow bootloader unlocking in Developer options → OEM unlocking
Reboot to download mode: power off your device and press the download mode key combo for your device
Long press volume up to unlock the bootloader. This will wipe your data and automatically reboot.
Go through the initial setup. Skip through all the steps since data will be wiped again in later steps. Connect the device to Internet during the setup.
Enable developer options, and confirm that the OEM unlocking option exists and is grayed out. This means the VaultKeeper service has unleashed the bootloader.
Your bootloader now accepts unofficial images in download mode
Click to expand...
Click to collapse
If you can't see OEM Unlocking in Developer Options, and you see KG STATUS: PRENORMAL on the download mode screen, Vaultkeeper is still active and will reject custom images.

V0latyle said:
This is your problem, right here. If you closely read the Magisk installation instructions:
If you can't see OEM Unlocking in Developer Options, and you see KG STATUS: PRENORMAL on the download mode screen, Vaultkeeper is still active and will reject custom images.
Click to expand...
Click to collapse
Yea I've been trying for the last 48 hours and I can't figure it out how to get it back.
I did have developer mode active and had seen and allowed oem unlocking, not sure when I disappeared, I think it was the latest update.
Don't know how to proceed.
Tried setting the date back , disabling system update and software update, still no OEM Unlocking.
I have read those instructions many times, I have no prior experience rooting or modding android :/
Should I reflash original firmware?
Where do I go from here?

Johnhek said:
Yea I've been trying for the last 48 hours and I can't figure it out how to get it back.
I did have developer mode active and had seen and allowed oem unlocking, not sure when I disappeared, I think it was the latest update.
Don't know how to proceed.
Tried setting the date back , disabling system update and software update, still no OEM Unlocking.
I have read those instructions many times, I have no prior experience rooting or modding android :/
Should I reflash original firmware?
Where do I go from here?
Click to expand...
Click to collapse
Did you ever see the OEM Unlocking toggle after you unlocked the bootloader?
I assume you -did- unlock the bootloader, correct?
OEM Unlocking does not unlock the bootloader, it simply allows you to.
Reflashing the firmware might be a good idea. Keep in mind that Samsung is notorious for trying to disallow custom binaries on newer bootloaders. This is all speculation though, I'd need to see the error you got to have a better idea what the issue is.

flashing firmware is bad idea, this won't reset vaultkeeper. check RMM/KG state from download mode screen first. btw it's called odin mode (not fastboot mode)
[GUIDE][17.06.2019] RMM/KG bypass - Root/Install TWRP on Exynos Samsung after 2018
UPDATE 17.06.2019 - NEW RMM/KG bypass patch UPDATE 23.02.2019 - Pie and more Please take some time and read carefully the whole post. I am not and i won`t be responsable for anything. Disclaimer I am not responsible for bricked devices, dead...
forum.xda-developers.com

aIecxs said:
flashing firmware is bad idea, this won't reset vaultkeeper. check RMM/KG state from download mode screen first. btw it's called odin mode (not fastboot mode)
[GUIDE][17.06.2019] RMM/KG bypass - Root/Install TWRP on Exynos Samsung after 2018
UPDATE 17.06.2019 - NEW RMM/KG bypass patch UPDATE 23.02.2019 - Pie and more Please take some time and read carefully the whole post. I am not and i won`t be responsable for anything. Disclaimer I am not responsible for bricked devices, dead...
forum.xda-developers.com
Click to expand...
Click to collapse
Knox Guard has to be disabled by connecting to the Internet and checking for updates, and you have to be on stock firmware to do it.
Flashing the OEM firmware won't hurt anything, and is the only way to unlock KG.
Vaultkeeper is disabled by flashing the multidisabler in TWRP.

V0latyle said:
Did you ever see the OEM Unlocking toggle after you unlocked the bootloader?
I assume you -did- unlock the bootloader, correct?
OEM Unlocking does not unlock the bootloader, it simply allows you to.
Reflashing the firmware might be a good idea. Keep in mind that Samsung is notorious for trying to disallow custom binaries on newer bootloaders. This is all speculation though, I'd need to see the error you got to have a better idea what the issue is.
Click to expand...
Click to collapse
Hey thank you once again for your help.
To be clear this is how I recall the events .
1. I did enable OEM unlocking in developer options.
2. I updated the phone through the user interface.
3. OEM unlocking option dissapeared entirely after updating to android 12.
4. Downloaded XAC region firmware using SamFirm
5. Copied AP to my phone storage
6. Patched AP with Magisk, then transferred patched file to my PC.
7. Flashed BL, patched AP, CP and CSC(not home) using ODIN 3.14
ODIN said AUTH fail at Vbmeta on my PC and on the phone iirc.
8.Reflashed using stock AP to make the phone usable again.
At downloader screen I never saw hold volume up to unlock bootloader, only press up to continue. (after booting holding volume up+down+power)
Are KG and Vaultkeeper the same thing?
I guess my bootloader is locked and now OEM Unlocking option is gone.
This is the phone currently on latest firmware.
ODIN MODE reads:
FRP LOCK:ON
KG STATUS: CHECKING
MTK SECURE BOOT: ENABLE (0)
sec ctrl status (1)
SECURE DOWNLOAD: ENABLE
Baseband version A037WVLS 3 BVJ1 (bootloader version 3?)
Thanks for all the info, sorry for the messy post and not including all the info required.
I will provide you with the info you request, I do not know how to verify my KG status, it reads checking in ODIN MODE.
I am also not sure of how to identify the region firmware I need, the software version in my about phone says:
SAOMC_SM-A037W_OYV_BMC_12_0004
BMC/BMC/XAC/BMC
I have downloaded both XAC and BMC, both have worked for me.

Ohhh, it's a Mediatek device
Johnhek said:
At downloader screen I never saw hold volume up to unlock bootloader, only press up to continue. (after booting holding volume up+down+power)
Click to expand...
Click to collapse
The proper way to enter device unlock mode is thus:
Unplug any USB cables, power device off completely
Connect a USB cable to your PC, don't connect it to your phone yet
Hold both Volume buttons, do not press Power, and plug in the USB cable.
The screen should turn on with 3 options: Volume Up for download mode, long press Volume Up for device unlock mode, Volume Down for restart. Release both Volume buttons, then hold Volume Up.
Device should prompt you to confirm you want to unlock. If it prompts you to confirm you want to re-lock, stop! The bootloader is already unlocked.
Johnhek said:
Are KG and Vaultkeeper the same thing?
Click to expand...
Click to collapse
More or less...Vaultkeeper is the process that determines the Knox Guard status, which in turn is what actually allows custom binaries
Johnhek said:
I guess my bootloader is locked and now OEM Unlocking option is gone.
Click to expand...
Click to collapse
We'll see...
Johnhek said:
KG STATUS: CHECKING
Click to expand...
Click to collapse
This means that KG (Knox Guard)/Vaultkeeper hasn't yet verified your device is supposed to be unlocked.
Johnhek said:
MTK SECURE BOOT: ENABLE (0)
sec ctrl status (1)
SECURE DOWNLOAD: ENABLE
Click to expand...
Click to collapse
Is there nothing on there that says OEM LOCK?
Johnhek said:
Thanks for all the info, sorry for the messy post and not including all the info required.
I will provide you with the info you request, I do not know how to verify my KG status, it reads checking in ODIN MODE.
Click to expand...
Click to collapse
That's exactly how - it tells you in download/Odin mode.
Since it says CHECKING, there are two things we need to do:
Ensure the bootloader is indeed unlocked, using the steps I gave above
Once bootloader is confirmed to be unlocked, you need to boot into Android, connect to the Internet (use a WiFi network), go into Settings > System > System update and check for software updates. This also checks Vaultkeeper/KG.
After checking for software update, enable developer options (if not already enabled) and verify OEM Unlocking is present; it should be grayed out with the message "Bootloader is already unlocked".

The proper way to enter device unlock mode is thus:
Unplug any USB cables, power device off completely
Connect a USB cable to your PC, don't connect it to your phone yet
Hold both Volume buttons, do not press Power, and plug in the USB cable.
The screen should turn on with 3 options: Volume Up for download mode, long press Volume Up for device unlock mode, Volume Down for restart. Release both Volume buttons, then hold Volume Up.
Device should prompt you to confirm you want to unlock. If it prompts you to confirm you want to re-lock, stop! The bootloader is already unlocked.
Click to expand...
Click to collapse
I just tried this and there is no mention of unlock bootloader, same as before (volume up to continue) I click to continue and it reads;
PRODUCT NAME: SM-A037W​CURRENT BINARY: SAMSUNG OFFICIAL​FRP LOCK: ON​KG STATUS: CHECKING (I never created a samsung account on this phone if that means anything)​MTK SECURE BOOT: ENABLE (0)​sec ctrl statu (1)​WARRANTY VOID: 0x0 (0x0)​RP SWREV: B3 NS3 Kb3, Kr3, Vb3, Vbs3 S3​SECURE DOWNLOAD: ENABLE​​​Maybe I have to wait 7 days as I have read somewhere before I get the OEM Unlock option back?​​Thank you for your help ​

your device is FRP locked. you have to unlock with google account first.
as you updated stock ROM and downgrade is impossible, I doubt you will ever get OEM unlocking back. updating stock ROM was bad idea.
BOUNTY; fix for persistent RMM state lock after 7 days
I've had a situation where RMM state has always been prenormal and OEM unlock been absent for months on Oreo. After updating to Pie, OEM unlock appeared immediately on first boot, but RMM state prenormal was still there and flashing twrp give me...
forum.xda-developers.com

aIecxs said:
your device is FRP locked. you have to unlock with google account first.
as you updated stock ROM and downgrade is impossible, I doubt you will ever get OEM unlocking back. updating stock ROM was bad idea.
BOUNTY; fix for persistent RMM state lock after 7 days
I've had a situation where RMM state has always been prenormal and OEM unlock been absent for months on Oreo. After updating to Pie, OEM unlock appeared immediately on first boot, but RMM state prenormal was still there and flashing twrp give me...
forum.xda-developers.com
Click to expand...
Click to collapse
I am using the device normally and bought the phone new, using the google account i created for it , so i dont understand how this is possible.

Idk maybe FRP LOCK: ON disappears once you removed all bonded samsung and google accounts (maybe not caused by Google Factory Reset Protection but Samsung Reactivation Lock)?
V0latyle said:
I assume you -did- unlock the bootloader, correct?
OEM Unlocking does not unlock the bootloader, it simply allows you to.
Click to expand...
Click to collapse
No he didn't unfortunately. For bootloader unlocking and passing vaultkeeper one have to repeat that step twice, before and after unlocking/factory reset in odin/download mode.
https://forum.xda-developers.com/t/magisk-root-for-the-galaxy-s10-series.3918699

aIecxs said:
your device is FRP locked. you have to unlock with google account first.
as you updated stock ROM and downgrade is impossible, I doubt you will ever get OEM unlocking back. updating stock ROM was bad idea.
BOUNTY; fix for persistent RMM state lock after 7 days
I've had a situation where RMM state has always been prenormal and OEM unlock been absent for months on Oreo. After updating to Pie, OEM unlock appeared immediately on first boot, but RMM state prenormal was still there and flashing twrp give me...
forum.xda-developers.com
Click to expand...
Click to collapse
Upgrading firmware shouldn't cause problems with OEM Unlocking or unlocking the bootloader. You've stated this a couple of times but have yet to provide any source for your claim.
FRP Lock is simply on because he has a Google account logged in, and has absolutely nothing to do with OEM Unlocking.
@Johnhek you have already connected your device to WiFi, yes? If not, you need to do so, then go to Settings > System > Software update to trigger a check. Once done, go back to Developer Options to see if OEM Unlocking is visible.
If the bootloader wasn't unlockable, the OEM Unlocking toggle would never be present. The toggle controls the state of sys.get_unlock_ability which tells the bootloader it can be unlocked. There are a couple of props that control whether OEM Unlocking is available, ro.oem_unlock_supported which is supposed to be baked into the ROM at build time, and ro.oem_unlock_allowed which determines whether the toggle is available.
I will admit I'm not very familiar with MediaTek Samsung devices, but I don't see why the process would be any different. Still, here is a guide on using MTKClient
Let's just see if we can get the OEM Unlocking toggle back and make KG happy.

V0latyle said:
Upgrading firmware shouldn't cause problems with OEM Unlocking or unlocking the bootloader. You've stated this a couple of times but have yet to provide any source for your claim.
Click to expand...
Click to collapse
I don't know for SM-A037W but I know about people selling their Samsung phones on Android 10 for buying same model on Android 9 for reason.
Johnhek said:
I did have developer mode active and had seen and allowed oem unlocking, not sure when it disappeared, I think it was the latest update.
Click to expand...
Click to collapse
There is no official information but there are rumors that from certain security patch Samsung removed OEM unlocking forcefully (USA/Canada devices).
It's also my experience with SM-T555 region DBT still not unlockable as of today.
I think it's common sense when it comes to rooting/unlocking that older android versions are easier to root.
V0latyle said:
FRP Lock is simply on because he has a Google account logged in, and has absolutely nothing to do with OEM Unlocking.
Click to expand...
Click to collapse
For other brands it's not possible to flash anything when FRP Lock is on. Furthermore that state means device is actually FRP locked. Didn't know about Samsung FRP LOCK ON is only information about device is ready for FRP locking, sorry about that...
nevertheless FRP lock is contradictory to OEM unlock, both together is afaik not possible (except for Xiaomi).
btw flashing stock firmware won't unlock RMM/KG prenormal
we will know more about in 7 days...

V0latyle said:
Upgrading firmware shouldn't cause problems with OEM Unlocking or unlocking the bootloader. You've stated this a couple of times but have yet to provide any source for your claim.
FRP Lock is simply on because he has a Google account logged in, and has absolutely nothing to do with OEM Unlocking.
@Johnhek you have already connected your device to WiFi, yes? If not, you need to do so, then go to Settings > System > Software update to trigger a check. Once done, go back to Developer Options to see if OEM Unlocking is visible.
If the bootloader wasn't unlockable, the OEM Unlocking toggle would never be present. The toggle controls the state of sys.get_unlock_ability which tells the bootloader it can be unlocked. There are a couple of props that control whether OEM Unlocking is available, ro.oem_unlock_supported which is supposed to be baked into the ROM at build time, and ro.oem_unlock_allowed which determines whether the toggle is available.
I will admit I'm not very familiar with MediaTek Samsung devices, but I don't see why the process would be any different. Still, here is a guide on using MTKClient
Let's just see if we can get the OEM Unlocking toggle back and make KG happy.
Click to expand...
Click to collapse
@V0latyle hey I have tried those suggestions still no luck. Thank you and happy holidays, I will try waiting 7 days ND let everyone know
aIecxs said:
I don't know for SM-A037W but I know about people selling their Samsung phones on Android 10 for buying same model on Android 9 for reason.
There is no official information but there are rumors that from certain security patch Samsung removed OEM unlocking forcefully (USA/Canada devices).
It's also my experience with SM-T555 region DBT still not unlockable as of today.
I think it's common sense when it comes to rooting/unlocking that older android versions are easier to root.
For other brands it's not possible to flash anything when FRP Lock is on. Furthermore that state means device is actually FRP locked. Didn't know about Samsung FRP LOCK ON is only information about device is ready for FRP locking, sorry about that...
nevertheless FRP lock is contradictory to OEM unlock, both together is afaik not possible (except for Xiaomi).
btw flashing stock firmware won't unlock RMM/KG prenormal
we will know more about in 7 days...
Click to expand...
Click to collapse
@Alecxs Yea I probably should have left it android 11.

V0latyle said:
I will admit I'm not very familiar with MediaTek Samsung devices, but I don't see why the process would be any different. Still, here is a guide on using MTKClient
Let's just see if we can get the OEM Unlocking toggle back and make KG happy
Click to expand...
Click to collapse
I will read the link tonight , much appreciated

Johnhek said:
@V0latyle hey I have tried those suggestions still no luck. Thank you and happy holidays, I will try waiting 7 days ND let everyone know
Click to expand...
Click to collapse
You can also try disconnecting from the Internet (take out your SIM as well) and set the date back by at least a week. Or you can set it forward.
Johnhek said:
@Alecxs Yea I probably should have left it android 11.
Click to expand...
Click to collapse
It shouldn't matter, honestly, although I generally prefer to do one thing at a time - unlock the bootloader, THEN update.
I have a feeling that the MediaTek aspect of things may be the issue here, although I have no way of knowing.
Johnhek said:
I will read the link tonight , much appreciated
Click to expand...
Click to collapse
Hopefully it will be of some help to you. It's not beginner friendly - you have to install Python and compile it, but if you can get MTKclient working, you can see if it's what you need.

V0latyle said:
I have a feeling that the MediaTek aspect of things may be the issue here, although I have no way of knowing.
Hopefully it will be of some help to you. It's not beginner friendly - you have to install Python and compile it, but if you can get MTKclient working, you can see if it's what you need.
Click to expand...
Click to collapse
Reading it now, I think I can handle it, the instructions seem clear.
As for the date trick.
I tried it while connected to wifi, I dont even have a sim card in this phone lol.
Tried setting to last month, havent tried forward in time though, will try disconnected as well.
The mediatek thing seems promising, I think the sec ctrl status (1) in the download screen is MTK related...
I will let you know.

I have read in one of the linked threads that SIM card plays a role here. I recommend to enable mobile data for 7 days, although there is less hope.
from what I have learned from elliwigy one can't cheat samsung bootloader not even with mtkclient. there is however paid service for devices with DID token on download screen (afaik Qualcomm only). but try mtkclient first it's a good exercise and maybe you're lucky and it works.

aIecxs said:
I have read in one of the linked threads that SIM card plays a role here. I recommend to enable mobile data for 7 days, although there is less hope.
from what I have learned from elliwigy one can't cheat samsung bootloader not even with mtkclient. there is however paid service for devices with DID token on download screen (afaik Qualcomm only). but try mtkclient first it's a good exercise and maybe you're lucky and it works.
Click to expand...
Click to collapse
I tried mtkcient but I kept getting unauthorized handshake when trying to connect phone :/
Followed instructions as per link but I encounter one error in the process:
Get latest UsbDk 64-Bit​
Install normal MTK Serial Port driver (or use default Windows COM Port one, make sure no exclamation is seen)
Get usbdk installer (.msi) from here and install it
Test on device connect using "UsbDkController -n" if you see a device with 0x0E8D 0x0003
Works fine under Windows 10 and 11
I'm on windows 11 and when I put the command "UsbDkController -n" in terminal it doesn't recognize it.
I installed the usbdk drivers from git hub, a .msi fil, from the guide.
Another problem is I don't know how to set windows default COM Port one.