Re: Se Bootloader Unlocking Relocking Exe
Bubba Lual
Hi dear friends.
I spent last couple hours reviewing all the previous posts and there still doesnt appear enough information for me to confirm that i am safe to relock the bootlocker after updating to /e/
Here are the questions i have:
1.i need to relock bootloader, how do i do that.
2.instructions say i need to execute commands on the computer. How? Which software is needed to run those commands and what kind of commands? Can anyone post video instruction.
3.does oem unlock toggle need to be on or off prior to executing any commands
4. Can someone confirm what security patch date was on fairphoneos as of 2 days ago when i updated that to /e/
Your safest course of action is to wait for /e/ to release the next update for FP4 which should contain the March 23 security patch. While you wait you can learn about some of the things you need to know in order to make a plan for locking the bootloader.
Q 3. The current state of OEM unlocking toggle in Developer options I would expect to be greyed out with info saying bootloader is already unlocked, yes? It should be optional to toggle it back on after locking the bootloader.
I decided to give it a try and locked the bootloader.
Locking critical partitikn worked fine and wiped the data and restarred the system fine, but going with thr last lock brought a message - your data is corrupt and wont boot.
Thankfully it didnt brick it, but locking the bootloader right now will bring that red data corrupt message and wont boot.
Can we request an updated version of /e/ with a better security patch (newer) so the bootloader can be locked again, that orange error message is very annoying at the boot haha
Guys, the problem remains that if you upgraded your fairphoneos in april and then went straight to /e/ 1.9 the version of the security patch will not let you relock the bootloader without bricking and /e/ needs to upgrade 1.9 to 2.0 and include the fix and the newer security patch to permit users to relock their bootloader.
Sure but here is my situation: i upgraded my FPos stock from 11 to 12 ota and then installed eOS with thr march security patch. Everything works fine except if i decide the relock the bootloader i will again have the bricking error screen at boot saying the data is corrupt. Lets create a comprehensive guide for users with video and pictures on how to make sure users check for security patch date on their phone before upgrading so they wont brick their fp4.
For example, two other custom ROMs (based on Android 13) for the FP4 require a file called avb_custom_key.img or avb_custom_key.bin for relocking, as it is offered here by /e/: 2. Download the avb custom key
So after running IodOS for a while I wanted to return to the stock ROM.
I Installed it per official install script, so far so good.
Now I wanted to relock the bootloader and read about the bricked phones after relocking.
I prevented (manually) the phone from rebooting after flashing so fastboot flashing get_unlock_ability returned 1.
I proceeded with fastboot flashing lock_critical and it locked the critical partitions.
Now fastboot flashing get_unlock_ability returns 0 and the bootloader is still unlocked.
I see here that rooting the phone and manually changing the toggle of OEM unlocking could be a possibility to, at least, unlock the ciritcal partitions again. But I would rather not go down that route if there are more convenient options available. However I have found none.
I guess because the bootloader is still unlocked I need to sideload it? Do you know if that is possible with the critical partitions locked?
And after the OTA is installed I should be able to lock my bootloader again without risk of bricking, right?
As Iode is not that fast in providing security patches I assume the security patch level you had is not higher, latest FPOS is on, so overall probably quite safw to not brick, however no one can ever give you a 100% guarantee
My advice, ask in the iodOS channels what security patch level they ship in 4.10 for the FP5 and compare it to the patch level shown in the FPOS release notes for the latest factory images available, which is the latest release anyway at the moment.
i do not want tot complain too much, one needs to be careful. but this phenomenon would be totally avoidable imho by a better warning on the page - maybe fairphone team can improve this? even the official android documentation (did read it later, after the incident) explains it better.
Is this possible, i think it was as i've seen it suggested before however issue here is lots of phones delete data during the unlock relock, so that would remove all the mods relocking it defeats the point.
Also my current phone the Samsung S7 Edge, has factory reset protection. I have to unlock the bootloader to flash, tho if i lock the bootloader after flash. Reboot it is permantly stuck on a screen saying locked with factory reset protection in red.
Bootloader unlocking is the process of disabling the bootloader security that makes secure boot possible. It can make advanced customizations possible, such as installing a custom firmware. On smartphones this can be a custom Android distribution or another mobile operating system. Some bootloaders are not locked at all, others can be unlocked using a standard command, others need assistance from the manufacturer. Some do not include an unlocking method and can only be unlocked through a software exploit.
Unlocking the bootloader usually voids any warranties and may make the device susceptible to data theft.[1] On Chromebooks, enabling developer mode makes the system less secure than a standard laptop running Linux.[2] Unlocking the bootloader may lead to data loss on Android and ChromeOS devices, as some data is impossible to back up without root permission. This will also lead to certain security apps not working, such as Samsung Knox which the counter would be stuck at "0x1."
In 2011, Sony Ericsson released an online bootloader unlocking tool.[8] Sony requires the IMEI number to be filled in on their website.[9] For the Asus Transformer Prime TF201, Asus has released a special bootloader unlock tool.[10]
In 2012, Motorola released a limited tool for unlocking bootloaders.[11] They require accepting terms and conditions and creating an account before the bootloader can be unlocked for your Motorola device.[12]
Bootloaders can be unlocked using an exploit or using a way that the vendor supplied. The latter method usually requires wiping all data on the device.[13] In addition, some manufacturers prohibit unlocking on carrier locked phones. Although Samsung phones and cellular tablets sold in the US and Canada do not allow bootloader unlocks regardless of carrier status, a service has allowed users on an earlier version to unlock their US/Canadian Samsung phone(s) and/or tablet(s)[14][15]
In 2018, a developer from XDA Developers launched a service which allowed users to unlock the bootloader of some Nokia smartphone models.[16] Similarly, another developer from XDA Developers launched a service to allow users to unlock the bootloaders of Samsung Galaxy S20 and Samsung Galaxy S21 Phones.
Huawei announced plans to allow users to unlock the bootloader of the Mate 30 series, but later retracted that.[17] Huawei has stopped providing bootloader unlock codes since 2018.[18] A bootloader exploit named checkm30 has been developed for HiSilicon based Huawei phones.[19][non-primary source needed]
When the bootloader of the Samsung Galaxy Z Fold 3 was unlocked, the camera became less functional. This could be restored by re-locking the bootloader.[20] This issue was later fixed by Samsung.[21] For the Samsung Galaxy S22 series, unlocking the bootloader has no effect on the camera.[22]
The WPInternals tool is able to unlock bootloaders of all Nokia Lumia phones running Windows Phone, but not phones like the Alcatel Idol 4 or HP Elite x3.[23][24] Version 1.0 was released in November 2015.[25] In October 2018, the tool was released as open source software when the main developer Ren Lergner (also known as HeathCliff74) stepped down.[26]
The boot ROM protection on iOS devices with an A11 processor or older can be bypassed with a hardware exploit known as checkm8, which makes it possible to run other operating systems including Linux.[28]
The equivalent of bootloader unlocking is called developer mode in Chromebooks.[30] Chromebooks use custom bootloaders that can be modified or overwritten by removing a Write-protect screw.[31] Some models lack a screw and instead may or may not require disabling the onboard Cr50 chip.[1]
Asus used to provide an Unlocking tool for both of their smartphone lines, the Zenfone and ROG Phone. This worked as an installable .apk file that the user could install on their phone, then unlock the bootloader. The app worked by contacting Asus unlocking servers, then prompting the user to perform a factory reset.
In 2023 Asus removed the tool from their website and closed the unlocking servers, so even phones with the .apk file installed couldn't unlock their bootloaders. Representatives on the Asus forums claimed the tool would be available again, but as of March 2024 no additional information has been provided, even after the release of their latest device the ROG Phone 8 and the upcoming release of the Zenfone 11 Ultra.
A user on the popular fourm XDA (website) filed a court claim application against Asus due to the unlock tool never being released and alleged that Asus censored comments about the unlock tool on their form.[34]
According to information from technology groups in Vietnam, after updating version 2.1.6 of the VNeID application released on May 30, 2024, some Android phone users have received warnings : "Your device is not safe, there is a risk of containing malicious code...". As a result, users are thrown to the main screen and cannot use the VNeID application, even though before the update they could still log in and use it normally.
This is because VNeID 2.1.6 update has added new security measures to stop working on Android devices with root access, unlocked bootloader and developer mode enabled. To use, users must disable root access to the device, relock bootloader and turn off developer options.[37]
b1e95dc632