[MOD] Multidisabler fork *keeps data encryption*: disables Vaultkeeper, auto-flash of stock recovery, proca, wsm, cass,

Search This thread

SolidHal

Member
Oct 4, 2016
23
45
shadow moses island
github.com
Since many custom recoveries (twrp) don't usually support mounting an encrypted data partition, the original Multidisabler disables file based encryption (https://source.android.com/security/encryption/file-based) which results in an unencrypted data partition.

While many find this useful, and it saves time to be able to download a zip and hop right in to recovery to flash it, this is not great for user security and privacy.
It is important enough that google has required file based encryption on all new devices running android 10 and higher (source https://source.android.com/security/encryption/file-based)


All that is to say, I forked the multidisabler and dropped the code that disables encryption. Install it in twrp like you would any other zip.

source: https://github.com/SolidHal/multidisabler-samsung-keep-encryption
downloads: https://github.com/SolidHal/multidisabler-samsung-keep-encryption/releases/tag/3.1-encrypt

FAQ:
Q: How do I get zips on my device to flash in twrp/other custom rom
A: either use your microsd, or use the adb sideload function. Most if not all recoveries have adb sideload support. its pretty great. for twrp it is under "advanced"

Huge thanks for @ianmacd for creating the Multidisabler: https://forum.xda-developers.com/t/...of-stock-recovery-proca-wsm-cass-etc.3919714/
 

ivoe

Senior Member
I assume you would need a bootload r unlock?


Is there any Bootloader bypass?
Im not willing to pay someone 150+ for a phone to be unlocked.... Especially when I am already paying $1000+ for the phone.

If not I'll much rather wait till I pay of the last few payments for the phone
 

elliwigy

Retired Forum Moderator / Recognized Developer
XDA App Taskforce
I assume you would need a bootload r unlock?


Is there any Bootloader bypass?
Im not willing to pay someone 150+ for a phone to be unlocked.... Especially when I am already paying $1000+ for the phone.

If not I'll much rather wait till I pay of the last few payments for the phone
Pretty sure it's not 150+ dollars lolol.. but I understand..

To answer your questions since I didn't see any yet, yes, you need a bootloader unlocked seeing as how this is a flashable zip you would flash in TWRP and TWRP of course requires an unlocked bootloader etc. (or SHRP or OF recovery whichever doesn't matter, they all require bootloader to be unlocked...)

And no, there isn't any "bypass", at least if I understand correctly in that by bypass you mean something that bypasses the bootloader and allows custom firmware to boot without unlocking the bootloader in which case of course is still no, there hasn't been one for a long time.

And not being able to pay for the service is understandable, if you prefer to unlock devices normally then I am sure you have researched which ones are best but usa Snap models are usually not the choice to go for.
 

elliwigy

Retired Forum Moderator / Recognized Developer
XDA App Taskforce
I just wanted to add for those that won't click the Google/Android link you posted on file-based encryption what it means to have encryption when it comes to TWRP. He briefly mentions it in the OP but essentially what it means is that if you use twrp or other custom recovery while in twrp your data partition is encrypted.. This means when you use adb shell, build in terrminal, file manager, or even install/flashing from device itself the data will be encrypted so you will not be able to access your files while in recovery at all if they are on the device itself.. to flash a zip you would need to start your custom recovery in adb sideload then use computer with phone plugged in and adb installed and adb sideload the zip you want to install from your computer.

Therefore in order to install your zips as stated in the OP you would need to use an external sd card, or adb sideload.

I never care about encryption honestly but I suppose if data is encrypted and you have twrp installed then anyone can access your files and make backups or anything they want vs. not encrypted it just limits your options for flashing but makes it harder for people to steal your data..

Although I am pretty sure if any hacker knew what they were doing regardless, if they had root and/or TWRP then they could surely steal your data if they really wanted to encryped or not lol. This is just my opinion though..
 

SolidHal

Member
Oct 4, 2016
23
45
shadow moses island
github.com
>Although I am pretty sure if any hacker knew what they were doing regardless, if they had root and/or TWRP then they could surely steal your data if they really wanted to encryped or not lol. This is just my opinion though..

Definitely, simply unlocking the bootloader opens you up to plenty of evil-maid type attacks where someone could replace your kernel with their own, and next time you decrypt your device it could record the key, or simply start copying data out over the network.

But, encryption does provide important protection from different types of attacks.
Without encryption, anyone can access your data anytime they have access to your device, no clever attacks necessary. Just plug it in, and the data is theirs. With encryption enabled, attacks are definitely still possible, but are much harder to execute.

If you care about your data, have encryption enabled, and want to protect against evil-maid type attacks, make sure to wipe your device after it leaves your control.

If you are seriously concerned about security (life or death, substantial financial loss, etc) don't unlock your bootloader, or look into roms like graphene that support re-locking the bootloader.

adb sideload or an external sd card work great for development work while keeping your important things encrypted.
 

elliwigy

Retired Forum Moderator / Recognized Developer
XDA App Taskforce
>Although I am pretty sure if any hacker knew what they were doing regardless, if they had root and/or TWRP then they could surely steal your data if they really wanted to encryped or not lol. This is just my opinion though..

Definitely, simply unlocking the bootloader opens you up to plenty of evil-maid type attacks where someone could replace your kernel with their own, and next time you decrypt your device it could record the key, or simply start copying data out over the network.

But, encryption does provide important protection from different types of attacks.
Without encryption, anyone can access your data anytime they have access to your device, no clever attacks necessary. Just plug it in, and the data is theirs. With encryption enabled, attacks are definitely still possible, but are much harder to execute.

If you care about your data, have encryption enabled, and want to protect against evil-maid type attacks, make sure to wipe your device after it leaves your control.

If you are seriously concerned about security (life or death, substantial financial loss, etc) don't unlock your bootloader, or look into roms like graphene that support re-locking the bootloader.

adb sideload or an external sd card work great for development work while keeping your important things encrypted.
I know what encryption is and does lol.. was moreso just posting what this means in twrp for ppl that dont know or understand and think twrp is broken or something when its just encryption fir example.
 

callidus_ex_de_latebros

Senior Member
Feb 4, 2014
131
138
Has anyone been using Magisk (or some other root method) while keeping FBE enabled?

I've been looking at custom ROMs, but most of them (especially OneUI roms) seem to break/disable FBE. Is anyone using a custom ROM with FBE, or am I better-off just rooting the stock ROM and debloating?
 

SolidHal

Member
Oct 4, 2016
23
45
shadow moses island
github.com
Has anyone been using Magisk (or some other root method) while keeping FBE enabled?

I've been looking at custom ROMs, but most of them (especially OneUI roms) seem to break/disable FBE. Is anyone using a custom ROM with FBE, or am I better-off just rooting the stock ROM and debloating?
I use my custom lineage builds with FBE enabled, not sure about magisk though. If you try it, please report back :)
 

goobener

Member
May 14, 2015
45
12
HTC 10
This is probably a stupid question...I see the multidisabler says 3.1..

Is oneui 3.1 required or does it work with oneui 3.0?
 

FakrudeenAhamed

Senior Member
Apr 26, 2014
184
81
Chennai
Hello, Will this work on Samsung s8 exynos version. I have hades q custom rom installed.

Edit : I tried installing the zip( Stupid decision) from sdcard in twrp, got error 3, attached screenshot for reference. Any support is appreciated .
 

Attachments

  • Screenshot_2021-08-16-07-43-46.png
    Screenshot_2021-08-16-07-43-46.png
    247 KB · Views: 110
Last edited:

soilensan

Member
Sep 18, 2021
20
0
Hà Nội
i tried your file but it doesn't work for my Samsung SM-A115F , hope you can create a file for this device for me , or tell me how to create it , i would appreciate it if you help help
 

Delphi_RTTI

New member
Sep 21, 2021
4
0
Kiyv
Hello!
Help solve the problem:
Samsung A02s, Android 11.
After installing TWRP v3.5.2 on the phone, it is impossible to set either a pin code or a password for the lock screen.
Unfortunately, before formatting the data section, I forgot to install Multidisabler. I do not know, maybe this is not entirely and is no longer relevant, but is there any way to cure it?
Is there a cure?
 

Delphi_RTTI

New member
Sep 21, 2021
4
0
Kiyv
Please guide me, the sequence of installing files through Odin:
vbmeta in the (user data) field.
If the phone performs a full reset, we agree, otherwise we turn off the phone and go into recovery, we reset the data forcibly.
We reboot into download mode.
Install TWRP Recovery.
Installing multi-disabler via TWRP.
We format the Data section.
Install Magisk.
Loading into the system ...
 

soilensan

Member
Sep 18, 2021
20
0
Hà Nội
Need your answer, it doesn't work with Samsung A11 even though I tried enough rom
Vì nhiều khôi phục tùy chỉnh (twrp) thường không hỗ trợ gắn phân vùng dữ liệu được mã hóa, Multidisabler ban đầu vô hiệu hóa mã hóa dựa trên tệp ( https://source.android.com/security/encryption/file-based ) dẫn đến dữ liệu không được mã hóa vách ngăn.

Mặc dù nhiều người thấy điều này hữu ích và tiết kiệm thời gian để có thể tải xuống một tệp zip và truy cập ngay vào khôi phục để flash nó, nhưng điều này không tốt cho bảo mật và quyền riêng tư của người dùng.
Điều quan trọng là google đã yêu cầu mã hóa dựa trên tệp trên tất cả các thiết bị mới chạy android 10 trở lên (nguồn https://source.android.com/security/encryption/file-based )


Tất cả những gì cần nói, tôi đã tách bộ vô hiệu hóa đa năng và bỏ mã vô hiệu hóa mã hóa. Cài đặt nó trong twrp giống như bạn làm với bất kỳ zip nào khác.

source: https://github.com/SolidHal/multidisabler-samsung-keep-encryption
downloads: https://github.com/SolidHal/multidisabler-samsung-keep-encryption/releases/tag/3.1-encrypt

FAQ:
Q: How do I get zips on my device to flash in twrp/other custom rom
A: either use your microsd, or use the adb sideload function. Most if not all recoveries have adb sideload support. its pretty great. for twrp it is under "advanced"

Huge thanks for @ianmacd for creating the Multidisabler: https://forum.xda-developers.com/t/pie-10-11-system-as-root-multidisabler-disables-encryption-vaultkeeper-auto-flash-of-stock-recovery-proca-wsm-cass-etc.3919
 

Top Liked Posts