Yes, thats right...so reading more through this thread it seems the proper way is to unlock it before doing anything at all.
once an efuse is blown its done. you can not go back. and i would guess that even if they release a new update and you are on an older one even if you skip over this current one to say update to like 7 (if it ever comes) it will still blow the efuse going forward.Do you think Amazon is going to temporarily disable the efuse on the future firmwares as it's on the newer update? Meaning aren't they going to re-enable with for example, the 5th os update on the interface? Or is it permanent after it's triggered? This is out of curiosity
So no alternatives at all then? I'm sure glad I kept my 3 4K's unlocked beforehandonce an efuse is blown its done. you can not go back. and i would guess that even if they release a new update and you are on an older one even if you skip over this current one to say update to like 7 (if it ever comes) it will still blow the efuse going forward.
no, only issue may be trying to downgrade. the update doesn't relock it. i flashed 6.2.8.0 and still have total unlock and root. You can install earlier than 6.2.8.0 and still downgrade. You didnt need to set up to unlock them though.... The unlocking causes a factory reset at minimum....so do these need to be setup on an account BEFORE unlocking them and installing twrp? i saw this on another website where they say you must set them up before doing so. i bought a few backups based on serial numbers (and got lucky they all were easily unlocked) and went ahead and unlocked them and installed twrp but have yet to use those i put them back in the box's in case i need them later on. but now i saw this other site saying they need to be setup first? but if i go ahead and set them up they will update then not be able to be unlocked?? hope i didnt hose 4 new ones by doing it first. thanks for any help
yes, I unlocked and rooted out of the box and it remained that way even though it updated during first setup. Downgrade probably wouldn't be possible, but I dont need it because everything works this wayno, only issue may be trying to downgrade. the update doesn't relock it. i flashed 6.2.8.0 and still have total unlock and root. You can install earlier than 6.2.8.0 and still downgrade. You didnt need to set up to unlock them though.... The unlocking causes a factory reset at minimum....
Hey There ,so do these need to be setup on an account BEFORE unlocking them and installing twrp? i saw this on another website where they say you must set them up before doing so. i bought a few backups based on serial numbers (and got lucky they all were easily unlocked) and went ahead and unlocked them and installed twrp but have yet to use those i put them back in the box's in case i need them later on. but now i saw this other site saying they need to be setup first? but if i go ahead and set them up they will update then not be able to be unlocked?? hope i didnt hose 4 new ones by doing it first. thanks for any help
Hello
I am kinda new to Fire Stick (hopefully not to android and rooting in general) and I would like to root it.
I bought my FireStick 4k about 2 years ago and since then the box has never been opened nor the stick was powered on. It put it in my drawer and I forgot about it. According to the first post my stick should be rootable (it definately has some old fw version and the serial number is VM139...)
I went through this thread (77 pages of posts) and I am still unsure if I get everything right.
Could you please guide me what to do next, I do not want it to OTA to 6.2.8.x to blow the fuses.
What are all the steps to unlock it, register it and avoid to obtain the OTA root patch.
Thank you for your help I would like to do it right and not break it and lose the ability to root the device.
once an efuse is blown its done. you can not go back. and i would guess that even if they release a new update and you are on an older one even if you skip over this current one to say update to like 7 (if it ever comes) it will still blow the efuse going forward.
For downgrade to work correctlyYes, this is the exact process I went through.
Where did you buy an unlockable stick?
- New Fire Stick out of the box, never updated
- Unlocked bootloader, installed TWRP
- Plugged in Fire Stick, let it self update all the way to 6.2.8.0
- Went into Developer options, enabled ADB debugging
- Connected to Fire Stick, flashed older ROM (currently running 6.2.6.6, going to go to 6.2.7.1 soon)
I will say, based on my condition and what I am experiencing I am not 100% convinced that the downgrade is completely "clean", in that some app's, even using identical versions of the apps, that caused me no visual issues pre 6.2.8.0, ARE causing me issues after the upgrade and downgrade process. So I'm not completely convinced the downgrade process is 100% "clean". But my issue could also be caused by minor hardware difference between multiple sticks, so the fact I am having symptoms is not conclusive evidence that the downgrade is not clean.
So, I have bought a new Fire TV Stick S/N G4N0VM071 etc, etc, and of course it's locked.
I mean, I didn't try unlocking it BEFORE turning it on at all, however the only thing I did was powering it on and verifying it was working, WITHOUT connecting it to internet (I stopped at the network selection screen). It said "update in progress", I guess that was a local update. Mmmh, who knows if that's what locked it or it comes already locked from the factory.
Anyway, since I had to rework a couple of tiny ass BGAs in my life:
I was wondering if someone managed to desolder the flash and stick it on another board, would it be readable or is it encrypted?
That would be quite inconvenient, but it would work nonetheless to write the custom recovery in the flash.
That's good news.It's readable, not encrypted at all.
Can you take a few detailed pictures from the board with the flash removed, please?
Yes.
You can solder a few enameled copper wires to the CLK, CMD, DAT0, Vcc, VccQ and GND pads.The "hard" part now is finding, ideally, a ZIF socket for the flash and something that can read it, I never had a look at a "flash reader" or something similar, if it does exist.
Oh! It's an e-MMC! I'm dumb. I made practically the same thing when I bricked my 3DS in 2015.Yes.
Would be great if you can take a picture from the Sticks mainboard with the flash removed. Maybe helpful sometimes, in order to trace the wiring of CLK, CMD and DAT0 on the board...
You can solder a few enameled copper wires to the CLK, CMD, DAT0, Vcc, VccQ and GND pads.
Here is a propper tool for r/w the chip:
Interfacing with e-MMC Storage Devices - Exploitee.rs
www.exploitee.rs
Some old root guide for the first gen. fireTV stick ever:
Won't work nowadays because of androids dm-verity.Amazon Fire TV Stick - Exploitee.rs
www.exploitee.rs
Wait a sec, I didn't catch that, since Mantis has Android 7 (hence dm-verity enabled?) does that mean it won't work by manually writing TWRP on the eMMC?
Wait a sec, I didn't catch that, since Mantis has Android 7 (hence dm-verity enabled?) does that mean it won't work by manually writing TWRP on the eMMC?
EDIT: Oh, you were referring only to the rooting procedure, correct? TWRP should work without major issues, right?
I think my Vendor Partition is corrupt. I tried restore from working backup....no go.
I tried fastboot format /vendor and got error....Formatting not supported for file system with type "View attachment 6086496
git clone https://github.com/bkerler/mtkclient
cd mtkclient
python3.8 -m pip install .
python3.8 mtk_gui
Yes there is, use the bugged version of kamakiri, it will not give you any option for TWRP.I‘ve plugged in an usb adapter to connect a usb dongle for a mouse.
There‘s no other option to deactivate the countdown?
It is actually fairly easy and easier is to brick your stick.I have two firestick 4K and that one, on which i‘ve unlocked bootloader wasn‘t planned to get unlocked
Is it easily possible to remove the unlock?
So I did kamakiri on a dead one like the one you got. It revived the stick for a couple of weeks - then /data went bad.
mmc extcsd read /dev/block/mmcblk0
eMMC Pre EOL information [EXT_CSD_PRE_EOL_INFO]: 0x03
Value | Severity | Meaning |
---|---|---|
0x00 | Not defined. | |
0x01 | Normal | The disk has consumed less than 80% of its reserved blocks |
0x02 | Warning | The disk has consumed more than 80% of its reserved blocks |
0x03 | Urgent | The disk has consumed more than 90% of its reserved blocks |
Root needed (or TWRP)To check eMMC status we can also run something like this via TWRP adb
Code:adb shell cat /sys/class/block/mmcblk0/device/cid cat /sys/class/block/mmcblk0/device/csd mount -t debugfs none /sys/kernel/debug && cat /sys/kernel/debug/mmc0/mmc0:0001/ext_csd
cat /sys/block/mmcblk0/device/life_time
cat /sys/block/mmcblk0/device/pre_eol_info
Props to hasobist for helping me. Thank you sir.Use Titanium backup from your other stick where the app is working and restore in the one with problem.
./bootrom-step.sh
./fastboot-step.sh
echo "--update_package=/path/to/zipfile" > /cache/recovery/command
echo "--wipe_cache" >> /cache/recovery/command
reboot recovery
Is this something that Amazon can fix with future updates? I am holding off until we have a more refined rom..