lineageOS/devices/gt-i9505.md

# Steps to flash microG LineageOS on Samsung Galaxy S4

download latest TWRP image from https://eu.dl.twrp.me/jflte/

download latest lineageOS from https://download.lineage.microg.org/jfltexx/

download latest su (arm) for 16.0 from https://download.lineageos.org/extras

## Unlock the Bootloader / OEM

Attach phone to PC. Use a good micro USB cable; make sure that you can use it
to copy data.

enable developer options

enable USB debugging in developer options

allow USB debugging access for your PC

## Format Data for Encryption

download official lineage recovery: https://download.lineageos.org/jfltexx

`adb reboot bootloader`

`heimdall flash --RECOVERY lineage-16.0-xxxxxxxx-recovery-jfltexx.img --no-reboot`

Now we don't want to boot into the system, we want into the new recovery
directly - so turn off the phone with the power button, and then boot into
recovery by holding the power button, the home button, and volume up for a few
seconds. Release them only when you see the blue "Recovery" writing in the top
left of the screen.

Now we need to take the following steps to format the data partition for
LineageOS:

- Factory Reset -> Wipe data / factory reset
- Factory Reset -> Wipe System

## Flash LineageOS

Now go back into the recovery main menu, tap on "Apply Update", then "Apply
from ADB". Then execute `adb sideload lineage-xxx.zip` on your PC.

After a while, it warns you you that the signature verification failed, and
whether you want to continue with the installation; answer "Yes".

Now we also want to root the phone with addonsu.  Go again to "Apply Update"
and "Apply Update from ADB"; then flash addonsu with `adb sideload
addonsu-16.0-arm-signed.zip`.  It doesn't overwrite lineageOS, don't worry - it
only installs addonsu next to it.

In the end, tap reboot to boot into the fresh LineageOS system.

### Finish Installation

Go through the setup screen and choose what you want. You can be as restrictive
as you want. Make sure to choose a Wi-Fi, so you can proceed with the next
steps; you can also do this at any later time. 

You should also choose a screen lock pin. Patterns are not very secure (you can
often see them by holding the phone into the light at the right angle).
Passwords are a bit inconvenient (but most secure). Do *not* use a fingerprint
sensor, they are really insecure.

## Device Encryption

Charge the phone to 100%.

Go to the Security Settings and encrypt the phone. During the process, it
reboots once and asks you for the device PIN. It can take a while, but not soo
long actually.

### Secure the device encryption

You usually want to have a long password for your device encryption, which you
only have to enter when the phone boots, and a shorter PIN for your lockscreen.
By design, Android doesn't allow this; this is a workaround to make it possible
still.

We will also install an app which shuts down the phone when you get the unlock
code wrong 5 times in a row.

#### Wrong PIN Shutdown

Open the F-Droid app, wait until it is done with "Updating repositories".

Install the app "Wrong PIN Shutdown".

Now go to the developer settings, and enable root for Apps and ADB.

Open "Wrong PIN Shutdown", grant Admin rights until forever, activate the
function, and set it to shut down the phone after 5 wrong tries to enter the
PIN. You can try it out directly - if you enter your PIN wrong 5 times, does it
shut down? 

#### Change the encryption password to a long password

First you need to enable USB debugging again. You can enable the developer
options at "About Phone", tap the "build number" seven times. After you enabled
it, you can find the Developer options in the settings at "System > Advanced >
Developer Options". Enable USB debugging and reboot into the bootloader mode:

Then go to the Security settings and set the PIN you want to use for your
lockscreen.

Now you have to backup the files where it is saved. To do so, execute these
commands with adb - you need to be connected to a PC with a proper USB cable:

```
adb root
adb pull /data/system_de/0/spblob/
adb pull /data/misc/keystore/user_0/1000_USRPKEY_synthetic_password_*  # the file has a different name; just remove the * and press tab before executing it
adb pull /data/system/locksettings.db
```

Now, go to the Security settings again, and change your PIN to the password you
want to use for the encryption. Unfortunately you can use maximally 17
characters.

Finally, you use adb again to restore the backup of the PIN, which changes your
lockscreen PIN, but not your encryption passphrase:

```
adb push locksettings.db /data/system/locksettings.db
adb push 1000_USRPKEY_synthetic_password_* /data/misc/keystore/user_0/  # the filename will be different with your device
adb push spblob/ /data/system_de/0/
```

When you try to unlock your screen now, you will realize that you still have to
enter the encryption passphrase. So reboot the phone; enter the encryption
passphrase at startup, as desired. When the phone has booted, you can use the
(shorter) PIN to unlock your phone.
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`# Steps to flash microG LineageOS on Samsung Galaxy S4`

			`download latest TWRP image from https://eu.dl.twrp.me/jflte/`

			`download latest lineageOS from https://download.lineage.microg.org/jfltexx/`

			`download latest su (arm) for 16.0 from https://download.lineageos.org/extras`

			`## Unlock the Bootloader / OEM`

			`Attach phone to PC. Use a good micro USB cable; make sure that you can use it`
			`to copy data.`

			`enable developer options`

			`enable USB debugging in developer options`

			`allow USB debugging access for your PC`

			`## Format Data for Encryption`

			`download official lineage recovery: https://download.lineageos.org/jfltexx`

			`adb reboot bootloader`

flashed another one, gathered experience 2019-11-25 07:48:55 +00:00			`heimdall flash --RECOVERY lineage-16.0-xxxxxxxx-recovery-jfltexx.img --no-reboot`

			`Now we don't want to boot into the system, we want into the new recovery`
			`directly - so turn off the phone with the power button, and then boot into`
			`recovery by holding the power button, the home button, and volume up for a few`
we can just root it with the lineage recovery. 2019-12-17 15:02:07 +00:00			`seconds. Release them only when you see the blue "Recovery" writing in the top`
			`left of the screen.`
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00
			`Now we need to take the following steps to format the data partition for`
			`LineageOS:`

			`- Factory Reset -> Wipe data / factory reset`
			`- Factory Reset -> Wipe System`

			`## Flash LineageOS`

			`Now go back into the recovery main menu, tap on "Apply Update", then "Apply`
			from ADB". Then execute `adb sideload lineage-xxx.zip` on your PC.

			`After a while, it warns you you that the signature verification failed, and`
			`whether you want to continue with the installation; answer "Yes".`

we can just root it with the lineage recovery. 2019-12-17 15:02:07 +00:00			`Now we also want to root the phone with addonsu. Go again to "Apply Update"`
			and "Apply Update from ADB"; then flash addonsu with `adb sideload
			addonsu-16.0-arm-signed.zip`. It doesn't overwrite lineageOS, don't worry - it
			`only installs addonsu next to it.`

set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`In the end, tap reboot to boot into the fresh LineageOS system.`

			`### Finish Installation`

			`Go through the setup screen and choose what you want. You can be as restrictive`
			`as you want. Make sure to choose a Wi-Fi, so you can proceed with the next`
			`steps; you can also do this at any later time.`

			`You should also choose a screen lock pin. Patterns are not very secure (you can`
			`often see them by holding the phone into the light at the right angle).`
refining the steps 2019-12-07 21:09:10 +00:00			`Passwords are a bit inconvenient (but most secure). Do not use a fingerprint`
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`sensor, they are really insecure.`

			`## Device Encryption`

			`Charge the phone to 100%.`

			`Go to the Security Settings and encrypt the phone. During the process, it`
			`reboots once and asks you for the device PIN. It can take a while, but not soo`
			`long actually.`

			`### Secure the device encryption`

			`You usually want to have a long password for your device encryption, which you`
			`only have to enter when the phone boots, and a shorter PIN for your lockscreen.`
			`By design, Android doesn't allow this; this is a workaround to make it possible`
			`still.`

			`We will also install an app which shuts down the phone when you get the unlock`
			`code wrong 5 times in a row.`

			`#### Wrong PIN Shutdown`

			`Open the F-Droid app, wait until it is done with "Updating repositories".`

			`Install the app "Wrong PIN Shutdown".`

flashed another one, gathered experience 2019-11-25 07:48:55 +00:00			`Now go to the developer settings, and enable root for Apps and ADB.`

set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`Open "Wrong PIN Shutdown", grant Admin rights until forever, activate the`
			`function, and set it to shut down the phone after 5 wrong tries to enter the`
			`PIN. You can try it out directly - if you enter your PIN wrong 5 times, does it`
			`shut down?`

			`#### Change the encryption password to a long password`

we can just root it with the lineage recovery. 2019-12-17 15:02:07 +00:00			`First you need to enable USB debugging again. You can enable the developer`
			`options at "About Phone", tap the "build number" seven times. After you enabled`
			`it, you can find the Developer options in the settings at "System > Advanced >`
			`Developer Options". Enable USB debugging and reboot into the bootloader mode:`

set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`Then go to the Security settings and set the PIN you want to use for your`
			`lockscreen.`

			`Now you have to backup the files where it is saved. To do so, execute these`
			`commands with adb - you need to be connected to a PC with a proper USB cable:`

			```
			`adb root`
			`adb pull /data/system_de/0/spblob/`
flashed another one, gathered experience 2019-11-25 07:48:55 +00:00			`adb pull /data/misc/keystore/user_0/1000_USRPKEY_synthetic_password_* # the file has a different name; just remove the * and press tab before executing it`
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`adb pull /data/system/locksettings.db`
			```

			`Now, go to the Security settings again, and change your PIN to the password you`
refining the steps 2019-12-07 21:09:10 +00:00			`want to use for the encryption. Unfortunately you can use maximally 17`
			`characters.`
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00
			`Finally, you use adb again to restore the backup of the PIN, which changes your`
			`lockscreen PIN, but not your encryption passphrase:`

			```
			`adb push locksettings.db /data/system/locksettings.db`
refining the steps 2019-12-07 21:09:10 +00:00			`adb push 1000_USRPKEY_synthetic_password_* /data/misc/keystore/user_0/ # the filename will be different with your device`
set up the Samsung Galaxy S4, documented it 2019-11-15 20:16:19 +00:00			`adb push spblob/ /data/system_de/0/`
			```

			`When you try to unlock your screen now, you will realize that you still have to`
			`enter the encryption passphrase. So reboot the phone; enter the encryption`
			`passphrase at startup, as desired. When the phone has booted, you can use the`
			`(shorter) PIN to unlock your phone.`