Galaxy S9+ LineageOS

2021-03-14

The official guide misses some details that are pretty important.

Most of the guide is correct. I’m making this addendum, but may end up rewriting the steps later anyway.

Boot combination

There are two different modes you can boot into. The guide tells you how to do it, but doesn’t emphasize enough the difference, because the buttons are so similar.

• Bixby + Power + Vol Down is download mode
• Bixby + Power + Vol Up is recovery mode

Note which volume button is used. It’s important. The first one you use during the process is download, with which you flash the recovery.

Rebooting after flashing recovery

In the guide it specifies using --no-reboot when flashing recovery with heimdall. You might think "if i need to reboot anyway, why not just skip that flag?" The crucial thing is that the moment that you reboot, you also need to hold down the keys (see above) to get into recovery. If you don’t, the default OS will rewrite the stock recovery and you will have wasted your time. The window you have is only a second or two, so be prepared.

The stock recovery will only install Samsung images, so if you’re wondering why you can’t just use that, that’s why.

Encryption

Something completely unmentioned in the guide is the disk encryption. A factory reset will (presumably?) just flash a gold image (with disk encryption) back to the device. That’s not a "wipe". When you’ve booted into your recovery (i used TWRP, YMMV) you need to format the main storage entirely. This will generate new encryption keys and completely dump whatever you already have (which is what you probably want).

If you don’t, when you try to boot you’ll be greeted with a loop of "Encryption unsuccessful" followed by a TWRP factory reset script. Rinse repeat; boot loop. You can break out of it by powering down the device and going back to TWRP, formatting the storage, and sideloading again.

If you’re doing it right, the first boot should show a green outline of an android with gears for a torso that says "encrypting drive, estimated time 00:10" until it finishes.

Editorialization on encryption

"Encryption" on a phone makes people feel safe, but it must be noted that the way it’s done on Samsung makes it so that the company can read your files even if they’re encrypted. Your phone’s files are encrypted with a key stored on the device, true. However, you have no control over that key - only the company does. When you change your pin (or any other feature used "in the encryption key") what’s happening is that the file the key is stored in is being re-encrypted. This is why changing PINs doesn’t cause the whole phone to re-encrypt every file every time you change the PIN.

This means that the key used to encrypt files on your phone is constant, and known to the company - it isn’t a secret. If a government decides it wants to coerce samsung to give up your phone contents, they can do that.

If you care about encryption, disregard the FDE that comes standard.

All site content protected by CC-BY-4.0 license