Saturday, February 29, 2020

Xiaomi needs a better way to unbrick its devices instead of Authorized Mi Accounts

Over the years, Xiaomi has become the golden boy of the Indian smartphone market. From being just a starter entity in 2014 to becoming the leading smartphone OEM in the market for several quarters in a row in 2019, it’s certainly been a wild ride for Xiaomi. We here at XDA-Developers have witnessed the company grow from the urban regions of China and move towards conquering markets in Southeast Asia and more recently, make headways into parts of Europe too. Xiaomi has also matured as a smartphone OEM — practices that were previously shoddy and questionable have matured and evolved into better practices as the company figured its way around. And while there’s definitely always room to improve for even the best of entities, Xiaomi is at a good spot as a smartphone OEM right now, one where they can be proud and humble at the same time.

In this article, we’d like to highlight one area where we feel Xiaomi can improve in 2020: making it easier to unbrick its devices. To give you a complete picture, it is necessary to take a few steps back to see what the current situation is, what were the problems that caused us to land where we are right now, and whether the same solutions that served Xiaomi back then remain the best solutions to serve the company in 2020.

The Reseller-Spamware menace in 2016

Back when Xiaomi was younger, in 2011-2015, several of its devices shipped with locked bootloaders that were trivially easy to unlock. This was generally a great thing for the sparsely populated development community back then, and it helped offset the disrepute Xiaomi’s then-frequent GPL violations brought in that era. The ease of modding these Xiaomi devices, and the fact that some of them provided value-for-money in a previously unseen manner, helped the company build up its popularity and build for itself its own Mi Community extending beyond just MIUI as software to Xiaomi as hardware and software.

As Xiaomi devices grew popular, their demand increased manifold in regions where Xiaomi was not ready to enter. Resellers took this opportunity to purchase Xiaomi devices from China and resell them unofficially outside of China. Phones from China did not (and still do not) ship with Google Mobile Services, so these resellers had to flash Google Apps onto the phones before selling them overseas. MIUI China also only bundled English and Chinese as available languages, so some resellers had begun resorting to flashing custom ROMs with wider language support to trick customers into thinking that the phone they purchased had a genuine “MIUI Global” ROM on it. As we know, custom ROMs aren’t perfect either, so customers were often stuck with buggy builds that would not be updated any more.

Over time, several of these unofficial resellers also resorted to injecting adware and spamware into the firmware to make some money beyond the sale of the device. Consequently, there was a period in 2016 when complaints had begun pouring in of Xiaomi devices coming preloaded with malware — which were the doing of these resellers and not of Xiaomi. The easiness of modding these devices was being exploited by these resellers, and Xiaomi was forced to put its foot down since its reputation was actively being harmed in the eyes of consumers.

Mi Unlock Tool for Bootloader Unlock

In early 2016, Xiaomi made a pivotal change to its bootloader unlock process. Starting with the Xiaomi Redmi Note 3, unlocking the bootloader required manual approval from Xiaomi. The new unlock method relied heavily on the Xiaomi Mi Unlock Tool and Mi Account, and unlock requests were allegedly manually approved. Response to bootloader unlock requests could take anywhere between 3-21 days, and even 60 day wait times were reported in some instances. Adding a wait time to the bootloader unlock process was effective in slowing down the operations of third-party retailers, but it was also understandably annoying for enthusiasts who wanted to unlock the bootloader to root their device, flash custom ROMs, and flash custom kernels.

Current wait time for bootloader unlock is 168 hours / 7 days

Despite these restrictions, there were still ways determined resellers could flash unofficial software onto Xiaomi devices, without even needing to unlock the bootloader in the first place. This was made possible through the EDL mode on Qualcomm-based devices and Download mode on MediaTek-based devices.

The Problem: EDL Lock Down

EDL stands for Emergency Download Mode, and it’s an alternative boot-mode on all Qualcomm devices, existing even lower than the standard bootloader. This boot mode, as well as Download Mode on MediaTek devices, are commonly used in service centers to unbrick devices. And this precisely is where problems exist for Xiaomi in 2020.

Back then, resellers had found that utilizing EDL-based flashing techniques would allow them to bypass the wait times associated with Mi Unlock Tool. This then forced Xiaomi to lock down the EDL mode and Download mode on its devices. Once locked down, this mode can only be accessed by a “programmer” that has been authorized by Xiaomi, essentially meaning that EDL mode cannot be used unless you have an “authorized Mi Account.” And to further ensure resellers have one less avenue to exploit, Xiaomi made it so that devices that aren’t Global-version devices could not boot a Global MIUI ROM (with the warning message “This MIUI can’t be installed on this device”). The same story extends to MediaTek-based devices too — MediaTek utilized a special SP Flash Tool for flashing images, but on Xiaomi-MediaTek devices, you cannot flash images using SP Flash Tool since you still need an authorized Mi Account.

This locking down served its purpose for Xiaomi: it did cut down malware reports on devices purchased from resellers, as they had no profitable way to load a different ROM. However, as collateral damage, this also eliminated the very methods available to enthusiasts to unbrick their Xiaomi device, regardless of SoC. As it currently stands, if you brick a Xiaomi device, and the only way to revive the phone is to flash images in EDL mode, then you need access to external help — there’s no other way. When you reach this stage, you have to take your device to a Xiaomi Service Center to get it unbricked. There are some further nuances to this too, which we’ll cover in a bit.

The case of the Xiaomi Redmi Note 8 Pro

The EDL-lockdown problem we enunciate above affected only a small margin of customers from Xiaomi. After all, if your device functions properly, you’ll never run into this issue. It is only when you brick your device that you figure out such a restriction exists. Most average customers are unlikely to undertake actions that would brick their devices, unless Xiaomi rolls out a faulty software update, in which case, they would have no option but to go to a service center.

The problem is aggravated for the custom development community, whose interests we represent. Custom ROM enthusiasts have to keep in mind several things when opting to unlock the bootloader on their Xiaomi device, including but not limited to Xiaomi’s weird Anti-Rollback Protection that will hard brick your phone into the locked-EDL state. Through trial-and-error, the community essentially figured out the actions that they need to stay away from in order to avoid a hard brick on Xiaomi-Qualcomm devices.

But they couldn’t do so for Xiaomi-MediaTek devices since Xiaomi hadn’t done any notable releases for this combination outside of China in a few years. The aforementioned problems, thus, have complicated development for the Xiaomi Redmi Note 8 Pro with its MediaTek Helio G90T.

If you might recall, Xiaomi gave us 5 units to give to custom ROM and kernel developers in order to foster a development community around the device. Xiaomi was finally adopting a MediaTek SoC, and that too, in one of its best-selling device lineups. This was the perfect opportunity for MediaTek-based custom development efforts to finally gather steam, so both us and the community were excited to see where this would lead. Perhaps MediaTek could emerge as a viable alternative to Qualcomm Snapdragon SoCs in the context of aftermarket development? The potential certainly existed.

On this end, Xiaomi promised that it would release kernel sources for the device, and it did, albeit these were improper releases at the time but to Xiaomi’s credit, the issues with the sources have since been fixed. Of the 10 units originally promised to us for developers, 5 were received by developers based in India. Unfortunately, the 5 units marked for developers outside of India could not be delivered due to logistical difficulties. Despite the setbacks, the Redmi Note 8 Pro was still in a decent position because of the potential it had. The device got unofficial TWRP builds in no time and it even received Xiaomi.eu (custom ROM) builds for a debloated MIUI experience.

But then things started going downhill. The developers who have been developing for the Redmi Note 8 Pro have found that the device tends to get bricked for a fair few reasons. Some have had their phone bricked when they were flashing to the recovery partition from within the recovery, while others have found that installing a stock ROM through fastboot on an unlocked bootloader also bricks the device. We would like to point out at this stage that such bricks on new devices are an expected part of the development process, as things tend to be different across devices and there is a fair amount of trial and error involved in figuring out what to do and what not to do on a certain phone.

Bricked Xiaomi Redmi Note 8 Pro

A bricked Xiaomi Redmi Note 8 Pro. Only the notification LED shines brightly when plugged in, while the rest of the device remains unresponsive all the time.

Bricks are normal, more so in the initial development process of a device with a new SoC. What is abnormal is Xiaomi’s EDL-mode lockdown.

Normally, bricked MediaTek devices can be revived using MediaTek’s SP Flash Tool. On the Redmi Note 8 Pro, however, MediaTek’s SP Flash Tool fails to flash the device. Xiaomi ships a modified version of SP Flash Tool with their MiFlashPro software suite, and attempting to flash using this modified SP Flash Tool from Xiaomi opens up a window which requests for Mi account credentials. If you input your standard/regular Mi Account credentials, the flash will fail with the error “Unauthorized for this operation.” You have now hit the “Authorized Mi Account” wall that we highlighted in earlier parts of this article.

Error message on flashing through Xiaomi's modified SP Flash Tool

This means that every time you brick your Redmi Note 8 Pro, you have to visit a service center and get your device unbricked. The annoyance level increases manifold as bricks can occur even if you are trying to flash a “fastboot ROM” — which is a very common practice on other Xiaomi devices. There is an alternative for certain older Xiaomi-MediaTek devices, wherein users could use a modified Download Agent file and modified Authentication file to bypass the account permission requirement — but such methods do not exist yet for the Redmi Note 8 Pro.

The fallout of this “brick-gate” is that developers have turned away from developing for the Redmi Note 8 Pro (begonia). Xiaomi.eu devs have long since dropped support for the device because the ease of bricking the phone coupled with the difficulty in its unbricking makes for a horrible combination. Other development works have also slowed down to a crawl, as developers end up with bricked devices too often, forcing them to visit a service center. For some, a visit is not possible, so the developers are left with what essentially is a very fancy paperweight. It is also worth pointing out that there is a thriving grey market of Authorized Mi Accounts — you pay amounts varying from ₹300-₹600 to have a person with an Authorized Mi Account remotely flash your device; Xiaomi, of course, gets nothing in this transaction. Even worse is that users who do end up with a bricked phone are not always properly assessed for their solution, so the company’s service center has ended up replacing the motherboard under warranty even when the phone could have been fixed with a much simpler and less expensive solution.

Do we still need EDL Lockdown?

At least for the Redmi Note 8 Pro, developers suggest that the situation may not be easily fixed by merely releasing a newer modified version of SP Flash Tools. Instead, these developers suggested that Xiaomi remove the need for authorized accounts for flashing through their existing SP Flash Tools. The Redmi Note 8 Pro finds itself in an unsustainable combination of easy-to-brick plus difficult-to-revive, and this really limits the potential of an otherwise great device. It also spells doom for further Xiaomi-MediaTek devices, as after this saga, it’s going to be even more difficult to convince top community talents to develop for this OEM-SoC combination. The Redmi Note 8 Pro incident and its plausible solution bring us to the question: Does Xiaomi still need to lock down EDL or Download Mode in 2020?

Since the lockdown, Xiaomi has expanded to many more regions, especially in Europe and Southeast Asia. This has brought down reselling Xiaomi phones as a lucrative business opportunity since consumers in several more regions can now officially purchase a Xiaomi smartphone with the added benefits of lower pricing and warranty. Xiaomi themselves would be the best assessor for this metric, but it’s obvious that the situation has drastically changed in 2020 as compared to 2016.

What also has changed is the overall smartphone market. We now have more value competitors in the market, especially in important regions such as India. With devices evolving beyond the battle of the spec sheet, OEMs now have to focus on the overall “experience” of using a smartphone to distinguish themselves from the competition. We have seen more community-based endeavors from OEMs such as ASUS and Realme, and we are hoping to see even more such efforts in 2020. Xiaomi risks losing its own advantage in this space — lack of development efforts on the Redmi Note 8 Pro incites little confidence for further Xiaomi-MediaTek combination phones on this end, which would push developers and the follower communities around them to migrate to the next best option. Realme isn’t there just yet in this narrow context, but nothing stops them from adapting their strategies to make the most of this situation. Xiaomi is also looking to move upwards in pricing in regions like India by re-introducing its Mi-series, but without a healthy developer community, which necessitates an easy way to unbrick their devices, it rubs against OnePlus which has been pioneering efforts in this space.

And finally, it also comes down to cost. As we saw with the Redmi Note 8 Pro, not all service centers are equipped with the skill required to distinguish a fried motherboard from a software-bricked device. Removing the EDL lockdown will enable several tech-savvy customers to give EDL flashing a chance before approaching the service center. If Xiaomi has to replace these motherboards (when these phones could simply have been flashed and revived) under warranty for new phones, it definitely impacts their balance sheet. Granted, such an impact would be minuscule in the larger scheme of operations, but when you have razor-thin margins, every honest penny counts, right?

We hope Xiaomi explores other alternatives in the greater interest of the development community. Until then, we hope that you don’t brick your device.

A Ray of Hope for the Redmi Note 8 Pro

Development has been slow for the Redmi Note 8 Pro because of the reasons we mention above. But in the time gap between writing this article and publishing it, there has been a glimmer of hope for the Redmi Note 8 Pro: something that suggests that the device just got very lucky. A factory firmware for the device was leaked recently, and developers discovered that the firmware had a lot of security checks disabled. The firmware still has the EDL-lockdown that we talked about, but it exposes other surfaces that allow a computer to communicate with a bricked device. This means that if you have this factory firmware installed, you essentially become “anti-brick” (so far): if you do end up bricking your device, this installed factory firmware will not ask for an Authorized Mi Account, and thus, allow you to unbrick yourself.

There are a lot more nuances to this, so we recommend reading the thread over in the forums for this. One of the nuances is that you cannot unbrick an already-bricked phone; you should have installed this “anti-brick” firmware before you brick. Unfortunately, this isn’t a prediction that one can make beforehand, so the situation for a bricked phone user will continue to remain the same. There is also no guarantee that other Xiaomi devices will get this lucky.

The post Xiaomi needs a better way to unbrick its devices instead of Authorized Mi Accounts appeared first on xda-developers.



from xda-developers https://ift.tt/32D3NJJ
via IFTTT

No comments:

Post a Comment