ΠMaybe in July, when Xiaomi released the MIUI Global Beta 8.7.5 ROM for 8 devices, when users installed this update on the RedMi Note 5 (Whyred), unknowingly they flashed a ROM that had Antirollback protection enabled.
So users who did not like the new first distribution of MIUI 10, were faced with an unpleasant surprise when they tried to go back to the last MIUI 9 they had before putting MIUI 10.
Their phones had become Brick and were now useless! And the bad thing was, this was not a simple Brick that one could save if one did a Backup of TWRP, or Flashing a new ROM, or even doing a Factory Reset using MiFlash.
This was a difficult Brick which required the use of EDL Mode to reset their device.
But EDL mode could no longer be used as it required a specially authorized account, so many users had no choice but to return their device to an authorized Service Center or pay someone who had an authorized account. for use with EDL. In this article we will try to explain everything you need to know about Antirollback Protection and how Xiaomi has implemented it, so you can avoid Bricking your new device.
Why does Xiaomi require long times for Bootloader Unlock, EDL authorization, and Antirollback Protection?
Xiaomi is one of the largest and most popular smartphone manufacturers in China, with a wide range from Top Flagships to medium and low cost devices.
Like Huawei, Xiaomi sells a huge number of Smartphones in the Chinese market. Many of these devices were never designed by Xiaomi to be sold in markets other than China, but that did not stop anyone from being able to import them.
So unofficial sellers of Xiaomi devices appeared on Aliexpress, Gearbest, and many others started selling Xiaomi devices through their pages in other markets and countries that should not be sold outside of China. And since then the problems for Xiaomi started, because the Software that the devices had was called MIUI CHINA, and they did not have Google Play Services at all, and from languages they only had English and Mandarin (Chinese dialect).
So whoever imported the device from China, did not have any Google Service on the devices.
However, some of these unofficial resellers have found a way to convince their customers that they are selling devices that have an official MIUI GLOBAL ROM.
So what they did was buy a Xiaomi device destined for the Chinese market, unlock the Bootloader, change the device software themselves, or Flash a Custom ROM like the ones from xiaomi.eu (unofficial MIUs based on MIUI China, but with many languages and Google Play), and then they sold the device as an official Global.
So most customers who bought the device from these stores did not know that it was running unofficial and modified software, and started blaming Xiaomi when they did not receive updates or found many bugs in the device software.
Worse still, some resellers put malware and adware into the device software to make more money from the ads that the device played.
So Xiaomi's reputation was jeopardized by these practices of unofficial resellers, as Reviewers and owners of these devices found many problems with the software and indirectly blamed Xiaomi.
So the company had to find a way to stop all these unofficial resellers from selling modified devices that they should not even have in their hands.
One solution was to permanently lock the Bootloader without the Unlock feature, as Huawei did on its own devices. But Xiaomi, seeing the great success it had in the wide circle of Enthusiast users (See XDA Developers for example - xiaomi.eu etc.), did not proceed to the Bootloader Lock. Instead, they took different approaches and security measures to protect users from the harmful actions of China's irresponsible resellers.
Waiting for Booloader to Unlock.
So first they implemented a policy, according to which users should apply for permission to unlock the Bootloader, waiting a long time until they get the right.
Xiaomi devices that had Stock Android operating systems such as the Xiaomi Mi A1, Mi A2, Mi A2 Lite, did not need to use a special program, the Mi Unlock Tool, to unlock the Bootloader, as other devices did.
After sending the request to unlock the bootloader, the Mi Unlock tool forced users to wait for the request to be verified, and then proceeded to the next step which was to wait.
The waiting time for someone to be able to unlock the Bootloader was 3 days at the beginning and then at the beginning of 2018 it was increased to 15 days, and recently the waiting time was increased again to 30 days, while in some cases it was up to 60 days.
(Regarding the new ones POCO devices, the waiting time dropped to 3 days if the owner of the device is active in the en.miui.com community, otherwise there will be long waiting times there as well).
The addition of waiting time for the Bootloader to be unlocked slowed down the activities of the unofficial resellers at the beginning, but at the same time it bothered everyone who wanted to unlock the Bootloader immediately, to root their devices, to flash Custom ROMs and Custom Kernels.
Account authorization for EDL.
Then the company started locking it EDL Mode on its devices. The EDL or Emergency Download Mode as it is called, is an alternative Boot-mode on all Qualcomm devices, which is usually used to save a device that has become Brick.
However, in order for anyone to be able to use this EDL Mode, they must have an Xiaomi-authorized account to work on your device.
The EDL Mode it is very powerful and very low-level “Software tool”, commonly used by repair centers, to repair a Bricked device.
At the same time EDL Mode used to make official and unofficial Flash modified MIUI Global ROMs on Xiaomi devices destined exclusively for China, without the need to unlock the Bootloader first.
So in this way, the EDL Mode became the Trojan horse for Xiaomi safety valves with the Bootloader, and all these unauthorized stores found an opportunity to flash their own tampered ROMs again, on devices that they later sold as genuine GLOBAL devices, again deceiving end users and buyers of the device.
So Xiaomi because it did not want for any reason its "customers" to end up in the hands of devices that had Hardware and Software (MIUI CHINA), with GLOBAL ROMs installed in them, had to find a way to block this process of these stores,
and so he did 2 things at the same time.
1. Made it impossible to boot to a device that has a GLOBAL ROM if the device itself is not a Globla Version (With a warning message coming out during a Flash attempt "This MIUI ROM cannot be installed on this device"), and
2. lock EDL Mode to access only Authorized accounts.
Antirollback protection
Finally, Xiaomi activated the protection AntiRollBack in the latest versions of MIUI for its newest devices. You may not have heard of Antirollback Protection before.
Η GOOGLE added this feature to all Android 8 Oreo ROM, but had it as an option, until it eventually became mandatory for all young women Android 9 Pie ROMs.
Google's Antirollback protection is a feature of Android Verified Boot 2.0 (also known as Verified Boot) and blocks the device boot if it detects that the device has downgraded its software (ROM) to an older version which is no longer supported.
Antirollback is necessary to protect against attacks that aim to load old software on the device and thus become vulnerable to "holes" in security vulnerabilities.
But the biggest difference between the implementation of Google and Xiaomi in terms of Antirollback, is that in the case of Google it is disabled if the Bootloader is unlocked, while in the case of Xiaomi Antirollback can not be disabled.
So once activated once on Xiaomi devices, there is no way back.
For example, Antirollback is already enabled on Xiaomi Mi-8 & RedMi Note 5 devices starting from CHINA developer 8.9.6 ROM and GLOBAL BETA 8.7.5 ROM and then.
Table from xiaomi.eu
Antirollback Protection aims to stop the unauthorized vendor from exploiting security vulnerabilities in older MIUI Versions, thus protecting users from these breaches.
Unfortunately, this Antirollback activation really upset those who had it RedMi Note 5 devices, after the Antirollback was first applied to them, but without informing anyone long before the new feature was activated.
But because TWRP does not do any sort of testing for Antirollback to stop and warn users not to continue in Flash of an older ROM Version, many users ended up having Brick on their devices, just completed Flash for example from MIUI BETA (Developer) ROM to a Stable ROM.
All the current devices that Xiaomi continues to support with Updates, will gradually get the new antirollback feature, so it is very crucial and necessary to know, how you can check the antirollback that your device has, before proceeding to Downgrade of the ROM, but also what to do if Antirollback is enabled on your device.
How we can check the Antirollback protection on our device.
When we talked about Antirollback protection and how it essentially prevents a device from booting into an older and insecure ROM, we mentioned that Verified Boot detects the presence of an older ROM.
This crawl is done because there is an index in Verified Boot (Aunt), which is compared to the corresponding indicator that the ROM that you are trying to make Flash has inside.
Depending on the result of this comparison, the following may occur on your device during Flash.
1. If the index of your device now is less than the index of the ROM you are going to flash, then the new ROM will be installed without any problems, and the current index of your device will change and become the same as the index has the new ROM you made Flash.
2. If the index of your device now is the same as the index of the ROM you are going to flash, then the new ROM will be installed without any problems, and the current index of your device will not change at all while remaining the same.
3. If the index of your device now is higher than the index of the ROM you are going to flash, then the new ROM will be rejected and the installation will not proceed, but only if you flash through FastBoot Mode or with Mi-FLash.
And here begins the big problem, as devices that have Custom ROMs with TWRP Recovery, because TWRP Recovery can not control the AntirollBack of your device, nor the Antirollback of the ROM you are going to put, will continue its FLash normally ROM that normally should have been blocked to prevent it, and at the end of Flash your device will end up with a Brick.
This is the main reason why many devices ended up in Brick after Row Downgrade was done with Flash by TWRP Recovery.
If the ROM you have has MIUI Original Recovery, because it checks the ROM before Flash starts, you would not have a problem, as it would block Flash after the scan, and would get the message "This MIUI ROM cannot be installed on this deviceThus protecting you from Brick.
Now that we have a better understanding of the role of the Antirollback pointer, let's see below how we can control the current (anti) pointer of our device at the moment, and how we can see the pointer of the ROM image you want to flash.
How to find the current Anti indicator of our device.
1. Reboot the device in Fastboot mode.
2. We write the command: fastboot getvar anti
3. If the result is blank without an anti index then the antirollback has not yet been activated.
If you get a type number as a result against: X, then antirollback is enabled on your device, and the pointer is Χ
How to find the Anti index of Fastboot images.
1. Download the Fastboot ROM which is exactly the same Version as the Recovery ROM you want to put on your device.
Keep in mind that Recovery ROM always has the brand name of your device, and the ROM file ends with .zip ending.
FastBoot ROM, on the other hand, always uses the device name code, and the file always ends with .tar.gz ending.
2. Remove from FastBoot ROM (it has an extension .tar.gz) the file Flash-all.bat (The 7zip application can be used here to open the fastboot ROM).
3. Open the flash-all.bat file with a text editor such as the well-known Notepad ++ and try to find the line: set CURRENT_ANTI_VER = #
4. This number (#) is the MIUI ROM rollback (Anti) indicator that you want to flash on your device.
If this number is equal to or greater than what you have found on your device, then it is safe to proceed with ROM Flash, TWRP Recovery, mi-Flash, etc.
If this number is less than what you find on your device, then simply MHN BUSINESS to Flash this ROM from TWRP Recovery, because you will just end up with Brick on your device.
How does Anti-ROllback Protection affect Custom ROMs such as Greek or xiaomi.eu?
If you do not plan to flash a MIUI ROM at any time in the future, then nothing changes for you.
If you are planning to make a Flash one AOSP ROM like the LinageOS, Pixel Experience, Resurrection Remix, Carbon ROM etc, again you definitely need to Unlock the Bootloader with Mi Unlock Toolm, Boot to TWRP Recovery, and then Flash the Custom ROM.
The only difference now with regard to TWRP Flash from FastBoot mode is that because antirollback protection blocks the TWRP image Flash, you must first flash a “dummy”Image first.
This Dummy Image is essentially an empty file whose sole purpose is to send a command to your device's bootloader to allow you to Flash the Partitions on your device. (If you had taken a look at the flash-all.bat file from the previous section, you would see that Xioami does exactly the same).
Alternatively, you can flash the TWRP image from TWRP Recovery itself by first transferring the TWRP Recovery image to the inside of your device, and then flashing the Recovery img from TWRP itself. Instructions can be found at the link below.
There is a pitfall here though as we do not know in advance if the Rollback index has grown after an upgrade to the Bootloader, Modem, Vendor or other partition of the device by Xiaomi. Keep in mind that usually all Custom ROMs intervene and change only the System and Boot partitions, and usually keep intact all the other partitions of the device specified by Xiaomi, including the Security Patch Updates, and all of this comes from the original MIUI ROM that the Custom ROM Developers have as Source.
This means that Custom ROM Developers usually need to control the Rollback indicators of the ROMs that they will share with others, so that you know the new ROM that you will make Flash, what restrictions it will bring you from now on, and protect the device your.
This way you will know the new Update of each ROM that you make Flash, from which Versions for Downgrade it excludes you at the same time, due to the Anti index that you will have on your device after the Flash of the Update.
What can I do if my device becomes Brick after a flash?
If your device has been bricked due to antirollback protection, unfortunately you do not have many options.
1. You must send your device to an authorized Xiaomi Service or Repair Center. Authorized Service Centers have access to your device EDL Mode and can reset it.
2. Hope to find an operating system security loophole to bypass EDL Mode authorization, and then reset your device yourself with the corresponding program (Mi-Flash)
As you can see, the Brick of the phone because of the violation of AntiRollBack Protection is not an easily manageable situation. So you have to be very careful from now on.
FAQ… (Questions and Answers)
1. What should I do to avoid Brick on my device?
Do not flash a ROM that has an Anti index less than what you currently have on your device. See above for instructions.
Ap. Do not flash an Official Global ROM on a device that has Hardware or ROM specifically for China with a locked Bootloader.
2. Can I still switch between AOSP ROMs, Kernels, Magisk, Xposed, Substratum, ARISE, and other Mods?
NAI
3. Can I still switch between MIUI Global Stable, MIUI Global Developer, MIUI China Stable and MIUI CHINA Developer?
Ap. Yes, but you should first compare the anti indicator you have on your device with the anti indicator on the ROM you want to insert, to avoid Brick.
4. Why does Xiaomi not disable Antirollback protection when we unlock the Bootloader?
Ap. This is a good question but we do not yet have a clear answer, and we hope to have it soon.
5. Why does Xiaomi cause Hard Brick on the device when there is a problem with Antirollback, when this is not the case with Google?
Ap. Another good question that needs a good and convincing answer from Xiaomi.
6. Why does Xiaomi simply display the relevant Verified Boot message to simply notify the device owner that it has a "teased" ROM on its device, but not Brick it?
Ap. All questions of this type are good, and very reasonable ,,,, but the only one who can answer all this is xiaomi itself, and we hope to do so soon.
Δit's not so simple to wage a war against the bad practices of some resellers who disgrace your devices (and you do this war very well, and we do with you), and thus simply consider the Brick of your customers's devices (that the the only mistake they made was to buy their favorite device from a third-party reseller since it was not available elsewhere), as collateral losses of the war; because in the end we will wonder who are the ally and who is the enemy….
10 reviews
One question I would like to ask!
I own the Xiamomi redminote 5A Prime
and I would like to upgrade my mobile what steps should I follow?
Thank you very much
Question for the most advanced:
In the Mi6, while it is not in the list with ARB, trying the command "fastboot getvar anti", the value exists and is "1". According to the guide, it should not even return results.
I had flashed 8.9.13 global recently for testing, although it was not heard that dev builds activated ARB.
Did others happen to have an ARB value or is "1" just the baseline?
Yes it is the Baseline as you mention it and basically it is as if the device has no ARB at all since it can put any ROM that is available.
Well guys there are many of us who do not have it so much with technology… I brought a xiaomi mi 8 from China I made Aegina for unlocking which will eventually take 1 month… what do I do next in. What device do I put in this device to be safe from all this?
Mantho in whatever question you have and for what you need there is a special discussion thread in the forum of your device HERE
If we receive an OTA Update do we do it or not? I have the Mi Note 3 China from what I saw with global rom! MIUI Global 9.6.2.0 (NCHMIFD) .I do not intend to flash rom in general !! Thanks.
It is best to avoid it until the situation is clear…
I have the redmi note 5A prime will it ever be upgraded? Someone can tell me.
If you mean MIUI 10 Global Stable ROM, about 2-3 weeks after the release of China Stable ROM.
Thank you very much for this information, be well. That should have been provided by xiaomi and not xda.