Flashing CyanogenMod onto Galaxy SII via Ubuntu

Pre-Requsites

Install Heimdall

Visit the Heimdall home page, select “Linux”, and download the package for your distribution.  On Ubuntu variants you want the latest ‘.deb’ package.  e.g.:

ubuntu13.04-heimdall_1.4.0-0_amd64.deb

Note that the “Frontend” packages are not required.  Everything can be done easily from the command line.

Install Heimdall using dpkg:

sudo dpkg -i ubuntu13.04-heimdall_1.4.0-0_amd64.deb

Install adb

Install adb from the Ubuntu repositories:

sudo apt-get install android-tools-adb

sudo apt-get install android-tools-fastboot

Download ClockworkMod Recovery

Download ClockWordMod Recovery for the Galaxy SII (i9100).  I got it from here.

Download CyanogenMod

Download a compatible version of CyanogenMod for your handset.  You can get it here.

My personal preference is to stick with CM11 (Android 4.x) on the Galaxy SII.  CM12 (Android 5.x) is available too but it’s an old handset now so you need to consider if it’s ideally suited to the newer versions of Android.  CM11 runs really fast on it, so I prefer that.

Download GAPPS

Normally the best place to get GAPPS (Google Applications; Play Store etc) is via OpenGAPPS.  But in my experience the packages provided by OpenGapps are too large for the Galaxy SII.  If you took my advice to install CM11, then you need GAPPS version gapps-kk-20140105-signed.zip, provided here.  This one is small enough to install successfully.

Flash Custom Recovery onto the Galaxy SII

With the handset turned OFF, place it into “Download Mode” by holding VOLUME-DOWN, HOME & POWER.
You should see a screen which looks like this:

IMG_20160717_092817

Press ‘VOLUME-UP’ to confirm and then you should see the Download Mode screen:

IMG_20160717_092840

Connect the handset to your computer via USB.

Now, on your computer, browse to the location where you downloaded the CWM package (see Pr-Requisites section).  Extract it.  It should come out as a filename called “zImage”.  If what you get is named something a bit different don’t worry, just take account for that in the terminal command you’re going to enter next…

Open a terminal and ‘cd’ to the directory where the CWM package was extracted.  Then enter the following command:

sudo heimdall flash --KERNEL zImage --no-reboot

You should see a blue transfer bar appear on the handset download screen.  The transfer is complete when the blue bar has filled, as shown in the photo below.

Downloading

IMPORTANT – Boot into Recovery Next

This next bit is a little important; you need to boot into the custom recovery you just installed next, before you do anything else.  If you don’t, the stock recovery might overwrite CWM.  The consequences of this are minimal; you’ll just have to start again! But to avoid this, boot into recovery as follows:

  • Disconnect your USB cable from the handset.
  • Turn the handset OFF by holding the POWER button.
  • Boot into CWM by holding VOLUME-UP, HOME & POWER.

You should see a screen like this:

IMG_20160717_095032

  • Now, using the VOLUME buttons select “wipe data/factory reset”
  • Press POWER to enter.
  • Select “Yes – Wipe all factory user data”
  • Press POWER to enter.

If factory wipe is successful you will be returned to the main menu.

Flash CyanogenMod

Now for the cool bits.  Connect your handset back to the computer via USB.
Open a terminal and ‘cd’ to the location where you downloaded the CyanogenMod zip file.  Don’t extract the zip! We’re going to transfer it as-is to the handset and then the handset will extract it and install.

At the handset, use the VOLUME buttons to select “install zip” and then press POWER to enter.
Select “install zip from sideload” and select.

At the handset you should see a message confirming that sideload has started.  Using adb, you need to transfer the CyanogenMod zip file using a terminal command as follows:

adb sideload cm-11-20141115-SNAPSHOT-M12-i9100.zip

Adjust the command to suit the filename of the ClockworkMod you downloaded.

You should see some information in the terminal to confirm that the file is being transferred.  When it’s done, the handset will attempt to install the update, and you’ll see a screen similar to below.

IMG_20160717_095948

Unfortunately you don’t get any obvious confirmation that it completed at the handset.  But one way to tell is to try the menu selection; if you have control of the menu using the VOLUME keys, it has finished.

Install GAPPS

This next bit is optional (maybe you don’t want any standard Google Apps on the handset) but without it you won’t be able to use the Play Store.

Using the same method as you used to transfer and flash CyanogenMod, ‘cd’ to the location where you downloaded the GAPPS package (see Pr-Requisites) and then enter the zip sideload function on the handset.  When ready, use adb to transfer and install GAPPS:

adb sideload gapps-kk-20140105-signed.zip

If the process fails you’ll be informed about it.  Otherwise, if you haven’t been shown any errors on the handset and you have control of the menu, it’s finished.

DONE! Reboot

That’s it! You’re done.  Use the menu to select “Reboot” and enjoy CyanogenMod on the Galaxy SII.
Note that boot-up will take longer the first time as the handset will install and set itself up.

 

 

Tasker: Disable Pin Lock Near Home

Introduction

If you’re away from home it’s very important to have a pin or password lock on your phone, just in case you misplace it or it is stolen.  Typically the modern mobile phone is a gateway to a multitude of private services and data, such as personal photos and videos, cloud based data, social media, shopping accounts and even bank account access.  A password lock will not necessarily prevent the determined person from gaining access to your phone, but it will at least prevent instantaneous, unchallenged, access to compromising services.  The idea is that you would shutdown access to these services at the earliest possible time after your phone has been discovered missing, and hopefully before access to the mobile phone is gained.

When you think about it, the modern mobile phone (which is really a mobile computer first, with a mobile phone as a secondary or even tertiary feature) is a very compromising device to carry around with you – and most of us take it for granted.

Still, having to enter a pin or password on your device can get pretty tedious after a while, especially when you’re at home.  If you’re in the comfort of your own home, you know your device is safe, and maybe you’re willing to relax the security on it under these circumstances.

This post will explain how to do exactly that – automatically – using Tasker.  If you decide to use this option, please be very aware that you are significantly compromising the security of your device.  You are basically trading away some security for a bit of convenience.  I’ll explain some of the security vulnerabilities at the end of the post.  The choice, then, about whether to make the trade, will be up to you.

Pre-Requisites

The pre-requisites for this tutorial are:

  1. An Android based mobile phone, with Tasker installed on it.  You can get Tasker from the Play store.
    If you’re running iOS you’re out of luck; Apple think you’re too stupid to know what you’re doing, so they would never let you have access to a great application like Tasker in the first place.  You should take this opportunity to throw your Apple device in the bin immediately – liberate yourself from the oppression!
  2. Your phone should be rooted.  Root access is not required for Tasker itself, but it is required in order to enable a third party tool (which Tasker will use) to change the phone lock settings.
  3. The third party tool you need is called “Secure Settings”.  This is available on the Play store as well.  You may need to purchase the pro version to get access to the features we’re going to need (I can’t remember what comes with the free version).  If you do, it’s cheap anyway and well worth spending a few bob on.

The Tutorial

Enable Admin Access for Secure Settings

The first thing to do is give Secure Settings the admin access it’s going to need in order to change the lock settings.  Open the Secure Settings application and select the little Spanner‘spanner’ icon to enter the preferences.  At the time of writing this post, the spanner icon is available at the top of the Secure Settings main screen.  Once you’ve entered the preferences, check the box labelled “Device Administrator”.

DeviceAdmin

Set up the Tasks

Now you need to set up the Tasks, from within Tasker, which will enable/disable the pin lock.

First, to enable the pin (or password) lock, open Tasker and select the ‘Tasks’ tab at the top of the screen.  Then select the ‘Add Task’ button (a large plus sign) at the bottom right-hand-side of the screen.  Call your task something descriptive; I called mine “EnablePin”.

Now you need to add an action to the Task.  Select the ‘Add’ icon in the bottom middle of the screen.  Then, from the Action Category list that appears, select ‘Plugin’.  If Secure Settings is installed, it should display as an available plugin.  Select ‘Secure Settings’ from the list.
Now edit the configuration by selecting the edit icon (a pencil) from the right hand side.  In the Secure Settings Actions menu that appears, select “Dev Admin Actions”.  A secondary list will appear, from which you need to select “Password/Pin”.

DevAdmin Actions
Inside the Password/Pin settings, Select the ‘Disabled’ button so that it changes state to ‘Enabled’.  Now you need to choose a Password or a Pin Code and enter it twice.  Once you have entered it, select the ‘Save’ icon (a floppy disk) to complete the action.

Enable Pin/Password You will be returned to the Action Edit area and there should now be some text inside the Configuration area.  The text will be the name of the action that will be performed – in this case, either “Set Pin” or “Set Password”.
Return to the Tasker task edit screen by selecting the back button at the top left of the screen.  You should see a Secure Settings action as the only action in the list.  Select ‘back’ again to return to the Tasks list.

TaskListNow you need to repeat the same process to add a “DisablePin” task.  The process only differs in the Secure Settings Actions setting.  Instead of selecting the ‘Disabled’ button to change its state to ‘Enabled’, you need to leave it in its ‘Disabled’ status.  Then select ‘Save’ as before.  This should create a Secure Settings “Clear Password” action.  At the end of the process you should have created two Tasks; one that sets a pin or a password of your choice and enables it, and one that clears the pin or password.  You can test the tasks by selecting them from the list and then selecting the ‘run’ icon.  After you run the Enable Pin task, you will need to enter the correct pin or password to unlock your device.  After you run the DisablePin Task, you will only need to swipe the screen to unlock your device.

Set up the Profile

Finally, you need to set up a Profile, to automatically trigger the tasks when you’re at home.  There are quite a few options here; you could set a profile to trigger the clear password task when you’re within range of a certain cell tower, or when you’re connected to a specific Wifi access point, or when you’re within range of a particular Bluetooth device (e.g. your car’s bluetooth).  Or you could add a button to your screen to manually (but conveniently) enable/disable the pin lock at will.

I will show you how to set up a profile which will clear the password when you’re connected to a particular wifi access point, and set the password lock if you’re not connected to the wifi access point.  In practice the wifi access point would be your home network hub, or something like that.  You can also set a profile which activates if you’re merely in range of the wifi hub, so that you don’t even need to be connected to it.  There are many variations upon the theme which you can explore for yourself; the process for all the various profile options is very similar.

State ProfileFirst you need to create a new profile.  Enter Tasker, and select the ‘Profiles’ tab at the top of the screen.  Then select the ‘Add Profile’ button at the bottom-right of the screen.  You will be shown a small Profile Category list.  We want to activate the profile given a particular state, so select the ‘State’ category.

Next you will be shown a list of states.  Select the “Net State”.  Now you will be shown a list of Net States.  You will see various Bluetooth states, Wifi states, Network states etc.  Choose ‘Wifi Connected’.

Now you will be shown the ‘wifi connected’ state setup.  You have three optional settings which can be configured.  If you don’t configure any of these, then the profile will become active when you are connected to any wifi access point.
If you only want to activate the profile when you’re at home, then you need to enter Screenshot_2015-10-11-15-20-19_soptions which are specific to your home wifi access point.  e.g. you can enter the SSID of your home wifi (the wifi name which shows up when you scan for an access point).  If you’re unsure what the exact name of your wifi access point is, you can select the search button (magnifying glass) and choose from a list of scanned access points.
You can do the same with MAC, to set the profile to trigger when you’re connected to a wifi access point which has your home wifi hub’s MAC address.  Again you can search for this to help you set it up.
You can also set the IP, so that the profile only triggers when your device is connected to a wifi access point and you are assigned a specific IP address.  This would be useful if your home hub is configured to assign your device a particular static IP address.
If you combine all the options, the profile will activate only when you’re connected to a wifi access point which has the correct SSID, the correct MAC address, AND assigns you the correct IP address.

Once you’re happy with the setup, return to the Tasker profile setup screen.  You will be asked to select a Task to run: select the DisablePin task you created earlier.  Now you will see a profile entry with the trigger set to your particular preferences.  There will only be an entry task though, shown with a green arrow.  You really want an exit task as well, so that the password is set again when you’re no longer connected to the Wifi access point.  If you select and hold the entry task, another menu will appear from which you can select “Add Exit Task”.  Choose the “EnablePin” task which you created earlier.

Now you should have a profile set up which triggers the “DisablePin” task when you’re connected to your home wifi, and triggers the “EnablePin” task when you’re not connected to your home wifi.  In this way, you can disable the pin or password lock screen when you’re at home.

Entry & Exit Tasks

Conclusion

That’s it, you’re done! There are many variations upon this theme which you can play with.  Explore them and have fun!

Be very aware that this particular Tasker profile significantly compromises the security of your device.  For example; if I happened to know that you had such a Tasker profile set up, and I was able to gain physical access to your device, then I could simply set up a spoof Wifi access point with the same SSID, IP and even MAC address.  Then, when your phone connected to it, it would think it was your home wifi and disable the password access.

Of course, this assumes I have detailed knowledge of your Tasker profile and your home wifi details up-front.  Probably an unlikely scenario for the person who comes along and steals your phone, or finds it by chance.  So it’s a risk you can choose to take, or not!

Good luck!