Getting “control” over your Android (MTK-based…) devices

Let’s start from this: if you’re a Linux power-user & you’re owning an Android MTK-based device & you’re wondering how to get root (…and what kind of benefits you’ll have, concretely, being root), this page is for you.

I’m the —happy, indeed— owner of two so-called Android china-devices: an UMI C1 smartphone and a Cube U65GT (also called, “Talk 9x“) tablet, both of which are MTK based and both of which come preinstalled with a port of Android made by some chinese manufacturer that took the opportunity to embed, into both of them, some crappy chinese app.

Since the early beginning of the CyanogenMod Android port, I’ve kept an eye on its development status. But… unfortunately, it’s still not available for my devices (and, indeed, mostly impossible to find for MTK devices at all). Things are slightly changing (as for the MTK support…) as it seems that Elephone (another chinese manufacturer) is going to release a CMbuild for some of its products.

Anyway, back to topic, some days ago, I finally took some time (sleep/night time, indeed) for me to go to the “root” way. What follows is what I remember and, in my opinion, should be interesting for all other Linux-guys that, like me, want to get deep with their device.

Getting “root” (on a MTK-based device)

I believed that to get root you need to go through an “USB connection” and, on the PC side, launching/using the adb tool and/or other applications. I WAS WRONG!!!! As of today, there are several APPs (namely Root Genius Mobile, King Root, iRoot, and others) that can root your device without any other needs.  Such APPs are (obviously….) not present on Google Play so you have to search the web for them. Maybe this link can slightly help you. Even tough it has not been difficult to find related APKs, I encountered some difficulties:

  • As for “Root Genius Mobile”, it seems it’s the most famous one. It’s indexed everywhere on the web but…. please, consider that “Root Genius” and “Root Genius Mobile” are two very different things:
    • “Root Genius” is a common windows executable to be launched on your desktop/notebook that will root your device thanks to a proper USB connection. So, to use it, you need a PC, a USB cable and proper windows drivers;
    • “Root Genius Mobile” is an APK to be installed on your device.
  • “Root Genius Mobile” provides only a chinese User Interface. No English! So… it requires you to totally trust someone else when they show you “Click here”, “Do this”, “Do that”. As my device already had chinese software inside… I really had no problem in “accepting” this risk.
  • I was succesfull in getting “root” on my “Talk 9x” using “Root Genius Mobile”. While it failed on my “UMI C1”. Which this, I was succesfull using “King Root”.

In both cases (Root Genius Mobile & King Root), the process ended installing a new APP, Kinguser, that –as far as I have understood, up to now– works much the same as the sudo Linux util: it’s a sort of gateway between the APPs requiring root permission and the OS itself. So, with Kinguser, you can, for example, configure your device so that “Mobileuncle Tools” will be executed as root user, as well as “Terminal Emulator”, while, instead, other apps will be denied.

Being able to launch a console with root permission…. gave us the possibilities detailed below

Installing a “custom recovery”

At first, the concept of “Custom recovery” might not be clear enough. In reality, it’s really simple: think to the “Custom Recovery (software image”) as a sort of “Fail Safe” mode that you can launch, at the very beginning of the boot process, on every Linux system. The only difference, I believe, is that the “Custom Recovery” is a complete-software-image, probably independent from the underlying AndroidOS, while the “Safe Mode” in Linux (…and in windows, as well) can be accessed only if the underlying OS still exists and, at least partially, works.

Several years ago I was succesfull in replacing the “Custom Recovery” of my first Android device (indeed, a “ZTE San Francisco”) using the “fastboot” util included in the Android SDK. So I believed, again, that to replace the Custom Recovery Image you needed to connect your device to the PC.

Guess what? I was wrong, again!

Android, while running, provide a “/dev/recovery” file that can be used as a target for your
“dd” command. So, once you have your “Custom Recovery” image ready within the SD of your device and once you have a root shell, updating the recovery image is as simple as typing something like:

dd if=/sdcard/custom_recovery_image.img of=/dev/recovery

Obviously you need to be root, for this to be possible.

Really simple (…once you know it’s possible!)

So, now, we have a custom recovery that can be accessed with various techniques: rebooting and pressing some keys (power and vol-up, I guess), or asking Mobileuncle Tools to reboot in recovery.

Once you’re within your “recovery” environment, you can do whatever you do as….. you’re root and the underlying Android filesystem is not mounted, so you can replace it with no problem at all.

Updating your ROM

Assuming you have a compatible Android ROM for your device, this means you have something like one, big, file holding the image of an Operating System (Android) that is compatible with your device.

From the recovery environment you simply…. point to such image and the recovery utility will simple “dd” it to the underlying disk.

Really simple, again (once you know it!)

In the end….

Now it’s more than one week that I’m an happy owner of two “new” devices 🙂 Being root I have been finally able to remove some “System APPs” as well as some other “Personal APPs” that where giving me some headaches 🙂 I discovered that there are (at least…) three set of APPs: “Pre-installed”, “Personal”, “System”.

Anyway there’s still something to explore (obviously….) as, for example, I have a “/etc/gps.conf” holding the line “NTP_SERVER=cn.pool.ntp.org” and… as I’m an happy Italian citizen, I would like to replace it with something more suitable to Italy. Unfortunatly, even if I’m root, every attempt to overwrite  such file fails with an error (maybe there’s some SELinux issues, as I think Android employ SELinux somewhere…)

But, again, I’m happy, now, with my phone (and my tablet).

BTW: I was finally able to install to install, on the tablet, the “multi-user” feature, so it’s now finally possible to handle it to my two sons…. without, for them, to “damage” my environment. Should you wonder why multi-user feature where not previously available… please note that they are _DISABLED_ on tablets with SIMs, as I read somewhere that Google dislikes to switch user-context when there’s a SIM… connected to the 2G/3G network.

Hope all of the above will be useful for you. Should you need further info, please don’t hesitate to comment and/or send e-mail: you’re welcome!

Leave a Reply

Your email address will not be published. Required fields are marked *