Is FRP removal/FRP bypass still possible? Yes.
It’s been an entertaining time watching FRP or Factory Reset Protection – the Android equivalent of iCloud – evolve. First appearing in Android 5.0 Lollipop, FRP is intended make Android devices that have been forcibly reset into bricks – useless without the last logged-in Google account details. Bypassing the google lock has always been an interesting challenge.
Of course it’s not always theft that requires forced resets, there’s a multitude of situations where the FRP lock blocks rightful owners too. The 2015 arrival of Lollipop showed Android growing up, adding basically the same anti-theft features as Apple has on their iDevices.
And, just like Apple & their frequent early-days iCloud security slip-ups, so too the Google-backed Android FRP system was quickly hacked. It was fairly easily defeated too, with an OTG USB drive you were guaranteed success within about 5 minutes.
As the Android OS evolved, so did the FRP system. Each Android update – 5.01, 5.1.1 etc proved that Google do in fact watch YouTube where the newest hacks have been constantly revealed by hundreds of script kiddies looking to increase their YT followers count. What a great place to find out what you’ve got to lock down harder next time.
Marshmallow, Android 6, had some initial resistance to being broken, but because the activation process is completed online, a backdoor method of signing in to the locked device was soon discovered. This time, you didn’t even need the OTG drive, just some lightly modified .apk Android setup files that were freely downloadable from every corner of the web. If you didn’t have technical nous though, FRP on MM was a stumbling block.
Again on Android 7 Nougat, a highly effective FRP bypass was discovered – this time requiring a small program used for serial port engineering & debugging . It took longer to set the program up than to apply the actual hack, although there was, to be fair, an extended path to follow before achieving device freedom.
Around about this time, the Google engineers figured that they needed to be more agile with their response to FRP hacks & so the FRP update was moved from Android Milestone Update schedule to the far more frequent Security Updates, which can now occur even monthly. So all of a sudden, the RealTerm hack no longer applied – gone, can’t use that any more. The same applied to several different published versions essentially using the same method – almost overnight they were all gone.
Most Android devices have the same vulnerabilities, therefore one bypass method will apply across several brands. Google’s own showpiece handset – Pixel (previously Nexus) has always proven to be a tough opponent, there’s never been a Click & Collect bypass for Nexus or Pixel. That’s not to say you couldn’t actually get past the FRP defences, it just took research, understanding, careful application & a shitload of patience. Dirty Cow is a powerful privilege escalation vulnerability in the Linux kernel that just happens to apply to Android OS too. Dedicated hackers only need apply, I remember the feeling when, after hours & hours of dogged research & intensive effort paid off for me. That one was an achievement & a method that I was proud to share with internationally respected phone researchers. The Nexus 6 which I’d obtained from an insurance claim, was sold the next day then promptly driven over by a tractor & smashed beyond repair – a case of the research taking longer than the phone’s extended life.
Which brings us to the present time, where FRP is now a formidable protection requiring far more than the previous small set of freeware tools to break. Established leading researcher Root Junkie has decided to monetize his skillset, all new breakthroughs are being sold through Phonlab, an online phone technician school.
Samsung – the vast majority of Android phones are Samsung – require downloading often 2-3GB of special factory firmware plus the knowledge of what to do with it. The time involved to achieve success on an ever-evolving battlefront is extensive, what worked last week suddenly doesn’t any more, & even if it did, the rescue effort is lengthy & time consuming – the days of the amateur FRP hacker are just about over.
Several levels of commitment beyond the enthusiastic home hacker are the paid-for professional solutions. By routing commands from a PC through a dedicated hardware box to the phone, connected via an ethernet-USB cable, FRP locks simply fall off in seconds. This level of ease is not available without the additional hardware, a live service subscription & the knowledge of how to use it.
Applicable to both local & remote connections, professional FRP unlocking is fast, clean & effective. If you require an Android handset FRP unlocked, fill out the form below – phone freedom is only minutes away.