how to reprogram a locked m2 note flyme via pc?

i just bought a secondhand/used m2 note on a buy and sell site here in the philippines the seller told me it is locked and only needs reflash or reprogram coz he forgot the phones password. Can it be unlocked? How? please help thanks!

Contributor

@help how exactly is it locked?

If it’s locked with a lock screen password.

Then it’s possible to unlock it using the Flyme account, logged in into phone.

It there is no logged in Flyme account. You can do nothing! But contact Meizu with a proof of purchase, and ask them to unlock it.

It’s not possible to flash anything as long it’s locked!

Don’t buy this phone!!! I hope you didn’t buy it!!!

If it’s so simple as the seller claims, than make him unlock the phone. Before you buy it.

Will move the topic, to the right section.

last edited by Ultrametric

Hi @Ultrametric and everyone, (i know it’s not good to revive old threads)

I just didn’t understand in which exact conditions this PIN request happens on recovery. Actually posting an image about the recovery asking for password will be appreciated.

What are the “requirements” to lead to this behaviour?

  • A pin must be enabled on the smartphone (PIN | Password | Pattern)
  • A flyme account must be logged in? Logged out or None flyme account is in set?
  • Happens in both Flyme Os 4 and 5? Happens on every Variant of the Flyme (A, I, U)? (i recall reading G variant doesn’t have Flyme account integration, correct me if i’m wrong)
  • Recovery asks for Flyme Account Pass or local device PIN | Password | Patter ?
  • Rebooting in to Recovery Asks for PIN | Password | Pattern in order to execute any operation (Wipe, Flash)?

What i tried:

  • I am running Flyme 5.1.5.0A
  • I upgraded from Flyme 5.1.5.0A,flyme account not logged in
  • I download the firmware form the Upgrade App
  • Installed the update.zip from recovery
  • Never got asked about PIN | Password | Patter

Few other questions:

  • What happens in case the lockscreen shows the flyme login form to reset the PIN | Password | Patter, but the smartphone is not on wifi or data connection?
  • I did read about account binding to phone on a another thread, how does that work? How does it affect the PIN | Password | Patter scenario?

Thanks in advance (in case you think my post needs to be moved in a new thread, please do)

Contributor

@dunno Dunno, what you want from me.

So you have no problem?

Just to answer in General: The problem are Global firmware versions (not A), where the FlymeAccount is removed.
A problem may arrise if you forget the PW on a Global / India firmware. Or if you update without clearing data and something get’s mixed up.

There are several scenarios that lead to a 100% brick, on a Global / India firmware. And this only because Meizu removed the Flyme Account.

Worst. Meizu does not give a fuck, if a mistake Meizu makes bricks the phones of customers.

last edited by Ultrametric

No i am not locked out of my device. I’m just curious how this mechanism works.
Mostly what i want is ,know how to make recovery ask me for Pin to flash a formware or wipe the smartphone.

Contributor

@dunno Ah.

In general (may not be 100% accurate):
The pin is stored in a place on the phone. You do not have access do it.
Different FlymeOS versions use different decryption / encryptions.

And are incompatible: That means if you enter a lock on FlymeOS 5 and downgrade without “clear data”. Your phone is locked with a PIN, and even if you know the PIN, FlymeOS does not accept it. (Because FlymeOS 4.5 can not decrypt / encrypt FlymeOS 5 security features; and the other way around.)

FlymeOS has a couple of Security issues, that are serious! These problems can brick a phone and create a bad user experience!

This means Meizu does not employee a security engineer, or has qualified software developers working on FlymeOS. It’ s very sad and disappointing.

This is just one example, there is more to it and I am not going to list it all. It’s not worth my time, and benefit to nobody.
As Meizu is the one who must improve; but as Meizu doesn’t give a fuck; will never improve.

At least on flyme 5 the file containing the hash of the PIN | Password | Patter is stored in /data/system/password.key (*.key)

  • the File is owned by system (user ownership)and RW.
  • Meizu m2 note as far as i know doesn’t employ encrypted /data partition, and isn’t graphically supported as feature (you can encrypt your /data using a terminal i wrote a post about)

what kind of encryption are you talking about?

To actually solve the issue you need at least granted shell access, but is pretty easy to circumvent it

  • with usb debugging enabled and adb connection allowed (adb server pub key added to adb_keys)
  • running adb shell and su 1000 (system UID)
  • and removing the .key files grants access (you can edit the android settings.db as an alternative)

Does fastboot at least allow wipe command?

Speaking of security concerns well stagefright is still not fully patched

last edited by dunno
Contributor

@dunno I truly hope that they do not write the PIN as plain text! (That kind of encryption I am talking about!)
Same thing as before in different words: FlymeOS 5 can not read a key created by FlymeOS 4.x and the other way around.)

And to the 2nd part. The bootloader is locked, where would like to go with fastboot?
And yes, removing the file or clearing the data for this part, may solve it. But getting access to it may be tricky.

All those things you can do on an unlocked phone yeah.

last edited by Ultrametric

A closed bootloader might be fine (of course the choice to lock it or not would be better) at least in my opinion
But even preventing to flash the original rom from fastboot, really makes it useless at least for the device owner.

The *.key files aren’t the PASS it self but the hashed value so it isn’t stored as plain text

I guess the only advice to legitimate owners of a meizu m2 note is to setup a pc with adb and immediately enable usb debugging and allow adb coonnection automatically to that PC.

Contributor

@dunno Thanks for explaining it.

As long as people are on the Chinese firmware, it’s “okay”. The global / india firmware is simply stupid.

But it doesn’t help, that’s the sad part. Many people told Meizu this, and tried to make a change, nothing could move the company.

Looks like your connection to Meizufans was lost, please wait while we try to reconnect.