GSM Shop

Welcome to the GSM-Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features.
Only registered members may post questions, contact other members or search our database of over 8 million posts.

Registration is fast, simple and absolutely free so please - Click to REGISTER!

If you have any problems with the registration process or your account login, please contact contact us .

Go Back   GSM-Forum > GSM & CDMA Phones / Tablets Software & Hardware Area > Xiaomi

LinkBack Thread Tools Display Modes
Old 09-08-2018, 21:33   #1 (permalink)
Super Moderator
~Leo~'s Avatar
Join Date: Jan 2006
Location: [EgypT.SharmElsheikh]
Age: 33
Posts: 4,962
Member: 224065
Status: Offline
Sonork: 100.1577902
Thanks Meter: 7,619
[FAQ][Anti-Rollback] All your questions are answered here.

Hi all.
So, as we know with recent MIUI update Xiaomi screwed our whyred. And this gave birth to many questions which is like a struggle for many users to find all those answers. So, I tried to answer all your questions. If you think your question isn't included please feel free to ask.

Q1: What is this "Anti-Rollback" thing?
A: Its a security measure that Google brought with the release of Android Oreo. It makes sure that your data is secure even when phone is stolen or if any attacker tries to downgrade the software and wants to gain control over your data.

Q2: How is this harmful to my device?
A: Well, as a security measure it should never give you a hard-brick. When someone tries to downgrade, it should display a warning and get turned off but there's difference between how things should work and how Xiaomi does. As Google has stated, "Anti-Rollback" should get automatically turn off when the user unlocks the bootloader but in case of MIUI even unlocked users are getting hard-bricks. Hopefully the developers of MIUI should push an update soon and if they don't, our beloved devs will find a way for sure

Q4: So, what now? Will Xiaomi solve this issue?
A: We do not know. But our beloved developers in the XDA-Forum will find a way for sure

Q5: How to know if my device is affected by it?
A: Run fastboot command :

fastboot getvar anti
The displayed output : 3 shall mean you're fine while 4 shall mean you're in the Anti-Rollback squad.

Q6: I'm in the Anti-Rollback squad what now?
A: Don't worry you can still flash custom recovery and roam around custom ROMs but avoid flashing any firmware or any MIUI ROM which is older than what you're using now otherwise you'll brick your device.

Q7: Which MIUI builds include "Anti-Rollback"?
A: All the MIUI builds which are released after Stable MIUI V9.5.17.0 and Beta MIUI V8.7.5 include "Anti-Rollback". And yes the Chinese versions are affected as well.

Q8: Do MIUI Stable V9.5.17.0 and Beta V8.7.5 have "Anti-Rollback" enabled?
A: NO. If you're on either of these builds you are safe to downgrade and use any older version.

Q9: How to flash custom recovery and custom ROMs on "Anti-Rollback" enabled devices?
A: On "Anti-Rollback" enabled ROMs you cann't flash custom recovery permanently. You'll have to boot into recovery first by running fastboot command:

fastboot boot xyz.img
(where xyz is name of your recovery file). Once you're booted into the custom recovery, copy the recovery image file in the internal storage and flash that recovery from recovery itself. Now you've successfully flashed custom recovery and you're good to go with custom ROMs. WARNING: Avoid flashing any firmware.

Q10: Can I migrate from Stable to Beta and vice-versa?
A: You can install Beta from Stable, make sure you flash latest Beta build same is the case with Stable. If you're on anti-4 firmware, whether its Beta or Stable you can switch to any anti-4 MIUI ROM Beta or Stable but remember you must flash latest version available while switching. (anti-4 means "Anti-Rollback" enabled firmware)

Q11: Can I unlock bootloader and flash custom ROMs on an "Anti-Rollback" enabled device?
A: Yes. Again to flash custom ROMs and recovery refer to Q9.

Q12Can I flash "Anti-Rollback" enabled ROM via TWRP?
AWell, in some cases it did work, just flash lazy flasher zip file after flashing MIUI ROM via TWRP. But while switching to MIUI from AOSP based ROMs on an "Anti-Rollback " enabled device I recommend you to go with fastboot method to avoid chances of brick.

Source is XDA
USE "THANKS" Button.
Follow Forum Rules
Am offline in Vacation Don't PM me
  Reply With Quote
The Following 4 Users Say Thank You to ~Leo~ For This Useful Post:
Show/Hide list of the thanked
Old 09-08-2018, 23:17   #2 (permalink)
No Life Poster
rebainoor's Avatar
Join Date: Feb 2006
Posts: 1,786
Member: 231728
Status: Offline
Thanks Meter: 920
Anti-rollback its for system only its Can be baypassed by writing dummy.img file included in factory rom in fastboot
And mi authirization its for firehose edl flash autorisation this auth is hard to baypass

Last edited by rebainoor; 09-08-2018 at 23:26.
  Reply With Quote
The Following User Says Thank You to rebainoor For This Useful Post:
Old 09-08-2018, 23:58   #3 (permalink)
No Life Poster
rebainoor's Avatar
Join Date: Feb 2006
Posts: 1,786
Member: 231728
Status: Offline
Thanks Meter: 920
these phones have new authentication system (done by Xiaomi)
i call it SIG, because them added new command to his Firehose programmer's.

Things to need to know:
1. QC was always implemented SW_VERSION (RollBack) tag in his certificate
validation schema, but nobody was used it before (Except Samsung and LG)
2. After FireHose is Validated, OEM manufacturer is free to add his own
secondary authentication (First was introduced in old SE phones which was need
SE validation card, now old golden idea was taken by Xiaomi and auth protocol
moved to server)

So what in fact we can do:
1. Need to Have FireHose Programmer signed to current eFuse Value
with sme HW_ID and Higher or Same SW_ID (Included RollBack Version)
tags without a SIG authentication extension.
Here is importan RollBack Version, is activated then tag value is > 0

How we can recognize it:
Unfortunatelly Sahara Protocol, not let us to read SW_ID tag and
choose right RollBack Satisfied Firehose Automatically
Fast boot "getvar:all" will show "RollBack Version" or "Anti" Variable
who reflects RollBack (SW_VERSION) value

How to check is FireHose Ready to do jobs:
Jus Open it wih notepad and look for "SW_ID"
Here You will see Hex Value string: 0000000200000003 SW_ID
Here You see RollBack (SW Version) = 2
So with this FireHose can serve : RB: 0, 1, 2 and cannot work with 3, 4, ...

How to see is FireHose Need Xiaomi Authentication or not
is same open with note pad and search for this string: "sig "
(white space is important here)
if not found "sig " - you are lucky: this FireHose not need it.

And for sure do not forget that Root CA HASH must be same as is in eFuse (QFPROM)
  Reply With Quote
The Following 3 Users Say Thank You to rebainoor For This Useful Post:
Show/Hide list of the thanked
Old 09-22-2018, 09:34   #4 (permalink)
Junior Member
Join Date: Apr 2016
Posts: 7
Member: 2559548
Status: Offline
Thanks Meter: 0
Mi Note 5 pro mi account solution i try all method pls help me
  Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT +1. The time now is 02:27.

Powered by Searchlight © 2019 Axivo Inc.
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
- GSM Hosting Ltd. - 1999-2017 -
Page generated in 0.19757 seconds with 7 queries