[Teracube 2e] Instructions to Install Factory Software and to Reset

Guides
#24

It does not, no.

The SPFlash utility is meant for flashing the OEM image and partitions and communicating with the phone in a special lower-level mode that makes it (almost entirely) unbrickable and able to be recovered. Secure data erasure is a non-goal of this tool, from what I can tell from how it is laid out.

In terms of data recovery, a consistent write of 1 or 0 is easier to recover than (semi)random data written over it, so reflashing the user partition and maybe dumping a bunch of random-filled files on it between reflashes will be a much better secure-erase process. You can generate them on Linux with something like this: head -c 1G </dev/urandom >myfile

#25

So I just received a warranty replacement device. Despite being told that the device would ship with Android 13, which should resolve security concerns from Android 11, the device in fact came with Android 11.
Unfortunately, I only discovered this after I logged into my Google Account on the phone.
When I went to Settings > System > Update, it showed me the following update was available:
Teracube 13.1.1+a21467d.emerald.user

Question 1: Is there a difference between installing v13 through the settings menu versus the process described in the original post in this thread? Specifically, I’m thinking about differences in device security, but curious to know others as well.
Question 2: Is it a problem that I logged into my Google account before updating to v13. It has been stated in several other threads how v11 had several known exploits that were blamed for the previously reported hacks where SMS 2FA codes were being forwarded by the phone.

Note: I never did and still have not put a SIM card in the replacement phone.

#26

  1. No, the are the same image, just applied differently. The manual flash is more of a failsafe/full recovery, whereas the upgrade from within Android doesn’t reimage everything as it isn’t needed on a functional device.

  2. I don’t think that this is a likely risk factor, especially if your Google account is secured with 2FA and other best-practices. I’ve tested every build from TeraCube across Zirconia/Emerald/Thrive/Ruby with the same Google account, starting with Android 9 images, and I have not noticed anything suspicious at all in the logs.

#27

These images will be updated with Android 13 stable builds.

1 Like