Experience of flashing ROM to Samsung devices

Previously, I wrote my experience about installing CyanogenMod on the old Samsung phone. There are something worth to know before flashing, other than backup the precious data, download the ROM and tools, and take for any risk.

In my experience, it is best to get the stock ROM (that is the original ROM or firmware). This is to prevent some unexpected outcomes. With the stock ROM, at least we can recover to the (true) factory setting.

In order to flash the ROM, rooting is not required. But with an un-rooted Android, the backup will only works on the SD card (internal or external) and backup feature from the apps themselves, such as WhatsApp conversation backup and Wechat conversation backup. That means, all the games data and other apps data cannot be backup.

Therefore, if possible, root the phone then backup the data with Titanium Backup, then we no need to save the data to the cloud.

Flash a ROM or root only?

In my opinion, flashing a ROM is simpler than just rooting a phone. In order to root the phone, the method is varied between the phones. But to flash the ROM, the method is similar (in my case, Samsung device only). (As I never successfully root the phone directly, even using the one-click rooting tool.)

Flashing a custom ROM, normally provides a lot of features especially superuser (root) and busybox. Both are my favourites, as I can adb shell to do a lot of things. However, if root only, then we need to install busybox ourselves. This may be time consuming. Furthermore, with root only, we may have difficulty to upgrade the Android version, such as from Froyo to Jelly Bean. Yet, if flashing the ROM, we can choose the version of Android that we prefer (normally the latest stable).


Originality and genuineness is nice. Root an Android phone or flash in a custom ROM will void the warranty. If the warranty is expired, and the phone is “dying”, maybe flashing a new ROM is good solution to “renew” the phone. After flashing a custom ROM, you can enjoy the features provided by the ROM, especially root. So that you can install more powerful apps to your phone, including advertisement blocking apps.

Other than that, some new apps (such as games) require higher version of Android. The official firmware may only support to Ice Cream Sandwich. But, now already KitKat, you at least try to get Jelly Bean. But your Android is still Froyo or Gingerbread. Where is Honeycomb? You have missed a lot of things.

The best thing I like is busybox. With busybox, I can enjoy command-line in Terminal Emulator and also the adb shell to hack the device.


After flashing the CyanogenMod, then I had a message about the invalid IMEI. This is seriously exhaustive when I want to restore it. Finally, I give up the IMEI.

In order to restore IMEI, I had done several things. Firstly, I re-flashed the stock ROM. Then the IMEI is restored. However, in order to preserve IMEI for the custom ROM, I have to backup the /efs folder. Yet, this folder cannot be accessed without the root permission. That is why, root is needed. I failed to root the phone. As a result, I used the psneuter method to gain the root access then used the busybox to “tar” the /efs folder.

According to the forums, if we have backup efs, then we can restore the IMEI. But, after I re-flashed the CyanogenMod, then I restored the efs folder, there is a message related to “not enough disk space”. Rebooted the phone, the phone then had a valid IMEI, but it could not call and no signal. This was worse than invalid IMEI. That is why I give up the IMEI.

Heimdall and Odin

In order to flash ROMs to Samsung devices, we need to use either Heimdall or Odin. I personally use Heimdall since I am using Linux. The stock ROM I obtained are the files end with tar.md5 extension. These files are compatible to Odin. However, they can be still flashed by using Heimdall. I used “tar xf” command to extract the tar.md5 files. As a result, I got some files like recovery.img, modem.bin, factoryfs.rfs, etc. These are the files that can be flashed with Heimdall.

Therefore, to flash with Heimdall, I can use a command like

heimdall flash --KERNEL zImage --CACHE cache.rfs --DBDATAFS dbdata.rfs --FACTORYFS factoryfs.rfs --MODEM modem.bin --PARAM param.lfs

For the parameters, such as --KERNEL, these are depending on the device. In order to know what parameters are available, we can use

heimdall print-pit

By these information, we can relate the parameters with the corresponding files.

During flashing, I caused my phone always boot into the Recovery Mode. The phone cannot boot into the Bootloader. I think that was because the files I flashed were incompatible and they damaged the bootloader. Thus, I downloaded another stock ROM that contains the boot.bin. Flashed it, then only that the phone can boot normally.

So, now I can enjoy my phone with custom ROM or stock ROM. Great Android phone!

tcplay script

Recently, when I was using TrueCrypt in Arch Linux to mount a truecrypt container file, it was very slow to mount the container. Furthermore, I also read that the TrueCrypt is discontinued.

Therefore, I decided to use the tcplay. However, it is a command-line. Arch Linux wiki page shows a good tutorial on how to use tcplay.

When using tcplay in Linux, unlike mounting the folder like encfs, tcplay requires losetup for loop device. Thus, it involves 3 steps to mount a truecrypt container: i) setup loop device, ii) setup device-mapper with tcplay, and iii) mount. Consequently, to unmount the truecrypt containter need to reverse these 3 steps.

In order to make my life easier, I wrote a simple script as following. Feel free to modify it.

# @author Allen Choong
# @date    2014-06-29
# @version    1.0.1
# Easy mount the truecrypt encryptinog by using tcplay.
# Assuming the truecrypt mounting name does not have whitespace.
# Changelog:
# 2014-06-29    1.0.1    Add display help if there is no argument
# 2014-06-02    1.0    Initial

tc_mount() {
  lo=`losetup -f`
  losetup "$lo" "$1"
  tcplay -m "`basename "$1"`" -d "$lo"
  mount "/dev/mapper/`basename "$1"`" "$2"

tc_unmount() {
  echo -en "Unmount ... "
  umount "/dev/mapper/$1"
  lo=`losetup -l | grep "$1" | cut -d ' ' -f 1`
  dmsetup remove "$1"
  losetup -d "$lo"
  echo "OK!"

mklist() {
  for ((i=1;$i<=$num;i++)) ; do
    ret+=$(echo " `expr $start + $i`")
  echo $ret

show_mount() {
  mount|grep '/dev/mapper' |while read l ; do num=`echo "$l" | tr ' ' '\n' | wc -l`;
    cutnum=$(mklist 3 `expr $num - 6`)
    echo "$l" | cut -d ' ' -f "1 $cutnum" | sed -e 's/\s/ => /'

#Get arguments
for ((i=0;i<=$#;i++)) ; do


#Print help
if [ $# == "0" ] ; then
  echo "This command requires root privilege."
  echo "Usage:"
  echo ""
  echo "To list the mounted container:"
  echo "`basename $0` -l"
  echo ""
  echo "To unmount (requires root):"
  echo "`basename $0` -u CONTAINER_FILENAME"
  echo "where CONTAINER_FILENAME is the device mapper name"
  echo ""

for ((i=1;i<=$#;i++)) ; do
  case ${args[$i]} in
      unmnt=`echo ${args[$i+1]}`

if [[ "$action" == "mount" ]] ; then
  tc_mount "$1" "$2"
elif [[ "$action" == "unmount" ]] ; then
  tc_unmount "$unmnt"

Update (2014-06-29):
In order to use this script, if you have a file called foobar.tc (already make file system),

sudo tcplay.sh foobar.tc /path/to/mnt

After this, you can list the mounted point as,

tcplay.sh -l

To unmount the container,

sudo tcplay.sh -u foobar.tc #where the foobar.tc is the device mapper name, not the path to the file