Computer Science
Algorithm
任意进制数的补码 (2011)
快排杀手 (2011)
How to Estimate Max TPS from TPM (2020)
Data Processing
Use Docker to Submit Spark Jobs (2015)
The Proper Way to Use Spark Checkpoint (2015)
Use Redis Instead of Spark Streaming to Count Statistics (2015)
Digital Life
Move from Twitter to Mastodon (2020)
What Is Wrong about Recommendation System (2020)
Use RSS and Kindle to Read News (2020)
Matrix: A Self Hosted Instant Messaging Solution with End to End Encryption (2020)
An Overview of China's Internet Censorship Strategy (2020)
Deploy Matrix for Users in China (2020)
Distributed System
Spanner and Open Source Implementations (2018)
Great Resources for Learning Database and Distributed System (2019)
Aurora Database (2020)
Understand Liveness and Fairness in TLA+ (2020)
Use TLA+ to Verify Cache Consistency (2020)
Keep Data Consistency During Database Migration (2020)
Redis Implementation for Cache and Database Consistency (2020)
Distributed System Infrastructure
Infrastructure Setup for High Availability (2023)
Upgrade Kubernetes from 1.23 to 1.24 (2023)
How to Cleanup Ceph Filesystem for Deleted Kubernetes Persistent Volume (2023)
Introduce K3s, CephFS and MetalLB to My High Avaliable Cluster (2023)
Machine Learning
Backpropagation Algorithm (2015)
My Recent Work About Neural Networks (2015)
Install BLAS Library for MXNet (2015)
How to Put RNN Layers Into Neural Network Model (2016)
Build A Computer for Deep Learning (2016)
Operating System
Android
The Permission Management of Android Becomes A Bigger Problem When It Comes to Wearable Devices and TV (2016)
Root And Optimize MiBox 3S (2018)
Linux
端口666:毁灭! (2011)
Chroot 简介 (2012)
Compile And Install Kernel (2012)
Backup My Dotfiles (2012)
Comparison Between Linux Desktop Environments (2012)
How Kernel's Makefile Specify Output Directory (2013)
Xbmc on Raspberry Pi with Archlinux (2013)
Setup SSH Authentication with YubiKey (2021)
In Defence of Disabling Swap (2021)
Build a Linux Virtual Machine for Windows Apps (2023)
Linux Full Disk Encryption with Yubikey (2023)
Tizen
Tizen,加油 (2012)
Windows
Build a Unix Like Environment on Windows (2016)
iOS
DNS Resolving Bug in iOS 14 (2020)
Handle Apple In-App-Purchase Server Notification with Scala/Java (2022)
Programming Language
C++
也谈C++ (2012)
Erlang
Build Erlang the Rebar Way (2013)
Fetch Popular Erlang Modules by Coffee Script (2013)
Why I Come Back to Erlang (2014)
Experiment On Combining OOP With Erlang's Actor Model (2014)
Go
Notes On Go Scheduler (2014)
Scala
Config sbt to Use Both Proxy and Self Hosted Repositories (2016)
Compare Task Processing Approaches in Scala (2023)
A Boring JVM Memory Profiling Story (2023)
Scala 2 Macro Tutorial (2023)
Scheme
SICP第三章总结(上)——可变量与环境 (2012)
SICP第三章总结(下)——流编程 (2012)
Type System
RESTful API with Type System (2014)
Powerful Type System (2020)
Software Engineering
Call Program Like A Function (2012)
More About Program In Shell And Function (2013)
Server Logic of Level Based Games (2013)
Languages Should Have Database Built In (2013)
How About Translate IMAP And SMTP Into HTTP API? (2015)
The Things You Need to Know When Using Apache Sentry (2018)
Define Infrastructure as Code (2021)
Why Big Companies Need to Adopt Open Source (2021)
Storage
Change Root File System from Ext4 to Xfs on Archlinux (2013)
Migrate Arch Linux to ZFS (2020)
Personal ZFS Offsite Backup Solution (2021)
ZFS Profiling on Arch Linux (2023)
UI
Flutter
Make Flutter Web Apps More Native Like (2024)
Javascript
Beautiful Math with MathJex (2012)
HTML + CSS + JS is Good (2014)
What is Wrong about HTML and CSS (2014)
Prevent htmx Lazy Loaded Content From Reloading (2024)
Virtualization
Create A Virtual Machine Network (2012)
Fedora Virt-manager Guest Connect to Host (2013)
Docker Is the One Scaffolding to Rule Them All (2014)
Life
Life in Guangzhou (2013)
Recent Works (2013)
东京之旅 (2014)
My 2017 Year in Review (2018)
My 2020 in Review (2021)
十三年前被隔离的经历 (2022)
A Travel to Montreal (2022)
My 2022 in Review (2023)
Travel Back to China (2024)
Projects
Bard
The Thoughts Behind Bard Framework (2014)
Why Use Reflections to Write A Web Framework (2014)
Blog
My New Blog Website (2012)
Comment And Search Are Available (2012)
Remove Categories (2012)
Add Index to My Blog (2021)
Jekyll Plugin to Load Asciinema Recordings Locally (2023)
Add Index Sidebar to My Blog (2023)
RSS Brain
RSS Brain: Yet Another RSS Reader, With More Features (2022)
How RSS Brain Shows Related Articles (2022)
Update on RSS Brain to Find Related Articles with Machine Learning (2023)
Scala2grpc
A Library to Make It Easier to Use Scala with gRPC (2022)
Migrate Scala2grpc to Cats Effect 3 (2023)
Comment Everywhere (2013)
Fetch Popular Erlang Modules by Coffee Script (2013)
Psychology
耶鲁大学心理学导论 (2012)
Thoughts
Chinese
关于人的思想 (2008)
关于人的思想(续) (2008)
览《中国文化要义》有感 (2011)
未来人们怎样对待坏人:读《理想国》杂想 (2011)
好玩的生命游戏 (2011)
念天地之悠悠 (2012)
摒弃现代科技的隐士生活 (2015)
读《邓小平时代》有感 (2016)
由“废青”这个称呼所想到的 (2019)
盛唐诗人和远游 (2020)
English
Tired of Programming (2013)
The Tragic Talented Programmer (2020)

Table of Contents

  1. 1. Preparation
  2. 2. Root the Device
  3. 3. Cleanup KingRoot and Install Superuser
  4. 4. Install A Third-Party Launcher
  5. 5. Disable Built-in Apps
  6. 6. Disable Network by Default
  7. 7. Install Some Video Apps

Root And Optimize MiBox 3S

Posted on 18 Nov 2018, tagged AndroidAndroid TVMiBox

I’ve bought a MiBox 3S to watch TV and video for a long time. These days I’ve done lots of things to security my digital life and privacy, like change my Email to Proton Mail, change the search engine to DuckDuckGo, use Authy to enable 2FA when possible, and so on. So I didn’t turn on the MiBox for a long time since I don’t feel security to let a XiaoMi device running all the time in my LAN. The business model of XiaoMi is to sell cheap device and push ads to you. So it definitely collects your data. But I do need a device to watch TV or video on a big screen, so I decide to root and clean it to make it more security. Here is how I do it:

1. Preparation

1.1 How to Recover the Device

You need to know how to recover the device if you failed to root it and messed the system up. Just turn off the device, press confirm and back button on the remote control at the same time, then turn on the device. You can find it will enter the recovery mode and has an option to recover to factory settings.

1.2 Some Apps and Scripts

Some apps and scripts are used to grant the root permission. You can follow this video to root the device (but don’t follow the video to install the Google Apps), then come back here from step 3.

If you don’t want to watch the video, just download the needed folder MDZ18AA_1.5.2 and follow this tutorial from step 1.

1.3 How to Install Apps

You need a USB drive to install the apps. Put the APKs in the USB drive and plug it into MiBox. It will prompt to open it. Then you can install the APK from it. KingRoot, SManager and SuperUser are already bundled in the directory MDZ18AA_1.5.2. You can download apk of other apps from websites liek APK Mirror or APK Pure.

The apps used are:

  • KingRoot: Grant root permission.
  • SManager: Copy files and run scripts.
  • SuperUser: Manage root permission.
  • HALauncher: The third-party launcher.
  • Ice Box: Disable the built-in apps.
  • Greenify: Disable the background running.
  • AFWall+: Disable network access.
  • Smart YouTube: The YouTube client for TV that doesn’t need Google service installed.

1.4 Prepare a Mouse

We must use a mouse to do some operations since many apps are not designed for TV.

2. Root the Device

Root the device is easy. Just install the app KingRoot and follow the instructors. One thing to notice is after root, KingRoot will ask you to optimize the system. Don’t do that!. Since KingRoot is found to have bad behaviours. We will clean it up and use Superuser to replace it.

3. Cleanup KingRoot and Install Superuser

  1. Instal SManager.
  2. In SManager, copy the downloaded folder MDZ18AA_1.5.2 from USB drive to /storage/sdcard0.
  3. In SManager, open 1_ROOT/SuperSU.sh, check su option and run it.

4. Install A Third-Party Launcher

Many people use the original Android TV launcher from Google. I don’t want to do that. Since you must install a lot of Google apps in order to use it (which means is also bloated), and it’s not very convenience to use Google in China. So I decide to install a third-party one. At last I choose HALauncher. It is very simple and clean. After some simple configurations, the UI looks very beautiful. Here is a picture of it:

HALauncher

However, after install HALauncher, we cannot set it to default. In order to use it, we must disable the built-in launcher.

5. Disable Built-in Apps

Uninstall built-in apps will get a higher risk since the built-in apps are integrate with the device very deeply, if uninstall the wrong one may make the device unusable. So I uses the app Ice Box to just disable them. After disable the built-in launcher, the system will use the third-party launcher that you installed in the last step.

One thing that is not very convenience of Ice Box is the operations must be done with a mouse. On the phone, you can add the shortcuts to open the disabled apps, but I didn’t find that option on TV. So I also install Greenify to make the daily used app not running in the background.

After disabled the built-in apps, if you want to use the USB drive, you must open the original launcher from XiaoMi as well as the MiSystem app from Ice Box. After mount the USB drive, you can disable them again.

6. Disable Network by Default

Even we’ve disabled the built-in apps, we cannot ensure the security either. Since XiaoMi may modified the Android OS. So I disabled the network at all with AFWall+ and only let limited video apps have access to network. So whatever XiaoMi built in the OS cannot upload anything to its server, and it cannot download and upgrade the system, either. (In theory, XiaoMi can also upload things through modify the kernel but I don’t think it will do things like that deep.)

7. Install Some Video Apps

At this step, the system is clean. You can install your favorite video apps. If you want to watch YouTube, you cannot install the official one since it needs Google service. You can install Smart YouTube instead. I think it is much better than the Google one. After installed the video apps, don’t forget to give them network access in AFWall+ and disable the background behavior in Greenify.

Since I’m in China behind the GFW, I also installed ShadowSocks in order to watch YouTube. It is easy to use as on phone, but may need a mouse the config it.

So here are all the things, happy hacking the device!