Related
Is there any way to secure android like ios7. In case if i loose my phone then no one can use it. Is it true a hard reset will remove my pattern or password? My phone is non rooted. Can someone install custom recovery too?
saudiqbal said:
Is there any way to secure android like ios7. In case if i loose my phone then no one can use it. Is it true a hard reset will remove my pattern or password? My phone is non rooted. Can someone install custom recovery too?
Click to expand...
Click to collapse
There is not fool poof way to prevent this. Even on IOS7 the security can be gotten around. Best advice is to make sure you are backing up your files.
Google does have a remote wipe option built into the Android OS. That is your best bet.
There is no full proof way to make render unusable, but you can call up your carrier and ask them to blacklist the IMEI so they can't use sim cards with it anymore.
You could however, protect your data. Do this by: encrypt your device, stock recovery, disable USB debugging, lock the bootloader. At least with this, if the device is stolen, if they don't know how to flash factory image, they'll need to enter the encrypted password to boot into the phone and can't copy over your datas.
You should also look up the app Cerberus, which with root can survive through factory reset (as long as they don't overwrite or format the "system" partition).
Hi,
I bought the Samsung Galaxy S5 and the fingerprint reader works reasonably well (as in it works, nothing in comparison to apple though, so don't buy it for the fingerprint reader ) for unlocking the screen...
However its a work requirement that my phone has full device encryption, as phones are regularly stolen where I travel.... it seems when I enable encryption I lose the ability to use the fingerprint reader to unlock the phone .... I bought this hoping that I could avoid having to type in my complex password just to unlock the screen, as I got so tired of doing that with my S2
Is there any mods to enable finger print reader screen unlock + full device encryption at boot time for the Galaxy S5 yet? ... I saw some references to pattern unlock / pin with device encryption... but I would think the fingerprint reader is different...
Thanks!
S5 Full disk encryption with fingerprint unlock
I also have this question. I believe on the Nexus 5 it at leasts lets you use face unlock with full device encryption. And I read on one article that you should be able to do this but i do not think the author actually tried this. I will say from my own personal experience that you can infact decrypt the device after encrypting it without doing a complete wipe of the device and you can restore the use of fingerprints to unlock your phone. It seems like for security minded people this would be a great feature but if it is unable to be used with full device encryption it seems a little pointless to me. Being forced to use a PIN or password to use encryption is a big pain point for android users who want some type of security.
Yes I can't believe that no one has really complained about this yet - but I guess encryption isn't' that important to people as I imagined
androidpleb said:
Yes I can't believe that no one has really complained about this yet - but I guess encryption isn't' that important to people as I imagined
Click to expand...
Click to collapse
I am having the same pain, as I use my S5 for BYOD.
It makes no sense when you can use fingerprint to make payments with paypal but not unlocking the phone when it is encrypted.
Hope Samsung can enable this feature in next update.
I'd like this too.. as well as, the iPhone has a cydia app (that a friend of mine showed me), that you can basically disable the power button from turning off the phone while it is fingerprint locked. That would definately be nice to have on the S5 (since it's done through an app). That would have stopped the person who stole my wife's S4 from turning it off when it was blasting the locator ring at them!
sorphin said:
I'd like this too.. as well as, the iPhone has a cydia app (that a friend of mine showed me), that you can basically disable the power button from turning off the phone while it is fingerprint locked. That would definately be nice to have on the S5 (since it's done through an app). That would have stopped the person who stole my wife's S4 from turning it off when it was blasting the locator ring at them!
Click to expand...
Click to collapse
I can't believe that the fingerprint sensor can't be used if encryption is enabled whatsoever. I could understand the iPhone model, requiring a pin before a fingerprint can be used, but by disabling fingerprint lockscreen, boot unlock, and SD unlock, the fingerprint sensor is now wholly useless for convenience.
It's too trivial to extract data from an unencrypted Android. By not supporting encryption with a measure of covenieve, I don't see the point in including a fingerprint sensor whatsoever given the current software limitations.
Please, someone, figure out what sqlite/settings need to be changed so we can make decent use of our phones fingerprint sensor.
After some experiments, i found out a procedure to enable FDE and fingerprint lockscreen. Root is required (or at least I guess, I didn't try with a non-rooted system...).
These are the steps:
1) set up fingerprint lockscreen
2) with a root explorer, go to /data/system folder, and backup locksettings.db, locksettings.db-shm and locksettings.db-wal to sd card
3) set up password lockscreen
4) encrypt the device
5) when encryption is done, restore the backed-up files to /data/system: you should have fingerprint lockscreen again (no reboot needed, just turn the screen off, and magically the password should be vanished )
CAVEAT 1: with my system configuration, I wasn't able to encrypt the device directly: the encryption procedure started, but after reboot nothing happened, the device just booted normally. I don't know the exact reason, in some forums they suppose that it happens on kitkat when the device is rooted. I was able to bypass the problem only adding these steps to the procedure:
...
3b) with TWRP, backup the /system partition, and restore the stock non-rooted /system
4) encrypt the device
4b) restore the original rooted /system partition
...
I don't know if steps 3b) and 4b) are always necessary, let me know...
If you need these steps, don't worry if before restoring your custom /system partition the encryption password isn't recognized, just restore the partition and all will work fine
CAVEAT 2: once encrypted, I didn't find a way to unencrypt the device, because the unencrypt ion procedure starts, but after reboot the device is still encrypted, similar to what described in caveat 1. I tried to replace the /system partition with the stock one, but the encryption password was no longer recognized.
CAVEAT 3: the current TWRP (2.7.1) isn't able to mount S5 encrypted data partition, and restoring an image made with online nandroid backup doesn't seem to work either. So, if you want to make an image of your phone (and I suggest to do it ), do it before encryption
Boot Loop
fabiokino said:
After some experiments, i found out a procedure to enable FDE and fingerprint lockscreen. Root is required (or at least I guess, I didn't try with a non-rooted system...).
These are the steps:
1) set up fingerprint lockscreen
2) with a root explorer, go to /data/system folder, and backup locksettings.db, locksettings.db-shm and locksettings.db-wal to sd card
3) set up password lockscreen
4) encrypt the device
5) when encryption is done, restore the backed-up files to /data/system: you should have fingerprint lockscreen again (no reboot needed, just turn the screen off, and magically the password should be vanished )
CAVEAT 1: with my system configuration, I wasn't able to encrypt the device directly: the encryption procedure started, but after reboot nothing happened, the device just booted normally. I don't know the exact reason, in some forums they suppose that it happens on kitkat when the device is rooted. I was able to bypass the problem only adding these steps to the procedure:
...
3b) with TWRP, backup the /system partition, and restore the stock non-rooted /system
4) encrypt the device
4b) restore the original rooted /system partition
...
I don't know if steps 3b) and 4b) are always necessary, let me know...
If you need these steps, don't worry if before restoring your custom /system partition the encryption password isn't recognized, just restore the partition and all will work fine
CAVEAT 2: once encrypted, I didn't find a way to unencrypt the device, because the unencrypt ion procedure starts, but after reboot the device is still encrypted, similar to what described in caveat 1. I tried to replace the /system partition with the stock one, but the encryption password was no longer recognized.
CAVEAT 3: the current TWRP (2.7.1) isn't able to mount S5 encrypted data partition, and restoring an image made with online nandroid backup doesn't seem to work either. So, if you want to make an image of your phone (and I suggest to do it ), do it before encryption
Click to expand...
Click to collapse
I get samsung boot loop using the above instructions
Pierreseoul said:
I get samsung boot loop using the above instructions
Click to expand...
Click to collapse
Hi guys! Did someone try this solution? I unfortunately have the same issue and unlock my device each time make me crazy!
Thanks in advance.
Same problem
I purchased a Galaxy S5 and I have the same problem, unfortunately I cannot root my phone due to security policies in my company. :crying:
I hope Samsung will solve the issue. :fingers-crossed:
Have anyone contacted to Samsung Support Center?
Pierreseoul said:
I get samsung boot loop using the above instructions
Click to expand...
Click to collapse
What is the consequence of boot loop if you are using stock boot loader? Odin mode required to recover? Something less drastic? What device model are you using?
I found a possible solution that involves deactivating SuperSU and running encryption from there. Still investigating. I am thinking that the solution from @fabiokino will work in this case too.
I'm curious about this aswell.
Doesn't anyone know a working solution?...
It is really frustrating the very least. I can't believe there isn't a way (or if there is, a guide) to do this (with or without root access).
I have also heard it is doable on the Note 4. See this post for example http://forum.xda-developers.com/showpost.php?p=57103664&postcount=7.
I just flashed the stock Lollipop ROM and guess what: It works!!
Samsung finally did it. No tweaking needed and it also works without root access.
How?
healpowah said:
I just flashed the stock Lollipop ROM and guess what: It works!!
Samsung finally did it. No tweaking needed and it also works without root access.
Click to expand...
Click to collapse
Can you explain how please? I'm on stock lollipop as well and cannot use fingerprint scanner with FDE. Wondering if there's a process to it?
Thanks!
healpowah said:
I just flashed the stock Lollipop ROM and guess what: It works!!
Samsung finally did it. No tweaking needed and it also works without root access.
Click to expand...
Click to collapse
Nice to see this, hope it will work on my Galaxy tab S too
Did you see this?
https://www.jethrocarr.com/2013/12/29/encrypting-disk-on-android-4/
GermanDoerksen said:
Can you explain how please? I'm on stock lollipop as well and cannot use fingerprint scanner with FDE. Wondering if there's a process to it?
Thanks!
Click to expand...
Click to collapse
Unluckily the trick showed in the previous link only encrytps the main device and not the micro SD
Joker87 said:
Unluckily the trick showed in the previous link only encrytps the main device and not the micro SD
Click to expand...
Click to collapse
Well for me that really wouldn't be a problem. I don't have an SD card so I'm okay with just FDE. Thing is I really really don't want to root my phone... No particular reason other than every older android device I've done it on always ends up slow and buggy after a few months use until I reflash with stock ROM. I would like my phone to stay buttery smooth for once..
GermanDoerksen said:
Well for me that really wouldn't be a problem. I don't have an SD card so I'm okay with just FDE. Thing is I really really don't want to root my phone... No particular reason other than every older android device I've done it on always ends up slow and buggy after a few months use until I reflash with stock ROM. I would like my phone to stay buttery smooth for once..
Click to expand...
Click to collapse
You could root then unroot it after you have encrypted it
Joker87 said:
You could root then unroot it after you have encrypted it
Click to expand...
Click to collapse
you're right... plus it's not really the "rooting" process that makes it slow, it's installing another ROM. Having a rooted phone doesn't necessarily have any performance impact... just opens up a few things for me. Interesting. Thanks! Unfortunately I've already encrypted so now I have to find that thread about how to decrypt lol.
Thanks!
Can I recover data from my own encrypted s5 Verizon phone (not rooted) w/password?
My s5 Verizon phone could not boot well recently so today I intended to clear system cache. I hold power + volume up+home buttons, maybe somehow it entered into download mode, so it warned me that install a custom os is risky and asked me to volume up to continue, or down to cancel(restart). I volumed down and now it rebooted, but all of sudden, my data is gone! It did not ask me for screen pin/password either as previously my phone was encrypted. (Or did I held power+volumn down to factory reset the phone? But I did not get a warning for that.
This factory reset was a surprise to me as I was not warned or told that they will wipe out the data.
Anyhow, my data is gone. Now I wanted to get it back.
Can I recover data from my own encrypted s5 Verizon phone (not rooted) w/password?
I know It's not difficult if it was not encrypted, as many third party tools can recover most of the data if the phone was not used much after reset.
I am wondering if anyone has any experience recovering data for an *encrypted* phone (with right encryption password though). Which tool can do that by prompting you the password for the encrypted data?
Here is the link regarding recovering data from factory reset: http://forum.xda-developers.com/showthread.php?t=2143188 However, I did not find a solution: what if the phone was encrypted and you do have the correct encryption password (if not I know it's almost impossible)?
Thank you in advance for your help!
J
Any thoughts, suggestions?
My phone was encrypted but not rooted. I have the encryption password. Any chance to get the data back from the phone?
I powered down my phone now and will see how to proceed after I get experts opinion on this...
My question basically is, can I recover data from an encrypted phone after factory reset if I have the encryption password? Anyone can help?
Thank you guys in advance.
Anyone?
I understand this is difficult, but I wanted to try before I give up.
I need experts here to shed some lights: is it still possible to recover the data from my encrypted phone after accidental factory reset, as I still have the screen PIN?
I know how to recover the data if the phone was not encrypted/not factory reset. I also somehow know how to decrypt the data inside the encrypted phone, but no way so far do I know if we can recover the deleted data from the encrypted phone if the files were deleted or the phone was factory reset, provided I still have the screen lock pin.
What I have done so far:
I rooted my sm-n900v
I also created a raw image in my pc using dd command
Next questions are,
where can I find the crypt footer (which partition), and how can I decrypt the deleted data after the factory reset?
Can I recover the deleted data from the encrypted phone first, but it looks like no tools can do that. All data recover tools like Recuva can only recover unencrrypted data.
Or should I first find the cryptor footer, figure out encryption key, but where should I find the deleted files first to decrypt from the encrypted phone?
I just came to realize what I was got into... This is the most difficult scenario to decrpt the deleted files from an encrypted phone. I do want to recover some very important files from the phone's internal/encrypted storage, regardless how stupid I look not backing up those very important data.
But if experts here say I am doing almost impossible thing... I will stop.
Thank you all for your attention.
J
BTW, my s5 ran Android 4.4 before, later upgraded to Android 5.0, a while ago before I recently accidentally factory reset. I just rooted it days ago after accidental factory reset.
...... If the above info will make a difference in solving my issues below.
Thank you.
J
ljxd01 said:
I understand this is difficult, but I wanted to try before I give up.
I need experts here to shed some lights: is it still possible to recover the data from my encrypted phone after accidental factory reset, as I still have the screen PIN?
I know how to recover the data if the phone was not encrypted/not factory reset. I also somehow know how to decrypt the data inside the encrypted phone, but no way so far do I know if we can recover the deleted data from the encrypted phone if the files were deleted or the phone was factory reset, provided I still have the screen lock pin.
What I have done so far:
I rooted my sm-n900v
I also created a raw image in my pc using dd command
Next questions are,
where can I find the crypt footer (which partition), and how can I decrypt the deleted data after the factory reset?
Can I recover the deleted data from the encrypted phone first, but it looks like no tools can do that. All data recover tools like Recuva can only recover unencrrypted data.
Or should I first find the cryptor footer, figure out encryption key, but where should I find the deleted files first to decrypt from the encrypted phone?
I just came to realize what I was got into... This is the most difficult scenario to decrpt the deleted files from an encrypted phone. I do want to recover some very important files from the phone's internal/encrypted storage, regardless how stupid I look not backing up those very important data.
But if experts here say I am doing almost impossible thing... I will stop.
Thank you all for your attention.
J
Click to expand...
Click to collapse
Any help from this forum appreciated...
ljxd01 said:
Any help from this forum appreciated...
Click to expand...
Click to collapse
Hi I am in the same position as you - have you had any luck at all?
danielleb21 said:
Hi I am in the same position as you - have you had any luck at all?
Click to expand...
Click to collapse
ljxd01 said:
Any help from this forum appreciated...
Click to expand...
Click to collapse
From what I have read, the device encryption key is tied to the device Serial Number or Burned-In-ROM-Key. Meaning when you encrypt your device data, it encrypts the password in much the same way the device encrypts its "Verity Hash".
So from what I've gathered it is possible to do a factory data reset, encrypt your empty device using the same password as before, decrypt the empty device, and during that encryption/decryption phase:
Pull out the common denominator between the encrypted data you want to recover and the encrypted empty device, thus enabling you to derive the decryption key used for the data you'd like to recover.
Hello fellow people of XDA!
Today I got an OTA update for my S7 edge (SM-G935F). The update has installed fairly fast (after the first reboot). But then, it got stuck on a decrypting loop. I have enabled prior the full phone encryption, and set it to ask for a password at each start. I entered the password correctly, as it said Starting Android... after, and since then, only the rotating padlock is showing. Every like 5 minutes the soft buttons are lighting up for a second, but then nothing is happening. After a while it even gets hot, but still nothing. I had this issue at the previous update too, but it started after like 30-40 minutes. Now 90 minutes have passed and still nothing.
I can reboot to the recovery and bootloader screens, and everything is fine. Knox not tripped, not rooted, everything official. In the recovery screen it says that my CSC is ECT (but according to sammobile it should be CNX).
Some additional info: samsung/hero2ltexx/hero2lte
7.0/NRD90M/G935FXXU2DRAG
I will try to flash a stock rom (PDA: G935FXXS2DRAA, CSC: G935FROM1DQJ3). If that doesn't work, I'll flash today's rom (PDA: same, CSC: G935FVFG1DQI1).
Any tips/help would be greately appreciated! Would not want to fall to the wipe data method, because I don't want to lose everything... But then again, I guess that would remove the boot password...
Thanks!
Update: After waiting for like 10+ hours, nothing has changed. Maybe I shouldn't have forced a reboot after an hour of the ota update? Going to try flashing the firmware now.
Update 2: I flashed the firmware, now the buttons seem to light up less often. But after an hour of decrypting, I guess the ultimate soultion would be to do a factory reset, since no one is helping...
jaszfalvi.tamas said:
Hello fellow people of XDA!
Today I got an OTA update for my S7 edge (SM-G935F). The update has installed fairly fast (after the first reboot). But then, it got stuck on a decrypting loop. I have enabled prior the full phone encryption, and set it to ask for a password at each start. I entered the password correctly, as it said Starting Android... after, and since then, only the rotating padlock is showing. Every like 5 minutes the soft buttons are lighting up for a second, but then nothing is happening. After a while it even gets hot, but still nothing. I had this issue at the previous update too, but it started after like 30-40 minutes. Now 90 minutes have passed and still nothing.
I can reboot to the recovery and bootloader screens, and everything is fine. Knox not tripped, not rooted, everything official. In the recovery screen it says that my CSC is ECT (but according to sammobile it should be CNX).
Some additional info: samsung/hero2ltexx/hero2lte
7.0/NRD90M/G935FXXU2DRAG
I will try to flash a stock rom (PDA: G935FXXS2DRAA, CSC: G935FROM1DQJ3). If that doesn't work, I'll flash today's rom (PDA: same, CSC: G935FVFG1DQI1).
Any tips/help would be greately appreciated! Would not want to fall to the wipe data method, because I don't want to lose everything... But then again, I guess that would remove the boot password...
Thanks!
Update: After waiting for like 10+ hours, nothing has changed. Maybe I shouldn't have forced a reboot after an hour of the ota update? Going to try flashing the firmware now.
Update 2: I flashed the firmware, now the buttons seem to light up less often. But after an hour of decrypting, I guess the ultimate soultion would be to do a factory reset, since no one is helping...
Click to expand...
Click to collapse
Wait, i dont get it, it is prompting you for a password even you didnt set it?
Sent from my S7 Edge using XDA Labs
shah22 said:
Wait, i dont get it, it is prompting you for a password even you didnt set it?
Sent from my S7 Edge using XDA Labs
Click to expand...
Click to collapse
I set a password when I enabled Secure Startup.
jaszfalvi.tamas said:
I set a password when I enabled Secure Startup.
Click to expand...
Click to collapse
Then use that same password, i think there is confusion, there is a password when you enable fingerprint and then a password when you enable secure startup. Be sure not to confuse them. If it still happens, then I guess there's got something wrong with the update, and only way is a factory reset. Btw, i also updated and i normally entered secure boot password and it started okay. Don't know what caused this for you.
Sent from my S7 Edge using XDA Labs
shah22 said:
Then use that same password, i think there is confusion, there is a password when you enable fingerprint and then a password when you enable secure startup. Be sure not to remember them. If it still happens, then I guess there got something wrong with the update, and only way is a factory reset. Btw, i also updated and i normally entered secure boot password and it started okay. Don't know what caused this for you.
Sent from my S7 Edge using XDA Labs
Click to expand...
Click to collapse
I entered the password correctly, as it stated "Starting Android..." then the rotating padlock took forever. More than 10 hours even. But in the end, a factory reset helped me. But rip my photos and memories...
Don't use device encryption anymore and leave OEM unlocking enabled in developer options.
Those two settings cause more hassle if you want to keep data, and make backups from time to time using Samsung Smart switch on computer. Use a microSD card to store and take all your photos from camera.
benjamen50 said:
Don't use device encryption anymore and leave OEM unlocking enabled in developer options.
Those two settings cause more hassle if you want to keep data, and make backups from time to time using Samsung Smart switch on computer. Use a microSD card to store and take all your photos from camera.
Click to expand...
Click to collapse
Right, but i use encryption and i could update without any problem, don't know what caused this issue with him. But one should backup all data BEFORE updating, as i did to save yourself from such hassle.
Sent from my S7 Edge using XDA Labs
benjamen50 said:
Don't use device encryption anymore and leave OEM unlocking enabled in developer options.
Those two settings cause more hassle if you want to keep data, and make backups from time to time using Samsung Smart switch on computer. Use a microSD card to store and take all your photos from camera.
Click to expand...
Click to collapse
Yeah, it's a sure thing I won't turn on Secure Stratup anymore. I don't know what OEM unlock does or does not, but right now, I don't have dev options enabled. If I had a microSD then I couldn't care less about resetting my phone, but since I don't have, because I have two SIM cards and a memory card has no place left, I feel bad.
Still, I don't know caused this issue. I had OTA updates before with full device encryption enabled and I had no issues before. I kinda used the same disk space at every OTA, so it should have took the same time... And I have to mention, that I did not tamper with the software. No root, no custom rom, and software only from the play store.
To enable developer options you click Build number 7 times which is located in the Software information tab in settings.
OEM unlock allows you to flash and boot the phone with custom binaries (Custom Recovery, Kernels, Roms). You can leave OEM unlock disabled if you don't want people that may steal your phone and use it for themselves.
With OEM unlock disabled and a google account signed in, it will block anyone from using the phone after a factory reset on stock Samsung firmware as it will prompt the user to enter the google account that was associated with that device.
Unfortunately there are rare cases that a OTA update may fail. Reflashing correct stock firmware usually fixes it but in worse case scenarios a factory reset will be required.
benjamen50 said:
To enable developer options you click Build number 7 times which is located in the Software information tab in settings.
OEM unlock allows you to flash and boot the phone with custom binaries (Custom Recovery, Kernels, Roms). You can leave OEM unlock disabled if you don't want people that may steal your phone and use it for themselves.
With OEM unlock disabled and a google account signed in, it will block anyone from using the phone after a factory reset on stock Samsung firmware as it will prompt the user to enter the google account that was associated with that device.
Unfortunately there are rare cases that a OTA update may fail. Reflashing correct stock firmware usually fixes it but in worse case scenarios a factory reset will be required.
Click to expand...
Click to collapse
Never had OEM unlock enabled, because I didn't know what is does, so thanks for the info. I reflashed the correct stock firmware, but that didn't help either, so I had to resort to wiping the data... Regarding this, do you know by any chance a good software for recovering data without root?
I don't know of any unfortunately, if anyone has any good paid ones that actually work please post here.
Hello there, I'm using OnePlus 6t on OOS 10, somehow my kid changed the lockscreen pin and now forgot.
I've read multiple threads and asked a lot of people, but there seems no method to bypass the lockscreen pin.
I'd some important files which I couldn't backup/ not until my last backup.
Is there any way possible to recover my files after a hard reset as that's the only alternate i can think of without bypassing lockscreen without root.
FYI: Bootloader locked, currently locked, haven't hard reset yet, usb debugging off.
Nope, if you hard reset you lose everything. User storage is encrypted with a per-session key that is wiped when a reset occurs meaning everything on the phone becomes useless garbage the moment that key is lost. If you have adb enabled and have authorized your computer once before you might be able to pull files off using that but otherwise you might be screwed
The lock screen is designed to keep people out, wouldn't be much use if it let people exfiltrate data whenever they wanted
Don't even think you'll be able to get the pin off the phone. When you reset Google asks for the old pin used in the device.
If USB debugging is off, I don't even think you can flash stock firmware onto the device either.
You're pretty much screwed.
The best way to do is MSM tool. If you don't know the password your can't even get in to recovery mode( required password). By doing that all data will be gone.