Related
My Galaxy 1 was stolen from me in Feb, after that i went through a lent s3 and now proud owner of an s4 (i9500).
So i have two questions on this:
1) is there an equivalent for what a bios password is in a PC?
(have to go short something in hardware to bypass, only is asked upon powerup/hard reboot).
2) Is is technically possible for an app to lock on custom sim? (possibly modifying efs folder)
Thanks!
Abrojo said:
My Galaxy 1 was stolen from me in Feb, after that i went through a lent s3 and now proud owner of an s4 (i9500).
So i have two questions on this:
1) is there an equivalent for what a bios password is in a PC?
(have to go short something in hardware to bypass, only is asked upon powerup/hard reboot).
2) Is is technically possible for an app to lock on custom sim? (possibly modifying efs folder)
Thanks!
Click to expand...
Click to collapse
http://bit.ly/174zPh6
LeJolly said:
http://bit.ly/174zPh6
Click to expand...
Click to collapse
Thank you for patronizing me but that didnt answer my question, already been through pages of results when i previous galaxy was stolen (even tried locking from google play). None of the apps listed on a google search for locking and tracking do what i ask.
Centralized cloud based locking doesnt work (a blacklisted imei can get reinstated fairly easy), neither does the standard password Operating System level password.
Thats why i am asking for specific alternative ways of locking the phone that should be (if possible) more tampering resistant.
1) bios equivalent password.(requiering hardware shorting to bypass)
2) custom simlock
I use avast! free mobile security (https://play.google.com/store/apps/details?id=com.avast.android.mobilesecurity&hl=en),
the anti-theft module has option to block the phone if the sim card is changed
LeJolly said:
http://bit.ly/174zPh6
Click to expand...
Click to collapse
What a woeful answer. Try reading before you be a ****.
In answer, no there is nothing similar to a BIOS lock on Android phones, however like mist813 said, Avast is quite good. If you have root access you can install it as a system apk then even if the thief wipes your phone, it's still there.
You could also try lookout its free. Can do tracking, remote wipe and also takes a photo of anyone trying to unlock your phone.
I don't think there is anything that can prevent someone from just flashing a new firmware and wiping the phone completely.
Sent from my Nexus 10 using Tapatalk 2
I don't think there is an equivalent to BIOS lock in Android. I'm not sure if you tried Lookout or the native Samsung remote control under security settings. Both gives you the options to locate, lock, scream or wipe your data. I tried the locate and scream options and they work. Never tried lock or wipe, but they should also work! Now going to the fact of wether someone can bypass or overcome these security measures, then I personally think it's possible and whatever we do he can find a way to go around it depending on how smart and resourceful he is! If my phone is stolen, frankly speaking I won't waste my time trying to find it or just lock it. All what I'll care about is to wipe the data off, and hopefully these softwares will work if needed!
Sent from my SGS IV using Tapatalk 2
Abrojo said:
Thank you for patronizing me but that didnt answer my question, already been through pages of results when i previous galaxy was stolen (even tried locking from google play). None of the apps listed on a google search for locking and tracking do what i ask.
Centralized cloud based locking doesnt work (a blacklisted imei can get reinstated fairly easy), neither does the standard password Operating System level password.
Thats why i am asking for specific alternative ways of locking the phone that should be (if possible) more tampering resistant.
1) bios equivalent password.(requiering hardware shorting to bypass)
2) custom simlock
Click to expand...
Click to collapse
Okay lets not be a **** this time.
1) There's nothing equivalent to that bios thing
2) http://stackoverflow.com/questions/...-the-device-on-removal-of-sim-card-or-sd-card
There are also apps that just notify you if sim card is changed for example this https://play.google.com/store/apps/details?id=instigate.simCardChangeNotifier&hl=fi
And of course there are some apps that let you remotely control your phone for example http://forum.xda-developers.com/showthread.php?p=7567932
Abrojo,
You don't really need a third-party app for this.
Please check out the Samsung Dive service. (www.samsungdive.com)
You can track your phone, lock it with a custom password, sound an alarm, etc...
The problem is, the phone needs to have Internet access.
I am using the Cerberus app (https://play.google.com/store/apps/details?id=com.lsdroid.cerberus&hl=en)
This is the best rated Anti-theft app you can find for your Android.
a license costs 3USD if I remember correctly. With one license you can secure up to five Android phones.
Featuers:
Track your phone
Remote lock
Remote wipe
And a lot more options...
A couple of things that I think are extremely useful:
When a wrong password or pattern is drawn to unlock your phone, a picture is taken with the front camera and emailed to you together with the location of the phone.
When the SIM is swapped, you can configure up to three phone numbers that will receive an SMS with the new SIM card number and the location of the phone.
You can hide the app from the App Drawer.
Check it out... very useful
i use also cerberusapp 4 years now. everything is perfect. when u install as system app u can do everything.
Sent from my ThL W8 using xda premium
Apparently there is also rumors of LoJack already being built into these phones, with the possibility to activate it some time in the near future. Don't remember all the details, but I just read an article about that. Not being patronizing when I say it, but Google Galaxy S4 LoJack and look into it.
Also, I am on Verizon, and am testing out their mobile security app that is preinstalled. It's $1 a month, but they allow you to remotely lock your phone, wipe it, and track it should you lose it. I don't believe it embedded at the hardware level, but it is something that gives me a little piece of mind.
Edit: I went to switch to the Norton Mobile Security app, since I use it for all of my other devices, and discovered that the Verizon Mobile Security App - once activated - cannot be uninstalled, force stopped, you cannot clear the data, and you cannot disable it. In order to do so, I first have to go into my Verizon account online, sign in, and unsubscribe from the service. After realizing that, I have chosen to keep the Verizon security app, because it has that extra layer of security. Are there ways of bypassing that, I'm sure there are. But assuming that my phone is stolen by some low level thief and not some crazy high level criminal circuit, I should have no problem retrieving it.
Samsung Dive down?
I cant seem to have this page load up www.samsungdive.com
Is it down for you too?
Sm007hCriminal said:
I cant seem to have this page load up www.samsungdive.com
Is it down for you too?
Click to expand...
Click to collapse
It's working with me.
Sent from my SGS IV using Tapatalk 2
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
dibblebill said:
If you have TWRP (not sure about Clockworkmod), "Factory Reset" will leave personal files on while clearing settings, custom apps, etc. FORTUNATELY, there is no way to bypass, other than resetting the device, the password for security reasons
Click to expand...
Click to collapse
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Rirere said:
Pretty sure that's not true, strictly speaking. Unless OP is talking about encryption, flashing a new ROM over top will preserve most user data saved on /sdcard (much to my annoyance).
Click to expand...
Click to collapse
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
dibblebill said:
You are correct. I forgot that circumstance. TWRP specifically excludes the data/media area
Sent from my Samsung Galaxy Victory via XDA Developers App
Click to expand...
Click to collapse
I mean, it's useful because if you flub a flash you can use a backup, but these recoveries are not secure and aren't designed to be.
EX_RIVER said:
(sorry about my chinglish )
So here's how:I locked my nexus10 and forgot the password, and I do not see the "Forgotten" button on the screen and also I didn't turn USB debugging mode on, so is there any possibility I can save my data instead of cleaning them up? Thank you (btw, I deleted the original recover files(because I once booted Ubuntu Touch on it) how can I reset it anyway?) Tanks a lot
Click to expand...
Click to collapse
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
bigmatty said:
USB debugging isn't required for ~all~ USB stuff, so you should try it anyways.
Then, as long as you still know your Google password you can install this to your Nexus, via the web (no log on to device actually needed):
http://www.androidlost.com/
I haven't actually tried or used that program, so cant say 100% it will work on N10 - but "in general" it seems like it should!
:good:
Click to expand...
Click to collapse
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Rirere said:
I don't know if AndroidLost can unlock a device, and he doesn't seem to have lost it either. Unless an app had root/device admin access, I can't imagine that it would have the privileges necessary to remove authentication from a device (since that seems to be the pinnacle of bad security). Secure Settings + Tasker can do it, but you need to set that up beforehand.
Click to expand...
Click to collapse
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
bigmatty said:
It says it can:
Lock the phone
You can lock and unlock the phone from the web. If you forget your pincode you can simply overwrite it or remove it from the web
Click to expand...
Click to collapse
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Rirere said:
I don't think this means what you think it means (and I could be wrong). Many security apps like avast! offer a similar "locking" functionality, where the normal lockscreen (whatever security it is) is covered by a second lockscreen, superimposed over all system UI elements to prevent access. This lockscreen is controlled by the app, but it will not affect any underlying security (basically, think of it as a replacement lockscreen for security reasons, not much unlike HoloLocker or Go Launcher's lockscreen).
Click to expand...
Click to collapse
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
bigmatty said:
I don't know man, and like I said I've never tried it. But its a super popular app, and has been featured in write ups. On their main page it states that text, as the fifth "main feature" which seems pretty straight forward to mean "the main lock screen"...
Click to expand...
Click to collapse
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
EDIT: Hmmm.... I see it requires "SMS" to install this on a device via Push - so I guess it NEEDS to be pre-loaded on a N10 if one wishes to use it to retrieve a lost N10, or even use it in this context! Now to decide if I install this or not...
bigmatty said:
Nice on the testing! Too bad about the unlock. Perhaps he can still use it to offload his content though.
Did you try to "push" it to your device w/out installing it direct? I have wondered if I should pre-load this app on my devices, but "they" tout its remote-install-ablity, so I somewhat feel like I would not have to pre-install. (But then again, Im always apprehensive of claims that make things seem super easy.)
Click to expand...
Click to collapse
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Rirere said:
I installed direct. I use Cerberus (and before that, avast! Anti-Theft) to help secure my devices, but these things are all a game of chance. My advice: completely disregard remote-install abilities. If you're going to use this kind of service, it really doesn't make any sense not to install it yourself, where you can change your preferences (such as install to /system or rename the application) to work for you.
The bigger problem is that, obviously, six hundred million things could go wrong. I noticed that AndroidLost noted that they were using Google to push messages, which indicates that they're using C2DM (unlikely, it's deprecated) or GCM push services, which require your phone being connected to a network (itself a big assumption) that will allow Google's ports to send traffic. This excludes no small number of places, particularly corporate networks (and many schools as well). It also looks like one of the wakeup methods if SMS, which is not only noticeable (to a thief), but potentially may be intercepted by other apps on the phone (such as an alternative SMS app).
The idea is that these apps intercept and delete any command SMS before any other app, but in practice this doesn't always happen. So test your setup before something happens!
Click to expand...
Click to collapse
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
bigmatty said:
Thanks for the info, I will look into Cerberus. I am assuming you would recommend that as you are currently using it? Do you think its better than AndroidLost, even though you haven't spent as much time w/ AndroidLost?
Click to expand...
Click to collapse
I like it a lot more, but I will admit I personally liked avast! better. Its uncertain future (plus a nice promotion) led me to jump ship to Cerberus. I'd have to play around with it a bit more to be sure though.
Rirere said:
No good, sorry. You're right on one count-- I just tested it, and it does interact with the stock lockscreen. Unfortunately, as I said earlier, unless the app is granted root/device admin privileges, no Android app can change the stock lockscreen...and since OP can't get into his device, he can't grant it device admin.
Click to expand...
Click to collapse
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
EX_RIVER said:
Yep, you're right I can't get root under this situation, thanks a lot I'm trying to figure out how to save my data mow
Click to expand...
Click to collapse
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Rirere said:
It's not root you need per se, it's device admin. But root isn't an easy option for you either, because unlocking your bootloader will hose your data. I also think most of the locked-bootloader exploits require the device to be on and unlocked. If you're signed into your Google account, you should have a fair degree of stuff backed up already-- what sorts of data are you trying to save?
Click to expand...
Click to collapse
Mostly..........Photos and videos
EX_RIVER said:
Mostly..........Photos and videos
Click to expand...
Click to collapse
...do you have a Google+ account? Slash have you ever opened the app? If so, you might actually be in luck and your data should have been backed up to your Google+ (or PicasaWeb if you prefer).
Hi all
I'm attempting to fix a Nexus 7 2012 for a family member. I know that they never used a PIN previously and have been told that the PIN lock was activated when browsing the web and pressing the volume up button. Naturally I'm absolutely baffled as to how that set a PIN code but that's apparently what happened. Is there any Android malware that could have been downloaded which could cause this?
Either way, I've used a variety of resources to attempt to recover the device WITHOUT resorting to a factory reset (which I would like to avoid if possible), however I've reached an impasse so decided to ask about my specific case directly. At this stage I'd be happy to just find a way to somehow remotely backup the device so that the appdata etc. could be restored following a factory reset.
Here are the routes I've eliminated so far:
As this is a PIN code the option to login after 5 incorrect attempts is not available (that's for pattern locks only, unfortunately).
The Android Device Manager has not been set up with this device for Remote Wipe & Lock so I cannot change the PIN code remotely in this manner. Nor are there any other installed apps which would be of any similar use according to the list of installed apps on the corresponding Google Account.
Screen Lock Bypass Pro is incompatible with the device according to Google so I can't install that remotely from the Google Play store. Plus I don't know of any way to sideload it given the below two points (even if that were safe to do given that it's "incompatible"). This would have been sufficient to disable the lock screen long enough to back up the device using say Titanium Backup before wiping & restoring.
USB Debugging is not enabled which means I cannot do anything via ADB. Nor am I therefore able to backup by any means I've looked at thus far.
The bootloader is locked. To unlock you need to wipe the device, which as I mentioned above I want to avoid. This means I can't use a custom recovery to turn on USB Debugging and use ADB to load Aroma File Manager in order to delete the password database files.
So, I would like to know a way to do any of the following without a factory reset:
Remotely enable USB Debugging.
Remotely install Screen Lock Bypass Pro.
Backup the device.
Any other method to achieve the backup of the device or a PIN code reset that I'm currently ignorant about.
Please let me know if this is just impossible. I realise that the PIN code is there for a reason however I'm being persistent in case I'm overlooking something simple. Thanks in advance!
NB: Apologies but I can't yet include any URLs. Please let me know if you need any of my sources for the above information and I'll see what I can do.
Apart from sending a password request to your Gmail or linked email, unfortunately I don't think you can do anything without wiping. If it's a 4 digit pin code try guessing the basics. 1234, 0000, 4321,etc.
The Nexus 5 advocate (Team Inferno)
TheLastSidekick said:
Apart from sending a password request to your Gmail or linked email, unfortunately I don't think you can do anything without wiping. If it's a 4 digit pin code try guessing the basics. 1234, 0000, 4321,etc.
The Nexus 5 advocate (Team Inferno)
Click to expand...
Click to collapse
I have the Google Account e-mail and password so that isn't an issue. How would the above help to obtain the PIN code or to change it?
If I'm not correct somewhere at the bottom of the screen after entering it incorrect twice or three times, should display an email reset option. Let me try it and get back to you in just a moment.
Edit : was able to get it working for a friend on Android 2.2 but it is no longer working for me on 4.4.2 sorry.
Double edit : It is the pattern lock you can reset from but there used to be a way to do pin reset. I'll update my post if I find anything else. All the best.
The Nexus 5 advocate (Team Inferno)
TheLastSidekick said:
If I'm not correct somewhere at the bottom of the screen after entering it incorrect twice or three times, should display an email reset option. Let me try it and get back to you in just a moment.
The Nexus 5 advocate (Team Inferno)
Click to expand...
Click to collapse
No, as I said in my OP that's only for pattern locks.
I don't think there is any way to do it without wiping the device. Try safe mode though it may temporarily disable the pin. That would allow you to backup the device
Programming is a race between engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
Captain Sweatpants said:
I don't think there is any way to do it without wiping the device. Try safe mode though it may temporarily disable the pin. That would allow you to backup the device
Programming is a race between engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
Click to expand...
Click to collapse
Just tried Safe Mode but no luck. It really must be the OS that's responsible and not an app.
Thanks anyway!! I'll just have to wipe it.
Sorry if this is a completely nonsensical and stupid question but I wanted to make sure on how encryption with Android 6 works. Because I thought I had read somewhere that encryption is only done on certain parts but not others such as System partition. Of course, I could be completely wrong about what I thought I read.
And yes... I'm not completely crazy and I know it's called "Full Disk Encryption" for a reason. I think I'm just paranoid. Even the Android page description uses the terms "all user created data... " is encrypted. So, part of me was wondering why they emphasize the "user created" part.
Also, wondering how much effect, if any, an unlocked bootloader and rooting has
I just want to make sure that, for example, if I put my keepass database on my phone, that I don't have to worry. Thanks!
mattkroeder said:
Sorry if this is a completely nonsensical and stupid question but I wanted to make sure on how encryption with Android 6 works. Because I thought I had read somewhere that encryption is only done on certain parts but not others such as System partition. Of course, I could be completely wrong about what I thought I read.
And yes... I'm not completely crazy and I know it's called "Full Disk Encryption" for a reason. I think I'm just paranoid. Even the Android page description uses the terms "all user created data... " is encrypted. So, part of me was wondering why they emphasize the "user created" part.
Also, wondering how much effect, if any, an unlocked bootloader and rooting has
I just want to make sure that, for example, if I put my keepass database on my phone, that I don't have to worry. Thanks!
Click to expand...
Click to collapse
Well, that's a pretty good question.
My assumption is that it is just the user data that is indeed encrypted, and not anything in the system partition.
Why would the system partition need encryption? It is supposed to be left alone, and only accessible by certain apps that Google grants such access.
As to your KeePass database, it seems that it is always encrypted, irrespective of whether your device is encrypted.
That stated, you'd probably be better off leaving encryption enabled rather than decrypting your device, especially if you're the least bit concerned about it.
Rooting your device and data encryption are discrete issues, and therefore seem to be separate security concerns; ie, rooting and unlocking your bootloader opens your system partition to meddling, hopefully by you and no one else, while encryption keeps all of your data on your device encrypted unless someone has your password, pin or pattern unlock.
Ultimately all of this is about choice.
Sent from My Nexus 6P, #WhiteUIsMustDie, #EndDarkAppOppression
Thank you for taking the time to answer my question. I thought it may have been a dumb question because considering it is called 'Full Disk Encryption", I thought maybe it should have been obvious.
True, KeePass is already encrypted but it's nice to know the storage medium it is on is encrypted as well.
I'm definitely leaving encryption enabled. Thanks again.
The fire tablet are one of the few devices that aren't encrypted by default. What are the theoretical and practical risks of physical attacks on these devices? Encryption seems to have noticeable performance hit when enabled on these devices, and want to understand the tradeoffs.
Welcome to XDA.
I would not encrypt it but bare that in mind by how you use it. Keep it physically secured at all times as well.
blackhawk said:
Welcome to XDA.
I would not encrypt it but bare that in mind by how you use it. Keep it physically secured at all times as well.
Click to expand...
Click to collapse
I ended up encrypting and found the speed serviceable - about as fast as the previous generation unencrypted. However, it might be more susceptible to brute force hacking, especially with just a pin, because when encrypted there is no penalty for failed password entry, whereas there is a 30-second penalty when unencrypted using a wrong password after 5 times. Assuming the most precious thing one has on the tablet is logged into their main email account in an app or browser, I feel like I'm choosing between two scenarios, assuming exploits and social engineering would have the same effect regardless of encryption:
If I encrypt, brute-force hacking becomes easier, since there isn't a penalty to repeated failure when in that mode. Once in, they could simply use my browser session token or email app to cause havoc.
If unencrypted, they could in theory read the data off the tablet, but they would have open the device and have hardware to read the data, know how to remove the session or app data, and put it into a virtual environment where they could cause havoc.
Is that a fair assessment of the situation, and if so, I assume the unencrypted scenarios is more difficult to break, at least for email access. Thoughts?
ZombieParade said:
Thoughts?
Click to expand...
Click to collapse
Yes, Android 5.1 isn't secure. That's it.
with PIN: A brute force attack will get the correct PIN (without penalty) within a few minutes.
w/o PIN: It depends on speed of the USB port how long it takes to create a raw image of /data.
ZombieParade said:
I ended up encrypting and found the speed serviceable
Click to expand...
Click to collapse
It's a full disk encryption. After entering the correct display pattern /data will be mounted decrypted.
ZombieParade said:
I ended up encrypting and found the speed serviceable - about as fast as the previous generation unencrypted. However, it might be more susceptible to brute force hacking, especially with just a pin, because when encrypted there is no penalty for failed password entry, whereas there is a 30-second penalty when unencrypted using a wrong password after 5 times. Assuming the most precious thing one has on the tablet is logged into their main email account in an app or browser, I feel like I'm choosing between two scenarios, assuming exploits and social engineering would have the same effect regardless of encryption:
If I encrypt, brute-force hacking becomes easier, since there isn't a penalty to repeated failure when in that mode. Once in, they could simply use my browser session token or email app to cause havoc.
If unencrypted, they could in theory read the data off the tablet, but they would have open the device and have hardware to read the data, know how to remove the session or app data, and put it into a virtual environment where they could cause havoc.
Is that a fair assessment of the situation, and if so, I assume the unencrypted scenarios is more difficult to break, at least for email access. Thoughts?
Click to expand...
Click to collapse
Secure the device with ways where you don't bone yourself. You are the most likely to be locked out of the device, not "them" by setting a lock on the device or data. Never, ever encrypt backup data drives!!!
Use the SD card as the data drive; all critical data goes here. Only the apps, DCIM and Download folder go on internal. Do not encrypt SD cards!!!
If you have expandable storage, use it! Get a V30 rated card like Sandisk Extreme. If the phone is dropped/damaged or the OS crashes/burns, the data drive will likely survive. Then regularly backup the card to at least 2 hdds that are physically and electronically isolated from each other and the PC.
Use Android 9 or higher.
Use a good firewall; block any apps that shouldn't need internet service. Examine logs for possible trouble.
Use NextDNS.
Use a good browser like Brave; back out of bad sites, close window, browser, wipe browser cache even data if needed.
Be careful what you install and download. Keep email in the cloud. All downloads go into the Download folder and are open there first before transferring. Scan with Virustotal if appropriate.
Check the Download folder daily for anything you didn't authority; no auto downloads.
Keep trashware off the phone. No social media or sales apps and interactive gaming sites. Interface them by browser login only.
Scan all side loads with Virustotal first and if there's any doubt, don't load it.
Do not allow apps the update if they are running well unless there's a really good reason.
Do not allow Playstore apps to update.
Same goes for the firmware as far as I'm concerned.
Scan with Malwarebytes occasionally. Track down, ID and fix any odd behavior ASAP, never ignore it. If any obvious malware is found do a factory reset if you can't eliminate it completely within a few hours. Zero tolerance. Reset passwords and secure bank accounts etc as required after a factory reset.
This N10+ is still running on Pie, no screen password tap on/off. Last firmware update was 11/2019.
Current load will be 3yo this June. Still fast and stable, no malware in all that time. This device is heavily used and goes all over the internet. Little maintenance or troubleshooting, and very reliable.
This is more or less my plan, it works for me... I use whatever comes in handy.
WoKoschekk said:
Yes, Android 5.1 isn't secure. That's it.
with PIN: A brute force attack will get the correct PIN (without penalty) within a few minutes.
w/o PIN: It depends on speed of the USB port how long it takes to create a raw image of /data.
Click to expand...
Click to collapse
Fire OS is now Android 11. In order to read from the USB port a locked device, they'd have to have an unpatched exploit, correct?
ZombieParade said:
Fire OS is now Android 11. In order to read from the USB port a locked device, they'd have to have an unpatched exploit, correct?
Click to expand...
Click to collapse
Android 11 without forced encryption? It's mandatory for devices shipped with Android 6+.
If /data is unencrypted then you're able to dump the partition by using the EDL mode. It creates an raw ext4 image that can be mounted on every Linux environment.
EDL mode = emergency download mode:
When booting a device the primary bootloader (hardcoded on SoC by CPU manufacturer) verifies the extensible bootloader (part of firmware) to load kernel, ramdisk and so on. If verification should fail, the primary bootloader starts the EDL mode. In this state you can use special tools to flash a new bootloader and you also have access to all partitions.
You can manually start EDL mode by a special key combo or with adb reboot edl or by using test points (contacts on your mainboard).
ZombieParade said:
Fire OS is now Android 11. In order to read from the USB port a locked device, they'd have to have an unpatched exploit, correct?
Click to expand...
Click to collapse
Maybe. Never give someone unfettered physical access to your tab, smartphone, PC, etc unless you trust explicitly.
Depends. if you'd use it like me just for reading ebooks and component datasheets it doesn't really matter if it's encrypted or not. If it's something sensitive i would encrypt it and replace operating system with something more secure than FireOS (i.e LineageOS).