I am selling a Nexus 7 (2012) which will no longer boot. Since it won't boot I can't do a factory reset to erase my account details. I've changed my Gmail password, but I've noticed that despite this my other Android devices (e.g. my phone) can still read my old Gmail emails, even though I haven't entered my new Google password on those devices. More worryingly, they can also access my Chrome bookmarks and cookies, so can access some secure sites using the login credentials stored in my Google/Chrome account.
Since it's not inconceivable that the buyer of the device could repair it, is there anything I can do to prevent them accessing my personal data?
Get a copy of the Nexus Root Kit and under the advanced options see if you and remotely boot twrp. If you can you will likely be able to format the data. (If you can, the device is likely fixable.)
If you can't, some could in theory remove the chips from the motherboard to read the data. Unlikely, but it can be done. I would break the motherboard and trash in this case if I was worried about the data. You could still ebay the rest of the unit for $10 or so...
Sent from my LGLS991 using Tapatalk
psiphi said:
Get a copy of the Nexus Root Kit and under the advanced options see if you and remotely boot twrp. If you can you will likely be able to format the data. (If you can, the device is likely fixable.)
Click to expand...
Click to collapse
Presumably this isn't an option for me as the device doesn't power on at all?
itm said:
Presumably this isn't an option for me as the device doesn't power on at all?
Click to expand...
Click to collapse
Unless it is the screen that is broken, or the battery, or the power button... But the easy answer is destroy the motherboard...
Sent from my LGLS991 using Tapatalk
Related
Sure, you can protect some of your personal data with a password or pattern lock but if you have recovery, its too easy for someone to get into recovery to either do damage or just wipe your user data to get past your security.
There's no telling what information someone can gather about you from the untouched sdcard after a factory reset.
It has to be possible, right? If implementing a keyboard is too much then at the very least a numbered PIN.
Sent from my Kindle Fire using xda premium
soupmagnet said:
Sure, you can protect some of your personal data with a password or pattern lock but if you have recovery, its too easy for someone to get into recovery to either do damage or just wipe your user data to get past your security.
There's no telling what information someone can gather about you from the untouched sdcard after a factory reset.
It has to be possible, right? If implementing a keyboard is too much then at the very least a numbered PIN.
Sent from my Kindle Fire using xda premium
Click to expand...
Click to collapse
That would barely scratch the surface if you wanted to secure the Kindle Fire. To give one example, you'd have to lock down the bootloader so the perp couldn't flash a new recovery... or come to think of it, the x-loader would have to be secured so you couldn't load a new bootloader. Then you'd really have to encrypt all the data and put in some tripwires to detect potential software tampering on top of everything else. I'm sure there are another handful of other holes I haven't mentioned.
To put it another way, it's going to be huge task to lock down the device if physical security is compromised. Then it would just make the Kindle Fire such a pain in the butt to use, you'd resent having put in all that security in the first place.
True, but I'm talking about protecting yourself from the average thief or family member from accessing your data or completely erasing it.
No system is completely safe from someone who knows how to get around its security. Look how easy it is for someone to crack the Administrator password on a Mac or pc. But that doesn't mean it shouldn't be there.
A first line of defense is better than nothing at all.
Earlier I read a thread here where someone's nephew managed to get into recovery and screw his device up. A simple PIN could have prevented that.
Sent from my Kindle Fire using xda premium
Partition-level encryption is the only security that isn't just for show against a person with physical access. Even then, if they encounter the tablet when it's on, you have to seriously lock down the interface and let it have a very low threshold for shutting down.
From there, PINs and pattern lock are useless against someone who can copy the partitions off the device (i.e. anyone who can boot into recovery). At best, they provide under 20 bits of security, and even with 10,000 rounds of pbkdf2 (or similar), that's trivial to crack.
You cannot protect the device against destruction if someone has physical access. Dropping the tablet a few feet onto a hard surface will do the trick. The data can be wiped using JTAG regardless of any software protections you may have. While most criminals are incompetent, you cannot rely on that. Some people make a living stealing and wiping phones. It also does nothing to deter theft.
Now, "good enough" security against your family depends on how technically literate your family is. If your last name is "Schneier", all bets are off. If you're protecting against your 90 year old grandmother who has trouble figuring out light switches, then buy a case so she can safely use the kindle as a coaster or chopboard. For those in-between, set a screen lock, wipe recovery and just use a factory cable instead. See above if you are worried about thieves.
This would be nice, my moms gotten into twrp and wiped the system once before.
Sent from my Kindle Fire using Tapatalk 2 Beta-5
Hello all,
This is a strange request but desperate times call for desperate measures. My father recently got himself a new Samsung Galaxy S5 here in Australia, unfortunately a tragic motorcycle accident on the 1st of this month led to my father no longer being with us. This was heartbreaking for my family and I, I now have in my possession his phone, It is still operational from what I can gather, it still rings, still vibrates when hooking up to my laptop and it detects it. The screen is completely smashed and doesn't work and the phone is locked. I want to be able to access the phone to recover any photos etc he has on the phone itself, I am unaware of what type of screenlock is on it.
So far I tried Samsung Kies but due to the phone being locked I can't use that,. Nothing shows up on the phone in windows explorer. I've downloaded [email protected] and android studio and have tried to get that to show up so I can see whats on the screen and attempt to use android control to unlock the phone but so far I've had no such luck. I need usb debugging enabled but I'm going to have to assume its disabled and thus proving my attempts so far to be fruitless.
If anyone can give me any ideas or things to try I'm all ears, I'm ok with computers so should be able to figure out most things but this is my first exposure to these types of applications.
Kind regards,
Eric.
trekster83 said:
Hello all,
This is a strange request but desperate times call for desperate measures. My father recently got himself a new Samsung Galaxy S5 here in Australia, unfortunately a tragic motorcycle accident on the 1st of this month led to my father no longer being with us. This was heartbreaking for my family and I, I now have in my possession his phone, It is still operational from what I can gather, it still rings, still vibrates when hooking up to my laptop and it detects it. The screen is completely smashed and doesn't work and the phone is locked. I want to be able to access the phone to recover any photos etc he has on the phone itself, I am unaware of what type of screenlock is on it.
So far I tried Samsung Kies but due to the phone being locked I can't use that,. Nothing shows up on the phone in windows explorer. I've downloaded [email protected] and android studio and have tried to get that to show up so I can see whats on the screen and attempt to use android control to unlock the phone but so far I've had no such luck. I need usb debugging enabled but I'm going to have to assume its disabled and thus proving my attempts so far to be fruitless.
If anyone can give me any ideas or things to try I'm all ears, I'm ok with computers so should be able to figure out most things but this is my first exposure to these types of applications.
Kind regards,
Eric.
Click to expand...
Click to collapse
First of all, I'm really sorry for your loss..
If he had a microSD card in his phone, it's likely that his pictures (and other documents) are on the card.
If that's the case, unless he encrypted the content, you should be able to just remove the microSD card and read it on your computer with a card reader.
Eric, do you have a MHL adaptor & HDMI tv?
You can view the screen on this via tv.
If I understand well he is able to see the screen but cannot pass the security lock. If that's the case try to connect the phone to your PC and copy all the internal SD card, I think you will be able to access the content. Also not sure if a factory reset will deactivate the screen lock but you can try it in an ultimate attempt.
Sent from my SM-G900F using XDA Free mobile app
mikka06 said:
If I understand well he is able to see the screen but cannot pass the security lock. If that's the case try to connect the phone to your PC and copy all the internal SD card, I think you will be able to access the content. Also not sure if a factory reset will deactivate the screen lock but you can try it in an ultimate attempt.
Sent from my SM-G900F using XDA Free mobile app
Click to expand...
Click to collapse
It depends on the type of security lock.
If it's swipe, then he can see the content by connecting the phone to the PC, but not if it's a password, fingerprint, pin, ...
He would have to unlock the screen before the files are available.
Sorry to hear of your loss, especially at this time of year.
The idea of copying the SD card is the first step. If I read you're message right you can't see the screen at all?? I would take the device to a repair shop and get the screen replaced - tell them very clearly NOT to wipe / reset the device. Then you should be able to see the screen and might be able to figure out the screen lock. If the fingerprint reader was used there will always be an alternative password, you might be able to reset this to the gmail account used on the phone (assuming you have access to this?).
Hope you get it sorted.
Mithrandir007 said:
First of all, I'm really sorry for your loss..
If he had a microSD card in his phone, it's likely that his pictures (and other documents) are on the card.
If that's the case, unless he encrypted the content, you should be able to just remove the microSD card and read it on your computer with a card reader.
Click to expand...
Click to collapse
I copied all of the sd card and as it was copying it died, so I have most of the data off that.
DeanonZL said:
Eric, do you have a MHL adaptor & HDMI tv?
You can view the screen on this via tv.
Click to expand...
Click to collapse
No I don't have the adaptor but I do have a HDMI tv, so I will investigate this, thank you.
mikka06 said:
If I understand well he is able to see the screen but cannot pass the security lock. If that's the case try to connect the phone to your PC and copy all the internal SD card, I think you will be able to access the content. Also not sure if a factory reset will deactivate the screen lock but you can try it in an ultimate attempt.
Sent from my SM-G900F using XDA Free mobile app
Click to expand...
Click to collapse
Cannot see the screen, and when I connect it to pc to check if there is anything on the phone itself, It won't let me as the phone is keypad/swipe/fingerprint locked.
Mithrandir007 said:
It depends on the type of security lock.
If it's swipe, then he can see the content by connecting the phone to the PC, but not if it's a password, fingerprint, pin, ...
He would have to unlock the screen before the files are available.
Click to expand...
Click to collapse
This is what I am trying to find out what lock is on the phone.
MadMic said:
Sorry to hear of your loss, especially at this time of year.
The idea of copying the SD card is the first step. If I read you're message right you can't see the screen at all?? I would take the device to a repair shop and get the screen replaced - tell them very clearly NOT to wipe / reset the device. Then you should be able to see the screen and might be able to figure out the screen lock. If the fingerprint reader was used there will always be an alternative password, you might be able to reset this to the gmail account used on the phone (assuming you have access to this?).
Hope you get it sorted.
Click to expand...
Click to collapse
I took it to a repair shop, its a catch 22 situation, They want $150 to pull the data off the phone, and if there is no data of use then thats a waste of money, They wants $240 to replace the screen, the phone has a very slight bend in it so if I replace the screen the phone still may not be able to be used properly so again would be a waste of money.
This is the main reason why I am trying to at least view the screen to ascertain what lock is used, I do have his gmail credentials so I can reset from there, from what I understand resetting the phone also loses any data (messages, pictures, etc) that is on the actual phone.
Last but not least thank you to everyone so far for your replies, I really appreciate you all taking the time to reply and try to help!
Regards,
Eric.
trekster83 said:
I copied all of the sd card and as it was copying it died, so I have most of the data off that.
No I don't have the adaptor but I do have a HDMI tv, so I will investigate this, thank you.
Cannot see the screen, and when I connect it to pc to check if there is anything on the phone itself, It won't let me as the phone is keypad/swipe/fingerprint locked.
This is what I am trying to find out what lock is on the phone.
I took it to a repair shop, its a catch 22 situation, They want $150 to pull the data off the phone, and if there is no data of use then thats a waste of money, They wants $240 to replace the screen, the phone has a very slight bend in it so if I replace the screen the phone still may not be able to be used properly so again would be a waste of money.
This is the main reason why I am trying to at least view the screen to ascertain what lock is used, I do have his gmail credentials so I can reset from there, from what I understand resetting the phone also loses any data (messages, pictures, etc) that is on the actual phone.
Last but not least thank you to everyone so far for your replies, I really appreciate you all taking the time to reply and try to help!
Regards,
Eric.
Click to expand...
Click to collapse
No worries.
Do you know if he was using Cerberus or Theftspy or another anti theft tool?
If he did and you can find out his credentials, you should also be able to unlock the phone with a command (at least Cerberus does that) or even transfer all the data to a cloud (dropbox, google drive,...).
Could he not physically open the phone and get to the actual sd card that the phone comes with that the OS and all that is on? Or is that locked down?
Sent from my SM-G900A using Tapatalk
I had a idea for the lock screen but it will not help with seeing which you would have to deal with first. Any chance he left Gmail loged on any computer you have access to. You could try installing a app to bypass the lock screen.
I have never tried this one it was just the first I found that fit my theory of a workaround, although you could look around for a free one that may be better then you wouldn't have to worry about passwords to do the purchase.
https://play.google.com/store/apps/details?id=net.thomascannon.screenlockbypass.pro
shadowofdarkness said:
I had a idea for the lock screen but it will not help with seeing which you would have to deal with first. Any chance he left Gmail loged on any computer you have access to. You could try installing a app to bypass the lock screen.
I have never tried this one it was just the first I found that fit my theory of a workaround, although you could look around for a free one that may be better then you wouldn't have to worry about passwords to do the purchase.
https://play.google.com/store/apps/details?id=net.thomascannon.screenlockbypass.pro
Click to expand...
Click to collapse
If you know his samsung account information, you can login to their web service and remove the lockscreen passcode. From there, you should be able to USB the files off of it.
Hey guys/gals,
Dropped my phone yesterday and now the screen is completely gone. I was able to back everything up. I had planned on wiping it this morning, but apparently it had some mad LCD bleed and I can't see anything any more.
I had Vysor running yesterday (control your phone from Chrome browser), but now it seems to not be working (I didn't change any settings). I had USB debugging enabled...at least I thought.
I suppose I could just put it into Download Mode/Recovery, I come from 4 years of Samsung devices, so I was using Odin before.
Any chance someone could throw up some screen shots for any screens I'd have to interact with...driving blind.
Thanks
P.S. I did do an "erase" from Android Device Manager. It does say that I would see the Android Welcome Screen next time I turn the device on...haha, except I won't either way
I suppose I'll know if it is erased if the fingerprint reader stops giving me haptic feedback and turning on the device (can see a slight image on the bottom right).
Just boot into download mode, then use ADB to flash the factory image. It will tell you if it works or not.
Thanks Geoff, got that done.
MeetFace said:
Thanks Geoff, got that done.
Click to expand...
Click to collapse
what are u doing to get ur screen fixed?
My work will fix the screen for $170
Have the replacement plan, $80 for a brand new phone. Typing from it
Sent from my Nexus 6P using Tapatalk
Hey sorry for the necro but cant seem to get any help on this. If you cant see ANYTHING on the screen, how do you know what mode you are in after you boot to recovery? It seems the default options are always different so how do you ensure you are at the right option to use ADB or anything else? I need to make 100% sure the phone is wiped before I sell it.
Dathaeus said:
Hey sorry for the necro but cant seem to get any help on this. If you cant see ANYTHING on the screen, how do you know what mode you are in after you boot to recovery? It seems the default options are always different so how do you ensure you are at the right option to use ADB or anything else? I need to make 100% sure the phone is wiped before I sell it.
Click to expand...
Click to collapse
just use android device manager and wipe it but you will probably need to tell buyer your account and password after they fix it to get in it then change your password again https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwiwzPL1-tjXAhVDPN8KHab3CCAQFggoMAA&url=https%3A%2F%2Fwww.google.com%2Fandroid%2Ffind&usg=AOvVaw18MrvVnXQpTGzGjml46v_F
billycar11 said:
just use android device manager and wipe it but you will probably need to tell buyer your account and password after they fix it to get in it then change your password again https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwiwzPL1-tjXAhVDPN8KHab3CCAQFggoMAA&url=https%3A%2F%2Fwww.google.com%2Fandroid%2Ffind&usg=AOvVaw18MrvVnXQpTGzGjml46v_F
Click to expand...
Click to collapse
I been trying ADM and it is not detecting my phone... I am pretty sure I am logged into my phone but again its hard to be 100% sure. Doesnt your phone have to be on and logged in for this to work? Or does your old sim card have to be in for it to work? I already put my sim card into the new phone, but dont wanna screw up my account or "new" phone by messing around with the sim. I've read somewhere else that it worked without it.
Dathaeus said:
I been trying ADM and it is not detecting my phone... I am pretty sure I am logged into my phone but again its hard to be 100% sure. Doesnt your phone have to be on and logged in for this to work? Or does your old sim card have to be in for it to work? I already put my sim card into the new phone, but dont wanna screw up my account or "new" phone by messing around with the sim. I've read somewhere else that it worked without it.
Click to expand...
Click to collapse
No the phone does not need to be on just still connected to your account and the next time it turns on it will wipe it self and ask for the Google account to unlock it it will be in factory
Reset protect mode
If it's not showing up under your account its not on that account unused phone stay there for like 6 months to a year before disappearing
billycar11 said:
No the phone does not need to be on just still connected to your account and the next time it turns on it will wipe it self and ask for the Google account to unlock it it will be in factory
Reset protect mode
If it's not showing up under your account its not on that account unused phone stay there for like 6 months to a year before disappearing
Click to expand...
Click to collapse
Ok I think we are missing some info here....
I already got a new 6P and put my SIM card in that
In the Google options to wipe it shows the phone in 2 different names, I think one is my very old Samsung S4, but the 6P
When I clock on the old 6P, it tries to find it but results "Can't Reach Device"
When I click on ERASE it results in:
"ERASE Your device has been erased If your device is offline, erasing will begin when it next comes online. You'll need to sign in to your Google Account to use the device again."
Now that sounds great, but since I cannot see anything, how do I know whats going on as far as if it did it, will it be safe for me to sell this phone now, etc, etc.... I cannot login to a phone I cant see or check out whats going on on it.
I hope this makes sense... maybe I am sounding paranoid but I am sure you know how it is if you have any valuable or personal data in your phone and are selling it.
Thanks so much.
Dathaeus said:
Ok I think we are missing some info here....
I already got a new 6P and put my SIM card in that
In the Google options to wipe it shows the phone in 2 different names, I think one is my very old Samsung S4, but the 6P
When I clock on the old 6P, it tries to find it but results "Can't Reach Device"
When I click on ERASE it results in:
"ERASE Your device has been erased If your device is offline, erasing will begin when it next comes online. You'll need to sign in to your Google Account to use the device again."
Now that sounds great, but since I cannot see anything, how do I know whats going on as far as if it did it, will it be safe for me to sell this phone now, etc, etc.... I cannot login to a phone I cant see or check out whats going on on it.
I hope this makes sense... maybe I am sounding paranoid but I am sure you know how it is if you have any valuable or personal data in your phone and are selling it.
Thanks so much.
Click to expand...
Click to collapse
It is as Google says next time it connects to the internet it will wipe it self
Honestly I want to understand how to protect phone from someone who get my phone to factory reset and setup with his own account. What is best way to setup and protect phone from this happening?
I know if you want to reset you have to receive email from samsung one time verification, which is linked to my google account. So for that moment if you want to reset go to email verify and it will reset. This is so stupid. Maybe I'm doing wrong with this? I'm using email on phone so how to protect this?
Sent from my SM-G975F using Tapatalk
Nettwerk said:
Honestly I want to understand how to protect phone from someone who get my phone to factory reset and setup with his own account. What is best way to setup and protect phone from this happening?
I know if you want to reset you have to receive email from samsung one time verification, which is linked to my google account. So for that moment if you want to reset go to email verify and it will reset. This is so stupid. Maybe I'm doing wrong with this? I'm using email on phone so how to protect this?
Sent from my SM-G975F using Tapatalk
Click to expand...
Click to collapse
so, if your phone has a lock screen on it and someone ends up with it and is wanting to use it for themselves or sell it or whatever, so they want to factory reset it, the phone has a FRP (factory reset protection) built in to it. There are ways around it to get the phone to boot which i wont get into, but i will say that it requires wiping all user data from the phone first, so the most valuable asset about the phone, your data, is secure as bone stock
But how to protect phone from FRP in wrong hands?
Sent from my SM-G975F using Tapatalk
Nettwerk said:
But how to protect phone from FRP in wrong hands?
Sent from my SM-G975F using Tapatalk
Click to expand...
Click to collapse
YOU CAN NOT!!!!!
I know it's scary, but even the infamous APPLE security can be bypassed!!
If a person with the time or skills gets a phone, they can reset, unlock and use the phone, or sell it....
And if the data you have is not encrypted they can have access to all that before the reset if they want.
It's like asking, How do you stop a professional car thief..... The manufactures will keep trying but the crooks will keep learning....
Hell, even reporting it STOLEN does nothing. A lot of people have the information needed to change the numbers it uses to register on networks...
I have forgot the pattern of my Samsung Galaxy J3 (2016) but I wanna get some data off of it. The charging port is broken and I'm powering it from a 4.5V power supply from the battery pins. It isn't rooted or bootloader unlocked but I can access the bootloader. I don't have a samsung find my device account and any way to connect it to wifi (i replaced my router a few years ago). How can I unlock it without wiping it?
You could automate the swiping, except...
After about three failures it makes you wait a day.
It might even escalate from there.
Renate said:
You could automate the swiping, except...
After about three failures it makes you wait a day.
It might even escalate from there.
Click to expand...
Click to collapse
So is there any other way or I can't do anything about it?
There may be some exploit. But the point is, they try to make these things secure and then you complain when they are.
martin0300 said:
So is there any other way or I can't do anything about it?
Click to expand...
Click to collapse
you don't understand the problem. your pattern is mandatory to decrypt your data. without the pattern your data keeps encrypted. even if you would manage to bypass the pattern you weren't able to get access to your data.