I'm loving to try out the CM7 builds and other custom ROM, but at the same time I'm concerned with all the security risks of an unlocked bootloader and cwm recovery.
I wanted to know if there's a way to trigger a factory reset to remotely wipe the phone using the clockwork recovery. Anyone know of anything done like this?
I know there are apps out there that trigger a remote wipe by going into the stock recovery but, when that happens on CM7 for instance, the phone just goes on that Exclamation Mark screen since the stock recovery was overwritten.
Since CM7 can actually reboot to cwm recovery, would there be a way to issue a command to reboot to recovery AND perform a factory reset (or one that would bring back the stock recovery and then do the wipe).
Am I talking nonsense here? I just wanted to minimize risks with a phone theft for example, by wiping everything (I can wipe the SD card already, but am now concerned with the system itself).
Thanks!
You're just being too paranoid. Unlocking your bootloader won't affect anything.
Besides.. the chances are, if a person stoel your phone. I seriously doubt that they have any knowledge of recovery and all these other things that most users on XDA know.
If they do know, then the chances of them stealing your phone are low. I mean really, what individual with knowledge of flashing different ROMs and all these other things would have the audacity of stealing your phone? Only chance is if you lost your phone (not insulting anyone but I don't think people would have the courage to steal a phone from you if they are so knowledgeable in flashing)
And you can always go to http://market.android.com and download "Plan B" onto your phone.
https://market.android.com/details?id=com.lookout.labs.planb&feature=search_result
After you install it, Plan B will start locating your phone using cell towers and GPS, even if you didn't have GPS switched on. Your location will keep updating for 10 minutes, and you will get an email each time it is located, whether the phone is moving or standing still. You can start the process again by texting “locate” to your number from any other phone. In order to locate your phone, we send you a text via SMS, so standard message rates apply.
Click to expand...
Click to collapse
Yeah, it is somewhat paranoid but I think you can never be too safe with your information nowadays
Having an unlocked bootloader allows anyone to access your phone's data completely and while that's great for flashing ROMs, it's not a secure method.
I understand that most people don't really have the expertise going on at these forums, but I just wondered if someone had developed a security app of that sort, I would certainly buy it!
Plan B is an interesting app, but just allows you to try to locate your phone, not wipe it.
fabio008 said:
Yeah, it is somewhat paranoid but I think you can never be too safe with your information nowadays
Having an unlocked bootloader allows anyone to access your phone's data completely and while that's great for flashing ROMs, it's not a secure method.
I understand that most people don't really have the expertise going on at these forums, but I just wondered if someone had developed a security app of that sort, I would certainly buy it!
Plan B is an interesting app, but just allows you to try to locate your phone, not wipe it.
Click to expand...
Click to collapse
? I don't get the point that you're making of "unlocked bootloader" vs. "locked bootloader." It's the same thing, it just allows more freedom. Phones that aren't Nexus run on a locked bootloader and such. They're able to flash ROMs and do all that.
And Plan B is a last resort app, its not supposed to be used a security app. Thats what their primary app, Lookout is for.
Stop being paranoid, if somebody steals your phone. The chances of them knowing about recovery and doing all of that are VERY LOW.
If its something that bothers you just put a security lock on your phone and Lookout or any other related app. Report it to the police and they'll help you retrieve it.. unless thats something Brazil doesn't offer.
fabio008 said:
Yeah, it is somewhat paranoid but I think you can never be too safe with your information nowadays
Having an unlocked bootloader allows anyone to access your phone's data completely and while that's great for flashing ROMs, it's not a secure method.
I understand that most people don't really have the expertise going on at these forums, but I just wondered if someone had developed a security app of that sort, I would certainly buy it!
Plan B is an interesting app, but just allows you to try to locate your phone, not wipe it.
Click to expand...
Click to collapse
You can use Autowipe app and use a pin code to lock ur screen. Autowipe has options to wipe ur phone after 'n' number of unsuccessful attempts to unlock ur screen. You can also set options in the app, to wipe ur device when sim card is changed.
Sent from my Nexus S using XDA App
zephiK said:
? I don't get the point that you're making of "unlocked bootloader" vs. "locked bootloader." It's the same thing, it just allows more freedom. Phones that aren't Nexus run on a locked bootloader and such. They're able to flash ROMs and do all that.
And Plan B is a last resort app, its not supposed to be used a security app. Thats what their primary app, Lookout is for.
Stop being paranoid, if somebody steals your phone. The chances of them knowing about recovery and doing all of that are VERY LOW.
If its something that bothers you just put a security lock on your phone and Lookout or any other related app. Report it to the police and they'll help you retrieve it.. unless thats something Brazil doesn't offer.
Click to expand...
Click to collapse
I understand the chances of knowing about recovery are indeed very low, still, locked and unlocked bootloader have a significant difference when talking about access to your phone's data. With 2.3.3 now, there is no way to flash cwm if you have a locked bootloader (unless you completely erase your phone), while having it unlocked allows you to access everything from the modded recovery (considering you have the expertise).
It is a long stretch but I just thought it was worth discussing additional security possibilities when you're not completely "stock".
kirdroid said:
You can use Autowipe app and use a pin code to lock ur screen. Autowipe has options to wipe ur phone after 'n' number of unsuccessful attempts to unlock ur screen. You can also set options in the app, to wipe ur device when sim card is changed.
Click to expand...
Click to collapse
Yeah, I actually have a pin code and WaveSecure installed, so for the most part I think it works OK. But their wipe function is not that great, it leaves a lot of stuff behind.
Related
Does anyone know if it would be possible to bake in security like Wave Secure type of thing in to custom ROMs? I've always thought Wave Secure is a bit pointless if a simple factory reset would clear it and therefore leave the phone ready for the thief or new owner to use as they see fit.
Another layer, not perfect, but still another layer that a thief or finder may not be immediately aware of would be to bake in some security features like tracing or locking in to a custom ROM so even a factory reset wouldn't remove it, possibly something in to the boot loader itself?
Has anyone thought of this?
DroidBois said:
Does anyone know if it would be possible to bake in security like Wave Secure type of thing in to custom ROMs? I've always thought Wave Secure is a bit pointless if a simple factory reset would clear it and therefore leave the phone ready for the thief or new owner to use as they see fit.
Another layer, not perfect, but still another layer that a thief or finder may not be immediately aware of would be to bake in some security features like tracing or locking in to a custom ROM so even a factory reset wouldn't remove it, possibly something in to the boot loader itself?
Has anyone thought of this?
Click to expand...
Click to collapse
People do and have bundled things into roms - often dropping them into /system/app directory, though I don't think anyones gone as deep as into the bootloader?
Though, if your phone is rooted, and your installed the app to /system/app, then a thief could in theory just flash your phone faster than if your phone WASNT rooted. They don't even need to root your phone at that point.
An interest aspect of hardening this, might be to compile your on recovery/bootloader that would require a password to get into.
I think what he's saying is to add the wave secure or similar app into the ROM so that if the thief does a quick "reset to factory settings" after lifting the phone, the security app would survive, perhaps long enough to recover it.
Most thieves would just wipe the phone (if that) to flip it and might not take the time to flash a new ROM.
The tough pay as I see it would be everyone would need their own custom ROM.
Sent from my SPH-D700 using XDA App
Xerloq said:
I think what he's saying is to add the wave secure or similar app into the ROM so that if the thief does a quick "reset to factory settings" after lifting the phone, the security app would survive, perhaps long enough to recover it.
Most thieves would just wipe the phone (if that) to flip it and might not take the time to flash a new ROM.
Click to expand...
Click to collapse
Yep, that's it. I'm assuming most thieves would not recognise a custom ROM or know what to do with it. At least buy some time to try and locate and recover the phone. Only time I'd want a front facing camera.
So what happens if they replace the SIM though? Sending SMS's is nice, but only if your number is still working with that phone. A hard baked security system would send an SMS when the SIM was changed at least.
You shouldn't make a ROM to put an apk into /system/app. You can simply push it through ADB or via terminal emulator. That will atleast survive a factory reset. I don't think many thieves actually take the time to flash a new image
So this is all we need to do? Use the ADB method? So I push through WaveSecure, that could survive a factory reset with settings intact?
Something baked in to recovery would be awesome too.
as far as I know when pushing an apk via adb into system/app then only the app itself is stored there, not the settings. the settings are gone after a system wipe. there needs to be some logic in the app to connect to a site and retrieve your settings from there... using your phone's ID or something.
RAMMANN said:
as far as I know when pushing an apk via adb into system/app then only the app itself is stored there, not the settings. the settings are gone after a system wipe. there needs to be some logic in the app to connect to a site and retrieve your settings from there... using your phone's ID or something.
Click to expand...
Click to collapse
The application itself will survive - but wouldn't all it's data, which still resides in /data/data be wiped?
So yes... the app survived... But it no longer knows who you are, or whose phone it is.
I think the just release CDMA/GSM Droid Pro may have the security you are looking for?
tbaker077 said:
I think the just release CDMA/GSM Droid Pro may have the security you are looking for?
Click to expand...
Click to collapse
It's a bit extreme to fork out another $700 on a new phone just for this. The whole point is to avoid spending money in case of theft or loss
Well part of my unspoke point is this is XDA-Developers, I sure there is a ways(one the rom comes out) to port some of those security files to other Android devices.
tbaker077 said:
Well part of my unspoke point is this is XDA-Developers, I sure there is a ways(one the rom comes out) to port some of those security files to other Android devices.
Click to expand...
Click to collapse
Didn't quite understand you, are saying it is possible to bake in some security?
I think once the Droid Pro, which has it baked in, is either rom dumped and extracted, or rooted then I think it could be possible.
tbaker077 said:
I think once the Droid Pro, which has it baked in, is either rom dumped and extracted, or rooted then I think it could be possible.
Click to expand...
Click to collapse
So something *is* possible via software, not requiring special hardware?
Once some gimboid puts in their own SIM you'd think that you can't send an SMS to control the phone although WaveSecure seems to cover that too.
I'd like something as subtle and as invisible as a good virus. Bootloader would be ideal. Theoretically then a full factory wipe wouldn't clear it.
I couldn't tel you. All I know is the Droid Pro is a 3G CDMA. GSM device with some special enterprise security features/software aimed at the BB users.
Doesn't really help us then if that's only available on the Droid Pro.. For the rest of us we still need to work out how to bake in WaveSecure or, ideally, something very subtle. If someone takes my phone I want to nail the little turd, or at least embarrass him when the phone siren goes off or he gets a loud spoken message or something.
Another point, with IMEI numbers, is this of any use if you bought your phone outright? I.e. if my phone is stolen, I can't get the IMEI blocked can I? And can IMEI numbers be changed?
This may meet your needs/requirements. It is called lookout mobile.
https://www.mylookout.com/
I know Paul at Modaco bakes wavesecure into his roms.. not sure if the data would survive a wipe but then whats the point of baking it in system if it doesn't right? Check it out:
Version R9: (requires membership)
http://android.modaco.com/content/h...-rom-for-htc-desire-online-kitchen-2-2-froyo/
R8: (Free for all)
http://android.modaco.com/content/h...for-htc-desire-with-online-kitchen-2-2-froyo/
Okay.. Just found out. This explains everything!
https://www.wavesecure.com/blog/how-to-make-wavesecure-hard-reset-proof.aspx
Just wondering, is it possible to password lock CWM and Download Mode, so that a thief or anyone else who doesn't know the password cannot flash another rom?
elevul said:
Just wondering, is it possible to password lock CWM and Download Mode, so that a thief or anyone else who doesn't know the password cannot flash another rom?
Click to expand...
Click to collapse
No, it's not possible.
Theonew said:
No, it's not possible.
Click to expand...
Click to collapse
So if someone steals it he can easily remove all security stuff put into it, by simply reflashing another rom...
What's the ****ing point.
elevul said:
So if someone steals it he can easily remove all security stuff put into it, by simply reflashing another rom...
What's the ****ing point.
Click to expand...
Click to collapse
Even if you could, there would always be a way around it, and if not, i doubt you'd see the phone again anyway. That is unless you have tracking software enabled, but if they know enough about android to know about the recovery and download mode, chances are they'd take the sim card out and go somewhere without gps coverage to give themselves time to get around that.
Bottom line, it would be pointless, if they wanted to get into it badly enough, they would
maxib123 said:
Even if you could, there would always be a way around it, and if not, i doubt you'd see the phone again anyway. That is unless you have tracking software enabled, but if they know enough about android to know about the recovery and download mode, chances are they'd take the sim card out and go somewhere without gps coverage to give themselves time to get around that.
Bottom line, it would be pointless, if they wanted to get into it badly enough, they would
Click to expand...
Click to collapse
Hmm, I don't really care about seeing the phone again, what I want is for them to have a useless brick on their hands, so that stealing it would become pointless.
Have a look on vodafone.it, There are instructions on how to get your phone blocked when it is stolen.
The english language version can be found here: http://www.vodafone.it/engl/services/theft_loss.html
elevul said:
So if someone steals it he can easily remove all security stuff put into it, by simply reflashing another rom...
What's the ****ing point.
Click to expand...
Click to collapse
Yes, it's very sad. I worry a lot about the security of my personal info, data, pictures, etc.. Before using Android I have a BlackBerry 2 years before.. And, that it was hard until without first erasing ALL data and internal memory. In android it is not, the files like pictures, videos, docs.. remain despite a wipe in CWM!! and the lockscreen its gone like factory reset... that's unacceptable . I think that is the main reason Im gonna switch to the hated iphone 5 from an S3... that phone with Encryption+PIN its very tough to unlock, confirmed by a forensic expert. The S3 encryption its useless due to the android recovery and download...
Honchay said:
In android it is not, the files like pictures, videos, docs.. remain despite a wipe in CWM!!
Click to expand...
Click to collapse
Just to clarify, this is only if they are stored on the (internal/external) sdcard and are not wiped.
Sent from my Nexus 4
elevul said:
So if someone steals it he can easily remove all security stuff put into it, by simply reflashing another rom...
What's the ****ing point.
Click to expand...
Click to collapse
I know this is an old post but someone else might find it useful, Avast! Anti-Theft is an awesome tool as it support root installation, so you can do a through wipe of your sd card (premium feature) also if your phone is stolen, it can automatically take a pic n upload it, even if they do a factory reset, the app is still there.
geminixx said:
I know this is an old post but someone else might find it useful, Avast! Anti-Theft is an awesome tool as it support root installation, so you can do a through wipe of your sd card (premium feature) also if your phone is stolen, it can automatically take a pic n upload it, even if they do a factory reset, the app is still there.
Click to expand...
Click to collapse
Cerberus does the same, is cheaper and much more reliable.
It should be possible somehow, even doing some hardware mods like bridging some pins to avoid download mode, actually recovery is lockable
philz touch recowery have a lock recovery by password. But i need close or lock Download Mode in Samsung S4
On a recent international flight I signed on to an open wi-fi network and discovered a number of movies and music. I got suspicious after the movie stopped and my phone locked up for a minute, and I realized this network was probably not offered by the airline. Since then my phone has been sluggish. I am unlocked and running a custom ROM, so I know I'm vulnerable to attack. And before you flame me, yes I know it was stupid to sign on to an unknown open network - I was bored on a long flight.
So my question is, should I just wipe and reflash to be safe, or is there any way to identify files that might have been transferred during that flight? I've checked task manager and only the usual stuff appears there. But the phone is running so slowly that it seems like something else is taking up resources and is hiding from the task manager.
Am I being paranoid, or could I be in serious trouble?
Just factory reset and restore nandroid before you got on flight if you are concerned.
What makes you think you are vulnerable because your bootloader is unlocked and running a custom rom?
x714x said:
What makes you think you are vulnerable because your bootloader is unlocked and running a custom rom?
Click to expand...
Click to collapse
Because that's what Apple says....duh!?!?
I feel this idea could be useful for a lot of us, not on our phones since we are likely rooted but on our family members and non tech friends stock phones. Which we usually end up fixing.
My idea if it is possible would be be for a "Plan B" type app for use after a broken screen, were the completely stock phone without ADB enabled needs data extracted.
My hope is that someone could make a app that is remotely installed from play.google.com that automatically turns on ADB debugging (if possible without root)
After that most data can be extracted with "adb backup" or adb pulls.
I can't count how many times this would of helped me in the past if it existed. Any dev up for the job? I am sure it would be appreciated by people.
Guess no one was interested in this idea.
shadowofdarkness said:
Guess no one was interested in this idea.
Click to expand...
Click to collapse
I think many of us are interested but one (so far) can help.
would be a good idea.... who ever was in need for something like that will be likely to pay for that... :laugh:
I could see this being a massive security risk. Sure the app could be handy, but it would also make stealing info from a phone very very easy.
So on that note, I don't think it will ever make it through, though I am sure there are ways.
Just install something like SMSBackup+: https://play.google.com/store/apps/details?id=com.zegoggles.smssync
Set it to automatically back up to their gmail, every so often, and then when it comes time to have to do repairs, you can get all of their calling/sms stuff back, since Google automatically deals with the contact infos.
it wouldn't be a security risk since the only way to install it would be from play.google.com which no one can do without your password. also pour planning with other software is not the point of this since I have been asked to recover data from devices by people that I honestly had no clue they owned the device before they broke it.usually family I don't see on s normal occurrence.
I've always been taught to keep a back up of anything you consider important.
Either way...
There are ADB backup solutions out there, there are recovery apps in the Playstore that will scan for missing or deleted files.
If you have access to the Playstore you have access to all the already available recovery apps. Why the need for an app that will basically root and unlock the device from behind their 'lock screen'?
If you have no direct GUI access, you want an app that you run on your computer that forces the phone connected via USB, to unlock and let you access whatever you want before you restore the phone. This is a massive security problem, because anyone could download that app, and use it to break into phones.
Sound like the 'prior planning' apps, are the best way to go.
I think you are missing my point. I know that prior planning is the best but it it not always possible when dealing with people so tech illiterate that even thought they own the device they barely understand it is not a iPhone because that is what a smartphone is to them.
My intended use is for physicaly broken phones (mainly screen) where I can't control any apps with the screen or turn on ADB from settings.
You thought on the security risk is wrong since out of the ways I can think of to install it via play store on the phone is would not be used since that would mean the attacker could just go into settings and do it the normal way. sideloading is impossible since it would be redundent due to that already needing ADB on.
The intended way via the web is safe enough since the attacker would need your email, password.
Do you hate the "Plan B" app that gps tracks your lost or stolen phone that is already in the play store and gave me this idea. It shows in the store as having between half a million and a million installs. Do you think those people should of went without such a app and lost their phone since they should of just pre planned since it is better.
There are many sites selling Mix 3's some Chinese, some Global, some with locked bootloaders, and some with unlocked bootloaders, this thread is to help people "protect" the devices they have bought (or will buy).
It's through my understanding that the most "secure" way of protecting your phone & data from thief's is to have your bootloader locked, with no custom recovery, encryption on & usb debugging disabled right?
This is because with a unlocked bootloader, the thief has the ability to boot into TWRP (for example) & simply wipe your pin/password/lock off the phone completely, then just boot it up, factory reset it & sell it.
I know there is methods such as putting the phone in cold temperatures so you can retrieve the encryption keys from the RAM, but assuming the thief is just basic & what's to make some quick money off your phone...So...
What's the best way & most recommended thing to do with Xiaomi devices specifically, locked/unlocked, encrypted/not-encrypted, does it matter?, If not, why not?
Any help is appreciated! The more in-depth the better.
Even with a locked bootloader a thief can hold VolUp while booting, wipe phone and sell it. Wiping is possible in any case and thats not even the issue a stolen Phone is gone.
The issue are your data which can be stolen too when you have a unlocked bootloader. Simply boot to twrp connect usb and copy everything. But you can prevent that with encryption and enable "requires pattern to start". That way if your phone gets stolen the thief can still Install/use Twrp but he needs to enter a pattern to decrypt the storage. If he doesnt, twrp wont be able to read the partition and your data is safe. He can still wipe the Phone and sell it but you cant prevent that. I don't know if the pattern generates the encryption keys or retrieves them from somewhere but i'd assume it generates them, probably together with some device specific values, else that would be a flaw in my book. If someone could enlighten me here that'd be nice.
If your bootloader is locked he also can't access your data. Since stock recovers doesn't allow/support Usb-filetransfer. So a lockpattern is all you need there. Encryption shouldnt really matter against the normal thief.
I am going this way: Unlocked bootloader to get rid of Miui, Twrp to have a proper recovery menu, and encryption+pattern to save my data. Disable USB-Developer Options to prevent adb shenanigans.
But on the hand if you wan't to get really panariod a locked bootloader would be better since you still can read the system image from the phone from twrp, this means, and this is a easy way to do it, you could read it copy it to the pc and simply brutefroce the lockpattern. If you have the partitions you can simply try 3 patterns either it works or the phone locks itself up because you did 3 wrong. If it locks up you simply write the partitions back and try again. If you can do 3 in 30 seconds you are done in 45 days since there are only 390.000 different patterns on a 3x3 grid (which is what most people use since some Roms don't even allow for 4x4 or 5x5) but if you emulate it and can do 3 in 15 seconds you are down to 23 days. If you run it in 20 emulators you are done in 1 day. (That would be an awesome weekend project.) In emulation you could really optimize this since you can cut everything out what isn't needed for the attempt to encrypt the partition. you dont even need the screen to load, simply send the decryption module whatever the last module in the Numbers-from-touches-chain would have sent, everything that is loaded before the attempt to decrypt must be unencrypted therefore can be messed with, probably it's even universal across phones since that's a stock android thing. If it tries to write used attempts, save whatever what gets overwritten beforehand, let it write its thing, kill the process, revert changes and try again with the next set. Maybe you get it down to 3s or 4s for 3 attempts and boom you are at 6 hours to encrypt any android phone, no matter which version, with an unlocked bootloader which uses a 3x3 pattern. But your data would be really valueable to someone if they did this. You can't do that with a locked bootloader since you can't read the partitions or you could just use the 5x5 pattern, which you cant do on MIUI (i just tried and havent found where you could change it). But probably i have a giant oversight in there so this probably woudn't work
________________________________________________
On the other hand if you want to recover your phone you should make it as easy as possible to get the thief into your phone since you dont want them to run it off and wipe it. I DONT RECOMMEND THIS. But you could make a 2nd user who has no lock pattern on it. Concider your Data public at this point but while they are busy looking at your selfies you could use a app like prey to track the phone. But since Data are more important than a phone i'd never do or recommend that.
Or you could just buy a tin foil hat.
~phoeny~ said:
Even with a locked bootloader a thief can hold VolUp while booting, wipe phone and sell it. Wiping is possible in any case and thats not even the issue a stolen Phone is gone.
The issue are your data which can be stolen too when you have a unlocked bootloader. Simply boot to twrp connect usb and copy everything. But you can prevent that with encryption and enable "requires pattern to start". That way if your phone gets stolen the thief can still Install/use Twrp but he needs to enter a pattern to decrypt the storage. If he doesnt, twrp wont be able to read the partition and your data is safe. He can still wipe the Phone and sell it but you cant prevent that. I don't know if the pattern generates the encryption keys or retrieves them from somewhere but i'd assume it generates them, probably together with some device specific values, else that would be a flaw in my book. If someone could enlighten me here that'd be nice.
If your bootloader is locked he also can't access your data. Since stock recovers doesn't allow/support Usb-filetransfer. So a lockpattern is all you need there. Encryption shouldnt really matter against the normal thief.
I am going this way: Unlocked bootloader to get rid of Miui, Twrp to have a proper recovery menu, and encryption+pattern to save my data. Disable USB-Developer Options to prevent adb shenanigans.
But on the hand if you wan't to get really panariod a locked bootloader would be better since you still can read the system image from the phone from twrp, this means, and this is a easy way to do it, you could read it copy it to the pc and simply brutefroce the lockpattern. If you have the partitions you can simply try 3 patterns either it works or the phone locks itself up because you did 3 wrong. If it locks up you simply write the partitions back and try again. If you can do 3 in 30 seconds you are done in 45 days since there are only 390.000 different patterns on a 3x3 grid (which is what most people use since some Roms don't even allow for 4x4 or 5x5) but if you emulate it and can do 3 in 15 seconds you are down to 23 days. If you run it in 20 emulators you are done in 1 day. (That would be an awesome weekend project.) In emulation you could really optimize this since you can cut everything out what isn't needed for the attempt to encrypt the partition. you dont even need the screen to load, simply send the decryption module whatever the last module in the Numbers-from-touches-chain would have sent, everything that is loaded before the attempt to decrypt must be unencrypted therefore can be messed with, probably it's even universal across phones since that's a stock android thing. If it tries to write used attempts, save whatever what gets overwritten beforehand, let it write its thing, kill the process, revert changes and try again with the next set. Maybe you get it down to 3s or 4s for 3 attempts and boom you are at 6 hours to encrypt any android phone, no matter which version, with an unlocked bootloader which uses a 3x3 pattern. But your data would be really valueable to someone if they did this. You can't do that with a locked bootloader since you can't read the partitions or you could just use the 5x5 pattern, which you cant do on MIUI (i just tried and havent found where you could change it). But probably i have a giant oversight in there so this probably woudn't work
________________________________________________
On the other hand if you want to recover your phone you should make it as easy as possible to get the thief into your phone since you dont want them to run it off and wipe it. I DONT RECOMMEND THIS. But you could make a 2nd user who has no lock pattern on it. Concider your Data public at this point but while they are busy looking at your selfies you could use a app like prey to track the phone. But since Data are more important than a phone i'd never do or recommend that.
Click to expand...
Click to collapse
Really appreciate the time you took to type out this post, thankyou.