Clockworkmod Password - Android Software/Hacking General [Developers Only]

Hi All,
there's a way to protect cwm by a pass?

LOL no

No. Its called recovery for a reason
Sent from my M886

salas2324 said:
No. Its called recovery for a reason
Sent from my M886
Click to expand...
Click to collapse
What mean? if i wont to protect with password where the strange?

AleDB said:
What mean? if i wont to protect with password where the strange?
Click to expand...
Click to collapse
recovery shouldn't have a password or else you can't recovery your device if you forget password
Sent from my M886

Actually a recovery password would be great. We were discussing this over in the Anti-theft thread. If we had something like this similar to a BIOS password it would prevent anyone from wiping your device if it's stolen. Not sure why people are acting like the OP is an idiot for asking.
If there were a password for CWM you could still get into stock recovery and do a Factory Reset if you needed to, but it would be impossible for someone to wipe your system and remove more advanced anti-theft apps.

its called recovery for a reason, c'mon hahah

I had exactly the same thought yesterday .

+1 for that idea...........what if, i compile a new recovery, i would do this for security:
1.Create an online compiler that asks for the user to enter his/her phone's imei + a unique code & password and compile a unique recovery for his/her phone.
2.After compiling, i'm would give a flashable custom signed update.zip which will be used only when resetting the password.
3.If someone who stole the phone flashed a new recovery, imei & unique code would fail and cannot use any other recovery other than the one flashed already !!

balamu96m said:
+1 for that idea...........what if, i compile a new recovery, i would do this for security:
1.Create an online compiler that asks for the user to enter his/her phone's imei + a unique code & password and compile a unique recovery for his/her phone.
2.After compiling, i'm would give a flashable custom signed update.zip which will be used only when resetting the password.
3.If someone who stole the phone flashed a new recovery, imei & unique code would fail and cannot use any other recovery other than the one flashed already !!
Click to expand...
Click to collapse
If someone flash any other recovery, there is no way to protect the device - he can do everything. Anyway, it's a good idea. But instead of password I'd suggest a buttons combination. It's just less work (no need to create "recovery keyboard").

Indeed. I didn't think about that fact. Even on my phone only certain keyboard presses are recognized within recovery. Regardless, some way to protect the phone beyond what is available would be great.

cwm could integrate a keyboard password like google did with the encryption password. you do the phone presses to access, it begins to take you into recovery, then you are prompted to type in a password. same as if you were trying to access with odin.. seems like it would take a little extra effort but damn, accidents happen.
I have read a few people saying that most some phone thieves don't know what they are doing but hey, Google query: hack android phone.
There's nothing wrong with wanting to add even more security to our phones, call us paranoid.

Love the idea.. maybe with some kind of authenticator, like wow..?
Sent from my HTC Desire using xda app-developers app

W8 for other ideas
Sent from my GT-I9100 using xda app-developers app

maybe one of the developer can implement this idea in aroma installer.
Sent from my GT-I8150 using xda app-developers app

If you require password, and don't permit adb until successfully unlocked, you're starting to get secure.
You'd also need to remove root from regular boot, or prevent adb root access, and secure the system with a lock screen.
If the device has odin or similar, don't waste your time, as anyone determined will overwrite your recovery with an adb enabled one...

AleDB said:
Hi All,
there's a way to protect cwm by a pass?
Click to expand...
Click to collapse
+1 from me

pulser_g2 said:
If you require password, and don't permit adb until successfully unlocked, you're starting to get secure.
You'd also need to remove root from regular boot, or prevent adb root access, and secure the system with a lock screen.
If the device has odin or similar, don't waste your time, as anyone determined will overwrite your recovery with an adb enabled one...
Click to expand...
Click to collapse
i went on the google group android security and some one replied with a possible solution:
Code:
You'll have to implement this in the bootloader, which in most cases is
closed source, so roughly you'll have to:
- find the binary blob of the bootloader, probably in a factory image or
dump it from the device
- find the base address of the bootloader blob and disassemble it
properly (use IDA pro)
- find a place -big enough- where you can inject your own code for the
password prompt
- find a place in the early stages of device boot where you can place a
jump instruction and branch to your code, this should be right after the
bootloader code detects if the fastboot or odin button combinations are
pressed.
I'll suggest to write your code in C unless you are an arm assembly
guru, and try to make it the smallest possible... if the password is
correct, then it should jump back to the place right after where the
execution was interrupted with your initial jump and continue with the
normal bootloader process.
Also, I wouldn't do the tests by flashing your patched bootloader
directly into the phone (replacing the phone's stock bootloader), as a
small mistake in your patches can totally brick the device. To properly
test your patches, you'll need to find a way to place the bootloader in
RAM (from Android) and jump into it, and to do this you'll need to
disable interrupts, invalidate CPU caches, reset MMU, and continue
execution from physical address space where you've copied the bootloader
in RAM, this will simulate a reboot from bootloader but using your
patched one in RAM instead of the stock one in NAND, not an easy task I
guess... but if you have some progress, let us know :D
Cheers,
like with the encryption some script is ran that requires the password to be put in. since the code is already available could there be a way to just use that script and have detect if booting into recovery or odin?

password would be welcome in case my device were stolen, so anyone could make a fresh install independent of the ke or faceunlock, trackers, and everything i have

+1 for the idea... reason:
I know someone who's phone was factory reset by the police... yes, I live in Australia and what was done was illegal and he is taking legal action but once it's done, that's it, you lost everything on the device.
Password protecting recovery is a way to prevent those with enough know how to trigger a reset when you have no legal recourse not to hand over your belongings to another party on the street.
I know this is an edge case but one that has a precedent.

Related

[RECOVERY][CWM] CWM for Huawei Vitria(Y301-A2)

* Your warranty is now void.
I am not responsible if this causes your device to be bricked, for the planets to align, monkeys take over the earth, nuclear war, missed sexual favors or whatever nonsense ensues due to your device not working. Please do some research if you have any concerns before flashing.
By using this recovery you agree to these terms!
Click to expand...
Click to collapse
Clockworkmod Advanced 5
http://d-h.st/BNT
Bugs
-cwm runs in background while charging(Fixed)
-tell me?
Install
(requires unlocked bootloader)
Code:
fastboot flash recovery recovery.img
To enter CWM(or stock recovery) turn off and then hold vol up+power
https://github.com/KainXS/android_device_huawei_y301a2/tree/cwm
Credits
ShabbyPenguin - Phandroid
KINGbabasula
CNexus
Would you be able to port CWM to a Huawei G526-L22?
Specs are similar to this Vitria(Y301-A2).
Tried this .img but can't mount /cache/recovery etc
extendcommand threw up failed to mount /dev/block/platform/msm_sdcc.1/by-name/cache
(no such file or directory)Yet that path/directory is present in file explorer.Any assistance would be much appreciated.
The device has been discounted to AU$99 so a lot of geeks have grabbed them and are looking for mods
As is the norm for android heads ;|}Regards from Down Under
Gomax
gomax said:
Would you be able to port CWM to a Huawei G526-L22?
Specs are similar to this Vitria(Y301-A2).
Tried this .img but can't mount /cache/recovery etc
extendcommand threw up failed to mount /dev/block/platform/msm_sdcc.1/by-name/cache
(no such file or directory)Yet that path/directory is present in file explorer.Any assistance would be much appreciated.
The device has been discounted to AU$99 so a lot of geeks have grabbed them and are looking for mods
As is the norm for android heads ;|}Regards from Down Under
Gomax
Click to expand...
Click to collapse
do you have the original recovery backed up
and can you run these commands while its booted in android with adb
cat /proc/partitions (info on partition sizes)
run ls too
and did you just take the image and flash it without modifying it.
Was sent the image by a developer, who has sent a revised version which works.
Thanks for your interest.
good to hear:good:
but did you really flash the recovery without modifying anything and it booted on the 526
KainXSS said:
good to hear:good:
but did you really flash the recovery without modifying anything and it booted on the 526
Click to expand...
Click to collapse
Both versions booted OK.
The first didn't mount external card.
gomax said:
Both versions booted OK.
The first didn't mount external card.
Click to expand...
Click to collapse
wow if it booted unmodified at all, these devices must be extremely similar minus the screen, hopefully kernel source pops up for one of them, guess the recovery fstabs were different though
edit
the link is gone?
I requested the source code for the vitria a month ago and huawei just released it
http://consumer.huawei.com/en/support/downloads/detail/index.htm?id=17935
I had time to play around with it and build it, did not boot though, wanted to clean it up some but yesterday I broke my hand so there might not be updates for a while.
how did you get the unlock password for this device? im on their website but it doesn't list this device....
mattlowry said:
how did you get the unlock password for this device? im on their website but it doesn't list this device....
Click to expand...
Click to collapse
sorry it took so long to answer but I got the unlock password from huawei by emailing them, I haven't worked on this device solidly in a while.
you might be able to also flash recovery with adb also, if you wanna try it let me know because I unlocked my bootloader before using adb but when I try it works.
remembered to upload cwm advanced 5
also have cwm 6.0.4.7 and advanced 6 but I need to fix a nasty bug with it.
forgot to add if someone were to upload the recovery.img's and a partition layout for the g526 or G740 I can more than likely try to get cwm and cwm advanced running on them.
had to change the vitria recovery to mount by name instead of block number, changed font also.
added source
KainXSS said:
sorry it took so long to answer but I got the unlock password from huawei by emailing them, I haven't worked on this device solidly in a while.
you might be able to also flash recovery with adb also, if you wanna try it let me know because I unlocked my bootloader before using adb but when I try it works.
Click to expand...
Click to collapse
Yes, it takes a few email exchanges with [email protected], but I got my unlock password in couple of days from them.
Great job, OP, works like a charm.
Finally got my unlock from Huawei after a week, and just in time! I lost my old HTC G2 (its somewhere in the kitchen, i swear!) and needed a replacement phone fast.
Enter the Vitria. installed CWM and did a full backup, then installed titanium backup and started ripping out bloatware and live wallpapers and other crap.
I have to say, i REALLY hope development of Cyanogen continues for this device, its hard enough leaving CM7 to go to jelly bean. If there's anything i can assist with with a backed up/bootloader unlocked device, let me know. Or buy you enough beer to last a weekend so you can get this compiled
Flashify
I did something different, I flashed with flashify but I realize now I shouldn't have, it reboots but has a signature error before rebooting, I sure hope there will be cynogen mod or something because this phone has a data connection problem, once data goes off it won't come back on until restart and sometimes all bars without data goes off too and then have reboot too, good phone but needs work, glad to see someone out there doing something, thanks.
OK, I think I know how to fix, but I don't have the correct IMG to fix since I have already corrupted it by flashing with flashify.
Does anybody have the recovery.img and the boot.img from a working stock for this phone?
by having a good recovery.img, I can flash with flashify and get it back to working correctly, this is what I did to fix a similar problem from flashing CWM to my LG G2 and worked.
Update, downloaded stock ROM and the recovery and boot img where there so I flashed recovery.img with flashify and everything good.
Just wondering, anybody has a recovery of their Vitria that already has CWM working properly on it, I wonder if that recovery.img contains proper CWM to be flashed to another Vitria?
this is not for the h882l, it might work on that one but I don't know.
if you try to flash without having the bootloader unlocked, it won't work, you will get a crc signature failure error every boot even if you use adb or a flashing app, after unlocking you can use adb, not sure about flashify(never tried it).
CRC Signiture Error
KainXSS said:
this is not for the h882l, it might work on that one but I don't know.
if you try to flash without having the bootloader unlocked, it won't work, you will get a crc signature failure error every boot even if you use adb or a flashing app, after unlocking you can use adb, not sure about flashify(never tried it).
Click to expand...
Click to collapse
Yes CRC Signiture Error, but the bootloader is unlocked, I use T-Mobile with phone, but only problems I see with this phone is connecting to Data all the time, I end up having to turn data off then back on then it is usually fine sometimes it has problems still, I did pay a service to get the bootloader unlocked with a code so it is unlocked.
Would like to see a nice ROM built for this phone, I haven't the slightest clue to do so, Cyanogen mod would be fine.
Did try to install CWM but could not do so, is this the touch or regular version of CWM you have listed?
Keep up the good work, thanks.
Arctic Prodigy said:
Yes CRC Signiture Error, but the bootloader is unlocked, I use T-Mobile with phone, but only problems I see with this phone is connecting to Data all the time, I end up having to turn data off then back on then it is usually fine sometimes it has problems still, I did pay a service to get the bootloader unlocked with a code so it is unlocked.
Would like to see a nice ROM built for this phone, I haven't the slightest clue to do so, Cyanogen mod would be fine.
Did try to install CWM but could not do so, is this the touch or regular version of CWM you have listed?
Keep up the good work, thanks.
Click to expand...
Click to collapse
I also use tmobile on mine and I have data problems too but haven't tried to fix it yet, don't have the time but your bootloader is unlocked right, your not confusing sim unlock with bootloader unlock right, also your using fastboot to install right.
I am not working on cyanogenmod for the vitria though, it needs a device tree and the kernel needs to be updated for it too, on mine I just run with a custom rom based on stock and a custom kernel for overclocking and stuff, thats enough for me.
Maybe sim unlocked, but thought was bootloader unlocked, I paid to get phone unlocked, they sent a code and I am able to use t-mobile sim card on MetroPCS phone, as for bootloader, it is rooted and says unlocked if that is what you mean, I have SuperSu installed, I used Framaroot as suggested.
Yes I can get into fastboot mode.
Hmm, to verify if bootloader is truly unlocked, how would I go about getting to that to verify for certainty?

Help locked out of recovery

I was literally flashing something ten minutes before and then I tried going back to recovery and there were no directory so I then rebooted it says I need a password... But I never one made a password, I didn't even know there was passwords for recovery
Sent from my Nexus 5 using xda app-developers app
Never mind... Just kept rebooting then eventually the problem was gone... How can I set a password for bootloader and recovery... Just wondering if it's even possible
Sent from my Nexus 5 using xda app-developers app
You can't set a password for either (well, not to my knowledge!)
Even with a password we can fastboot flash new images.
Team Win explains this on their website.
Primokorn said:
Even with a password we can fastboot flash new images.
Team Win explains this on their website.
Click to expand...
Click to collapse
Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
Mount of external (OTG) media
adb access
file manager capabilities
This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.
recovery is the only weak point of my device.
Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.
Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.
Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.
rootSU said:
Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
Mount of external (OTG) media
adb access
file manager capabilities
This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.
recovery is the only weak point of my device.
Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.
Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.
Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.
Click to expand...
Click to collapse
Do u mean that you always have a locked BL?
Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.
Primokorn said:
Do u mean that you always have a locked BL?
Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.
Click to expand...
Click to collapse
I'm just talking about data security. That is my only concern. Devices are replaceable. Unlock bootloader, data wiped. fine!
Oh thanks everyone, I just wouldn't want a theif to use a phone they don't deserve, pretty much the only security on my phone to not go to bootloader is for no power menu on my lockscreen but you could probably use adb to get through
Sent from my Nexus 5 using xda app-developers app
That's what imei blocking is for
Sent from my Nexus 5 using Tapatalk

Nexus 5 stolen / Bootloader access

So guys I just had my Nexus 5 stolen at the gym a couple of days ago, I'm very furious about it... I'm unable to track the device with Android Device Manager because the device was dead at the time it had been stolen and probably hasn't been turned on since.
As I imagine the thief will probably fastboot the phone and erase everything, before ever turning it on, or selling it.
My question is, is there not a way to put a startup password on the phone to prevent bootloader/download mode/adb/fastboot access to the phone?
I am also very upset because I called into Google, and there is absolutely no way to have the phones Serial/IMEI "flagged" or "blocked" with Google. Which would be technically such a simple system to implement.
This means that all those people who have had their Nexus 5's stolen, the device can just be re-registered with another Google account at a later date and nobody will blink an eye.
Views? Suggestions?
Thanks
Wow that sucks you can encrypt your phone that requires a password to startup you may have to have a password to enter fastboot if you encrypt it not sure never done it
Sent from my Nexus 5 using Tapatalk
Call your carrier to have the IMEI blacklisted. Google can not do this. It's your carrier's job to blacklist.
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
THE_KINGDOM said:
blacDoes encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
Yes.
THE_KINGDOM said:
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
no, but it will prevent the thief from using it on any US or Canadian carrier.
---------- Post added at 12:56 PM ---------- Previous post was at 12:52 PM ----------
THE_KINGDOM said:
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
Sandman-007 said:
Yes.
Click to expand...
Click to collapse
can still flash the factory img in the bootloader and not worry about the encryption. also, every single person ive known that has encrypted, eventually(weeks/months) got locked out of their own phones eventually because it wouldnt except a password, and had to flash the factory img.
simms22 said:
no, but it will prevent the thief from using it on any US or Canadian carrier.
---------- Post added at 12:56 PM ---------- Previous post was at 12:52 PM ----------
can still flash the factory img in the bootloader and not worry about the encryption. also, every single person ive known that has encrypted, eventually(weeks/months) got locked out of their own phones eventually because it wouldnt except a password, and had to flash the factory img.
Click to expand...
Click to collapse
Right but the whole point of encrypting is to protect the data not the device. So if a thief has to wipe the device to get rid of the encryption then he won't be able to access the data. It's gone.
Sandman-007 said:
Right but the whole point of encrypting is to protect the data not the device. So if a thief has to wipe the device to get rid of the encryption then he won't be able to access the data. It's gone.
Click to expand...
Click to collapse
no, its not gone. its relatively easy to recover the data, even after a factory reset, if the thief wanted to. unless the data is written over.
There is an app here on XDA as well as the play store called "bootunlocker" that allows you to lock and unlock your bootloader. Newer versions of Trickster MOD also do this. This way, if someone finds your phone and fastboot OEM unlocks it, it will wipe everything. The only thing we need to do at this point is secure the recovery. As no one seems to think a password protected recovery is necessary as no one has made one, you would have to flash the stock recovery.
If you need to make a nandroid then you would need to unlock and flash custom. This is the only way I can think of to fully ensure data gets wiped in the event someone really knows what they're doing. I might go this route, at least for a little bit to try it out
rockingondrums said:
There is an app here on XDA as well as the play store called "bootunlocker" that allows you to lock and unlock your bootloader. Newer versions of Trickster MOD also do this. This way, if someone finds your phone and fastboot OEM unlocks it, it will wipe everything. The only thing we need to do at this point is secure the recovery. As no one seems to think a password protected recovery is necessary as no one has made one, you would have to flash the stock recovery.
If you need to make a nandroid then you would need to unlock and flash custom. This is the only way I can think of to fully ensure data gets wiped in the event someone really knows what they're doing. I might go this route, at least for a little bit to try it out
Click to expand...
Click to collapse
wiping isnt a solution, as the wiped data is easily recoverable. and password protection for a recovery exists as well, twrp has it. and it also wont help as all you would have to do is flash another recovery via fastboot.
btw, heres a recent article about recovering data from a wiped phone http://www.theverge.com/2014/7/8/5881573/test-shows-data-can-be-recovered-from-wiped-android-phones
simms22 said:
no, its not gone. its relatively easy to recover the data, even after a factory reset, if the thief wanted to. unless the data is written over.
Click to expand...
Click to collapse
Fairly easy as in yes, I could do it. Fairly easy as in a random thief on the street, probably too much trouble and effort.
simms22 said:
wiping isnt a solution, as the wiped data is easily recoverable. and password protection for a recovery exists as well, twrp has it. and it also wont help as all you would have to do is flash another recovery via fastboot.
Click to expand...
Click to collapse
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Click to expand...
Click to collapse
Haven't tried it, but what happens if you just flash another recovery?
Lethargy said:
Haven't tried it, but what happens if you just flash another recovery?
Click to expand...
Click to collapse
How could you flash another recovery?
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
How could you flash another recovery?
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
If your bootloader wasn't locked lol
Lethargy said:
If your bootloader wasn't locked lol
Click to expand...
Click to collapse
Obviously recovery lock is pointless if either android or bootloader is unlocked.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
I say keep trying to locate the device with the Android Device Manager. The thief might not have charged it yet, or even won't at all. Might not be charged until someone buys it. Keep trying, and good luck.
rootSU said:
Fairly easy as in yes, I could do it. Fairly easy as in a random thief on the street, probably too much trouble and effort.
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
the average theif, i absolutely agree. they want to steal the device and collect money for it. but if someone is specifically looking for your data, now that doesnt sound like the average thief, thats who i would want to keep away.
bootloader locked, then unlocked, back to that data being recoverable, not by your average thief.
simms22 said:
the average theif, i absolutely agree. they want to steal the device and collect money for it. but if someone is specifically looking for your data, now that doesnt sound like the average thief, thats who i would want to keep away.
bootloader locked, then unlocked, back to that data being recoverable, not by your average thief.
Click to expand...
Click to collapse
As I've said to you in another thread, there's no protection against that and that's the same with any file system.
Working on national security issues? Don't save data on your phone.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
As I've said to you in another thread, there's no protection against that and that's the same with any file system.
Working on national security issues? Don't save data on your phone.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
lmao!
whats funny is that either we misunderstood each other, or a penguin was just spotted in the sahara desert(lol), because what you said is what i keep trying to say, theres no real protection. the best protection is that tbe average person doesnt have enough knowledge, patience, time to go after your data on a serious level. but those that are specifically targeting you for your data, those are who you should fear, as the data can be gotten to, if they really want to get it.
simms22 said:
if they really want to get it
Click to expand...
Click to collapse
It's all in the "if"
In my opinion the only worth protecting against would be the sneaky little brother or sister.

[HELP] Lost my rooted phone can it be decrypted by the thief?

Hey fellas,
Someone stole my One plus 7 Pro.
It was rooted and had TWRP and Magisk 19.x ( latest subversion before 20.x dropped). I had a passcode and fingerprint set up on my phone. It was stolen at a technical convention for students. Assuming the thief has knowledge about Android can my phone's encryption be broken to give access to my files?
Any input is appreciated.
TLDR;
>Phone got stolen at a technical convention
>Thief might have knowledge of Android
>Running Stable Android 9 latest firmware before Stable 10.0.1
>Running Magisk 19.x (Latest before 20.x dropped)
>Running TWRP 3.3.1.x
My concern, Can it be hacked/cracked to give access to the storage inside?
Thanks in advance
this is the problem of unlocked boot loader.
sathara said:
this is the problem of unlocked boot loader.
Click to expand...
Click to collapse
Thanks for the reply.
What are you implying?
Is it easy to crack through it to get the files? TWRP requires the pin to be able to boot.
Please give in more input if possible
_Rushaan_ said:
Thanks for the reply.
What are you implying?
Is it easy to crack through it to get the files? TWRP requires the pin to be able to boot.
Please give in more input if possible
Click to expand...
Click to collapse
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
You should be somewhat safe...
sathara said:
this is the problem of unlocked boot loader.
Click to expand...
Click to collapse
jisoo said:
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
Click to expand...
Click to collapse
My passcode is fairly complex. Thanks for the reassurance.:good:
jisoo said:
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
Click to expand...
Click to collapse
He/she still wouldn't be able to use it after a wipe because of FRP, though, right?
rickysidhu_ said:
He/she still wouldn't be able to use it after a wipe because of FRP, though, right?
Click to expand...
Click to collapse
there;s ways to bypass that, I saw a few videos of some people doing that
If you had your data encrypted as you state, I don't think anyone would even take the trouble that comes with brute forcing such encryption. He will probably just wipe it.
They may just wipe it and use it, u can black list it through you carrier
Check android device manager and see if you can locate it and remote wipe it

How to mitigate the risk of having an unlocked bootloader against an evil maid attack that side-loads malware/spyware?

I want to clarify, i already saw many threads mentioning how you can protect your data with an unlocked bootloader, so no need to go deep into that.
But it also seems to me, many people just avoid the other issues, like an attacker being able to sideload malware in your device.
How to mitigate those other risks?
cablop said:
I want to clarify, i already saw many threads mentioning how you can protect your data with an unlocked bootloader, so no need to go deep into that.
But it also seems to me, many people just avoid the other issues, like an attacker being able to sideload malware in your device.
How to mitigate those other risks?
Click to expand...
Click to collapse
Sideloading malware requires physically access to your device. You have to reboot into bootloader mode and flashing e.g. a patched system.img and then reboot into system again. To avoid this: Never leave your device unattended.
WoKoschekk said:
Sideloading malware requires physically access to your device. You have to reboot into bootloader mode and flashing e.g. a patched system.img and then reboot into system again. To avoid this: Never leave your device unattended.
Click to expand...
Click to collapse
I am fully aware of that. But there are time you leave it unattended, you can't carry a bag with all your belongings with you to every place you must be in, e.g., bathroom, beach, gym, etc.
So, if you leave it unattended and then you come back and you think it was compromised, what can you do, apart from a full reset? Can't you have a tool that tells you if something changed, somebody took it, it rebooted, etc.?
cablop said:
I am fully aware of that. But there are time you leave it unattended, you can't carry a bag with all your belongings with you to every place you must be in, e.g., bathroom, beach, gym, etc.
Click to expand...
Click to collapse
It seems a bit paranoid... When I'm not at home my phone is in my pocket or locked up (e.g. gym). That's it.
cablop said:
So, if you leave it unattended and then you come back and you think it was compromised, what can you do, apart from a full reset? Can't you have a tool that tells you if something changed, somebody took it, it rebooted, etc.?
Click to expand...
Click to collapse
A full reset would do nothing for you. In bootloader menu you have no access to /data. Even if fully booted up nobody can access /data due to my display pattern. So, a full wipe wouldn't help you since it only wipes /data.
As I already said you could only patch the system.img/vendor.img with malware. But if Android verified boot is enabled, it's impossible to change something on these partitions.
WoKoschekk said:
It seems a bit paranoid... When I'm not at home my phone is in my pocket or locked up (e.g. gym). That's it.
Click to expand...
Click to collapse
Not really paranoid. You only need to see the ads offering ways to people to know what their partners do, don't they? Keyloggers predate Android phones, so how can i think they are not a real risk?
WoKoschekk said:
A full reset would do nothing for you. In bootloader menu you have no access to /data. Even if fully booted up nobody can access /data due to my display pattern. So, a full wipe wouldn't help you since it only wipes /data.
As I already said you could only patch the system.img/vendor.img with malware. But if Android verified boot is enabled, it's impossible to change something on these partitions.
Click to expand...
Click to collapse
BTW. If it was impossible to write on those partitions, then it would be impossible to change the firmware of the phone, but we do when we unlock the bootloader, and then we patch stuff, like a new recovery partition and even root the phone. So it is not something the Android verified boot can do.
It seems to me that while Google and the vendors think it is important to keep the bootloader locked for security reasons, the community keeps looking in other direction to say it is not, and there's no risk, but there is.
cablop said:
BTW. If it was impossible to write on those partitions, then it would be impossible to change the firmware of the phone
Click to expand...
Click to collapse
You mixed up things. A new firmware is not the same as patching /system on a stock ROM. Even a custom recovery requires a patched vbmeta.img in most cases.
Malware is an executable file that can only be stored on a file system. You can't store it on a boot.img or recovery.img since they are only binaries. No, you need e.g. /system or /vendor. Only there you could store a malicious file like a patched APK that gets executed by system during the next boot sequence.
WoKoschekk said:
You mixed up things. A new firmware is not the same as patching /system on a stock ROM. Even a custom recovery requires a patched vbmeta.img in most cases.
Malware is an executable file that can only be stored on a file system. You can't store it on a boot.img or recovery.img since they are only binaries. No, you need e.g. /system or /vendor. Only there you could store a malicious file like a patched APK that gets executed by system during the next boot sequence.
Click to expand...
Click to collapse
ok, that is interesting, but comes with a doubt... then, how does Magisk work? afaik it is a patch outside the firmware or system or data... Can't we install a malware to the phone in a similar way Magisk gets installed?
cablop said:
ok, that is interesting, but comes with a doubt... then, how does Magisk work? afaik it is a patch outside the firmware or system or data... Can't we install a malware to the phone in a similar way Magisk gets installed?
Click to expand...
Click to collapse
Even Magisk needs an installation for the Manager APK when a patched boot.img gets booted. The APK isn't part of the patch and the installation must be granted by the user.
WoKoschekk said:
Even Magisk needs an installation for the Manager APK when a patched boot.img gets booted. The APK isn't part of the patch and the installation must be granted by the user.
Click to expand...
Click to collapse
Hmmm.
Ok, maybe i am confused by thinking the bootloader of Android can work in a similar fashion as the boot of Linux or even Windows.
So, just to be sure, what you are telling me is that there's no way to install with an unlocked bootloader a malware in the system, either as new software or replacing an existing one, but that the risk is they can read my data, something that i can solve with a proper device or userspace encryption, right?
Can't we flash some things from the TWRP or alike like the GMS directly into the system?

Categories

Resources