[Q] Encrypting the NS but keeping full recovery functions - Nexus S Q&A, Help & Troubleshooting

Hi there.
So, I wanted to encrypt my Nexus S to secure my personal data on it. The problem is, that I also want to update my CM9 rom every now and then. With the built-in encryption from ICS, the CWM recovery can't access the sdcard any more (and presumably also can't access other partitions to update files but can only wipe them which would remove the encryption there).
Anyway, to make this thread short: Does anybody knows (or even better: is using) a way how to encrypt the personal data on the phone but still being able to use a custom Rom and update that? Maybe there is an app I can use for that (I read about WhisperCore, but you don't hear anything new from it since twitter purchased it).
Is it even possible to encrypt the phone and then update the rom without losing the encryption?

Related

[Q] Encryption & Backups

I see options to 'encrypt all data'. However, I have already made backups. If I encrypt everything (and I assume this includes the backups; as I understand it, they are on the external SD), does this render the backups useless, or does CWM have decryption tools builtin? If not, should I erase the backups, as they contain all the data unencrypted? Confused as to how best to manage encryption and backups.
---
Samsung Galaxy SII Epic 4G Touch
Syndicated Ice, CWM 5.0.2.6
2GB ext SD
This is a great question.
I have never used the Encryption at all and just did the regular backups on my droid but I'm thinking that you should keep your encrypted backups because unless you want to redo everything from scratch in setting up your system every time, it's a good thing to just keep them and try to back them up on your pc and then go from there.
Once you've backed them up (including your current state of the phone non-encrypted for safety measures), i would try to recover an encrypted file and see how it works... if it does not work for some reason then you can revert back to your UN-encrypted version... let us know how it turns out.
Hope this helped in some way.

[Q] How does a custom recovery works?

Ok, so i'm new to all this stuff about custom recoverys and ROMs. How exactly do they work?
Let's say i make a custom recovery image of my current ROM, wich is stock, does it just backup the OS or my personal files (music, photos, apps, etc.) too?
I'm asking this primarly because i want to upgrade my phone, but to do so i have to flash the stock firmware because i've modified some system files. Wich bring to my other question, flashing ROMs wipe user data? i've read some split responses to this, some people say it does some say it doesn't.
And my final question, let's say i made a backup, wiped my phone flashed stock firmware and updated, now how i recover my data from the
backed up ROM, i mean it is a different version, does it have an option to just restore user data?
Thanks in advance, and sorry if these are too much questions.
it'll back up system, data, boot.img and dalvik cache.
your sd partition isn't backed up, but all the stuff on it will be readable by whatever new rom you put on it (unless you wipe EVERYTHING [not a good idea]).
when you're changing roms/etc, you want to place the rom.zip + gapps.zip (and custom kernel.zip if you're going to use one) on your sd partition. you do this because usb storage mostly doesn't work with custom recoveries as of yet on this device meaning once you've wiped, if you don't have a rom on your sd partition you're mildly screwed in that you'd have to reflash everything from a stock image (meaning you will lose root, all your personal files and whatever rom was on the phone - basically everything goes back to stock bar the bootloader).
e: as for restoring all apps data, use something like titanium backup. i always have a backup on my sd partition of all my current apps (plus wifi passwords, accounts info, sms messages etc to save time/effort when restoring after putting a new rom on). i also always set TB to backup all modified/new data every night at about 3am, then upload the backup to google drive so that if i either brick my phone or accidentally wipe everything, at least i can get back to where i left off.
If you forget to place the ROM zip, and have formatted the device, it is not necessary to flash stock. You use adb side load which is present in every recovery.
in that case i need to remember that for future use - i hardly ever use my pc with my phone now as you can pretty much do anything (update recovery etc) on the phone alone.
that, and i'm on windows 8.1 which afaik doesn't play nicely with fastboot or adb.
twist3d0n3 said:
....and i'm on windows 8.1 which afaik doesn't play nicely with fastboot or adb.
Click to expand...
Click to collapse
....i think this is a rumor. Never ever had any problems on W8.1
^ good to know, thanks

Android encryption incredible bug!!

I can't believe what I've seen!
A few days ago I encrypted my galaxy s3 running the old 4.1.2 with this guide to avoid having to enter an alphanumeric password each time I unlock the screen. Yesterday I installed an app called "Locker" that is supposed to reboot and wipe the device after a specified number of wrong lockscreen pin attemps.
When I woke up this morning I had a nandroid on the microsd (online nandroid backup app) performed overnight plus the internal storage backed up too and I decided to try that app. After 10 wrong attemps it actually rebooted to recovery but didn't wipe anything, probably cause I'm running a custom recovery (TWRP). No bad, after reboot you are prompted to enter the alphanumeric cryptopassword (different from the lockscrenn pin) so that method would be safe, I think. After entering the cryptopassword it forced reboot again, again stating I entered 10 wrong pin previously. At this point I was stuck so I tried restoring the nandroid, rebooted but guess what?? My cryptopassword was not recognized!!! I tried another time wiping everything, included internal storage, no good. I tried restoring a previous unencrypted image, incredibly it still asks me the cryptopassword and still doesn't recognize it!!
I was stuck and didn't know what to do, I said I'll try flashing a stock rom with odin, I started downloading it but I reflashed stock recovery back for another try. Wipe data/factory reset, then reflashed TWRP restored the overnight nandroid back again and guess what???
MY DEVICE ISN'T ENCRYPTED ANYMORE!!! It only asks the lockscreen pin, but if I go to settings => Security it shows itself as unencrypted!!
Such an incredible bug, yes, you'll lose your internal storage in the process and you need a nandroid to restore the /data partition. I can't believe it!!
Probably I understand what happened. The online nandroid backup is performed after the cryptokey has been entered, so it saves the data partition unencrypted.
The proof would be making a nandroid from recovery and seeing if this trick works the same
FDE on Android 4.x is already known as vulnerably and can be decrypt by various tools (not telling the name here - and don't ask me for it). Just saying, so no matter if you use it or not if an attacker have physical access to your device it's very easy to get your stuff and the fact you use a custom recovery makes it very easy (not that a stock recovery is not affected but needs some more steps to get the tools working..).
CHEF-KOCH said:
FDE on Android 4.x is already known as vulnerably and can be decrypt by various tools (not telling the name here - and don't ask me for it). Just saying, so no matter if you use it or not if an attacker have physical access to your device it's very easy to get your stuff and the fact you use a custom recovery makes it very easy (not that a stock recovery is not affected but needs some more steps to get the tools working..).
Click to expand...
Click to collapse
With other experiences I had with PCs, if you clone a bitlocker encrypted partition online, the resulting copy will be unencrypted, if you clone it booting from a live cd the resulting copy will be encrypted as well.
What I did was backing up my phone online, so the backup was of an unencrypted system. I'm sure if I restore a nandroid made in recovery environment, it will restore an encrypted system as well
I think the only way to get around it is brute forcing it, a 128 bit key is safe as long as you don't choose a short password

downgrade from oreo beta..Formatted phone.. help recover photos

Hello guys, I have a S8+ 955U version tmobile. I was on oreo beta and wanted to revert back to 7.0 latest which is G955USQS2BRB1. I odin the files but it caused me to format my internal memory. i lost all my photos of my newborn.
How can I get them back?
I've tried a few programs but I have to be rooted which I'm not.
I found a thread SAMPWNED to root device but I can't downfrade that far back.
Any help would be appreciated.
P.S. no i did not have an sd card in the phone, all files were saved on internal.
It's really difficult to recover photos from a formatted internal SD card. Best option, I think, would be try some other recovery apps, so see if they have access to your phone, though I don't think they will have that type of low-level access.
Another possibility might be to use ADB and if you can, pre-system/security startup, enable ADB within the phone, and then you might be able to do a recovery scan of the phone partitions.
There are a few (vague?) how to's on using ADB to enter the phone pre-system/security. Search 'sonnettie', the author of one method, and you will likely find other author off-shoots of the same type of method. If I don't stay current with a thing, I forget most of the details, but that was his original(?) method, which as I was told, came to be used by others to get into the phone pre-system startup/security. It might have been obviated by the Oreo update with a bug fix.
Did you have Samsung backup configured? If so it should have uploaded the photos and you would be able to restore them. If you don't make a backup your photos are already lost, you never know when your phone might die, be stolen or in this case get formatted. Google photos is a good alternative to keep your photos backing up.
Some people have incorrectly stated that it is possible to recover the photos after formatting internal storage. The data partition is encrypted by default and unless you are able to recover both, encryption key (it was most likely overwritten during first boot after factory reset) and the part of the partition containing the photos, you cannot get your photos back. Also, I have not seen any commercial data recovery software, which is capable of finding encryption keys and deciphering corrupted data partition.
Exactly, the phone is encrypted, not remotely possible to recover the photos scanning the memory
sergioslk said:
Exactly, the phone is encrypted, not remotely possible to recover the photos scanning the memory
Click to expand...
Click to collapse
good to know.
Thanks everyone for your input. After spending countless hours trying to root phone so I could get a data recovery program on it, I gave up. Turns out I had google photos and Samsung cloud turned on and it synced all my media. I got all my media back on my phone.
Thanks guys
@OP
i want to remind you that if you are doing like updating, flashing, modifying, always make a back up thank god samsung cloud is doing that for you., but i always make a hard copy to my sd card always you newer know right. i am happy for you that you got your data back

Temporary Root or Root without Wipe? - Need to run root App

Hi Guys,
I wanted to root my phone temporarily so I can run this DiskDigger software (which I had used in the past with another phone with good results) that requires root in order to recover deleted photos.
Now if there was some sort of temporary root solution then that would be great as I don't actually want to root the phone properly mainly because I like to use some banking software that doesn't allow it...
If temp root is not possible then is a root without a data wipe possible? I am not entirely sure if my data will be lost by wiping the data partition as some of the files I want to recover also belonged in the secure folder app, which I think has its data stored in /mnt/secure but I am not 100% and I am also worried about the partition being re-encrypted again after a wipe, which could mean new encryption keys and I can't restore old files?
Any advice here is appreciated.
Thanks
I know the thread is old, but I want to backup some apps with data and no one solution (ad backup/restore is not working) like Titanium (but requires root) is working.
I'm looking to have a root shell with an exploit (like payloads on the consoles, or thethered jailbreak on iphone) so I can backup the data manually.
Any updates on this matter the last 2 years?
iq-dot said:
Hi Guys,
I wanted to root my phone temporarily so I can run this DiskDigger software (which I had used in the past with another phone with good results) that requires root in order to recover deleted photos.
Now if there was some sort of temporary root solution then that would be great as I don't actually want to root the phone properly mainly because I like to use some banking software that doesn't allow it...
If temp root is not possible then is a root without a data wipe possible? I am not entirely sure if my data will be lost by wiping the data partition as some of the files I want to recover also belonged in the secure folder app, which I think has its data stored in /mnt/secure but I am not 100% and I am also worried about the partition being re-encrypted again after a wipe, which could mean new encryption keys and I can't restore old files?
Any advice here is appreciated.
Thanks
Click to expand...
Click to collapse
Also looking to this as I'm not looking to make changes on /system du to Dm-verity.
changes to /data are enough

Categories

Resources