Hi guys, im fairly new to the WM scene, but have finally customized my Xperia X1 to be just how I want it.
This brings me to this question about security.
At the moment what worries me, is if I lose my phone or someone steals it. They would have access to all my information, my contacts, my software, my emails, passwords and other such personal information that I would rather not give out. Obviously the safest solution would be to leave it in the house, but that's something none of us want to do!
Now I was thinking about encrypting the Internal memory and the memory card so that the files could not be hacked or looked at by prying eyes when connected to a computer for instance. But I couldn't seem to find any software which would do such a thing. I currently use TrueCrypt on my PC which stops nearly everything.
What I really want to do is the following:
1. Password the device.
2. Encrypt it, so that the files cannot be taken off or read.
3. Automatic password lock after 1 minute.
4. Stop files being accessed through a PC (by others of course but not myself).
5. Any other methods people could access the phone with a computer, flashing and such tools to get into them.
I know the memory card has encryption to stop anything other than the device reading the card. But this doesn't work on mine for some reason as I can plonk the card in a reader and get access to all my files in various computers I have tried.
I realize it will never be truly secure but let's be honest. The average thief wouldn't exactly know how to hack into a phone and access it's files.
Now im not fussed if say for instance it was stolen, the thief flashed the phone and used it for themselves. At the end of the day, they've got the phone, wether they are using it or not isn't going to make a difference, but making sure they can't access the files is a top priority.
One of the main programs I worry about is these "Wallet" programs that you can get. They are very handy for storing all your card details and such on, but are they truly safe? That is what I wonder.
Any replies would be really appreciated as I always worry about losing my phone at the moment due to it having no protection!
Are there any suggestions anyone can make to me?
Anyone got an opinons on this? I was hoping for a reply.
Hi vmrmic,
I know that Check Point has a encryption solution for Windows mobile since I work there
http://www.checkpoint.com/products/datasecurity/mobile/index.html
Check supported devices:
www.checkpoint.com/supportedhandhelds
X1 is not up there but it works fine. I have tried it. Officially supported in a couple of weeks
Note that this solution is intended for business and not a one by one installation
If you have more questions find the forum on checkpoint.com since I don't always check this forums.
Regards
Check out Throttle Lock http://www.throttlelauncher.com/portal/
Not every thing your asking for but a great solution
TB
I'm boned.
My phone ran out of battery today, and when I turned it back on, its asking for my backup pin, which I don't know. The backup pin is different from a regular pin. The only items on the screen after boot are the notification bar, an input field which reads "Type PIN code.", and a numeric keypad which is only visible when focused on the input field. There is NOT an emergency call button.
I have a black 16GB VZW GS4 aka Samsung SCH-I545. It is 100% stock, not rooted or bootstrapped.
I NEED NEED NEED some pictures and text messages that are on there. I cannot stress enough how important this data is. Like 1/3 of my yearly income important.
I have already tried Android Device Manager and Samsung's Find My Mobile, and neither worked.
My phone is not encrypted.
USB debugging is not enabled, but I believe if I reboot into recovery I can connect with ADB and download data from the phone.
Ideally I would like to:
A. Make a complete backup of all the data on the flash memory with the phone in recovery mode.
B. Extract the texts and pictures from said data.
C. Modify the phone so it will think it was never locked, thus avoiding a factory reset.
A and B are the most important, I NEED that data. C would be nice, but its not essential.
So, My questions are:
1. How would I go about making a full copy of the flash memory through ADB?
2. How/where does android store the text messages, are they in a database?
3. Is this script what I need to remove the prompt for a backup PIN(Item C)? http://forum.xda-developers.com/showthread.php?t=2397797
4. Does my action plan sound reasonable or am I going to shoot myself in the foot?
5. What section should I post in if I need further assistance?
Thank you for any help you can give.
-Max
PS: I love u guys
Hi, thank you for using XDA Assist. The link you posted is probably as good as anything. But remember why you use a pin in the first place, so if someone doesn't have the pin they can't access your data.
Thread closed.
Hey!
It's my first post here so it this isn't the best place for such a question then by all means mods pls move the thread to where it should be
Basically, where I'm currently living (Brazil), things tend to get pretty violent and phone thefts are very common. Now the thing is, if it's an iPhone usually the thieves just throw it away, as once it's locked it becomes useless. When it comes to Android though, some of them will dig deep trying to access your info like pictures, passwords, bank information, among other things. They even manage to break IMEI locks and stuff. I got my S5 stolen recently and the information theft part put me through hell. Yet, I'd much rather have an S8+ then any other iPhone currently, so my question is how could I completely theft proof it?
I'm not really worried about them restoring the phone and reselling it, more about them accessing the data inside of it. I know the SD card can be protected through cryptography (although would accept "stronger" tips if there are any). When it comes to apps, aside from the basics of trusting what you install and stuff, are apps like Cerberus, Knox 2.0, or other Samsung features I'm not aware of, any good against someone who knows what they're doing? Is there a way to disable airplane mode or power offs? Also what is probably my strongest concern: is there a way to completely not allow system changes through a computer, like the one that removes the lock screen?
Being a programmer and computer science undergrad student (although not specializing in security nor mobile), I'd have no problem if the solutions would involve some coding or tweaking, just as long as they prove to be effective.
So, would you guys have any tips on how to completely secure the data given those concerns?
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Gary02468 said:
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Click to expand...
Click to collapse
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
xile6 said:
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
Click to expand...
Click to collapse
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
I use smart Lockscreen protector to prevent somebody putting my phone to airline mode or shutting it down ( It won't help phones with removable battery)
If you have the phone encrypted and have the require pin on boot set. And you have the Qualcomm version that is locked down you have nothing to worry about.
Even the iPhone 7 has been jail broken or rooted the S8 with the Qualcomm chip is one of only a few phones that have not been hacked. It's actually WAY more secure than an iPhone.
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
The phone is completely encrypted, so if you set it to require a password to restart and to turn the screen back on, then its contents are unreadable without the password regardless of how you connect to it.
lvrma said:
...
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
If you have a lock screen set you can lock the status of your phone(wifi state, airplane mode, power settings). This way you have to unlock it to toggle these modes.
I just ran across this, some good advice.
http://thedroidguy.com/2017/04/setu...security-features-tutorials-1071462#Tutorial1
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
BratPAQ said:
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
Click to expand...
Click to collapse
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
the easiest way to encrypt sd and phone, enable adoptable storage.
cantenna said:
the easiest way to encrypt sd and phone, enable adoptable storage.
Click to expand...
Click to collapse
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless[.] Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Gary02468 said:
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Click to expand...
Click to collapse
oh yea, may bad, i often assume everyone on xda is here because there interested in unlocked boot loaders, root and custom kernels. My recomindation applies only to people who have unlocked pandor's box only.
the method of encyption you suggested the isnt availble for users like me but we can enable adoptable storage which does encrypt the system by other means and it is compatible with root, etc
dynospectrum said:
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
Click to expand...
Click to collapse
Where can you get/ how can you make such a cover?
Also sometimes when I'm in bad Areas, I go to developer options and turn on some of the screen update stuff, so it flashes the screen purple a lot and make it look messed up.
Friend got into a fight with his brother. His brother was able to break into his phone.
Friend changed the password on the device last week, and because of his school, he doesn't take the phone with him.
He opened the phone today, and can't remember the password.
It is a Moto G7 Power, running Android 9
It has GenTech installed on the phone.
I do not know any specifics beyond that, as the settings are hidden behind a lock screen.
When I logged into the Google account, it looks like the account hasn't been backing up photos, contacts, etc since the GenTech was put on. iDrive also hasn't been backing anything up.
Are there any tools that can remove the lock screen? Preferably free, but I wouldn't mind paying a small amount. And NOT wipe the device.
Before coming here, I saw Eelphone, but it looked super shady.
Searching through XDA's forums, I saw Dr.Fone as an application as well.
Are these the best options? I mean, I troubleshoot devices for clients all the time, and thankfully haven't had to recover their devices like this, and I know that it has changed a lot since the beginnings of Android, but I need something in the toolbox for sure.
Any help is appreciated, thank you!
Edit: I thought I might try Dr.Fone on my Motorola device. Uh, not the right application that I need! I want the data preserved, not wiped. If I wanted the phone wiped, I'd have done it from the bootloader.
(Or do they make a copy of the device, wipe the phone, and reload everything minus the lock screen?)
(Or is Dr.Fone a malicious program masquerading as legitimate?)
DaNissNYC said:
Friend got into a fight with his brother. His brother was able to break into his phone.
Friend changed the password on the device last week, and because of his school, he doesn't take the phone with him.
He opened the phone today, and can't remember the password.
It is a Moto G7 Power, running Android 9
It has GenTech installed on the phone.
I do not know any specifics beyond that, as the settings are hidden behind a lock screen.
When I logged into the Google account, it looks like the account hasn't been backing up photos, contacts, etc since the GenTech was put on. iDrive also hasn't been backing anything up.
Are there any tools that can remove the lock screen? Preferably free, but I wouldn't mind paying a small amount. And NOT wipe the device.
Before coming here, I saw Eelphone, but it looked super shady.
Searching through XDA's forums, I saw Dr.Fone as an application as well.
Are these the best options? I mean, I troubleshoot devices for clients all the time, and thankfully haven't had to recover their devices like this, and I know that it has changed a lot since the beginnings of Android, but I need something in the toolbox for sure.
Any help is appreciated, thank you!
Edit: I thought I might try Dr.Fone on my Motorola device. Uh, not the right application that I need! I want the data preserved, not wiped. If I wanted the phone wiped, I'd have done it from the bootloader.
(Or do they make a copy of the device, wipe the phone, and reload everything minus the lock screen?)
(Or is Dr.Fone a malicious program masquerading as legitimate?)
Click to expand...
Click to collapse
Is the device rooted?
Does the device have USB debugging enabled in system settings?
If the answers to these questions are no, then all you can do is factory reset. After resetting, it will probably be FRP locked(Factory Reset Protection), which means you still need to remember the google account username and password to get logged into the device, but, the lockscreen pin/password will be removed. You'll lose the user's data in the process. At this point, if it isn't rooted or does not have USB debugging enabled, there aren't really any options to save their user data before resetting the device.
Sent from my SM-S767VL using Tapatalk
The phone is not rooted, unless the GenTech software gained the root access. (I am too new to post a direct link, but it is a monitoring program - I don't know how common it is outside of my community)
If I recall correctly, I did get access to developer options, but that was back in July - I'm not sure if I have developer options enabled at this time.
The paid softwares can't crack it? That really is too bad.
Hi all,
Some expert advice please. My technophobe wife’s S7 Edge has suddenly decided to ignore her PIN, which has never been changed.
Phone isn’t registered with Samsung.
Google Device Manager no longer provides the remote unlock feature (swines!)
Against my better judgement, I tried Wondershare’s Drfone tool, but it doesn’t support the S7 so the only option it provides is “wipe device to remove PIN”. (Very bloody useful).
I’ve installed ADB Tools on my PC, but can’t do anything serious without USB debug enabled on the phone. It isn’t.
I’d hoped to be able to enable that through recovery mode. No go.
Obviously the phone is on stock firmware so there are no fancy tools installed.
Is there ANYTHING else I can try to bypass the amnesiac Lock Screen, or at least get onto the damn thing remotely to recover 4+ years of notes, contacts, etc?
TIA.
Password/hardware failures happen; been locked out of bios when it failed. Had no password been set there been no problem.
Rule #1 avoid password lockouts as you are the most likely one to get locked out!
Rule #2 or maybe #1, always have at least 2 hdd backups that are location/electronically isolated.
An earth grounded conductive box (Farraday cage) is preferable to protect from near close lightning strikes*, strong magnetic fields and EMPs
If no backup exist you may have just learned two things I and many others have learned the hard way. Yes, well...
Try a hard reboot (not reset!)
Try clearing the system cache, doubt either will get it but worth a shot.
If ADB is enabled on the device more options maybe available.
A data recovery expert may be able to recover the data.
Hopefully you can recover it but better protect your ass...ets in the future.
Start today with all your devices.
*they happen randomly and can completely wipe and/or destroy a unshielded drive, even many yards away.