So guys I just had my Nexus 5 stolen at the gym a couple of days ago, I'm very furious about it... I'm unable to track the device with Android Device Manager because the device was dead at the time it had been stolen and probably hasn't been turned on since.
As I imagine the thief will probably fastboot the phone and erase everything, before ever turning it on, or selling it.
My question is, is there not a way to put a startup password on the phone to prevent bootloader/download mode/adb/fastboot access to the phone?
I am also very upset because I called into Google, and there is absolutely no way to have the phones Serial/IMEI "flagged" or "blocked" with Google. Which would be technically such a simple system to implement.
This means that all those people who have had their Nexus 5's stolen, the device can just be re-registered with another Google account at a later date and nobody will blink an eye.
Views? Suggestions?
Thanks
Wow that sucks you can encrypt your phone that requires a password to startup you may have to have a password to enter fastboot if you encrypt it not sure never done it
Sent from my Nexus 5 using Tapatalk
Call your carrier to have the IMEI blacklisted. Google can not do this. It's your carrier's job to blacklist.
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
THE_KINGDOM said:
blacDoes encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
Yes.
THE_KINGDOM said:
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
no, but it will prevent the thief from using it on any US or Canadian carrier.
---------- Post added at 12:56 PM ---------- Previous post was at 12:52 PM ----------
THE_KINGDOM said:
black listing the IMEI won't prevent somebody from re-registering that device with another Google account though. As it seem Google doesn't track or flag stolen Serial/IMEI.
BUMP to confirm Does encrypting the phone ask for a password at startup?
Click to expand...
Click to collapse
Sandman-007 said:
Yes.
Click to expand...
Click to collapse
can still flash the factory img in the bootloader and not worry about the encryption. also, every single person ive known that has encrypted, eventually(weeks/months) got locked out of their own phones eventually because it wouldnt except a password, and had to flash the factory img.
simms22 said:
no, but it will prevent the thief from using it on any US or Canadian carrier.
---------- Post added at 12:56 PM ---------- Previous post was at 12:52 PM ----------
can still flash the factory img in the bootloader and not worry about the encryption. also, every single person ive known that has encrypted, eventually(weeks/months) got locked out of their own phones eventually because it wouldnt except a password, and had to flash the factory img.
Click to expand...
Click to collapse
Right but the whole point of encrypting is to protect the data not the device. So if a thief has to wipe the device to get rid of the encryption then he won't be able to access the data. It's gone.
Sandman-007 said:
Right but the whole point of encrypting is to protect the data not the device. So if a thief has to wipe the device to get rid of the encryption then he won't be able to access the data. It's gone.
Click to expand...
Click to collapse
no, its not gone. its relatively easy to recover the data, even after a factory reset, if the thief wanted to. unless the data is written over.
There is an app here on XDA as well as the play store called "bootunlocker" that allows you to lock and unlock your bootloader. Newer versions of Trickster MOD also do this. This way, if someone finds your phone and fastboot OEM unlocks it, it will wipe everything. The only thing we need to do at this point is secure the recovery. As no one seems to think a password protected recovery is necessary as no one has made one, you would have to flash the stock recovery.
If you need to make a nandroid then you would need to unlock and flash custom. This is the only way I can think of to fully ensure data gets wiped in the event someone really knows what they're doing. I might go this route, at least for a little bit to try it out
rockingondrums said:
There is an app here on XDA as well as the play store called "bootunlocker" that allows you to lock and unlock your bootloader. Newer versions of Trickster MOD also do this. This way, if someone finds your phone and fastboot OEM unlocks it, it will wipe everything. The only thing we need to do at this point is secure the recovery. As no one seems to think a password protected recovery is necessary as no one has made one, you would have to flash the stock recovery.
If you need to make a nandroid then you would need to unlock and flash custom. This is the only way I can think of to fully ensure data gets wiped in the event someone really knows what they're doing. I might go this route, at least for a little bit to try it out
Click to expand...
Click to collapse
wiping isnt a solution, as the wiped data is easily recoverable. and password protection for a recovery exists as well, twrp has it. and it also wont help as all you would have to do is flash another recovery via fastboot.
btw, heres a recent article about recovering data from a wiped phone http://www.theverge.com/2014/7/8/5881573/test-shows-data-can-be-recovered-from-wiped-android-phones
simms22 said:
no, its not gone. its relatively easy to recover the data, even after a factory reset, if the thief wanted to. unless the data is written over.
Click to expand...
Click to collapse
Fairly easy as in yes, I could do it. Fairly easy as in a random thief on the street, probably too much trouble and effort.
simms22 said:
wiping isnt a solution, as the wiped data is easily recoverable. and password protection for a recovery exists as well, twrp has it. and it also wont help as all you would have to do is flash another recovery via fastboot.
Click to expand...
Click to collapse
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Click to expand...
Click to collapse
Haven't tried it, but what happens if you just flash another recovery?
Lethargy said:
Haven't tried it, but what happens if you just flash another recovery?
Click to expand...
Click to collapse
How could you flash another recovery?
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
How could you flash another recovery?
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
If your bootloader wasn't locked lol
Lethargy said:
If your bootloader wasn't locked lol
Click to expand...
Click to collapse
Obviously recovery lock is pointless if either android or bootloader is unlocked.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
I say keep trying to locate the device with the Android Device Manager. The thief might not have charged it yet, or even won't at all. Might not be charged until someone buys it. Keep trying, and good luck.
rootSU said:
Fairly easy as in yes, I could do it. Fairly easy as in a random thief on the street, probably too much trouble and effort.
That's why the boatloader is locked. Yep, TWRP implemented Philz recovery lock.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
the average theif, i absolutely agree. they want to steal the device and collect money for it. but if someone is specifically looking for your data, now that doesnt sound like the average thief, thats who i would want to keep away.
bootloader locked, then unlocked, back to that data being recoverable, not by your average thief.
simms22 said:
the average theif, i absolutely agree. they want to steal the device and collect money for it. but if someone is specifically looking for your data, now that doesnt sound like the average thief, thats who i would want to keep away.
bootloader locked, then unlocked, back to that data being recoverable, not by your average thief.
Click to expand...
Click to collapse
As I've said to you in another thread, there's no protection against that and that's the same with any file system.
Working on national security issues? Don't save data on your phone.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
rootSU said:
As I've said to you in another thread, there's no protection against that and that's the same with any file system.
Working on national security issues? Don't save data on your phone.
Sent from my Nexus 5 using Tapatalk < Yes, I want you to know that I'm using a mobile client
Click to expand...
Click to collapse
lmao!
whats funny is that either we misunderstood each other, or a penguin was just spotted in the sahara desert(lol), because what you said is what i keep trying to say, theres no real protection. the best protection is that tbe average person doesnt have enough knowledge, patience, time to go after your data on a serious level. but those that are specifically targeting you for your data, those are who you should fear, as the data can be gotten to, if they really want to get it.
simms22 said:
if they really want to get it
Click to expand...
Click to collapse
It's all in the "if"
In my opinion the only worth protecting against would be the sneaky little brother or sister.
Related
Since Android is not an iPhone and it's less protected I suggest to make a password access to fastboot mode. Cause when you a robbed your phone can be easily wiped and reused. To prevent it, I ask devs to make kinda of protection for our phones(to make my idea possible). For example if you forgot your password you could write your name to unlock it. Just a crazy idea. I had 2 phones stolen and I don't want to have my nexus to be stolen too. Thanks for attention
EminSG said:
Since Android is not an iPhone and it's less protected I suggest to make a password access to fastboot mode. Cause when you a robbed your phone can be easily wiped and reused. To prevent it, I ask devs to make kinda of protection for our phones(to make my idea possible). For example if you forgot your password you could write your name to unlock it. Just a crazy idea. I had 2 phones stolen and I don't want to have my nexus to be stolen too. Thanks for attention
Click to expand...
Click to collapse
custom recoveries do have a password protection option, fastboot will never have it. but android isnt less secure than the iphone, youve been reading pro apple information. android is actually safer.
simms22 said:
custom recoveries do have a password protection option, fastboot will never have it. but android isnt less secure than the iphone, youve been reading pro apple information. android is actually safer.
Click to expand...
Click to collapse
I know about recoveries, yes they have. But it's possible to wipe data even without using recovery or am I missing something? Wipe data means losing your phone. iPhones cannot be activated without an account. You need only a password on a lockscreen and thats it. Without knowing password or account it's impossible to make it working.
Backup is data loss protection. Password is data theft protection.
Someone who knows what they're doing can get data off an iPhone, don't worry about that
-----------------------
Sent via tapatalk.
I do NOT reply to support queries over PM. Please keep support queries to the Q&A section, so that others may benefit
EminSG said:
I know about recoveries, yes they have. But it's possible to wipe data even without using recovery or am I missing something? Wipe data means losing your phone. iPhones cannot be activated without an account. You need only a password on a lockscreen and thats it. Without knowing password or account it's impossible to make it working.
Click to expand...
Click to collapse
theres a factory reset option in the main phone settings, backup and reset. theres also a backup option there that will restore everything(data and apps) when you do factory reset. if you password protect your phone, its secure as well.
rootSU said:
Backup is data loss protection. Password is data theft protection.
Someone who knows what they're doing can get data off an iPhone, don't worry about that
-----------------------
Sent via tapatalk.
I do NOT reply to support queries over PM. Please keep support queries to the Q&A section, so that others may benefit
Click to expand...
Click to collapse
I don't worry about my data, I always have a backup on my cloud or computer. We have a soft from google called "Android device manager". I think it's useful but it won't work after a data wipe. All I want to have is to block wipe data option from anywhere. So chances to find my phone will increase
simms22 said:
theres a factory reset option in the main phone settings, backup and reset. theres also a backup option there that will restore everything(data and apps) when you do factory reset. if you password protect your phone, its secure as well.
Click to expand...
Click to collapse
I got it .I have lockscreen password and for example I have a recovery protection. Isn't it possible to flash phone and use it as it was out of box?
Wont be possible as fastboot can never be locked.
Best bet would be to get an app like pray that can be modified to read and save data in /system as that has more chance of being overlooked.
-----------------------
Sent via tapatalk.
I do NOT reply to support queries over PM. Please keep support queries to the Q&A section, so that others may benefit
EminSG said:
I got it .I have lockscreen password and for example I have a recovery protection. Isn't it possible to flash phone and use it as it was out of box?
Click to expand...
Click to collapse
if its password protected, not through recovery then. but its possible via fastboot. but even if your phone gets the factory image flashed onto it, the moment you log back into your phone, your apps will reinstall, and if you enabled the data backup, most your data will get restored as well.
simms22 said:
if its password protected, not through recovery then. but its possible via fastboot. but even if your phone gets the factory image flashed onto it, the moment you log back into your phone, your apps will reinstall, and if you enabled the data backup, most your data will get restored as well.
Click to expand...
Click to collapse
Thanks for your help. As I understood it's impossible to make phone safer. It's possible to find how to make it clear..
EminSG said:
Thanks for your help. As I understood it's impossible to make phone safer. It's possible to find how to make it clear..
Click to expand...
Click to collapse
if someone really wants to access your phone, whether its an android or an iphone, they can do it. but to the everyday normal person, its very hard.
I was literally flashing something ten minutes before and then I tried going back to recovery and there were no directory so I then rebooted it says I need a password... But I never one made a password, I didn't even know there was passwords for recovery
Sent from my Nexus 5 using xda app-developers app
Never mind... Just kept rebooting then eventually the problem was gone... How can I set a password for bootloader and recovery... Just wondering if it's even possible
Sent from my Nexus 5 using xda app-developers app
You can't set a password for either (well, not to my knowledge!)
Even with a password we can fastboot flash new images.
Team Win explains this on their website.
Primokorn said:
Even with a password we can fastboot flash new images.
Team Win explains this on their website.
Click to expand...
Click to collapse
Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
Mount of external (OTG) media
adb access
file manager capabilities
This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.
recovery is the only weak point of my device.
Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.
Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.
Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.
rootSU said:
Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
Mount of external (OTG) media
adb access
file manager capabilities
This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.
recovery is the only weak point of my device.
Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.
Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.
Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.
Click to expand...
Click to collapse
Do u mean that you always have a locked BL?
Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.
Primokorn said:
Do u mean that you always have a locked BL?
Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.
Click to expand...
Click to collapse
I'm just talking about data security. That is my only concern. Devices are replaceable. Unlock bootloader, data wiped. fine!
Oh thanks everyone, I just wouldn't want a theif to use a phone they don't deserve, pretty much the only security on my phone to not go to bootloader is for no power menu on my lockscreen but you could probably use adb to get through
Sent from my Nexus 5 using xda app-developers app
That's what imei blocking is for
Sent from my Nexus 5 using Tapatalk
Is there any app to unlock android if i forgot password in future ?
Don't forget your password. There is no app
Sent from my Nexus 5 using XDA Free mobile app
jd1639 said:
Don't forget your password. There is no app
Sent from my Nexus 5 using XDA Free mobile app
Click to expand...
Click to collapse
i found app " Screen Lock Bypass Pro " , Unfortunately it's no for free :3
Just dont forget your password.
OR install a custom recovery so everyone can bypass your locksreen
If you can bypass your security with an app, you may as will forgo a password right now.
Wakamatsu said:
If you can bypass your security with an app, you may as will forgo a password right now.
Click to expand...
Click to collapse
http://forum.xda-developers.com/goo...flash-zip-bypass-nexus-5-lock-screen-t2781247
If you have a custom recovery and if someone really wanted to get in, it isn't hard lol.
Lethargy said:
http://forum.xda-developers.com/goo...flash-zip-bypass-nexus-5-lock-screen-t2781247
If you have a custom recovery and if someone really wanted to get in, it isn't hard lol.
Click to expand...
Click to collapse
If you have custom recovery, its almost pointless. Unless you have philz
Sent from my Nexus 5 using Tapatalk
rootSU said:
If you have custom recovery, its almost pointless. Unless you have philz
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
why? twrp can be passcode protected as well. anyways, its easy to get around the recovery security features as well, if a person really wants to use the phone. you can always get a stolen phone that protected in the phone and recovery, then just flash the system img on it, and itll be a "new" phone after.
simms22 said:
why? twrp can be passcode protected as well.
Click to expand...
Click to collapse
Oh that's new then. He said he would "never" add that feature.
Sent from my Nexus 5 using Tapatalk
rootSU said:
Oh that's new then. He said he would "never" add that feature.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
well, not that new..
doesnt matter anyways, as all this security isnt real security, all it does is discourage the people against breaking in, unless they REALLY want to.
simms22 said:
why? twrp can be passcode protected as well. anyways, its easy to get around the recovery security features as well, if a person really wants to use the phone. you can always get a stolen phone that protected in the phone and recovery, then just flash the system img on it, and itll be a "new" phone after.
Click to expand...
Click to collapse
The point is data protection rather prevention of use.
Sent from my Nexus 5 using Tapatalk
rootSU said:
The point is data protection rather prevention of use.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
speaking of, i just a read article a few days ago, i dont remember where.. if you wipe your phone completely, and sell it, the new user can easily still get all your info off of it, even though it was wiped.
simms22 said:
speaking of, i just a read article a few days ago, i dont remember where.. if you wipe your phone completely, and sell it, the new user can easily still get all your info off of it, even though it was wiped.
Click to expand...
Click to collapse
Yes same with any filesystem, nothing is ever deleted. It isn't easy though... But if you follow the link in my data recovery thread you can see its possible.
Sent from my Nexus 5 using Tapatalk
---------- Post added at 05:56 PM ---------- Previous post was at 05:29 PM ----------
Just further to the above.
When you do a basic format or wipe, it just clears the filesystem entries but leaves the files. If you could mount the media in a pc, you could use standard data recovery methods.
Of course you can't mount mtp devices as a drive. You could take a userdata.img and uncompress it then mount it as a loop device on linux. There are windows alternatives too.
Only way to prevent is to overwrite the blocks with other data, even if it's empty data (eg you could dd an image. ).
Not sure if fastboot unlock does something similar.
Sent from my Nexus 5 using Tapatalk
Little bit of a shameless plug. But I made a thread/video a couple of days ago about using NFC to unlock your phone. If you have root/xposed framework you can download the module, authorize an NFC tag and just leave the NFC tag somewhere safe. This way if you forget your password you can unlock your phone with the NFC tag.
Here's my thread: http://forum.xda-developers.com/google-nexus-5/accessories/quick-unlocking-nfc-smartwatch-t2826592
Or....just write the password down and keep it somewhere safe. I guess that would be the most simple solution.
That's it. I'm dunking my phone in the toilet just in case I lose my phone later.
---------- Post added at 10:41 AM ---------- Previous post was at 10:34 AM ----------
simms22 said:
speaking of, i just a read article a few days ago, i dont remember where.. if you wipe your phone completely, and sell it, the new user can easily still get all your info off of it, even though it was wiped.
Click to expand...
Click to collapse
Not necessarily easily, but data is theoretically recoverable if there's enough of the storage medium left to stick under an electron microscope. The best you can hope for is to make recovery too financially prohibitive for the attacker to consider.
Lethargy said:
http://forum.xda-developers.com/goo...flash-zip-bypass-nexus-5-lock-screen-t2781247
If you have a custom recovery and if someone really wanted to get in, it isn't hard lol.
Click to expand...
Click to collapse
that is what i needed , thanks a lot ^_^ :good:
Hello,
On the Nexus, there is https://play.google.com/store/apps/details?id=net.segv11.bootunlocker that allow to lock/unlock on the fly the bootloader. Is there an equivalent app on the OnePlus One ?
Edit: Support of the OPO in the app added on 09/01/2015.
Why? There's no point in having the bootloader locked on this device.
timmaaa said:
Why? There's no point in having the bootloader locked on this device.
Click to expand...
Click to collapse
Well if you want me to justify, I will say it this way : think about what you can do when the device is unlocked, now what if your device is stollen...
If phone is stolen with bootloader locked, the thief can still unlock and do everything as per normal lol. Only thing is your info will be wiped. Which probably doesn't matter to thief anyways. But no I have seen such app for this phone
Sent From Lollipopified Bacon Goodness!
Xoib said:
Well if you want me to justify, I will say it this way : think about what you can do when the device is unlocked, now what if your device is stollen...
Click to expand...
Click to collapse
So take better care of your phone. It's a moot point anyway because anybody who steals your phone who actually knows what to do with an unlocked device will equally know how to unlock that device anyway. They steal the phone, see bootloader is locked, unlock bootloader with a single fastboot command, have their way with your phone. Which brings me back to my initial statement, the only thing you can do is take better care of your device. Honestly, I have no idea how people get their phones stolen, it simply means they're not taking enough care with it.
---------- Post added at 07:50 AM ---------- Previous post was at 07:49 AM ----------
ek69 said:
If phone is stolen with bootloader locked, the thief can still unlock and do everything as per normal lol. Only thing is your info will be wiped. Which probably doesn't matter to thief anyways. But no I have seen such app for this phone
Sent From Lollipopified Bacon Goodness!
Click to expand...
Click to collapse
My point exactly.
Well, I know all that, it's just a "feeling" of counter forensic to know that they will have to oem unlock (so wipe) to put a custom recovery to hope hacking into my datas...
Xoib said:
Well, I know all that, it's just a "feeling" of counter forensic to know that they will have to oem unlock (so wipe) to put a custom recovery to hope hacking into my datas...
Click to expand...
Click to collapse
That's not necessarily true, as after the oneplus has been unlocked once it's possible to unlock it again without wiping userdata - if you have a custom recovery installed any way.
But to provide an answer to your question, the closest I've seen is if you install AK kernel with UKM the kernel settings app (Synapse) has an option to toggle the bootloader lock status as well as the tamper flag status.
Of course that was the scenario if you put back the original recovery.
Thanks for AK Kernel suggestion, I will have a look.
Edit: Found http://forum.xda-developers.com/oneplus-one/development/mod-reset-unlock-tamper-bit-t2820912
readers here might be interested in this...
The TWRP Password Protection Thread
http://forum.xda-developers.com/android/software-hacking/twrp-password-protection-thread-t2990816
Lanchon said:
readers here might be interested in this...
The TWRP Password Protection Thread
http://forum.xda-developers.com/android/software-hacking/twrp-password-protection-thread-t2990816
Click to expand...
Click to collapse
Hello @Lanchon, the case you describe in your point 2) is exactly what I had on my Nexus 4.
That's what I was looking for a on the fly bootlocker/unlocker in combination of putting only the custom recovery when needing to flash something.
I will also follow your thread.
Rkr87 said:
That's not necessarily true, as after the oneplus has been unlocked once it's possible to unlock it again without wiping userdata - if you have a custom recovery installed any way.
But to provide an answer to your question, the closest I've seen is if you install AK kernel with UKM the kernel settings app (Synapse) has an option to toggle the bootloader lock status as well as the tamper flag status.
Click to expand...
Click to collapse
I just noticed that option I normally just skip over that page lol. Dunno if it actually works though.
See screenshot
Sent From Lollipopified Bacon Goodness!
Rkr87 said:
That's not necessarily true, as after the oneplus has been unlocked once it's possible to unlock it again without wiping userdata - if you have a custom recovery installed any way.
Click to expand...
Click to collapse
Xoib said:
Edit: Found http://forum.xda-developers.com/oneplus-one/development/mod-reset-unlock-tamper-bit-t2820912
Click to expand...
Click to collapse
That script is what I was referring to when I said it's possible to unlock without wiping user data if you have a custom recovery installed
Powered by Bacon
Follow up: Support of the OPO has been aded to BootUnlocker (https://play.google.com/store/apps/details?id=net.segv11.bootunlocker)
Hey fellas,
Someone stole my One plus 7 Pro.
It was rooted and had TWRP and Magisk 19.x ( latest subversion before 20.x dropped). I had a passcode and fingerprint set up on my phone. It was stolen at a technical convention for students. Assuming the thief has knowledge about Android can my phone's encryption be broken to give access to my files?
Any input is appreciated.
TLDR;
>Phone got stolen at a technical convention
>Thief might have knowledge of Android
>Running Stable Android 9 latest firmware before Stable 10.0.1
>Running Magisk 19.x (Latest before 20.x dropped)
>Running TWRP 3.3.1.x
My concern, Can it be hacked/cracked to give access to the storage inside?
Thanks in advance
this is the problem of unlocked boot loader.
sathara said:
this is the problem of unlocked boot loader.
Click to expand...
Click to collapse
Thanks for the reply.
What are you implying?
Is it easy to crack through it to get the files? TWRP requires the pin to be able to boot.
Please give in more input if possible
_Rushaan_ said:
Thanks for the reply.
What are you implying?
Is it easy to crack through it to get the files? TWRP requires the pin to be able to boot.
Please give in more input if possible
Click to expand...
Click to collapse
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
You should be somewhat safe...
sathara said:
this is the problem of unlocked boot loader.
Click to expand...
Click to collapse
jisoo said:
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
Click to expand...
Click to collapse
My passcode is fairly complex. Thanks for the reassurance.:good:
jisoo said:
Unless your passcode is simple and easy to guess, they won't be able to decrypt the data using any publicly known ways.
Of course, having the bootloader locked would offer a bit more protection against the thief wiping and using the phone themselves, but even in that case there is no practical way to access your data before it gets wiped.
Click to expand...
Click to collapse
He/she still wouldn't be able to use it after a wipe because of FRP, though, right?
rickysidhu_ said:
He/she still wouldn't be able to use it after a wipe because of FRP, though, right?
Click to expand...
Click to collapse
there;s ways to bypass that, I saw a few videos of some people doing that
If you had your data encrypted as you state, I don't think anyone would even take the trouble that comes with brute forcing such encryption. He will probably just wipe it.
They may just wipe it and use it, u can black list it through you carrier
Check android device manager and see if you can locate it and remote wipe it