Related
I am wanting to encrypt my phone and sd card. I have been reading around about it all week and still don't understand a few things. I though that the encryption was like blackberry encryption, where you put the password in every time you turn the phone on to the screen lock. After a bit of reading, I understand that the "decryption" is only done at boot up by putting the password in once. After that, you have to put the same password in at the screen lock simply because of a limitation of Android not allowing two different passwords. I do know that there are new ways to use a different password on the screen lock, and even a pattern lock, that's not my issue.
Here are my questions....
1) If the device is technically decrypted after boot up, is the screen lock the only security on the phone once it's turned on?
2) Does the screen lock of an encrypted device have any stronger security than that of an unencrypted device? If not, it seems like the phone is still very vulnerable as long as it's turned on.
3) Finally, on a Blackberry, a wipe is performed by erasing the encryption key. This makes an almost instant wipe of the whole phone and sd card. I know an encrypted device has to be wiped the same as an unencrypted device, but is Android programmed in a way that the encryption ket is wiped first, in case someone pulls a battery or forces a phone off during a wipe? I know that's far-fetched, just curious about how it works.
Maybe I am just missing something very obvious but it seems like there is no option to wipe the phone after misentering the password multiple times (BB or iphone style)?
I know it can be done with Exchange policies but it will be a cold day in hell before I go THAT route...
nupi said:
Maybe I am just missing something very obvious but it seems like there is no option to wipe the phone after misentering the password multiple times (BB or iphone style)?
I know it can be done with Exchange policies but it will be a cold day in hell before I go THAT route...
Click to expand...
Click to collapse
It's not a standard option in Android (I for one am glad - I've accidentally wiped my work Blackberry more than once when inebriated). Android Device Manager (or the Motorola equivalent) both allow a manual remote wipe from a PC or another Android Device.
It's possible for apps to monitor incorrect password entries (no root required just a Device Administrator Permission), although I'm not sure if an automated wipe is possible without root. Take a look around the play store to see if anything meets your needs.
I use the automation app MacroDroid along with Secure Settings (both in the playstore) on my unrooted MotoG. The way I've got it set up is that 3 failures to enter correct PIN changes it to Password mode, a further 3 failures will prevent the phone from waking up (by automating a screen lock associated with the screen coming on). As-well as that it will automatically take and email to me front and rear camera photos, and the phones location on the change from Pin to Password, and again on the change to 'Lockdown' mode. I can send it an SMS with a special message in the text to get it to repeat this. I'm toying with the idea of setting it to shout 'Thief!' repeatedly at full volume when someone tries to turn on the screen when it's locked down
It is not exactly that what you were asking for. But i just wanted to mention also Cerberus here.
It brings a lot of nice features to control your phone remote.
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
definitely sounds like there's an issue there. Do you have a custom recovery? If so, you could boot into that, pull some data and see if it opens. If it does, yeah its not encrypted.
Not worth mentioning degradation. All encryption always has and always will have performance degradation. It's par for the course
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
mattkroeder said:
That sounds like a good idea. If it's not encrypted, then I guess the only method is to wipe and reinstall again.
Click to expand...
Click to collapse
I think so. You can't reverse the encryption flag without a wipe I dont think
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
I went ahead and wiped the phone again. I reinstalled lollipop and made sure to enable a lockscreen PIN before I enabled encryption. It seems to have encrypted properly. It prompts me for my PIN at boot up now.
You make a good point about encryption making it more difficult for someone to get a hold of me if I lose the phone though.
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
this worked for me also
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
JoyrexJ9 said:
Same problem here, with Nexus 5 and Android v5
My work Exchange server enforces a security policy to the phone which forces you to enable encryption. So I went ahead and did that, and the email app is still saying that encryption needs to be enabled. When I reboot the phone I never get prompted for a PIN to decrypt the device, yet in the settings screen it says it is encrypted.
I'm going to have to re-flash. Is it possible the issue is caused by leaving the bootloader unlocked? or is this is a bug?
EDIT: Update. Reflashed, but first thing I did was relock the bootloader and enable a security screenlock PIN, *then* encrypted the phone. Now it's prompting me for a PIN on boot and looks like it's worked. Hope the Exchange email policy stays happy this time, as it worked before for about a day before it complained about the lack of encryption
Click to expand...
Click to collapse
mattkroeder said:
Hey guys
I flashed the factory images last night effectively wiping my Nexus 5 and starting from scratch. I did not restore apps and settings either. After I manually installed a bunch of my apps back and changed around a few settings, I decided to enable encryption. However, I don't think it enabled properly.
First, I had not set a PIN lock on my phone yet at the time.
When I decided to enable encryption and go through the process, it didn't ask me to enter a PIN.
It seemingly completed encrypting the phone. When I go back to the security menu, it says "Encrypted".
However, I am not prompted to enter a PIN upon booting the phone (not talking about the lock screen PIN).
So, it seems like it didn't work but I'm not sure. Has anyone else enabled encryption yet?
and yes, I saw the performance degradation that comes with enabling encryption but I'd rather have the security.
Click to expand...
Click to collapse
If you set up a screen lock pin the phone will ask you then if you would like the PIN to be enabled or not at boot.
kenshin33 said:
Not sure, but i think it's designed to works just like that, the encryption key is not the PIN anymore but something (random?) that is stored somewhere on the phone.
that would protect the data in case someone tries to read it directly from the phone's memory, but useless if you don;t have a PIN/PASSWORD.
I avoided encryption before for exactly that reason (requiring a password to boot). If I lose the phone I want the person that found/stole it to be able to at least boot it. if the person is not a thief there's a contact number so they can call me to give it back. if he/she's a thief well, as long as it's on I can call it, track it, wipe it. even brick it.
by not being able to boot it, the chances of getting it back are 0 if the battery dies or is dead!
http://readwrite.com/2014/10/28/google-android-lollipop-encryption-issues
there isn't much info out there about it.
Click to expand...
Click to collapse
Sorry for OT, but how can you remotely brick your phone? Just curious in case I ever need to. Don't live in the best of neighborhoods. I can remote wipe, track, take pics. The normal lost/stolen stuff, but I haven't heard of remotely bricking a phone ever.
Nexus 5 still looking to be encrypted
Only a temp fix---Both my Nexus 7, and Nexus 5 just started asked to be encrypted again....
This is still a problem with Lollipop
thegasmaster said:
I did what was stated below and it worked....
1. reflashed,
2. locked bootloader
3. created lock pin
4. encrypted, THEN
5. added MDM control (MAAS360) and exchange email.
It seems to work OK now.
Thanks!
Click to expand...
Click to collapse
wipe efs partition (I do have a backup on my computer) and the phone is no longer a phone.
Just to be clear, you can enable encryption on Android 5.0, and it will not force you to lock the phone. (Like the PIN screen and boot lock). When you buy a Nexus 6/9 the data partition is encrypted but there's no lock set. The following is from this article;
First, the encryption doesn't help much if you haven't set a passcode. Ludwig said studies have shown that roughly have of users don't set passcodes on their devices, largely because they find it inconvenient to keep entering them dozens of times a day. Lollipop will still encrypt your data, but it will also automatically decrypt it in normal use. So if you don't have a passcode, much of your information will be available to anyone who picks up your phone.
Click to expand...
Click to collapse
So if you've enabled encryption, and gone through the process, you're phone data partition is encrypted. It's just not locked down until you use some kind of phone lock too. BTW, the article goes on to describe the limited usefulness of having an encrypted data partition and no phone lock;
Lollipop's encryption still offers some limited protection even under those circumstances—for instance, by protecting stored data against anyone who tries to read it directly from the phone's memory. That could shield user passwords and other sensitive data from attackers.
Click to expand...
Click to collapse
As to why Exchange policies don't see the phone as encrypted is probably due to another issue.
Setting PIN to be required at startup after encryption possible fix
I now have my Nexus 5 & 7 working with exchange on Lollipop using this-
1. Reflashed Lollipop
2. Let phone reinstall all my apps
3. Locked bootloader.
4. Set a screen lock PIN
5. Encrypt phone
6. Set screen lock PIN to be required on start up (this was missing before!)
7. Installed MDM control via Mass360-all policies look to be met, including encryption
8. Installed my exchange account via Gmail
//code.google.com/p/android/issues/detail?id=79342
Updated thread with solution
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
--
Solution :
For those of you who find they have this problem and have not solved it, I found a solution that works, related to a bug (feature?) in Accessibility.
Apologies if this was suggested further in the thread, and that I'm replying to an old post. But I recently had this problem and figured out a solution.
- Accessibility was enabled and for some reason this cached the boot password. So- when I removed the app (rights) and turned off accessibility, and changed (reset/reentered) the password in security settings... On next boot the phone correctly asked me for password.
YMMV.
subs said:
I posted this elsewhere... But I'm having the same problem. Any thoughts? I can post more details, but don't want to repost this everywhere that I see people having the same unresolved problem.
---
* It used to be that when I did a reboot or shutdown and restart, I would have to enter a password before the system fully started.
* But now the phone boots into the phone without putting in my password. I can reboot the phone and it will boot all the way to the Lock screen, and I can unlock the lock screen with my fingerprint or my backup password.
* I am concerned that somehow my device is either no longer encrypted or that there is some setting which has stored the boot password.
Click to expand...
Click to collapse
Hi, please try not to bump threads almost a year old. I realise that it might have taken you a while to actually reach this thread, but hear me out.
Opening a new thread is always better, since software versions, features and devices are most likely different, along with different device usage habits/users.
You say you're having "the same problem"... as.. who exactly? There's a bunch of different specific "issues" that relate to encryption. Be specific.
For instance, you mentioning fingerprint sensor leads me to presume that you are not using a Nexus 5.
Sent from my Nexus 10 using Tapatalk
I just got my pixel, and found two very bitter disappointments. First, as expected, even an unrooted device will not pass safetynet (i.e., let you run android pay) if you've unlocked the bootloader.
Second, however, and a bit more of a shock, there appears to be no way to require a passphrase on bootup. The option on the nexus 5X and 6P that you get while selecting a PIN simply does not exist. So does this mean there is basically no way to secure my phone?
This is doubly infuriating. On one hand Google wants to prevent me from learning my own device encryption keys, supposedly in the name of security. But then on the other hand, they reserve the right to extract my keys themselves if they ever sign a backdoored bootloader (that can extract the now unencrypted keys from firmware).
For me the whole benefit of the fingerprint reader has been that it lets me select a very long boot passphrase, since I don't have to type it to unlock the phone. However, I'm now seriously considering removing the PIN from my lockscreen so I don't delude myself into storing anything of value on my phone.
Am I the only one super annoyed at these security developments?
Mine asks for my pin on first login.
Moogagot said:
Mine asks for my pin on first login.
Click to expand...
Click to collapse
Yes, but by the time it prompts for a PIN, it has clearly already decrypted the flash storage. So this means that if your bootloader is unlocked, someone could have messed with your system partition to bypass the lockscreen.
15xda said:
Yes, but by the time it prompts for a PIN, it has clearly already decrypted the flash storage. So this means that if your bootloader is unlocked, someone could have messed with your system partition to bypass the lockscreen.
Click to expand...
Click to collapse
That's not true. With device encrypted data and Direct Boot enabled, this restricted mode allows apps to perform limited actions and access non-personal data (i.e. specific system files), allowing it to boot up to the lock screen securely without any user interaction.
You have to enable it though, by going to developer options and selecting "covert to file encryption”. This WILL perform a factory reset though.
msaitta said:
That's not true. With device encrypted data and Direct Boot enabled, this restricted mode allows apps to perform limited actions and access non-personal data (i.e. specific system files), allowing it to boot up to the lock screen securely without any user interaction.
You have to enable it though, by going to developer options and selecting "covert to file encryption”. This WILL perform a factory reset though.
Click to expand...
Click to collapse
There is no "convert to file encryption" option in the developer options on the Pixel. Anyway, since the lock screen shows personal images and notifications and such, clearly a lot of data is available if someone decrypts the file system, even if there were an option to double-encrypt a few individual sensitive files. Anyway, what are the chances that every app developer encrypts every file I care about? This is why I want full device encryption, and I want full device encryption without storing my keys someplace where a backdoored bootloader can get at them.
15xda said:
Anyway, since the lock screen shows personal images and notifications and such, clearly a lot of data is available if someone decrypts the file system, even if there were an option to double-encrypt a few individual sensitive files.
Click to expand...
Click to collapse
Well, I stand partially corrected, actually. The device definitely seems to show some of my settings on reboot, like, for instance, volume. On the other hand, it can't receive VOIP calls (suggesting it doesn't have access to the SIP password I configured in the dialer), and incoming mobile calls don't show the contact name. So I guess it does offer some protection, but it's much harder to figure out what.
In case anyone lands on this thread, here is an explanation of what is happening on bootup:
https://developer.android.com/training/articles/direct-boot.html
The short answer is Pixel uses file-based-encryption now instead of disk-based encryption. I'm still not happy about this design because it somewhat reduces privacy and potentially complicates examining applications as root, but it's not as bad as I originally throught.
Hey!
It's my first post here so it this isn't the best place for such a question then by all means mods pls move the thread to where it should be
Basically, where I'm currently living (Brazil), things tend to get pretty violent and phone thefts are very common. Now the thing is, if it's an iPhone usually the thieves just throw it away, as once it's locked it becomes useless. When it comes to Android though, some of them will dig deep trying to access your info like pictures, passwords, bank information, among other things. They even manage to break IMEI locks and stuff. I got my S5 stolen recently and the information theft part put me through hell. Yet, I'd much rather have an S8+ then any other iPhone currently, so my question is how could I completely theft proof it?
I'm not really worried about them restoring the phone and reselling it, more about them accessing the data inside of it. I know the SD card can be protected through cryptography (although would accept "stronger" tips if there are any). When it comes to apps, aside from the basics of trusting what you install and stuff, are apps like Cerberus, Knox 2.0, or other Samsung features I'm not aware of, any good against someone who knows what they're doing? Is there a way to disable airplane mode or power offs? Also what is probably my strongest concern: is there a way to completely not allow system changes through a computer, like the one that removes the lock screen?
Being a programmer and computer science undergrad student (although not specializing in security nor mobile), I'd have no problem if the solutions would involve some coding or tweaking, just as long as they prove to be effective.
So, would you guys have any tips on how to completely secure the data given those concerns?
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Gary02468 said:
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Click to expand...
Click to collapse
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
xile6 said:
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
Click to expand...
Click to collapse
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
I use smart Lockscreen protector to prevent somebody putting my phone to airline mode or shutting it down ( It won't help phones with removable battery)
If you have the phone encrypted and have the require pin on boot set. And you have the Qualcomm version that is locked down you have nothing to worry about.
Even the iPhone 7 has been jail broken or rooted the S8 with the Qualcomm chip is one of only a few phones that have not been hacked. It's actually WAY more secure than an iPhone.
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
The phone is completely encrypted, so if you set it to require a password to restart and to turn the screen back on, then its contents are unreadable without the password regardless of how you connect to it.
lvrma said:
...
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
If you have a lock screen set you can lock the status of your phone(wifi state, airplane mode, power settings). This way you have to unlock it to toggle these modes.
I just ran across this, some good advice.
http://thedroidguy.com/2017/04/setu...security-features-tutorials-1071462#Tutorial1
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
BratPAQ said:
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
Click to expand...
Click to collapse
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
the easiest way to encrypt sd and phone, enable adoptable storage.
cantenna said:
the easiest way to encrypt sd and phone, enable adoptable storage.
Click to expand...
Click to collapse
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless[.] Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Gary02468 said:
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Click to expand...
Click to collapse
oh yea, may bad, i often assume everyone on xda is here because there interested in unlocked boot loaders, root and custom kernels. My recomindation applies only to people who have unlocked pandor's box only.
the method of encyption you suggested the isnt availble for users like me but we can enable adoptable storage which does encrypt the system by other means and it is compatible with root, etc
dynospectrum said:
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
Click to expand...
Click to collapse
Where can you get/ how can you make such a cover?
Also sometimes when I'm in bad Areas, I go to developer options and turn on some of the screen update stuff, so it flashes the screen purple a lot and make it look messed up.