Yes yes, I've heard it all. "It's in the Qualcomm firmware, not OnePlus's". "This is for the majority of users that don't want a bootloader unlock". "It's to prevent attackers from masking a modified phone".
I'm not posting to ask why it's here. Anyone visiting this thread knows why. I'm not here to say that it's pointless or objectively bad.
But dude, if there's any way to remove this annoying 10 second delay from my boot sequence, I'll do it. Anything short of opening up the phone and modifying chips is fair game.
Any master hackers want to help remove the 'bootloader unlocked' screen? (relocking the bootloader is cheating)
Related
Hello,
I just want to share a confusion. The phone unlocking mechanisms nowadays are plenty. Apple patented "Swipe to unlock", while Google created "Pattern Unlock" and "Face unlock".
I find it very weird that no one thought about "Voice Unlock", specially that both Apple and Google worked hard on voice recognition for the past time and released spectacular applications.
Voice Unlock should have been done years ago and should have been so popular because, if done properly, it would be used much more than Face Unlock. If the phone can recognize its owner's voice when saying "Hello Nexus" or "Wake-up Nexus" and simply unlocks itself, that would something amazing.
I don't know what are the reasons for the delay in such technology but I do hope that it will be available soon on Android.
I just wanted to share this concern in case anyone has any idea why this unlocking mechanism has been avoided by Apple and Google.
Thanks
PeritoX said:
Hello,
I just want to share a confusion. The phone unlocking mechanisms nowadays are plenty. Apple patented "Swipe to unlock", while Google created "Pattern Unlock" and "Face unlock".
I find it very weird that no one thought about "Voice Unlock", specially that both Apple and Google worked hard on voice recognition for the past time and released spectacular applications.
Voice Unlock should have been done years ago and should have been so popular because, if done properly, it would be used much more than Face Unlock. If the phone can recognize its owner's voice when saying "Hello Nexus" or "Wake-up Nexus" and simply unlocks itself, that would something amazing.
I don't know what are the reasons for the delay in such technology but I do hope that it will be available soon on Android.
I just wanted to share this concern in case anyone has any idea why this unlocking mechanism has been avoided by Apple and Google.
Thanks
Click to expand...
Click to collapse
That would kill the battery like crazy. Not to mention leaving the mic always on could be a very big security issue as then something could be used to record everything while the screen is off. Just because you can doesnt mean you should.
zelendel said:
That would kill the battery like crazy. Not to mention leaving the mic always on could be a very big security issue as then something could be used to record everything while the screen is off. Just because you can doesnt mean you should.
Click to expand...
Click to collapse
The cam is not always on when using "Face unlock". The mic should definitely not be always on when we use "Voice unlock". Only when the user wants to actually unlock.
PeritoX said:
The cam is not always on when using "Face unlock". The mic should definitely not be always on when we use "Voice unlock". Only when the user wants to actually unlock.
Click to expand...
Click to collapse
Actually the mic would always be on, an inactive mic wouldn't be able to track said user's voice. The phone's camera is active(screen on) while the device is on, Android phones enter sleep/deep sleep after X amount of seconds. Unless you are suggesting that Voice unlock be used once a user turns on the screen...Which would be pointless since you would just use your hands or camera Via Face Unlock.
Now if you mean "hands-free" Voice Unlock, that would clearly require an active mic 24/7 so that it can always check for user input. Both seem useless though IMO. It takes like 4 secs to unlock in jelly Bean so why bother with the phone detecting your voice? That's precious time be wasted on a gimmick.
If I'm not mistaken, S Voice is capable of doing that.
i don't think so...
I think it is need a special kernel. S3 have it. maybe big guys can port it but it is must special for every device
since i have installed APM'advanced power menu' on my Xgo 4.1.2, i realized what would happen if my device get lost or stolen with pattern unlock on or moreever with anti-theft function enabled by the app?then this made me create this toppic thinking would become a good idea.
I asked this from the dev but also your ideas would be welcome...
(which one would you preffer ?
having :
-pattern/pin code set on ,then accept this risk that may your device get suddenly re-flashed or thrown away or atleast shutdown(out of power) for long time by the theft?
Or
-nothing on (or just swipe to unlock) and let the theft to easily use your phone then may getting chance to track him/her by any third party pre-installed device-tracker app?)
i myself have choosed to set swipe ,plus of its fascilities its more reasonable for me.
So how about you?
Excuse my bad English
ahmad990 said:
since i have installed APM'advanced power menu' on my Xgo 4.1.2, i realized what would happen if my device get lost or stolen with pattern unlock on or moreever with anti-theft function enabled by the app?then this made me create this toppic thinking would become a good idea.
I asked this from the dev but also your ideas would be welcome...
(which one would you preffer ?
having :
-pattern/pin code set on ,then accept this risk that may your device get suddenly re-flashed or thrown away or atleast shutdown(out of power) for long time by the theft?
Or
-nothing on (or just swipe to unlock) and let the theft to easily use your phone then may getting chance to track him/her by any third party pre-installed device-tracker app?)
i myself have choosed to set swipe ,plus of its fascilities its more reasonable for me.
So how about you?
Excuse my bad English
Click to expand...
Click to collapse
I think it depends on what kind of data you store on your phone. If there is data from my company or private photos and such I want my device encrypted and locked up, because I don't want that persons other than me are able to get this data. But that is a personal decision. Also I think as a thief I would check the phone and if there is no interesting data I would factory reset it, if there is a screen lock or not.
Is there any way to see what is going on in a phone locked with pattern? I want to see the viber dialogs. I know I can get in with the pin after 5 wrong pattern tries, but this leaves the phone locked with pin and not with pattern anymore..
Thank you
No. Asking for advice for hacking into a locked phone isn't what this community is about. Thread closed.
I just ordered a Pixel 3a and I was gone for a while from the world of Google phones (since Nexus 4).
I know Magisk hides any trace of root and unlocked bootloader, but is there any disadvantages unique to Pixel devices when rooting, like disabled features or is hiding good enough that there won't be any difference? Just to be sure
Artim_96 said:
I just ordered a Pixel 3a and I was gone for a while from the world of Google phones (since Nexus 4).
I know Magisk hides any trace of root and unlocked bootloader, but is there any disadvantages when rooting, like disabled features or is hiding good enough that there won't be any difference? Just to be sure
Click to expand...
Click to collapse
Nothing as far as i know.
Unstroofy said:
Nothing as far as i know.
Click to expand...
Click to collapse
That sounds great. Wasn't sure if they might have done something through the Titan M or else
Rooting means unlocking your bootloader. This makes your phone at greater risk of being compromised - especially if someone has physical access to your phone (ie you lost it and someone finds it). Therefore you don't want to leave your bootloader unlocked if you have any sort of sensitive, illegal, or secret information on your phone. That's the #1 issue you have to live with. Of course for 99% of the population, there isn't anything really sensitive on their phones.
Google Pay can be hard to get working when rooted. There are ways to make it work, but it's always a cat and mouse game with Google and it may not always work in the future if Google changes something until the developers can catch up. If you can't live without Google Pay, rooting may not be the best choice for you.
There are other apps that can be temperamental when rooted - usually finance apps and some games (because they don't want players cheating). However, the Magisk hide functionality usually works with most of these apps now.
For me, the added functionality that being rooted brings (via modules and apps) is far better than the potential issues.
sic0048 said:
Rooting means unlocking your bootloader. This makes your phone at greater risk of being compromised - especially if someone has physical access to your phone (ie you lost it and someone finds it). Therefore you don't want to leave your bootloader unlocked if you have any sort of sensitive, illegal, or secret information on your phone. That's the #1 issue you have to live with. Of course for 99% of the population, there isn't anything really sensitive on their phones.
Google Pay can be hard to get working when rooted. There are ways to make it work, but it's always a cat and mouse game with Google and it may not always work in the future if Google changes something until the developers can catch up. If you can't live without Google Pay, rooting may not be the best choice for you.
There are other apps that can be temperamental when rooted - usually finance apps and some games (because they don't want players cheating). However, the Magisk hide functionality usually works with most of these apps now.
For me, the added functionality that being rooted brings (via modules and apps) is far better than the potential issues.
Click to expand...
Click to collapse
Tl;dr: nothing new. And never had a problem with any apps. Magisk Hide is working well enough, deleting apps data always works as last resort. And on custom ROMs just use MagiskHide Props Config. And if you are concerned about your data, just use the lockscreen passport as bootup protection. Then it's simply impossible to get to the data through that "insecurity", no matter what you do. And since fingerprint readers a more complex password isn't a problem.
Artim_96 said:
Tl;dr: nothing new. And never had a problem with any apps. Magisk Hide is working well enough, deleting apps data always works as last resort. And on custom ROMs just use MagiskHide Props Config. And if you are concerned about your data, just use the lockscreen passport as bootup protection. Then it's simply impossible to get to the data through that "insecurity", no matter what you do. And since fingerprint readers a more complex password isn't a problem.
Click to expand...
Click to collapse
I'm not sure exactly what you mean by lock screen passport. Can you share some more details?
The insecurity comes from the fact that a person that has physical access to your phone can simply turn the phone off and then start it and hold the power and volume up buttons. This will boot the device into the bootloader. Because the bootloader is unlocked, it allows that person the ability to flash anything and gives that person access to anything they want. That super secure lockscreen password or fingerprint won't help keep them out and does nothing but give users a false sense of security.
When the FBI paid a 1 million dollar bounty to someone to access an iPhone, they were paying someone to get around the bootloader. If you unlock your bootloader, you give this access right from the beginning - for free, and without any effort required.
I'm not trying to be argumentative either. You asked what the drawbacks to rooting were and I was simply trying to give a thorough answer. It's up to the individual user to decide if the the positives of unlocking the bootloader and rooting outweigh the negatives. If you look at my signature, you can see what side of the fence I fall on.
sic0048 said:
I'm not sure exactly what you mean by lock screen passport. Can you share some more details?
The insecurity comes from the fact that a person that has physical access to your phone can simply turn the phone off and then start it and hold the power and volume up buttons. This will boot the device into the bootloader. Because the bootloader is unlocked, it allows that person the ability to flash anything they want. That super secure lockscreen password or fingerprint won't help keep them out.
Again, I'm not familiar with this lockscreen passport you mention, so perhaps there is a way to secure the phone that I am not aware of.
I'm not trying to be argumentative either. You asked what the drawbacks to rooting were and I am simply trying to give an thorough answer. It's up to the individual user to decide if the the positives or rooting and unlocking the bootloader outweigh the negatives. If you look at my signature, you can see what side of the fence I fall on.
Click to expand...
Click to collapse
Was a typo,I meant lockscreen password. Android should ask you, if you set up a lock method other than Swipe to unlock, if you want to be asked for it on bootup.
So no matter what you are able to flash through an unlocked bootloader, /data and with it anything that could be relevant stays encrypted until you enter the lockscreen pin/pattern/password, no matter if you do this on the screen that will interrupt bootup after a few seconds or in TWRP. So it doesn't matter what you could come up flashing, as long as you don't find a way to extract the encryption key from the secure storage either in Titan M or any ARM processor, there is no way to get your hands on user data. The only thing you can do is simply wipe /data. Then you can start up new, but the users data will be gone.
And no, I never asked for disadvantages of root itself since there are little to none, I just asked for Pixel unique stuff since Google always adds stuff that other OEMs won't use for years to come.
Artim_96 said:
And no, I never asked for disadvantages of root itself since there are little to none, I just asked for Pixel unique stuff since Google always adds stuff that other OEMs won't use for years to come.
Click to expand...
Click to collapse
I misunderstood your initial post then, but the title of the thread says, "Disadvantages of rooting?"
sic0048 said:
I misunderstood your initial post then, but the title of the thread says, "Disadvantages of rooting?"
Click to expand...
Click to collapse
Fixed that. Hope the text is more clear now.
But could you reproduce what I explained? Because I would be very surprised if that was unique to Motorola and not AOSP
Hello;
After looking for hours about this I'm very angry because of the stupidity of Google. Here I go:
I have configured fingerprint to unlock my phone because I sometimes can't or it's very uncomfortable for me to unlock my phone with a password / PIN / Pattern because using with one hand and I need to unlock as fast as possible all the time.
Now it comes the stupidest thing I've ever seen in my life: no matter what, the phone will ask me to enter whatever I have configured for security, rendering my fingerprint totally useless. This is completely nonsense because it's not configurable by the user. The correct way of doing this is to enable an option for the user to choose: "Additionally ask every 72 hours for the password to provide extra security". Just a checkbox that can be enabled or disabled, because Google should think about the user. This security crazy paranoia is making devices less secure, because people who don't want to enter their password when they have configured fingerprint choose to disable security completely to stop being asked for the damn password.
But I'm asking here because I absolutely know there is a way to disable this, I don't care if it involves hacking / opening / soldering the device, anything to stop this will be welcome, because for me is completely necessary, or else I will have to either sell the phone or disable security completely. Entering the password on startup or when your finger fails 3 times is ok and full of sense, I have no problems with that, but every 72 hours because yes is an absolute no-no, sorry.
I hope somebody knows the exact formula to [email protected] Google / Xiaomi back, because they are simply stupid.
Thanks.
P.S: Please, if you are about to say things like "it's a feature" or "I like it, it makes more secure your device so it makes sense" or "somebody could cut your finger and use it", I prefer you don't post a comment, because I'm looking for a solution not an explanation on why it is like that to understand why the things are done like they are done, I hope you understand.
How about a factory reset?
bigogofthewest said:
How about a factory reset?
Click to expand...
Click to collapse
I think this is the right decision.
Dassote said:
I think this is the right decision.
Click to expand...
Click to collapse
This is bad design from Google. When I was in the crowd (e.g. inside the train), people surrounding me were looking at my finger typing the PIN as I was not able to unlock it using my fingerprint anymore after 72 hours. It makes the phone becoming very insecure. You should lock the phone with PIN only when I am not inside the crowd (e.g. during evening hour)