Related
sorry for my bad englisch!
because i have a big problem! my dad (over 60) has forget the pattern.
but we need the pictures from the phone (the rest is not important). we build a house and need the pictures with the pipes and the measure.
usb debugging is off
bootloader is locked
what can we do? Thanks!
Do you have TWRP installed? Boot to TWRP; and just transfer the photos to your PC, of course connect it to a usb cable.
Your PC should be able to find your Nexus 5
With a locked bootloader you are out of luck, unless he can remember the pattern.
thanks for your answer. no custom recovery installed.
it's a big bug! i can't reset the pattern. i think google must rework. why is there not a option: forget password or anything else.
Because then if someone stole your phone they could access your data. The whole point of creating patterns/pins is to keep others out of your phone. If it could be reset then it would be pointless. The only way to reset is to have all data wiped in the process, thereby keeping others from getting it.
I understand your frustration, I would just suggest getting your dad to try some more to see if he can get it. It is really nobody's fault.
i pay 200€ for a user, they bring me my pictures back! i need help!
There are 2 solutions actually, one: tell your dad that if in 3-days time, he doesn't remember the password, you'll commit suicide or something like that.Two: set your device to i-am-extremely-broken mode and install Android again.
Without ADB/root you'll do nothing. If you'd have root you'll probably can dump data partition and extract data from it.
Hey!
It's my first post here so it this isn't the best place for such a question then by all means mods pls move the thread to where it should be
Basically, where I'm currently living (Brazil), things tend to get pretty violent and phone thefts are very common. Now the thing is, if it's an iPhone usually the thieves just throw it away, as once it's locked it becomes useless. When it comes to Android though, some of them will dig deep trying to access your info like pictures, passwords, bank information, among other things. They even manage to break IMEI locks and stuff. I got my S5 stolen recently and the information theft part put me through hell. Yet, I'd much rather have an S8+ then any other iPhone currently, so my question is how could I completely theft proof it?
I'm not really worried about them restoring the phone and reselling it, more about them accessing the data inside of it. I know the SD card can be protected through cryptography (although would accept "stronger" tips if there are any). When it comes to apps, aside from the basics of trusting what you install and stuff, are apps like Cerberus, Knox 2.0, or other Samsung features I'm not aware of, any good against someone who knows what they're doing? Is there a way to disable airplane mode or power offs? Also what is probably my strongest concern: is there a way to completely not allow system changes through a computer, like the one that removes the lock screen?
Being a programmer and computer science undergrad student (although not specializing in security nor mobile), I'd have no problem if the solutions would involve some coding or tweaking, just as long as they prove to be effective.
So, would you guys have any tips on how to completely secure the data given those concerns?
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Gary02468 said:
You can set the phone to require a password to decrypt it when it's restarted. You can encrypt the SD card too. You can set it to lock instantly when the screen turns off. And you can use only a password to unlock it (no biometrics), which is the most secure option (if you use a suitable password). Finally, you can set the phone so that you can wipe it remotely, or to wipe itself after a number of consecutive incorrect password attempts. But even without the last two measures, your data will be unreadable without your password.
Unfortunately, though, if thieves are violent enough, they may be able to coerce you into divulging the password. If they succeed, they have full access to your phone.
Click to expand...
Click to collapse
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
xile6 said:
The sd card can be Encrypted and if you have a password lock (fingerprint irsi etc...) then it will ask for that before it will unlock the phone.
Also they have a remote wipe. You can log i to google and remote wipe your phone when you found out its been stolen.
Click to expand...
Click to collapse
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
I use smart Lockscreen protector to prevent somebody putting my phone to airline mode or shutting it down ( It won't help phones with removable battery)
If you have the phone encrypted and have the require pin on boot set. And you have the Qualcomm version that is locked down you have nothing to worry about.
Even the iPhone 7 has been jail broken or rooted the S8 with the Qualcomm chip is one of only a few phones that have not been hacked. It's actually WAY more secure than an iPhone.
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
The phone is completely encrypted, so if you set it to require a password to restart and to turn the screen back on, then its contents are unreadable without the password regardless of how you connect to it.
lvrma said:
...
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
If you have a lock screen set you can lock the status of your phone(wifi state, airplane mode, power settings). This way you have to unlock it to toggle these modes.
I just ran across this, some good advice.
http://thedroidguy.com/2017/04/setu...security-features-tutorials-1071462#Tutorial1
lvrma said:
What about stuff like that Dr. Fone Toolkit that supposedly removes the lock screen? From the quick look I took it seems it somehow patches the Android on the phone to remove the lock screen. Is there some sort of system encryption/lock to avoid that kind of stuff when connected to a computer?
Click to expand...
Click to collapse
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless... Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
BratPAQ said:
Like you, I'm interested with this topic, but unlike you, I would like the theief to have a useless phone if they cant unlock it. So that they would think twice the next time they want to steal an android. Else they would just continue stealing since you just put the phone on download mode, connect to a computer and root it.
About your question. Isnt disabling usb debugging mode on developer option block that risk? Also in my note 4, enabling knox will prevent your device from being rooted, at least thats what i understand from the description. i wonder where it is in s8.
speaking of knox, s8 has "Secure folder". its like a secured environment within a phone. Everything you put in here will be protected by knox. Apps, accounts, files, etc. And it would ask for another security to access it(pattern/pin/password).
you mentioned cerberus app, it has a function than can wipe device memory and wipe sd card via SMS command. so if you are fast enough, while the thief is running away and before he pulls out your sim card from the phone, you can send an sms command to wipe data.
Since you mentioned you are a programmer, this may be interesting to you, locking download mode and recovery mode on android to prevent thief from flashing hack to your phone. but this require a bit of patience if android isnt your forte.
https://ge0n0sis.github.io/posts/20...-mode-using-an-undocumented-feature-of-aboot/
Click to expand...
Click to collapse
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
the easiest way to encrypt sd and phone, enable adoptable storage.
cantenna said:
the easiest way to encrypt sd and phone, enable adoptable storage.
Click to expand...
Click to collapse
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
lvrma said:
Usually they just put it on airplane mode though, so google remote wipe is useless[.] Which is why I was looking for more of an offline fix through cryptography and such
Click to expand...
Click to collapse
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Gary02468 said:
How is that easier than just selecting the Settings options to encrypt the SD card and to require a password to unlock upon restart?
---------- Post added at 06:08 AM ---------- Previous post was at 05:11 AM ----------
Yes, and even without airplane mode, they can physically enclose the phone to block all electronic signals. Encrypting the phone (and SD card), using a secure password as the sole unlock method, affords the strongest protection against all attacks (except coercing the password from you).
Click to expand...
Click to collapse
oh yea, may bad, i often assume everyone on xda is here because there interested in unlocked boot loaders, root and custom kernels. My recomindation applies only to people who have unlocked pandor's box only.
the method of encyption you suggested the isnt availble for users like me but we can enable adoptable storage which does encrypt the system by other means and it is compatible with root, etc
dynospectrum said:
Don't put your phone anywhere besides your pocket. Get a cover that makes it look like as different phone with a cracked screen.
Click to expand...
Click to collapse
Where can you get/ how can you make such a cover?
Also sometimes when I'm in bad Areas, I go to developer options and turn on some of the screen update stuff, so it flashes the screen purple a lot and make it look messed up.
Can the data in an iphone can be erased like android mobile by going to recovery mode by pressing 2/3 buttons of mobiles . If not then what happens ?
What? If you want to know about resetting an iPhone, ask in an iPhone forum?
Sent from my SM-G955U using Tapatalk
I don't want to reset an iPhone, I''m just asking a security case. Let's imagine our android being stolen, then the thief can certainly press the power and volume key and can easily wipe data and factory reset the mobile phone by just simply going to recovery. So it'll be impossible for us to find the phone.
But I'm asking in case of an iPhone is this same case possible? Can a thief just simply wipe the data and reset the mobile by pressing some keys and without unlocking the mobile ?
Gotcha. I haven't used an iPhone in years, so don't know.
I still think it's weird to ask an iPhone reset question in an Android forum though. You would probably get your answer in a minute if you just ask in an apple forum...
Sent from my SM-G955U using Tapatalk
Isn't the whole point of factory reset protection on android that it renders the device useless to someone who does this? Sure, it won't stop them actually resetting it, so you won't be able to track it afterwards, but the idea is that the thieves will learn that it's a waste of time.
Apple have something to prevent you just wiping a phone and making it yours, but I can't remember the details (i.e. whether it prevents the reset or, like the Google version, prevents you from using it afterwards).
Sent from my Pixel 2 using XDA-Developers Legacy app
I concur with @Large Hadron
On an iPhone, someone could enter the password incorrectly several times and the device would be wiped. It would not be usable, but it would be wiped. They could also connect the iPhone to a computer / mac with itunes and flash a factory image from there. Again, the device would be useless to them, but you wouldn't be able to recover your device from the thief.
Comparing an iPhone to a Pixel 1 or 2, both device could easily have the data wiped from the device. To that effect, the data is secure on both devices, which is by far the most important part. Recovering your lost / stolen device is an entirely different conversation. The benefit of an iPhone when lost / stolen is the device is a brick without the previous user's icloud email and password. Once it boots up, it asks for this before you can setup the phone. There is no way around this (without Apple's intervention). On a Pixel 1 or 2, the device could be wiped, but I believe the thief could then use the phone as their own. There is nothing that would "brick" the phone after a full data wipe.
If you are worried about your data, either phone is good (don't unlock bootloader and don't oem unlock). If you are worried about the hardware, you are responsible for that.
dbrohrer said:
I concur with @Large Hadron
On an iPhone, someone could enter the password incorrectly several times and the device would be wiped. It would not be usable, but it would be wiped. They could also connect the iPhone to a computer / mac with itunes and flash a factory image from there. Again, the device would be useless to them, but you wouldn't be able to recover your device from the thief.
Comparing an iPhone to a Pixel 1 or 2, both device could easily have the data wiped from the device. To that effect, the data is secure on both devices, which is by far the most important part. Recovering your lost / stolen device is an entirely different conversation. The benefit of an iPhone when lost / stolen is the device is a brick without the previous user's icloud email and password. Once it boots up, it asks for this before you can setup the phone. There is no way around this (without Apple's intervention). On a Pixel 1 or 2, the device could be wiped, but I believe the thief could then use the phone as their own. There is nothing that would "brick" the phone after a full data wipe.
If you are worried about your data, either phone is good (don't unlock bootloader and don't oem unlock). If you are worried about the hardware, you are responsible for that.
Click to expand...
Click to collapse
An Android phone works exactly the same way. If you wipe it from recovery, FRP (factory reset protection) kicks in, Once that happens, you are required to log on to the last account that the phone was used on (just like Apple). If you don't know the previous account and or password, there's no way you can use the phone.
You can factory reset from settings without triggering FRP though. Doing so removes all accounts from the phone and anybody can then use it. It's assumed since you are in settings, you've already logged on when you last booted the phone. A thief wouldn't be able to get into settings to reset it as he or she wouldn't know the password to unlock the phone.
robocuff said:
An Android phone works exactly the same way. If you wipe it from recovery, FRP (factory reset protection) kicks in, Once that happens, you are required to log on to the last account that the phone was used on (just like Apple). If you don't know the previous account and or password, there's no way you can use the phone.
You can factory reset from settings without triggering FRP though. Doing so removes all accounts from the phone and anybody can then use it. It's assumed since you are in settings, you've already logged on when you last booted the phone. A thief wouldn't be able to get into settings to reset it as he or she wouldn't know the password to unlock the phone.
Click to expand...
Click to collapse
Cool. I didn't know that. Thanks for that info
dbrohrer said:
Cool. I didn't know that. Thanks for that info
Click to expand...
Click to collapse
And if you really want to perfectly protect all your encrypted files, never open the bootloader. Because there's no way to flash something in the phone if the bootloader is closed. And there's no way to Open the bootloader without wiping all your personal data in the process.
Now if you decide to open the bootloader, files are still encrypted, so it's not a big deal.
Regarding the annulment of an Android device, when it is stealed: That happens with any modern Android phone. Basically, Google bans the phone from their cloud servers. A phone without google account is like an iPhone without Apple/iCloud accounts, almost useless.
P.S.: an open bootloader in Android is like a Jailbreak in iOS, but totally OFFICIAL and supported by Google/Android. You don't lose any functionality like with Jailbreak (if that thing still exist today...).
From my point of view, Google should ask PIN before accessing Fastboot mode and Recovery mode. but this is just to prevent a bad joke from a friend or something like that. (Not when your phone is lost forever, you just want to ban that device from Google servers so can't be used again).
robocuff said:
An Android phone works exactly the same way. If you wipe it from recovery, FRP (factory reset protection) kicks in, Once that happens, you are required to log on to the last account that the phone was used on (just like Apple). If you don't know the previous account and or password, there's no way you can use the phone.
You can factory reset from settings without triggering FRP though. Doing so removes all accounts from the phone and anybody can then use it. It's assumed since you are in settings, you've already logged on when you last booted the phone. A thief wouldn't be able to get into settings to reset it as he or she wouldn't know the password to unlock the phone.
Click to expand...
Click to collapse
Are you sure about that? I believe that factory reset still triggers FRP thus the black market trade in bypassing that check on lost and stolen devices.
Hi bros
Is there a way to bypass screenlock or pattern on samsung phones without loose data ?
Example g930f U8 frp on oem on
But i can't loose data
Any factory reset will cause complete user data lose.
I know
I don't want make factory reset
Then you need to remember the code or use your Samsung or Google account to regain access.
That's it as far as I know. A data recovery specialist -might- be able too but it's not easy or cheap.
I never set a lock screen, bios password etc and redundantly backup critical data to multiple hdds because of this. I never encrypt backup data drives. If you don't plan ahead properly it's only a matter of time until you lose critical data.
Background:
A person I know, dropped his phone (Android Oreo or above) into the water while at a beach. He tried keeping the phone in a bag of rice etc., but he can't get it to work. It won't even start. Samsung support said he'd need to replace the motherboard. He does not want the phone working again, but he wants the vacation photos from the phone. In Bangalore, there are some data recovery services that say they can recover the data for him (one of them mentioned some Spider technology).
Primary question:
Is the data recovery team's claim that they can recover the photos, actually legitimate? Can the photos be recovered from the phone in such a situation? How would they do it? Since the data on the phone would be encrypted (a password was needed to unlock the phone), would the data recovery team use a motherboard from a similar phone, connect it to the data storage and ask him to type his password to be able to access the data? If instead they removed the NAND storage and connected it to another board, wouldn't it be impossible to access the data without typing the phone's unlock password to decrypt it?
Concerns:
They might be bluffing, and this could just be a way to get paid for the "effort" that they put in to try recovering the data even if they can't eventually do it.
The data recovery team could clone the data and use brute-force techniques to gain access to any other data.
They could misuse any payment information stored on the phone.
They may view WhatsApp chats or other WhatsApp data stored (he says his WhatsApp is protected by fingerprint recognition).
if privacy is the main concern here, do it through samsung, through the official means. whats more important, the price of a motherboard or their privacy ?