Question Unlocked bootloader data security - Google Pixel 7 Pro

If I lose my phone or it gets stolen how secure is my pin protected data with an unlocked bootloader as opposed to a locked bootloader?

Pretty sure you have to wipe all to get rid of a pin, so I would say it is almost the same.

Connorsdad said:
If I lose my phone or it gets stolen how secure is my pin protected data with an unlocked bootloader as opposed to a locked bootloader?
Click to expand...
Click to collapse
There are two schools of thought on locked vs. unlocked bootloader security (both which I quote below) that I saw discussed a while back on the subject. It may not directly speak on pin protecting your data -- they discuss some on how your device is encrypted behind your pin so even if stolen, it should still be secure (enough) -- but at the very least there are ways around EFS so your device might still be of some use and/or, maybe given enough time you never know what can happen; which is discussed a bit in the quote & discussion (in the thread they do it in) below...
You could click on either posts (they are made in the same thread) to follow the discussion more (they go on for a bit, but not to too much more of a degree)...
96carboard said:
Everything will work perfectly with an unlocked bootloader. It will just give you an annoying warning screen briefly when powering on.
If you want to know about security risks, they're fairly small, and ONLY apply if your phone is handled physically by someone untrusted for an extended period of time, in which the only thing they could actually do is install a modified boot image. Under those circumstances, the device security has to be assumed compromised whether the bootloader is unlocked or not.
An unlocked bootloader will NOT allow a 3rd party to access data on the device, since it is encrypted and requires your security code to unlock.
Now, you can actually tell if they've rebooted the device, which they would HAVE to do in order to install a different boot image; the unlock screen (which they are NOT able to modify without resulting in boot failure) will tell you!
And I absolutely disagree that it is shortsighted to advise immediate unlocking. Nothing of real benefit comes from having a locked bootloader. Any sense of security you gain from it is smoke and mirrors. It can only be tampered with if someone has physical access, and if somebody has physical access, it has to be assumed compromised regardless of whether it is unlocked or not. If anything, your security is improved because it is now on your mind that it could potentially be tampered with, and you are reminded of it with the id10t warning every time it reboots.
Click to expand...
Click to collapse
bobby janow said:
Everything will not work perfectly. Let's be honest here. Look it up, some banking apps work mine doesn't. Pay will work one day and not the next. And if your bank finds out your account was hacked and your phone is unlocked and/or bypasses bank security protocols who will pay for the missing funds when they find out?
A missing device can be booted into a custom recovery and adb commands will be available to take everything on your device bypassing any security you have. With a locked bootloader that is not possible. So if you know your phone can be compromised you feel more secure? That is ludicrous and really doesn't make sense. I mean talk about smoke and mirrors.
Now that being said there are a lot of folks in your camp that say you're living a pipe dream if you think the phone is more easily hacked or info stolen. I understand that argument entirely and it's possibly correct to a certain degree. But to summarily say immediately unlock your bootloader if you don't plan on rooting because.. well just in case, is really disingenuous to a great many individuals. At the very least look up some articles on why to keep your bootloader locked, especially for someone that hasn't done it in some time, if ever. The beauty of Android is the possibility if you so desire. Just be conscience of the advice you give. Many years ago Chainfire said in his blog that if you have an unlocked bootloader and have financial apps on your device you're asking for trouble and you might want to rethink that. (not in so many words) That weekend I locked my bootloader and never looked back. I haven't missed anything.. well other than flashing MVK kernel for my 6a. ;-) But then I'd need root and that brings a host of other issues.
Click to expand...
Click to collapse

Related

Securing android.

With the recent release of Sunshine 3.0 I was finally able to liberate my verizon m8. However with this new found freedom I also find myself worrying about the new found responsibility that comes with a rooted phone running CM12 with an unlocked bootloader.
My question is this:
How do i keep my phone as secure as possible?
I have been told that re-locking my bootloader will break my phone because of the signing process (Verizon is evil) and that encrypting the phone is futile because of root.. What can I do to protect my phone and how hard is it for someone to circumvent any security measures I can come up with?
P.S. This paranoia was prompted by a friend sending me this video.

Can I prevent my new Pixel 2 / XL from being rooted?

All of the discussions I am seeing are about people trying to root their new Pixel 2 devices. They are worried they won't be able to root due to the Verizon locking and/or lack of images. My question is simple. If I buy a Pixel 2 / XL from google's site, is there anyway I can prevent the phone from being rooted and/or flashed with another (custom or google) bootloader? Can the FRP help me here? I'm just getting ramped on how google's phones work and I want to know if I can prevent evil maid attacks (someone temporarily gets access and loads malicious software on it). If someone has rooted it, is there anyway I would know? Would it have been erased? If I set the OEM unlock to disabled in the developer's options, would that prevent it, or is there a way to disable that in the recovery boot environment? I know the blackberry prevents root and I'm wondering how to achieve similar security with Pixel 2 devices.
Thanks in advance
brainysmurf said:
All of the discussions I am seeing are about people trying to root their new Pixel 2 devices. They are worried they won't be able to root due to the Verizon locking and/or lack of images. My question is simple. If I buy a Pixel 2 / XL from google's site, is there anyway I can prevent the phone from being rooted and/or flashed with another (custom or google) bootloader? Can the FRP help me here? I'm just getting ramped on how google's phones work and I want to know if I can prevent evil maid attacks (someone temporarily gets access and loads malicious software on it). If someone has rooted it, is there anyway I would know? Would it have been erased? If I set the OEM unlock to disabled in the developer's options, would that prevent it, or is there a way to disable that in the recovery boot environment? I know the blackberry prevents root and I'm wondering how to achieve similar security with Pixel 2 devices.
Thanks in advance
Click to expand...
Click to collapse
If you let people spend inordinate amounts of time with your phone, there's not much you can do to prevent someone from rooting your phone... except putting a password on it and not letting people spend inordinate amounts of time with your phone.
Sent from my Pixel 2 using Tapatalk
ajrty33 said:
If you let people spend inordinate amounts of time with your phone, there's not much you can do to prevent someone from rooting your phone... except putting a password on it and not letting people spend inordinate amounts of time with your phone.
Sent from my Pixel 2 using Tapatalk
Click to expand...
Click to collapse
Thanks for the answer. However this has not been true for many phones, namely the blackberry, and even some models of the Pixel (verizon). I noticed you mentioned "putting a password on it". Assuming my phone is entirely feature protected (password, encryption, oem unlock disabled...), will this prevent the the standard rooting procedures? I understand exploits may be found, but I'm not considering those seeing as they will be patched. It's the standard rooting procedures I'm concerned about. I don't want rooting my phone (without me knowing) to be an enabled feature (or possible at at all if that is feasible). My only goal here is to stop that.
Thank you
brainysmurf said:
Thanks for the answer. However this has not been true for many phones, namely the blackberry, and even some models of the Pixel (verizon). I noticed you mentioned "putting a password on it". Assuming my phone is entirely feature protected (password, encryption, oem unlock disabled...), will this prevent the the standard rooting procedures? I understand exploits may be found, but I'm not considering those seeing as they will be patched. It's the standard rooting procedures I'm concerned about. I don't want rooting my phone (without me knowing) to be an enabled feature (or possible at at all if that is feasible). My only goal here is to stop that.
Thank you
Click to expand...
Click to collapse
To root you need to have an unlocked bootloader. Unlocking the bootloader requires the OEM unlocking switch to be flipped. Getting to that point requires you to enter your password twice (unlocking the phone and enabling developer options). You also need a computer with a functional fastboot setup. Unlocking the bootloader wipes the phone and all of your personal information with it. After unlocking the bootloader you have to push some files to the phone via adb or with mtp after you have logged back into your phone. Then you have to flash twrp via fastboot and in turn flash magisk. (This is all of the to of my head. You can read the root threads for the exact details.)
The point is your phone can't be rooted without you knowing it.
Sent from my Pixel 2 using Tapatalk
PiousInquisitor said:
To root you need to have an unlocked bootloader. Unlocking the bootloader requires the OEM unlocking switch to be flipped. Getting to that point requires you to enter your password twice (unlocking the phone and enabling developer options). You also need a computer with a functional fastboot setup. Unlocking the bootloader wipes the phone and all of your personal information with it. After unlocking the bootloader you have to push some files to the phone via adb or with mtp after you have logged back into your phone. Then you have to flash twrp via fastboot and in turn flash magisk. (This is all of the to of my head. You can read the root threads for the exact details.)
The point is your phone can't be rooted without you knowing it.
Sent from my Pixel 2 using Tapatalk
Click to expand...
Click to collapse
Excellent. That is what I was looking for. If that is true, this phone meets my security needs.
brainysmurf said:
Excellent. That is what I was looking for. If that is true, this phone meets my security needs.
Click to expand...
Click to collapse
You don't need to be rooted for malicious software to be loaded on to your phone. Just stick with installation of apps from the play store and check the reviews/ratings and if something sounds to good to be true then it's probably best to avoid it unless you have valid sources authenticating it.
flunk03 said:
You don't need to be rooted for malicious software to be loaded on to your phone. Just stick with installation of apps from the play store and check the reviews/ratings and if something sounds to good to be true then it's probably best to avoid it unless you have valid sources authenticating it.
Click to expand...
Click to collapse
right, we already have those principles down. we're just trying to understand how vulnerable we are to specific attacks that are out there, namely the evil maid attacks. our team is extremely conservative on the basics that you are speaking of. we're just filling in the blanks for some more sophisticated attacks that are possible on the pixel, which is a new platform to us.
Thanks
brainysmurf said:
right, we already have those principles down. we're just trying to understand how vulnerable we are to specific attacks that are out there, namely the evil maid attacks. our team is extremely conservative on the basics that you are speaking of. we're just filling in the blanks for some more sophisticated attacks that are possible on the pixel, which is a new platform to us.
Thanks
Click to expand...
Click to collapse
The workflow that @PiousInquisitor stated is true for, AFAIK, every modern Android device in existence.
brainysmurf said:
right, we already have those principles down. we're just trying to understand how vulnerable we are to specific attacks that are out there, namely the evil maid attacks. our team is extremely conservative on the basics that you are speaking of. we're just filling in the blanks for some more sophisticated attacks that are possible on the pixel, which is a new platform to us.
Thanks
Click to expand...
Click to collapse
So far all the above answers are correct. I'll add a couple more. Evil maid attacks are not being used on phones/android afaik. My understanding is that a computer must be booted with a USB stick while you're not looking, installing software onto your computer/laptop and then hijacking it. So I wouldn't worry about that. Even so, keeping OEM lock in the disabled state in dev options will prevent root on your device. Also do not install unapproved software and if you are that worried you might want a scanning program that will root (no pun intended) out malicious software. I think there are a few out there.
As for FRP, it's a good idea but it can be bypassed. There are people out there that can take a stolen phone and bypass FRP for a fee of around $30. Also searching for FRP bypass will give you some ways as well. So I would not rely on that. Nonetheless they would need to wipe the device to do that and by that time you would have blacklisted the IMEI and rendered the phone useless to the thieves. You and your company seem aware and cautious. I don't think you'll run into any issues with the Pixel 2. You made a good choice.
The device software is rarely the vulnerability, it's the people using the device.
If your threat model is such that the ultimate question is "what can someone do with physical access to the device", you're dealing with zero day exploits that aren't publicly known and all of our feedback is out the window.
Telperion said:
The device software is rarely the vulnerability, it's the people using the device.
If your threat model is such that the ultimate question is "what can someone do with physical access to the device", you're dealing with zero day exploits that aren't publicly known and all of our feedback is out the window.
Click to expand...
Click to collapse
The op is gone. Not sure if she was trolling but this thread is over.
Sent from my Pixel 2 using XDA-Developers Legacy app

How to flash to the 'carrier-unlocked' ROM?

T-Mobile will only do a 'temporary unlock' on an S8+ my friend gave me, so I've got 30 days til they lock it again (oddly enough they say we can do this 5 times....can't make sense of that but ok!)
I want to carrier-unlock/crack this handset and it doesn't matter to me if I 'trip' the CPU by rooting to do this (I don't care about not getting updates, am not even intending to use data on this handset just talk/text), though I'm not sure rooting is even required as I've read on Reddit about newer firmwares that you can flash to that, once flashed, will make the handset carrier-free - I'm hoping against hope that that's true and that there's a simple/straight-forward way to just update it and crack the lock but am doubting that, *but* if I'm OK with 'breaking' the functionality of data-usage/updates to android/etc, is there *any* possible avenue for flashing/anything to crack that lock? So long as I can still call/text I'd be happy, am more than fine 'taking it off the network' so far as data is concerned and hoping that would make *some* approach worthwhile, so far my best bet is taking a chance with sites that sell codes to unlock but I've read of people doing this only for the phone to be re-locked (presumably the carrier catches-on, this is part of why I think just disabling data completely would be a smart move for me to get&keep the handset unlocked, and losing data capabilities isn't a real issue for me in the first place as there's wifi everywhere anyways!)
Thanks for any suggestions of what I could look into, I know the 'lock' is on the cpu (snapdragon/US-based/t-mobile) so harder to get around but just can't imagine it's un-crackable w/o a tech on their side helping me (ie those 'unlock unit' sites, which I'm imagining are run by people who work within the telecom infrastructure if they're able to do what they claim- still is hard to believe they'd be able to do that very long w/o being shut-down, it's not like they're working via bitcoin-only or something!)
New1Phone said:
T-Mobile will only do a 'temporary unlock' on an S8+ my friend gave me, so I've got 30 days til they lock it again (oddly enough they say we can do this 5 times....can't make sense of that but ok!)
I want to carrier-unlock/crack this handset and it doesn't matter to me if I 'trip' the CPU by rooting to do this (I don't care about not getting updates, am not even intending to use data on this handset just talk/text), though I'm not sure rooting is even required as I've read on Reddit about newer firmwares that you can flash to that, once flashed, will make the handset carrier-free - I'm hoping against hope that that's true and that there's a simple/straight-forward way to just update it and crack the lock but am doubting that, *but* if I'm OK with 'breaking' the functionality of data-usage/updates to android/etc, is there *any* possible avenue for flashing/anything to crack that lock? So long as I can still call/text I'd be happy, am more than fine 'taking it off the network' so far as data is concerned and hoping that would make *some* approach worthwhile, so far my best bet is taking a chance with sites that sell codes to unlock but I've read of people doing this only for the phone to be re-locked (presumably the carrier catches-on, this is part of why I think just disabling data completely would be a smart move for me to get&keep the handset unlocked, and losing data capabilities isn't a real issue for me in the first place as there's wifi everywhere anyways!)
Thanks for any suggestions of what I could look into, I know the 'lock' is on the cpu (snapdragon/US-based/t-mobile) so harder to get around but just can't imagine it's un-crackable w/o a tech on their side helping me (ie those 'unlock unit' sites, which I'm imagining are run by people who work within the telecom infrastructure if they're able to do what they claim- still is hard to believe they'd be able to do that very long w/o being shut-down, it's not like they're working via bitcoin-only or something!)
Click to expand...
Click to collapse
You can't (really) root US phones. You should be able to put a U(niversal) rom on it, though.
You can have it unlocked via some service, leaving out the U rom.

Your 986u $125 bl unlock experience

Have there been many failures?
How do you feel about the process?/How did it go?
Any pitfalls I should be aware of? Warranty issues, easy to brick the phone afterwards, etc?
Does it matter what software im on? I'm on the original shipped OS and it's threatening me with a forced update. Yes I turned off the updates in settings and developer options, no avail.
I am a Fi user and just came from a 3 generations of Nexus/Pixels, my last Sam phone was an S4 on Verizon. Root is life.
Thanks
I also came from pixels (and oneplus) been unlocked since the beginning of December, also Fi. No issues whatsoever. The people doing the unlock are cool and to my knowledge the only device lost to the process was one of the peoples who is doing the unlocks, after he tried to relock the bootloader. And that leads to, once unlocked don't relock. You get one shot. 10/10 would do it again
I'm soo ready also to get the boot loader unlocked. one question I have will bank account apps still work, will the battery charge 100‰.
Jack143 said:
I'm soo ready also to get the boot loader unlocked. one question I have will bank account apps still work, will the battery charge 100‰.
Click to expand...
Click to collapse
yes and yes. at least mine do.
Another question I have that is more specific, I'm wanting to get a good call blocking app that will block calls at the root system. which will cause the caller end not to ring when their number is blocked. I purchased root sms manager but I don't have root yet. Have anyone tried the app on a rooted note and it blocks the caller from getting a ring? Hope someone can check.

Android device security after unlock

Hello I was wondering if there was a way to secure an Android device after unlocking it and installing a custom rom, maybe somebody has a thread or something.
Theoretically speaking anybody can take the device and do whatever he wants with fastboot or twrp.
Relocking it can have unforeseen consequences as some here have learned. I may be incorrect (depends on the variant too) as I don't root but the more you do, the more can go wrong.
I don't screen lock my device or encrypt my data because I don't want to be locked out, ever.
Physical possession is the only real security, relocking it isn't needed or desirable.
Anyone that tries to take my device is headed to the hurt locker. Consequences.
@fdor
Once an Android device's bootloader got unlocked ( disabling AVB included ) the device's Android is vulnerable.
blackhawk said:
Relocking it can have unforeseen consequences as some here have learned. I may be incorrect (depends on the variant too) as I don't root but the more you do, the more can go wrong.
I don't screen lock my device or encrypt my data because I don't want to be locked out, ever.
Physical possession is the only real security, relocking it isn't needed or desirable.
Anyone that tries to take my device is headed to the hurt locker. Consequences.
Click to expand...
Click to collapse
Thanks for the information, could you elaborate on screen locking? or link a thread I'm not sure what you speak of.
fdor said:
Thanks for the information, could you elaborate on screen locking? or link a thread I'm not sure what you speak of.
Click to expand...
Click to collapse
That's a separate subject but the concept is they same. Anything you lock especially will a password, you can get locked out yourself. Many times through no fault of your own as in a hardware failure.
An unlocked boot loader is a security risk... a bricked device much less so
On a stock Android Pie or higher (even not updated) security isn't an issue unless you do something stupid.
One reason I don't root.
Anytime you load unofficial firmware you're talking a risk plus it's distribution volume is much lower so if any malware is present it doesn't have as much exposure. Meaning it's likely to take longer to be detected.

Categories

Resources