The full phone encryption as currently implemented on Android is inconvenient because you have to enter 6+ chars every time you want to unlock your phone.
Since most of the time you want to do something unimportant, it quite kills the usability.
Knox seems to have nice approach to that by splitting the phone into personal and business part, only the later being protected.
However it's inaccessible for non-corporate customers, and still unclear how exactly it works.
So are there any other solution that allow you to protect part of your phone, like encrypt choosen folders only and password/pattern protect specific apps only, while still leave the most of the functionallity of your phone conviniently accessible?
Well, you can always go for a combo... PIN + encryption of files + password protected apps... and cerberus for anti theft (you can always remote wipe and try to recover the mobile after). Of course most security measures are "wiped" soon as the phone is wiped to install a new firmware, but while it isn't... there's a short window to recover your phone.
Seems like there isn't much security apps to more serious issues either...
The biggest issue is that PIN + encryption kills the usability since you have to enter the PIN (6+ chars) every time you want to glance at the phone.
Related
Well, first i don't know if this is the correct arrea but let's go.
everyday hundreds of people lost your phones, or get stolen sometimes you can get it back, sometimes not.
the first problem is that android is a VERY unsecure platform, and in 1 minute i can shutdown the phone, go to the recovery and make a hard reset, boom, you lost your phone, or just enable USB depuration and go fastboot and do whatever i want.
in iOS 8 it's impossible to a stolen iphone be usable again by a robber, you NEED icloud login, it's a real secure operating system
i am thinking ways that i can make my phone secure, and i have 2 ideias, one is just silly but can work.
the silly idea is put some kind of tape on the contacts of the micro usb input, so when they see my second idea, they will be unable to fastboot, just charge, EDIT: i don't know if there are ways to securely disable usb depuration...
the second idea it just put a PIN password protection in the CWM or TWRP recovery, if you fail 4 times, it gets blocked for xx or erase all data, or whatever.
that's it, and for the phone's security, just another PIN password, and cerberus running .
Hi, my girl's Samsung S6 Edge got stolen today, snatched from her hand. Easy victim.
I'm trying to review the aftermath and what I did and maybe get some feedback on this.
Tracking/Remote lock
1. https://findmymobile.samsung.com/ failed - always set a password you remember; I didn't. After 7 failed login attempts account gets locked and you must reset your password, but it seems you can still lock your phone even if password is reset.
Anyway phone lock says will trigger once the device connects to the network. Is this still true if the phone is wiped?
2. https://www.google.com/android/devicemanager failed too
Maybe both failed because thief turned phone off? I did not try calling the number.
Security
3. All passwords were reset immediately, and gmail sessions were deleted.
4. Phone was locked with a PIN though a pattern would have been preferred. I do not remember if I encrypted it, but I know you cannot use pattern after you encrypt. Maybe that's why it had a PIN.
Assuming it was NOT encrypted, can a new ROM be flashed to unlock the phone and access content on storage drive (USB Debug was off)? I cannot remember if this is the case, I only rooted once and it was long time ago.
5. After 30 minutes I called the service provider and blocked the SIM card. She also offered to blacklist the IMEI number so I agreed. She even said that once you blacklist the IMEI, phone gets locked so thief cannot access it anymore - but this is bull****, it just won't be able to register to the network; it does not act as a remote lock lol. And IMEI can be easily overwritten once phone is rooted, so kind of an useless feature.
6. Reported to police but they don't care anyway, it's a petty crime. And chances of recovery are very little.
a) Would it be worthwile for the thief(s) to replace the front/back cover of the S6 Edge to a different color so they can easily sell it online locally afterwards? It seems to me the front cover is attached to the display, and to change that is quite expensive. Thoughts?
b) What happens with stolen phones anyway? Do they just root them and replace IMEI? I saw on a tv show that some will even replace the IMEI sticker on them.
thoughts:
- activate remote controls and TEST them
- install some app that takes snapshot of front camera when PIN is entered incorrectly
- encrypt phone, don't use dumb PIN
- set lock timeout to something short
- back up often
- engrave phone with custom message? (viable if you don't change often)
- have an action plan in case this happens
First two probably useless if thief switches phone off and reflashes it.
I probably need to restate my questions in a shorter format:
1. I had my phone registered with https://findmymobile.samsung.com. Will it still work if the phone is wiped?
2. Can content on the phone be accessed if phone was unencrypted and only had a PIN lock?
3. Is it easy to replace front/back case and bezel to give the phone a new 'look'?
Nobody answering... I'll try one last time.
1. Does flashing a new ROM give access to the stored files on the internal storage (like photos)?
2. Can a new ROM be flashed if the device is encrypted?
it can be flashed but the persob fill be stuck in bootloop and if the booted up ge will be stuck in frp lock by google he cant go past setup
w00tz said:
Nobody answering... I'll try one last time.
1. Does flashing a new ROM give access to the stored files on the internal storage (like photos)?
2. Can a new ROM be flashed if the device is encrypted?
Click to expand...
Click to collapse
If the guy who stole your phone flash another Rom and if not wipe the data then your photos etc will remain in your phone.. so if he wipe the data your file won't remain.. but the best option for him it's to wipe the data so this is good for you because he can't see your data.. make sure on your next phone to put pattern or a good code.. maybe you had put I didn't read all your posts.. that's all I know dude
Hii all,
As most of the user are using android smartphones and now i am using moto g5 plus so i wanto know more about factory reset protection?
How it works?
Factory Reset Protection is a security method that was designed to make sure someone can't just wipe and factory reset your phone if you've lost it or it was stolen. It's a good thing — it makes a stolen phone harder to use, which makes it less appealing to thieves, and anything that can protect our data on a phone we've lost is welcome. It can become a problem if you sell, trade, or even give away a phone without factory resetting it, though. How it works explains why.
You have to be signed in with the "owner" account of the phone (the one you used to set it up) in order to factory reset it. That means if you give me your phone I can't reset it without you being signed in There are random workarounds on the Internet, but they tend to get patched almost as soon as they are discovered. You'll pretty much need to know the login details for the last account to use the phone before you can reset it and create a new owner account.
Disabling FRP (Factory Reset Protection) is simple. On most phones, it will be automatically done whenever you choose to reset the data through the phone's settings. If your phone has an extra layer of reset protection from the company who built it or has a "find my phone" app from the company who built it, you'll want to disable that manually first. :angel:
My phone is working perfectly on the default OS I have only one problem, when using full disk encryption and/or SD card encryption there is no way to use another unlock option that passcode (with at least one letter).
By looking around it seems like there is no other solution than to use this long passcode but then to be able to use my phone normally I have to set up auto lock at 30mn.
If it's still not possible to use a numeric code with encryption, would there be a way to add a second lock screen at unlock so I can use a numeric code to unlock?
I've read articles online about this problem when android 5 was released i'm just looking for more recent info if it's possible to change this manually.
I'm not asking for a debate on encryption, i'm not paranoid and understand what encryption does and does not, it just seems crazy to me to use a phone without any other security than the passcode, if it gets stolen almost everything will be readable. (it's so much simpler on iOS)
Thank you
Hello!
I'm facing a very weird issue with my HTC U11 Life.
I've been using it for years with the same pattern and fingerprint, and out of the blue, my pattern appears as wrong while I haven't changed it.
It happened for the first time after restarting my phone (I switch it off pretty often though).
The fingerprint is recognised, but the pattern isn't.
I have no other option on the screen than the emergency call (no "forgot pattern"/enter password/pin/connect to my Google account), and the "find my phone" doesn't show anything ("Can't reach device"), even if it's connected to my home regular wifi.
Not sure it's relevant, but I tried to deactivate the pattern a month ago, as I'm using that phone only at home. But it sounds like it didn't go through.
After browsing forums for hours, I tried a few steps, all unsuccessful.
Using the ADB tools, when I enter the bootloader, I run “./fastboot reboot bootloader”, after which I see the device show up in “./fastboot devices”. Then I try to run “./fastboot boot twrp.img” for the HTC U11 Life, at which point I see a “Device corrupt, cannot be trusted” message. So I seemingly can't progress without flashing my phone, which I don't want to do.
I should probably also mention that I have another phone (Google Pixel 6), and I tried to put my home as a "Trusted place" for my Google account, but it unfortunately didn't change anything.
I saw the hard reset option but I can't afford losing any data on that phone, and I believe there is a solution given the fact that I can provide the right fingerprint and any password, if they're requested.
I hope your fabulous community can be of any help.
Thank you very much!
Take it to a data recovery specialist if you really need the data. They might be able to recover it.
Either a hardware failure or possibly malware, or a Single Event Upset.
Always redundantly backup critical data. Avoid encryption if possible. Use an SD card as the data drive if you have that option.
Hey Blackhawk!
Thanks a lot for this super quick answer, I really appreciate it
I should admit I have a hard time believing a malware attack, given that I was barely using Internet on this phone. So that indeed must be a hardware failure or a Single Event Upset. Go figure!
That's a pity that there is no solution to that, especially that my fingerprint works, which is super frustrating. Anyway, too bad, I guess I'll factory reset as it's my only option.
Have a great weekend!
seems theres no way to fix this
ccaye said:
seems theres no way to fix this
Click to expand...
Click to collapse
There is. A factory reset. The data partition was somehow corrupted. If it reoccures then either the firmware has been corrupted or there's a hardware failure.
Anytime you set a password for device access, you are the one most likely to get locked out. It may be through no fault of your own however had no lock had been set you have a higher probability of retaining access.
NEVER set passwords for backup drives. Always keep backup drives isolated from everything unless in use.