Related
Occasionally I leave my phone laying around or let other people play with it, but it's getting very tedious having to lock it all the time. Anyone up for creating a app that will let me lock certain portions/apps on the phone (ie. SMS, gallery, etc.) using the built in finger print scanner?
I will second this. I recall reading that Moto was going to release the APIs for the print scanner. That should make it considerably easier.
just a bump, I know all you great minds out there are capable of this and want this too =)
+1
+1 yes, yes, yes a needed app
Yes, yes, YES! I've been thinking about requesting something like this for a while now!
I emailed the developer of Widget Locker since he seems to be fiddling with the Finger Print Scanner on the Atrix to see if he's interested in making a separate app for this. I wouldn't mind paying something like $1 for it.
How can we get this thread more attention from developers on XDA?
Keep the thread bumped, add some other keywords such a biometric scanner, fingerprints, fingerprint scanner, etc. (I myself didn't find this when searching), post the same on other forums, that's all you can do really!
PiTT said:
I emailed the developer of Widget Locker since he seems to be fiddling with the Finger Print Scanner on the Atrix to see if he's interested in making a separate app for this.
Click to expand...
Click to collapse
And here I am! (Sorry for taking some time to get back to this)
What I'm doing from WidgetLocker is piggy backing on the system security, so I don't interface with the fingerprint scanner directly. However I have looked into this as it could be interesting for WidgetLocker to be able to use in more ways, and potentially another separate app like discussed here.
I've seen the other thread about the password keeper and this one about an app-lock type thing. The issue with a password keeper is that the passwords should be stored encrypted, otherwise if someone stole your phone they'd just need to root if (if it's not already) and they'd be able to get all your password. But encrypting the passwords with a key that's stored somewhere is really just adding a few extra steps, they're not truly protected. Normally they'd be encrypted with your password, and only decryptable with you typing the password again. But I don't think this could be done for the fingerprint scanner due to what information is available (And how the fingerprint information is stored on disk). I could be wrong however.
As for the app-locker thing, there are also security issues here, but I think app-lockers are more used as a deterrent than as real security. To lock out your friend rather than a thief. But there's a fair amount of non-fingerprint related work to be done for this kind of app as well.
If I do end up doing anything with it I'll post back.
I said this in the development section when it was released lol. So....+1 and good idea!
Atrix4G Rooted!
[email protected] said:
And here I am! (Sorry for taking some time to get back to this)
What I'm doing from WidgetLocker is piggy backing on the system security, so I don't interface with the fingerprint scanner directly. However I have looked into this as it could be interesting for WidgetLocker to be able to use in more ways, and potentially another separate app like discussed here.
I've seen the other thread about the password keeper and this one about an app-lock type thing. The issue with a password keeper is that the passwords should be stored encrypted, otherwise if someone stole your phone they'd just need to root if (if it's not already) and they'd be able to get all your password. But encrypting the passwords with a key that's stored somewhere is really just adding a few extra steps, they're not truly protected. Normally they'd be encrypted with your password, and only decryptable with you typing the password again. But I don't think this could be done for the fingerprint scanner due to what information is available (And how the fingerprint information is stored on disk). I could be wrong however.
As for the app-locker thing, there are also security issues here, but I think app-lockers are more used as a deterrent than as real security. To lock out your friend rather than a thief. But there's a fair amount of non-fingerprint related work to be done for this kind of app as well.
If I do end up doing anything with it I'll post back.
Click to expand...
Click to collapse
my reasoning behind this type of app as you said isn't for REAL security from a thief, more of a deterrent from people around me....such as a nosy friend or girlfriend =)
"such as a nosy"
Well, of course cell phones have had a way to prevent that for what, 20+ years now? You leave it locked, except for "emergency and speed dial" or other restricted calling. No reason that someone has to borrow my cell phone (and deprive me of my phone!) while they're doing whatever with it.
I don't have any guilt about saying "Sure, you can make a call. But I need my phone with me."
PiTT said:
my reasoning behind this type of app as you said isn't for REAL security from a thief, more of a deterrent from people around me....such as a nosy friend or girlfriend =)
Click to expand...
Click to collapse
Well, if you have a friend that would invade your privacy then they are not your friend. And if you have a girlfriend that doesn't trust you enough to respect your privacy then dump her. You can't have a relationship without trust.
There are already apps that let you lock particular applications. I hand my phone over to my 4-year-old all the time so she can play Fruit Ninja, so I keep my work email locked down. I guess it would be kind of cool if the app locking software took advantage of the Atrix's fingerprint scanner.
live4nyy said:
Well, if you have a friend that would invade your privacy then they are not your friend. And if you have a girlfriend that doesn't trust you enough to respect your privacy then dump her. You can't have a relationship without trust.
Click to expand...
Click to collapse
lol, I second this... She's obviously insecure.
And why are we assuming that it's the girlfriend that's untrustworthy? PiTT (no offense, all due respect) is the one with dirty little secrets on his phone.
aquariumdrinker said:
And why are we assuming that it's the girlfriend that's untrustworthy? PiTT (no offense, all due respect) is the one with dirty little secrets on his phone.
Click to expand...
Click to collapse
Thanks =)
you guys are missing the point, it was just an example. Now back to the topic at hand.
I would love to be able to lock my phone using the finger print swype. This can't be to hard, could it?
jange said:
I would love to be able to lock my phone using the finger print swype. This can't be to hard, could it?
Click to expand...
Click to collapse
I don't understand what you are asking here. If you're going to be swiping your finger over the sensor to lock it, wouldn't it be just as simple to just press the button? If you have the sensor lock enabled, it will be locked with access only being granted to your finger swipe.
GEESH!
Clearly some people on this thread don't understand what's going on here. So let me break it down....
It's not about "it's not a real friend if they invade your privacy".
It's not about "why not just lock the phone itself".
Maybe you have a family member, girlfriend, wife, or CHILD you want to be allowed to use your phone. This requires unlocking the phone itself.
Buuuut, you don't want them snooping in your email or for the dense folks who don't get it, you don't want a CHILD deleting your messages accidentally, replying inadvertently to a co-worker via email etc.
Or let's be real, you don't want your GF or wife to see the chic you've been bangin's nude photo in your phone.
So you want to FINGERPRINT LOCK specific apps, like TEXT, EMAIL, SKYPE, TANGO, FRING, ETC! That way your "guest" can use your phone, but can't use any other apps without your finger!
GEESH!
I'd really like to see phones with Windows-like login profiles. So I can have my profile, ADMIN, and my wife can have hers GUEST.
Anyway...I second/triple/quadruple the idea of a fingerprint reader app lock. Right now I use AppProtector, and I'm looking into a new app called simply LOCK or (App) Lock.
"Clearly some people on this thread don't understand what's going on here. So let me break it down....
........you don't want your GF or wife to see the chic you've been bangin's nude photo in your phone."
*grin* The premise of your post made me laugh hard.
On a real note, I think this kind of application would be awesome. I too use appprotector, and I used to use the fingerprint scanner, but it just became bothersome to use everytime I locked my phone and had to unlock it. I don't have anything to hide on my phone, but I do lock my "SU" folder that contains all of my root tools. I have a 12 yo at home, and she could very easily mess something up without knowing it. I think the idea of locking certains apps with the fingerprint scanner is a fantastic idea, and I'd be willing to pay a few bucks for it for sure.
Actually, a whole utility for the fingerprint scanner on the Atrix that allowed you to do multiple things with it would be great.
Like was posted previously, it would be nice to have guest accounts (for wife and child etc), and with a fingerprint swipe, they wouldn't even have to login..swipe and go.
Someone mentioned this in another thread, but this is a topic that should have it's own separate thread.
Some of you may have already read the news: Michigan: Police Search Cell Phones During Traffic Stops
Don't assume it won't come to your town.
I can't say I plan to do anything that would warrant police suspicion, yet I don't like the idea of anyone being able to easily pull data from my device. And we know cops won't be the only ones with these devices. So I've been wondering, how can we protect our Android devices from the CelleBrite UFED?
Check out this video that shows some of the features it has, keep in mind it does much more and can even extract DELETED data.
See the company's product page here: http://www.cellebrite.com/forensic-products/ufed-physical-pro.html
This research paper talks about the CelleBrite UFED and other extraction methods. (CelleBrite UFED is talked about starting on page 9.) I doubt there's a means to prevent all of those methods given some involve long term handling of the device, but CelleBrite UFED can extract data when a device is retained by the CelleBrite UFED user for a short period of time. It looks like HTC Android type devices can only be extracted from via the (micro)USB Port and it requires USB Storage and USB Debugging turned on. The CelleBrite UFED has to gain Root Access. It can get by screen passwords and root even a device that was not yet rooted.
There's another thread where someone was requesting a ROM that would not work with the CelleBrite UFED. I'm not sure how to make a ROM or anything else that would not work with the CelleBrite UFED without limiting certain features we all may use from time to time.
Over on Slashdot, someone said they hacked their device (Nexus One) to not do USB client mode. This is another option that would limit some features many of us may use.
So, how can we protect our privacy and our data? Does it mean sacrificing some features like USB storage mode?
The biggest problem is what's missing from Android itself. Meego might be protected but not Android.
You would need an encrypted boot loader that retains root for some users.
A kernel and os files that support different users so the default user is not root like Linux and a prompt with a password for superusers not just an Allow like now for Android.
Encryption libraries that would support truecrypt encryption of both internal and external (SD card) encryption in toto not just individual files.
A true trash system that overwrites files like srm in linux and sswap for wiping the swap file after every system reboot.
Ultimately I don't see it happening. In theory if you were running Ubuntu on your phone then yes cellbrite would just crap out not knowing what to do with your phone. Same possibly with meego. But then no real app support, no navigation and driver support is crap even for ROMs using the same os let alone a different OS like true linux.
It's amazing how many don't even bother deleting thumbnails hanging around on their computers or securely wiping files on their computer. Same with swap files retaining passwords or even website cookies that have the same password as their computer.
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
This is where that cheap Boost Mobile phone comes in, or any other prepay phone. Just hand the officer that one. Store your personal data on your smartphone.
chbennett said:
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
Click to expand...
Click to collapse
Hello, All. This is my first post at xda-developers!
Since I'm new to Android, data security has concerned me. Climbing the learning curve of rooting and tweaking my SGH-T989, I've focused on control, security, and privacy. So far pretty good, thanks largely to members' posts at this site. Thank you very much!
Then this thread crushed me. Visions of "1984", "THX 1138", "Terminator", etc.
I considered the suggestions here. Thoughts about the OS seem right to me, but that's beyond my abilities. I did try following chbennett's advice: I enabled encryption in my backups and moved them to the internal SD.
But I don't yet know how to do the 'home server / log in on demand' scheme for contacts and calendar. I will appreciate any help with that.
Meanwhile, I looked for a way to make a 'panic button' that would let me wipe my phone immediately. What I chose was making a contact whose phone number is the USSD code for Factory data reset.
Maybe Tasker, etc. could streamline this approach; but my trials showed that, unlike MMI codes (e.g., to toggle caller ID blocking), USSD codes cannot be submitted to the OS indirectly. So swiping a contact, direct dial shortcut, etc. did not work. On my phone, all that worked was either 1. manually dialing the code, or 2. dialing the contact name, then tapping the contact.
So the routine to use this 'panic button' is:
1. launch Dialer
2. dial the contact name
3. tap the contact name in the search results
4. tap "Format USB storage" in the "Factory data reset" dialog
5. tap "Reset phone" button in the "Factory data reset" dialog.
It sounds clunky, but it's actually pretty quick. I named the panic button contact "XXX" to avoid confusability when dialing (it needs only "XX" for a unique match.)
If you can suggest improvements to this scheme, or think it is misguided, please let me know. Thanks.
Any updates on this? I'm curious as to how to guard against ufed.
I think an instant hard brick option would be better so theres nothing to recover as i dont believe the factory reset is a secure wipe
Possibly a voice activated secret phrase or keypress u could say/do super fast in a tricky situation that autoflashes a corrupt/incompatible bootloader and recovery to device after secure superwipe that should stump them for awhile
im still interested in this i disabled usb debugging on my phone but unsure if the UFED can still access anything on my ICS full encrypted passworded evo3d im assuming they could dump the data at most but i highly doubt they could access the decrypted data unless you used an insecure pass
If you have encryption enabled for your data partition, then all you need to do is to turn off your phone when you see a cop. If they take it from you, they can turn it on and hook up their device, but they will only be able to snarf the system partition, which does them no good. They'd need your password to mount the data partition.
If you look around on this forum, you can find the steps necessary to switch the lock screen back to a simple pattern lock while leaving the disk encryption enabled.
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
dardack said:
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
Click to expand...
Click to collapse
I'd like to know about this too. I am about to set up encryption on my device and I'd like to know more about what type of attacks it can beat.
Edit to add: I assume brute force attack protection is like any other type of encryption.....dependent on the strength of your password. But, assuming we all know that already, I'm still curious about this.
If the question is how to protect your device when you think someone would scan your phone, you'd have to have some sort of inclination that a scan is about to happen. I'm assuming this is many people's concern as they're considering wiping their device through a quick process. In that scenario, just turn off your device. Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
smokeydriver said:
...Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
Click to expand...
Click to collapse
We all wish all law enforcement was just and honest, but so far in world history that has not been the case. Even a pretty woman may have her phone scanned by a curious cop snooping for pics.
Sent from my HTC One using Tapatalk 2
I would still like to know if there is an answer here...
So I recently had some dealing with assisting in a Cellbrite search. We initiated and enlisted the help of law enforcement for an employee who was doing some illegal activity which is not relevant to this discussion other than the person used an iphone. Anyway, the investigator came in and wanted to know if I can enable the bypass for the automatic screen lock in 5 minutes because when it locked, it disabled the Cellbrite copy.
Now, couple things here, he was only doing what he was "allowed' to do in the local municipality, and he did say they sell a more expensive Cellbrite device which would be able to crack it. I did find it interesting that the simple corporate Activesync policy I have set up was actually having this effect. Anyway I removed the policy and it worked. Funny thing is he could have done it himself had he known anything about that kind of thing. He was presented to us as an expert but I guess that mainly covered a basic Cellbrite expertise.
So, I do think encryption would be a great answer as the partition would be hard to bust in to. Nothing is impossible but I would rather not smash my phone on the highway next time I get pulled over so I would like to know definitively that this is the right approach. This is definitely not paranoia as there are at least 3 states where it looks like it happens regularly.
Time to look at a 2600 group for stuff like this I guess. I am early in my investigation
Later
A lot of people always question why I don't have any security measures in place after swiping my screen. I personally just don't see the benefit of typing in a password every single time I unlock, versus the risk of actually losing my phone.
I also feel that if the worst did happen, I could change my Gmail and Facebook passwords and that would basically cover all bases. In fact, all I'd have to do is revoke two-step authorization for Gmail and that would basically do it too. I don't have any financial information stored to the phone if I think about it (with exception of maybe Fandango).
One time, I found an non-password protected iPhone in a cab. There was no password lock on the phone, and we were able to return the phone to the owner by finding the last person he called. He happened to be with the person who picked up.
How do most people here feel about it?
It's really up to you. If you're comfortable with no password, just have a plan in case you lose it. Which, it sounds like you do. Also think about backing up things like pictures from time to time.
I use the face recognition feature. Works pretty well once you train it. And I have my name on the swipe screen before that, so maybe I'll get it back if someone I know finds it.
And, while I haven't tried it on this phone yet, Seekdroid is another option. Lets you remotely lock and wipe the phone from any web browser.
Sent from my SCH-I535 using Tapatalk
dunderball said:
A lot of people always question why I don't have any security measures in place after swiping my screen. I personally just don't see the benefit of typing in a password every single time I unlock, versus the risk of actually losing my phone.
I also feel that if the worst did happen, I could change my Gmail and Facebook passwords and that would basically cover all bases. In fact, all I'd have to do is revoke two-step authorization for Gmail and that would basically do it too. I don't have any financial information stored to the phone if I think about it (with exception of maybe Fandango).
One time, I found an non-password protected iPhone in a cab. There was no password lock on the phone, and we were able to return the phone to the owner by finding the last person he called. He happened to be with the person who picked up.
How do most people here feel about it?
Click to expand...
Click to collapse
I prefer at-least a simple password. Also, under Security -> Owner information - I have a message for any potential finders of my phone: "If this phone is lost please email ma at [email protected]". That message scrolls across the screen even when locked.
I was wondering if is there any way to lock my s2, like an icloud equivalent?i would be really comfortable knowing that if it gets stolen, the thief can't do much more than selling it for parts
In Cm12.1 there's an option to fully encrypt your device. But if I remember correctly, someone posted that it isn't working. Not sure. Perhaps just search around here using search option: http://forum.xda-developers.com/showthread.php?p=61640802
Yeah, you read that right. Basically i'm trying to either find a tablet without internet functionality (which i assume is impossible in 2019) or disable all internet connectivity (or wi-fi connection, same thing) from a "normal" tablet.
Simply put i have ADHD (medicated) and tend to find access to the internet very distracting for my work, but i still need a device to write documents on. Problem is, most places where i work or study have wi-fi around, so i end up wasting hours of time, which i cannot afford to.
So, back to the topic: is there a way i can disable internet access from a tablet, maybe by deleting some file? I'm down to rooting the device, if necessary.
Thanks to anyone who can help me!
What your asking for is a bandaid in my opinion. I have the same issue as well, ADHD. What I've learned is just to focus on the task in your life. Such as the documents you need to type up of to look at the weather if it's part of your day.
Put it in like airplane mod or smth,or either,there are some apps for that,you give them the device administrator right,after that they control your daily internet usage,or if you want to block it you can simply do,but after giving an app the administrator rights,you can uninstall it
OptimisticShaggy said:
What your asking for is a bandaid in my opinion. I have the same issue as well, ADHD. What I've learned is just to focus on the task in your life. Such as the documents you need to type up of to look at the weather if it's part of your day.
Click to expand...
Click to collapse
Thanks for your advice, but i was kind of expecting this answer. Still, anedoctal evidence has taught me that i'm much more productive in environments where i simply have no ways of accessing the internet. Also, i've been trying to "learn to just focus" for the past 30 years, and i've always failed, so i'm at the point where i'm fine with relying on bandaids.
SpeedAimer said:
Put it in like airplane mod or smth,or either,there are some apps for that,you give them the device administrator right,after that they control your daily internet usage,or if you want to block it you can simply do,but after giving an app the administrator rights,you can uninstall it
Click to expand...
Click to collapse
This looks ingenious but quite convoluted; I find it weird that with all the ways you can brick a phone there isn't some file i can just delete to make internet connection imbossible. Thank you for your answer though, if nobody comes up with anything i'll try your method.