Related
I know that Android based phones have applications where you can track your phone through GPS software should it ever get lost. Is there such an application for our phones? I'd hate to lose my phone that has GPS capability and not be able to find it. And the thought of losing it and someone else finding it, hack it, and use it for their own personal use would be very more irritating.
And I know that the Motorola CLIQ even has the capability to erase all your stored information on the phone should you lose it to prevent someone from hacking into the phone and retrieving your sensitive information. Again, is there any software for our phones also?
Im Packing said:
I know that Android based phones have applications where you can track your phone through GPS software should it ever get lost. Is there such an application for our phones? I'd hate to lose my phone that has GPS capability and not be able to find it. And the thought of losing it and someone else finding it, hack it, and use it for their own personal use would be very more irritating.
And I know that the Motorola CLIQ even has the capability to erase all your stored information on the phone should you lose it to prevent someone from hacking into the phone and retrieving your sensitive information. Again, is there any software for our phones also?
Click to expand...
Click to collapse
Sprite Terminator:
http://store.spritesoftware.com/?page_id=280
Search the forum, there are already two threads on this subject:
http://forum.xda-developers.com/showthread.php?t=479257
http://forum.xda-developers.com/showthread.php?t=469415&highlight=anti+theft
i personally prefer remotetracker.
i lost my phone b4. n it works fine. i able to track bak my phone.
[email protected] said:
Search the forum, there are already two threads on this subject:
http://forum.xda-developers.com/showthread.php?t=479257
http://forum.xda-developers.com/showthread.php?t=469415&highlight=anti+theft
Click to expand...
Click to collapse
I always do use the "Search" function, but even with sifting through posts I didn't come across the two you listed. Thank you. Maybe I'm trying to be too technical with my searches...
Free web services (and Beta), with "Find" and "Erase" functions, among others:
www.flexilis.com
www.mobiwee.com
I just tried the Maspware GuardsMobile and ended up locking my phone up. It recommended disabling balloon pop-ups and a soft-restart. I allowed that then it gave me errors loading some related tracking.exe file. I tried to enter the default pin and it didn't work. Gave me 3 attempts. After the 3rd attempt the phone was locked! Searched around and came up with nothing. There's not even a guide explaining what happens.
So now I'm forced to reflash the phone and restore my PIM. I do not recommend this program for anyone with cooked ROMs.
I'm going to now play with Ultimate Theft Alert.
Can't find any command lines for Ultimate Theft Alert V35. I don't think I really like it a whole lot as some of the others...think I'll try my luck at Maspware GuardMobile again.
Ok, reinstalled GuardMobile. Activated it (fingers crossed). It recommended disabling the SMS bubbles again and a soft-reset. I let it and amazingly my phone didnt lock up this time when entering the demo password "1234".
I feel much more comfortable trialing this program than Ultimate Theft Alert as they list the commands on their website, and you don't get ANY commands list until you've purchased UTA. So without having any commands to trial the program I will not be purchasing UTA.
Time to play around with MaspWare GuardMobile now...
Ok, just tried to exit GuardMobile and I got the freaking error again!
"An unexpected error has occurred in GuardMobile_TS.exe.
Select Quit and them restart this program, or select Details for more information.
Luckily this time I didn't leave it active while testing. Reset phone and it works. But everytime I try and test the locate or monitor it fails to send SMS. Then I exit the program and it crashes. I'm going to uninstall and forget this program...AGAIN!
Sprite Terminator seems to work so far. Only exception is that I can't use the "Alternate GPS" It doesn't give me a lock on my position and comes up with all ZEROS. Going to keep playing with this.
Had you tried any of the web services I've posted?
They both work fine for me. And they are both free (at least, for now, at Beta stage...).
there's a program called WIMP, i havent tried it yet though
Sprite Terminator works, BUT when it intercepts the SMS code it doesn't text back.
vmiguel said:
Had you tried any of the web services I've posted?
They both work fine for me. And they are both free (at least, for now, at Beta stage...).
Click to expand...
Click to collapse
Haven't tried them...yet, but I've already downloaded the programs and thank you for the suggestions.
moukun said:
there's a program called WIMP, i havent tried it yet though
Click to expand...
Click to collapse
Wimp didn't work receiving SMS codes.
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
illmurs said:
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
Click to expand...
Click to collapse
Only in the professional edition.
illmurs said:
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
Click to expand...
Click to collapse
Well, Flexilis have a "Scream" command, that will make the phone starts playing a rather anoying horn sound, for 30 seconds.
Handy to find a lost device, at least. And to get some atention on a stolen one, but the thief can just turn it off...
Kaspersky Mobile Security 8
Looks like no one has mentioned or tried this software yet.
I've already tried the 1 month trial version and then purchased a 1 year plan which I believe is worth every penny.
It's an anti virus, anti spam, sms and phone blocker and phone locater.
link:
http://www.kaspersky.com/kaspersky_mobile_security?thru=reseller=kmssidebanner3
Features:
Block access to contacts, photos or files on your phone if it is lost or stolen
Get the GPS location of a lost or stolen phone
Encrypt sensitive personal and business data
Remotely wipe your smartphone if necessary
Block unwanted calls and SMSs
Cybercrime and your smartphone
Stop cybercriminals hijacking your smartphone to make money
Block the sending of data to third parties
Prevent corruption of personal data
Hope this helps!
jpijper said:
Only in the professional edition.
Click to expand...
Click to collapse
vmiguel said:
Well, Flexilis have a "Scream" command, that will make the phone starts playing a rather anoying horn sound, for 30 seconds.
Handy to find a lost device, at least. And to get some atention on a stolen one, but the thief can just turn it off...
Click to expand...
Click to collapse
Hmm might be at least a bit useful like you say - maybe a password to turn off sound will be better?
Well, they are in Beta, so accepting ideas and feature requests... why don't you send them an e-mail?
I'm going to give kaspersky a run, it sounds good.
http://www.thenewspaper.com/news/34/3458.asp
http://www.cellebrite.com/forensic-products/ufed-physical-pro.html
regardless of my reasons behind this this makes all phones inherently tappable if stolen etc or from other corporate espionage attempts
this is a serious flaw and i would like to see if its possible for you custom rom bakers to cook us up some protection
if they want my info they should subpoena my records from sprint or Google not be able to brute force into any and every phone with a device
i and many other would be more then happy to donate for such a solution especially if it wasn't dependent upon only 1 rom
seen this but doesn't yet support the evo
http://www.whispersys.com/whispercore.html
+1 to this for my hd2 too please! or just android
I'll throw in
We should start a Kickstarter for this or something. Either way, count me in to contribute $150+
I could foresee a specific app that launches when plugged into a computer.
If the phone fails to receive user authorization or is plugged into a blacklisted device (say, CelleBrite UFED), then the phone is locked down/wiped.
And/or spoof information, a fake system dump.
tropicalbrit said:
I could foresee a specific app that launches when plugged into a computer.
If the phone fails to receive user authorization or is plugged into a blacklisted device (say, CelleBrite UFED), then the phone is locked down/wiped.
And/or spoof information, a fake system dump.
Click to expand...
Click to collapse
excellent thinking glad im not the only paranoid one at this point
or make it so ur phone gives it a virus or borks the device somehow
{ParanoiA} said:
or make it so ur phone gives it a virus or borks the device somehow
Click to expand...
Click to collapse
Wouldn't want to screw up the device, they ain't cheap. A bit too aggressive
Bumping for continued interest.
im not sure if the fulldisk encryption option in android negates this or not but i believe with ICS if u have full disk encryption enabled should negate what this can do correct me if im wrong
spyngamerman said:
im not sure if the fulldisk encryption option in android negates this or not but i believe with ICS if u have full disk encryption enabled should negate what this can do correct me if im wrong
Click to expand...
Click to collapse
Only if you can manage to power off your device before the cops take it from you. Otherwise, the data partition is already mounted, and they can suck it down into their UFED via the ADB interface.
A question, though: if you have USB debugging disabled, then ADB isn't available over USB, so could the UFED still access your data? The cops would need to turn on USB debugging, wouldn't they? And if you have a pattern/passcode lock, they wouldn't be able to get into the settings to do it.
Anyway, encrypting your data partition and powering off your phone before the cops get to it is the safest option. Use a really long passphrase, though, because they could still grab an image of your encrypted data partition and take it to a lab where they could try to brute-force the passphrase.
whitslack said:
Only if you can manage to power off your device before the cops take it from you. Otherwise, the data partition is already mounted, and they can suck it down into their UFED via the ADB interface.
A question, though: if you have USB debugging disabled, then ADB isn't available over USB, so could the UFED still access your data? The cops would need to turn on USB debugging, wouldn't they? And if you have a pattern/passcode lock, they wouldn't be able to get into the settings to do it.
Anyway, encrypting your data partition and powering off your phone before the cops get to it is the safest option. Use a really long passphrase, though, because they could still grab an image of your encrypted data partition and take it to a lab where they could try to brute-force the passphrase.
Click to expand...
Click to collapse
yes good points
the simplest method i find to protect against this is use Full disc encryption for starters
then use cryptfs to set a long ass password for preboot and keep a short pin for lockscreen that's reasonable and have a nice shortcut for immediate poweroff on lockscreen if concerned about this and then powering off is easy/fast
and ofc keep usb debugging off unless needed
if your really adventurous you can also use yubikey key second slot for partial password for the preboot if you have a microsd adapter for it and your device supports it preboot via OTG etc as input
then
type in a brainpassyouknow+yubikeyslot2
and its 2 factor auth and secure as **** long ass random password combining something you know and something you have
I'm also interested in this project
Let me tell you a little story about a guy (me) who was sitting in a car while his girlfriend was working when an officer approached. I wasn't doing anything wrong but due to a little misfortune I had nowhere I could go and stay so I had to just sit in the car until she was done working. The cop came to the car and asked me what I was doing and why I was sitting in the car on my laptop in a public garage. I told him I had nowhere to go and I was waiting on my girl. I noticed his hand placed on his weapon and I realized very quickly this was not going to be a casual encounter. he asked me to step out of the vehicle and I asked him why. Now I know normally you shouldn't question an officer but something seamed very off about this gentleman. It was when I locked the doors that things started to escelate and my anxiety went through the roof. I told the officer that I did not feel safe with him holding his weapon to me when I had done absolutly nothing wrong. He just became aggitated like a guy on steroids and called in some other officers. Well things wasn't looking good for me but I decided to try and use my phone camera as some added protection so I wouldn't get shot for absolutlly no reason at all. Well the cops did back off, but this is where things got really crazy. a few minutes later, and it couldn't have been more than 5 minutes, my phone went to some screen like when you have emergency dialing only. I tried calling my girlfriends job but nothing worked at all. I got scared so I dialed 911...NOTHING!!! These guys basically turned my phone into a paperweight. I couldn't do anything with it. I didn't know what to do so I called out the window to a crowd of people and told them to call 911 for me. I then noticed the officers leaving in their vehicles and I got out and ran to my girlfriends job where I stayed until she got off of work.
Now in all of this there is two main points that I really feel are extreme issues. One is how is it legal for anyone, even an officer of the law, to take away your ability to use emergency services?? And second why do they need this software that basically can give them an opening to do whatever they want to you without you being able to protect yourself. Law enforcement is becoming more and more alarming to me with all the technology that they have at their disposal. I say if they want to be able to have surveillance on us 24/7 I believe we should get the same respect. We cannot stand by and have our basic human rights violated like this!!!!
so i just my new galaxy nexus and to check my work email (through an app called lotus), it checks my phone to make sure i have a 10char+ complicated password set. as you can imagine, having to enter a 10char+ complicated password everytime you want to get to your phone is annoying. is there a way to bypass this? i am rooted...
The password is thought, to kep the phone safe. Just make an easy password, and leave it be. And why not just use the mail app, that is shipped? It's good enough.
familyguy59 said:
The password is thought, to kep the phone safe. Just make an easy password, and leave it be. And why not just use the mail app, that is shipped? It's good enough.
Click to expand...
Click to collapse
company requires us use lotus and requires password to be extra strong
unknown00 said:
company requires us use lotus and requires password to be extra strong
Click to expand...
Click to collapse
So let me make sure this is clear: You are asking for help on bypassing security enforced by your employer, without discussing it with the administrative/tech support team? You are aware that many businesses have clauses that if you bypass their security, you can loose your job over it.
Honestly, I would attack this problem from the other end. Go to your manager and put a business case on why having such a strong password on a mobile device is not needed. Do your research and go in detail about how secure different passwords can be, look at the app, see if there is an auto-wipe for # of incorrect password attempts (if you can't brute force it, then a weaker password might just be as good). Mention the enhanced security the nexus device has (full device encryption), etc etc etc.
If you do it right, you will get recognition for being a forward thinker, for following the rules, and if successful, for saving the company money on their bottom line.
I do IT support and if one of my users by-passes my security, I'm talking to their boss and will SEVERELY restrict anything they do down to the bare minimum needed for the job.
It's also possible that you are in a position where you e-mail is highly sensitive and the risk of having that e-mail fall into a competitors hand is so great, that these security needs are required.
You can set the timeout b4 you are asked to enter your password again. I did it when i was on 4.0.2, but I can't remember where or how i did it though.
manager hates the pw requirement too and wants to get rid of it. it's something corporate put up that everyone complains about. there is nothing i can do personally as the company is too large. i just want to figure a way around it if possible
Herman76 said:
You can set the timeout b4 you are asked to enter your password again. I did it when i was on 4.0.2, but I can't remember where or how i did it though.
Click to expand...
Click to collapse
Bump, in case you missed it since we answered simultaniously.
unknown00 said:
there is nothing i can do personally as the company is too large.
Click to expand...
Click to collapse
And it's that attitude that will prevent any changes from occurring.
Personally, I worked at a company of about 100,000 people that has an international presence. I was successful with a BPI project where we licensed an application to manage multiple monitors (this is before win7) I had to show that the increased productivity offset the cost of the application.
Matridom said:
And it's that attitude that will prevent any changes from occurring.
Personally, I worked at a company of about 100,000 people that has an international presence. I was successful with a BPI project where we licensed an application to manage multiple monitors (this is before win7) I had to show that the increased productivity offset the cost of the application.
Click to expand...
Click to collapse
i work in a company of 400000+ internationally and is one of the largest IT companies in the entire world (take a guess ) but in all seriousness, it's not possible that 1 person can get rid of pw requirement. sry, don't argue that point
Figured it out. If you set security to pin (I only tested it with pin), you will get an option to choose timeout b4 you will get asked for pin again.
Combined with short timeout for screen off, I think this will be a good workaround.
Sent from my Galaxy Nexus using Tapatalk 2
Herman76 said:
Figured it out. If you set security to pin (I only tested it with pin), you will get an option to choose timeout b4 you will get asked for pin again.
Combined with short timeout for screen off, I think this will be a good workaround.
Sent from my Galaxy Nexus using Tapatalk 2
Click to expand...
Click to collapse
i understand this is a "workaround" that may work but i'm looking for a permanent fix to get rid of it as a whole
Anyone have any experience with encryption on the One? My work email is requiring it and I've heard bad things about speed and battery life on other phones.
ewong90 said:
Anyone have any experience with encryption on the One? My work email is requiring it and I've heard bad things about speed and battery life on other phones.
Click to expand...
Click to collapse
I'm a network admin at my work, and I setup our Exchange policy, also requiring encryption on mobile devices. I added my work email to my personal One, and the encryption process took around 30 minutes (rough guess). Only had the phone a few days before I did this, but I haven't really noticed any performance of battery difference. I think this was a problem on older devices, but I've never used encryption previously on my personal devices, so I can't speak for anything else for sure. But, this phone is a beast, no issues for me.
I ran a AnTuTu Benchmark test on the stock ROM (I'm not unlocked ), with the result: 26044.
Attached some photos, 1 of the benchmark, 2 showing proof on the Exchange policy and encryption.
Edit: It wouldn't let my upload more than one image, not sure what's going on...
I have the other pictures saved with same date and time, maybe I can upload them in a few mins.
There exists an app that sandboxes exchange so you can enable all their nonsense but it does not actually touch anything. I do not remember what it is called sadly.
Putting your work exchange email on your personal phone is a dumb move. As soon as you do this you no longer "own" your phone, your employer does. They can fully wipe your phone at any time. People need to stop allowing this practice entirely. If your work requires you to have exchange email on a mobile device, make them provide it. Stop using YOUR device, and footing the bill, for a tool and service that THEY should provide. It's amazing how you get to pay for it, but they want complete control.
Sent from my HTC One using xda app-developers app
c5satellite2 said:
Putting your work exchange email on your personal phone is a dumb move. As soon as you do this you no longer "own" your phone, your employer does. They can fully wipe your phone at any time. People need to stop allowing this practice entirely. If your work requires you to have exchange email on a mobile device, make them provide it. Stop using YOUR device, and footing the bill, for a tool and service that THEY should provide. It's amazing how you get to pay for it, but they want complete control.
Sent from my HTC One using xda app-developers app
Click to expand...
Click to collapse
for some people its a personal choice for convenience.
For others, their employer pays their cellphone bill while allowing the employee to choose the device. My wife's work is like that, but they don't seem to require even a secure lockscreen.
Put me on the "Personal Choice" list. I have been running exchange on my devices for years for my corporate email. No encryption forced but the security does require a pass-code. The other option would be to carry 2-3 devices...not my cup of tea.
I highly recommend Moxier Mail. My company requires that my entire phone is encrypted and this program was a good way to circumvent this. They have no way to tell that you are using the program. It is a bit pricey, but to fully encrypt a phone can take up to 16 hours depending on what you have.
nrfitchett4 said:
for some people its a personal choice for convenience.
For others, their employer pays their cellphone bill while allowing the employee to choose the device. My wife's work is like that, but they don't seem to require even a secure lockscreen.
Click to expand...
Click to collapse
Just giving a heads up. Few people are aware that your entire phone can be wiped once you do this.
Sent from my HTC One using xda app-developers app
Like I said, I'm a network administrator at my work, and I created our Exchange policy, requiring a PIN and encryption. Exchange also has the option to control certain available features on the mobile device, such as the camera, or wifi, as well as preventing unsigned apps on the device. Like others have said, there is also the ability to remotely wipe the device from the Exchange server, or just remove the active sync account from the device.
I agree mostly with the above statements. I do not have a company supplied mobile phone, and don't really need one, but I did choose to have my work email setup on my phone for convenience, and for calendar entries. We do allow staff to add their work email to their own personal device, and that is why these type of options are available, so the company has a better control on the security and privacy of their digital property. I do not feel in any way that because I choose to add my work email to my own personal phone, that it is now company property, and I can remove my account at any time. I do agree, if the company requires you to have your work email on your mobile device, they company should at the very least pay the mobile bill, if not supply the device to begin with.
As far as the encryption, my HTC One took around 30 minutes to encrypt, and I have not seen any performance difference.
Attached are a few shots of the policy properties screen.
Edit: Another shot of the remote wipe screen.
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
calash said:
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
Click to expand...
Click to collapse
+1, forgot to mention users can also remotely wipe their own device in the OWA.
calash said:
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
Click to expand...
Click to collapse
It is a long time but when you have a 32 gig on storage w/ 32 gig sd card filled with vids, pics, and music it will get take a while for it to go.
Hello my friends, this is a kind of funny? post but i need your help!
I work in a company that provides us a Samsung galaxy note 8.0 this device has its policy settings that way so we cant play with settings etc. (you get an "policy does not allow this action" or something message. It also has a gmail account installed that the IT knows the passwords and username and they are able to see the location of the device through google settings.
This is my last 10 days in the company and i have this arsehole supervisor that calls the IT department and asks them to see my location so he can stalk me. I want to make him a joke so he gets his lesson. Next time he asks for my location, he gets his home!!! (specially pinned to the bedroom of his house ) he is a kind of douche that is very jealous and he will think i hamp his wife :good::good::good::good::good:
i found this nice app in google play (fake gps) but it requires "enable mock location"
i AM able to install apps in the device if i get the apk file in the sd card and then install it from "file manager" app.
What i need is a nice little app that enables the mock locations
i have observed that the settings are locked BUT if you install an app that does the job there is no problem.
for example, the device wont let you disable/enable wifi from the scroll down menu or settings, but if you install an app that does the same thing it wont say "no"
in the same way, if there is an app that "enables mock locations" or a nice guy that can provide me with an apk that does the job i would be greatfull.
thanks in advance!
hello my friends again, not a single answere, i understand that you might think i am the douchebag that wants to hurt an inocent supervisor. Just to let you know, the hole team is getting the faq out of the company because of this ahole. He was one of us untill 1 month ago, but when he sat in the bigger chair he made the hole work concept an agonising experience. We are all moving to other company and just want to give him a little surprise....imagine him calling his "friend" at the it and asking the teams location, and finding out we all are in his house!! Asking for the location is highly illegal, we dont move money or drugs, we are just salesmen! He will freak out and learn his lesson, he wont be able to tell anybody that this thing happened because he will be in trouble for stalking us. We dont want him to get fired though, so we want to give him a freak out moment of "oh ****, they are all at my house? wtf?" and run to his house to find us, then he will call us with a douche attitude, not being able to tell "why the faq your stalked device shows my home location?" it will be good type of "goodbye arsehole!!! supervisor of no team at all" i'll even let you know what happened! come on!!! lets laugh a little, its been a realy realy sad month!!
Your device has been encrypted by your supervisor, and without the password you nor any app can enter the device settings. The only way is to wipe the device to the default settings.
http://www.phonearena.com/news/Heres-how-to-easily-fake-your-GPS-location-on-Android_id62775
Muffycheeks said:
Your device has been encrypted by your supervisor, and without the password you nor any app can enter the device settings. The only way is to wipe the device to the default settings.
Click to expand...
Click to collapse
thats sad!!! we will have to think of other ways to play with his brains....
im willing to try any ideas, if there are any...
it seems to me that only the "settings app" is locked, since i can change locked settings (like wifi enable/disable, BT enable disable, screen backlight etc) from other apps while i get a "policy does not allow this action" when i try to change them from standard android links. I thought i can change "allow mock locations" from an other "app" too.
how about rooting the device, changing this setting and then unrooting? sounds like a plan, no?
how can i check if device is really encrypted? i have almost 0 experience but it seems to me that the device is locked with a crap app like storm windows back in 1995!
i cant enter the settings....