Advanced phone protections - Questions about securing your data... - Epic 4G Q&A, Help & Troubleshooting

With all the talk of police being able to access your phone, I looked in to the options.
I found I could use the following options....
1) unlock password.
bypassed by: if the police dont have your PIN or unlock pattern, Google can be required to provide your email ID/PW to enable unlock
2) encrypted phone
bypassed by: I am unsure how this can be bypassed. If encryption is turned on, I know it breaks CWM, but is there any way to get by it w/o knowing the PIN? Is there any reset besides a wipe of the phone, which would clear any P.I.I. on the phone, wouldn't it?
3) recovery
bypassed by: if you cant get in to the phone, and choose instead to boot into recovery, you can get access to the phones data, but how much access? If you encrypted your data, will this bypass anything? Will the data still be encrypted.
What I would love to see possible, is a PIN for recovery that is a stand alone item with no way to reset it. I know this mean you would have to ODIN if you every forgot it, but if you are more concerned about protecting your data, than data loss, this would be a non-issue, as long as your data is protected
So, is the recovery lock even needed? does encrypting your data and your SD card get the protection needed to prevent access to your phone by authorities, even with Google's help?
I would love to see some security and developers views on this, and on how "safe" you can make your phone if you go all out.

No ideas anyone?
If not.. any ideas where I can go look for answers?

DCRocks said:
No ideas anyone?
If not.. any ideas where I can go look for answers?
Click to expand...
Click to collapse
what would kind of be an example of what your trying to hide from the cops? there is an app or a couple apps that can literally hide your data, and unless they knew the back door functionality of the apps, they would be able to access much data. i use a couple of them.

DCRocks said:
No ideas anyone?
If not.. any ideas where I can go look for answers?
Click to expand...
Click to collapse
k0nane?
Sent from my MIUI V4 Epic 4G via Tapatalk 2 beta 5

LORDFIRE00 said:
what would kind of be an example of what your trying to hide from the cops?
Click to expand...
Click to collapse
It was less about hiding specific data, and more about locking down your phone in general, as in what was possible.
I was interested in how well it could be done, what would need to be put in place, and how secure it really was.

Related

CM7: Phone stolen! - Does entering wrong password wipe the data?

I think I read that after 5 or 10 incorrect password attempts, the data is wiped. Please tell me this is true.
Thank you!
I don't know about the data but you might be able to use this to find it. Downlaod the app to your phone from your computer.
https://market.android.com/details?id=com.lookout.labs.planb
Unless you had some kind of security system, I don't think so. When you get a new phone, you need to install Lookout or some kind of security system. The free version allows you to locate the phone, wipe, and backup data.
Have Verizon mark the ESN bad, the phone won't be able to be activated.
Iread somewhere that assuming you have not deactivated the phone yet, you can install lookout remotely from http://market.android.com and then wipe it.
If you are able to do this, please let us know if it worked...
Yea go to the market and look for the app from lookout called plan b. Its made just for cases like this.
DINC // CM7 RC2 // SLAYHER#9

locked out

Hello everyone.
Somehow I managed to lock myself out of my own phone using the pincode screen lock. I've tried a few trouble shooting solutions which I found online, including downloading something from my computers google play store. Nothing seems to be working and I was wondering if anyone here knew how to help me out?
I've using a sprint galaxy s3 with cm-10.2.0-RC1 mod and I can still access TWRP.
Thanks for any help you can offer!
unfortunately your only option is probably a factory reset, cache and dalvik wipe.
you can do a backup first, reset and probably then restore data for your apps and their data, that probably doesn't include the pin settings which would be saved in the system settings (I would think)
Have you tried using your Google account to recover your lock code?
jdelano said:
unfortunately your only option is probably a factory reset, cache and dalvik wipe.
you can do a backup first, reset and probably then restore data for your apps and their data, that probably doesn't include the pin settings which would be saved in the system settings (I would think)
Click to expand...
Click to collapse
tried this today, apparently the pin is saved to the data. that was the only part of the backup I couldn't restore.
FallenZen said:
Have you tried using your Google account to recover your lock code?
Click to expand...
Click to collapse
I was unaware I could do this, do you have any more information on how to do this?
fmjswitch said:
tried this today, apparently the pin is saved to the data. that was the only part of the backup I couldn't restore.
Click to expand...
Click to collapse
You might try using an app like MyBackupPro and do a selective backup of apps and their data and not use the recovery restore.
Only thing I could find on pin and google account was for wallet and voice, admittedly I didn't spend more than a few minutes googling it. Figured I'd take a look as well, for ya.
Good luck
EDIT: there is an app for that https://play.google.com/store/apps/details?id=net.thomascannon.screenlockbypass.pro&hl=en
fmjswitch said:
I was unaware I could do this, do you have any more information on how to do this?
Click to expand...
Click to collapse
According to Google, if you enter a bad pattern 5 times you should see an option for "forgot pattern," which you can use to log into your Google account and bypass the lockscreen.
https://support.google.com/nexus/answer/3388218?hl=en
FallenZen said:
According to Google, if you enter a bad pattern 5 times you should see an option for "forgot pattern," which you can use to log into your Google account and bypass the lockscreen.
https://support.google.com/nexus/answer/3388218?hl=en
Click to expand...
Click to collapse
that's what I thought too, but I'm thinking cyanogenmod disables this feature. Its told me on numerous occasions "you got the password wrong 15 times, please wait 30 seconds then try again"
fmjswitch said:
that's what I thought too, but I'm thinking cyanogenmod disables this feature. Its told me on numerous occasions "you got the password wrong 15 times, please wait 30 seconds then try again"
Click to expand...
Click to collapse
Hm. No idea there, but if that's the case then perhaps it's possible that there is a way to flash a patch to restore that functionality.
fmjswitch said:
Hello everyone.
Somehow I managed to lock myself out of my own phone using the pincode screen lock. I've tried a few trouble shooting solutions which I found online, including downloading something from my computers google play store. Nothing seems to be working and I was wondering if anyone here knew how to help me out?
I've using a sprint galaxy s3 with cm-10.2.0-RC1 mod and I can still access TWRP.
Thanks for any help you can offer!
Click to expand...
Click to collapse
Flash this in recovery. Phone will be unlocked on boot. This is safe to use on ANY phone where u cannot pass the screen lock. Made by me so please don't do nothing unethical with it
https://dl.dropboxusercontent.com/s...AHNL0lqeon1ovtebgbepd0GtgrhhYP_YH_2Ih-lrGGufw
billard412 said:
Flash this in recovery. Phone will be unlocked on boot. This is safe to use on ANY phone where u cannot pass the screen lock. Made by me so please don't do nothing unethical with it
https://dl.dropboxusercontent.com/s...AHNL0lqeon1ovtebgbepd0GtgrhhYP_YH_2Ih-lrGGufw
Click to expand...
Click to collapse
worked like a charm. you sir, are amazing. thank you!
Thanks for the bypass alternative, Billard.
As an epilogue to this thread, I'd like to share a discovery. It turns out that there IS an option for "forgot password," but if you use a PIN instead of a Pattern with a PIN backup then you'll never know. It's squarely centered at the bottom of the screen if you get your pattern wrong too many times and don't decide to use your backup PIN.
Basically, some (I'm going to guess) intern had this bright idea for increasing security... And so what we've wound up with are two neighboring options on the scale of security levels: the PIN option with zero official redundancies, or the Pattern+PIN option with its TWO redundancies. Why the pattern gets more outs than the Mets on any given day, while the PIN is as rigid and unforgiving as a Catholic school matron, I can't begin to fathom. Go figure, huh?
Maybe somebody who's a lot smarter than I am can figure out how to copy that function and incorporate it into the rest of the lock options for future ROMs.
That's my story and I'm sticking to it,
-Zen

Bypass(Reset) Lock screen Pattern/Password/PIN/Fingerprint scanning without wipe

Bypass(Reset) Lock screen Pattern/Password/PIN/Fingerprint scanning without wipe
We know it's a big pain when you forget PIN/Passowrd/Pattern and you simply can't afford to wipe device as you don't have backup.
Then What?
You were all the night busy with your new beast and when you wake up in morning and notice that your GF/BF took revenge by registering and locking device by his/her fingerprint
Then what?
Very simple. Flash attached file from recovery.
dr.ketan said:
Bypass(Reset) Lock screen Pattern/Password/PIN/Fingerprint scanning without wipe
We know it's a big pain when you forget PIN/Passowrd/Pattern and you simply can't afford to wipe device as you don't have backup.
Then What?
You were all the night busy with your new beast and when you wake up in morning and notice that your GF/BF took revenge by registering and locking device by his/her fingerprint
Then what?
Very simple. Flash attached file from recovery.
Click to expand...
Click to collapse
Thx. But this not work for me ....
I lost my saved finger scanner sample after a nandroid restor.... and after i flash this zip i always got a google keep fc
I have tested and it reset unlock options to swipe. Still finger print registration remain there. But device will be unlocked
Sent from my SM-N910G using xda premium
Great Stuff...Hats off Dr. Ketan
Need to figure out bypassing roam restrictions in download booster
My company policy makes me enter a 6 digit password. It's just a pain. Can I bypass this restriction? They have made their app as device admin.
does this work on more devices like galaxy s5?
Wait, does this mean that the passkey and fingerprints are not secure since everyone can use this to reset/bypass the lock without wipe?
Obviously. Once your device is rooted / CWM installed, there is always chance to modify your system.
elroy944 said:
does this work on more devices like galaxy s5?
Click to expand...
Click to collapse
Usually samsung device have common storing location for PW PIN etc. SO I believe it should work on S5 too. You can try it, I don't believe it will affect anything else even it fail to reset.
Just like that...?
I take it this needs a custom recovery?
So... all a thief has to do is flash a custom recovery from download mode and then flash this file to get past fingerprint scanner and even a strong alphanumeric password?
DONT KNOW WHETHER TO LAUGH OR CRY!!
ceo.mtcl said:
My company policy makes me enter a 6 digit password. It's just a pain. Can I bypass this restriction? They have made their app as device admin.
Click to expand...
Click to collapse
try the app Nine, its an exchange email app which lets you set the 6 digit on the app as opposed to the phone, so you can unlock the phone as per normal with swipe but when you want to open the email app (Nine) then only do you put your 6 digit code, works like a charm, just an idea cos as far as I know there is no exchange security bypass as yet.
Jostian said:
try the app Nine, its an exchange email app which lets you set the 6 digit on the app as opposed to the phone, so you can unlock the phone as per normal with swipe but when you want to open the email app (Nine) then only do you put your 6 digit code, works like a charm, just an idea cos as far as I know there is no exchange security bypass as yet.
Click to expand...
Click to collapse
I logged in only to thank you on this suggestion. This is one awesome app and my device is finally mine again
I set up pin code on the app + full encryption of the data, so it's very safe, all the draconian admin policies from my organizations admins are now gone, plus my device is now intelligently set to have automatically enable pin when I'm not at home.
If anything I have now double security because when I'm not at home, the device requires PIN and the corporate mail does too + it's all encrypted. Well worth the money.
What about for reactivation lock. Is it secure?And can i flash that zip file with stock recovery. My phone is not rooted.
This does not work on Galaxy S5
Did you use Odin to flash this file? Is so can I get some feedback on how because odin doesnt take .zip files. Since I do not have access to the file system, I can't move the files on to phone. Is there another way to flash this files to the galaxy 4 note. I am from the world of iPhone Jailbreaking and helping out a friend.
stat1124 said:
Did you use Odin to flash this file? Is so can I get some feedback on how because odin doesnt take .zip files. Since I do not have access to the file system, I can't move the files on to phone. Is there another way to flash this files to the galaxy 4 note. I am from the world of iPhone Jailbreaking and helping out a friend.
Click to expand...
Click to collapse
With Odin you flash your custom recovery. Flash attached file from recovery, it's said in OP.
Have fun
I took a nandroid backup with fingerprints registered, when ever i restore, it does not recognise my finger prints and even the backup password says incorrect. I tried flashing the utility but no luck. Any work around for the solution as i had to factory reset from recovery to clear the data
It's known issue. Before making nandroid remove registered finger prints.
Sent from my SM-N910G using xda premium
Can this be used to erase the stored fingerprints and reset them?
i used a nandroid backup and while i'm not locked out of the phone, i am locked out of changing fingerpring settings - and the backup password is corrupt as well.

Pin Bypass on HTC One M9

Is there way to bypass the pin lock screen without losing my data? I don't have Android Device Manager installed. I can't factory reset because there's baby pictures and the such that hasn't been backed up yet. Any help will be appreciated.
Johnny5iver said:
Is there way to bypass the pin lock screen without losing my data? I don't have Android Device Manager installed. I can't factory reset because there's baby pictures and the such that hasn't been backed up yet. Any help will be appreciated.
Click to expand...
Click to collapse
Sorry but no, if you forget the pin their is nothing that can be done but reset the device. Their are cloud services for backing up pictures and important documents. I recommend you use them. It's for your own good, You would be happy if you lost the phone knowing no one could access you personal stuff because you protected it with a PIN

Simple root that won't trip Knox?

Hi, there!
I heard there is a method for the S8+ where you can root your phone without tripping Knox. It isn't the best root method and it has its limitations, but it would do just fine for my needs.
Is there such method for the S9+?
Thanks!
Anyone?
CapBlackShot said:
Anyone?
Click to expand...
Click to collapse
No
*Detection* said:
No
Click to expand...
Click to collapse
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
CapBlackShot said:
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
Click to expand...
Click to collapse
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
*Detection* said:
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
Click to expand...
Click to collapse
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
CapBlackShot said:
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
Click to expand...
Click to collapse
It will get wiped first, it asks for the Google account because it was wiped from recovery and not from inside of Android, meaning anyone could have done it
It will not allow anyone past the Google account request, similar to when iPhones are locked to iCloud, you can wipe it as many times as you like but it will always request the Google account
For example, I steal your phone with Cerberus installed, I cannot access your phone so the most likely thing I`ll try is factory reset from recovery, this will wipe the phone and request your Google account login to access it again, which I do not have
Next thing I would try (If I knew about it) was flash stock firmware over the top, which will wipe again this time removing your Cerberus app, but again it will not prevent the Google login request
Final thing I would try would be FRP bypass to get past your Google account login, and if they manage that they have access to your phone, but it is wiped and Cerberus is gone
End of the day, no mod/app will survive the phone being flashed as the system partition is replaced with stock again, and the wipe will reset the data partition where user apps and data are
Best thing to do is enable the Google security settings for find my phone, lock and erase, and enable it to send GPS of last location when the battery is getting low, that way you can track it online until it is turned off/wiped

Categories

Resources