So I left the office to walk to the train station, with my phone in my pocket. The phone is completely stock, unrooted, with a pin lock screen, per corporate IT standards.
I pull out my phone at the train station, and notice it is rebooting. Weird, I think, but it's happened before so I didn't think much of it. But when it finishes booting up, I notice that the lock screen is different with no pin pad. I unlock, and see that the phone has done a hard reset, and wiped everything. I have now lost a bunch of important text messages and call logs, as well as all my settings.
I am beyond livid right now, and honestly feel like ripping someone at Samsung and/or Sprint's head off.
That being said, I am afraid to touch anything, in case there is a way to undo this. I tried doing some searching, but couldn't come up with anyone with the same issue on this phone.
Can anyone speak to why this happened and if I'm totally screwed?
sometimes when phones are stolen the original user if they have the right apps installed they can do a remote wipe.... although I have no explanation of what happen to your phone though
Sent from my SPH-D710 using Tapatalk 2
im0rtalz said:
sometimes when phones are stolen the original user if they have the right apps installed they can do a remote wipe.... although I have no explanation of what happen to your phone though
Sent from my SPH-D710 using Tapatalk 2
Click to expand...
Click to collapse
Well I bought this phone directly from a Sprint store, so can't imagine that would be it... I thought maybe for some reason the Good app (what I use for work) could have been used to initiate a remote wipe, but there's no good reason that tech would have done that without consulting me.
Chief85 said:
Well I bought this phone directly from a Sprint store, so can't imagine that would be it... I thought maybe for some reason the Good app (what I use for work) could have been used to initiate a remote wipe, but there's no good reason that tech would have done that without consulting me.
Click to expand...
Click to collapse
Check with your IT folks and make you're an isolated case. If you are, then they, or Sprint need to provide an answer.
We set those permissions on personal devices (not company owned) , and if the user agrees to access company resources, and if you haven't subscribed or installed a third party app for your own protection, then it narrows it down.
There are documented restarts on the Sprint active issues page but not seeing any hard resets on its own..
MoHoGalore said:
Check with your IT folks and make you're an isolated case. If you are, then they, or Sprint need to provide an answer.
We set those permissions on personal devices (not company owned) , and if the user agrees to access company resources, and if you haven't subscribed or installed a third party app for your own protection, then it narrows it down.
There are documented restarts on the Sprint active issues page but not seeing any hard resets on its own..
Click to expand...
Click to collapse
I just gave them a ring, and they said that absent me reporting the phone stolen/missing, or termination of employment, they would never initiate a remote wipe without first consulting me. God help the Sprint person that has to deal with me in 5 minutes.
you could have a bug in your software do a factory reset.
Sent from my SPH-D710 using Tapatalk
---------- Post added at 11:53 PM ---------- Previous post was at 11:51 PM ----------
no way you could bring it back unless you had software backuping to your sd card or a server. So start using something like evernote and dropbox and ect..... .
Sent from my SPH-D710 using Tapatalk
actually if your sms were being stored on your internal storage you might be able to retrieve it with sms recovery for windows
Related
Sorry for the shameless self promotion. But my Security app Root Defense has been thoroughly tested on the Nexus 7 and unlike any other security app out there, it will allow you to continue to track your phone even if it gets wiped or a hard-reset by a thief.
It's almost impossible to lose your phone and it's completely free.
It requires that your phone be rooted (as most peoples are on XDA)
Please try it out and rate and comment on Google Play if you like it.
The Google Play page can be found here:
https://play.google.com/store/apps/details?id=com.unfairware.rootdefense&feature=search_result#?t=W251bGwsMSwyLDEsImNvbS51bmZhaXJ3YXJlLnJvb3RkZWZlbnNlIl0.
The XDA homepage can be found here:
http://forum.xda-developers.com/showthread.php?t=1775488
chetstriker said:
Sorry for the shameless self promotion. But my Security app Root Defense has been thoroughly tested on the Nexus 7 and unlike any other security app out there, it will allow you to continue to track your phone even if it gets wiped or a hard-reset by a thief.
It's almost impossible to lose your phone and it's completely free.
It requires that your phone be rooted (as most peoples are on XDA)
Please try it out and rate and comment on Google Play if you like it.
The Google Play page can be found here:
https://play.google.com/store/apps/details?id=com.unfairware.rootdefense&feature=search_result#?t=W251bGwsMSwyLDEsImNvbS51bmZhaXJ3YXJlLnJvb3RkZWZlbnNlIl0.
The XDA homepage can be found here:
http://forum.xda-developers.com/showthread.php?t=1775488
Click to expand...
Click to collapse
Does it try to connect to every available wifi network around it? Like if it's not connected after being stolen and detects a wifi network will it connect to it and send data?
atticusmas said:
Does it try to connect to every available wifi network around it? Like if it's not connected after being stolen and detects a wifi network will it connect to it and send data?
Click to expand...
Click to collapse
No, but thanks for the suggestion. It currently caches data offline and as soon as a WiFi or cellular connection is made, the application uploads the data.
This is fantastic
Would it be possible to log which apps are used on the device?
I'm currently trialling Airwatch for a project I'm working on for a fleet of phones and tablets. From what I've tested so far, I'd like to recommend a switch to your solution.
Looks pretty cool. I just bought Cerberus, but would give this a go if I hadn't done that.
Sent from my Nexus 7 using Tapatalk 2
I'm still a fan of lookout
Sent from my Nexus 7 using Tapatalk 2
This looks very impressive!
What I want to know is HOW does it work??
Billy
Sent from my Nexus 7 using Tapatalk 2
looks like a good product. Will give it a try. Contrary to what you have said, other apps CAN survive a system reset or wipe of the phone. you can also embed Cerberus in the rom so that it survives a system reset and you can also hide it and make it look like a system app in the tasks list.
What i like about this product though is how it can track calls, and sms etc. Though this does obviously raise some privacy concerns with all this info being stored on a third party server.
Sent from my Nexus 7 using xda premium
---------- Post added at 11:10 AM ---------- Previous post was at 11:06 AM ----------
Jeepfreak, It embeds itself in the system so that it is treated as if it is a program that came with the phone or tablet. In effect, it injects itself into the rom of the phone (hence the need do root to install). this way out will still be they if you reset the phone.it will not survive the rom being replaced though i assume, which is the same limitation on other apps of this type.
Sent from my Nexus 7 using xda premium
Im a fan of lookout, had no problems but my trial is running out and not sure how good the free version is.
uberNoobZA said:
does obviously raise some privacy concerns with all this info being stored on a third party server
Click to expand...
Click to collapse
I'd rather have my device stolen and wiped than trust a third party.
At £200 the N7 is almost disposable.
Looked at the title and thought... Avast... happy with it, and have no plans on losing something this big. I have mine in an auto on/off case. If the secret code isn't entered in 15 seconds, my N7 starts smoking and disintegrates.
New version just released, check our main thread for details.
http://forum.xda-developers.com/showthread.php?t=1775488
Version 3.1 released!
Change log includes:
* Fix for calls not being recorded bug
* Fix for auto-update can cause auto-uninstall of itself.
* Fix for phones not attaching after install
To ensure your auto-updater is working probably and you weren't affected by the auto-uninstall of program from update bug, please download the latest version from our first post or directly from the market.
Cerberus does the same and has longer history.....so many features....
maysider said:
Cerberus does the same and has longer history.....so many features....
Click to expand...
Click to collapse
No it doesn't, Cerberus tries to save money by not having a database store your information. This is one of the major differences.
What this means to the end user is the following:
If your battery is dead or the phone is off, you cannot see where your phone was a little while ago or see any of your logs. The map will show the location of the last time you manually told it to check and logs will only pull if the device is on.
Root Defense Keeps a copy online and automatically updates background info. This means you'll be able to see where it was right before the battery died or was turned off. Also, all the logs would still be available to look at.
Another major difference is that Cerberus only sends a copy of your SMS or calls logs where Root Defense records them in real time. This is pretty major because if I have Cerberus on my kids phone and they call or text someone they shouldn't, they just have to delete the message of call log and Cerberus would never know. With Root Defense logs can't be wiped.
This is useless, unless your N7 is taken back to a wifi hotspot you have previously allowed it's not going to report back.
Nice idea but only useful for phones
If I stole a N7 the first thing I would do is wipe the rom.
This will only catch a complete idiot and you would be one too for letting your N7 out of your sight.
No security software of this type will be any good unless CWM finally gets password locking.
Shame on the OP for spamming his app when he's already got a dedicated thread for it.
hoosbude said:
This is useless, unless your N7 is taken back to a wifi hotspot you have previously allowed it's not going to report back.
Nice idea but only useful for phones
If I stole a N7 the first thing I would do is wipe the rom.
This will only catch a complete idiot and you would be one too for letting your N7 out of your sight.
No security software of this type will be any good unless CWM finally gets password locking.
Shame on the OP for spamming his app when he's already got a dedicated thread for it.
Click to expand...
Click to collapse
That is pretty harsh, the OP can post anywhere it is appropriate.. and this is one of those places. Also, you overestimate the intelligence of criminals- half of the people on XDA can't flash a rom, why would a random criminal know how? How to go into settings and perform a full wipe maybe.. but that would leave the software on the device.
Eventually they will connect to internet.
Cerberus and avast (and other apps I am sure) can also survive wipe / hard reset. As long as the rom is not flashed, the app stays installed. Cerberus stores very little data which is why it has a once off cost only.
Different pricing models provide different services. At their core, all of these types of apps do pretty much the same thing, but let's try and stick to the facts when saying which can and which can't do things.
Sent from my Nexus 7 using xda premium
I recently thought I had lost my phone but I had just misplaced it at home. Because I had powered it off I was unable to locate it by making it ring and I thought it had been stolen.
Unfortunately, I hadn't set a lockscreen pin or installed a security app to help locate and control my phone remotely so my phone was totally unprepared for the situation.
I hurridly set about changing sensitive passwords using my laptop then I tried to remotely install a security app called "Android Lost" and when I eventually found my phone the app was automatically installed but did not work because it needs to be run and activated.
So, I have learned my lesson from this experience and I have now set a lockscreen password PIN and installed and registered "Android Lost".
Now if I really lose my phone I am not completely helpless and I will not power it off unless it is on charge.
I hope my experience acts as a warning to others who have not taken phone security precautions.
Yeah that's basically the first thing I did with the Nexus 4, I ended up going with Cerberus which was about $4aud for a account which I can use on my two previous phones and tablet should I decide to take it away since the Nexus doesn't have USB OTG support.
Does basically everything, my most wanted feature was the invalid pin/pattern photo, where if you put the wrong pin/pattern in it'll take a photo & Email it to me.
Thankfully haven't needed to put it into action but I make sure to test it after each ROM upgrade just in case it doesn't work.
I think the app "Plan B" will work in that situation. Never tried before though.
Using "Wheres my droid" myself.
parker09 said:
Yeah that's basically the first thing I did with the Nexus 4, I ended up going with Cerberus which was about $4aud for a account which I can use on my two previous phones and tablet should I decide to take it away since the Nexus doesn't have USB OTG support.
Does basically everything, my most wanted feature was the invalid pin/pattern photo, where if you put the wrong pin/pattern in it'll take a photo & Email it to me.
Thankfully haven't needed to put it into action but I make sure to test it after each ROM upgrade just in case it doesn't work.
Click to expand...
Click to collapse
Thanks for your informative reply. I've switched from "Android Lost" to Cerberus which looks better.
Cerebus, Android lost or where's my droid?
I tried Cerberus because of all the positive comments I had seen on xda. I can personally say it is by far the best one out there. I've used seek droid, where's my droid and nearly all of them but Cerberus just seems to do more
Sent from my Nexus 4
ltylty123 said:
I think the app "Plan B" will work in that situation. Never tried before though.
Using "Wheres my droid" myself.
Click to expand...
Click to collapse
Plan B doesn't work on 4.0+
I use Cerberus.
parker09 said:
Yeah that's basically the first thing I did with the Nexus 4, I ended up going with Cerberus which was about $4aud for a account which I can use on my two previous phones and tablet should I decide to take it away since the Nexus doesn't have USB OTG support.
Does basically everything, my most wanted feature was the invalid pin/pattern photo, where if you put the wrong pin/pattern in it'll take a photo & Email it to me.
Thankfully haven't needed to put it into action but I make sure to test it after each ROM upgrade just in case it doesn't work.
Click to expand...
Click to collapse
Yeah, I use Cerberus as well (got it for free quite some time back when the developer was having a "free for life" weekend special). Also, it's worth mentioning that once bought you can use it on up to 5 devices (which is great if you have multiple phones).
In addition to doing what is quoted above it also lets you do all kinds of things in the web interface. From locking the SIM to tracking the phone's location over a given time period to being able to pull up call and text logs. All of that in addition to the usual features of locating your phone (via GPS) and setting off an alarm (that is insanely, and occasionally scary, loud).
I highly recommend it to my friends and family members. Definitely think you should give it a go. If I hadn't gotten it for free I would gladly have paid for it. Never had to use it (beyond showing off its capabilities to people looking for a security app), but it gives me peace of mind knowing it just works (and does so after ROM flashing).
Also, if you have root and enable it as a device administrator it'll do quite a bit more. From locking your phone to remote wipes to uninstallation protection (of course a complete wipe from recovery will beat that, but there's only so much you can do or not do in that case).
I like the way Cerberus can take a picture of someone trying to crack the lock screen pin and email it. I wonder how difficult it is to get past a screen lock pin?
How big is the impact of Cerberus on battery life guys?
Lexus fan said:
How big is the impact of Cerberus on battery life guys?
Click to expand...
Click to collapse
Almost no impact at all
Anyone using avast?
I just got my Nexus 4 and have yet to setup a security app. I used Prey on my last phone and it seemed pretty good. Anyone know how it compares to these other apps?
Lexus fan said:
How big is the impact of Cerberus on battery life guys?
Click to expand...
Click to collapse
No impact at all. Since the app doesn't run until you manually send commands from the web interface. And even then the app doesn't really "run" per se. There's no visibility at all it's even there, minus the icon in the app drawer. (And you can even hide the app and make it so it's only accessible by dialing a certain code from the phone dialer.)
i want to install these 'lost my phone' apps but dont they really drain the battery and you have to turn on gps and location settings on? also if the thief who steals your phone will read up on how to reflash and wipe the phone? it will render these apps useless
I've been using Cerberus for some time now and it's absolutely perfect! Every part of it functions just as it's intended to and the app has practically no impact on battery life. Great stuff!
elbel86 said:
I just got my Nexus 4 and have yet to setup a security app. I used Prey on my last phone and it seemed pretty good. Anyone know how it compares to these other apps?
Click to expand...
Click to collapse
I was using prey, but thanks to this thread I just switched to Cerberus - much better deal, interface, and functionality - plus a couple extra features if rooted. Totally worth the USD4.
Sent from my Nexus 4 using xda premium
If you are like me, you should have all your favorite apps, documents, pictures etc. stored right on your phone that basically gives a full picture of who you are as an individual. You also have been pretty satisfied with the pattern, pin number, password or face unlock or all of these together as a security you have in place to prevent unauthorized access. But here is something that happened by accident that led me down this thought process. While trying to yank out the phone from my pocket while driving (which when you are getting a phone call especially becomes the most impossible task), I noticed that the phone "Power Down", "Restart", "Airplane Mode" pop up was on. This is on top of my regular swipe to unlock with pin number lock screen. This made me curious and noticed that the back button will work to close this pop up and also the power button works to reactivate this pop up. I hope everyone is with me till here. What surprised me was that the phone will actually turn off or restart from this point without the need for an unlock code. This means anyone with rooting and backup knowledge can steal my phone, restart my phone into recovery and wipe it to make the phone their own or just create a backup (CWM) and through that access my personal information. I know that photos and documents stored on the external card is open unless encrypted. But I hoped the internal data would be secure.
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
TL;DR version
If phone is stolen and person has knowledge of android they can factory reset your phone, even if you have a password setup. If they enter recovery they can wipe data and factory reset your phone and now it is usable for them.
My theory if you have your phone rooted I wish there was a way to lock the recovery with a password. Unfortunately ODIN will always be available able to get back to stock. Cerberus is a great app to have full control of phone if stolen FYI
DesperateScorpion151 said:
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
Click to expand...
Click to collapse
As soon as I realize it is missing I would activate the wipe feature in this software.
https://play.google.com/store/apps/details?id=com.lookout&hl=en
If I have your phone in my possession I guarantee I can hack it regardless of any security measure you make take, so the best solution is to be able to wipe it remotely.
technically even a remote wipe is not enough if the thief is knowledgeable. I accidentally wiped flashing in Odin with nand erase checkd and recovered everything that was on it using this
http://forum.xda-developers.com/showthread.php?t=1994705 so your never completely safe
Exactly my point like everyone else confirms it here. We have advanced so much to a point that even a 9 year old (not that 9 is too young to know computer basics) who is familiar with basics on rooting after reading through forums after forums can get away with stealing a smart phone now a days. At this point the only way I could think of protecting my data (first priority) and then track my phone is if the tracker is incorporated into the boot loader or recovery itself on top of what ever software you have installed in the OS. So if the thief tries to unlock my phone after a restart, the installed software should take care of the rest but If he/she is smart enough to go via boot loader or recovery then the incorporated tracker can do its thing. Anything of that sort exists?
Did you forget you could just pull the battery to get into recovery?
Why do you need to pull the battery?
Aerowinder said:
Why do you need to pull the battery?
Click to expand...
Click to collapse
You don't, but its easier than going through all of the steps OP posted.
I really doubt my data is worth anything. Pictures of my cats aren't exactly hot commodities and I don't store anything on my phone that I wouldn't publicly reveal, anyway.
I wouldn't be worried about my worthless information, just annoyed I was dumb enough to let it get stolen. Yeah, I know that basically anyone with half a brain can wipe a phone and re-sell it - it always amazes me when people think that thieves aren't smart enough to do that.
I'm cynical. Saves a lot of worry since I just expect the worst, I guess.
They get into your email where it may be more info to compromise.
Sent from my SGH-T999 using xda app-developers app
I would be less worried about the minute possibility of a phone thief targeting your personal information than I would be about your personal data being mined from your phone by numerous applications.
Bottom line is, if you use Google or Facebook, you personal information is already in the hands of giant corporations who will never be held accountable for the theft of your personal info.
Take Facebook for example - within the app, the only time it should ever ping your location is if you are using FB chat and have the location setting enabled. However, even when you disable location within FB chat, every single time you open Facebook it uses your GPS to get your location. Every time.
In addition, although you are unable to see it in action because there is no notification icon for it, I would bet a million bucks it's also pulling your network location if your GPS is off.
Facebook is constantly working in the background - even if you never opened it.
Google? I won't even begin to try and explain the amount of data they are collecting from you. As is T-Mobile, Sprint, Verizon, ATT, etc. every single second that your phone is on with data enabled.
Should we be concerned with some random thief who knows the ins and outs of Android pulling your data? Sure, we should think about it. But the reality is, if you own a smart phone your information is already out there in the hands of companies who will use it to any end they can in order to turn a profit. Period.
ButWhile I see the pros and cons of different parts involved in using social networks and so forth, one thing we can (at least for now) be certain of is that they won't use your credit card information etc. to make illegal purchases and so forth. I know of a person who routinely used the credit card app to check balance, pay bill etc. and next thing he was getting phone calls to see if the purchases made at a casino in Spain are OK?! This is without ever losing the phone!!. So, it could be worse in the case of phone loss. Sure, personal data, pictures and even email to some extent is not as bothersome to me as identity theft. Thank to some anti-fraud features of the banks etc. one can deny and simply not be associated with that activity (of course in legitamate cases). My friend ended up getting another card with different number and they closed the online banking account. He had to re-register all over with another id. So, it can be a big hassle. I heard of cases where people had to hire lawyers and run around courts to prove their innocence due to identity theft. Of course if you keep a picture of your driving licence on the phone, you are really asking for it so... (trust me, one girl was doing this because she didn't want to carry her purse/wallet on night outs)
Having said that, I am always worried if the roms we download here in XDA have trojans or backdoors built into kernels and system files... I know that it is like doubting even the good devs but how do we know for sure? Unless you are really an in-depth expert and figure out all the details such as processes and ports that are open and so forth, how do you really know? The phone's data icons keep pinging back and forth every now and then and at times I wonder what's being sent and what is it receiving... just sync'ing contacts...or...??
Call me paranoid but, after what happened to my friend, and similar stories, I am a bit skeptical about the security and integrity of the ROMs in the first place... Now, mostly I download and try different roms and settle on one that suits my preferences. I use the phone for calls as well as to make general tasks easier in many aspects except financial transactions. In short, I don't trust my smart phones.
For those of you wondering what Google is tracking, (not by any means the only place to look) login to your gmail account and look around different settings. You'll see web history, phone data to name a few..
Leaving my GN3 in a cab sucked.
I want to make sure that I take every measure to prevent this from happening again - the best app to track it, scary message engraved on the case - ANYTHING that will help me hold onto this thing for longer this time. I had it for less than 5 months.
I am very open minded.
Remember those chain wallets from the 90s? Should find a case like that.
Sent from my SM-G900T using Tapatalk
Karma will give the justice on your lost GN3.
noobtoob said:
Remember those chain wallets from the 90s? Should find a case like that.
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
lol. I gotta get one of these.
What is the preferred app for this kind of thing, something paid, or am I good with the Android Device manager?
GOTYA best app
Sent from my SM-G900T using Tapatalk
GOTYA not bad, costs $3
chuko303 said:
GOTYA best app
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
Nice! Thanks I needed that
Avast Anti-Theft / Android Lost / Cerberus / Tencent Security are very good too.
And also there's an app that alerts you if the phone lost connection to a pre-set bluetooth device (for example your headset), unfortunately I don't remember the name.
If you got your phone on Jump it already comes with Lookout advanced for free.
There are a variety of accessories which go in your wallet or on a keychain that connect to the phone via Bluetooth LE. If your phone is separated from the Bluetooth device, then the phone and or the device will sound an alarm. This way you'll realize immediately when you are separated from your phone.
It's a more expensive option, but you can setup the same thing with pretty much any smartwatch.
---------- Post added at 12:45 PM ---------- Previous post was at 12:37 PM ----------
I'm not sure if it would require root, but I'm sure it would be possible to set it up so that upon losing the Bluetooth LE signal, the phone locks and immediately starts broadcasting it's location to a server. That would maximize your odds if recovery...
I know that lookout will ping the phone's location when it's battery is low. The great thing about Android is that pretty much anything you can think up is possible, so I'd be surprised if someone somewhere hasn't already setup exactly what I mentioned.
I use Lookout. It's found my phone more than once, and has a lot of great features, but you know Google has a phone finder built into Android, so I would use that by default. Just make sure it's enabled under Security, Device administrators, Android Device Manager. You can track/locate it from here: https://www.google.com/android/devicemanager
I have avg mobile antivirus it has an anti theft feature that allows you to send yourself a text to lock phone you can log onto a web browser and track phone if someone replaces sim with new one it can be set to lock pjone and request pin to unlock it as well as sending you an email with sim card serial number and I think telephone number etc.. read up on it I installed it to each one of the phine in my home.
Sent from my SM-N900T using Tapatalk
avg security feature looks good
best bet is cerberus and intalled as a system app so if people do reset the phone the app wont get delete
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Just to share, I found following to be foolproof
- Setup Pin + Fingerpints
- Setup Pin / Password for phone startup
This
- Keeps the device encrypted
- Unable to boot without pin
- Unable to access TWRP without pin
- Doesn't auto-mount on USB connect
Still, it would be interesting to hear about any cons of the above setup.
hyperorb said:
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Click to expand...
Click to collapse
The easiest is to not get it snatched. Or if it does you chase them down and get your phone back. But barring that not alot you can really do and ill explain why.
When someone steals a phone, they dont care about the data on it. They are either gonna sell it or use it. Either way The device has the sim removed with in sec of it being taken and then it is reset or flashed to stock to remove any and all locks. This normally happens within minutes if not seconds of a device being stolen.
zelendel said:
The easiest is to not get it snatched. Or if it does you chase them down and get your phone back. But barring that not alot you can really do and ill explain why.
When someone steals a phone, they dont care about the data on it. They are either gonna sell it or use it. Either way The device has the sim removed with in sec of it being taken and then it is reset or flashed to stock to remove any and all locks. This normally happens within minutes if not seconds of a device being stolen.
Click to expand...
Click to collapse
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
hyperorb said:
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
Click to expand...
Click to collapse
No apple doesn't have the option. Main reason the fbi had to pay to have an iPhone unlocked not to long ago.
Part of the reason I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
hyperorb said:
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Click to expand...
Click to collapse
Cerberus is a really nice app... You have alot of options sadly it isn't free! But heyy, it's cheap and it's functional! Other then that keep your device encrypted and a boot password should do.
As long as you're not rooted and unlocked, it will be a bit hard for an thieve to have access to your phone. Leaving ADB on, might as well decrease the overall security of the phone.
I for example was given a tablet which had a Google account synced with it, and resetting from recovery only made me renter the credidentials previously used to be able to pass the setup.
My luck was that the guy left ADB on and with a simple command I bypassed the setup screen.
hyperorb said:
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
Click to expand...
Click to collapse
Not sure about iPhone's but for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Renosh said:
Not sure about iPhone's but for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Click to expand...
Click to collapse
Exactly. If someone steals your device 99.98% of the time it is too use it or sell it. With way your data is meaningless.
As for them wanting your pass code the above is right. But as they couldn't reset it you could have reported it stolen and the police may be able to find it but most of the time they have better things to do then recover a lost cell phone.
I used to work with people that felt with stolen cell phones. I can say the normally. Withing 30 min of a device being stolen the data is gone. And when I say that I mean a complete DOJ style wipe, format and imei change.
zelendel said:
No apple doesn't have the option. Main reason the fbi had to pay to have an iPhone unlocked not to long ago.
Part of the reason I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
Click to expand...
Click to collapse
....so do all iOS keyboards, both first and third party. it's required for them to function
---------- Post added at 09:25 AM ---------- Previous post was at 09:23 AM ----------
zelendel said:
Exactly. If someone steals your device 99.98% of the time it is too use it or sell it. With way your data is meaningless.
As for them wanting your pass code the above is right. But as they couldn't reset it you could have reported it stolen and the police may be able to find it but most of the time they have better things to do then recover a lost cell phone.
I used to work with people that felt with stolen cell phones. I can say the normally. Withing 30 min of a device being stolen the data is gone. And when I say that I mean a complete DOJ style wipe, format and imei change.
Click to expand...
Click to collapse
this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
2x4 said:
....so do all iOS keyboards, both first and third party. it's required for them to function
---------- Post added at 09:25 AM ---------- Previous post was at 09:23 AM ----------
this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
Click to expand...
Click to collapse
That can easily be bypassed by wiping the data off the device and flash a stock rom to it. The only the the FRP does is prevent them from getting at the data.
No its not really. It's so they can send relevant ads. Those that remember smartphones before Apple or Android knows that it is not really needed.
zelendel said:
That can easily be bypassed by wiping the data off the device and flash a stock rom to it. The only the the FRP does is prevent them from getting at the data.
Click to expand...
Click to collapse
but how can they flash a stock ROM onto the device if the "require PIN before startup" option is selected? how can they flash if recovery has a PIN on it?
2x4 said:
but how can they flash a stock ROM onto the device if the "require PIN before startup" option is selected? how can they flash if recovery has a PIN on it?
Click to expand...
Click to collapse
Because that is before startup and not the bootloader, even with those set up they normally dont cover download mode or what ever mode that particular OEM uses (not all use the same). In extreme cases with some apps that make it a bit harder or people just dont want to be bothered to mess with things too deeply there are tools available that Will push the update right to the board bypassing all security. Sure its a little extra work but it is a sure bet when you cant get into a device and cant be bothered hunting down getting around it.
Also for the passwords on startup. any password cracker would take out the average password in a matter of min.
This has been very interesting and so much to learn. Thank you all for great inputs.
zelendel said:
I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
Click to expand...
Click to collapse
Yes. But then Microsoft too is not clean. Browser , Windows.... That way we can never work.
Puddi_Puddin said:
Cerberus is a really nice app...
Click to expand...
Click to collapse
Have it in all my Androids Very helpful at times, even for non theft purpose..
XDRdaniel said:
Leaving ADB on, might as well decrease the overall security of the phone.
Click to expand...
Click to collapse
Thanks. Will read more on this.
Renosh said:
for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Click to expand...
Click to collapse
Once a phone is lost, there's little chance to get it back. Device loss is one thing and data loss (or rather data access) is another. The later at times can have more problems.
I used to keep my id papers (for ease of printing anywhere as needed) on phone (Nokia N5). Lost that phone .. and till date I hope no one used those to buy services, do illegal stuff. That was a lesson learnt hard way
zelendel said:
With way your data is meaningless.
Click to expand...
Click to collapse
Depends where you are. There are places where one can avail services in other's name using fake ids or stolen data etc.
2x4 said:
. this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
Click to expand...
Click to collapse
Hmm.. I think I came across that in OP3. Didn't pay attention though.
zelendel said:
Because that is before startup and not the bootloader,
Click to expand...
Click to collapse
It is better to loose one than two. Phone is anyways lost .. so at least we can try secure data. Let them wipe and then get nothing in hand.
hyperorb said:
This has been very interesting and so much to learn. Thank you all for great inputs.
Yes. But then Microsoft too is not clean. Browser , Windows.... That way we can never work.
Have it in all my Androids Very helpful at times, even for non theft purpose..
Thanks. Will read more on this.
Once a phone is lost, there's little chance to get it back. Device loss is one thing and data loss (or rather data access) is another. The later at times can have more problems.
I used to keep my id papers (for ease of printing anywhere as needed) on phone (Nokia N5). Lost that phone .. and till date I hope no one used those to buy services, do illegal stuff. That was a lesson learnt hard way
Depends where you are. There are places where one can avail services in other's name using fake ids or stolen data etc.
Hmm.. I think I came across that in OP3. Didn't pay attention though.
It is better to loose one than two. Phone is anyways lost .. so at least we can try secure data. Let them wipe and then get nothing in hand.
Click to expand...
Click to collapse
You don't need to steal someone's phone to get a fake ID with their info. 1500 usd will get you that without it.
As for getting nothing in hand. They got exactly what they wanted. The device. Unless you work for the government in a high place. Then your data is meaningless on your phone. You already put it in enough places on line while using a pc that if they want it they already have it.
I could easily steal someone identity with a little more then what they post on Facebook or other social media outlets.