Question: I have the Dev Edition Note 4 and am looking for the lock screen fields in SQLite, since they seem to have moved. Does anyone know where they are located now?
Reason: When encrypted, as we all know and hate, you have to use a password with a special character.... That you also have to use as the lock screen... Which sucks. It would be pretty handy to have the scanner for unlocking the screen and the password for decryption on boot.
Background: On the Note 3 you could use SQLITE to change LOCKSCREEN_PASSWORD_TYPE to different codes which enabled the different types of password. For instance 131072 was for PIN. After encryption was in place I was able to change the lock screen type to PIN. However, since no PIN was used during setup it would just act as if any entries didn't match. I want to see if changing to fingerprint scanner would work since the fingerprints, or password in this case, are stored in the phone prior to the change. Hopefully making it so lock screen can be unlocked much easier while encrypted.
Thanks everyone.
Just an update to this for anyone who likes to, or needs to, have FDE enabled on their devices.
If you setup your fingerprint unlock and use a file explorer to go to data/system/ you will see three files called lockscreen.db two in which say -shm and -wal after. Copy those to the SD card.
Then make your way to Terminal Emulator and run the command pkill -KILL daemonsu . This will kill superuser. Making the FDE actually run.
After encryption is complete you can take the lock settings files saved earlier and copy (replace) them back to the data/system/ partition.
That's it. When booting you will have your strong password and be able to use the scanner for screen unlocks.
Now this only works for for device encryption. SD cards seem (?) to decrypt after the boot process and this causes them to not mount correctly. One of the times I was toying around with it the files on the SD were actually corrupted and unrecoverable. So make backups and all that if you decide to figure that out. I typically use encryption manager for things that I want to encrypt on the SD card anyway. Since I use the card in several devices.
Hope this helps anyone who wants or needs FDE on their Note 4 Devs.
Fingerprint scanner is not displaying note 4 - android 5.1.1
blubyu87gt said:
Just an update to this for anyone who likes to, or needs to, have FDE enabled on their devices.
If you setup your fingerprint unlock and use a file explorer to go to data/system/ you will see three files called lockscreen.db two in which say -shm and -wal after. Copy those to the SD card.
Then make your way to Terminal Emulator and run the command pkill -KILL daemonsu . This will kill superuser. Making the FDE actually run.
After encryption is complete you can take the lock settings files saved earlier and copy (replace) them back to the data/system/ partition.
That's it. When booting you will have your strong password and be able to use the scanner for screen unlocks.
Now this only works for for device encryption. SD cards seem (?) to decrypt after the boot process and this causes them to not mount correctly. One of the times I was toying around with it the files on the SD were actually corrupted and unrecoverable. So make backups and all that if you decide to figure that out. I typically use encryption manager for things that I want to encrypt on the SD card anyway. Since I use the card in several devices.
Hope this helps anyone who wants or needs FDE on their Note 4 Devs.
Click to expand...
Click to collapse
Hi, i have a big trouble with my note 4, i had a fingerprint lock screen with a pin pass in case of emergency; the phone just got locked with no reason and it doesn´t show me the fingerprint option and doesn`t get any pin. Im out of my phone, i don`t know what to do, i took some photos yesterday that i need for my job urgently, could you help me?
Related
I'm assuming this is associated with the recent phenomenon of hardware ID's changing everytime a new ROM is installed. Apparently MS uses the same hardware ID when it encrypts files on SD cards. What this means is you will lose all of your files on the SD card (including backup files) if you have encryption turned on, the files get encrypted, and then you switch ROM's.
So.. uh.. this is just a little warning, and it might be obvious to everyone but me... don't use SD encryption unless you know you're going to stick with a ROM.
I have no idea why MS doesn't just use the IMEI, but... they don't.
From what I read about the encryption, the key is generated after a hard reset, so basically you can't hard reset the device once data is encrypted.
Do you know wether there is an option to backup ones key to a file, save it to ones PC, and then reimport it once one has finished hardresetting the device?
If I were MS I'd see the vast usefullness of such an option and integrate it at once
the encryption key is created when you turn the Setting on...
and when flashing a new ROM or a HardReset the key is desteroid...
i am still yet to find the location... still looking...
Providing you remember, can't you just turn off the setting before a flash or hard reset and restore all the files to there unencrypted state?
Once the ROM has been flash and everything hard-reset you can just encrypt them again?
Percz said:
Providing you remember, can't you just turn off the setting before a flash or hard reset and restore all the files to there unencrypted state?
Once the ROM has been flash and everything hard-reset you can just encrypt them again?
Click to expand...
Click to collapse
No, because turning it off doesn't decrypt existing encrypted files. Just like turning it on doesn't encrypt the normal files. It will decrypt them as you open and resave them.
:-\
walshieau said:
the encryption key is created when you turn the Setting on...
and when flashing a new ROM or a HardReset the key is desteroid...
i am still yet to find the location... still looking...
Click to expand...
Click to collapse
OK; that makes sense. I just realized that after I hard-reset I restored most of my settings with the data from a backup (Sprite Backup). I wasn't seeing the encoded files problem because I was restoring from a non-encrypted file.
ugh.
y2whisper said:
From what I read about the encryption, the key is generated after a hard reset, so basically you can't hard reset the device once data is encrypted.
Click to expand...
Click to collapse
That makes perfect sense, actually. That way someone can't hard reset your phone to get at the data.
Too bad it also means the real owner can't get to his own data..
Some FAQs from the horse's mouth: http://blogs.msdn.com/windowsmobile...ows-mobile-6-storage-card-encryption-faq.aspx
What you can do is ActiveSync your Device and then drag and drop all the files you want to keep before the hardreset. And then when you finish installing your ROM and Hardresetting your device, just transfer back the files via activesync. I know its tedious and long if you have like 1 gig of **** in the SD card, but thats the only way i've found.
just lost files to encryption
Been reflashing my 8525 with new versions of custels and vanilla and have never lost files to encyption. However just flashed to Black 3.01 and lost all my stuff. If i flash back to my previous ROM is it conceivable that the same key will be created and i will regain access to my files?
Unfortunately, I was also unaware of this. I presumed MS would use a key based on the hardware or something like that.
Anyway, is there any way of breaking the encryption and get back the files?
Thanks!
Keshen
As the DataProtection API as in WinXP and Win2003 is used, it is AES-128 by default.
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths."
So brute force attack is not really an option….
As the key is stored somewhere in the flash I think this will be the only feasible way to decrypt the files.
But as the key is lost because of the hard-reset during upgrade, there is not much hope...
Only if we can get more information on how the keys are generated, maybe this will reduce
the complexity of an attack.
You won't have good luck trying to crack the encryption. Which, is actually a good thing since the purpose is to keep your data safe in the wrong hands. I prefer to use a 3rd party encryption solution as it allows more choices and control.
MrGAN said:
As the DataProtection API as in WinXP and Win2003 is used, it is AES-128 by default.
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths."
So brute force attack is not really an option….
As the key is stored somewhere in the flash I think this will be the only feasible way to decrypt the files.
But as the key is lost because of the hard-reset during upgrade, there is not much hope...
Only if we can get more information on how the keys are generated, maybe this will reduce
the complexity of an attack.
Click to expand...
Click to collapse
Breaking AES is pretty hopeless unless you have access to the NSA's computer systems.
The big problem, in my opinion, is MS doesn't give you an easy way to back up the key and restore it. Now that I've given it more thought, it makes perfect sense that the key gets nuked on a hard-reset: otherwise someone could just hard-reset your phone and have access to your data. In most cases, it's better to permanently lose the data than to allow someone else to have access to it.
Another thing that MS would be wise to offer is a "mass decrypt" function that would go through the entire SD and decrypt all of the encrypted files.
Other than that -- the way I've been dealing with it is by using SpriteBackup (I'm sure SBP does this too) and back up the SD card along with the main memory. Since the encoding happens in the OS level, the backup software sees the normal unencrypted files. So this way I can restore the SD backup after a rebuild (I don't recommend restoring the main ROM image, since so much changes between each release).
j
keshen said:
Unfortunately, I was also unaware of this. I presumed MS would use a key based on the hardware or something like that.
Anyway, is there any way of breaking the encryption and get back the files?
Click to expand...
Click to collapse
Once you hard-reset your device and lose that key, your files are gone, unless you somehow have access to some very very high powered computer systems that can break AES -- and even then it would take several years.
I think the NSA in the US has managed to break AES (that's the rumor I've heard), but it takes quite some time.
j
AES-128 offers a sufficiently large number of possible keys, making an exhaustive search impractical for many decades.Correctly implemented AES-128 is likely to protect against a million dollar budget for at least 50 – 60 years and against individual budgets for at least another 10 years.
But as there are many pitfalls to avoid when encryption is implemented, and keys are generated.
So if the key is easy to guess it doesn’t matter if AES is secure ot not.
Creating good and strong keys is a surprisingly difficult problem and requires careful design when done with a computer. The challenge is that computers are notoriously deterministic, but what is required of a good and strong key is the opposite – unpredictability and randomness.
Provided that the implementation is correct, the security provided reduces to a relatively simple question about how many bits the chosen key, password or pass phrase really corresponds to. Unfortunately this estimate is somewhat difficult to calculate, when the key is not generated by a true random generator.
To make a long story short: if at all then the key generation might be the weak spot...
So i've to realyze that i've lost all the data of mi SD card. That sounds incredible!!, i don't know if i will be able to recover all the changes made.
I installed Mobsync, wich makes me backups of the SD data to avoid SD corruption, but the files are also encrypted on my PC.
WM5torage
I'm curious if anybody has tried turning encryption on, and using WM5torage to transfer files to/from the Hermes. Does it properly encrypt/decrypt the files, or does that work only when using ActiveSync?
-- Joe
Apart from not being able to undo the encryption without doing a full wipe.
I see very little written about the pros and cons of encrypting your GNex. All I've seen so far are:
Con - can't reverse the action
Pro - it's secure.
Con - It takes longer on startup.
Pro - Only the first time.
Not a very long or useful list. Stuff like "it's secure" is also very general. Technically, it's more secure from what? How?
Does anyone have good info on the encryption on the GNex and what specifically makes it useful? Or not.
Con: You can't access /mnt/sdcard from the adb!
- - I was just thinking if it really don't allow me to access the sdcard from my eclipse DDMS-> File Manager until I unlock it... but guess what! even if its unlock, I can't access the /mnt/sdcard. Not sure whats the case with applications.. but its obviously not something I was looking for.. and the problem is that to undo encryption I will have to setup my tablet again from scratch!
Tell me if someone else manage to access /mnt/sdcard
I want to use Android Device Encryption (Settings --> General --> Security). My questions are:
1). Is there any issue if my device is rooted and KNOX is disabled (it's still 0x0)
2). If anything to my device and I need to Odin, I assume encryption will NOT prevent me doing so?
3). Bonus question: is there anyway to use PIN when the device is encrypted? I only see "Password" and the rest is greyed out. I don't want to use 6 characters alphanumeric password everytime I want to use my device.
1) Yes, if you're rooted with a 100% stock ROM and recovery, you CAN encrypt.
2) Sort of. It might mess up the encryption. Mine got confused thinking it was still encrypted, but couldn't mount the partition after Odin ran. To fix it, boot to STOCK recovery using the hardware keys (vol+/home/power), and do a factory reset from in there. Note that CWM/TWRP etc will NOT work to fix this issue. It's something to do with the changes Samsung made to the encryption code.
3) Nope. Password only. In theory, it might be possible to do an Xposed module, but I didn't find a good place to hook in to the process. If they would separate the encryption password from the device lock code, this would be easy. I ended up using the No Lock Home Xposed module, which lets you switch to swipe screen lock when you are connected to particular wifi/cell/BT devices.
I'm actually running without encryption now. It makes custom ROMs difficult. I believe if I were running an AOSP derived ROM it would be fine, but using modded stock stuff causes issues. Make sure you do backups to SD or a computer. If something goes wrong with the encryption there is no way to recover without a full wipe, which kills everything on the internal storage, including /sdcard. The external SD card is not affected, unless you encrypted that as well. I like the extra security, but the implementation sucks and is buggy.
Hi, I have a stupid question: Is there any way to read and modify system files on my HTC One M8 through USB to a computer that can access them and doesn't care about file permissions? I have an annoying WiFi notifications issue that I can't disable anywhere implemented by Verizon and they lock the bootloader on 5.0.1 and I've found no safe workaround. I just want to edit the file that has this setting.
Maybe I don't know enough about the technology, but is there no program I can use on Windows or Linux that can read the memory through USB and let me change the data without it caring about permissions? If the files are not encrypted but accessible, something should be able to read them and let me edit them, as I can get Linux to read and edit any information on a Windows drive that isn't encrypted even if the user has a lockscreen password as it bypasses boot-up.
(I realize I may be sounding like an idiot as someone might have already done this if possible but maybe I haven't searched hard enough)
This would never work, since the system partition is write protected. Even if you can somehow change the system files by USB (which I think is unlikely), the changes would just revert when you rebooted. You need a kernel mod to disable the system write protection; and for that you need root.
Earlier in OnePlus 3 days...
I have set up fingerprints to unlock my device with pattern lock.
Then ...
I had deleted ... The below mentioned files from data/system...
1. locksettings.db
2. locksettings.db-shm
3. locksettings.db-wal
4. gatekeeper.password.key
5. gatekeeper.pattern.key
Because i dont want any security on my phone but i want my fingerprints to unlock my device very quickly and after removed the above mentioned files, i did that no more secure lockscreen and fingerprints working fine.
Now... In 'OnePlus 5T'...
I have set-ups my fingerprints to unlock my device with pattern lock.
Then ...
I had deleted ... The below mentioned files from data/system...
1. locksettings.db
2. locksettings.db-shm
3. locksettings.db-wal
4. gatekeeper.password.key
5. gatekeeper.pattern.key
As i don't want any security in my phone because my family need my Phone sometimes so i want swipe up to unlock my phone and fingerprints to unlock my device very quickly but as in OnePlus 3 it was working very fine but in 'OnePlus 5T' it is not working... When i reboot my phone it is showing blank screen, no home screen only wallpaper is showing.
When i get back into TWRP recovery (Blu_Spark) it is asking me a password to unlock modification and i have deleted the lockscreen security files already though.
Any solution?
I know many of you will saying decrypt your phone.
So, i have already format data and wipe internal storage.
Still when i followed the above steps, it still ask me a password in TWRP recovery.
How to solve that issue?
Note: Please Do Not Suggest to me to entered family's member fingerprints or tell them the password or pattern as i simply mentioned above what i want.
The default password in TWRP is "default_password" (without quotation marks). You could try that...
Didgeridoohan said:
The default password in TWRP is "default_password" (without quotation marks). You could try that...
Click to expand...
Click to collapse
Thank you for the reply.
I have not tried that password but i will soon... any idea about the above first issue? Home screen is not showing anything, only showing Wallpaper of the phone?
Can someone let me know how to find the password ?
The default one (default_password) seems to not be working
Using bluespark TWRP by the way and stock Oxygen OS with fingerprint password
Not sure if the data partition is encrypted, but it sure does look like it as in TWRP file manager I can not browse in folders in sdcard properly since they folder names are hashed
Edit:
Nevermind
Removed the fingerprint and data is no longer encrypted
This is a weird one and I would still like to know how to bypass it by not always removing the fingerprint if possible
So if someone knows, feel free to reply back
Normas Interruptor said:
Thank you for the reply.
I have not tried that password but i will soon... any idea about the above first issue? Home screen is not showing anything, only showing Wallpaper of the phone?
Click to expand...
Click to collapse
I have the exact same issue!! I deleted the 5 keys and I can only see the wallpaper and it doesn't allow me to set a new pin. TWRP is asking me for a password that I never set. Did you ever figure out how to solve the problem? I would like to figure out how to decrypt my data before having to do a reformat... :crying:
CoCoGirl886 said:
I have the exact same issue!! I deleted the 5 keys and I can only see the wallpaper and it doesn't allow me to set a new pin. TWRP is asking me for a password that I never set. Did you ever figure out how to solve the problem? I would like to figure out how to decrypt my data before having to do a reformat... :crying:
Click to expand...
Click to collapse
Well, this issue only appear when you have encrypted device...
So, to get ride of this situation again... Just format data with yes command and always flash no-vrrity zip to stay decrypt now you can delete these 5 files and stay decrypted and you can use your phone without any issues.
Normas Interruptor said:
Well, this issue only appear when you have encrypted device...
So, to get ride of this situation again... Just format data with yes command and always flash no-vrrity zip to stay decrypt now you can delete these 5 files and stay decrypted and you can use your phone without any issues.
Click to expand...
Click to collapse
That will wipe my entire internal drive as well right? I don't mind using my phone encrypted, but I'd just want to get past the encryption now so that I can access and backup my files before flashing or formatting.
CoCoGirl886 said:
That will wipe my entire internal drive as well right? I don't mind using my phone encrypted, but I'd just want to get past the encryption now so that I can access and backup my files before flashing or formatting.
Click to expand...
Click to collapse
Yes! you are right, formatting data can format your entire storage including internal storage but that will be happens only once..... Install TWRP recovery by codeworkx universal and format data, that will be erase the entire storage for sure but once you done with that... copy and paste Oxygen OS ROM file along with No-verity.zip file...
first flash ROM then flash No-verity.zip so you can stay decrypted ever.
Flashing no-verity.zip all the time in every rom at last is the best practice to stay decrypted.
Normas Interruptor said:
Yes! you are right, formatting data can format your entire storage including internal storage but that will be happens only once..... Install TWRP recovery by codeworkx universal and format data, that will be erase the entire storage for sure but once you done with that... copy and paste Oxygen OS ROM file along with No-verity.zip file...
first flash ROM then flash No-verity.zip so you can stay decrypted ever.
Flashing no-verity.zip all the time in every rom at last is the best practice to stay decrypted.
Click to expand...
Click to collapse
Ah I see... the problem is that I don't have any backup of my files right now. So even if I format only once, my entire storage will be forever gone.
Did you figure out how to solve the problem of "when i reboot my phone it is showing blank screen, no home screen only wallpaper is showing" without reformatting?
CoCoGirl886 said:
Ah I see... the problem is that I don't have any backup of my files right now. So even if I format only once, my entire storage will be forever gone.
Did you figure out how to solve the problem of "when i reboot my phone it is showing blank screen, no home screen only wallpaper is showing" without reformatting?
Click to expand...
Click to collapse
You have to erase the entire storage that is the only solution... trust me i have faces this issue several times when my phone as not decrypted and i lost my entire storage almost 10 times
If you have a fingerprint set, OR a pin or password, your TWRP pass is ALWAYS the same as your phone pin or pass Just tried it on mine.
Normas Interruptor said:
You have to erase the entire storage that is the only solution... trust me i have faces this issue several times when my phone as not decrypted and i lost my entire storage almost 10 times
Click to expand...
Click to collapse
jesus christ!
McDumbdumb said:
If you have a fingerprint set, OR a pin or password, your TWRP pass is ALWAYS the same as your phone pin or pass Just tried it on mine.
Click to expand...
Click to collapse
Yup, that's the solution
LucasBass said:
Yup, that's the solution
Click to expand...
Click to collapse
Glad to get some confirmation, I was fairly certain this had worked across multiple TWRP versions, but glad to hear it works from other users
CoCoGirl886 said:
I have the exact same issue!! I deleted the 5 keys and I can only see the wallpaper and it doesn't allow me to set a new pin. TWRP is asking me for a password that I never set. Did you ever figure out how to solve the problem? I would like to figure out how to decrypt my data before having to do a reformat... :crying:
Click to expand...
Click to collapse
Same exact issue here as well. Did you ever find a solution without losing your data?
p3ric0 said:
Same exact issue here as well. Did you ever find a solution without losing your data?
Click to expand...
Click to collapse
Unfortunately no. I had to format in the end and lose 9 months of photos, data, etc :crying:.
Now I know not to mess with the lockscreen keys because the newer android versions (i think 6.0 and over) has a security patch to prevent access to phone even if you delete the keys. From now on, if your touchscreen doesn't work then your best bet is to boot into TWRP, plug in a mouse via OTG cable and try to flash a new rom, which should preserve your internal drive data.
CoCoGirl886 said:
Unfortunately no. I had to format in the end and lose 9 months of photos, data, etc :crying:.
Now I know not to mess with the lockscreen keys because the newer android versions (i think 6.0 and over) has a security patch to prevent access to phone even if you delete the keys. From now on, if your touchscreen doesn't work then your best bet is to boot into TWRP, plug in a mouse via OTG cable and try to flash a new rom, which should preserve your internal drive data.
Click to expand...
Click to collapse
Dammit I was afraid of that
I tried doing a factory reset (leaving internal storage) but now the phone gets stuck on the Welcome screen "One sec.."
My internal storage is encrypted so all the folders are hashed and I can't even recover any backups I had in the phone. ADB doesn't want to detect the device while it's in TWRP so I can't sideload adb. My only hope is to buy an OTG adapter today, put my latest twrp backup on a flashdrive, and hope I can recover that way.
Nope. The OTG adapter works but TWRP can recovery everything except data.. gives an error "extractTarFork() process ended with ERROR: 255" when I try. Sighhh
p3ric0 said:
Dammit I was afraid of that
I tried doing a factory reset (leaving internal storage) but now the phone gets stuck on the Welcome screen "One sec.."
My internal storage is encrypted so all the folders are hashed and I can't even recover any backups I had in the phone. ADB doesn't want to detect the device while it's in TWRP so I can't sideload adb. My only hope is to buy an OTG adapter today, put my latest twrp backup on a flashdrive, and hope I can recover that way.
Click to expand...
Click to collapse
You deleted the lockscreen keys from the OP right? If so, I don't think an OTG adapter would help. Because once you deleted the password then it will default to TWRP's password but it doesn't exist? However, if you never deleted the keys and can access TWRP's screen to enter your password then you should be able to decrypt and extract your backup. I had a pattern password and you can use the mouse connected to OTG cable to draw your pattern to unlock.
I'm actually having the same touchscreen issue on my device again... but the screen would randomly work. So I am waiting for it to start working before I reflash.
p3ric0 said:
Same exact issue here as well. Did you ever find a solution without losing your data?
Click to expand...
Click to collapse
CoCoGirl886 said:
You deleted the lockscreen keys from the OP right? If so, I don't think an OTG adapter would help. Because once you deleted the password then it will default to TWRP's password but it doesn't exist? However, if you never deleted the keys and can access TWRP's screen to enter your password then you should be able to decrypt and extract your backup. I had a pattern password and you can use the mouse connected to OTG cable to draw your pattern to unlock.
I'm actually having the same touchscreen issue on my device again... but the screen would randomly work. So I am waiting for it to start working before I reflash.
Click to expand...
Click to collapse
So, TWRP asking password because our Device is encrypted but when i erase the internal storage and decrypt the device then problem got solved because encryption is a culprit here.