How does security and encryption defeat someone just booting into recovery? - Nexus 5X Q&A, Help & Troubleshooting

Regardless of device encryption and fingerprint scanners and the like, couldn't someone just get your phone, boot into recovery, and factory reset it? Wouldn't that undo any security you had on device?

Yes but the actual files have been encrypted. So while they can start the device fresh and use file recovery tools to "get" the old files, they are useless.

And they would be useless to everyone after that, even you? I guess that would be pretty good. So you encrypt to protect your user data, and you fingerprint lock to make sure nobody can ever decrypt, even if they factory reset thru recovery, which will get past your fingerprint scanner but not previous encryption. That right?

Actually since lollipop you must log out of your Google account before a reset. If you just factory reset you well still have access to the device to track it out wipe your account from it.

I could be wrong here, but if you have stock recovery, a factory wipe can only be started in the phone's settings menu. If you have twrp installed, a wipe can be started with out being in the phone, but you need a password to start it.
If you do wipe the phone, it is still useless as you need the persons gmail username and password to complete the setup, so the phone is useless to all other users bar the user of the phone.

I think you can factory reset from stock recovery.
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?

You have to authorize the phone to sync with your computer so you can not get on that way either. If you do not authorize you can not push adb or anything else.

As km8j said, yes, you can factory reset the phone, but you won't be able to recover any of the encrypted data. That's why before you get rid of an old phone you should encrypt (if it wasn't) and wipe it.

jackdubl said:
I think you can factory reset from stock recovery.
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?
Click to expand...
Click to collapse
Thats not quite right. If you factory reset your phone, you do need a google account to complete the initial setup wizard. The only exception is if the user releases it from his or her's google account so it can be sold on.
But yes to complete the instillation it will ask for a google account that has been authorised and wont continue until it gets it. This happens automaticly the first time you sign in to play store.
Also factory reset will fully wipe the phone, brand new out of the box. It also wipes the users data, so if you were able to get on the phone, there would be no data to access. I really do like the way google have thought about it. Also I never keep anything on the phone that I would consider critical.

A lot of inaccurate information here. You have been able to skip that Google account setup on all android phones for the past few years. Also in basically any file system, when joy delete a file, even formatting, the content is not deleted. So while the information is not there at face value when you wipe the phone it can easily be recovered without encryption.
Sent from my Nexus 5X using Tapatalk

Yeah, that keeps confusing me. I have activated so many phones without inputting a Google account. It says "skip" right there on the screen!

Didn't Google introduce the security features with the Nexus 6 and 5.0? It locks the phone to your google account even after a factory reset but requires compatible hardware.
I haven't seen it mentioned with this year's devices but when setting up a pin on the 5x I believe it asked if I wanted to enable that feature.
Sent from my Nexus 5X using Tapatalk

jackdubl said:
Regardless of device encryption and fingerprint scanners and the like, couldn't someone just get your phone, boot into recovery, and factory reset it? Wouldn't that undo any security you had on device?
Click to expand...
Click to collapse
No. If your data is encrypted, no one can access it without your decryption key. As for access to the device, if you had set up a Google account on the device, and had a lockscreen password/pin/pattern/etc., then no one else can use the device other than you unless you remove your Google account and lockscreen password before you factory reset. This was a new feature introduced with devices that sold with 5.0+
Panzerapple said:
Actually since lollipop you must log out of your Google account before a reset. If you just factory reset you well still have access to the device to track it out wipe your account from it.
Click to expand...
Click to collapse
Yes!
Stephen said:
I could be wrong here, but if you have stock recovery, a factory wipe can only be started in the phone's settings menu.
Click to expand...
Click to collapse
With the stock recovery, you can reset either from within Android or from within the stock recovery.
jackdubl said:
So I don't get it. I thought user data was encrypted from phone, i.e., the internal storage. If I factory reset, I don't need a Google account to start the phone up. So then couldn't I access the internal storage data with a file explorer?
Click to expand...
Click to collapse
Prior to devices shipped with 5.0+, this was true. No longer.
km8j said:
A lot of inaccurate information here. You have been able to skip that Google account setup on all android phones for the past few years. Also in basically any file system, when joy delete a file, even formatting, the content is not deleted. So while the information is not there at face value when you wipe the phone it can easily be recovered without encryption
Click to expand...
Click to collapse
Yes, you can skip Google account setup. However, IF you do set up a Google account and a lockscreen password, THEN you cannot skip the Google account setup on that device after a factory reset (if you hadn't already removed the account prior to the reset).
bblzd said:
Didn't Google introduce the security features with the Nexus 6 and 5.0? It locks the phone to your google account even after a factory reset but requires compatible hardware.
I haven't seen it mentioned with this year's devices but when setting up a pin on the 5x I believe it asked if I wanted to enable that feature.
Click to expand...
Click to collapse
+1.

Related

[HELP] Fingerprint Scanner and Backup Password no longer recognized.

It seems that about 15 minutes ago my Fingerprint (and my fiance) are no longer recognized. It also would not take my backup password. The only way I could get into my phone was through the Android Device Manager and reset my password.
After resetting my password with ADM, I went to go change my fingerprint in my phone (because obviously it doesn't like the one stored in there now) and it asks me for my password (since my fingerprint no longer works) and this keeps saying it is incorrect.
I don't know what to do now other than factory reset my phone.
Does anyone have any other suggestions?
You're correct. Factory reset; unless...
I thought my original fingerprints were better recognized after flashing another ROM; broke the sensor and default fingerprint password. Not accustomed to internal memory, I wiped everything but external sdcard and tried to restore the nandroid; embarrassing to say, the nandroid was gone.
You might try restoring a nandroid. Don't know if that works but I'd like to know. I had to factory reset. Per Samsung, nothing to do but that. May be locked away in Knox for theft protection.
samep said:
You're correct. Factory reset; unless...
I thought my original fingerprints were better recognized after flashing another ROM; broke the sensor and default fingerprint password. Not accustomed to internal memory, I wiped everything but external sdcard and tried to restore the nandroid; embarrassing to say, the nandroid was gone.
You might try restoring a nandroid. Don't know if that works but I'd like to know. I had to factory reset. Per Samsung, nothing to do but that. May be locked away in Knox for theft protection.
Click to expand...
Click to collapse
Thing is, I haven't even rooted my note 4 yet! I am waiting for a method that wont trip knox.
I don't understand why this could have happened on stock - Makes me worried I got a defective device.
That's a mystery to me. There is also a change fingerprint password in that setup screen. If it rejects that too, factory reset is the only option I know of.
May need to exchange the phone. Keep that in mind if you're inside of 14 days of purchase agreement.
samep said:
That's a mystery to me. There is also a change fingerprint password in that setup screen. If it rejects that too, factory reset is the only option I know of.
May need to exchange the phone. Keep that in mind if you're inside of 14 days of purchase agreement.
Click to expand...
Click to collapse
Yeah that doesn't work either.
I hope I can still exchange my device - It's been almost a month I bought this phone 10/17/2014 - Will they let me exchange the device?
Still under warranty. It's just they may make you wait on the replacement. Depends on where you got it.
best route is to get a replacement, seems the device is corrupted somehow
eNkrypt said:
It seems that about 15 minutes ago my Fingerprint (and my fiance) are no longer recognized. It also would not take my backup password. The only way I could get into my phone was through the Android Device Manager and reset my password.
After resetting my password with ADM, I went to go change my fingerprint in my phone (because obviously it doesn't like the one stored in there now) and it asks me for my password (since my fingerprint no longer works) and this keeps saying it is incorrect.
I don't know what to do now other than factory reset my phone.
Does anyone have any other suggestions?
Click to expand...
Click to collapse
I had the same problem on a fully stock phone, only way to fix is to factory reset the phone.
DEE754 said:
I had the same problem on a fully stock phone, only way to fix is to factory reset the phone.
Click to expand...
Click to collapse
That's some bull crap! They should fix this, it's not fair I have to loose all my texts and stuff.. Only for this to probably happen again in another few weeks.
Has this problem occured for you again?
eNkrypt said:
That's some bull crap! They should fix this, it's not fair I have to loose all my texts and stuff.. Only for this to probably happen again in another few weeks.
Has this problem occured for you again?
Click to expand...
Click to collapse
No, its been about a week since it happen. You can setup up a Samsung account on the phone to backup your texts, phone call logs and bookmarks. Then sync back to your phone after reset.
eNkrypt said:
That's some bull crap! They should fix this, it's not fair I have to loose all my texts and stuff.. Only for this to probably happen again in another few weeks.
Has this problem occured for you again?
Click to expand...
Click to collapse
try odin flashing the firmware, others that were rooted, it fixed the issue, I know ur not rooted, worth a shot...
mine got messed up after rooting, I could not get it to work, even after flashing the firmware, but others have had success... try it, wont hurt any and won't delete ur data.
Yep happened to me as well.
Interesting thing is the password works on the lock screen but not in the settings menu.
Odd.
I had this same problem. The only way I was able to get the finger print scanner working again was by doing a factory reset. I then restored all of my apps and settings with Titanium Backup. All is good now. It sucks setting everything back up, but factory reset works.
Hello everybody,
I have xposed framework installed on my rooted Note 4. I basically uninstalled xposed and my fingerprint scanner recognised me again. I then reinstalled xposed and it was still working.
If you're not rooted this won't work for you but can someone with a rooted phone try installing xposed framework and see if it fixes it for you?
Thanks!:good:
I have the same incidence after restoring a nandroid backup to downgrade from LOLLIPOP to KITKAT, I've tried installing Xposed Framework Without Sucess.
I was able to unlock the screen using the google account and afterwards removing the lock screen by fingerprint.
When I try to change the FingerPrint asks me for the password for securty account and doesn't work (in locked screen worked fine).
So I'm afraid I'll have to do a full restore if there's no any other way to reconfigure the fingerprint scanner
snagix said:
I have the same incidence after restoring a nandroid backup to downgrade from LOLLIPOP to KITKAT, I've tried installing Xposed Framework Without Sucess.
I was able to unlock the screen using the google account and afterwards removing the lock screen by fingerprint.
When I try to change the FingerPrint asks me for the password for securty account and doesn't work (in locked screen worked fine).
So I'm afraid I'll have to do a full restore if there's no any other way to reconfigure the fingerprint scanner
Click to expand...
Click to collapse
If that nandroid backup is NIE, you'll need to wipe and Odin NK2. If it's NK2, try just wiping all user data to fix the finger print scanner. Password is not recognized is the indication that suggests one of the two solutions.
Installing Xposed won't fix that but temporarily uninstalling and clearing various apps' user data has helped. Personally, I've seen that work on health services and s health. If you need Xposed, you'll need the secure storage module. Just search secure or secure storage in the Xposed download search engine.
Locked out or private mode fingerprint and backup password don't work
So I'm locked out of private mode fingerprint and backup password don't work so I was wondering if I were to clear my credentials by encryptin device will it reset my backup password so I can access private mode or is there away i can backup my pravite mode files even tho I can't access them so i can do factory reset if that will fix it so i can use and access private mode with my files also can i find my private mode/ hidden files in my files on my note 4
snagix said:
I have the same incidence after restoring a nandroid backup to downgrade from LOLLIPOP to KITKAT, I've tried installing Xposed Framework Without Sucess.
I was able to unlock the screen using the google account and afterwards removing the lock screen by fingerprint.
When I try to change the FingerPrint asks me for the password for securty account and doesn't work (in locked screen worked fine).
So I'm afraid I'll have to do a full restore if there's no any other way to reconfigure the fingerprint scanner
Click to expand...
Click to collapse
Have similar issue after flashing a Tekxodus URV6.6 .. restoring data from a nandroid backup from Texodus URV6.5 which had all my apps installed.
I guess lesson learned is to make sure to disable the fingerprint security and wipe registered fingerprints before doing a Nandroid backup.
P.S.: for some reason the fingerprint backup password doesn't work
lewis.james.750983 said:
Have similar issue after flashing a Tekxodus URV6.6 .. restoring data from a nandroid backup from Texodus URV6.5 which had all my apps installed.
I guess lesson learned is to make sure to disable the fingerprint security and wipe registered fingerprints before doing a Nandroid backup.
P.S.: for some reason the fingerprint backup password doesn't work
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=63327098&postcount=1
There's no flashable so try deleting the file or files instead.
Sent from my SM-N910P using Tapatalk
samep said:
http://forum.xda-developers.com/showpost.php?p=63327098&postcount=1
There's no flashable so try deleting the file or files instead.
Sent from my SM-N910P using Tapatalk
Click to expand...
Click to collapse
Thank you. I'll try it later .. I already wiped data and restored a Nand backup of the a clean Tekxodus URV6.6, luckily I have a full Titanium backup of everything (including call log, text messages ..etc.)
Btw, this Dual MicroSD reader is the best $10 i spent in my life it comes in handy once you pop a 64GB MicroSD in it, to use in TWRP for Nandroid backup, or to store a backup of Titanium Backups.
http://www.bhphotovideo.com/c/produ...2_amc_mmcbk_twingo_otg_swapable_micro_sd.html

delete

Delete
Delete
Delete
Peeptastic said:
Hard reset my phone and now I can't get past the set up screen. It may be because I used titanium backup to free a few apps and did not disable this before the hard reset. I get as far as the wifi setup screen and it won't get any farther. It either gets stuck at "Just a sec" or "checking for updates". I can get into stock recovery and it appears my computer recognizes the ability to adb sideload. Can someone please help me? Thanks either way. Oh, I have the Sprint LS991 G4.
Click to expand...
Click to collapse
During the initial setup, when you get to the wifi setup screen can you just skip over the wifi setup? Is it possible your wifi isn't working (mine isn't either) and as long as you keep attempting to connect you'll never get past that step in the initial setup process?
oldjackbob said:
During the initial setup, when you get to the wifi setup screen can you just skip over the wifi setup? Is it possible your wifi isn't working (mine isn't either) and as long as you keep attempting to connect you'll never get past that step in the initial setup process?
Click to expand...
Click to collapse
Answered in the other thread
Where did you find the answer? Was it a positive answer? I did a similar thing. After root all was good. Foolishly I began using TiB to merge updates of sys apps into the system. I forgot to uncheck gooogle play services. This messed up gpservices and I factory reset. Thus of course left gpservices still messed up as I erased the system version of it along with the system image that I had on internal sd. A begginers mistake by a veteran. Foolish.
shariteau said:
Where did you find the answer? Was it a positive answer? I did a similar thing. After root all was good. Foolishly I began using TiB to merge updates of sys apps into the system. I forgot to uncheck gooogle play services. This messed up gpservices and I factory reset. Thus of course left gpservices still messed up as I erased the system version of it along with the system image that I had on internal sd. A begginers mistake by a veteran. Foolish.
Click to expand...
Click to collapse
Delete

[Q] please sign in using one of the owner's accounts for this device

when i install a custom rom (viper one 4.2.1 or 4.3) i get the following error please sign in using one of the owner's accounts for this device. when i install the RUU for AT&T developer i can log in just fine with my account.
anyone have any ideas on how to fix this problem?
Go back to your functioning rom and remove the google account (might want to do a backup first!). Then do the flashing etc and sign in with your account as a new device.
The problem is googles factory reset protection. Its designed to make the device useless if the phone is factory reset without being unlocked first.
The other way is factory reset from android settings, then flash, then sign in to your account as a new device.
Google needs to address the fact that frp is too strong and needs to add another way in to devices in the event of accidental lockout.
Sent from my HTC One M9 using Tapatalk
I am having the same problem more or less.
I have bought a Nexus 9 from another person.
I did a factory reset today and I cannot sign in now.
Will this solution work? How do I go to funcioning rom, etc?
This is a "Google" security feature... When you wipe a device and then set it back up, if you didn't delete the Google account first, it will ask for those "original" credentials. Only way around it is to completely RUU the device back to the latest stock image. But I've heard some devices still have issues since the SN or IEMI is associated with the previous users Google account.
So, if you buy a new device... ALWAYS make sure the previous owner deleted their Google account first, or have them there when you go through the first few setup screens to enter their credentials....Then after you enter your credentials, you can reset it.
Just kind of mirroring what shivadow said
OH no! I am having this problem with a newer device!! Please help! It has been about 22 hours since I tried booting a custom binary with a non-unlocked OEM lock! I'm waiting to try to sign in to my Google account until 24 hours passes! I might have to wait 72 hours! Please review the post [LINK=http://forum.xda-developers.com/general/help/s7-edge-canada-boot-to-twrp-t3509603]here[/LINK]...I don't know if I posted that right so cut and paste this if that link doesn't work:
http://forum.xda-developers.com/general/help/s7-edge-canada-boot-to-twrp-t3509603
Thanks in advance!!
Want to install lineage os but can't due to same problem
shivadow said:
Go back to your functioning rom and remove the google account (might want to do a backup first!). Then do the flashing etc and sign in with your account as a new device.
The problem is googles factory reset protection. Its designed to make the device useless if the phone is factory reset without being unlocked first.
The other way is factory reset from android settings, then flash, then sign in to your account as a new device.
Google needs to address the fact that frp is too strong and needs to add another way in to devices in the event of accidental lockout.
Sent from my HTC One M9 using Tapatalk
Click to expand...
Click to collapse
I am having same problem with my old lenovo tab 3 7 . When i got it, i used it once and twice and then put it. now after a year or two, i want to install lineage and use it again as secondary device. but the problem is i don't remember which gmail id i used(i had 7 ids) and don't even have a clue about some accounts ids and passwords which i (currently using only 2 ids) don't use. And as usb debugging is disabled i can't do anything with my pc to get out of this situation.
Help!!!!!

Phone encrypted startup & i forgot the pattern

i have the phone updated to android pie and rooted with magisk the latest version and i have twrp recovery on it
but while installing one of the mods (youtube vanced) and after it rebooted the phone asked for my pattern (not on the lock screen but the encrypted startup feature which i didn't turn on but i have changed my pattern a few days ago but i use the fingerprint always on the phone)
i forgot the pattern for the phone and i tried on it and it says 9 more tries and my phone will be wiped
is there a way to find the pattern on my google account since it's linked to the phone and it automatically uploads it to the cloud ? or is there a way to bypass it ?
Note:i know it sound like i stole the phone but i have proof of ownership if anyone wants(the box and the google account linked to it are mine and is linked to this account)
thanks in advance
Do you have access on twrp? If entered first time pattern should be saved and you can access data.
Simply reboot in twrp, if no pattern is asked make a backup of data partition (that will be unencrypted) just in case you will need to wipe and search for a way to access twrp-saved pattern.
You could also try the google feature "find my device" and change pattern, but as phone its encrypted i dont really think it will work.
mac12m99 said:
Do you have access on twrp? If entered first time pattern should be saved and you can access data.
Simply reboot in twrp, if no pattern is asked make a backup of data partition (that will be unencrypted) just in case you will need to wipe and search for a way to access twrp-saved pattern.
You could also try the google feature "find my device" and change pattern, but as phone its encrypted i dont really think it will work.
Click to expand...
Click to collapse
sadly the "find my phone" doesn't help
and in TWRP it asks for the key too and when i press cancel and try to go to data/system where the pass key is there is nothing (it must be encrypted as well)
and twrp says that my data is 0mb and can't even back it up because it's encrypted
Ok, but it doesnt say that data will be wiped, so you can try a lot of patterns.
Unfortunatelly theres no way to bypass because data is encrypted, you should try again and again and prepare yourself for a complete wipe.
cuper22 said:
i have the phone updated to android pie and rooted with magisk the latest version and i have twrp recovery on it
but while installing one of the mods (youtube vanced) and after it rebooted the phone asked for my pattern (not on the lock screen but the encrypted startup feature which i didn't turn on but i have changed my pattern a few days ago but i use the fingerprint always on the phone)
i forgot the pattern for the phone and i tried on it and it says 9 more tries and my phone will be wiped
is there a way to find the pattern on my google account since it's linked to the phone and it automatically uploads it to the cloud ? or is there a way to bypass it ?
Note:i know it sound like i stole the phone but i have proof of ownership if anyone wants(the box and the google account linked to it are mine and is linked to this account)
thanks in advance
Click to expand...
Click to collapse
What twrp did u use I keep reading it's bricks in pie
rob420p said:
What twrp did u use I keep reading it's bricks in pie
Click to expand...
Click to collapse
the one posted here on(although i'm sure i'm not using it correctly since every time i need to open it i need to fastboot boot twrb.img) it's been like that since 8.1
cuper22 said:
the one posted here on(although i'm sure i'm not using it correctly since every time i need to open it i need to fastboot boot twrb.img) it's been like that since 8.1
Click to expand...
Click to collapse
That's some bugs I've heard about it.on the post it recommends not useing that one for pie.u might want to look on Google I did see something about a emcrptiin patch

Simple root that won't trip Knox?

Hi, there!
I heard there is a method for the S8+ where you can root your phone without tripping Knox. It isn't the best root method and it has its limitations, but it would do just fine for my needs.
Is there such method for the S9+?
Thanks!
Anyone?
CapBlackShot said:
Anyone?
Click to expand...
Click to collapse
No
*Detection* said:
No
Click to expand...
Click to collapse
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
CapBlackShot said:
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
Click to expand...
Click to collapse
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
*Detection* said:
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
Click to expand...
Click to collapse
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
CapBlackShot said:
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
Click to expand...
Click to collapse
It will get wiped first, it asks for the Google account because it was wiped from recovery and not from inside of Android, meaning anyone could have done it
It will not allow anyone past the Google account request, similar to when iPhones are locked to iCloud, you can wipe it as many times as you like but it will always request the Google account
For example, I steal your phone with Cerberus installed, I cannot access your phone so the most likely thing I`ll try is factory reset from recovery, this will wipe the phone and request your Google account login to access it again, which I do not have
Next thing I would try (If I knew about it) was flash stock firmware over the top, which will wipe again this time removing your Cerberus app, but again it will not prevent the Google login request
Final thing I would try would be FRP bypass to get past your Google account login, and if they manage that they have access to your phone, but it is wiped and Cerberus is gone
End of the day, no mod/app will survive the phone being flashed as the system partition is replaced with stock again, and the wipe will reset the data partition where user apps and data are
Best thing to do is enable the Google security settings for find my phone, lock and erase, and enable it to send GPS of last location when the battery is getting low, that way you can track it online until it is turned off/wiped

Categories

Resources