Related
Hi folks!
I am a little bit scared that one day my Hermes will fall into wrong hands... loosing it or getting it stolen. First of all, its important for me that a thief cant access my data (calendar, emails, files on storage card) - and a second goal would be to get the device back / know WHO took it.
Therefore I would like to know which kind of security-strategy you professional WM6 users are following?
What do you do to maintain physical security (like IIWPO or Ultimate Theft Alert) and what for information security (tools like Trust Digital or Utimaco Safeguard PDA)?
Lets ignore antivirus software for this thread - but dont forget about WM6 and please report about stability, performance and necessary changes in your workflow (like for backups, file recovery)
connected to exchange.. so pin number on wakeup, auto wipe if fail 4 times or something.
memory card data encrypted with built in encryption.
what more do you need?
i keep my hermes on me at all times.. no one is allowed to touch it.. if im not using it in my hands its in a case (the wizard case) and on my pants.. if a ***** gets to close ill straight up cut him/her
thefunkygibbon said:
connected to exchange.. so pin number on wakeup, auto wipe if fail 4 times or something.
memory card data encrypted with built in encryption.
what more do you need?
Click to expand...
Click to collapse
Autowipe... well - this is a critical feature... but not standard on any rom, is it?
I guess if some idiot just "tries" logging in and destroys your important data you didnt backup for a day... i guess this will end up in jacob-mda's solution
Unfortunatley killing each and everybody is not accepted by society here...
And for the encrypted storage card: What if you need to hardreset? Then you cant access this card anymore... correct?
**** if someone runs up on me to snatch my 600$ phone they are getting a knife in their stomach as we say around the way.. homie dont play that ..........lol jk
any more ideas?
I found a suitable, easy solution which doesnt change daily workflow. A request to the CHEFs is here: http://forum.xda-developers.com/showthread.php?t=315747
After surfing the web a bit, I came across a few notorious Android Spy Software applications that could run in your background without you knowing. It is not visible and cannot be detected. I have read that that the only way to eliminate and uninstall the program is through a re-installation of the operating system. With that said, I have been suspicious of my brother for installing this on my HTC EVO. I let him toy with my phone while I showered without thinking of the repercussions for 5-7 minutes.
As bad as it sounds, he is the type that likes to be in control of electronics so that if things get a turn for the worst in our brotherly relationship, he can rely on electronic controls to do any type of damage (banking information, passwords, etc.).
I just spoke with a worker at a Sprint repair store right before they closed for the day and I'm wondering if Sprint can do an OS re-install. Also, is the OS re-install safe to do (does it truly keep the phone factory and completely in-tact)? Is it common?
Tell me if I need to clarify more.
just do a factory reset, it wipes everything.
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
unless you rooted your phone and the software is embeding it's self in part of the nand(unlikely and not possible without root(i think)), nothing will survive a factory reset. If you really want to wipe it then just root and install a custom rom, then lock your phone lol. Also, no offence, but your brother sounds like a real a$$hat.
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
BAleR said:
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
Click to expand...
Click to collapse
I'd be happy to know.
I know indeed know how to wipe my SD card using Windows. Correct me if I'm wrong: Start > My Computer > *right-click SD card* > Format..
What's the instructions to hard resetting the android device, if you don't mind me asking?
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
donniegood said:
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
Click to expand...
Click to collapse
Eh...it happens.
donniegood said:
Not gonna lie you sound SUPER paranoid
Click to expand...
Click to collapse
+1
A little more history would be useful here
Duplicate post.
acrh2 said:
+1
A little more history would be useful here
Click to expand...
Click to collapse
It all started back when we were children emerging into teens. My brother started with Neopets and slowly began scamming kids of their neopoints through false logins and other obvious ploys to trick children. As we entered high school, he and his friend began getting intrigued with developing viruses and spyware as a game to trick one another into falling into each others' traps and obtain each other's data. Me and my brother were on bad terms several times before due to his state-of-mind that being a bigger brother means being able to have full control of the younger siblings' lives, including me and my sister. He began restricting access to general surfing, such as Digg, Reddit, and social networking sites in general. Then, my brother began loosening up and allowing for it, but told us that he would keep keylogs going through router control and had access to login informations as well as chat histories with local friends.
Perhaps, I am being paranoid. I don't know.
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
topdnbass said:
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
Click to expand...
Click to collapse
Thanks for empathizing.
After I realized of any theoretical repercussions of allowing him access to my phone for a few minutes while I was in the shower, I immediately went and did a factory data reset, which I believe to be a hard reset.
I also made sure the "Install from unknown sources" was always unchecked.
Me and my brother previously had bad blood. His intentions of being controlling have put his past girlfriends in a bad state of mind. Recently, he has made one of his past girlfriends (at the moment, he was dating her), re-surface her history of self-mutilation. He made her move from Iowa (I think) to live closer to him near our university. She was too late to enroll and after a few months of being with him, she got scared of his controlling attitude and uncontrollable fits of rage and outlashes. She later on during the relationship hid under beds instead of sleeping on them and kept cutting her arm and fingers. Her mother was so outraged that she made a plane ride from Iowa to Kansas just to take her back and my brother hid himself the day she arrived. He was scared of her mother and what would happen if she got her fingers on him.
ausch30 said:
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
Click to expand...
Click to collapse
The site was for spyware (Android Spy Software), not against spyware. They're trying to sell it in order to install the application and spy on others without their knowing. My concern is to remove it, so there's no incentive for me to buy their product as it would not benefit my case.
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Indeed...half expecting something needing moderated shortly. Good thing the EVO can second as a mirror to see who is sneaking up behind you.
toenail78 said:
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Click to expand...
Click to collapse
I'm a guy, fyi. I'll take that as a compliment, I guess?
it can be in other partitions other than data
i have spyware on my phone AND computer from my ex and of course my phone was rooted so she got it in there DEEEEP in my /dev folder and it is EVERYWHERE. im pretty screwed. time for new phone and computer.. she also managed to get a key logger on my touchscreen phone.. weird huh
If you are like me, you should have all your favorite apps, documents, pictures etc. stored right on your phone that basically gives a full picture of who you are as an individual. You also have been pretty satisfied with the pattern, pin number, password or face unlock or all of these together as a security you have in place to prevent unauthorized access. But here is something that happened by accident that led me down this thought process. While trying to yank out the phone from my pocket while driving (which when you are getting a phone call especially becomes the most impossible task), I noticed that the phone "Power Down", "Restart", "Airplane Mode" pop up was on. This is on top of my regular swipe to unlock with pin number lock screen. This made me curious and noticed that the back button will work to close this pop up and also the power button works to reactivate this pop up. I hope everyone is with me till here. What surprised me was that the phone will actually turn off or restart from this point without the need for an unlock code. This means anyone with rooting and backup knowledge can steal my phone, restart my phone into recovery and wipe it to make the phone their own or just create a backup (CWM) and through that access my personal information. I know that photos and documents stored on the external card is open unless encrypted. But I hoped the internal data would be secure.
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
TL;DR version
If phone is stolen and person has knowledge of android they can factory reset your phone, even if you have a password setup. If they enter recovery they can wipe data and factory reset your phone and now it is usable for them.
My theory if you have your phone rooted I wish there was a way to lock the recovery with a password. Unfortunately ODIN will always be available able to get back to stock. Cerberus is a great app to have full control of phone if stolen FYI
DesperateScorpion151 said:
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
Click to expand...
Click to collapse
As soon as I realize it is missing I would activate the wipe feature in this software.
https://play.google.com/store/apps/details?id=com.lookout&hl=en
If I have your phone in my possession I guarantee I can hack it regardless of any security measure you make take, so the best solution is to be able to wipe it remotely.
technically even a remote wipe is not enough if the thief is knowledgeable. I accidentally wiped flashing in Odin with nand erase checkd and recovered everything that was on it using this
http://forum.xda-developers.com/showthread.php?t=1994705 so your never completely safe
Exactly my point like everyone else confirms it here. We have advanced so much to a point that even a 9 year old (not that 9 is too young to know computer basics) who is familiar with basics on rooting after reading through forums after forums can get away with stealing a smart phone now a days. At this point the only way I could think of protecting my data (first priority) and then track my phone is if the tracker is incorporated into the boot loader or recovery itself on top of what ever software you have installed in the OS. So if the thief tries to unlock my phone after a restart, the installed software should take care of the rest but If he/she is smart enough to go via boot loader or recovery then the incorporated tracker can do its thing. Anything of that sort exists?
Did you forget you could just pull the battery to get into recovery?
Why do you need to pull the battery?
Aerowinder said:
Why do you need to pull the battery?
Click to expand...
Click to collapse
You don't, but its easier than going through all of the steps OP posted.
I really doubt my data is worth anything. Pictures of my cats aren't exactly hot commodities and I don't store anything on my phone that I wouldn't publicly reveal, anyway.
I wouldn't be worried about my worthless information, just annoyed I was dumb enough to let it get stolen. Yeah, I know that basically anyone with half a brain can wipe a phone and re-sell it - it always amazes me when people think that thieves aren't smart enough to do that.
I'm cynical. Saves a lot of worry since I just expect the worst, I guess.
They get into your email where it may be more info to compromise.
Sent from my SGH-T999 using xda app-developers app
I would be less worried about the minute possibility of a phone thief targeting your personal information than I would be about your personal data being mined from your phone by numerous applications.
Bottom line is, if you use Google or Facebook, you personal information is already in the hands of giant corporations who will never be held accountable for the theft of your personal info.
Take Facebook for example - within the app, the only time it should ever ping your location is if you are using FB chat and have the location setting enabled. However, even when you disable location within FB chat, every single time you open Facebook it uses your GPS to get your location. Every time.
In addition, although you are unable to see it in action because there is no notification icon for it, I would bet a million bucks it's also pulling your network location if your GPS is off.
Facebook is constantly working in the background - even if you never opened it.
Google? I won't even begin to try and explain the amount of data they are collecting from you. As is T-Mobile, Sprint, Verizon, ATT, etc. every single second that your phone is on with data enabled.
Should we be concerned with some random thief who knows the ins and outs of Android pulling your data? Sure, we should think about it. But the reality is, if you own a smart phone your information is already out there in the hands of companies who will use it to any end they can in order to turn a profit. Period.
ButWhile I see the pros and cons of different parts involved in using social networks and so forth, one thing we can (at least for now) be certain of is that they won't use your credit card information etc. to make illegal purchases and so forth. I know of a person who routinely used the credit card app to check balance, pay bill etc. and next thing he was getting phone calls to see if the purchases made at a casino in Spain are OK?! This is without ever losing the phone!!. So, it could be worse in the case of phone loss. Sure, personal data, pictures and even email to some extent is not as bothersome to me as identity theft. Thank to some anti-fraud features of the banks etc. one can deny and simply not be associated with that activity (of course in legitamate cases). My friend ended up getting another card with different number and they closed the online banking account. He had to re-register all over with another id. So, it can be a big hassle. I heard of cases where people had to hire lawyers and run around courts to prove their innocence due to identity theft. Of course if you keep a picture of your driving licence on the phone, you are really asking for it so... (trust me, one girl was doing this because she didn't want to carry her purse/wallet on night outs)
Having said that, I am always worried if the roms we download here in XDA have trojans or backdoors built into kernels and system files... I know that it is like doubting even the good devs but how do we know for sure? Unless you are really an in-depth expert and figure out all the details such as processes and ports that are open and so forth, how do you really know? The phone's data icons keep pinging back and forth every now and then and at times I wonder what's being sent and what is it receiving... just sync'ing contacts...or...??
Call me paranoid but, after what happened to my friend, and similar stories, I am a bit skeptical about the security and integrity of the ROMs in the first place... Now, mostly I download and try different roms and settle on one that suits my preferences. I use the phone for calls as well as to make general tasks easier in many aspects except financial transactions. In short, I don't trust my smart phones.
For those of you wondering what Google is tracking, (not by any means the only place to look) login to your gmail account and look around different settings. You'll see web history, phone data to name a few..
hello guys,
Im new here,and its of course,because i have a problem i lost all my data from HTC ONE M8 phone.
I read everywhere,that is possible somehow a recovery.,even if i do not have any back up for anything.
so i started step by step,unlock bootloader,root the device,and start with some app from play store..and nothing is working.
do i need to S-OFF the phone?it will work?I will be able to recover something?or simply i should jsut forget about everything.
Im not specialist i jsut want to know if it is possible to recover something or not.if yes,i will be very thankful with who will come with some advices.I was trying all the applications from play,none of them works.thanks.
nobody can help me?
morrientes99 said:
hello guys,
Im new here,and its of course,because i have a problem i lost all my data from HTC ONE M8 phone.
I read everywhere,that is possible somehow a recovery.,even if i do not have any back up for anything.
so i started step by step,unlock bootloader,root the device,and start with some app from play store..and nothing is working.
do i need to S-OFF the phone?it will work?I will be able to recover something?or simply i should jsut forget about everything.
Im not specialist i jsut want to know if it is possible to recover something or not.if yes,i will be very thankful with who will come with some advices.I was trying all the applications from play,none of them works.thanks.
Click to expand...
Click to collapse
nobody can help me?
You misinterpreted the advice. There is a better (although not great) chance of recovering/accessing "lost" data if the phone is bootloader unlocked, custom recovery, root before the data loss occurred. It's too late to do it after the data loss occurred (and you don't describe how you lost the data). Reason being, unlocking the bootloader wipes all data on the phone (for security reasons), so the chance of retrieving anything now is slim to none.
I'm always surprised (and somewhat disturbed) that in this day and age, so many folks don't bother to backup their data. You should be backing up your data, and there is little excuse for not doing so; with so many free and easy solutions (cloud, computer, etc.). If it's important to you, back it up.
I don't use WhatsApp. But if you are talking about Google contacts, the default in Android is to sync all your contacts to the Google "cloud". So unless you intentionally selected to turn off this default (not wise, if you don't have any other backup plans) the data should still be on your Google account. You can go to Gmail on a computer, login using your Google account credentials, and see if the contacts are listed. If so, they will automatically sync back to the M8, or other Android phone when you power it up, and login to your Google account.
redpoint73 said:
You misinterpreted the advice. There is a better (although not great) chance of recovering/accessing "lost" data if the phone is bootloader unlocked, custom recovery, root before the data loss occurred. It's too late to do it after the data loss occurred (and you don't describe how you lost the data). Reason being, unlocking the bootloader wipes all data on the phone (for security reasons), so the chance of retrieving anything now is slim to none.
I'm always surprised (and somewhat disturbed) that in this day and age, so many folks don't bother to backup their data. You should be backing up your data, and there is little excuse for not doing so; with so many free and easy solutions (cloud, computer, etc.). If it's important to you, back it up.
I don't use WhatsApp. But if you are talking about Google contacts, the default in Android is to sync all your contacts to the Google "cloud". So unless you intentionally selected to turn off this default (not wise, if you don't have any other backup plans) the data should still be on your Google account. You can go to Gmail on a computer, login using your Google account credentials, and see if the contacts are listed. If so, they will automatically sync back to the M8, or other Android phone when you power it up, and login to your Google account.
Click to expand...
Click to collapse
it s hard to explain how i lost all data..i was in a trip in thailand,and i was jsut charging the phone,with wifi turned on.when i got back to the room,all the application were updating,and after i realised that i have no contacts. Back up,yeah.its my fault.but now is too late..since i have a smartphone.i dont know..10 years,i never lost my data,or phone..so thats why i was not thinking too much for a back up.there are a lot of application on internet..like android recovery data,for example(paid)but they are not working..they are such big liars?imagine,they are saying they recover any data,from all htc,ur paying,and recoverng nothing
morrientes99 said:
since i have a smartphone.i dont know..10 years,i never lost my data,or phone..so thats why i was not thinking too much for a back up.
Click to expand...
Click to collapse
That's the wrong way to think about a backup plan. You have one, in the hopes that you never need it.
So you never had a problem for 10 years (I can pretty much say the same), but now you do, and you wished you backed up, right? So now it really doesn't matter how long you didn't have an issue, does it?
Not sure where you're from. But one example, where I live, it's customary if you own a home, you have home insurance. You don't think to yourself "Well, my house hasn't burned down in the last few years, so I don't need insurance."
These storage on devices are volatile at best. Storage can go corrupt for any number of reasons. Or you can lose your phone, have it stolen, or it can be broken. "I've been lucky for a long time" is not a good backup plan.
morrientes99 said:
there are a lot of application on internet..like android recovery data,for example(paid)but they are not working..they are such big liars?imagine,they are saying they recover any data,from all htc,ur paying,and recoverng nothing
Click to expand...
Click to collapse
Recovering data is always just a possibility at best.
If you are talking about trying these apps after unlocking the bootloader, there is nothing to recover, it's been intentionally wiped by the bootloader unlock process. The purpose of this, is to prevent thieves from recovering your personal data from a stolen or lost phone. The whole point of your data being wiped, is that it can't be recovered.
Even if you tried some of these apps before unlocking the bootloader, the possibility of recovering data is always questionable, at best. Usually, the usefulness of these apps is just find data that has been accidentally "deleted" by the user. This data is fact not really deleted, it just gets renamed, until those blocks of memory are needed. Then it gets over-written with new data, and once that happens, the data can't be recovered. So the more you use your phone while trying to "recover" data, the higher the possibility that the data is over-written, and can't be recovered.
There are software and services for (truly) recovering over-written data, of the type that professionals and law enforcement use. They can read the "ghost" data traces even after a file has been wiped or over-written. But those cost hundreds, maybe thousands of dollars to recover that data. Not worth it for regular folks just trying to retrieve their personal data.
redpoint73 said:
That's the wrong way to think about a backup plan. You have one, in the hopes that you never need it.
So you never had a problem for 10 years (I can pretty much say the same), but now you do, and you wished you backed up, right? So now it really doesn't matter how long you didn't have an issue, does it?
Not sure where you're from. But one example, where I live, it's customary if you own a home, you have home insurance. You don't think to yourself "Well, my house hasn't burned down in the last few years, so I don't need insurance."
These storage on devices are volatile at best. Storage can go corrupt for any number of reasons. Or you can lose your phone, have it stolen, or it can be broken. "I've been lucky for a long time" is not a good backup plan.
Recovering data is always just a possibility at best.
If you are talking about trying these apps after unlocking the bootloader, there is nothing to recover, it's been intentionally wiped by the bootloader unlock process. The purpose of this, is to prevent thieves from recovering your personal data from a stolen or lost phone. The whole point of your data being wiped, is that it can't be recovered.
Even if you tried some of these apps before unlocking the bootloader, the possibility of recovering data is always questionable, at best. Usually, the usefulness of these apps is just find data that has been accidentally "deleted" by the user. This data is fact not really deleted, it just gets renamed, until those blocks of memory are needed. Then it gets over-written with new data, and once that happens, the data can't be recovered. So the more you use your phone while trying to "recover" data, the higher the possibility that the data is over-written, and can't be recovered.
There are software and services for (truly) recovering over-written data, of the type that professionals and law enforcement use. They can read the "ghost" data traces even after a file has been wiped or over-written. But those cost hundreds, maybe thousands of dollars to recover that data. Not worth it for regular folks just trying to retrieve their personal data.
Click to expand...
Click to collapse
my concern was regarding the possibility of recovering data,not if its good/or bad to have a back up..i was loosing contacts and I survived..now all people are on facebook,so phone numbers,are not so important..but thanks about second part of ur post,which is connected with my problem,regarding insurances,and back ups,its another topic..its not about country where ur living,its about mentality..there are people who are making insurance each time they have the chance(because of course its good all the time to be insured),and there are people more relaxed, who are assuming this risks..of course,u will never know which is the best way..i heard more people insured,who never had any problem,than people not insured with problems
morrientes99 said:
my concern was regarding the possibility of recovering data,not if its good/or bad to have a back up..but thanks about second part of ur post,which is connected with my problem,regarding insurances,and back ups,its another topic..its not about country where ur living,its about mentality..
Click to expand...
Click to collapse
I answered your question, and trying to get you to learn from the experience. Which in the long run is just as important, if not more so, than the immediate question.
Your point about a "choice" about a backup plan is not really much of a choice, at all. Backing up data is a no-brainer and everyone should do it, as there are a variety of free and easy methods available, that once setup require little interaction by you. There is not excuse not to.
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Just to share, I found following to be foolproof
- Setup Pin + Fingerpints
- Setup Pin / Password for phone startup
This
- Keeps the device encrypted
- Unable to boot without pin
- Unable to access TWRP without pin
- Doesn't auto-mount on USB connect
Still, it would be interesting to hear about any cons of the above setup.
hyperorb said:
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Click to expand...
Click to collapse
The easiest is to not get it snatched. Or if it does you chase them down and get your phone back. But barring that not alot you can really do and ill explain why.
When someone steals a phone, they dont care about the data on it. They are either gonna sell it or use it. Either way The device has the sim removed with in sec of it being taken and then it is reset or flashed to stock to remove any and all locks. This normally happens within minutes if not seconds of a device being stolen.
zelendel said:
The easiest is to not get it snatched. Or if it does you chase them down and get your phone back. But barring that not alot you can really do and ill explain why.
When someone steals a phone, they dont care about the data on it. They are either gonna sell it or use it. Either way The device has the sim removed with in sec of it being taken and then it is reset or flashed to stock to remove any and all locks. This normally happens within minutes if not seconds of a device being stolen.
Click to expand...
Click to collapse
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
hyperorb said:
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
Click to expand...
Click to collapse
No apple doesn't have the option. Main reason the fbi had to pay to have an iPhone unlocked not to long ago.
Part of the reason I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
hyperorb said:
A little while ago my brother had his iphone6 snatched. Now with Iphone, I know cannot be mounted to usb directly or even via recovery.
I know pin, fingerprint etc block access to the phone. I want to understand about other ways to access internal storage to gain access to photos and any other documents
That makes me ask - What security options we have for android - in particular OP3 (have 2 of them) and how can we make it more secure. ? Both my phones have Blu_spark TWRP + Freedom OS 2.10, if that matters.
Click to expand...
Click to collapse
Cerberus is a really nice app... You have alot of options sadly it isn't free! But heyy, it's cheap and it's functional! Other then that keep your device encrypted and a boot password should do.
As long as you're not rooted and unlocked, it will be a bit hard for an thieve to have access to your phone. Leaving ADB on, might as well decrease the overall security of the phone.
I for example was given a tablet which had a Google account synced with it, and resetting from recovery only made me renter the credidentials previously used to be able to pass the setup.
My luck was that the guy left ADB on and with a simple command I bypassed the setup screen.
hyperorb said:
Interestingly that was not the case. They remained in contact and kept on asking for phone passcode; which we did not give.
I'm not aware if its equally east in iPhone to enter into (kind of) fastboot mode and erase entire storage. In such case the loss remains of the phone and nothing else ; specially when we may have financial apps too on the phone.
Click to expand...
Click to collapse
Not sure about iPhone's but for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Renosh said:
Not sure about iPhone's but for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Click to expand...
Click to collapse
Exactly. If someone steals your device 99.98% of the time it is too use it or sell it. With way your data is meaningless.
As for them wanting your pass code the above is right. But as they couldn't reset it you could have reported it stolen and the police may be able to find it but most of the time they have better things to do then recover a lost cell phone.
I used to work with people that felt with stolen cell phones. I can say the normally. Withing 30 min of a device being stolen the data is gone. And when I say that I mean a complete DOJ style wipe, format and imei change.
zelendel said:
No apple doesn't have the option. Main reason the fbi had to pay to have an iPhone unlocked not to long ago.
Part of the reason I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
Click to expand...
Click to collapse
....so do all iOS keyboards, both first and third party. it's required for them to function
---------- Post added at 09:25 AM ---------- Previous post was at 09:23 AM ----------
zelendel said:
Exactly. If someone steals your device 99.98% of the time it is too use it or sell it. With way your data is meaningless.
As for them wanting your pass code the above is right. But as they couldn't reset it you could have reported it stolen and the police may be able to find it but most of the time they have better things to do then recover a lost cell phone.
I used to work with people that felt with stolen cell phones. I can say the normally. Withing 30 min of a device being stolen the data is gone. And when I say that I mean a complete DOJ style wipe, format and imei change.
Click to expand...
Click to collapse
this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
2x4 said:
....so do all iOS keyboards, both first and third party. it's required for them to function
---------- Post added at 09:25 AM ---------- Previous post was at 09:23 AM ----------
this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
Click to expand...
Click to collapse
That can easily be bypassed by wiping the data off the device and flash a stock rom to it. The only the the FRP does is prevent them from getting at the data.
No its not really. It's so they can send relevant ads. Those that remember smartphones before Apple or Android knows that it is not really needed.
zelendel said:
That can easily be bypassed by wiping the data off the device and flash a stock rom to it. The only the the FRP does is prevent them from getting at the data.
Click to expand...
Click to collapse
but how can they flash a stock ROM onto the device if the "require PIN before startup" option is selected? how can they flash if recovery has a PIN on it?
2x4 said:
but how can they flash a stock ROM onto the device if the "require PIN before startup" option is selected? how can they flash if recovery has a PIN on it?
Click to expand...
Click to collapse
Because that is before startup and not the bootloader, even with those set up they normally dont cover download mode or what ever mode that particular OEM uses (not all use the same). In extreme cases with some apps that make it a bit harder or people just dont want to be bothered to mess with things too deeply there are tools available that Will push the update right to the board bypassing all security. Sure its a little extra work but it is a sure bet when you cant get into a device and cant be bothered hunting down getting around it.
Also for the passwords on startup. any password cracker would take out the average password in a matter of min.
This has been very interesting and so much to learn. Thank you all for great inputs.
zelendel said:
I never advise doing any sort of banking on a device as there is just too many security risks. I, mean even android keyboards monitor what you type.
Click to expand...
Click to collapse
Yes. But then Microsoft too is not clean. Browser , Windows.... That way we can never work.
Puddi_Puddin said:
Cerberus is a really nice app...
Click to expand...
Click to collapse
Have it in all my Androids Very helpful at times, even for non theft purpose..
XDRdaniel said:
Leaving ADB on, might as well decrease the overall security of the phone.
Click to expand...
Click to collapse
Thanks. Will read more on this.
Renosh said:
for newer Android phones as long as you are encrypted and have a pin/password set for boot, a thief would just wipe the phone return to stock and sell or use it. 99.9% of the time they just want money so the likely reason they wanted your pass code is they couldn't sell it cause they were blocked from resetting it temporarily. As long they have a physical device and unlimited time they will eventually reset it and get rid of it.
Click to expand...
Click to collapse
Once a phone is lost, there's little chance to get it back. Device loss is one thing and data loss (or rather data access) is another. The later at times can have more problems.
I used to keep my id papers (for ease of printing anywhere as needed) on phone (Nokia N5). Lost that phone .. and till date I hope no one used those to buy services, do illegal stuff. That was a lesson learnt hard way
zelendel said:
With way your data is meaningless.
Click to expand...
Click to collapse
Depends where you are. There are places where one can avail services in other's name using fake ids or stolen data etc.
2x4 said:
. this is exactly why that semi-recent feature added by google which requires you to log in with the previously added google account in the phone before initial setup following a factory reset is very useful - it makes the phone unusable/unsellable (unless im missing something?)
Click to expand...
Click to collapse
Hmm.. I think I came across that in OP3. Didn't pay attention though.
zelendel said:
Because that is before startup and not the bootloader,
Click to expand...
Click to collapse
It is better to loose one than two. Phone is anyways lost .. so at least we can try secure data. Let them wipe and then get nothing in hand.
hyperorb said:
This has been very interesting and so much to learn. Thank you all for great inputs.
Yes. But then Microsoft too is not clean. Browser , Windows.... That way we can never work.
Have it in all my Androids Very helpful at times, even for non theft purpose..
Thanks. Will read more on this.
Once a phone is lost, there's little chance to get it back. Device loss is one thing and data loss (or rather data access) is another. The later at times can have more problems.
I used to keep my id papers (for ease of printing anywhere as needed) on phone (Nokia N5). Lost that phone .. and till date I hope no one used those to buy services, do illegal stuff. That was a lesson learnt hard way
Depends where you are. There are places where one can avail services in other's name using fake ids or stolen data etc.
Hmm.. I think I came across that in OP3. Didn't pay attention though.
It is better to loose one than two. Phone is anyways lost .. so at least we can try secure data. Let them wipe and then get nothing in hand.
Click to expand...
Click to collapse
You don't need to steal someone's phone to get a fake ID with their info. 1500 usd will get you that without it.
As for getting nothing in hand. They got exactly what they wanted. The device. Unless you work for the government in a high place. Then your data is meaningless on your phone. You already put it in enough places on line while using a pc that if they want it they already have it.
I could easily steal someone identity with a little more then what they post on Facebook or other social media outlets.