[Q] Question about Anti Theft SW on market - LG Optimus 2x

There are so many SW available ..for lost or stolen phone.
The protection / safeguard features offered by them are impressive.
But, I feel that anyone who can deliberately
Hard Reset the phone installed with these SW
can effectively negate or bypass the protection.
Perhaps there are other ways too which I am not aware of.
Unless there is some form of protection to prevent
this.
Can this be done ? Is there a way to fully protect your
phone from any tampering unless a password is entered ?
Thank you.

I guess not, but I remember having WaveSecure installed on my G1 in the system. If the thief would then wipe your phone, the program is still installed on it. A thief would have to completely install a new rom to wipe off the program. That's the best solution you can get right now I guess, but for that you'll have to be rooted. ( https://www.wavesecure.com/blog/post/turning-on-gps-remotely.aspx )
I don't know if this is possible with other programs, but am actually interested. Anyone knows about a free program that can track / wipe / lock stuff up and installed in the android system?

There is a project called prey which i'm testing. It's free but not (yet) as advanced as some others.
Google on Prey project and it should come up.
Sent from my LG-P990 using XDA App

Escobarretje said:
I guess not, but I remember having WaveSecure installed on my G1 in the system. If the thief would then wipe your phone, the program is still installed on it. A thief would have to completely install a new rom to wipe off the program. That's the best solution you can get right now I guess, but for that you'll have to be rooted. ( https://www.wavesecure.com/blog/post/turning-on-gps-remotely.aspx )
I don't know if this is possible with other programs, but am actually interested. Anyone knows about a free program that can track / wipe / lock stuff up and installed in the android system?
Click to expand...
Click to collapse
Perhaps a solution is to have a Unique ID Key.
Without which the phone cannot be tampered with, rooted, hard reset
or anything be done to it without this Master Key feature.
The Unique ID key should be one off and issued by the manufacturer
for each phone. And this key is required even by the service station
to open the phone. If the phone is sold by the owner then he
can provide the ID key to the buyer with a small test feature
embedded within for the buyer to verify if key is the right one.
This may help in some ways as the thief would then be forced to
return the phone to the owner for some monetary consideration
rather than be stuck with a brick.
Today's smart phones contain a lot of information and data potential
and these could be much more valuable ( to the owner ) than
the phone itself. And many more new capabilities are being
introduced such as e wallet and e credit cards etc.
And it is not convenient always to update/backup the data on to a PC etc.
The data on the SD card is not an issue as it can always
be saved after encryption.
Read recently that in UK a phone is stolen every 12 seconds.
I am sure the figures for stolen phones are high in other countries too.

I am using Theft Aware.
It is NOT overwritten by a hard reset.
It can only be overwritten by installing a new ROM which is a significant additional protection against the average thief.
It does not require an internet connection (remotely controlled by SMS)
It only costs 3€.
It works flawlessly on my Optimus 2X.
I have successfully tested most of the features.
The only disadvantage is that I have to reconfigure it after each ROM update.

luik said:
I am using Theft Aware.
The only disadvantage is that I have to reconfigure it after each ROM update.
Click to expand...
Click to collapse
But it doesn't take long to reconfigure. I agree Theft Aware is excellent on the O2X.

I use Ceberus on mine and androidlost on by backup defy. Ceberus has more features

Related

[REQ] Password protected boot/fastboot/recovery

Even if one has installed some kind of lockdown/tracking software + lock pattern there is always the possibility that a thief would know how to reflash and/or wipe the phone or be able to use Google to find out how.
Has anyone worked on adding the possibility of locking access to fastboot, recovery and OS boot? (Password protecting adb would also be a nice addition.)
There is not much these forums about it. Here is a thread that died: http://forum.xda-developers.com/showthread.php?t=531225
I would be fine with compiling my own recovery image if that is what it takes to get my own password, but I guess fastboot is the biggest concern.
I hope some smart developers will take their time to read this and think about it. Let's hear some input on how big of a task this is. I am sure it can be done, so take the challenge and show us some love.
wow this is an awesome idea. ya because apps like mobiledefense or wavesecure would be useless if the thief knows how to wipe the phone. this would be great and i would love to see it work. i dont know crap about making my own recovery or else i would do it if thats what it means to make my own password protected recovery. but like u said, fastboot is a greater challenge.
I could see recovery maybe having this but the bootloader you are out of luck unless you have a dev or holiday version of the nexus. We currently cant flash custom SPL's because they are sig checked.
What happens when you forget your password? Brick?
MatMew said:
What happens when you forget your password? Brick?
Click to expand...
Click to collapse
Damn if you forget it than you are just too stupid, lol Jk
but good question, however i don't think any development on this will be done anytime soon, id definitely support it though if it ever starts.
Locking the SPL would require us to be able to write/flash one, which is currently impossible
Maybe a petition to google to set forth this new option then?
Because I was thinking the same thing...our laptops can do it, because duh, if someone steals your lappy they could just wipe to get the hardware so we can put a BIOS password so even thats impossible.
Our so 'open' phones should follow suit...please google, read this. It would be a fantastic option, that way its rendered completely useless to anyone that steals it and is smart with them (aka anyone reading these forums ).
THANKS
I want it
I've been thinking of how to 'secure' my phone's data again since I unlocked the bootloader... but this would be the way.
The feature request goes like this: Password protect the bootloader both for fastboot and getting into recovery (the option to start recovery should be password protected). A wipe is required in order to reset the password.
An additional and optional theft lock (along the lines of what the OP wants) would disable the password reset/wipe feature altogether, essentially bricking the phone if the password is unknown. Not exactly what I want (I just want my data to be safe), but should be easy enough to add both options if we have the code and can flash the SPL.
Obviously this is going nowhere if we can't flash the SPL, but there's no harm in putting this out there for Google to include in the next signed SPL.
Everyone should realize that unlocking the bootloader essentially puts all the data on your phone out there for anyone to grab without a password, given that they know a few things about fastboot/recovery. This is likely why Google forces a wipe when you originally unlock. We 'unlockers' should be given a way to get that security back.
We'd also need to find a way to 'type' a password (for the recovery option) while in the bootloader, since there's no keyboard. You could use the volume toggle to cycle through letters or numbers, but this puts this option far past a 'trivial' change to the SPL code. This may be why Google didn't include the option in the beginning.
theslam08 said:
Maybe a petition to google to set forth this new option then?
Because I was thinking the same thing...our laptops can do it, because duh, if someone steals your lappy they could just wipe to get the hardware so we can put a BIOS password so even thats impossible.
Our so 'open' phones should follow suit...please google, read this. It would be a fantastic option, that way its rendered completely useless to anyone that steals it and is smart with them (aka anyone reading these forums ).
THANKS
Click to expand...
Click to collapse
A computer bios password only keeps people from changing bios settings. They can still format the hard drive.
bubbahump said:
I've been thinking of how to 'secure' my phone's data again since I unlocked the bootloader... but this would be the way.
The feature request goes like this: Password protect the bootloader both for fastboot and getting into recovery (the option to start recovery should be password protected). A wipe is required in order to reset the password.
An additional and optional theft lock (along the lines of what the OP wants) would disable the password reset/wipe feature altogether, essentially bricking the phone if the password is unknown. Not exactly what I want (I just want my data to be safe), but should be easy enough to add both options if we have the code and can flash the SPL.
Obviously this is going nowhere if we can't flash the SPL, but there's no harm in putting this out there for Google to include in the next signed SPL.
Everyone should realize that unlocking the bootloader essentially puts all the data on your phone out there for anyone to grab without a password, given that they know a few things about fastboot/recovery. This is likely why Google forces a wipe when you originally unlock. We 'unlockers' should be given a way to get that security back.
Click to expand...
Click to collapse
This would be really great... an idea, if ever possible, to overcome the bricking phone by password being lost, is somehow emailing it to the registered google account... or maybe sending an sms to a known phone number that was registered before...
dalingrin said:
A computer bios password only keeps people from changing bios settings. They can still format the hard drive.
Click to expand...
Click to collapse
Actually you can set an ON-BOOT password, which will prevent it from being booted at all without the password. Unfortunately, it is not that great a security measure, since you can just reset the BIOS using the jumper on the motherboard. Also, every BIOS manufacturer leaves a backdoor in case of forgotten passwords, just do a Google search for BIOS DEFAULT PASSWORDS.
But, the main thing to remember here is that we do not have a keyboard, and very limited buttons to use. So, what are you thinking of using? A combination of buttons (similar to the quick-reboot)? Or, cycling through with the volume/trackball, kind of like on a briefcase/suitcase (argh, imagine the frustration).
The next thing would be the implementation of such an idea.
If the SPL is to be modified to be password protected, we would need to source code - which I don't think is available.
If the recovery is to be password protected, it would need to have immediate access to a rewriteable portion of the internal memory for storage/retrieval of said password (as would the SPL, but first things first - gotta have the source).
A simple qwerty on-screen keyboard and using the trackball to select characters would work fine. Up and down with volume keys or whatever to type in characters is not a viable option for long passwords.
It seems all this would be of no use without the possibility of flashing our own SPL, so I guess this is a bigger task than I thought at first. We all know SPL's have been hacked many times before, so I believe it can be done on the Nexus One too. But, because of the already unlocked SPL opening up flashing heaven, I am not so sure anyone is going to use any time on figuring it out.
This is what we are left with:
1. Find a way to flash a custom SPL. Piece of cake right?
2. Create an SPL with the possibility of adding password protected fastboot/recovery. Protecting boot will probably not be necessary, as it would make it impossible to trace a stolen phone.
Let me comment on the privacy issue: I am not really very concerned about the data on my phone. Of course I would not want all the pictures and videos I have shot to fall into the hands of complete strangers, but I try not to keep secret/sensitive data on my phone. It is not really very difficult to take the sdcard and put it in any other device or card reader to get all the data off of it. All the password protection in the world will never get us around some physical security. (Maybe I should make another request for encrypting the sdcard?)
What I want is to be able to somehow find the bastard(s) that took my mobile and get it back without it being wiped first. Though there is always the risk that they would not get past the unlock pattern and just throw it away right away. Let's just hope they left it powered on within network coverage.
How does Android store Gmail login credentials? Are the information cookie-like (only session information) or is there an actuall password (encrypted or not, doesn't matter) stored somewhere? If the latter than that would be very bad for the security of the Gmail account (most critical apps there are Mail and Checkout). It would probably be a good idea to change the Gmail password as soon as one starts missing his Android phone.
--
One way of increasing the odds to get a stolen phone back would be to flash a custom ROM with an embeded and preconfigured security application that installs automatically and silently after a wipe. Not perfect because a thief could just flash another ROM but there's a greater chance of a device getting wiped than not getting wiped, right?
I guess a password in recovery would add an extra percentage to those odds too.
So much for this request. Someone moved us to Q&A, so I guess this is doomed for now. We'll just have to keep our phone safe.
maedox said:
So much for this request. Someone moved us to Q&A, so I guess this is doomed for now. We'll just have to keep our phone safe.
Click to expand...
Click to collapse
Sorry for the bump. But seriously this is a must.
Any Nexus with unlocked bootloader leaves the internal memory unprotected (All your photos in DCIM folder, etc).
You just need to enter fastboot and flash a custom recovery.
Hello
Well i have a phone that has exactly what was being mentioned in this thread and i have literally tried everything everyone is saying about flashing, etc.

[Q] Stolen Phone - How accessible is my data on my phone

My phone was stolen yesterday evening. They turned it off which of course locked the pin, but if they remove the pin, how much of my phones data is accessible including saved passwords on accounts?
Can someone remove their SIM and see what access the phone grants them to accounts stored on the phone, like email etc?
To the best of my knowledge if they pull the sim card they will not be able to access any of it, and I doubt they stole the phone to get into your gmail. If someone stole it for themselves and are able to get past the pin, they will likely wipe it asap. If someone stole it to sell...the same.
Still to be on the safe side you should change your password with Google and any other accounts that could access your credit card info.
Sorry your phone was stolen, but your secrets should be safe.
Sent from my GT-I9000 using XDA Premium App
effgee said:
My phone was stolen yesterday evening. They turned it off which of course locked the pin, but if they remove the pin, how much of my phones data is accessible including saved passwords on accounts?
Can someone remove their SIM and see what access the phone grants them to accounts stored on the phone, like email etc?
Click to expand...
Click to collapse
Not sure on the I9000 version but i know I can get at all the info with or without a simcard inserted on the Captivate. I would change your passwords ASAP.
Thanks.
I've already gone ahead and changed my gmail password.
Luckily I wiped recently and didn't have many things installed.
I'm terribly depressed about this situation.
My phone, twas a gift.
Thanks for the advice and help.
When I changed SIM in my Galaxy S, phone asked me to re-enter gmail credentials. Unfortunately your data is not encrypted, so the thief can see your SMS, Skype chats and other things (especially if the phone was rooted). Android really sucks in terms of security
There is a tracker and remote wipe built into the security settings of the SGS but it needs to be activated and set up. A little late for you now but maybe for the future or others. BTW it still works even if the sim is changed and you can use the gps (even if switched off) and Google maps to pinpoint it.
my phone was stolen to, well, they did wipe him just before I used my lookout. damn.
but I also advise you to change some passwords.. just incase.
mrsufgi said:
my phone was stolen to, well, they did wipe him just before I used my lookout. damn.
but I also advise you to change some passwords.. just incase.
Click to expand...
Click to collapse
I use lookout as well - luckily haven't really had to use it yet.
There is an app called 'plan b' which you can install over the air from the market on android.Com/market, it allows you to track your phone but if the have cleared of then your most likely out of luck :/ your sd card will be fully accessible... hope you can manage to get it back
Sent from my GT-I9000 using XDA Premium App
Kops said:
I use lookout as well - luckily haven't really had to use it yet.
Click to expand...
Click to collapse
Afaik that can be uninstalled rather easily. Anyways, it's not really stealthy.
If you really want a stealthy track, lock, and wipe solution try Theft Aware from the market (7 days free) or google it, can be used without root (but root offers better features). Cheaper than Lookout too as it's a one-time fee.
If they steal my phone I could simply wipe it (installed on /system so it survives the wipe), lock it, trace it, anything by simple SMS commands. So even if I couldn't get it back at least I can wipe all data.
Won't help the OP sadly but for others this may be useful.
In really sorry for this incident mate
First I assume that you've changed your google & any email password u have over your device.
Next thing, I want u to make a call to your carrier so they block ur device via restricting the imei.
I had this question in my mind so I added a thread previously.
forum.xda-developers.com/showthread.php?t=893247
Sent from my GT-I9000 using Tapatalk
Rycon said:
Afaik that can be uninstalled rather easily. Anyways, it's not really stealthy.
If you really want a stealthy track, lock, and wipe solution try Theft Aware from the market (7 days free) or google it, can be used without root (but root offers better features). Cheaper than Lookout too as it's a one-time fee.
If they steal my phone I could simply wipe it (installed on /system so it survives the wipe), lock it, trace it, anything by simple SMS commands. So even if I couldn't get it back at least I can wipe all data.
Won't help the OP sadly but for others this may be useful.
Click to expand...
Click to collapse
Lookout is a free app. Also, it can be run in "hidden" mode, and you can chose to have it run silently, and only be uninstalled via web .

[Q] Phone encryption and performance hit

Did anybody try to encrypt the z3compact? Is the performance hit noticeable or negligible?
I'm very fought about encrypting my phone. Would I lose the smartlock feature?
Thanks in advance
I encrypted it, including SD card. There is no visible impact I would say. I think PIN and password is the only unlock option after encryption, the biggest drawback for me is that you can't manage it with Sony Companion after encryption (as Sony did not manage to implement support it seems).
PIN and password are the only options available after encryption and you'll probably lose smartlock.
In KK at least performance was about the same. Though it did reduce my battery life...
i9300usr said:
I was curious to know if this was true with Sony Bridge too (Mac app), and I found this thread on the Sony forums. The Sony mods there insist that this is a choice by Sony to maintain security. Apparently none of them have heard of encrypted backups (à la iPhones). So, possible this will never be implemented.
Click to expand...
Click to collapse
It's not that important, ADB backups work and are more complete, only drawback is the time they take
i9300usr said:
I was curious to know if this was true with Sony Bridge too (Mac app), and I found this thread on the Sony forums. The Sony mods there insist that this is a choice by Sony to maintain security. Apparently none of them have heard of encrypted backups (à la iPhones). So, possible this will never be implemented.
Click to expand...
Click to collapse
i9300usr said:
So, just to make sure I understand you correctly: ADB allows users to make backups of encrypted Sony Xperia phones? Are the backups encrypted or unencrypted? And is the restore process straightforward?
Click to expand...
Click to collapse
Yes ADB allows you to make a full encrypted backup of your phone (including apps installation files). The restore process is straightforward as well but it's not as complete as say an iPhone backup. ADB might not be able to access some files, especially ADB might restore all your apps but not your launcher settings, folders, etc...
Even though the backup is encrypted, keep in mind that if you use a four digits code it can be bruteforced in less than 10s so encryption does not mean much in this regard.
difto said:
...Even though the backup is encrypted, keep in mind that if you use a four digits code it can be bruteforced in less than 10s so encryption does not mean much in this regard.
Click to expand...
Click to collapse
This is interesting. Are you referring to a code ADB requires or the code used on the phone? I use a pattern on the phone.
scottjb said:
This is interesting. Are you referring to a code ADB requires or the code used on the phone? I use a pattern on the phone.
Click to expand...
Click to collapse
If you encrypt your phone you cannot use the pattern anymore. The ADB password is the same as your phone password so either 4 digits or a real password.
difto said:
If you encrypt your phone you cannot use the pattern anymore. The ADB password is the same as your phone password so either 4 digits or a real password.
Click to expand...
Click to collapse
I have my phone encrypted and use a pattern. I was not required to change it to a PIN when I encrypted it.
That's why I asked, I wonder how ABD would handle the pattern.
You can transfert files when the phone is mounted as mass storage and unlocked, that's why Sony isn't consistent. You can also transfert files using a third party ftp server like es file browser.
I encrypted my phone last week. Not really noticed any difference in terms of general performance and battery life. One thing I hate is that if you fail to enter the correct password 10 times your phone gets wiped. I hate this because it just makes it easy for people to troll you and makes a thief's job easier because your essentially getting your phone ready to be sold on and also locking yourself out so it can't be tracked.
Another negative is startup takes forever but, you don't really reboot phones much anyway
i9300usr said:
Sounds like something I might actually use. Thanks for the feedback.
So, this is by default and can't be disabled by the user? Hmm, Apple's iOS at least makes the wipe optional.
So much this. Makes backing up your phone every day a necessity just in case. But then:
a) how many people are actually aware the wipe is mandatory for encrypted phones,
b) how many would be mean-spirited enough to actually do this,
and
c) how can people tell if your phone's encrypted?
I think the likelihood is low, but I guess that depends on the company you keep. But if it's that kind of company, you're probably wise enough to keep the phone in your possession all the time anyway.
Unless you're running 5.1, and have enabled "Device Protection" - if Google have actually implemented it? Did the promised "kill switch" actually make it to our phones?
How useful is the tracking anyway? Do the Police even care? I've read articles where the owners themselves had to retrieve their phones, and that can be a very tricky prospect.
Yup, very infrequently these days.
Well, this is all better than the non-existent encryption on my S3.
Click to expand...
Click to collapse
Sadly, no you can't disable the wipe after 10 failed attempts. Well I'm uni student and you know what some people are like when it comes to trolling! I don't think z3 compact has the device protection. Not mine anyway. The police should track it. Well I've heard they help here in the UK
I think it's better to go without encryption, root with locked bootloader and install Cerberus to system partition, and use a strong lock pattern or password.
No worries of 10 try wipes, more secure lockscreen options, and can still track the phone even after a factory reset (unless they reflash the entire system.)
cschmitt said:
I think it's better to go without encryption, root with locked bootloader and install Cerberus to system partition, and use a strong lock pattern or password.
No worries of 10 try wipes, more secure lockscreen options, and can still track the phone even after a factory reset (unless they reflash the entire system.)
Click to expand...
Click to collapse
I think there's a tendency to speak too lightly of rooting. It invalidates warranty, which is a big deal for a US$400–600 phone such as this. Even after the warranty expires, I think it places far too much responsibility on the user to solve any problems that may arise, which can be onerous if the phone actually serves a purpose (as opposed to being merely a prestige item, which I'm sure it frequently is).
Rooting is a nice concept, but it presents real-world problems that can entirely negate any benefits gained; it's not the panacea it purports to be.

Magisk Security Risks

I have googled but haven't found answer:
With the use of Magisk one can root his device and yet use Android Pay
but what risks for the user to have his money used by a thief in possession of his rooted smartphone?
You can remotely wipe the device via Android Device Manager..
But no chance that my Android Pay is used before I wipe the device?
EMJI79 said:
But no chance that my Android Pay is used before I wipe the device?
Click to expand...
Click to collapse
What if you removed the card that has been setup from Google Wallet Website?
EMJI79 said:
but what risks for the user to have his money used by a thief in possession of his rooted smartphone?
Click to expand...
Click to collapse
The exact same as a thief in possession of an unrooted phone. The Android Pay root prohibition is a precaution against software security breaches, not physical theft of the phone.
kartikb said:
What if you removed the card that has been setup from Google Wallet Website?
Click to expand...
Click to collapse
I don't understand you?
I am worrying that the thief or the people who finds my smartphone uses it before I can wipe the phone.
I rather have it impossible to use my android pay.
I was wondering if Google tried to unable android pay on a rooted phone because it would be too easy for someone else to exploit it.
EMJI79 said:
I don't understand you?
I am worrying that the thief or the people who finds my smartphone uses it before I can wipe the phone.
I rather have it impossible to use my android pay.
I was wondering if Google tried to unable android pay on a rooted phone because it would be too easy for someone else to exploit it.
Click to expand...
Click to collapse
A thief that steals you phone will have the same access as one that steals an unrooted phone.
You need to physically secure your device. This is no different that a bad guy getting hold of your credit card.
This is exactly why a password is required to unlock the phone.
A rooted phone may have data compromised by an application if you grant it root.
This is the issue.
I grant permissions mainly to Titanium Backup and AdAway.
My concern was that someone could use my Android Pay by plugging it to its computer and knowing a little bit of computing.
It seems it isn't the case so I think I'll root the next smartphone I am receiving in a few days.
I also use root to install apps for changing build.prop or dpi/font, if I follow what you say, by denying cellular and wifi access to these apps, I should be safe, right?
I do believe that NFC control and internet access are two separate permission,and so does the process​. Since NFC can work without a SIM,and run on it's own piece of hardware,we can assume that NFC and phone's radio signal have almost nothing to do with one another.All of your credit card information would actually be storred on the NFC hardware encrypted rather than your phone's system. Evidently by the fact that banks and phone companies have been offering NFC stick on accessories for unsupported smartphone.The app only act as a terminal to let you control your NFC hardware.
So in short,NFC is much safer than a normal credit card, information stored by NFC can't be access by any level of phone system access.But a rooted phone might allow others to bypass your screen lock and turn on your NFC.
P/s: build.prop can be edited as easily as using a file manager with root access.Or if you're that lazy just find a zip file and flash it.Any build.prop editing app are essentially scam!!
Along with my regular bank account, I use Simple bank. Simple bank is the only card I use in Android Pay.
Their Android app allows you to block and unblock your card instantly. So I'll keep the card blocked all day everyday until I'm about to use it at a terminal/online/ATM to make a purchase. Once it goes through I block it again immediately. If someone gets ahold of my phone when I don't notice, they can try to use Android Pay, but it won't work since I keep it blocked. See? The only real scenario they could get around that is if they steal my phone out of my hands while I'm in line at a store with security cameras, right after I unblock it. In that situation though, I'd just take out my Nexus 5 (main phone is Nexus 6P) and block it on that since I have it installed on both. Any attempted purchases while blocked will be declined. I also like this method because if my card gets skimmed at an ATM / gas station, I'll see declined purchases on the card without actually losing any money. Then I can just report it as stolen / skimmed and have it deactivated and sent a new one.
Here's a link to the bank app if you want to look into it. You apply right from the app and get an account setup (if approved) within a few business days;
https://play.google.com/store/apps/details?id=com.banksimple
I should also note that they only recently (less than a week) started supporting Android Pay. They use a partner bank to back them. It used to be Bancorp, but they switched to BBVA Compass. You'll need the BBVA backing bank to use AP. Bancorp is not supported. I believe they switched everyone to the new partner bank & all new customers use them as well, but it might be worth it to look into their support site or call them yourself to be sure.
Magisk is not altering system partition
So your apps actually can't be tampered and people can't get info from apps. The main issue in rooted devices people can get the information stored in app's private database and preferences so what actually Magisk is doing moving or helping the banking apps or apps those need to be run to a more safe place that is safe from outside activities.

Question How to recover accidentally erased Camera folder from Samsung S21 Ultra - Data Recovery Android 12 / Root?

Problem:
My mum has an Android-based Samsung phone and unfortunately, when the main folder with photos ("Camera") was moved from the Phone to PC via USB cable, it was made using Cut and Paste. By accident the files were pasted into Recycle Bin and we received warning "Files will be permanently deleted. Do you wish to proceed?". We pressed "No" to abandon this process and undo the mistake. Nevertheless, the entire folder "Camera" has already disappeared from the window of DCIM folder on the phone (as viewed from PC). Similarly, the folder appears to have been deleted when viewed from within the phone. (also the phone now has 150 Gb free, while before the process it had 110 Gb free, so it appears 40 Gb of photos have been deleted....
Attempts to fix:
Standard photo / data recovery services failed to bring results (searching hidden folders using Windows Explorer, Total Commander and Ultdata Android).
We then tried two professional software solutions (Cellebrite UFED and Oxygen Forensic Device Extractor -- Android Agent), which also did not manage to locate photos on the device.
It appears as if they were completely deleted.
The same person who used the two prof software solutions above has access to PC-3000, but he claims it's not suitable for Android data recovery (?)
We have already spent 2 days and hundreds of dollars on consultations, which unfortunately still have not brought any results, while the emotional weight of deleted memories is haunting us. Thus, we appeal to help of this forum.
Current thoughts:
#1 All other methods suggested require rooting the phone, which apparently will wipe the whole and make recovery of that specific folder even less likely (correct me if I'm wrong).
#2 All suggestions to make back-up of the phone / clone the entire memory are not relevant, as the only files that are of importance here are the files in the deleted folder, and those files are not hidden and therefore will not copy into this back-up anyway (correct me if I'm wrong).
#3 One person told us to ask Samsung customer service, but their response was that they don't do data recovery and that they only can restore if there was Samsung cloud backup activated.
Questions:
Q1: What is our best course of action? It seems, rooting is one way or another, inevitable. What rooting method would be best to use here, given the situation and my phone specifications? I understand that there is no 100% guarantee to recover the erased photos, but we would like to at least give it a try with maximum chances of success.
Q2: Given that the files we want to back-up are already deleted and not visible, is it even worth it to try to make any back-ups? or will it be in vain, and should we just proceed to rooting and further recovery attempts?
Q3: IF, we successfully root, what is the best way to access the hidden data? Do we need help of this expert who has PC-3000 and specialized software, or is it going to be accessible using our own PC+USB cable + extra downloaded software?
Phone:
Samsung S21 Ultra (G998B). Android 12. No cloud, no backup. Phone not used for now. New data is not copied onto the phone. Phone not rooted.
Thank you for all your help. I do hope to find some solution. We are down hundreds of dollars, many hours of talking to consultants, many of whom appear to just google potential solutions and offer us some basic things, while the pain of cherished memories potentially lost forever is the worst, much worse than money lost. Any help or constructive feedback would be appreciated!
BTW if someone offers a working solution, I can offer consultancy fee for time and success fee in case of recovery.
Root probably won't be possible without unlocking the bootloader, and unlocking the bootloader factory resets the phone, which formats the internal storage and permanently deletes everything. I've used root apps to recover deleted photos and videos before but that only works if the phone was already rooted, or if there's a way to do it without wiping the phone. When I joined XDA almost a decade ago it was relatively common to see root methods that used exploits, and didn't require you to wipe the phone but that's not really a thing today. All this is to say that root is almost certainly not a viable option.
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Maybe you can download a folder files of camera for the S21 Ultra :U
KingFatty said:
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Click to expand...
Click to collapse
^this^ Your best shot. With this you may only get one shot especially if you cause more damage by misadventure...
Others here have gone this route and gotten good results. $400-800 for non rush service is in the ballpark.
KingFatty said:
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Click to expand...
Click to collapse
blackhawk said:
^this^ Your best shot. With this you may only get one shot especially if you cause more damage by misadventure...
Others here have gone this route and gotten good results. $400-800 for non rush service is in the ballpark.
Click to expand...
Click to collapse
Thank you. I have come across some websites mentioning this, but could not find any agency of repute in my region offering such a solution. And especially if I can only get one shot with this, I definitely want to pick the best agency to try it out. The photos inside are worth it for me to shell out hundreds of dollars if necessary...
I wonder also, if we can reasonably expect technical progress to be able to solve this situation. I don't mean some stuff like quantum computing, but for instance I'm aware that PS3 has recently been cracked , a few years after it came out. Can I reasonably expect something similar to happen to Android 12 that what's not breakable/crackable today, may become so in 1-2 or maybe 3-4 years? While I'd hate to have to wait for 2-3 years, there's nothing time-sensitive in those photos; just family moments that I would like to be able to revisit 10 years later, so if I only will be able to access them later on, that's fine, I can just put my phone in a drawer for a few years and wait. As long as this wait is not in vain. Definitely don't need false hope.
Thanks for your feedback!
samsungs21 said:
Thank you. I have come across some websites mentioning this, but could not find any agency of repute in my region offering such a solution. And especially if I can only get one shot with this, I definitely want to pick the best agency to try it out. The photos inside are worth it for me to shell out hundreds of dollars if necessary...
I wonder also, if we can reasonably expect technical progress to be able to solve this situation. I don't mean some stuff like quantum computing, but for instance I'm aware that PS3 has recently been cracked , a few years after it came out. Can I reasonably expect something similar to happen to Android 12 that what's not breakable/crackable today, may become so in 1-2 or maybe 3-4 years? While I'd hate to have to wait for 2-3 years, there's nothing time-sensitive in those photos; just family moments that I would like to be able to revisit 10 years later, so if I only will be able to access them later on, that's fine, I can just put my phone in a drawer for a few years and wait. As long as this wait is not in vain. Definitely don't need false hope.
Thanks for your feedback!
Click to expand...
Click to collapse
There's a thread here I posted on going 4-8 months. He had hid data recovered from a Samsung for $1200 rush job vs the usual $800 charge). I've tried to find it, but you see my post count. Usually that works in my favor but not always He shipped it to them if I recall correctly.
Try these guys. That may be the company he used. Been too long and it was of passing interest to me. If you do recover the data please report back. Many posters here have asked for this.
Due to the way those files were lost they may not be recoverable. Personally I would've written them off. However only a recovery specialist can say for sure.
blackhawk said:
There's a thread here I posted on going 4-8 months. He had hid data recovered from a Samsung for $1200 rush job vs the usual $800 charge). I've tried to find it, but you see my post count. Usually that works in my favor but not always He shipped it to them if I recall correctly.
Try these guys. That may be the company he used. Been too long and it was of passing interest to me. If you do recover the data please report back. Many posters here have asked for this.
Due to the way those files were lost they may not be recoverable. Personally I would've written them off. However only a recovery specialist can say for sure.
Click to expand...
Click to collapse
reached out to the guys you recommended, though their website / social media have not been updated since 2020... Will report back on the progress.
samsungs21 said:
reached out to the guys you recommended, though their website / social media have not been updated since 2020... Will report back on the progress.
Click to expand...
Click to collapse
I'm not sure that's who he used and I know only what I read on their site. Just saying...
Can't you just plug the phone to a PC and use a recovery tool like DiskDrill, or something?
Flash the original firmware
Samarimama said:
Flash the original firmware
Click to expand...
Click to collapse
That would do nothing except complicate the issue.
RSGI said:
Can't you just plug the phone to a PC and use a recovery tool like DiskDrill, or something?
Click to expand...
Click to collapse
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
samsungs21 said:
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
Click to expand...
Click to collapse
I should mention that even if the jpegs can be recovered their exif data is not able to be associated with the jpeg. The folder structure is lost as well. A sea of jpegs with no time stamp or original image name. A daunting task in itself to sort these out.
Make a factory reset
Samarimama said:
Make a factory reset
Click to expand...
Click to collapse
That would overwrite the lost data potentially making it impossible to recover as if it's not already bad enough.
It was a simple data transfer that went bad (this can happen), nothing indicates the user partition or rom are corrupted... throwing rocks at it doesn't help.
samsungs21 said:
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
Click to expand...
Click to collapse
Try an app called "Disk Digger". Its on the playstore. It might belp.
RSGI said:
Try an app called "Disk Digger". Its on the playstore. It might belp.
Click to expand...
Click to collapse
If you're not going to use a professional recovery service, go for it.
Otherwise using the device risks overwriting the now unallocated data... once overwritten recovery is completely impossible on a flash drive.
blackhawk said:
That would overwrite the lost data potentially making it impossible to recover as if it's not already bad enough.
It was a simple data transfer that went bad (this can happen), nothing indicates the user partition or rom are corrupted... throwing rocks at it doesn't he
Click to expand...
Click to collapse
Samarimama said:
Make a factory reset
Click to expand...
Click to collapse
That would definitely ruin his chances of any recovery... just avoid making any writing on the storage, cause if the data you want to recover is overwrite, it's definitely gone... at least intact...

Categories

Resources