Related
Hi!
Somethig strange just happend... Grab my Samsung Galaxy Tab and noticed, that wifi was off... so i turned it on... it said scanning... and after 5 or 8 seconds wifi turned off by itself... tried again... turned off again...
so...
rebooting - no help...
what's going on??? help?
--------------
ok, factory reset helped.... but i'm still wondering.... was it a virus... does anyone know sth about it??
The word "virus" isn't really applicable to Android devices. If used in VERY broad terms it almost applies, but even then it's a stretch.
There are programs that do malicious things out there, and the best thing you can do to avoid that is check the permissions on everything you download.
I doubt it would have been a virus. There are a lot of other explanations. But, for peace of mind, search the market for AVG and download the free version. Personally, I think it is more often than not a source of false positives, but as I said, it can provide some peace of mind as well
Seamus1 said:
There are a lot of other explanations.
Click to expand...
Click to collapse
Like...? Give me some ideas, please.
Well, I will say from the outset that I am not an expert at the technical details when it comes to such things. I would imagine that there was either some kind of corruption with the configuration files, or possibly with the OS itself. I have seen certain devices that occasionally reboot when power to WiFi is toggled on, for example. As to what caused it, there are really far too many possibilities to be able to say. I think that it would be difficult to get a virus from any of the app markets, most questionable stuff gets flagged. And of course you have the ability to see what these apps have access to. So perhaps it was an app that you allow network access to that screwed up the configuration through an error. Installing stuff that is non-market and of questionable repute could very well get you something malicious though.
Anyway, my original suggestion was going to be to try wiping all of the associated configurations and clearing the cache. But, you had already posted that you had it sorted out, so I didn't bother.
I am sure there are more informed people who could shed more precise light on the matter, these were just my ideas.
This does "just happen" sometimes. Usually, forgetting the connection information and re-entering it does the trick. If that doesn't then a hard reset (as you've already discovered) is the next best thing.
The technical term for what happened is "glitch".
In case you didn't know, Google has silently implemented FREE tracking for almost all androids. It also allows you to erase the phone if you feel that it's necessary, all you have to do is enable it as a device admin. I realize there have been apps on the market for a long time now that do this (and more) however Google doesn't require you to install or update any apps to use this service and from my brief testing it seems to work amazingly well right off the bat.
Go here and bookmark: https://www.google.com/android/devicemanager
it's about time they did this. i've hated having to install lookout or avast for decent location and remote wipe. now, that is more. further proof why you don't need an AV on your phone.
The only thing missing that I would like to see in future updates would be the ability to remotely lock the device so that a thief would have a harder time fooling around with the phone before you can track it. I've been using Where's My Droid for a long time but it lost the web interface tracking a while ago and that's been a bummer.
Is there any way to uninstall this useless feature? I never use GPS in my phone (because of the horrible reception, also because I am able to navigate without it), and also do not lose it.
Also, I already encrypted my device, so people can't do anything with it when they find it.
Also, whilst I am at it, I really do not like the way google forces their "content" down the wide opened throat of the community. I did not like the way they went with google services framework, and how you can't do jack sh*t without it, and I do not like the updates and "progression" they make.
Soo, any idea on how to get that off my phone?
Cheers!
PS: Everything I wrote is my own opinion, and if yours differs, at least RESPECT mine. If not, I could not care less about yours and do not get upset if I make fun of it. (Just in case some fanboy tries to attack me )
IRKONIK said:
Is there any way to uninstall this useless feature? I never use GPS in my phone (because of the horrible reception, also because I am able to navigate without it), and also do not lose it.
Also, I already encrypted my device, so people can't do anything with it when they find it.
Also, whilst I am at it, I really do not like the way google forces their "content" down the wide opened throat of the community. I did not like the way they went with google services framework, and how you can't do jack sh*t without it, and I do not like the updates and "progression" they make.
Soo, any idea on how to get that off my phone?
Cheers!
PS: Everything I wrote is my own opinion, and if yours differs, at least RESPECT mine. If not, I could not care less about yours and do not get upset if I make fun of it. (Just in case some fanboy tries to attack me )
Click to expand...
Click to collapse
you can disable the google play services in a custom ROM (i think it's built-in to android 4.2.2) but it'll break the YouTube app, and as you said, you're limited without it. as far as like older ROMs go (ICS, GB, etc.), the app isn't built-in and you can uninstall it.
I personally find google play services somewhat useful (especially now with the ADM), and i use YouTube occasionally so i need it for that, but we all have our own opinions, as you said, and I'd personally like to keep things civil.
and if you hate the services that much, you can actually reflash the ROM you're using without Gapps. it will be a limited experience, but the Play Services won't be there
IRKONIK said:
Is there any way to uninstall this useless feature? I never use GPS in my phone (because of the horrible reception, also because I am able to navigate without it), and also do not lose it.
Also, I already encrypted my device, so people can't do anything with it when they find it.
Also, whilst I am at it, I really do not like the way google forces their "content" down the wide opened throat of the community. I did not like the way they went with google services framework, and how you can't do jack sh*t without it, and I do not like the updates and "progression" they make.
Soo, any idea on how to get that off my phone?
Cheers!
PS: Everything I wrote is my own opinion, and if yours differs, at least RESPECT mine. If not, I could not care less about yours and do not get upset if I make fun of it. (Just in case some fanboy tries to attack me )
Click to expand...
Click to collapse
Other than what was already said I don't think there's a way to remove it, but just look at it this way... it doesn't take up any space and won't just activate by itself, so it's really not inconveniencing you in any way. I understand you don't want to be force-fed features that you don't want, and I absolutely respect that, but for many (myself included) this was a long overdue feature that will no doubt help many many users. This kinda stuff comes with the territory of owning a 'connected' device like a smartphone, so if you really want to get off the grid, just go back to a dumb-phone (yes they still exist).
Sorry for the "rant", but these updates cost me money, since I don't have a flatrare on my phone. (And Android OS still uses my data, whilst I have it turned off. Which is strange)
I actually do own "a few" dumb phones, one for calling, one for getting called, one for SMS.
So I am off grid, at least a little bit.
I actually never understood that feature. As I stated above, I am not the kind of person that loses stuff (OK, maybe sometimes my manners ) nor did I ever had something stolen from me. People tried, but never succeeded.
I am looking forward to Replicant, so I can finally shove my middle finger up Googles fat back-ends (of the wafer. Also it is somehow connected to the fat file system. Not what you thought )
Some day.. Soon.
IRKONIK said:
Sorry for the "rant", but these updates cost me money, since I don't have a flatrare on my phone. (And Android OS still uses my data, whilst I have it turned off. Which is strange)
I actually do own "a few" dumb phones, one for calling, one for getting called, one for SMS.
So I am off grid, at least a little bit.
I actually never understood that feature. As I stated above, I am not the kind of person that loses stuff (OK, maybe sometimes my manners ) nor did I ever had something stolen from me. People tried, but never succeeded.
I am looking forward to Replicant, so I can finally shove my middle finger up Googles fat back-ends (of the wafer. Also it is somehow connected to the fat file system. Not what you thought )
Some day.. Soon.
Click to expand...
Click to collapse
Replicant is available for the galaxysmtd (international galaxy s). it's not fully functional though, because there aren't a ton of open-source libraries and drivers available. if you want replicant on this phone, you gotta learn how to code, and how to build from source.
supernexus is kinda like replicant except it uses a lot of closed-source libraries that make things work. as i said, just don't flash the google apps package. it's basically a clone of the Nexus firmware, as you get all the AOSP components, nothing more or less. oh and also, very minimal google integration without Gapps
How does it work
So does Android Device Manager track the phone or tablet by the hardware signature or by Google account? I ask because I lost my Nexus 7 last Monday and immediately changed my Google Account password. Now when I try to track the Nexus 7 using Android Device Manager it shows that it has not been used since last Monday.
Capt-Capsaicin said:
So does Android Device Manager track the phone or tablet by the hardware signature or by Google account? I ask because I lost my Nexus 7 last Monday and immediately changed my Google Account password. Now when I try to track the Nexus 7 using Android Device Manager it shows that it has not been used since last Monday.
Click to expand...
Click to collapse
Hardware i reckon, when i used this it let's me choose which device I've used with my Google account. It sees phone as different again when I've flashed a new ROM.
Crawshayi said:
In case you didn't know, Google has silently implemented FREE tracking for almost all androids. It also allows you to erase the phone if you feel that it's necessary, all you have to do is enable it as a device admin. I realize there have been apps on the market for a long time now that do this (and more) however Google doesn't require you to install or update any apps to use this service and from my brief testing it seems to work amazingly well right off the bat.
Go here and bookmark: https://www.google.com/android/devicemanager
Click to expand...
Click to collapse
CM Team Announces CyanogenMod Account For Remote Device Wipe/Tracking, Dual-Release Branches For Better Security
Posted by Ryan Whitwam in News
http://www.androidpolice.com/2013/0...ng-dual-release-branches-for-better-security/
CM guys still finding ways to 1-up google android :silly:
.
I have been going through and optimizing my T813 by disabling stuff that doesn't need to be running, firewalling off anything that does need network access, etc. However, I've run into a couple odd issues.
The first is DRParser.apk (DRparser Mode). It is marked as safe to disable on the Galaxy S6/S7, and I have. Or at least I tried. Even when it is frozen, it is somehow getting started because it is banging at the firewall like nuts. I have AFWall+ setup to show toasts from the logger, and it is constantly showing DRparser Mode has been denied access to a half dozen IP addresses. I double checked, and yes, it really is disabled in Titanium Backup. There is some serious WTH going on here, as it persists after a reboot. I have used TiBu to successfully freeze other services, so I'm not sure what is so special about this one.
The other weird one is mDNS, which I believe is part of the "find stuff nearby" functionality. I don't actually have a problem with it, but I can't find a specific service to enable in the firewall. I'm guessing it's bundled with something else, but I'm not sure what. It's also getting flag by AFWall, but not nearly as often.
The last one is the game optimizer service. I'm not sure why it is trying to access the network, but it is. I'm tempted to freeze it, but I'm not sure what it actually does.
Anyone have any ideas on these?
jshamlet said:
I have been going through and optimizing my T813 by disabling stuff that doesn't need to be running, firewalling off anything that does need network access, etc. However, I've run into a couple odd issues.
The first is DRParser.apk (DRparser Mode). It is marked as safe to disable on the Galaxy S6/S7, and I have. Or at least I tried. Even when it is frozen, it is somehow getting started because it is banging at the firewall like nuts. I have AFWall+ setup to show toasts from the logger, and it is constantly showing DRparser Mode has been denied access to a half dozen IP addresses. I double checked, and yes, it really is disabled in Titanium Backup. There is some serious WTH going on here, as it persists after a reboot. I have used TiBu to successfully freeze other services, so I'm not sure what is so special about this one.
The other weird one is mDNS, which I believe is part of the "find stuff nearby" functionality. I don't actually have a problem with it, but I can't find a specific service to enable in the firewall. I'm guessing it's bundled with something else, but I'm not sure what. It's also getting flag by AFWall, but not nearly as often.
The last one is the game optimizer service. I'm not sure why it is trying to access the network, but it is. I'm tempted to freeze it, but I'm not sure what it actually does.
Anyone have any ideas on these?
Click to expand...
Click to collapse
I can't even find anything via google that even explains what this apk does. But I did find that the app associated with it is com.sec.android.app.parser. You might want to look for that in /Setup/apps. Once you open apps, you might have to click the settings and choose "show system" for it to appear in the list. I'm running the RR ROM on my T810 and that app isn't installed with the Pico gapps, so I can't test it.
edit: After a little more research, it appears that the apps function is to decode "special codes" that you dial on your phone. Without it, you won't be able to dial those codes. But I have no idea why that would require access through your firewall. But it would explain why it isn't found on my T810, which doesn't have a cellphone function.
This is on a T813, which also has no LTE functionality. I'm guessing Samsung puts a largely "standard" image on these devices, as it also has the Phone services as well. (from poking around, this thing feels a bit like a gigantic Galaxy S6). However, it's a moot issue, as it is lumped under a bunch of other stuff, at least a couple of which do require network access. So, whatever it is, I have to let it through. :|
I did, however, come across some info on the mDNS issue:
https://forum.xda-developers.com/showpost.php?p=63977673&postcount=2742
Apparently that is a strange AFWall+ issue, and there is a custom script to resolve the issue.
jshamlet said:
This is on a T813, which also has no LTE functionality. I'm guessing Samsung puts a largely "standard" image on these devices, as it also has the Phone services as well. (from poking around, this thing feels a bit like a gigantic Galaxy S6). However, it's a moot issue, as it is lumped under a bunch of other stuff, at least a couple of which do require network access. So, whatever it is, I have to let it through. :|
I did, however, come across some info on the mDNS issue:
https://forum.xda-developers.com/showpost.php?p=63977673&postcount=2742
Apparently that is a strange AFWall+ issue, and there is a custom script to resolve the issue.
Click to expand...
Click to collapse
It may be "lumped with other stuff" but I would think that "the stuff" would all be phone related and therefore removable. It isn't there in the custom ROMS. Did you look for the app I listed in your app settings?
Yes, it's there. DRParser.apk in /system/app. I can, if I need to, delete it now that I have a full system backup on the SD card - which I suppose is the next step. I usually disable services rather than deleting them, though.
jshamlet said:
Yes, it's there. DRParser.apk in /system/app. I can, if I need to, delete it now that I have a full system backup on the SD card - which I suppose is the next step. I usually disable services rather than deleting them, though.
Click to expand...
Click to collapse
Renaming or deleting the apk is an option, but I was talking about disabling com.sec.android.app.parser in the app settings.
Hello,
I'm a bit of desperate and I come here to XDA with the hope to find some useful advide. :crying:
I know you probably have read many posts like these, but if you will read mine I hope you will find it different because there are some technical things to be explained (interesting at least for me).
I've lost 99% of my photos and videos taken in July on my phone (64 GB Memory model).
I know I know I should have implemented some sort of backups whatsoever in the cloud or with a home NAS, but unfortunately for me I'm not that kind of guy. The Android built-in backup is also disabled.
What has really happened here I think that probably somehow my daughter has grabbed my phone and has played with it and has deleted about hundreds of photos and videos taken in July. Of her mainly! Never underestimate the damage capabilities of a toddler.
In the meanwhile I've taken lots of photos in August and used a phone a lot and also got the OTA update to Oxygen 4.1.7 / Android 7.1.1
Now I have found that most of July media files are missing!!!!
At the moment there are 25 GB used out of the whole 54 in the Internal Archive Memory as it seen on the Phone Setup.
I have bought DiskDigger Pro for Android but somehow it cannot find the right files all it finds are Whatsapp Images and other files. Does not really find the missing files which I suspect have been somehow deleted.
I think it needs root privileged to dig deeper but I don't understand why, in theory the files should be recoverable on the same partition as the DCIM folder. To my understanding the files should be marked as "deleted" in the same partition as where the DCIM folder is. But there is also this TRIM mechanism on the newer phones flash memories that confuses me.
Q1) Can you please clarify why this and all other media files recovery programs which seem to be a bit serious need root to recover missing media files?
So given as assumption that I need to root, I've read here and there and it seems that sometime ago for OP One that was the possibility to root without unlocking the boot loader. But if I unlock somehow all the data will be wiped. And I fear this will make any further software base recovery method like diskdigger or photorec hopeless even with elevated root privileges.
Q2) Can you confirm that I cannot root without unlocking the bootloader and therefore without wiping the device?
For your information I have also bought tonight a 100 USD root + files recovery package one oneclickroot but the agent promised to refund me after I told her the model of my phone (scary!).
Q3) I know a couple of things in Linux, do you think is it possible without root to create a raw image of the internal phone memory or the proper partitions with a tool such as "dd" ? Then I would process those raw images on a Windows or linux PC with file recovery software.
Q4) Do you think that the wiping caused by the bootloader unlocking will render any possible further diskdigger like solution without hope? Or should I go that way because the wiping is not so deep after all?
I don't know what to think, the fact that the phone is also encrypted makes me fear the worst. Maybe after the wiping it will get re-encrypted over.
Q5) Any advice in general before contacting kroll on track and pay thousands of dollar with the hope to recover?
Thanks a lot for any useful reply! I hope this topic will bring a definitive guide on how to recover files on unrooted oneplus 3t!
I can't answer all your questions here, however I can say with 100% confidence that you cannot root without unlocking bootloader. Some people claim of other methods, but keep away from them.
And there is nothing to be scared of when rooting OnePlus 3T if you follow the correct steps.
Are you sure that your daughter deleted those photos? How can she specifically delete photos taken in July? Do you have Google photos installed?
Aneejian said:
I can't answer all your questions here, however I can say with 100% confidence that you cannot root without unlocking bootloader. Some people claim of other methods, but keep away from them.
And there is nothing to be scared of when rooting OnePlus 3T if you follow the correct steps.
Are you sure that your daughter deleted those photos? How can she specifically delete photos taken in July? Do you have Google photos installed?
Click to expand...
Click to collapse
Thanks for your answer.
I'm not scared of rooting, as I have rooted other phones in the past. I'm ready to spend 1000USD and maybe even more to recover these media files and therefore I'm not really scared of rooting or bricking the device. What really scares me is that by
unlocking bootloader -> wiping -> rooting -> (new encryption of the filesystem ?)
I will render the deleted missing files completely unrecoverable.
I don't have google photos and I'm not 100% sure that my daughter has deleted the files. Maybe I've done a cut & paste which has not worked correctly on the phone as I've only 1 or 2 days of the beginning of July in my external hard drive. But it's more likely that my daughter has played with the gallery application on the phone.
I don't have a lock gesture or pin and my screen can be unlocked just by sliding, however it seems my phone is encrypted.
This encryption I don't know how it works and how it relates with the bootloader unlocking, if someone have more information I would be glad to hear.
And also I've done some more research and it seems impossible to perform a "dd" command of the partitions without first being superuser / root. ;-(
Regards,
Claudio
Did you try connecting your phone to the pc and use the programm recuva?
I managed to restore my files with it once
I can feel your pain of loosing those valuable moments of your daughter. I feel sorry that I can help you much with this.
In future, I suggest you to use Google photos which can automatically backup all your photos for free.
StarShoot97 said:
Did you try connecting your phone to the pc and use the programm recuva?
I managed to restore my files with it once
Click to expand...
Click to collapse
I don't think that recuva can do anything here. I am not allowed to past links here but as explained here
ht*ps://forums.androidcentral.com/ambassador-guides-tips-how-tos/500142-guide-recovering-deleted-files.html
and here
ht*ps://forum.xda-developers.com/galaxy-nexus/general/guide-internal-memory-data-recovery-yes-t1994705
Recuva can't do anything for internal memory.
But thanks for the hint!
Aneejian said:
I can feel your pain of loosing those valuable moments of your daughter. I feel sorry that I can help you much with this.
In future, I suggest you to use Google photos which can automatically backup all your photos for free.
Click to expand...
Click to collapse
One of the most affordable options I'm considering is this:
1) get another oneplus 3t
2) take some pictures and videos on it
3) delete those pictures and videos
4) root it
5) Install diskdigger to check if he can find anything after the wipe
I feel huge pain, my wife is also kindly pushing me. ^^
The problem ought to be that since this phone is force encrypted per default, unlocking the bootloader will destroy the encryption key for the previous installation won't it? Isn't that they point as to avoid anyone accessing your data by simply doing a factory restore and still keep the data in the internal storage. At least that's what I though, else where's the security of someone steals your phone.
Without that, any recovery software will just see rubbish when trying to recovery anything since it's encrypted.
pitrus- said:
The problem ought to be that since this phone is force encrypted per default, unlocking the bootloader will destroy the encryption key for the previous installation won't it? Isn't that they point as to avoid anyone accessing your data by simply doing a factory restore and still keep the data in the internal storage. At least that's what I though, else where's the security of someone steals your phone.
Without that, any recovery software will just see rubbish when trying to recovery anything since it's encrypted.
Click to expand...
Click to collapse
Thanks a lot, eventually some technical info on xda
If I lose my phone someone can use it and read everything because there is no lock, no pin, no gesture nothing. I would try a remote wipe via google android devices or something like that. Life is too short to unlock your phone every time you look at it even if it is via finger print!
This being said I've read year
ht*ps://source.android.com/security/encryption/full-disk
this paragraph among the others is not clear to me
Upon first boot, the device creates a randomly generated 128-bit master key and then hashes it with a default password and stored salt. The default password is: "default_password" However, the resultant hash is also signed through a TEE (such as TrustZone), which uses a hash of the signature to encrypt the master key.
You can find the default password defined in the Android Open Source Project cryptfs.c file.
When the user sets the PIN/pass or password on the device, only the 128-bit key is re-encrypted and stored. (ie. user PIN/pass/pattern changes do NOT cause re-encryption of userdata.) Note that managed device may be subject to PIN, pattern, or password restrictions.
Does this paragraph give me hope or not?
Thanks a lot for your interest! Sleepless nights go on here.
lallissimo said:
I know I know I should have implemented some sort of backups whatsoever in the cloud or with a home NAS, but unfortunately for me I'm not that kind of guy.
Click to expand...
Click to collapse
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
---------- Post added at 10:53 AM ---------- Previous post was at 10:46 AM ----------
lallissimo said:
I'm not really scared of rooting or bricking the device. What really scares me is that by
unlocking bootloader -> wiping -> rooting -> (new encryption of the filesystem ?)
I will render the deleted missing files completely unrecoverable.
I don't have a lock gesture or pin and my screen can be unlocked just by sliding, however it seems my phone is encrypted.
This encryption I don't know how it works and how it relates with the bootloader unlocking, if someone have more information I would be glad to hear.
Click to expand...
Click to collapse
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
lallissimo said:
I'm not 100% sure that my daughter has deleted the files. Maybe I've done a cut & paste which has not worked correctly on the phone as I've only 1 or 2 days of the beginning of July in my external hard drive. But it's more likely that my daughter has played with the gallery application on the phone.
Click to expand...
Click to collapse
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
redpoint73 said:
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
Click to expand...
Click to collapse
Thank you for the interest in my thread I really appreciate it.
I know a things or two about backups and I see your point. There is an ancient Chinese proverb saying something like this: Backup is that thing that should have done before.
However, being on xda I'd like to keep the discussion on a technical level if possible.
If you have any information or links on the way the internal memory is managed at physical level I'd like to discuss about it. As far as I know in order to extend the duration of this solid state memories the system makes his best to write on the blocks the least possible. I don't think I have already overwritten all the blocks of the internal memory. We'll see.
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
Click to expand...
Click to collapse
I'm almost sure that the wiping does not scrape the memory with all 0 and 1. That would take really a lot of time and also that would reduce the duration of the memory.
Take a look here for example
h*tps://www.krollontrack.co.uk/blog//top-tips/what-you-need-to-know-about-androids-factory-reset-function/
so my real enemy here is encryption.
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
Click to expand...
Click to collapse
You could be right, still I need to be root to dig deeper.
lallissimo said:
I'm almost sure that the wiping does not scrape the memory with all 0 and 1. That would take really a lot of time and also that would reduce the duration of the memory.
Take a look here for example
h*tps://www.krollontrack.co.uk/blog//top-tips/what-you-need-to-know-about-androids-factory-reset-function/
so my real enemy here is encryption.
Click to expand...
Click to collapse
This is just wishful thinking. That article sounds really paranoid to me. Whatever method the system is using to "scramble" the data is going to put it out of the realm of the cheap, consumer data retrieval tools (as you've pretty much already experienced). The article states:
A recovery is possible by looking at the data structures from a low-level and using specialist tools to recreate the data into a useable format
We aren't talking about free or $5 Android apps here. We're probably talking about specialist software that costs thousands of dollars. Yes, technically data is almost always retrievable. Law enforcement has tools that can retrieve "ghost" data images even after being overwritten multiple times. But such tools are feasible for consumers from a cost/benefit standpoint.
redpoint73 said:
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
---------- Post added at 10:53 AM ---------- Previous post was at 10:46 AM ----------
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
Click to expand...
Click to collapse
redpoint73 said:
This is just wishful thinking. That article sounds really paranoid to me. Whatever method the system is using to "scramble" the data is going to put it out of the realm of the cheap, consumer data retrieval tools (as you've pretty much already experienced). The article states:
A recovery is possible by looking at the data structures from a low-level and using specialist tools to recreate the data into a useable format
We aren't talking about free or $5 Android apps here. We're probably talking about specialist software that costs thousands of dollars. Yes, technically data is almost always retrievable. Law enforcement has tools that can retrieve "ghost" data images even after being overwritten multiple times. But such tools are feasible for consumers from a cost/benefit standpoint.
Click to expand...
Click to collapse
If someone has more technical information about the encryption part I'll gladly look at it.
As far as wiping is concerned I have given a quick look at the source code, so for example here:
https://www.pentestpartners.com/sec...ta-from-wiped-android-devices-a-how-to-guide/
and if this is still what's inside my android phone I'm sure that mkfs.ext4 is nothing to fear when you need to recover data.
Problem for me is encryption, but yest I'm considering expensive solutions too. Just for the sake of the technical satisfaction, of course.
So need a little help. I have an identified attacker on my phone who has injected spyware which is actively listening to all conversations, reading messages in real time, has access to all apps and full access to the phone. Essentially its an illegal wire tap thats able to view and listen to what i am doing. My question is this, can i clone my phone with all the data on to a thumb drive? Reason i have to turn over the phone to the local police for forensic examination and id rather just give a copy then my personal phone. 2. Is there a way to isolate the program to stop the massive leak without totally wiping my phone? Thanks for your help, I know this is an odd question and a little off the norm any help is deeply appreciated.
Nuke it now.
Change Google and all account passwords after reloaded.
In the future be careful what you install and download or you'll be doing this again!
blackhawk said:
Nuke it now.
Change Google and all account passwords after reloaded.
In the future be careful what you install and download or you'll be doing this again!
Click to expand...
Click to collapse
cant i have to give the information to the police here, long story but the person who did the attack is involved in criminal activities im witness to and my phones going to be evidence. so i need all of the data on my phone to be transfered either to another device or to a thumb drive , after that i can nuke the phone
Kjharahuc said:
cant i have to give the information to the police here, long story but the person who did the attack is involved in criminal activities im witness to and my phones going to be evidence. so i need all of the data on my phone to be transfered either to another device or to a thumb drive , after that i can nuke the phone
Click to expand...
Click to collapse
Well take it offline and backup the data. It should already be backed up though.
That data may have been tainted too.
Your biggest issue is you don't know how or by what it was infected.
Keep the phone completely disconnected from the carrier/internet until it's reloaded.
At this point it is a 100% liability.
blackhawk said:
Well take it offline and backup the data. It should already be backed up though.
That data may have been tainted too.
Your biggest issue is you don't know how or by what it was infected.
Keep the phone completely disconnected from the carrier/internet until it's reloaded.
At this point it is a 100% liability.
Click to expand...
Click to collapse
absolutly 100% agree, i cannot use the twrp backup since the phone has another user on it. I get an error due to the inability to decrypt the data. So im hoping imiging the phone over to a SSD that i can then turn into the police will be effective enough. I was able to identify several folders that are not mine or have anything to do with the apps on my phone so they should be able to do the same. To bad there isnt a way to tunnel back through and gain access on the other side of the leak.
The only things I be concerned with be securing the data, accounts and getting it operational.
I be done with it in under a day.
blackhawk said:
The only things I be concerned with be securing the data, accounts and getting it operational.
I be done with it in under a day.
Click to expand...
Click to collapse
Im just waiting for the SSD to arrive to transfer all the data the accounts have already been secured on another device
Don't transfer to another Android platform...
Verify the data is readable and all there.
I've wiped the os a total of 6 times and putting the phone into hard brick once it still is leaking and I can't stop it