** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **
Requirements:
Flashtool 0.9.15.0
Rooted SGP311 (on any Android version up to and including 4.4.2) with custom recovery installed.
If you do not meet these conditions, for example, if you are on an unrooted system, here is a guide to get you on a rooted 4.1.2 with recovery:
http://forum.xda-developers.com/showpost.php?p=53063218&postcount=14
This works on locked or unlocked bootloaders. This also works on any customization.
The procedure should work with any pre-rooted Android version but I started with 10.1.C.0.370 (4.1.2) which was rooted with DooMLoRD_Easy-Rooting-Toolkit_v17, patched with remountrebootfix, and equipped with XZDualRecovery.
Limitations:
This process can delete the files on your internal SDcard so back them up. Also, you will have to reinstall all your apps, as they get erased too.
Download link:
Mega
https://mega.co.nz/#F!UkshjY6A!HIW7xGf1E1oa04e0N3b1OA
You only need the zip and ftf files. The txt file is just the checksum if you want to verify that your download is error-free. I strongly recommend that you do the checksum before flashing.
Instructions:
1- Backup before you start messing with your tablet!
2- Put system.flashable.zip in /sdcard of your tablet.
3- Keep SGP311_10.4.1.B.0.109_R2C_VMo_US_CA_PR_NoSystem.ftf on your PC.
4- Disconnect any USB cable that may be attached to your tablet.
5- Reboot to recovery. Preferably to TWRP, but you can make CWM work too.
6- Do not wipe anything.
7- Once in recovery, flash system.flashable.zip.
8- It is important to NOT REBOOT the tablet after this step.
9- Find and use the Power Off option in the recovery and turn your tablet off. In CWM based PhilZ Touch it is under "Power Options" -> "Power Off". In TWRP it is under "Reboot" -> "Power Off". If you see your tablet rebooting, force it to turn off by pushing the power and volume up keys simultaneously (or however else you can!)
10- Open Flashtool 0.9.15.0 and click on the flash icon. Choose flash mode.
11- Navigate to where you have saved SGP311_10.4.1.B.0.109_R2C_VMo_US_CA_PR_NoSystem.ftf and flash this ftf with your tablet in flash mode. To put your tablet in flash mode, hold the volume down button when it is off and connect with the USB cable to the PC.
12- Reboot and enjoy!
Credits:
I only put the files together. All the credit should go to XDA's [NUT] and DooMLoRD and many others...
I had a few requests from people who upgraded to 4.4 and were not happy with the speed. So I made these file in case you want to downgrade to rooted 4.3.
Enjoy.
Downloading now. Thanks!
hi njajoor
thanks to your guides i was able to flash in quick an easy way all the procedure was smooth.
may i kinow how did you tewk your rooted 4.3 rom or which settings do you recommend to improve the performance of the tab Z?
many thanks again
mame3876 said:
hi njajoor
thanks to your guides i was able to flash in quick an easy way all the procedure was smooth.
may i kinow how did you tewk your rooted 4.3 rom or which settings do you recommend to improve the performance of the tab Z?
many thanks again
Click to expand...
Click to collapse
This is what I do normally, but you may want to change it for you specific needs:
1- In settings:
Wifi, menu, advanced, network notification unchecked; Keep wifi on never; wifi optimization checked
NFC off
Sound, touch sound off; screen lock sound off
Display, sleep after 30 seconds, double tap to wake up checked, brightness set to lowest
Power management, stamina mode on
Keyboard, sounds feedback, sound on key press unchecked
Accounts, email: set sync frequency to 1 hour; Skype: sync off
2- install adaway
3- use titanium backup pro or apps tab in settings to freeze/disable:
Crackle and Netflix (unless you use them)
Anything with the word or logo of Facebook or twitter or social engine in it. You are better off using the browser for these.
If you use both email and Gmail apps, disable Gmail and set it up in email app.
All Google play apps except store and Services
Google plus and hangout
McAfee, reader by Sony, let's start psm, video unlimited, wisepilot
Mobile date, mobile network, sim lock, and sim toolkit (sgp311 doesn't have mobile data)
PO Box touch and Xperia Chinese keyboard (this may significantly reduce your keyboard flickering if not entirely eliminate it)
4- I install greenify, wakelock detector and juice defender on my other Android devices but I've come to believe Sony's stamina does an excellent job and none of that is necessary.
5- Turn gps on only when you use it
6- Remove active widgets from your home screen. I only have the clock and the weather left. If you want to keep the widgets put them on a separate display than the ones you keep your commonly used icons in.
With these settings mine is smooth as butter. I hope yours will be too.
Given the situation that I needed to unlock bootloader and install TWRP inorder to be able to do full image backup (i.e. Nandroid), I have been wondering what are the underlying security issues to be faced after unlocking and installing TWRP (without moving onto root) in a specific situation where the device is lost or stolen?
Lets say if I am on stock OOS with encryption enabled + Fingerprint and password/pin set on lock screen + USB debugging disabled + locked bootloader + stock recovery, in the unfortunate event where my device were to get lost or stolen, I can expect my personal data to be safe from prying eyes since the person who has gotten a hold of my phone will have to do a factory reset to get into the phone or unlock bootloader which all meant my personal data will be wipe. So that's a good outcome in an unfortunate one.
But let's say if now I were to (i) unlock my bootloader and (ii) install TWRP (but retaining it as read only without system modification), (iii) restore all app, data and settings, and go on to (iv) perform a nandroid backup. And after that, proceed to (v) disable USB debugging and (vi) re-enable encryption and (vii) set fingerprint and password on lock screen. And I shall stopped there without rooting or flashing dm verity. Can I still expect my personal data to be safe from prying eyes in the event of lost or stolen? Meaning that whoever gets a hold of my device will likewise need to wipe it clean before he/she is able to use it? Is this the case or can the person access my data using some hacks now that the device runs custom recovery?
An interesting guide I had came across contained various means of accessing personal data (read - https://forum.xda-developers.com/showthread.php?t=2620456) by bypassing android password, patterns, etc set on the locked screen, and some methods required USB debugging to be enabled while some required custom recovery installed.
To be sure if I am still able to protect my personal data when device is stolen/lost with an unlocked/TWRP installed device, my curiosity took me on an investigative path using an old Samsung Note 3 to unlock bootloader and install TWRP, then proceed to enable encryption and disable USB debugging and set lockscreen password. And now for the next couple of days where I can find free time, I will try out all 7 methods to see if an unlocked Note3 with TWRP is susceptible to these security compromise. I will come back to this thread later to update my findings.
I really welcome any information or inputs too!
To summarize, the state of my old Note 3 used in this investigation is as follows:
1) Bootloader unlocked
2) TWRP (3.0.2) installed as "read only" without system modification
3) ROM (CM13) encryption enabled
4) Locked screen password set
5) Device not rooted
6) USB debugging disabled
When I boot into TWRP, I realized that even if I set it to read only, any person who has gotten hold of my device can set it to system modification since TWRP is not password or pin protected. Therefore setting to "read only" is sort of irrelevant in this investigation to find out how vulnerable the device is right now.
The second thing I realized, is TWRP will ask me for android password to mount my internal sdcard since my ROM is encryption enabled. This is a good thing, since in this case TWRP internal file manager will not be able to access my device internal sdcard containing some of my personal data.
The 1st method I tried is:
METHOD I
Solution For Everyone With Recovery (Cwm, Twrp, Xrec,Etc...) Installed:
INSTRUCTIONS:
1. Download this zip Pattern Password Disable (Download from attachments) on to your sdcard (using your PC, as you cant get into your phone, right )
2. Insert the sdcard into your phone
3. Reboot into recovery mode
4. Flash the zip
5. Reboot
6. Done!
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
The steps I took:
A) Set TWRP to system modification
B) When TWRP asked me for password to mount partition, I choose "cancel" since I am trying to imitate the person who has gotten hold of my device won't be able to guess my password
C) Flashed the pattern password disable zip file
And voila!... my password on locked screen is still intact. Meaning that entering any random password does not gain access into android. Only the original password can.
Good news certainly. Don't know why this hack doesn't work, probably it is outdated or probably due to my system is still encrypted when I flashed the hack zip file.
As to the 2nd method, I didn't try out as I don't know how to use Cygwin...
METHOD 2
Solution For Everyone Without Recovery Installed - ADB :
What You Need:
=>A computer running a Linux distro or Windows+Cygwin
=>USB cable to connect your phone to the PC
=>Adb installed
How to install adb:
1. Open Terminal
2. Type:
Code:
sudo apt-get install android-tools-adb
Hit [Enter]
3. Follow the instructions until everything is installed.
INSTRUCTIONS:
1. Connect you (turned on) Phone to the Computer via USB.
2. Open a terminal window.
3. Type:
Code:
adb devices
adb shell
cd data/system
su
rm *.key
4. Done...Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 3 is irrelevant to this investigation therefore it has been omitted.
METHOD 3
Solution For Everyone Before Lock Accident :
SMS Bypass - Download Link - Install It On Your Device (Download from attachments)
This App Allows You To Remotely Bypass Your Phone's Screen Lock By Sending A SMS.
It Removes Your Gesture Pattern Or Password After Receiving A Preset Keyword Along With A Secret Code Via SMS.
SMS Bypass App Requires Root.
INSTRUCTIONS:
1.First, make sure you give permanent root access to the app.
2.Change the secret code to your preferred choice. The default password is : 1234
3.To reset your screen lock, send the following message from another phone:
Code:
secret_code reset
Example:
Code:
1234 reset
Note 1 : There is a space between your secret code and reset. Also the secret code is case sensitive.
Note 2 : There is an option available to change the preset keyword. Default is : reset - Your phone will restart and your lock screen will be reset.
Note 3 : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Given that method 5 is in fact similar to method 2 therefore it has been omitted as well.
METHOD 5
Solution For Everyone Via Adb - File Removal :
INSTRUCTIONS:
=>Type This Command In Your Terminal (CMD Prompt) :
Code:
adb shell rm /data/system/gesture.key
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
Method 6 will not work since that hack required USB debugging to be enabled.
METHOD 6
Solution For Everyone With USB Debugging Enabled :
INSTRUCTIONS:
Primary Step for all method:
Download & Extract to anywhere - Bypass Security Hack (Download from attachments)
Open SQLite Database Browser 2.0.exe in SQLite Database Browser.
Run pull settings.db.cmd inside By-pass security Hacks folder to pull out the setting file out of your phone.
Drag settings.db and drop to SQLite Database Browser 2.0.exe program.
Navigate to Browse data tab, At table there, click to list down the selection & selete secure
Instruction To Remove Pattern Lock:
Now, find lock_pattern_autolock, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove PIN Lock:
Now, Find Or Create lockscreen.password_type, double-click & change it's value to 65536, Apply changes!
Now, find lock_pattern_autolock, Delete Record, If doesn't exist, Ignore
Close & save database
Run push settings.db.cmd and reboot your phone
Instruction To Remove Password Lock:
Now, find lockscreen.password_salt, Delete Record
Now, find lockscreen.password_type, Delete Record
Close & save database
Run push settings.db.cmd and reboot your phone
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
I then tried out method 7 using the Aroma file manager however all these 3 versions (Version 2.00 [BETA1]- KACAPI, aromafm-1.91, and aromafm-1.90) does not open up after flashing the zip with system modification enabled on TWRP. Mostly likely these outdated versions of the Aroma file manager are not supported by the latest version of TWRP (3.0.2) since the developers have ceased all work related to it.
METHOD 7
Solution For Everyone With Recovery Installed :
INSTRUCTIONS:
1.Download and Copy Aroma File manager.zip (Download from attachments or http://forum.xda-developers.com/show....php?t=1646108) to your memory card.
2. Open your recovery (press volume Down + Power button or it can be different according to the phones. Generally the phones who have press able button on the middle they have to press all three buttons. Google for you pattern there are lots)
3. There’ll b an option in recovery called “mount”. Go in that option and then mount all the cache and everything it is there.
4. Then select “update” and select “apply update from SD/external” and select aroma file manger.zip file that you downloaded using above QR code above.
5. After Flashing or updating, the aroma file manger will open. Use volume keys for up/down and power button 2 select like you use to get into recovery.
6. In aroma File manager , Go to menu , which is located in bottom strip and then select Settings.
7. Go to bottom n select “mount all partition in startup ” then exit from aroma file manger.
8. Now after exit , re-update that aroma file again and it will open again.
9. Go to data >> and then System.
Then find ‘gesture.key’ (for pattern lock) and ’password.key’ (for password lock) then long touch on gesture.key or password.key and sum option will be prompted , choose delete and delete that file and restart.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
And now onto the last method which is method 4 using SQL command. After starting adb daemon, adb devices are not found and hence the following steps could not be taken. I think this could be due to the device having USB debugging disabled. Hmmm...
METHOD 4
Solution For Everyone Via Adb - SQL Command :
INSTRUCTIONS:
=>Type This Commands Separated In Your Terminal (CMD Prompt) :
Code:
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit
=>Now You Just Have To Reboot.
Note : If You See The Gesture Pattern Grid Or Password After Restarting, Don't Worry. Just Try Any Random Pattern Or Password And it Should Unlock.
After going through all these methods, I am inclined to think that personal data is still protected in an unlocked/TWRP installed device as long as USB debugging is DISABLED and ROM is encrypted and fingerprint/password set on lock screen. What do you think?
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
Click to expand...
Click to collapse
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
+ with the unlocked bootloader, FRP is not working, so a thief can just reset your phone and sell it.
If your data security is a huge concern to you, DO NOT unlock the bootloader.
If you are a potential target to a hacker attacks, DO NOT use a OnePlus phone. Get a Nexus 6P or a Pixel.
Also make sure, that your apps are not leaking your data. Apps with a storage permission and access to the internet could leak your data.
Click to expand...
Click to collapse
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
The main security risk is that it allows anyone to flash something harmful without you knowing on to your system. Your data may be encrypted and protected but they can still flash something onto another partition.
You could be happily using your phone unaware there's a rogue app capturing and sending data to someone.
Zegnalabel said:
Many thanks for your response! This is very useful information to me.
Am I right to assume that even if my device is unlocked but with encryption enabled and no root, the person who has gotten hold of my phone will still be able to flash "dm-verity and forced encryption disabler" zip and supersu zip files to root my device in TWRP even when he fails to enter the password prompted by TWRP?
And this force encryption disabler as the name suggest only disable force encryption and it does not decrypt my already encrypted personal data? Which means he still does not have access to my data and after he had done the system modification and returns the phone back to me, the first thing I should do is to wipe clean every partition and restore back my nandroid which would consist of backups to all partitions. So it seems this is an acceptable risk all for the convenience of performing nandroid backup via the unlock/TWRP route.
Very good point here. May I ask in what ways are Nexus 6P and Pixel more secure than Oneplus? Pixel seemed quite an attractive phone.
I am on OOS 3.5.3, is there anyway to find out what apps have access to internet and restrict that?
The app permission section of settings only allows changing permission to storage (among others) but I couldn't find any internet access permission.
Click to expand...
Click to collapse
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Michalko5896 said:
Your data is safe, it can't be decrypted, even with an unlocked bootloader And yes, if you wipe every partition, lock the bootloader and got no dm-verity error, after your stolen phone was returned to you, you should be safe.
Both Nexus 6P and Pixel are much safer than OnePlus, because they are getting a complete security patches every month. OnePlus is getting an imcomplete security patches and much later after their release.
You can limit access to internet via app settings. Open "about app", data usage and there you can turn off both access to wifi and mobile data.
Upgrade to OOS 4.0, it cointains important security patches and enhancements.
Click to expand...
Click to collapse
Thank you so much! Found the data usage setting and updated to 4.0. :laugh:
Michalko5896 said:
As long as your data is encrypted, it is safe and not accessible to any 3rd party.
But with an unlocked bootloader, you are open to a new forms of attacks like:
1. someone could steal your phone, modify your system to leak your data / password and then return it to you. Since dm-verity is OFF, you will not know, that your system is compromised.
2. someone could use a remote exploits (to launch his code and gain root privileges) to modify your system and leak your data / password and since dm-verity is OFF, you will not know, that your system is compromised.
...
Click to expand...
Click to collapse
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
xclub_101 said:
Quick question, does the latest systemless SuperSU still leave dm-verity OFF ? It was my understanding that using it you don't need to flash the dm-verity-OFF script, is that true?
Click to expand...
Click to collapse
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Michalko5896 said:
For root, you need to unlock the bootloader. And with the bootloader unlocked, dm-verity is not working and thus attacker could modify your system.
Click to expand...
Click to collapse
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
xclub_101 said:
The bootloader being locked/unlocked should have little to do (directly) with dm-verity, dm-verity is only hash-checking the system partition.
That being said after some checking various detailed threads from Chainfire apparently SuperSU is still removing the dm-verity on the system partition since other than rooting in itself most rooted people also tend to touch the system partition with stuff like busybox and so on, so I guess this is it.
Click to expand...
Click to collapse
well, google is stating, that unlocking bootloader will turn off the dm-verity.
This is an interesting discussion- I have a Nexus 5X, but I use a custom configuration:
1) locked bootloader
2) verity turned on for the system partition so that I can check the key fingerprint and verify integrity.
3) customized cm recovery - I installed my adb keys so I can connect to it. I also changed the signing keys, so I have to sign any roms that get flashed.
4) encrypted userdata with pattern protection. I think a password would be stronger, but I'm using a larger, complex pattern. Fingerprint unlock is turned on, which has its own attack surface.
I think the fingerprint sensor is the biggest risk. This is mitigated at reboot since the pattern will be required. If I built the recovery properly, the only way to flash anything would be to have access to my signing keys or adb keys. Of course, this is all still vulnerable to any unpatched exploits.
My OP3T has OOs 4.0.3 and I have set it up with fingerprint lock. However when I go into TWRP recovery and connect the phone I can see all the internal storage contents. Does this mean that the phone is un-encrypted?
I want to keep the contents safe so that no one can access them in case it is lost. Not even in recovery mode. Does TWRP also recognize fingerprints?
Should I encrypt the phone? Is it safe / recommended? Would it slow down the phone?
What is the best solution?
Are there any tracking features or apps which can be used in case the phone is lost?
You can check if your phone is encrypted by going into Settings > Security > (scroll to bottom of page).
The phone is encrypted out of the box and will remain so unless you format your /data partition after rooting.
The fingerprint itself is not the encryption key, the key is generated by the OS. While TWRP can find your encryption key and use it to access certain parts of your internal storage that it needs to function, it cannot mount User Storage (/data/media) and retrieve data other than zips/imgs.
TWRP itself cannot access user data, but ADB can. You can turn off USB debugging to prevent someone from pulling data.
Encryption is definitely useful if you want to keep your data safe, though it really depends on individual usage. I personally don't keep any important data on my phone and like to keep it decrypted. By decrypting, you experience fewer problems when flashing different ROMs. The phone also boots a bit faster as you don't have to decrypt each time.
There are services that you can use to track and remote access lost phones. Check out Cerberus Anti Theft, which has some unique features such as being able to install as a system app to avoid deletion via factory reset. For basic tracking, Google actually had built in tracking. As long as your phone is on and has network access, you can use Google Device Manager to locate your phone. You also have the option to remotely lock and erase your phone if needed, though keep in mind that this requires internet access. Services such as Cerberus allows you to send commands to your phone through texts and other means even when data is disabled.
Anova's Origin said:
You can check if your phone is encrypted by going into Settings > Security > (scroll to bottom of page).
The phone is encrypted out of the box and will remain so unless you format your /data partition after rooting.
The fingerprint itself is not the encryption key, the key is generated by the OS. While TWRP can find your encryption key and use it to access certain parts of your internal storage that it needs to function, it cannot mount User Storage (/data/media) and retrieve data other than zips/imgs.
TWRP itself cannot access user data, but ADB can. You can turn off USB debugging to prevent someone from pulling data.
Encryption is definitely useful if you want to keep your data safe, though it really depends on individual usage. I personally don't keep any important data on my phone and like to keep it decrypted. By decrypting, you experience fewer problems when flashing different ROMs. The phone also boots a bit faster as you don't have to decrypt each time.
There are services that you can use to track and remote access lost phones. Check out Cerberus Anti Theft, which has some unique features such as being able to install as a system app to avoid deletion via factory reset. For basic tracking, Google actually had built in tracking. As long as your phone is on and has network access, you can use Google Device Manager to locate your phone. You also have the option to remotely lock and erase your phone if needed, though keep in mind that this requires internet access. Services such as Cerberus allows you to send commands to your phone through texts and other means even when data is disabled.
Click to expand...
Click to collapse
When I go to Settings > Security > Encrypt it has a button to start the encryption so I guess that the phone is not encrypted. I also am not keeping very important data on the phone. However just in case it is lost I don't want people to see my Contacts, WhatsApp messages, photos etc. Will encryption encrypt all of these? If I press Encrypt, will it retain the data or should I take a backup first? If I encrypt the phone and have a fingerprint lock, does it mean that no one else can access my data? Not even through TWRP? How will I know the encryption key? Once encrypted, can I update the phone?
Thanks for the advice on Cerberus, If there are any other suggestions, I would like to know.
Encrypting the phone will not erase any data, just click the button and it does so automatically. You can't see the actual encryption key, it's maintained by the OS. I believe that if you set a password in addition to your fingerprint, TWRP may ask for the password on boot. I'm not too sure how this works exactly, there'll likely be more accurate sources online somewhere.
Encryption will encrypt all user data, including photos and most appdata. TWRP doesn't have access to user data by design, that's why nandroids can't backup Storage. TWRP itself also cannot see or access any user data in its built-in file explorer.
Keep in mind that while encryption works well, nothing is perfect. You never know when someone will find another exploit, especially if you leave your bootloader unlocked and modify your phone with root/custom ROMS/recoveries/etc.
As for Cerberus alternatives, I've got no idea. I've never really looked into these services and only know about Cerberus due to its popularity.
Hi, I'm having issues while syncing my Google account during the Setup Wizard's process, after choosing to restore data from a previous backup.
What happens?
(Tried several times on ArrowOS 12.1 20220808 and on crDroid 8.7 20220801 with either NikGapps 20220709):
- I connect to any type of network (both mobile data and Wi-Fi give the same result);
- the setup wizard asks to "Copy apps & data", but I "can't use old device";
- I apparently successfully log in to my account by solving the 2FA;
- I enter the PIN of the old backup and I choose what to restore everything already selected (Apps, Contacts, SMS and MMS messages, Device Settings and Call History);
- the setup wizard shows the agreement screen where you can toggle stuff (Location and Device maintenance) for a second with a disclaimer explaining how data is used;
- THE WHOLE SCREEN DISAPPEARS;
- a new "loading, please wait" screen appears for less then second;
- the agreement screen shows up again (without the how-data-is-used disclaimer), letting me toggling stuff (but there's no "Back up to Google Drive" option);
- completing the setup wizard, I have to log in again as it looks like the device has never had a Google account linked (even though there's a notification saying it's restoring apps and related data, but it's stuck on 0 over X apps to install);
- logging in again lets me restore apps data but not device settings and it also lets me choose to back up to Google Drive;
What doesn't solve this problem?
- changing ROM version
- factory resetting the phone or any sort of clean flash
How did this problem came up?
I flashed ArrowOS vanilla over the GApps build for error, then I dirty flashed the GApps build and some errors came up, therefore I clean flashed and started having issues.
I have no clue on how to solve this and on why this happens either, and I found no one facing the same issue on the net. I don't think it's a ROM-related issue (since changing ROM doesn't solve the problem), this is why I'm asking here.
How can I solve this?
Can you use another device to login to your google account via a web browser and check there is a backup in existence ?
dst212 said:
Hi, I'm having issues while syncing my Google account during the Setup Wizard's process, after choosing to restore data from a previous backup.
What happens?
(Tried several times on ArrowOS 12.1 20220808 and on crDroid 8.7 20220801 with either NikGapps 20220709):
- I connect to any type of network (both mobile data and Wi-Fi give the same result);
- the setup wizard asks to "Copy apps & data", but I "can't use old device";
- I apparently successfully log in to my account by solving the 2FA;
- I enter the PIN of the old backup and I choose what to restore everything already selected (Apps, Contacts, SMS and MMS messages, Device Settings and Call History);
- the setup wizard shows the agreement screen where you can toggle stuff (Location and Device maintenance) for a second with a disclaimer explaining how data is used;
- THE WHOLE SCREEN DISAPPEARS;
- a new "loading, please wait" screen appears for less then second;
- the agreement screen shows up again (without the how-data-is-used disclaimer), letting me toggling stuff (but there's no "Back up to Google Drive" option);
- completing the setup wizard, I have to log in again as it looks like the device has never had a Google account linked (even though there's a notification saying it's restoring apps and related data, but it's stuck on 0 over X apps to install);
- logging in again lets me restore apps data but not device settings and it also lets me choose to back up to Google Drive;
What doesn't solve this problem?
- changing ROM version
- factory resetting the phone or any sort of clean flash
How did this problem came up?
I flashed ArrowOS vanilla over the GApps build for error, then I dirty flashed the GApps build and some errors came up, therefore I clean flashed and started having issues.
I have no clue on how to solve this and on why this happens either, and I found no one facing the same issue on the net. I don't think it's a ROM-related issue (since changing ROM doesn't solve the problem), this is why I'm asking here.
How can I solve this?
Click to expand...
Click to collapse
hello mate
could you solve it? something similar is happening to me
diegots said:
hello mate
could you solve it? something similar is happening to me
Click to expand...
Click to collapse
Hi there. Now I'm running a different ROM, tho, PixelOS. I just clean flashed it. Also, it might be the old backup that caused the problem with those ROMs, while the newer backup I used (created on ArrowOS) didn't cause any.