I would like to purchase a Nexus 6 (US Version) and I've seen a few for sale that claim to be google email account locked.
The reason usually given the "owner" forgot their password and can't reset it.
I was thinking a factory image restore would clear everything and un lock the phone.
Not sure if this would work, if someone could confirm either way, I would appreciate it.
Is there a way to bypass the google account lock?
Thank you!
There is no bypass method known..do not buy it.
danarama said:
There is no bypass method known..do not buy it.
Click to expand...
Click to collapse
Is there anywhere that I can learn how this account lock works?
I am legitimately trying to get a nexus 6 cheap then use it as my personal phone, not intending on hacking into someones, I could care less if all data on the phone is lost.
I was thinking if I wiped the system and data partitions it would undo the software lock. Or is this Google Account Lock more than just software rooted?
xNotta said:
Is there anywhere that I can learn how this account lock works?
I am legitimately trying to get a nexus 6 cheap then use it as my personal phone, not intending on hacking into someones, I could care less if all data on the phone is lost.
I was thinking if I wiped the system and data partitions it would undo the software lock. Or is this Google Account Lock more than just software rooted?
Click to expand...
Click to collapse
The information has not been released into the public domain. We don't know how it works. It's most likely stored on one of the many partitions that we don't have access to, but we don't know that. All we know is that we haven't found a fix. Flashing system images doesn't help.
danarama said:
The information has not been released into the public domain. We don't know how it works. It's most likely stored on one of the many partitions that we don't have access to, but we don't know that. All we know is that we haven't found a fix. Flashing system images doesn't help.
Click to expand...
Click to collapse
That's exactly the info I was looking for. Thank you for saving me a few $!
Guess I'll put that twords a Nexus 5.
https://www.youtube.com/watch?v=5ySekEg-I8g That guy claims to be able to do it.... for a fee.
Why'd Google have to go all iCloud lock on us?
xNotta said:
https://www.youtube.com/watch?v=5ySekEg-I8g That guy claims to be able to do it.... for a fee.
Click to expand...
Click to collapse
It's your risk. One random guy here reckons he managed to get it bypassed at a mobile phone repair shop, but he couldn't give us any information towards how that was achieved. We take it with a pinch of salt.
It's Just anti theft which imo is a great feature to have
Sent from my Nexus 6 using Tapatalk
It's meant as a security feature to deter phone theft, whoever said they were able to work around it was lying, the only way to get past that screen is to input the correct password of the google account, factory reset and flashing google images do not get rid of the lock. If the person that had it before removed his/her account before wiping the device than that screen would not show. Now if the person truly forgot their google account pass, they could easily reset their password if they are really the original owners of the phone provided they have another email/number for google to send the verification info, my opinion is the seller either found or stole the phone and is looking to make a buck on someone unsuspecting, because they cant use it themselves.
bigjack216 said:
It's Just anti theft which imo is a great feature to have
Sent from my Nexus 6 using Tapatalk
Click to expand...
Click to collapse
It is, but what it should do when you're factory resetting, is remind you to remove your google account first if you are selling it.
---------- Post added at 07:20 PM ---------- Previous post was at 07:16 PM ----------
djkinetic said:
It's meant as a security feature to deter phone theft, whoever said they were able to work around it was lying, the only way to get past that screen is to input the correct password of the google account, factory reset and flashing google images do not get rid of the lock. If the person that had it before removed his/her account before wiping the device than that screen would not show. Now if the person truly forgot their google account pass, they could easily reset their password if they are really the original owners of the phone provided they have another email/number for google to send the verification info, my opinion is the seller either found or stole the phone and is looking to make a buck on someone unsuspecting, because they cant use it themselves.
Click to expand...
Click to collapse
No way to tell the back story of the phone. This anti-theft measure came in without warning, so people who updated and then wiped it without knowing they needed to remove the account first, could easily have sold it and it not been tested by the buyer for this as they didn't know. There could easily be a legitimate story behind it.
That said, no one should buy these devices anyway, for their own sake and the fact that they *may* be stolen.
Also, as unlikely as we believe it to be that someone managed to get it bypassed at a mobile phone repair store, doesn't mean it isn't true. Just because we don't know a way around it, doesn't mean someone else can't - though that is besides the point
xNotta said:
That's exactly the info I was looking for. Thank you for saving me a few $!
Guess I'll put that twords a Nexus 5.
https://www.youtube.com/watch?v=5ySekEg-I8g That guy claims to be able to do it.... for a fee.
Why'd Google have to go all iCloud lock on us?
Click to expand...
Click to collapse
it was a bug in 5.1, where you would enter radom digits.. buts its been long fixed, and only worked if the person set a password.
you should be able to bypass this by flashing back to stock and using the no-encrypt kernel from Wugfresh's toolkit.
The google account lock is just because encryption is active and someone did a factory reset on it while it was encrypted.
Source:
I did this to my own once when flashing ROMs and could not get pass the password screen, flashing the no-encrypt fixed it
I haven't heard of this....I have a N6 on the way which means I'll be wiping and selling my LG G2 (running 5.1.1 Paranoid). Is this a new thing with lollipop that I need to remove my account first, or is it device based?
If so, Settings > Accounts > Google > Delete your account or services? Is that all I need to do before wiping?
plasticarmyman said:
you should be able to bypass this by flashing back to stock and using the no-encrypt kernel from Wugfresh's toolkit.
The google account lock is just because encryption is active and someone did a factory reset on it while it was encrypted.
Source:
I did this to my own once when flashing ROMs and could not get pass the password screen, flashing the no-encrypt fixed it
Click to expand...
Click to collapse
if your bootloader is locked, and you have stock recovery, you cant flash a stock factory image. and you cant flash a custom kernel with the stock recovery. so, you couldnt of done this in your wettest fantasy. but, if you have twrp, you could. but then again, if you have twrp recovery, you can fix the issue regardless.
simms22 said:
if your bootloader is locked, and you have stock recovery, you cant flash a stock factory image. and you cant flash a custom kernel with the stock recovery. so, you couldnt of done this in your wettest fantasy. but, if you have twrp, you could. but then again, if you have twrp recovery, you can fix the issue regardless.
Click to expand...
Click to collapse
if you can get into fastboot you can fix most of those things.
TWRP would be for the kernel, but you can unlock the BL and flash a recovery all from fastboot which is not secured by the account lock
plasticarmyman said:
if you can get into fastboot you can fix most of those things.
TWRP would be for the kernel, but you can unlock the BL and flash a recovery all from fastboot which is not secured by the account lock
Click to expand...
Click to collapse
You can't unlock the bootloader unless you set "enable OEM unlock" in Settings, which you can't get to if it is google account locked.
danarama said:
You can't unlock the bootloader unless you set "enable OEM unlock" in Settings, which you can't get to if it is google account locked.
Click to expand...
Click to collapse
oh snap! i totally forgot about that part....
okay nevermind my blathering idiocy
plasticarmyman said:
oh snap! i totally forgot about that part....
okay nevermind my blathering idiocy
Click to expand...
Click to collapse
No worries
danarama said:
No worries
Click to expand...
Click to collapse
it's been about a year since i've had to check that box
plasticarmyman said:
oh snap! i totally forgot about that part....
okay nevermind my blathering idiocy
Click to expand...
Click to collapse
yup. but if you have twrp, fastboot formatting userdata and cache should fix it. if you havd stock recovery, then youre screwed.
More than positive this Nexus is stolen.
Stay away from it. If it's locked, it's probably been reported and it's IMEI blacklisted. So even IF you could get it unlocked somehow. You will still be boned.
As for cheap Nexus 6? They are on sale for $350 on Amazon.
Related
Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J
We can only guess but I suspect not.
Jaxione said:
Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J
Click to expand...
Click to collapse
Please don't take this as offense but why get a nexus device if u don't want to root? if your worried about voiding warranty all u have to do is return to stock/Unroot/Lock Bootloader back up and then you good.
Jaxione said:
Hi!
Anyone who have heard anything about Googles thoughts on the forced encryption on the Nexus 6? Will they ever let us choose if we want it or not? I dont want to root and void the warranty on the phone but the performance is sluggish at times and most ppl say that is because of the encryption.
Br J
Click to expand...
Click to collapse
No they've stated that they suggest all devices going forward are encrypted. Obviously OEM's can do what they want but that's not going to be an option on the Nexus side.
the_rooter said:
Please don't take this as offense but why get a nexus device if u don't want to root? if your worried about voiding warranty all u have to do is return to stock/Unroot/Lock Bootloader back up and then you good.
Click to expand...
Click to collapse
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J
Jaxione said:
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J
Click to expand...
Click to collapse
If you ever need a step my step on doing so there is a video that i followed on youtube. There are many that does wonders. I can also offer a helping hand in doing so. I know how to do fasboot/adb method also I tried the WUG Toolkit which many people blast tool kits, but i come to enjoy it. I have made mistakes in rooting/unlocking bootloaders but thats mainly because I didnt fully read before I started. If your concerned check out WUG Tool kit here, and also this youtube channel does wonders.
https://www.youtube.com/watch?v=XBIPQVDfAQ8
Rootjunky channel on youtube. The guy has awesome videos and he does step by step. If interested I can even offer some help and guidance. Pm me.
Jaxione said:
I have had some bad experiences with rooting and Im afraid to damage the device. Thats probably why Im afraid of the rooting process. No offense taken
Br J
Click to expand...
Click to collapse
You don't need to be rooted in order to remove encryption. But you do need to format all data.
Unlock in Fastboot (all data wiped automatically)
Flash TWRP 2.8.5.0 in Fastboot
Flash kernel in TWRP without encryption flag (LeanKernel or franco, to name a few)
In TWRP - Wipe -> Factory Reset, then Wipe -> Format Data -> (yes) to confirm format
Fastboot flash all but the boot.img from the latest factory image
NotATreoFan said:
You don't need to be rooted in order to remove encryption. But you do need to format all data.
Unlock in Fastboot (all data wiped automatically)
Flash TWRP 2.8.5.0 in Fastboot
Flash kernel in TWRP without encryption flag (LeanKernel or franco, to name a few)
In TWRP - Wipe -> Factory Reset, then Wipe -> Format Data -> (yes) to confirm format
Fastboot flash all but the boot.img from the latest factory image
Click to expand...
Click to collapse
Ok thanks. But how will this affect my warranty?
Br J
It doesn't with a Nexus device.
As long as you can flash back stock your warranty is intact.
I had TWRP recovery, custom kernel and some ROM tweaks first thing this morning. Then I flashed everything back to stock and sent it in for warranty repair today.
Jaxione said:
Ok thanks. But how will this affect my warranty?
Br J
Click to expand...
Click to collapse
Unlocking a Nexus device will not void the warranty. If your only desire is to remove encryption, you could even go back to stock recovery and relock the device afterward.
NotATreoFan said:
Unlocking a Nexus device will not void the warranty. If your only desire is to remove encryption, you could even go back to stock recovery and relock the device afterward.
Click to expand...
Click to collapse
Well hold on. I've no idea how moto handle warranty...
But on the nexus 5, if you bought from play store, Google handled warranty. Even if it was unlocked... Like the law in many places suggest.. However if you bought from somewhere else. LG handled the warranty but they would refuse it if it was unlocked or tamper flag tripped...
Now the 6 does t seem to have a tamper flag and I'm not sure how moto do things vs LG, but saying "Nexus device" insinuates all of them but that would not be accurate.
rootSU said:
Well hold on. I've no idea how moto handle warranty...
But on the nexus 5, if you bought from play store, Google handled warranty. Even if it was unlocked... Like the law in many places suggest.. However if you bought from somewhere else. LG handled the warranty but they would refuse it if it was unlocked or tamper flag tripped...
Now the 6 does t seem to have a tamper flag and I'm not sure how moto do things vs LG, but saying "Nexus device" insinuates all of them but that would not be accurate.
Click to expand...
Click to collapse
You may be correct. I am speaking from the Google side, as well as T-Mobile. I've spoken to their service reps and they will issue RMAs for unlocked Nexus devices.
NotATreoFan said:
You may be correct. I am speaking from the Google side, as well as T-Mobile. I've spoken to their service reps and they will issue RMAs for unlocked Nexus devices.
Click to expand...
Click to collapse
Yep Google are definitely good. That's why I bought from play this time. Moto may also be good - I don't know. But lg on the 5 I hope are not setting a trend
I didnt buy the Nexus 6 for the flashing, rooting and unlocking. I bought it because I wanted a clean Android experience and because I think the Nexus 6 is a handsome looking phone. Found this article: http://www.droid-life.com/2014/11/20/i-didnt-buy-a-nexus-to-flash-all-the-things/
Thats exactly how I see it even though I didnt write the article. But it makes me pissed that google is forcing encryption on us for no reason.
Br J
Jaxione said:
I didnt buy the Nexus 6 for the flashing, rooting and unlocking. I bought it because I wanted a clean Android experience and because I think the Nexus 6 is a handsome looking phone. Found this article: http://www.droid-life.com/2014/11/20/i-didnt-buy-a-nexus-to-flash-all-the-things/
Thats exactly how I see it even though I didnt write the article. But it makes me pissed that google is forcing encryption on us for no reason.
Br J
Click to expand...
Click to collapse
Its not for no reason. Its for security. Its to become a viable alternative to apple in the corporate world.
rootSU said:
Its not for no reason. Its for security. Its to become a viable alternative to apple in the corporate world.
Click to expand...
Click to collapse
Completely agree.... It was most certainly done for A REASON.
Just like Samsung's KNOX was done for A REASON...
Some people may not like the reason because it doesn't meet their particular needs, but that's another story...
JasonJoel said:
Completely agree.... It was most certainly done for A REASON.
Just like Samsung's KNOX was done for A REASON...
Some people may not like the reason because it doesn't meet their particular needs, but that's another story...
Click to expand...
Click to collapse
Indeed. I hate encryption but I also love rooting and flashing so I'm good..
Lets set one thing straight; the only DOWNSIDE to encryption, is the performance hit, and that is because they are using SOFTWARE CRYPTO. Qcom didn't have the code for hardware crypto published on time for the N6 ship date, but it is now, which means that there is a good potential for THAT to be added at some point. IMO, it is MUCH more likely that they will add hwcrypto than to fall back to allowing you to run unencrypted.
Just talked with Motorola. I was thinking about rooting the device but after the talk with Motorola Im not going to. They said I will void the warranty when rooting.
Br J
derp.. my mistake :angel:
My last phone (Nexus 4) was stolen. My new device, the Nexus 6, as you all know comes with enhanced security measures, requiring authentication even after a factory reset. Now, I had grown accustomed to playing around with wiping, rooting, custom roms, kernels, radios, etc with my Nexus 4. Now that I have had my Nexus 6 for a bunch of months, I am starting to think about rooting my device (so I can install an SSH server and have my phone automatically open a tunnel back to my server). My only hesitation is turning the OEM unlocking switch to on. See, I am a big fan of the new security measures that require authentication after a device reset, and would much prefer to keep that feature enabled. I've searched around on Google and XDA, and I haven't been able to find any definitive answers on how unlocking the bootloader in order to root the device will affect these security mechanisms.
My understanding is this: in order to root the Nexus 6, you need to enable OEM unlocking, which allows flashing pretty much any image onto the phone. If any image can be flashed to the phone, this security mechanism can be circumvented.
Two questions:
1. (pretty sure the answer to this is no) Can I root my phone and prevent flashing of images that would circumvent the security feature
2. Will rooting my phone make it easier for an unknown party to gain access to the device via another route
Unlocking the bootloader really only allows you to flash unsigned images, and root provides you with the option to grant administrative access to applications.
Neither one of those has anything to do with encrypted data, or in any way makes encrypted data readable without the key.
The bootloader unlock will make it easier for a thief to wipe all the data on the device without reading it, so he can use the device or sell it as functioning... Even then, you may be able to factory reset an encrypted device without the key anyways... At which point I would think they could make a new key for the freshly wiped partition?
Anything that is going to run unauthorised code at root level is likely going to use other exploits to achieve root on their own, like users do to gain root on devices that are locked down. You having root access doesn't give the right for anything to run as root unless you approve it (or if someone managed to find some exploit in the version of supersu your running, but this is not likely... and if we are assuming any code may have holes in it you're not safe no matter what you do). It does give you the possibility of being tricked into running malicious code that is disguised as some utility... But that is a risk your going to take running any software that isn't from a stable corperation you can take legal action against. Trust who wrote the code or don't use it.
If in question number 1 "the security feature" is encryption, then yes having and unlocked bootloader means if someone takes your phone they can flash a kernel that does not force encryption, they would then have to format the userdata partition to encrypt the phone. Without luck, guessing the password, or discovering some amazing undocumented flaw in the encryption algorithm they will not being able to read your data with out having the key, or guessing it.
@scryan
If you have unlocked the bootloader and have installed a custom recovery (TWRP), are you able to see the list of files in the file manager of TWRP, if the device is encrypted?
Nikos2k said:
@scryan
If you have unlocked the bootloader and have installed a custom recovery (TWRP), are you able to see the list of files in the file manager of TWRP, if the device is encrypted?
Click to expand...
Click to collapse
Yes. Otherwise couldn't pick a file to flash. It actually only encrypts user data. Apps, zips ect are not encrypted or we couldn't pull and modify them.
prdog1 said:
Yes. Otherwise couldn't pick a file to flash. It actually only encrypts user data. Apps, zips ect are not encrypted or we couldn't pull and modify them.
Click to expand...
Click to collapse
the user data that are encrypted include files on the sdcard folder? (e.g. pdfs, images in DCIM folder etc)
i am asking because in my device in Settings -> Security -> Encryption it shows that it is encrypted, in TWRP however i can see all the files
Can i make the custom recovery to ask for the pin? do I have to enable PIN as a screen lock?
What happens if i use an unlock pattern or just swipe for unlock?
Nikos2k said:
the user data that are encrypted include files on the sdcard folder? (e.g. pdfs, images in DCIM folder etc)
i am asking because in my device in Settings -> Security -> Encryption it shows that it is encrypted, in TWRP however i can see all the files
Can i make the custom recovery to ask for the pin? do I have to enable PIN as a screen lock?
What happens if i use an unlock pattern or just swipe for unlock?
Click to expand...
Click to collapse
TWRP will use same pin as Device lock. Only thing I have seen if you use pinlock have to convert 5x5 to 4x4. There's a way to convert it located in this forum somewhere. Swipe to unlock has no pin so TWRP is open. Unlock pattern works also. Either pin or swipe has to be converted don't remember which. I run wide open encrypted so have never played with it.
prdog1 said:
TWRP will use same pin as Device lock. Only thing I have seen if you use pinlock have to convert 5x5 to 4x4. There's a way to convert it located in this forum somewhere.
Click to expand...
Click to collapse
By pinlock you mean the pattern screen lock?
I think it is 3 x 3, not 4x4 or 5x5
And since I use this pattern screen lock, which cannot be input in TWRP, this means that I have to disable it b4 I need to enter recovery?
This makes me a bit uncomfortable since I may need to enter recovery because of a problem with the system
Nikos2k said:
By pinlock you mean the pattern screen lock?
I think it is 3 x 3, not 4x4 or 5x5
And since I use this pattern screen lock, which cannot be input in TWRP, this means that I have to disable it b4 I need to enter recovery?
This makes me a bit uncomfortable since I may need to enter recovery because of a problem with the system
Click to expand...
Click to collapse
Start with this thread. It explains TWRP.
http://forum.xda-developers.com/nexus-6/help/twrp-2-8-5-0-password-help-t3046630
prdog1 said:
Start with this thread. It explains TWRP.
http://forum.xda-developers.com/nexus-6/help/twrp-2-8-5-0-password-help-t3046630
Click to expand...
Click to collapse
thank you it worked!
scryan said:
Unlocking the bootloader really only allows you to flash unsigned images, and root provides you with the option to grant administrative access to applications.
Neither one of those has anything to do with encrypted data, or in any way makes encrypted data readable without the key.
The bootloader unlock will make it easier for a thief to wipe all the data on the device without reading it, so he can use the device or sell it as functioning... Even then, you may be able to factory reset an encrypted device without the key anyways... At which point I would think they could make a new key for the freshly wiped partition?
Anything that is going to run unauthorised code at root level is likely going to use other exploits to achieve root on their own, like users do to gain root on devices that are locked down. You having root access doesn't give the right for anything to run as root unless you approve it (or if someone managed to find some exploit in the version of supersu your running, but this is not likely... and if we are assuming any code may have holes in it you're not safe no matter what you do). It does give you the possibility of being tricked into running malicious code that is disguised as some utility... But that is a risk your going to take running any software that isn't from a stable corperation you can take legal action against. Trust who wrote the code or don't use it.
If in question number 1 "the security feature" is encryption, then yes having and unlocked bootloader means if someone takes your phone they can flash a kernel that does not force encryption, they would then have to format the userdata partition to encrypt the phone. Without luck, guessing the password, or discovering some amazing undocumented flaw in the encryption algorithm they will not being able to read your data with out having the key, or guessing it.
Click to expand...
Click to collapse
Ok, so for encryption, "Allow OEM Unlocking" allows flashing of unsigned images (such as the one used for root), which means if someone gets a hold of my phone, they can put whatever they want on it, including flashing a custom rom.
So my next question is, what about being required to sign into the last Google account used on the phone even after a factory reset (device protection / factory reset protection / not sure what it's called exactly)? Is that area of the bootloader / rom / memory / wherever it lives flashable? If you have an unlocked bootloader, is it possible to flash some image to the device that disables this? Hah, that sounds bad. Really, I want to root my Nexus 6, but I haven't decided if it would be worth giving up the anti-theft required login after reset.
I guess really, I'm curious about how it works, is it part of the Android image delivered by Google? Is it part of the bootloader? Is it possible to release a rom without this feature? I'm not a thief, I swear I'm just curious.
quickdry21 said:
Ok, so for encryption, "Allow OEM Unlocking"
encryption and oem unlock ar 2 entirely different things
allows flashing of unsigned images
allows you to unlock the boottloader, which allows you to flash unsigned img's. the setting itself does nothing but enable the ability. to unlock
(such as the one used for root), which means if someone gets a hold of my phone, they can put whatever they want on it, including flashing a custom rom.
yes
So my next question is, what about being required to sign into the last Google account used on the phone even after a factory reset (device protection / factory reset protection / not sure what it's called exactly)? Is that area of the bootloader / rom / memory / wherever it lives flashable? If you have an unlocked bootloader, is it possible to flash some image to the device that disables this? Hah, that sounds bad. Really, I want to root my Nexus 6, but I haven't decided if it would be worth giving up the anti-theft required login after reset.
i think if someone were to completely wipe the phone, use a different gmail and sim, the google protection would be gone, but i could be wrong. im not positive on that one.
I guess really, I'm curious about how it works, is it part of the Android image delivered by Google? Is it part of the bootloader? Is it possible to release a rom without this feature? I'm not a thief, I swear I'm just curious.
some extremely savvy person "may" be able to make a rom without the google protection, but i have never seen it tried.it may be a core feature that cant be removed.
i really wouldnt worry about that. the likelihood that someone would steal or find your device and have the skills to do all you asked above, is very remote.
Click to expand...
Click to collapse
in red above.
bweN diorD said:
in red above.
Click to expand...
Click to collapse
protection will be gone if you flash android 5.0.1. if you wipe and flash android 5.1.1, the protection will still be there and will ask for your password first.
bweN diorD said:
in red above.
Click to expand...
Click to collapse
Thanks, that does seem to make sense.
I know this comes across as overly paranoid, but I ask also because I'm a curious developer. I'm interested in understanding how android's insides work in general as well as how the new device protection fits in with rooting, custom roms, unlocking the bootloader, etc. (just how well does it prevent unauthorized use of devices)
Interesting, that says to me there is a relatively easy way to get around the reset protection if a phone has an unlocked bootloader. Albeit, relatively easy is relative.
quickdry21 said:
Interesting, that says to me there is a relatively easy way to get around the reset protection if a phone has an unlocked bootloader. Albeit, relatively easy is relative.
Click to expand...
Click to collapse
easy, yes, for one of us. but for a typical user, very hard. anyways, i dont like letting out the secret of how to bypass it, so keep it quiet please
simms22 said:
easy, yes, for one of us. but for a typical user, very hard. anyways, i dont like letting out the secret of how to bypass it, so keep it quiet please
Click to expand...
Click to collapse
Yes, agreed. I'm going to edit out that quote.
quickdry21 said:
Ok, so for encryption, "Allow OEM Unlocking" allows flashing of unsigned images (such as the one used for root), which means if someone gets a hold of my phone, they can put whatever they want on it, including flashing a custom rom.
So my next question is, what about being required to sign into the last Google account used on the phone even after a factory reset (device protection / factory reset protection / not sure what it's called exactly)? Is that area of the bootloader / rom / memory / wherever it lives flashable? If you have an unlocked bootloader, is it possible to flash some image to the device that disables this? Hah, that sounds bad. Really, I want to root my Nexus 6, but I haven't decided if it would be worth giving up the anti-theft required login after reset.
I guess really, I'm curious about how it works, is it part of the Android image delivered by Google? Is it part of the bootloader? Is it possible to release a rom without this feature? I'm not a thief, I swear I'm just curious.
Click to expand...
Click to collapse
Maybe someone could figure out something?
But if your device is wiped, and basically all the partitions are re-written.... Where do you want to store the last google account information to check against?
No one is going to plan on stealing your phone, ask you if the bootloader is unlocked, then decide not to if they say no. None of the security really prevents your phone from being stolen. Nothing just looking at your phone lets a would be thief know that its encrypted and not unlocked...
The encryption and locked bootloader will not prevent your phone from being stolen. The encryption will protect your data, and the locked booloader will make it harder to reset the device (though does factory recovery have a factory reset option? I would think this would allow the device to be wiped and encryption key to be reset anyways?)
I guess really, I'm curious about how it works, is it part of the Android image delivered by Google? Is it part of the bootloader? Is it possible to release a rom without this feature? I'm not a thief, I swear I'm just curious.
Click to expand...
Click to collapse
What? You keep talking about this single security device? What are you talking about?
Do you mean encryption?
encryption is just how the data is stored on the device.
Say you have the word "Duck"
And we want to store that word in a safe way. As a VERY VERY basic method, we will encrypt this by shifting each letter of the alphabet a certain number of letters. This number will be something YOU give, so that others do not know how many letters we have shifted over.
So lets say you give us "5" as your key.
so the alphabet
abcdefghijklmnopqrstuvwxyz we will shift 5 letters over, starting on the fifth letter and wrapping around...
fghijklmnopqrstuvwxyzabcde so each letter matches up with a new letter.
D is the 4th letter of the alphabet, so we will use the 4th letter of of shifted alphabet, i
u is the 21st letter of the alphabet so we will use the 21st letter of our shifted alphabet, z
ect, ect... so Duck becomes Izho, and with out knowing how many letters to shift over, know one will know what that means (ok, obviously due to the simplicity of our encryption algorithm, anyone who is smart and cares can likely try different numbers until the output is a coherent word. the actual method of encryption is significantly more complex, and the key is more then one characters
See here for more intellegent details: https://wiki.archlinux.org/index.php/Disk_encryption#How_the_encryption_works
quickdry21 said:
Yes, agreed. I'm going to edit out that quote.
Click to expand...
Click to collapse
na, it ok, you can leave it here. that way if someone really needs to, theyll find the answer here. just dont go around spreading it around i meant
scryan said:
Maybe someone could figure out something?
But if your device is wiped, and basically all the partitions are re-written.... Where do you want to store the last google account information to check against?
No one is going to plan on stealing your phone, ask you if the bootloader is unlocked, then decide not to if they say no. None of the security really prevents your phone from being stolen. Nothing just looking at your phone lets a would be thief know that its encrypted and not unlocked...
The encryption and locked bootloader will not prevent your phone from being stolen. The encryption will protect your data, and the locked booloader will make it harder to reset the device (though does factory recovery have a factory reset option? I would think this would allow the device to be wiped and encryption key to be reset anyways?)
Click to expand...
Click to collapse
I'm not expecting this "Device Protection" feature to prevent my phone from being stolen, I'm more interested in the **** you aspect to someone who tries, and maybe them returning it to me for some money.
scryan said:
What? You keep talking about this single security device? What are you talking about?
Do you mean encryption?
Click to expand...
Click to collapse
I'm not sure if you are aware, but with the release of 5.1, there is a new security feature (think it's called Device Protection, but that seems to encompass some other things) that requires you to login to the last Google account attached to the phone after a factory reset (whether done from the settings UI, or from recovery mode). If you are unable to login to a Google account that was attached to the phone, the phone becomes worthless (there have been some posts on xda about people "acquiring" a Nexus 6 and being unable to use it), some details here: https://support.google.com/nexus/answer/6172890
A quote from that link sums it up:
Important: You can enter information for any Google account that has been added to the device. If you can't provide this information during the setup process, you won't be able to use the device at all after the factory reset.
Click to expand...
Click to collapse
Now, this security feature is only available on new phones that are released with 5.1 (with the exception of the newest round of Nexus devices, which received it with the update to 5.1). This leads me to believe that some aspect is baked into the device. Separate encrypted partition maybe? Part of the bootloader software? I don't know, that's what I'm curious about.
scryan said:
encryption is just how the data is stored on the device.
Say you have the word "Duck"
And we want to store that word in a safe way. As a VERY VERY basic method, we will encrypt this by shifting each letter of the alphabet a certain number of letters. This number will be something YOU give, so that others do not know how many letters we have shifted over.
So lets say you give us "5" as your key.
so the alphabet
abcdefghijklmnopqrstuvwxyz we will shift 5 letters over, starting on the fifth letter and wrapping around...
fghijklmnopqrstuvwxyzabcde so each letter matches up with a new letter.
D is the 4th letter of the alphabet, so we will use the 4th letter of of shifted alphabet, i
u is the 21st letter of the alphabet so we will use the 21st letter of our shifted alphabet, z
ect, ect... so Duck becomes Izho, and with out knowing how many letters to shift over, know one will know what that means (ok, obviously due to the simplicity of our encryption algorithm, anyone who is smart and cares can likely try different numbers until the output is a coherent word. the actual method of encryption is significantly more complex, and the key is more then one characters
See here for more intellegent details: https://wiki.archlinux.org/index.php/Disk_encryption#How_the_encryption_works
Click to expand...
Click to collapse
Yes, I was not very clear in my original post about what security feature I was inquiring about. I'm aware of what encryption is. Part of the reason I am interested in rooting my phone is to reverse tunnel a SSH server on the phone, or possibly netcat, via SSH to my server, so I will be able to open up a shell on my phone from anywhere I desire.
Ahh yes, apologies, was unaware they implemented that feature. A bit dense this morning.
I would imagine unlocked bootloader/custom recovery would DEFINITELY negate this feature.
No one gonna give your phone back, particularly after you use this as a "**** you" While its just IMO, its better to enjoy your phone now. Screwing yourself out of features only to attempt to limit the phone once you don't have anything to do with it anymore does not seem to be particularly productive.
Running Pure Nexus which may not matter. Wife got mad and figured out my pattern lock to be nosey in my phone. She then decided to change to a password lock. I am now locked out. How can I reset my password without wiping my data? Android device manager knows it's locked so I can't use it to set a lock code. Saw a method using pc and adb to clear the password and reboot but not near my pc. Any way to use Twrp?
You SERIOUSLY can't get your wife to tell you the unlock code she put on it??? The only idea I have to get around it would to be dirty flash your current ROM over top of itself. This will retain your data and maybe/probably? take off the unlock code. On a side note, going forward I think you guys really need to work on trust and boundaries...
Hi,
Sorry to hear that happened to you. I have faced this issue before when I accidentally choose the pattern lock and forgot what it was. Could you tell me what ROM and android version you are running. The kernel also matters because if it has encryption enabled by default, the TWRP recovery would also need the same pattern/PIN for you to get in there to flash it. I guess my only other solution would be to use the Nexus Toolkit and try dirty flashing if you're running a custom ROM or checking the 'no wipe data' when flashing the official Google image.
Have a great new year!
Love,
Syed
I decided to just wipe and flash a new ROM. Took the opportunity to update to Pure Nexus Nougat. I'm still setting online accounts back up which is part of what I wanted to avoid. I really dislike not being automatically logged in to pay my bills!
knightjs1 said:
I decided to just wipe and flash a new ROM. Took the opportunity to update to Pure Nexus Nougat. I'm still setting online accounts back up which is part of what I wanted to avoid. I really dislike not being automatically logged in to pay my bills!
Click to expand...
Click to collapse
Wow paying your bills on a device with root and an unlocked bootloader. You surely are brave.
As for your issue well to be honest you have bigger issues then your device.
Thread closed
Simply put I want to Lock my bootloader and recovery even disabling recovery would be fine.
I'm basically asking if this is possible although I understand there are so to speak 1337 methods to bypass the Security measures I'm concerned with.
It's just most people's first approach to a phone they just found/stole is factory reset where frp would kick in, with the unlocked bootloader that would be easy af to bypass. *Not to mention frp bypass methods that are public
My goal is to set up my phone with the latest release of Pure Nexus + root and Latest TWRP, from there Lock the bootloader and then secure TWRP IE recover with a return to owner for reward with contact info.
Basically disabling/locking recovery with a return to owner screen and locking the bootloader as basic deterrent's for any common / petty their or anyone looking to upgrade to the phone they just found if you catch my drift.
-Also it would be nice to feel a little more secure with all these extra features PureNexus offers although I get that Android Security is fundamentally flawed these are just deterrents, also I'd be stoked to see this on a device I come across.
*Wouldn't hesitate to up call the owner of a phone that properly configured, although I know I could bypass it just a respect thing for me. :3
You can lock the bootloader, but it can simply be unlocked again. The only way to ensure it can't be unlocked is to encrypt it, and no Nexus device has an encrypted bootloader. Recovery cannot be disabled, though you could flash a non-working recovery image to the recovery partition. In that case however, simply unlocking the bootloader would allow someone to flash a recovery image to the device.
Your goals are laudable, but you're wasting your time here. To accomplish your end goal requires a device with an encrypted bootloader, which means you want something that isn't a Nexus and is sold through AT&T or Verizon. Both carriers encrypt the bootloader so you can't unlock it.
So basically because the bootloader cannot be secured my efforts would be in vain, are we sure I can't simply relock the bootloader in the same fashion that the stock rom is shipped out.
IE I remember having to OEM unlock in order to flash a custom recovery, with that being said after flashing a disabled recovery is it not possible to then re enable OEM lock somehow even with Pure Nexus running.
*Perhaps even only with the stock rom?
I'll make this as plain as I can. The only way to secure the bootloader is to encrypt it. Locking the bootloader and resetting the OEM Unlocking toggle in Developer Options won't help since any potential thief can simply unlock the bootloader. If you want to improve security, set a pin, pattern lock, or password after you mess around with locking the bootloader and setting the OEM Unlock toggle to off (if possible).
Simply disabling the ome toggle in developer setting doesn't relock the bootloader so would you say it's safe to run "fastboot oem lock" with Pure Nexus installed wipe data and then disable the oem toggle?
If that works wouldn't it be True to say I would need re enable the oem toggle and then "fastboot oem unlock" if I ever intended to replace the disabled recovery.
I really just wanted to shoot in the dark, although I don't want to brick my Nexus 6. Also sorry for a better lack of information on my part I don't mean to be a hassle.
JmakeITlookEZY said:
Simply disabling the ome toggle in developer setting doesn't relock the bootloader so would you say it's safe to run "fastboot oem lock" with Pure Nexus installed wipe data and then disable the oem toggle?
If that works wouldn't it be True to say I would need re enable the oem toggle and then "fastboot oem unlock" if I ever intended to replace the disabled recovery.
I really just wanted to shoot in the dark, although I don't want to brick my Nexus 6. Also sorry for a better lack of information on my part I don't mean to be a hassle.
Click to expand...
Click to collapse
Never lock the bootloader when running a.custom ROM... Bad very bad idea
rignfool said:
Never lock the bootloader when running a.custom ROM... Bad very bad idea
Click to expand...
Click to collapse
Worth asking why?
As in is this a goal worth pursuing IE a custom or unofficial build that supports such functionality.
Possibly already done: http://android.stackexchange.com/qu...4-7-bootloader-after-flashing-a-non-stock-rom
JmakeITlookEZY said:
Worth asking why?
As in is this a goal worth pursuing IE a custom or unofficial build that supports such functionality.
Click to expand...
Click to collapse
Because...
Stock ROMs are tested and tested for compatibility... To make sure you don't wind up in a bootloop (unless you have an LG)
Custom ROMs... Are not... No matter beans best intentions... He's no OEM...
You wind up in a bootloop for whatever reason... And a factory reset doesn't fix it... You're done... You have a paperweight...
So proceed as pleased, if I feel risky or got an extra Shamu I'll shoot in the dark and post the results. :3
More info:
What the consequences are really depends on your device. Most devices enable signature-verification for the boot partition (kernel) which prevents you from booting any kernels not signed by device manufacturer (unless you exploit some security breaches like 2nd boot). They also disallow you to flash any partition via 'fastboot flash' command, but not on all devices.
So no, you are not okay with relocking your phone: If you use custom firmware, you typically use a custom kernel and in this case, re-locking your bootloader via 'fastboot oem lock' will put your device in a state where it will not boot anymore! Be careful with that.
Info source: http://android.stackexchange.com/users/89475/kuleszdl
Idea: Disable signature-verification?
Note: Everyone thinks it will brick no one has said it happened, very strong possibility signature-verification is enabled. ?
are you an secret agent or something?
why the extreme paranoia about having this phone?
wase4711 said:
are you an secret agent or something?
why the extreme paranoia about having this phone?
Click to expand...
Click to collapse
I agree.
@JmakeITlookEZY, Basically, if your trying to say they want to give someone a phone that cannot be unlocked after locking it, then this isn't the device for you. There is an 'OEM Unlock' to prevent this but to hide this setting, would have no idea . And if you lock the bootloader and then someone wants to unlock it, it has to wipe the device.
Just have to live with the fact if someone wants to try and unlock the device, it's gonna get wiped no matter what. I'm no security expert but if you're worried something is going to happen to your phone, then you shouldn't be using it.
And if your really concerned, using a screen lock will prevent users from going into the recovery or booting the device anyways.
Gysper said:
?
Click to expand...
Click to collapse
It would be nice to feel confident enough to leave my device lying around or even lose it and know that it will either be returned or discarded.
I believe that level of security should be an option, not to mention have the ability to do it to begin with.
JmakeITlookEZY said:
It would be nice to feel confident enough to leave my device lying around or even lose it and know that it will either be returned or discarded.
I believe that level of security should be an option, not to mention have the ability to do it to begin with.
Click to expand...
Click to collapse
Yeah its called GPS
google Android Device Manager and use the locate device. You can even lock it if lost and erase all data.
Gysper said:
?
Click to expand...
Click to collapse
Not really a concern, if someone decided to keep the device the first step would be turn it off.
*More than likely reset from there epically considering encrypting the device would be a given.
JmakeITlookEZY said:
Not really a concern, if someone decided to keep the device the first step would be turn it off.
*More than likely reset from there epically considering encrypting the device would be a given.
Click to expand...
Click to collapse
Buy a tracking device and hack the phone. Problem solved
Gysper said:
?
Click to expand...
Click to collapse
Care to elaborate "tracking device" & "hack the phone" just dosen't seem to be what I'm shooting for.
JmakeITlookEZY said:
Care to elaborate "tracking device" & "hack the phone" just dosen't seem to be what I'm shooting for.
Click to expand...
Click to collapse
So you don't work for the CIA...
Let's be real, if you have no trust when something gets lost, then you don't deserve it. Should do your research and check out how to prevent something if it get's lost: http://www.apartmenttherapy.com/what-really-happens-when-a-smartphone-is-lost-195321
This is not a suicide hotline thread, if you're scared about losing something and not getting it returned, then I have to say you have a serious episode of OCD. Don't be that guy and learn to live with the consequences.
Gysper said:
?
Click to expand...
Click to collapse
Just to be Frank this is about information and general purpose security how you perceive it, is whatever.
*Also to address the "you don't deserve it" my concerns are the opposite it's not that I don't deserve it, more the other way around.
Update: Found more information that pretty much sums up what I hope to accomplish aswell as the implications.
Source: http://www.androidpolice.com/2011/0...ncryption-signing-and-locking-let-me-explain/
Update,
May be possible via: https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
Hey guys,
Is there any way to either reset the lockscreen password or to backup all userdata from a Moto G5S plus that's upgraded to Android 8.0, is not rooted, is running stock ROM, does not have ADB debugging enabled and has no custom recovery?
Most likely no, I've never had a Motorola phone before though, and I couldn't find any workarounds/utilities, but perhaps I wasn't using the right keywords.
Thanks in advance,
Lada
Hi, same problem here. My son can't unlock his Phone with password that was working yesterday Just fine. He has his fingerprint enabled and password. Fingerprint is not enough and it wants also the pass which is not working. Debugging is disabled, stock Rom unrooted. We cant even export data from it. Any solutions before factory reset?
Afaik there's mo such method because the whole mechanism would be pointless if one can bypass lockscreen password just like that.
You'll need to use some Forensic tools for retrieving data. Not a sure shot method and definitely not a cheap one as the software cost very much.
You can search and find Stellar Phoenix (or similar alternatives).
tarun0 said:
Afaik there's mo such method because the whole mechanism would be pointless if one can bypass lockscreen password just like that.
You'll need to use some Forensic tools for retrieving data. Not a sure shot method and definitely not a cheap one as the software cost very much.
You can search and find Stellar Phoenix (or similar alternatives).
Click to expand...
Click to collapse
I've tried several software, but they either only worked for a select few Samsung devices, or only with older versions of Android.
I was 95% sure it's a lost cause, just wanted to ask around, see if there are any Motorola-specific workarounds or whatever to try!
Lada333 said:
Hey guys,
Is there any way to either reset the lockscreen password or to backup all userdata from a Moto G5S plus that's upgraded to Android 8.0, is not rooted, is running stock ROM, does not have ADB debugging enabled and has no custom recovery?
Most likely no, I've never had a Motorola phone before though, and I couldn't find any workarounds/utilities, but perhaps I wasn't using the right keywords.
Thanks in advance,
Lada
Click to expand...
Click to collapse
Kamolot said:
Hi, same problem here. My son can't unlock his Phone with password that was working yesterday Just fine. He has his fingerprint enabled and password. Fingerprint is not enough and it wants also the pass which is not working. Debugging is disabled, stock Rom unrooted. We cant even export data from it. Any solutions before factory reset?
Click to expand...
Click to collapse
You can try this some of the method to unlock your device, i don't know if it works or not, but give it a try maybe it works.
https://www.androidphonesoft.com/resources/forget-lock-password-android.html
https://www.makeuseof.com/tag/forgot-android-passcode/
riyan65 said:
You can try this some of the method to unlock your device, i don't know if it works or not, but give it a try maybe it works.
https://www.androidphonesoft.com/resources/forget-lock-password-android.html
https://www.makeuseof.com/tag/forgot-android-passcode/
Click to expand...
Click to collapse
Yeah, those are all outdated :/
Lada333 said:
I've tried several software, but they either only worked for a select few Samsung devices, or only with older versions of Android.
I was 95% sure it's a lost cause, just wanted to ask around, see if there are any Motorola-specific workarounds or whatever to try!
Click to expand...
Click to collapse
I got to know that in an internship at an investigation agency. They use that software to solve criminal cases. It should work somehow but yes, may take significant time.
tarun0 said:
I got to know that in an internship at an investigation agency. They use that software to solve criminal cases. It should work somehow but yes, may take significant time.
Click to expand...
Click to collapse
By all means, there must be software out there that can bypass whatever lockscreen, but I doubt it's "commercially available"