Hey there,
my Lenovo P2 recently got stolen and now that I've ordered a used S8 I am looking into ways to protect against theft. And frankly I don't see a good way.
The most obvious thing a thief will do is to shut down the phone and throw away the sim card, so I looked for ways to defend against that. You can't deactivate the force shutdown by holding the power button for 10 sec, which sucks, but the Cerberus app can do a pretend shutdown, which is at least something.
But what about removing the sim card? Without sim card there is no internet connection and therefore no tracking app will work. And once there is no tracking the thief has all the time in the world to find a way to reset your phone and bypass SFR. Well, nothing you can do about that.
But can you defend against a factory reset? Make Cerberus a system app and it works even after a reset! Sounds great, I thought! BUT, in order to do just that you have to root your phone, meaning unlocking the bootloader, meaning the thief can just flash your entire phone through the bootloader. He might not, but he can. Making all the work in rooting and preparing pretty useless if it's not even secure.
So I'm asking, is there any way to secure against theft? I have the idea of making the phone ring when it looses connection to my bluetooth headphones, but that can backfire so easily...
I'm open for any ideas. Hope there is something out there I've missed.
same question!!
1. You have to input pattern/password if you would like to power off the device locked.
2. As far from what I've seen with my friend's S7 Edge, you will need to sign in with your google account if you forced factory reset it in recovery not sure about odin flashing.
3. I'm not sure about this but as long as Location is turned on it can still be tracked even without an internet connection. Again, I'm not sure but I think iPhones have this feature so maybe it can be done on Android too.
Hope the little infos help. Cheers
I've had the Cerberus app since my Nexus 5 days and it's pretty useful.
Regarding shutting down my s8 by holding the power button, Cerberus just does the fake shutdown screen off thing. Also there's an option in Cerberus to disable the power menu when on the lockscreen, which I have enabled. I think the only way to actually shut down my s8 from the lockscreen is for the battery to die on it's own
As for the data and sim card, the app recognizes the original sim card. So if someone puts in a different sim card, the app sends a notification to your email or spouses phone. I think it sends location data too but I'm not sure. And data is accessed thru any sim card. My phone WiFi is set to on all the time anyways so Cerberus will look for any open network and communicate thru that. However, the pull down menu is still accessible in the lockscreen. But on the s8, there's a setting to lock the pulldown menu buttons so u wanna make sure that's turned on.
And for defending against hard resets, like i mentioned earlier the phones power menu is blocked, so they won't be able to start the process until the battery dies by itself
Sent from my SM-G950U1 using Tapatalk
cdigga101 said:
I've had the Cerberus app since my Nexus 5 days and it's pretty useful.
Regarding shutting down my s8 by holding the power button, Cerberus just does the fake shutdown screen off thing. Also there's an option in Cerberus to disable the power menu when on the lockscreen, which I have enabled. I think the only way to actually shut down my s8 from the lockscreen is for the battery to die on it's own
As for the data and sim card, the app recognizes the original sim card. So if someone puts in a different sim card, the app sends a notification to your email or spouses phone. I think it sends location data too but I'm not sure. And data is accessed thru any sim card. My phone WiFi is set to on all the time anyways so Cerberus will look for any open network and communicate thru that. However, the pull down menu is still accessible in the lockscreen. But on the s8, there's a setting to lock the pulldown menu buttons so u wanna make sure that's turned on.
And for defending against hard resets, like i mentioned earlier the phones power menu is blocked, so they won't be able to start the process until the battery dies by itself
Sent from my SM-G950U1 using Tapatalk
Click to expand...
Click to collapse
MoveJoe said:
Hey there,
my Lenovo P2 recently got stolen and now that I've ordered a used S8 I am looking into ways to protect against theft. And frankly I don't see a good way.
The most obvious thing a thief will do is to shut down the phone and throw away the sim card, so I looked for ways to defend against that. You can't deactivate the force shutdown by holding the power button for 10 sec, which sucks, but the Cerberus app can do a pretend shutdown, which is at least something.
But what about removing the sim card? Without sim card there is no internet connection and therefore no tracking app will work. And once there is no tracking the thief has all the time in the world to find a way to reset your phone and bypass SFR. Well, nothing you can do about that.
But can you defend against a factory reset? Make Cerberus a system app and it works even after a reset! Sounds great, I thought! BUT, in order to do just that you have to root your phone, meaning unlocking the bootloader, meaning the thief can just flash your entire phone through the bootloader. He might not, but he can. Making all the work in rooting and preparing pretty useless if it's not even secure.
So I'm asking, is there any way to secure against theft? I have the idea of making the phone ring when it looses connection to my bluetooth headphones, but that can backfire so easily...
I'm open for any ideas. Hope there is something out there I've missed.
Click to expand...
Click to collapse
Aemyiam said:
same question!!
Click to expand...
Click to collapse
between cerebrus stock security factory reset protection and such you can locate and such but best wepon is imei
Write it down if all else fails report the imei to your carrier and have it blacklisted also....
I also use my gear s2 watch as the have a find phone/watch setup too.In the end A thief will do what it takes and can bypass most if not all security implemented by google or others best you can do is take all the precautions and be ready to pounce if its gone....
I've been using Cerberus for a couple of years now.
Had it installed on my S6 when it was "stolen" of my desk at the office one evening when we were working late.
I tracked the culprit in real time as he and his wife were driving on the highway 80km away.
While they were driving I took snapshots and listened to their conversations.
Luckily (for him) it was all just a mistake, he had a S6 too and merely took mine by mistake.
He gave it back the next day.
Still, IMHO, Cerberus is well worth the cost.
Protect against Flash
Since you have been using it by sometime do you have any protection agains flashing a new ROM ? Did you make a new partition or something ? Is there a tutorial ?
Thank you !
Henniesnijman said:
I've been using Cerberus for a couple of years now.
Had it installed on my S6 when it was "stolen" of my desk at the office one evening when we were working late.
I tracked the culprit in real time as he and his wife were driving on the highway 80km away.
While they were driving I took snapshots and listened to their conversations.
Luckily (for him) it was all just a mistake, he had a S6 too and merely took mine by mistake.
He gave it back the next day.
Still, IMHO, Cerberus is well worth the cost.
Click to expand...
Click to collapse
The only protection is the fake shutdown.
Thief thinks he shut down the phone meanwhile it's recording video.
Installing is straight forward. No partitioning required.
Related
I noticed that when I boot up my mini and I don't insert my code, I can still use my phone. As in browsing through my emails, sms, foto's, files, etc.
The code's only function seems to be making the connection with a network.
Is this a flaw on htc's side or is something not right with my phone?
PIN protects only your phone line.
You could enable the device lock, I believe setting a time out of 0 minutes forces you to input your chosen password when you turn the phone on. This means you'll then have two passwords/PINs to enter each time you soft reset (assuming you keep your SIM's PIN enabled), but if you're concerned about privacy, it is an idea. You may also want to consider encrypting your microSD card.
Excuse me butting in to a non-familiar sub-forum, I was attempting to find the wiki page for this device, attempting to help someone buy their first smartphone.
yeah i tried that, but then it asks you for a code everytime you unlock our device as well and that becomes a pain very quickly
It's not that this bothers me that much, I just think it's strange the phone's protection is this weak
If it didn't ask you to enter the PIN when you unlock your device or use ActiveSync/Windows Mobile Device Centre, then your data would be at risk if the phone was stolen whilst it was turned on. I see where you're coming from (I've stopped using device lock for this very reason), however all the HTC devices I've owned have behaved this way, possible it is a Windows Mobile behaviour?
SilentlyScreaming said:
If it didn't ask you to enter the PIN when you unlock your device or use ActiveSync/Windows Mobile Device Centre, then your data would be at risk if the phone was stolen whilst it was turned on. I see where you're coming from (I've stopped using device lock for this very reason), however all the HTC devices I've owned have behaved this way, possible it is a Windows Mobile behaviour?
Click to expand...
Click to collapse
Not a WinMo problem. This is specifically an HTC problem.
The WinMo locking feature is supposed to be able to set time criteria. For example, set it to 4 hours. When you boot up your phone, it goes to ask the password once. Then it won't be asking it anymore until you reboot your phone again, or until you didn't move your phone for straight 4 hours. You can set different number of hours for this effect.
All my other WinMo phones from 5.0 to 6.x does this thing perfectly. Only my first HTC unit, this HD mini, won't allow this simple feature to work correctly as intended. HTC somehow tweaked this basic WinMo feature, and broke it. So now, if you enable the lock feature, it ask for password each time you come out of standby, no matter what situation, no matter how long or short your phone was on standby. Very annoying. Making it useless.
bart3385 said:
Not a WinMo problem. This is specifically an HTC problem.
The WinMo locking feature is supposed to be able to set time criteria. For example, set it to 4 hours. When you boot up your phone, it goes to ask the password once. Then it won't be asking it anymore until you reboot your phone again, or until you didn't move your phone for straight 4 hours. You can set different number of hours for this effect.
All my other WinMo phones from 5.0 to 6.x does this thing perfectly. Only my first HTC unit, this HD mini, won't allow this simple feature to work correctly as intended. HTC somehow tweaked this basic WinMo feature, and broke it. So now, if you enable the lock feature, it ask for password each time you come out of standby, no matter what situation, no matter how long or short your phone was on standby. Very annoying. Making it useless.
Click to expand...
Click to collapse
Yeah sometimes you wonder how did they screw it up so much ?
I really think its better to build a Rom from scratch, I also miss the normal functioning windows start menu. They crippled so much... its almost pathetic...
HTC screwed up many of those simple and beautiful stock WinMo apps, features, and configurations. Not just this one.
I don't really get why they did this. Maybe to discourage you from using stock WinMo apps? Or maybe they're just plain dumb dumb and dumber?
Ah, now I understand the problem. Have you tried other locked apps? CHT's version / S2U2 etc. ?
I don't know exactly what you mean by using other apps, but if your question is if I can use apps or shells without entering my PIN my answer is yes.
If you were aiming at the unlock code popping up everytime I put my phone on standby, it's a hardware button so apps don't affect it I guess
MobileMini said:
Yeah sometimes you wonder how did they screw it up so much ?
I really think its better to build a Rom from scratch, I also miss the normal functioning windows start menu. They crippled so much... its almost pathetic...
Click to expand...
Click to collapse
you can still use the normal windows start menu, just disable sense in the settings
it makes your phone a hell of a lot faster and although it's not that spectacular to look at, it's much more functional than sense
i've been using spb mobile shell since a few weeks after i bought my mini and it's made my phone a lot nicer to use.
Whenever I turn on or reboot, a box comes up, "Mobile Data" telling me what I already know, "Mobile data connection is currently disabled. You need to connect Mobile data to use data applications, such as Browser, Email, and You Tube via Mobile network. Do you want to make the connection?"
This box appears with or without sim card, WiFi on or off, but whenever I boot or reboot. The only time the box doesn't come up, is when mobile data is on, which you can't do, without having the sim card installed.
To eliminate box on boot, leave sim card inserted with mobile data on. I have a Samsung Note, same conditions, there has never been a box pop up at boot or reboot. Easy to click cancel button go move on, but box is irritating, so would like to make it simply go away when device is booted!
No One?
No one has experienced this on their P6800?
I get the same thing - SIM card inserted but data turned off, receive a popup when booting.
It's only one tap to dismiss, and how often are you rebooting anyway! Mildly annoying, but not a big issue for me...
Agree
Not a big deal, yet same setup for Tab's little brother, the Note, and no box. Perhaps the difference between Gingerbread 2.3.6 and Honeycomb 3.2. It still would be nice to not have that box pop up whenever booting/rebooting.
GrndCtrl said:
I get the same thing - SIM card inserted but data turned off, receive a popup when booting.
It's only one tap to dismiss, and how often are you rebooting anyway! Mildly annoying, but not a big issue for me...
Click to expand...
Click to collapse
It will become very often if you use honeybar,Lol.
Anyway,It's because of rooting.
I posted same question on rooting thread.
Hoping that root developer can find a way to fix it..
Im rooted and also using honeybar, I havent encountered this yet.
di
Linuschen said:
It will become very often if you use honeybar,Lol.
Anyway,It's because of rooting.
I posted same question on rooting thread.
Hoping that root developer can find a way to fix it..
Click to expand...
Click to collapse
I am not rooted. But I also get this dialog. I would love to disable it.
Anyone figure this out yet? Extremely annoying, especially when using honeybar.
I also have it, but since I'm so used to it, my fingers automatically hit cancel lol yep, I would like to disable this as well specially when using honeybar
My Gnex was stolen a few months before I got my N4, and although I tried to track it the thief was "clever" and simply turned the phone off. I think he then took the SIM out before turning it back on, so that even when powered up it never connected to the network and he had time to wipe/sell/use my device. The biggest lesson I learned was to lock my phone, and so my N4 has a PIN code. However, I was thinking that a thief could still do the same thing if this one is ever misplaced and I would be screwed. Is there a way to prevent someone from shutting down the phone without unlocking the device? At least this way you would be able to track it or install tracking software until the battery dies.
webmaster said:
My Gnex was stolen a few months before I got my N4, and although I tried to track it the thief was "clever" and simply turned the phone off. I think he then took the SIM out before turning it back on, so that even when powered up it never connected to the network and he had time to wipe/sell/use my device. The biggest lesson I learned was to lock my phone, and so my N4 has a PIN code. However, I was thinking that a thief could still do the same thing if this one is ever misplaced and I would be screwed. Is there a way to prevent someone from shutting down the phone without unlocking the device? At least this way you would be able to track it or install tracking software until the battery dies.
Click to expand...
Click to collapse
I have Avast! installed on mine and when I changed out the Sim at the store the other day, the phone freaked out and sent me text messages (to my backup phone number) of the location and the new phone number. I'm about 90 percent sure that some of the other settings in the app lock the ability to wipe the phone... but I'm new to this Android thing and I could be wrong (workaround via fastboot?).
Anyway, if this is the case, Avast should calm your fears... plus its free.
What if the other person simply turns the phone off?
theres nothing you can do after they turn it off they will just restore the device, even if your carrier blocks your imei number, they can just use the phone in another country ,you can only protect your information on the device
If you have a rooted device you can install Cerberus as a system app, so it will survive to wipe. But disable power off is impossible.
I realize it is impossible to disable power off (for good reason!), however there should be a way to disable it when the phone is locked. In fact, I cant think of a single reason the phone SHOULD allow you to power it down while it is locked.
webmaster said:
I realize it is impossible to disable power off (for good reason!), however there should be a way to disable it when the phone is locked. In fact, I cant think of a single reason the phone SHOULD allow you to power it down while it is locked.
Click to expand...
Click to collapse
A single reason?
You turn your phone screen on. It randomly locks up and not responding.
Oh no what do I do now?! I can't pull my battery!!!!!!
Long press hold for 10 seconds. Phone turns off.
Long press is encoded within the phone and can't be disabled, it's down to the bootloaderish level.
This issue has been addressed and no actual cause has been determined.
My pin lock pad which I usually use is replaced by a keyboard for no reason and my pin doesn't work anymore.
it keeps asking me for a password and after every 5 attempts I get a 30 seconds countdown.
To add insult to injury trying to restart the computer boots me into download mode.
It's very frustrating to say the least. Fortunately I have a twrp backup that I can restore but it's such a waste of time.
Has anyone else had this happen to them?
mrnovanova said:
This issue has been addressed and no actual cause has been determined.
My pin lock pad which I usually use is replaced by a keyboard for no reason and my pin doesn't work anymore.
it keeps asking me for a password and after every 5 attempts I get a 30 seconds countdown.
To add insult to injury trying to restart the computer boots me into download mode.
It's very frustrating to say the least. Fortunately I have a twrp backup that I can restore but it's such a waste of time.
Has anyone else had this happen to them?
Click to expand...
Click to collapse
Not happening to me. but anyone who knows how to deal with this. So, just in case happened to us, we know what to do.
hemander said:
Not happening to me. but anyone who knows how to deal with this. So, just in case happened to us, we know what to do.
Click to expand...
Click to collapse
Useless posts just to raise your post count are all over this forum, seriously if you cant offer anything remotely helpful why post at all? Also put your tongue back in!
OP can you extrapolate how to arrive at the issue and also please state device model, device status etc?
Are you using an application to set/unset your PIN?
I had this happening to me repeatedly, however it was accepting my PIN as the password so was more just annoying that anything else.
After some experimenting I found that it was Secure Settings (setting the PIN) that seemed to be the cause - somehow it was setting the PIN correctly the first time it ran and then subsequently it would switch to password.
I ditched it and instead setup my set/unset PIN via Pebble Locker (also using Wifi and other bluetooth devices to set/unset PIN).
After using it for a few days successfully, it locked once setting a password instead of PIN, and this time my usual PIN failed to unlock it. Luckily it was about 11pm and I knew that it would automatically unlock at about 7am the next day when the wifi was automatically switched back on - so I didn't need to reset or anything (although I got the impression at the time that you could unlock it via going to your google account somehow - but I can't recall the details and may have this entirely wrong).
I setup a Tasker profile so that I'd have a backdoor to disable the PIN by plugging it into power and checking if I'm at home at the time. Not the most secure solution, but hardly wide open either.
I'm having the same issue and it also appears to be a quirk with Secure Settings. Actually locked me out of my phone yesterday, had to return home where I had task to unlock phone in order to get back in.
NinjaBuzz said:
I'm having the same issue and it also appears to be a quirk with Secure Settings. Actually locked me out of my phone yesterday, had to return home where I had task to unlock phone in order to get back in.
Click to expand...
Click to collapse
I've had this exact issue with Secure Settings
Anyone else seeing this behavior? On my 995, whenever I restart, or power on my phone.. I have to use the Knock Code to get into my phone, and it says "fingerprints unavailable for use" or something to that effect.
I find this odd behavior.
Its not odd behavior its LG behavior.
Unfortunately there's no way around it.
turn off secure startup in security...
Your fingerprint is encrypted and you phone can't access encrypted data until you unlock it after a reboot. So its kinda a catch 22 where you will always have to unlock with a pin after startup instead of fingerprint. Your fingerprint is biometric data and obviously can't be changed so it needs to more secure on your phone than your pin which you can change. It is this way on most phones with fingerprint readers.
Double0EK said:
Its not odd behavior its LG behavior.
Unfortunately there's no way around it.
Click to expand...
Click to collapse
It's not just LG, my Samsung S7 and Note 7 both required pin code on first log in after a reboot/boot up
It's part of Android now.
nest75068 said:
It's not just LG, my Samsung S7 and Note 7 both required pin code on first log in after a reboot/boot up
It's part of Android now.
Click to expand...
Click to collapse
It's not even Android. My work phone is an iPhone and it has the same behavior. Which drives me nuts because our work phones require us to change pin codes every couple of months and we can't recycle codes.
I turned off secure startup as I don't need kids messing with my phone and I imagine after ten attempts if wipes it?
reaverclan said:
I turned off secure startup as I don't need kids messing with my phone and I imagine after ten attempts if wipes it?
Click to expand...
Click to collapse
30 attempts for secure boot
If I'm right, the op is taking about setting the fingerprint to unlock but it still requires the pattern. You will notice this if you use a third party app or launcher to lock screen. E.g. Nova launcher double tap to lock screen. It will tell you fingerprint is unavailable.
A work around to this is to doubly tap the top part of the screen (the bar where the date and signal strength is).
This will allow you to unlock with fingerprint.
If you use the stock lg launcher then double tapping anywhere on screen shows you to unlock using fingerprint.
koppee1 said:
If I'm right, the op is taking about setting the fingerprint to unlock but it still requires the pattern. You will notice this if you use a third party app or launcher to lock screen. E.g. Nova launcher double tap to lock screen. It will tell you fingerprint is unavailable.
A work around to this is to doubly tap the top part of the screen (the bar where the date and signal strength is).
This will allow you to unlock with fingerprint.
If you use the stock lg launcher then double tapping anywhere on screen shows you to unlock using fingerprint.
Click to expand...
Click to collapse
I'm working with a developer of Screen Lock Pro to try and find a workaround for this. Currently his app will work on Android 5 and 6 by delaying the lock for 5-10 seconds but it's currently not working on Android 7 on LG (it is working on Pixel and Nexus devices).
Hmmm... Not sure I understand this behavior. My fingerprint is much more complex than a 4-digit code that can eventually be brute-forced (phone wipe or not - in theory I mean).. so why wouldn't my fingerprint be the top-most factor in unlocking the phone? I mean.. say I'm one of those guys that uses his last four of an SSN like an idiot, and someone knows that about me.. boom, they're in my phone. Do iPhones do this for real (as stated above)?
CHH2 said:
It's not even Android. My work phone is an iPhone and it has the same behavior. Which drives me nuts because our work phones require us to change pin codes every couple of months and we can't recycle codes.
Click to expand...
Click to collapse
Interesting. I wonder what type of MDM Solution your company is running...
dbornack said:
Hmmm... Not sure I understand this behavior. My fingerprint is much more complex than a 4-digit code that can eventually be brute-forced (phone wipe or not - in theory I mean).. so why wouldn't my fingerprint be the top-most factor in unlocking the phone? I mean.. say I'm one of those guys that uses his last four of an SSN like an idiot, and someone knows that about me.. boom, they're in my phone. Do iPhones do this for real (as stated above)?
Click to expand...
Click to collapse
Yup, every time I restart my iPhone, it asks for my pin number and the finger print reader is inoperable. Even when I don't restart my iPhone for a while, it will occasionally lock out the reader and require a pin to wake.
rudbwoy said:
Interesting. I wonder what type of MDM Solution your company is running...
Click to expand...
Click to collapse
Had to figure out where in the menus to dig through to find out who it is. (I seriously do not like how Apple sets their phones up.) Looks like it is AWMDM.
CHH2 said:
Had to figure out where in the menus to dig through to find out who it is. (I seriously do not like how Apple sets their phones up.) Looks like it is AWMDM.
Click to expand...
Click to collapse
Airwatch, by VMware. MDM....aka you're being watched...
rudbwoy said:
Airwatch, by VMware. MDM....aka you're being watched...
Click to expand...
Click to collapse
I always assume as much. Not really a bother for me. The iPhone is a work phone that I don't like carrying or touching. My personal phone is always my go to for anything unless it is work related.
I have this on my nexus 6p also. When ever i reboot the phone it requires me to use my pattern to unlock. It's a "feature" of sorts. Not going to go into my thoughts as to why but i think i may understand why they did that.
In case anyone is wondering, a few conditions that force you to use backup method are being left alone (with no smart locks enabled or active) for 4 hours, a reboot, and a failed scan 5 times in a row.
The reboot case is due to encrypted data (no matter what you do, your phone is encrypted on boot, unless you fix that, however, you phone will still treat it as such). The only reason I can imagine for the time out is in case a ninja chops off your fingers in your sleep. As for the wrong input, that seems annoying sure, but odds are if you got the fingerprint wrong 5 times in a row, it's not you.
Yeah v10 does this as well on fresh boot ups.
I'm not sure I understand the reason behind it I would think it would be less secure this way.
Sent from my LG-H901 using XDA-Developers mobile app
Vuciz said:
In case anyone is wondering, a few conditions that force you to use backup method are being left alone (with no smart locks enabled or active) for 4 hours, a reboot, and a failed scan 5 times in a row.
The reboot case is due to encrypted data (no matter what you do, your phone is encrypted on boot, unless you fix that, however, you phone will still treat it as such). The only reason I can imagine for the time out is in case a ninja chops off your fingers in your sleep. As for the wrong input, that seems annoying sure, but odds are if you got the fingerprint wrong 5 times in a row, it's not you.
Click to expand...
Click to collapse
I'm not sure I'm following as to why encryption matters. Are you saying my fingerprint data is encrypted? If so, why isn't my PIN also encrypted?
Speaking of fingerprints has anyone run into the issue where the phone "forgets" your print? I have had this happen at random times and while the fingerprint data is still saved the phone fails to recognize my finger so I have to set it up again.
Sent from my LG-H901 using XDA-Developers mobile app