Related
Someone mentioned this in another thread, but this is a topic that should have it's own separate thread.
Some of you may have already read the news: Michigan: Police Search Cell Phones During Traffic Stops
Don't assume it won't come to your town.
I can't say I plan to do anything that would warrant police suspicion, yet I don't like the idea of anyone being able to easily pull data from my device. And we know cops won't be the only ones with these devices. So I've been wondering, how can we protect our Android devices from the CelleBrite UFED?
Check out this video that shows some of the features it has, keep in mind it does much more and can even extract DELETED data.
See the company's product page here: http://www.cellebrite.com/forensic-products/ufed-physical-pro.html
This research paper talks about the CelleBrite UFED and other extraction methods. (CelleBrite UFED is talked about starting on page 9.) I doubt there's a means to prevent all of those methods given some involve long term handling of the device, but CelleBrite UFED can extract data when a device is retained by the CelleBrite UFED user for a short period of time. It looks like HTC Android type devices can only be extracted from via the (micro)USB Port and it requires USB Storage and USB Debugging turned on. The CelleBrite UFED has to gain Root Access. It can get by screen passwords and root even a device that was not yet rooted.
There's another thread where someone was requesting a ROM that would not work with the CelleBrite UFED. I'm not sure how to make a ROM or anything else that would not work with the CelleBrite UFED without limiting certain features we all may use from time to time.
Over on Slashdot, someone said they hacked their device (Nexus One) to not do USB client mode. This is another option that would limit some features many of us may use.
So, how can we protect our privacy and our data? Does it mean sacrificing some features like USB storage mode?
The biggest problem is what's missing from Android itself. Meego might be protected but not Android.
You would need an encrypted boot loader that retains root for some users.
A kernel and os files that support different users so the default user is not root like Linux and a prompt with a password for superusers not just an Allow like now for Android.
Encryption libraries that would support truecrypt encryption of both internal and external (SD card) encryption in toto not just individual files.
A true trash system that overwrites files like srm in linux and sswap for wiping the swap file after every system reboot.
Ultimately I don't see it happening. In theory if you were running Ubuntu on your phone then yes cellbrite would just crap out not knowing what to do with your phone. Same possibly with meego. But then no real app support, no navigation and driver support is crap even for ROMs using the same os let alone a different OS like true linux.
It's amazing how many don't even bother deleting thumbnails hanging around on their computers or securely wiping files on their computer. Same with swap files retaining passwords or even website cookies that have the same password as their computer.
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
This is where that cheap Boost Mobile phone comes in, or any other prepay phone. Just hand the officer that one. Store your personal data on your smartphone.
chbennett said:
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
Click to expand...
Click to collapse
Hello, All. This is my first post at xda-developers!
Since I'm new to Android, data security has concerned me. Climbing the learning curve of rooting and tweaking my SGH-T989, I've focused on control, security, and privacy. So far pretty good, thanks largely to members' posts at this site. Thank you very much!
Then this thread crushed me. Visions of "1984", "THX 1138", "Terminator", etc.
I considered the suggestions here. Thoughts about the OS seem right to me, but that's beyond my abilities. I did try following chbennett's advice: I enabled encryption in my backups and moved them to the internal SD.
But I don't yet know how to do the 'home server / log in on demand' scheme for contacts and calendar. I will appreciate any help with that.
Meanwhile, I looked for a way to make a 'panic button' that would let me wipe my phone immediately. What I chose was making a contact whose phone number is the USSD code for Factory data reset.
Maybe Tasker, etc. could streamline this approach; but my trials showed that, unlike MMI codes (e.g., to toggle caller ID blocking), USSD codes cannot be submitted to the OS indirectly. So swiping a contact, direct dial shortcut, etc. did not work. On my phone, all that worked was either 1. manually dialing the code, or 2. dialing the contact name, then tapping the contact.
So the routine to use this 'panic button' is:
1. launch Dialer
2. dial the contact name
3. tap the contact name in the search results
4. tap "Format USB storage" in the "Factory data reset" dialog
5. tap "Reset phone" button in the "Factory data reset" dialog.
It sounds clunky, but it's actually pretty quick. I named the panic button contact "XXX" to avoid confusability when dialing (it needs only "XX" for a unique match.)
If you can suggest improvements to this scheme, or think it is misguided, please let me know. Thanks.
Any updates on this? I'm curious as to how to guard against ufed.
I think an instant hard brick option would be better so theres nothing to recover as i dont believe the factory reset is a secure wipe
Possibly a voice activated secret phrase or keypress u could say/do super fast in a tricky situation that autoflashes a corrupt/incompatible bootloader and recovery to device after secure superwipe that should stump them for awhile
im still interested in this i disabled usb debugging on my phone but unsure if the UFED can still access anything on my ICS full encrypted passworded evo3d im assuming they could dump the data at most but i highly doubt they could access the decrypted data unless you used an insecure pass
If you have encryption enabled for your data partition, then all you need to do is to turn off your phone when you see a cop. If they take it from you, they can turn it on and hook up their device, but they will only be able to snarf the system partition, which does them no good. They'd need your password to mount the data partition.
If you look around on this forum, you can find the steps necessary to switch the lock screen back to a simple pattern lock while leaving the disk encryption enabled.
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
dardack said:
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
Click to expand...
Click to collapse
I'd like to know about this too. I am about to set up encryption on my device and I'd like to know more about what type of attacks it can beat.
Edit to add: I assume brute force attack protection is like any other type of encryption.....dependent on the strength of your password. But, assuming we all know that already, I'm still curious about this.
If the question is how to protect your device when you think someone would scan your phone, you'd have to have some sort of inclination that a scan is about to happen. I'm assuming this is many people's concern as they're considering wiping their device through a quick process. In that scenario, just turn off your device. Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
smokeydriver said:
...Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
Click to expand...
Click to collapse
We all wish all law enforcement was just and honest, but so far in world history that has not been the case. Even a pretty woman may have her phone scanned by a curious cop snooping for pics.
Sent from my HTC One using Tapatalk 2
I would still like to know if there is an answer here...
So I recently had some dealing with assisting in a Cellbrite search. We initiated and enlisted the help of law enforcement for an employee who was doing some illegal activity which is not relevant to this discussion other than the person used an iphone. Anyway, the investigator came in and wanted to know if I can enable the bypass for the automatic screen lock in 5 minutes because when it locked, it disabled the Cellbrite copy.
Now, couple things here, he was only doing what he was "allowed' to do in the local municipality, and he did say they sell a more expensive Cellbrite device which would be able to crack it. I did find it interesting that the simple corporate Activesync policy I have set up was actually having this effect. Anyway I removed the policy and it worked. Funny thing is he could have done it himself had he known anything about that kind of thing. He was presented to us as an expert but I guess that mainly covered a basic Cellbrite expertise.
So, I do think encryption would be a great answer as the partition would be hard to bust in to. Nothing is impossible but I would rather not smash my phone on the highway next time I get pulled over so I would like to know definitively that this is the right approach. This is definitely not paranoia as there are at least 3 states where it looks like it happens regularly.
Time to look at a 2600 group for stuff like this I guess. I am early in my investigation
Later
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Just a detail, but the SGS2 doesn't have the NFC functionality. Project seems to be possible, I would look into CyanogenMod sources if I was you.
Sent from my GT-I9100 using XDA App
Why are you afraid of leaving the phone rooted and in hands of the patient?
Is he so uncritical that he can search the web and find means of unrooting a mobile phone and then get around to actually doing it?
LucLucLuc said:
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Click to expand...
Click to collapse
Block all internet access apart from ones you want or you can just setup iptables rules, shouldnt need root apart from when setting it up
As far as removing programs, just delete the apks from the zip, or before you remove root. My sig has a list of all apks in a upto date rom and what they do.
You can use gemini app manager to control autoruns (stop them etc) also to block (hide and disable apps)
As far removing root, your best bet is to once you are done, use adb (from the android sdk) to remove the superuser.apk then flash the stock kernel back, as far as I know without superuser apps cant grain root permisions.
OR
This app will allow you to block any app behind a password
This app will block incoming and outgoing sms and calls on white and blacklists
Custom boot logo (the first screen before the animation)
Custom boot animation need to go into system/media, I am not sure about the format but there are loads around, like this thread has loads, stock kernel should support them.
I hope that helps
Most of that is easily possible.
If you listed the apps needing removed, the apk files just need deleted.
To control calls, you can use a third party app from market for that.
It's possible to have the custom rom unrooted, and easily flashed, regardless of how badly the phone gets rooted
Boot animation is easy anyway... If you can provide it in a zip like other ones (zip containing numbered png's) then it's a piece of cake.
A little bit of clever firewall stuff would prevent any web traffic, in or out, except to your defined server, which is obviously a concern when a phone is handling sensitive medical info.
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
LucLucLuc, not sure where you live, but you're entering the patient confidentiality minefield with big, big boots.
Apart from the legal considerations, your question is definitely OS related and not device related.
I see what you want, but legally - where I live anyway - it's too much of a grey area to get involved with.
I use call recording a lot for referrals and info from other doctors, but I've always asked the other party if they're OK with it. I won't record patient conversations, and I won't accept any files whatsoever that have seen RIS or PACS first - not worth it.
Can't see it's worth your while, but I'd appreciate it if you keep me informed should you decide to work on it.
Big boots indeed
We are from Slovenia, Europe.
I'm actually just a student doing the research and some basic Android programming, thank god I wasn't let into the bigger of the projects
But yes, this project is a colaboration of several european firms and you can read more about it at chiron-project.eu - it's a very very interesting project afaic.
I don't think we'll be swimming with lawyer piranhas soon though, the project uses sensor data (which sorta is a privacy issue) which will be monitored on a tablet running Android (currently testing the Galaxy tab 10.1 - we were lucky to order one before Steve had another one of his fits), proccessed in real time and then stored on the central server, from where it will only be accessible by the patients doctor.
Patient consents are dealt with before we even start talking about mobile hospitalizations.
It's very encouraging to see some actual interest, if anyone wants to know more about anything related to this project contact me at [email protected]
Thanks again for all the help.
Back Story:
My phone was left in my house (shared with other people) yesterday while I was at work. When I got home I was checking missed calls, voicemail etc and I noticed that some text messages were missing. I looked a bit more and it seems that 2 seperate sms message threads had been deleted and a number of contacts had been deleted too. Now, this has happened before to another housemate but we couldn't prove that it had been done. We are pretty sure we know who did it but I need concrete evidence that the phone was accessed.
Phone Specs: Samsung Galaxy S2, rooted, running CM7 latest nightly. I also have Cerebrus installed if that helps.
So my questions are as follows:
1) Is it possible to see what activity was happening on my phone yesterday? I don't have any "logging" software running.
2) Is it possible to retrieve the deleted SMS messages?
I work in IT so am pretty tech savvy, just not in the workings of the Android OS!
All help greatly appreciated.
P.S. I have already been able to restore the contacts that were deleted using the restore functionality in gmail.
The short answer is no. It is, at least in theory, possible to "undelete" stuff, but it isn't usually practical. Even if you did, you wouldn't have "proof" in the legal sense.
That said, I have been involved in a similar situation. Here's the approach we used. It is reasonable to assume that this behavior will continue. Therefore, get some logging software installed. Do NOT talk about it. Do nothing out of the ordinary. Just quietly install some software that will let you see what is going on with your phone. I know there are apps which will email an alert when accessed, snap a pic from the front-facing camera, log SMS to email, remotely lock the phone, etc etc. Based on what you need to accomplish, get these set up and then BE PATIENT. wait a few days (unless you normally leave your phone at home) and leave it again when the person in question might be around.
A pic would be sufficient proof I would think for confronting a roomie. If nothing else log your sms's. I use integrated Google Voice so I'd get an alert on my PC even if I didn't have the phone (very handy, that), but that may not be an option for you.
I also use SeekDroid for remote locking, and I -think- there's a remote camera provision, but it's at a higher paid level than I am subscribed to. At any rate that's my suggestions.
Or, the simple solution: Put a better lock code on your phone.
-JB
A lock code would help prevent the behavior in the future. For catching the vandal red-handed, I believe an app like Gotcha! may do what you need.
Hello all,
I am a newbie to Android just like I am a newbie to that forum. I'd just like to share something I did recently, it might be interesting to some of you.
To start with, I am not at all a mobile guy. My hobbies are related to big and noisy machines, password security and GPU cracking.
I have an old HTC Wildfire though and I recently had to analyze an Android application (LastPass) so that I can perform offline GPU password recovery against its local database. Which in turn made my life more interesting
Until that point I never bothered to play with my phone as I only used it for calls, messaging and occasional browsing. My job is related to embedded development (mostly infotainment systems) so that at least I have some knowledge about that stuff...not exactly Android though, more like linux-based systems.
So while playing with LastPass, I quickly get accustomed to adb then it turned out LastPass stores its database on /data/data which apparently I had no access too. Reading some stuff about rooting my phone lead me to the impression it is going to be a problematic thing to do (disabling S-ON, updating bootloader, flashing other images and I have no experience with this). Well, I quickly found out there is a local exploit for Android <2.3 which had a funny starcraft name, so I tried it. To my surprise it worked and I was able to acquire the needed data.
Then after some time I decided to look at that /data filesystem again and I was surprised to find out quite a lot of stuff (contacts, messages, browsing history, all in sqlite3 databases). But I was really like struck when I discovered cache.wifi and cache.cell. I couldn't believe my eyes, then I googled it and it turned out this is all old news. But basically it's quite nice way to know where the phone owner was located some time ago. Then of course, Android limits that to last 200 wifi access points and last 50 GSM BTS'es.
Then suddenly I remembered the fact that this data is kept on NAND memory with a filesystem (yaffs2) that does software wear-leveling. Which means, we are likely to have several versions of the logical block split over several physical blocks.
So out of curiousity, I quickly coded some quick'n'dirty scripts to nanddump the device, then some ugly C code to carve the dump, looking for geocache data. Using the data recovered that way, we create a simple HTML file with some javascript to display all the GPS poistions over google maps. The end result was fun, I was able to remember where I was say one year ago (and my memory is bad).
The PoC code is attached. It's rather ugly and coarse, but it works (for me ). It runs on linux only (sorry). Feel free to experiment with it.
Regards,
Milen
I've found other threads about a similar issue, but not for the SG III
The character limit in Android contacts notes field, THAT CAN BE EDITED DIRECTLY IN THE PHONE seems to be about 1000, (968 according to some users)
This also seems to be related only to SAMSUNG version of contacts.
Has anyone found a workaround to this limit?
The bad news are that if you sync with Outlook, you may end up with a loss of information.
I know, I know: 1000 is a lot, contacts is not a CRM program, etc, but any help will be really wellcome.
Regards.
Contacts notes field character limitations
This issue of a limited notes field in the contacts app - while it seems like such a small one to most people - greatly affects many of us who utilize the contacts in our Gmail accounts to store a great deal of information (usually, I have found, due to the kind of work we do). Frankly, for me the limitation is important enough that it has affected and continues to affect which phones and tablets I purchase.
There are only a few Android phones that do not have this limitation. Fortunately, the HTC One M8 and M9 don't have character limits in the notes field of the contacts app. (If you've stood in a store and copied and pasted many times over to test this, you'll want to know that there's a simple tell I've found - the name of the contacts app. If it's called "People," as is the case with the Samsung phones, so far everyone I've tested has had the limitation. If, instead, it's called "Contacts," as is the case with the HTC phones, then there's no limitation.
Some have theorized to me that the phone manufacturers include this limitation knowingly in order to keep phones from being overburdened by data. I have a difficult time believing this, partly because I have approximately 10,000 contacts, and in the accompanying notes fields I store everything from copies of correspondence to research to articles related to the contacts. I've never come close to any data storage space issues related to this particular issue. By the way, there's a bit of a work around with regard to this issue, though it's nowhere near helpful enough to change my feature priorities when looking for a new phone - something I do every six months or so. You can use a PC to do your major notes field creating and editing - and as long as you don't need to make any changes via your mobile device, you can get along OK. That is, while you can edit the notes field using unlimited characters space on your laptop, then read everything in the app on the phone, any editing on your mobile device done in notes which exceed the limit is limited by the character limitation.
I love my HTC, but I probably would be using a Samsung were it not for this issue. I've spent some considerable time - and many different times - on the phone with people at Samsung about this issue. Most of the time, after lengthy back and forth conversations (most people don't fully understand the issue initially; then, once they do, their usual responses range from some level of disinterest to judgments about why no one should ever need to reach much less exceed the maximum), I rarely can get anyone in either support or development to even agree to mention the issue to the development teams with which they at least share company benefits.
This issue is one of several that restrict the phones I buy. Unlike many (I'm guessing, based on the number of phones built with the relevant specs), a micro SD card is important to me. The importance to me of that one feature narrows the phones in my market considerably. In fact, based on very unscientific research, I believe my desire/need for a phone with a micro SD card and unlimited space in the notes field of the contacts app limits me currently to precisely two phones - the HTC One M9 (my current phone) and the Sony Xperia Z. As to high-end tablets, I own a Google Nexus 7 because it doesn't limit the notes field, but I just bought a Sony Xperia z2 tablet (because it also has a micro SD card).
Fortunately for me, both the HTC One M9 smartphone and the Sony Xperia z2 tablet are top-notch pieces of hardware. I used to own a Motorola Droid Razr M - when it included an SD card - because it, too, didn't limit the notes field. But it no longer has an SD card.
Surely there is some way for the phone manufacturers to get rid of what seems to be a spurious limitation. I know, for me, at least it would give me the opportunity to purchase from a less limited market.
Thanks
Thanks so much for your comment that I absolutly agree with.
My Contactc list is about 5000, with the same issues and use as yours.
I'm also commited to devices supporting external SD cards, it has saved my day a few times already
Just to be fair, I've to comment some "news" on the issue.
I'm actually on LG band (LG G-III to be more precise) and It's both a capable and excellent performer, with less limitations tan current Samsung devices (not to mention the iPhone-likes S6 family)
Regarding the notes field, LG (Or KitKat/Lollipop, not sure) has a different approach, though a bit cumbersome:
When you open in your device an existing contact from your Contacts list, in the Notes field (NOT created by default on new contacts, you have to manually add it) the number of characters SHOWN is limited to about 1000 characters.... this limit applies ONLY to how many characters are DISPLAYED.
BUT if you enter the edit mode inside the contact ... .¡THERE IS NO LIMITATION! NO LOSS OF INFORMATION EITHER IN THE PROCESS OF SYNCING. you read/edit the NOTES field in FULL with no limitations.
As soon as you "Save" or "exit" the edit mode, you are back to the restricted character display, but the "rest of the info" is there.
IN SHORT: The LIMIT is in the number of characters displayed NOT in the STORED info.
It may help you broaden your device buying options as it did with mines.
I don't know if this applies to other devices.
Give it a try if you like.
Regards.
Simpler problem for my s4 is not enough characters in the contact name field...only 17 characters doesn't cut it. Also curious why I don't have the plus/minus symbols for adding another number to a contact (say they had home/office/fax/etc). What did I turn off that affected the plus/minus symbol?
asdfasfd said:
Simpler problem for my s4 is not enough characters in the contact name field...only 17 characters doesn't cut it. Also curious why I don't have the plus/minus symbols for adding another number to a contact (say they had home/office/fax/etc). What did I turn off that affected the plus/minus symbol?
Click to expand...
Click to collapse
Never heard of such a thing, it has to be a different issue. Maybe you should reset your device to get a fresh Contact manager start-up.
Sorry not being able to help.
Regards.