Pin Unlocking coming to Chrome OS - Chromebooks

Here at Chrome Unboxed, we are all about work flow. That’s one of the many reasons we are all about Chrome OS. Google continues to develop the operating system to be a seamless environment for its users. Whether it’s using gestures on your track pad or unlocking your Chromebook with your mobile device, Chrome OS is all about user experience.
The addition of Pin Unlock to the latest update of the Developer channel of Chrome OS gives us yet another option to maximize productivity. OMGChrome! reported yesterday that the Pin Unlock options has been made available in the experimental Canary Channel of Chrome OS. Upon further inspection this morning, I have found the option is available in the Developer Channel as well.
Similar to your mobile device, the Pin Unlock allows you to set a pin number to unlock your Chromebook instead of your account password. This is from the UNLOCK screen only, not the log in screen. This feature will be very useful if you happen to be in an environment where you are frequently having to walk away from your device of if you have an iPhone or Windows mobile device and are unable to use Smart Lock.
http://chromeunboxed.com/pin-unlock-coming-to-chrome-os/
Sent from my Nexus 6P using Tapatalk

Related

TOP 11 Tips To Secure Your Xperia

You have got the Android phone and have all your personal data stored in that which includes your passwords and all personal information which is too sensitive. Just like you think your Android phone is a precious belonging to you, same is the case with the data it holds. So what if your phone is stolen or hacked by someone or it is lost?
Each day, you like some app and try to get it for your Android phone. Well that is nice but even that lets your security to lose a bit of ground. To secure your Android phone’s data, you need to have a good knowledge about enhancing the security options. Also, you got to implement some things that shield you in the times when you can get your data to fall in some stranger’s basket. Learn how you secure it.
1. Use SE Android OS
When you get some app downloaded to your phone then you give it some or more access as well. This lessens up your security. To help you National Security Agency (NSA) has created a new SE Android OS. This is a version of Android OS which is much secure and locks your phone and data exploitation by the unknown.
2. Lock your Android phone
You can lock your Android phone by setting a passcode. To do so, go to the ‘settings menu’ and tap on ‘location and security’. You will see there an option to ‘set unlock pattern’. By locking your phone properly none can use it without your prior permission and your data stays secured and intact.
3. Advanced security options
MobileDefense, TenCube and WaveSecure are few good advanced security options that you can choose from. If you lose your phone or it is stolen away then in that case you get an option to wipe off all the personal data by using these kinds of app only.
4. Apps that secure your Android phone
Get your Android phone protected from web intruders by selecting powerful anti-malware apps like Lookout. With such an app you can be rest assured that your security will remain intact when you are browsing, using your Android phone.
5. SIM card lock
In an addition to the prior phone lock mentioned in this article, you must choose for a SIM card lock by setting up a PIN code. This will secure all your contact information and the data usually stored in a SIM.
6. Third party protection
Programs and software like AVG, Norton, Trend Micro help you in securing your data in various many ways. It is better to get the premium protection cover rather than going for the free ones because a premium one provides you with a complete protection cover.
7. Full device backup
There are apps like Titanium Backup which can help you in getting a clone or backup of your phone onto the hard disk of your computer. In the case of theft or severe physical damage to your phone, backup helps you to get everything as it was.
8. Dropbox
Dropbox is cloud storage software which works with Android OS and then gives you complete access over your data on the go. One has to sign up for a Dropbox account and then save all essential and needy files in it. Without a Dropbox, you cannot thing of the backup of your data.
9. How Google helps in securing
When you have an Android phone that means, everything you use from an email to apps and contact information; all this stays with your [email protected] account and address. Simply add that to your new phone and import everything from there to the new device.
10. Secure data with AndroidLost
Go to the Android Market and search there for AndroidLost. When you find this application, install it to your Android phone (this is free for all Android gadgets and devices). By logging in with your Google account to the AndroidLost website you have full command over your data, even when the phone is not with you.
11.MY XPERIA
If you happen to misplace your Xperia™ device, the my Xperia service helps you to find it and protect private information by locking your device or even deleting all information on your device. The my Xperia service is offered by Sony Mobile Communications free of charge.
The my Xperia service uses the Google account on your device. If you are using several Google accounts on your device, you can sign in with any of them. You can connect several devices to my Xperia, using the same Google account.
For the my Xperia service to work, your smartphone or tablet must be turned on and has to have a working data connection.:angel:​
Nice tips to get a bond phone
Can u elaborate first point??
drsanket_xperia_u said:
Nice tips to get a bond phone
Can u elaborate first point??
Click to expand...
Click to collapse
defn by wiki-
What is SE for Android?
Security Enhancements for Android™ (SE for Android) is a project to identify and address critical gaps in the security of Android. Initially, the project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the project is not limited to SELinux.
SE for Android also refers to the reference implementation produced by the project. The current reference implementation provides a worked example of how to enable and apply SELinux at the lower layers of the Android software stack and provides a working demonstration of the value provided by SELinux in confining various root exploits and application vulnerabilities.
hope it helped....
is there an easy way to see if youre phone is getting hacked/virus? like a tools. because sometimes after 2-3 months my phone become slower and slower (need to reflash it again) and i use the phone just for daily basis like call, internet, messaging.
noel_din said:
is there an easy way to see if youre phone is getting hacked/virus? like a tools. because sometimes after 2-3 months my phone become slower and slower (need to reflash it again) and i use the phone just for daily basis like call, internet, messaging.
Click to expand...
Click to collapse
it shoud nt hapn if rooted use avast security..:angel:
C00ldUdE8655 said:
it shoud nt hapn if rooted use avast security..:angel:
Click to expand...
Click to collapse
rooted use avast security? protect with avast you mean? i do that, but my sola will slow down to the point i want to hit a wall with it :laugh:
Great tips man...like it
Sent From C6603 Using xda premium
Encang_Rojali said:
Great tips man...like it
Sent From C6603 Using xda premium
Click to expand...
Click to collapse
liked it..prezz **THANKS**
C00ldUdE8655 said:
You have got the Android phone and have all your personal data stored in that which includes your passwords and all personal information which is too sensitive. Just like you think your Android phone is a precious belonging to you, same is the case with the data it holds. So what if your phone is stolen or hacked by someone or it is lost?
Each day, you like some app and try to get it for your Android phone. Well that is nice but even that lets your security to lose a bit of ground. To secure your Android phone’s data, you need to have a good knowledge about enhancing the security options. Also, you got to implement some things that shield you in the times when you can get your data to fall in some stranger’s basket. Learn how you secure it.
1. Use SE Android OS
When you get some app downloaded to your phone then you give it some or more access as well. This lessens up your security. To help you National Security Agency (NSA) has created a new SE Android OS. This is a version of Android OS which is much secure and locks your phone and data exploitation by the unknown.
2. Lock your Android phone
You can lock your Android phone by setting a passcode. To do so, go to the ‘settings menu’ and tap on ‘location and security’. You will see there an option to ‘set unlock pattern’. By locking your phone properly none can use it without your prior permission and your data stays secured and intact.
3. Advanced security options
MobileDefense, TenCube and WaveSecure are few good advanced security options that you can choose from. If you lose your phone or it is stolen away then in that case you get an option to wipe off all the personal data by using these kinds of app only.
4. Apps that secure your Android phone
Get your Android phone protected from web intruders by selecting powerful anti-malware apps like Lookout. With such an app you can be rest assured that your security will remain intact when you are browsing, using your Android phone.
5. SIM card lock
In an addition to the prior phone lock mentioned in this article, you must choose for a SIM card lock by setting up a PIN code. This will secure all your contact information and the data usually stored in a SIM.
6. Third party protection
Programs and software like AVG, Norton, Trend Micro help you in securing your data in various many ways. It is better to get the premium protection cover rather than going for the free ones because a premium one provides you with a complete protection cover.
7. Full device backup
There are apps like Titanium Backup which can help you in getting a clone or backup of your phone onto the hard disk of your computer. In the case of theft or severe physical damage to your phone, backup helps you to get everything as it was.
8. Dropbox
Dropbox is cloud storage software which works with Android OS and then gives you complete access over your data on the go. One has to sign up for a Dropbox account and then save all essential and needy files in it. Without a Dropbox, you cannot thing of the backup of your data.
9. How Google helps in securing
When you have an Android phone that means, everything you use from an email to apps and contact information; all this stays with your [email protected] account and address. Simply add that to your new phone and import everything from there to the new device.
10. Secure data with AndroidLost
Go to the Android Market and search there for AndroidLost. When you find this application, install it to your Android phone (this is free for all Android gadgets and devices). By logging in with your Google account to the AndroidLost website you have full command over your data, even when the phone is not with you.
11.MY XPERIA
If you happen to misplace your Xperia™ device, the my Xperia service helps you to find it and protect private information by locking your device or even deleting all information on your device. The my Xperia service is offered by Sony Mobile Communications free of charge.
The my Xperia service uses the Google account on your device. If you are using several Google accounts on your device, you can sign in with any of them. You can connect several devices to my Xperia, using the same Google account.
For the my Xperia service to work, your smartphone or tablet must be turned on and has to have a working data connection.:angel:​
Click to expand...
Click to collapse
OK, a good comprehensive list...can you give a poiner to start working with SELinux...something that will help me start developing policies or something?
please add the source. ive read the same post somewhere
Nice tips bro, like it!

[Q] Custom Rom For Enterprise Deployment

Ok... I am Software Engineer and I have been developing mostly for Windows environments, but recently started getting into Android. I want to get more into the Operating System from a lower level. I am looking to build a custom ROM that must meet certain requirements to be used.
What I would like to do for a specific device:
1) Strip stock ROM of bloatware
2) Use SSH Tunnel for all data traffic (3G/4G, WiFi, etc.)
- This will have to be an embedded setup so that the device will always be using the SSH Tunnel to encrypt data accessing from company resources.
- If at all possible, block sites that are normally blocked when on the physical network.
3) Company Email, Contacts, and Calendar information to be synced from Lotus Notes to native android applications using only the SSH Tunnel connection.
4) Enforce password requirement for phone lock screen.
5) Change the OTA Device Update server to create my own.
- Insight as to how I would host my own on my internal network would be appreciated, if it is at all possible.
6) Detect company secure WiFi Access Points and only permit automatic switching to these sources for data, others (unsecured) will need to manually connected.
Now, I know how to make a custom ROM, where I am stripping bloatware and pre-rooting and such so I don't need help with requirement 1.
However, I have no clue where to start with the security aspect of this. Is it possible to embed all the settings into the OS configuration for routing data over a secure and encrypted source? This is an absolutely imperative thing, where Corporate Security mandates that the syncing of emails and such must be done over an encrypted connection. If SSH tunneling is not the best solution, perhaps VPN? Our company currently deploys Cisco AnyConnect for VPN from company laptops. Again, this has to be built into the configuration of the device. The user cannot have the ability to turn off/on this feature (unless the root or do various other violations to corporate policy). Speed is not a concern, these are work devices and only need to be reliable in accessing work resources.
As for requirement 4, is there any way to force a password lock on the device? Maybe deploy the ROM in some sort of initial setup mode (similar to Microsoft's OOBE for windows), where they are prompted to create there phone password and enter various other credentials to setup the email syncing with the native email client?
For requirement 5 & 6, well these are just pipe dreams. If they could be done, and not require a UI to manage them, then it would be great. However, I figure this would be not so easy to do.
The reason why this all has to be built in and configured, is because the user cannot be given the option to disable these features with a simple UI. Also, the phones can not receive carrier specific OTA updates, that would wipe this system configurations. The update server has to be possible, as all the carriers currently host there own. There has to be a way to build my own and deploy my ROM as an official release to the device without having to have a custom recovery or root.
Any insight into any of this would be great. For the most part I am looking for the built in network access features that I discussed above and insight on how to accomplish this if at all possible. Everything else could just be whatever input you are willing to provide. I realize this is a big project, but the result will be a phenomenal step in securing and expanding company resources. I realize there may be enterprise solutions out there that will already accomplish most of this, but I am looking to stay away from those options.
mkruluts said:
Also, the phones can not receive carrier specific OTA updates, that would wipe this system configurations. The update server has to be possible, as all the carriers currently host there own.
Click to expand...
Click to collapse
Hello mkruluts,
where did you get that the carriers host their own servers?
I would seriously be interested.
Optimally, do you have a link?
I read on this forum that even the branded updates come from a manufacturer's server:
http://forum.xda-developers.com/showpost.php?p=43915102&postcount=574
"HTC gets the go ahead to push it OTA from their servers"
http://forum.xda-developers.com/showpost.php?p=8525999&postcount=141
"The vendor's servers are tied to the carrier network."
--Droiderino

Nexus Imprint User Control Considerations(UCCs)

I am very excited to have access to bio-metric security on my new phone. However, for those of us in the U.S., there is one security exception that you should consider.
While its generally understood that no one, by law, may compel you to reveal a password; fingerprints themselves are NOT legally protected by the 5th amendment. There is precedence set that interprets the legal right for law enforcement to collect blood and DNA samples as evidence clearly extending to fingerprints.
If you want to fact check that, just google 'forced to fingerprint unlock' and you can pick from sources you trust the most:good:
Therefore, I want to know what XDA has to say about this. We have the phones now.What can we do?
My idea involved allowing the user to use fingerprints to authorize actions within the OS for speed(Ie Android pay,play-store purchases,access to contacts, etc), however disallowing fingerprint authentication for device unlocking and rely on PIN only. I think that is the best way to balance ease of use and security that a fingerprint reader adds while also avoiding the general lack of control over the authentication method used( fingerprints).
Even Google admits in the documentation, and I quote, "A physical copy of your fingerprint could be used to unlock your phone. You leave fingerprints on many things you touch, including your phone."(https://support.google.com/nexus/answer/6285273).
Therefore a third party having control over your fingerprints is admittedly a valid concern. Therefore Nexus imprint is NOT a secure authentication method UNLESS paired with a pin code. I think Two-Factor authentication is required here. We want to make sure that no one has both factors. 1 isn't enough here. They tell us that a PIN is better. Why not a fusion of both? Why cant I do TRUE 2-Factor and do PIN+print unlocks?
My questions to the community are these:
1. Do you really care about this?
2. Is there some sort of built-in way to implement this functionality with Nexus imprint already? I haven't found it yet.
3. Would you be interested in a application or system modification that did this?
It sort of already has a build in workaround. The phone requires pin after boot, so if you are about to be arrested.. shut down the phone.
Also if you use any third party app to lock the device, it needs pin to unlock (e.g. Nova double tap to lock screen).
1. No.
I see imprint as a convenience, not another factor. It improves security for me by allowing me to keep my phone locked with a strong password, without the inconvenience of having to enter it every time I pick up my phone.
A pin/password to unlock and in each app's "App info" settings dialog a switch where you could toggle Imprint/Voice/Face does sound ideal. This way the user is not left hoping the app developer implements these features. My banking app does Face/voice/pin, and I assume they'll eventually add Imprint, but I'd prefer the operating system gave me, the user, this power in much the same way they've given us granular control over some permissions & notification access. This actually seems like the logical next step to Screen Pinning.

Can't you use faceID for banking authentication?

I was under the impression that on Android pie Google would allow all biometrics as options to login to apps instead of fingerprint only.
Is anyone successful with this?
I'm guessing no as face recognition isn't very secure.
Having said that I use the fingerprint sensor.
Huawei Mate20 Pro LYA-L09
taniwhatuu said:
I'm guessing no as face recognition isn't very secure.
Having said that I use the fingerprint sensor.
Huawei Mate20 Pro LYA-L09
Click to expand...
Click to collapse
This is not the standard face recognition that most android phones use. This is with a dot projector and infrared light like the iPhone X models
I think it requires 3rd party developers to implement. Can't really see this happening as only a few phones have the 3d face scanning built in. I mean I think even Huawei doesn't have any apps that uses this technology i.e vault or secure notes.
Faspaiso said:
I was under the impression that on Android pie Google would allow all biometrics as options to login to apps instead of fingerprint only.
Is anyone successful with this?
Click to expand...
Click to collapse
I haven't tried my banking app yet but google pay uses it.
It is also just as secure as fingerprint and as secure as iphone.
addicted2phones said:
I think it requires 3rd party developers to implement. Can't really see this happening as only a few phones have the 3d face scanning built in. I mean I think even Huawei doesn't have any apps that uses this technology i.e vault or secure notes.
Click to expand...
Click to collapse
It was just my understanding that Google implemented it for Pie the same way as for iOS. The apps for ios is just coded for biometric. No need to specify if it should be faceID or an older touchid phone.
So the apps should just ask for biometric authentication and therefor it should use whatever I has active.
The app developer would need to code it for FaceID, both my banking apps have settings within the app to use fingerprint login, there would be a setting required to provide faceID login likewise. The same also applies to my phone carriers usage meter, they have only just modified it for fingerprint login.
Sent from my HUAWEI LYA-L09 using XDA Labs
There is currently no Android standard for face unlock so using it as an identification for banking apps or making payments would be very insecure. Different Android phones currently use different methods to implement face unlock and some of those methods can be bypassed with a photograph.

General about GrapheneOS

Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
I too would be interested to hear about anyones experience regarding this OS
johndoe118 said:
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
Click to expand...
Click to collapse
I'm interested in this ROM too. I have a Pixel 3a. I haven't flashed it yet because I'm trying to find out what people's experiences are first. There doesn't seem to be a lot of posts about it. Did you ever flash it? Also, what do you mean by "hardcoded Google domains"?
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi. That was one reason why I lost interest in the ROM. The other was the limited device support and missing root access. I absolutely need access to the iptables. As a one-man show, the ROM can be adjusted at any time.
johndoe118 said:
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi.
Click to expand...
Click to collapse
Do you have some kind of reference for that? I'm using it now and would really like some proof to bring up in their subreddit as a WTF.
graphene seems great, no root does not
I don't want the bootloader locked.
I want Magisk extensions
I need root for LP _only_ to remove ads. Is there something like LP that allows (interactively) disabling app activities?
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204
Click to expand...
Click to collapse
nay_ said:
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
Click to expand...
Click to collapse
Thanks, right from there
I have Graphene OS taimen-factory-2020.07.06.20.zip on my Pixel 2 XL.Under "System update settings" is "Check for updates" but nothing happens if I tap.Only the field becomes darker.Has someone experience with this?
Update with adb sideloading to 2020.08.03.22 works.
OTA update from 2020.08.03.22 to 2020.08.07.01 likewise.
I'm personally not a fan of these kinds of projects, they aren't really all that 'secure', you're still using proprietary vendor blobs and such
help please
Hello! In the description
I pointed out that you can change servers just not through the GUI.
Has anyone tried this?
```
Providing a toggle in the Settings app for using connectivitycheck.grapheneos.org as an alternative is planned. The option to blend into the crowd with the standard URLs is important and must remain supported for people who need to be able to blend in rather than getting the nice feeling that comes from using GrapheneOS servers. It's possible to use connectivitycheck.grapheneos.org already, but not via the GUI.
```
captive portal leak + location services data leak
Few points:
1. General idea is that privacy/security oriented OS (as graphene is advertised) should limit network activity as much as possible, and not ping google using captive portal service every few seconds providing perfect IP-based location to google
It is possible to switch it off, but should be off by default
2. Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google):
"blog.wirelessmoves.com/2014/08/supl-reveals-my-identity-and-location-to-google.html"
Graphene still allows those connections (check their FAQ on website)
W/O root no way to switch this off. Even some devices ignore config files and still leak data (on the level of cellular modem most probably)
3. Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
w/o root no way to install afwall to block everything
Is graphene built-in firewall capable of blocking system services from network access?

Categories

Resources