Serious ways to bypass a screen lock without data loss - Samsung Galaxy S21 Questions

Hello all,
In my circle of friends there was a suicide case and I was asked by the family if I would be able to remove a screen lock from a Samsung Galaxy S21. The family can't explain why their son killed himself and would like answers to all their questions. They assume that there is information on the phone or reasons for the suicide.
Are there any serious ways to get around such a block? I don't have much information about the device yet, nor do I currently have it with me. Maybe there are exploits or bruteforce toolkits to bypass the lockscreen. Programs like Tenorshare 4uKey or PassFab Android Unlocker are probably scam or?
I will get the device in the next week and could provide more information then.
Currently the following information is available:
Device Model: Samsung Galaxy S21 5G | Samsung SM-G991B | Android 11 | One UI 3.1
Mobile contract: active
SMS PIN & PUK: available
Google account credentials: available and valid and linked to the device but no backups available in Google Drive
Samsung account credentials: present and valid but not associated with the device so no backups available
Does the approach via Kali Nethunter and a HID keyboard attack work with a current Android Samsung Galaxy S21 bruteforcing or do you always get into the temporally increasing lock?

A data recovery $pecialist might be able to, ask the police for assistance.
Find the password for the lockscreen, or maybe through their Gmail or Samsung accounts, again passwords needed.
I think if they wanted you in the phone they would have unlocked it...

blackhawk said:
A data recovery $pecialist might be able to, ask the police for assistance.
Find the password for the lockscreen, or maybe through their Gmail or Samsung accounts, again passwords needed.
I think if they wanted you in the phone they would have unlocked it...
Click to expand...
Click to collapse
This is not a helpful answer.
The police in this country does not help in such matters if it is assumed that no outside influence was involved.
A data recovery specialist also only executes toolkits or exploits. I am also able to do this if someone gives me a hint which toolkits or exploits would come into question for this model. I work as a sysadmin myself and therefore I am not completely untalented technically. I just lack information about which approach would be the best.

This is a community of people who like to hack their phones, not hack into other people's phones... which is considered unethical.

Are you serious?
You really think it's unethical when a 21 year old boy takes his own life overnight and the family just wants to know why their son did it? Sure, the boy was of age at 21 and can do with his life what he wants. Nevertheless, any clear-thinking person can understand that the family wants to know why the son did that.
I have no bad intentions and I am only trying to help the family. This is not about hacking a stolen cell phone. Then I would just do a factory reset and use the phone normally and not write this post here.

Yes, well... be that as it may.
With a screen lock in place you can't simply factory reset as you still be locked out.
I believe my original response was valid. It's not an easy nut to crack... by design.

Hello, i own a phone repair shop and i'm a relation with a person specialized in unlocking phones. He said me that he can bypass the lock screen and keep data on all samsung phones and he can do it remotly. Being in this business i don't trust him a lot about keeping data. One of my customer's son is dead and his family want to access his phone, they gave me his phone and they are agree to loose data if things dont go good so i'm gonna try with this guy and if you want i will give you a feedback.

Hi sorry to hear that this terrible situation happened around you.
I am in a similar situation. My cousin died suddenly and his sister asked be to recover pictures and videos because he filmed himself before try to end his life and she would like to find if there is any video that could help us understand better.
I'm trying to find ways to do that and so far I haven't but I wanted to share some information in case it could be helpful to someone.
I tried the iMobie Data Extractor. It is supposed to help recover data from "broken phone". I guess it's the closest thing I found that didn't look scammy and could work. After about a month of back and forth with their support person, I managed to replaced the OS using Odin (because the official software left my phone in a non-bootable state) replacing all partitions except User Data. Unfortunately, that didn't remove the lock (PIN). I'm not surprised since I didn't wipe the User Data.
From a security perspective, it is good that it is hard (impossible) to access data of a locked phone, but from a family emotional perspective, it is hard to have to tell my family that I failed.
I wish you good luck and please post here if you find a way.
be safe

Touftaf said:
Hello, i own a phone repair shop and i'm a relation with a person specialized in unlocking phones. He said me that he can bypass the lock screen and keep data on all samsung phones and he can do it remotly. Being in this business i don't trust him a lot about keeping data. One of my customer's son is dead and his family want to access his phone, they gave me his phone and they are agree to loose data if things dont go good so i'm gonna try with this guy and if you want i will give you a feedback.
Click to expand...
Click to collapse
What happened

I don't have easy-to-hear information for you. But I offer these words as a way to think about this situation.
I believe Samsung intentionally builds phones which are extremely hard to break into. This is a conscious design decision they make. Why? Because so many users do things like credit card payments, banking, and social media, where, if you lost your phone and a bad person found it, an easy-to-break-into device would have potentially catastrophic results. Aside from the harm to a user who lost a phone, Samsung themselves would be subjected to great reputational damage, too. It's bad press when it's easy to break into and steal something.
Also, you may not be able to break into the device, even with the help of a commercial vendor. Exploits in Android, when found, are patched regularly. A very smart person might have had a way to crack into a phone last week, last month, or last year. But again, Samsung intends to continually patch the software to keep it secure. They make a point to telling people that Samsung phones are patched for several years, so users will feel confident their data will be secure.
One suspects certain governments have police or security organizations who likely could break in, but they are unlikely to help in a personal situation, as you described.
Although this doesn't seem to apply to you, it's worth saying that Samsung phones are also backed up (by default) to their "cloud." It's possible that a lawyer might be able, with proper documentation of the owner's death, to get access to Samsung's (or Google's) cloud backup(s). I don't think it's easy though. Google, at least in the USA, allows the owner of an account to specify how Google should handle their data if they stop accessing their accounts. (I think Google treats an idle account as "dead" and for reasons like this, if you no longer want to use a vendor like Samsung or Google, you should proactively delete your account, not merely let it go idle.)
Anyone reading this post, might want to consider having what can be an uncomfortable conversation with your friends and family: "How would you like your friends and family handle your electronic, financial, and social accounts in the event of your death?"
Please, forgive me if any of this sounds insensitive. My father worked in insurance and as part of his job he knew all to well that all people eventually die. And how hard it is for those left behind to pick up the pieces, especially when secrets are involved. My family knows where to find my keys.

Related

My rant about At&t and I why I am angry with them about my predicament with my s7.

My rant about At&t and I why I am angry with them about my predicament with my s7.
PLEASE READ DISCLAIMER AT THE BOTTOM AND ALL ASTRICKED ITEMS. READ AT YOUR OWN RISK.
YOU HAVE BEEN WARNED.
I will say how disappointed in at&t I am; it should be illegal to lock phones like this. The last samsung galaxy able to be rooted was the s4 and note 2 (don't quote me on that is was guestimation). But like all the idiots caught up in the buzz of owning the newest device, I got burned by the note 4. Fool me once shame on you, but fool me twice shame on me. I got burned again on the s7, and developers on here have basically given up rooting anything else (since the note 4 crisis there's a large bounty for whomever get the first permaroot) . Maybe if millions of us write to samsung about how at&t is ruining their products, they could do something about this travesty. <b>
Well if could some root required apps to work on my phone I would be much happier. I can't even use the current version of lucky patcher, how stupid is that. <b>
If your phone isn't rooted or have never felt the joy of a rooted phone (it is like endless possibilities all in the palm of your hand), and if you don't know what rooting is, get a clue, (Google it). Beg, barrow, steal one from a guy the next County over, forge one, trade for one, find one, save up for 3 months to buy one on eBay, I don't care how you get a clue, but you need one. The ability to Root our phone should be a fundamental right. (particularly with what went on with Apple and the FBI in California) We buy the phone, pay for it's service, then you treat us like we somehow don't know something has changed. (All the sudden "security updates that happen right after finding root for other devices and then people update their devices and it is gone back to square one.) Who is going to be responsible for all the millions of phones that are going to be trash because of this?
(because now on certain devices it softbricks the phone, sure it roots it, but what good is a rooted phone when you can't use it? (I relate it to something close to ransomware, on a computer, where software hold it (the computer) hostage until you meet the criminal's demands (usually money), so that you can get your computer back, and then sometimes they just leave it in place. (nasty crap fun to get rid of without reinstalling the OS) In this case it holds your phone hostage until you meet at&t's demands of "removing non at&t software", and until such time that the software is removed it remains bricked. If you have this issue, which I have only seen it mentioned a handful of time, and happen to have a Samsung device (with or without warranty) they will fix for free and even pay shipping both ways (now that's how you keep customers happy) I still have this issue as I have not sent my phone in yet and if someone knows how to fix it I would like to know. It goes from the ransom page with the padlock unlocked and warnings from at&t, then it goes to a second page saying that I have a Reactivation Lock in place. I have tried everything stated on the forum about RL, but my case is unique because of my stupid idea of seeing if king root had figured out how to root note 4 at&t sm-N910A version. To answer your question did it work, yes and no. Read the bricking bit above.)
Surely not your loyal customers, surely not the one who actually make and put their name on the phone, no I blame the cell phone companies. They have gotten to big for their own shoes on this one, they stepped in a giant pile of it. How many millions of customers have you lost at&t? Hmmm? Answer that one. Maybe I'll be the next to jump ship, sprint has a great plan, half the price, and they'll pay our way out of the eta( early termination fee(s) ln case you didn't know) up to 600 USD on each line. Sounds good to where do I sign, oh you need to take my piece of it phone and trade it for one the COMES with an unlocked bootloader. Take it I never wanted this piece of it to begin with. Bye At&t, you had a good ride with most of us for longer than a decade, but you done shot yourself in the foot on this one. You should have never changed your name and started in the cell phone business. South Western Bell is dead, and this monstrosity that has been created is nothing more than a shell of its former company, what a bunch of sell outs. I hope you sleep good at night knowing how many people are cursing your name from every roof top and highest building. You don't play with other people's it. It isn't proper nor is it called for. Some customers will be loyal to the end, but I am sick of all the red tape and garbage we have to put up with. Higher rates for the same service? Do you think we are stupid?
DISCLAIMER
*PLEASE NOTE THAT THIS IS MY OWN OPINIONS. IT IS AIMED AT AT&T, AND THEIR INABILITY TO LEAVE A GOOD THING ALONE. IT IS NOT MEANT TO OFFEND US NORMAL FOLK THAT PAY RIDICULOUS PHONE BILLS EVERY MONTH. IF YOU ARE ONE OF THESE PEOPLE AND YOU FIND THIS OFFENSIVE I AM SORRY. I NEVER CUSSED OR SAID ANYTHING OFFENSIVE ABOUT OR TO AN INDIVIDUAL. *
*ANY INSTANCES OF "IT" THAT ARE EXTRAGRAMMATIC ARE A CUSS WORD IN DISGUISE AND IS SELF EXPLANATORY*
PLEASE FEEL FREE TO COMMENT WITH YOUR OWN OPINIONS THIS A JUDGEMENT FREE ZONE, SO PUT SOME FEELING IN IT. OCCASIONAL SWEARING IS TO BE EXPECTED (AS LONG AS IT IS OK WITHIN THE POLICIES OF XDA IF DOUBT DON'T DO IT.).
ANY HELP WITH ABOVE STATED ISSUE PLEASE LINK BELOW SO THE POST ENDS UP IN THE PROPER SECTION (TROUBLESHOOTING AND WHATNOT).
ANYTHING FOUND IN PARENTHESES WAS ADDED FOR CLARIFICATION PURPOSES, AND NOT MEANT TO DEMEAN ANYONE. THERE ARE PEOPLE WHO DO NOT KNOW THE TERM OF KNOWLEDGY.
IF ANYTHING IN THIS RANT HAS BEEN MISREPRESENTED OR IS INCORRECT PLEASE BRING TO MY ATTENTION.
THANK YOU TO ANYONE WHO ACTUALLY READ ALL THIS.
God bless and peace out,
Kelentaria
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Your points and opinion is well taken here as a fellow ATT user. We won't even get Samsung to move on rooting and bootloader unlocking since they're path is the business level users. That's mostly to do with all of us modder folks being in the small minority when it comes to purchasing their phones. There should be an option to unlock the bootloader from them directly. Basically them allowing us to either choose to void our warranty to unlock the bootloader which relieves them of the responsibility of folks blaming them for their choice of modding the phone. Similar to the HTC process. But again this is my opinion. ATT on the other hand has been a constant pain with not being consumer friendly for the last 4 years from my guestimation.
psufan5 said:
I switched to AT&T because of direcTV unlimited (saves me 15 bucks a month from what I was paying). I don't really care much about having root access, but I do care about being able to erase the bloat on the phone. Bloat should be optional software, not burned into the OS. Look at Windows for a PC. If you don't want an app that came preloaded, you simply uninstall it. How is that even legal to have software stuck on your phone, which you have no idea what it is doing in the background and also claim you have 32gigs of storage, but you actually only have 19?
I see some of your points, but the whole rooting thing will be an uphill battle. Each company is required by law to patch exploits that allow the system to be compromised. Unless Google makes root access standard (meaning easily unlocked with an app etc) you won't see it again , and if you do, rarely.
I could forgive them for the root issue, but not for the bloat, lack of WiFi calling on android devices, etc.
Click to expand...
Click to collapse
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
glm0025 said:
I suggest you try Package Disabler Pro, its a small price to pay but it works perfectly disabling bloat from Samsung devices. It is not root but at the very least it helps make touchwiz bearable.
---------- Post added at 02:58 PM ---------- Previous post was at 02:54 PM ----------
I don't think there is a single ATT user that doesn't share your opinion but nowadays we all know what we are getting into with them. Only the Nexus line remains untouched but with the recent surge in mobile payment use the manufacturers are locking down phones harder than eve, one the plus side it helps maintain security and protect your hard earned money but sadly some sacrifices must be made. My only wish is that Samsung would finally see the light and at the very least give us the option of stock android in their devices, a tall order I know but one that would be met with enthusiasm.
Click to expand...
Click to collapse
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
there hasn't been a bootloader unlocked at&t galaxy since the S3. The S4 was bootloader locked, but anyone with AMDL firmware (the second OTA) could bypass the bootloader and load ROMs that way. Anyone that updated past that was stuck with bootstrapped ROMs. The S4 was never bootloader unlocked ever.
psufan5 said:
Ive done that, but the bloat still takes up a huge chunk of space - the APKs are just disabled
Click to expand...
Click to collapse
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
garyd9 said:
Rooted or not, you wouldn't get that space back. The pre-installed crud is installed on the system partition which is a separate space from where user apps (and all data) are stored. If you rooted and deleted those apps, the space would just go unused. (And really, those apps don't take up much space in storage.)
On the other hand, there are things in the AT&T preload that can't be disabled. Some might be daemons that load before (and outside the scope of) android, and others are embedded deep into the existing modules (such as systemUI.) For example, AT&T still uses a variation of carrier IQ software for analytics.
However, even if you had root, you couldn't easily get rid of those things without completely changing the firmware to something else. Once you did that, you'd also lose AT&T variant specific things such as AT&T's implementation of VoLTE, video calling, etc. (Just because other firmware might support features by the same name, it doesn't mean that they'll work on AT&T's network.)
My biggest complaint these days with AT&T variants is that AT&T blocks important system updates. Even VERIZON has become better about releasing firmware updates and upgrades for android phones when compared to AT&T. (Verizon used to hold the crown of being the absolute LAST carrier to update their phones... but no more. Now AT&T clearly owns it.)
Here's the funny thing: AT&T claims that they are locking down bootloaders and such in order to have a higher level of security for business customers. Yet, by taking MONTHS longer to release firmware updates, AT&T phones are often vulnerable to malicious exploits long after those exploits have been fixed by Samsung/HTC/etc.
Click to expand...
Click to collapse
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
psufan5 said:
Bootloader is locked down for one reason - stop tethering on unlimited plans.
Thats about it.
Click to expand...
Click to collapse
You are misinformed.
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
What sickens me is that they disable perfectly fine features to replace them with their crapware. I like their network coverage, but I'm really doubtful if I would/should stay with At&t anymore. I personally don't care much about the bootloader, but the fact that they are doing this sort of thing without facing any sort of push-back, is what annoys me.
sireniankyle said:
I completely agree that the situation sucks. I know that this will fall over into the Note 6, and that saddens me. That is why I set up camp on the Apple side of the fence. They are always hacking into ios somehow (no fragmentation i guess?), and the OS, while still not as open as Android has matured a little. I do miss Android, but Samsung was my home, and it isn't easy switching to another OEM when their hardware designs are so different (no physical home button).
I happen to work for Sprint (for the time being), and the prices are better, but our systems suck, and our business practices are kind of shady. Hopefully I don't get into any trouble for this, but customers deserve to know the whole story. Example: a gentleman came in to get a new sim card for his S4 Mini. Now with at&t, you just go get a sim card, and all you have to worry about is standard/micro/nano. With Sprint, however, each size sim card has a wide variety of skus (barcodes), and we use a tool to see which ones are compatible with the device in question. In this guy's case, Sprint had discontinued the only sim card that would work with his phone.
To put it plainly, we force ultimatums on our customers; buy another phone, or do without. I'm actually ashamed to work for this company.
Click to expand...
Click to collapse
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
glm0025 said:
I get what you are saying 100% but the only problem for me is that a locked down Android device does more than a jailbreaked iPhone any day of the week.,at the end of the day Android is still more open than IOS. As of right now Marshmallow has proven good enough for me that I'm not missing root or custom roms, that I would root and unlock if I had the chance you better believe it but even 6.0 Touchwiz is bearable right now.
Click to expand...
Click to collapse
It heavily depends on how well you know Cydia. . You can change everything about the layout in an iphone through winterboard or dreamboard. You can customize power options, and assign on screen and button shortcuts no matter where you are on the device (app, home screen, locked). Ad blocker, free spotify premium, a youtube downloader built into youtube, custom carrier logos, system wide night mode, keyboard sub symbols, finger print locked apps, remove the media cap in imessage or text messages, enable zedge ringtone downloads, kill all background apps, pop out video for any app, and custom folder sizes.
I can agree that a few of those are just catching up with Android, but a system wide on or off wifi ad blocker is something that only root can do. There are some things, like the no media cap in messages, that even a rooted android device can't technically do (depends on the carrier I suppose), because they don't go through Apple servers.
This isn't me crapping on Android. I love Android. I just needed a place to hold up until Samsung gets it together. I refuse to buy their locked up garbage anymore. The htc 10 is looking pretty good, too, but I was hoping for something with amoled.
Just so everyone is clear, we dont discuss piracy or fraud or such on XDA.
App developers work hard for their money, trust me it is hard to earn a living at 99cents a pop. Lets support our developers instead of supporting theft.
You're dumb. You're *****ing about a $600 term fee which is impossible for a single line. Buy your phone international or unlocked if this is such an issue for you and stop whining. The ATT model of phones are NOT for power users. Plain and simple. I'm surprised so many people are taking the time to read you *****ing.
This post is so funny...
You are all over the place with your words, your thoughts and your anger.
Why would you purchase the S7 on AT&T if you already knew all of this?
Especially if this has already happened to you with your Note 4?
End of the day, most of the customers who use AT&T have no idea about root. They have no care or concern about these things.
People like us, on XDA, who love to root and customize our phones have to understand that there is a paradigm shift in Android (particularly in regards to Samsung devices) that focuses on security rather than customization. Especially when dealing with Carrier phones. The bloat, the locked bootloader, the restrictions all have their reasons for existing.
Especially when Samsung is amidst a global (albeit slow) roll out of Samsung Pay. Trying to align themselves ever so closely with Apple in terms of quality and brand recognition.
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Carriers also have their reasons as well...
There are plenty of reasons why they both do it, most of which I don't want to sit here and write out one by one. Like you said in your post... Google it.
End of the day, if you want to root or customize your device then you should do your research before dropping $700+ on a phone.
Plenty of bloat free, bootloader unlocked, international and non carrier phones available for you to achieve root and enjoy Android.
Coming on here and posting a wall of whine just makes you look silly and childish.
Yes, it sucks... I share your annoyance as I'm sure many other AT&T/XDA members do as well - for years now.
End of the day, these mega corporations don't care about you or what makes you happy. It's a business, their business, deal with it. We all have to... If you want to protest, protest with your wallet.
HNIC215 said:
Samsung Pay will NEVER work on a rooted phone, EVER! Doesn't matter if you restore stock firmware etc...
Click to expand...
Click to collapse
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
My understanding of SPay is that it relies on the KNOX fuse to determine if a phone is modified. If true, then if an exploit is discovered and implemented which grants root without tripping KNOX, then SPay could possibly work on a rooted device. (Hiding root is doable, and supersu has been playing the cat/mouse game with Android Pay for several months on this...)
The galaxy S6 was rootable without tripping KNOX when it was initially released...
Of course, it's possible that there's something in the samsung firmware that will immediately trip KNOX if root is even detected. If so, it's something new that hasn't been there before. Previously, tripping KNOX required an action at the bootloader level - and usually occurred when an image not signed by samsung was flashed via ODIN.
Moving slightly off topic...
The problem, in my opinion, isn't that root can't be gained. There are plenty of exploits for gaining privileges that either Samsung takes too long to patch, or that the carriers (specifically AT&T) take too long to release the patches for. (AT&T is already 2 months behind on the S7's security patches. Those are patches for security concerns that are now publicly announced and should be easily exploited by reverse engineering the fixes that google publishes.)
The real problem is that people who would develop and publish a root method for hobbyists don't care anymore. Those people aren't going to buy a bootloader locked S7. Either they'll buy a different phone entirely (from a manufacturer that's more dev friendly), or they'll buy a non-carrier model that isn't bootloader locked. (Actually, there's another group, but it's very small: Industry insiders who are constrained by legal agreements (such as NDA's) preventing them from releasing anything they might come up with.)
garyd9 said:
While I tend to agree with the majority of your post, I think this one statement I quoted might be a bit too absolute.
Click to expand...
Click to collapse
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
First, they said Samsung Pay would have to be available in the device's country of origin.
Second, they said the device can NEVER be rooted. If the device is rooted, it will NEVER be able to run Samsung Pay on it for the remainder of its life. Regardless if you restore with stock firmware and unroot.
Which makes sense actually when you think about it.
Apple is and has been synonymous with security and safety - in general but especially in regards to Apple Pay.
Samsung has always been considered the "Apple" or "iPhone" of the Android world - this statement holds true now more than ever before.
With Samsung Pay being released globally (slowly but surely)... Samsung will not risk the security of their platform by any means at all.
Letting users gain root access to their devices can potentially expose parts of their secure Samsung Pay platform and risk a major security or privacy incident that would lead to global fallout regardless of where the incident took place.
They will never allow this - especially with the progress they have made over the years to build a premium brand.
With the S7 and S7 Edge - they further that tradition and bring more security than ever.
Don't take my word for it...
Samsung Knox recognised as the strongest mobile security platform
Samsung has received strongest ratings for its mobile security platform Knox in areas including authentication methods, encryption management, jailbreak or root protection and application vetting.
Click to expand...
Click to collapse
The latest version of Knox is currently available for Galaxy S7 and S7 Edge and optimised for Android 6.0 Marshmallow.
Click to expand...
Click to collapse
According to a report, Mobile Device Security: A comparison of Platforms by renowned market analyst firm Gartner, Samsung's latest security platform Knox version 2.6 got the most strong ratings for any mobile security platform. The firm analysed the core OS security features built into a total of 12 mobile device platforms as well as enterprise management capabilities. Samsung also managed to gain leadership in mobile security market though Knox, coupled with Samsung Pay.
Click to expand...
Click to collapse
Source:
http://www.ibtimes.co.uk/samsung-knox-recognised-strongest-mobile-security-platform-1554836
HNIC215 said:
That's what a Samsung Rep told me when I had the international Note 5 and wanted to know if I would be able to use Samsung Pay here in the states.
Click to expand...
Click to collapse
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
"KNOX" is a confusing term.
First, there's "KNOX" as a software security suite that is very closely related to what google calls "Android for Work." Both are basically a "secure" and private container/sandbox. The idea is that you take a personal smartphone to work and can run "work" apps that are completely sandboxes from personal apps. This has nothing whatsoever to do with SPay. SPay doesn't make use of this element of KNOX.
KNOX is also the name of a fuse in the device (which is likely a qualcomm "qfuse" in the SD820 S7's) that trips when the bootloader detects an unsigned kernel/recovery. _THIS_ is the KNOX that relates to SPay. Real human beings (not samsung sales or support reps) have confirmed that once the KNOX fuse is tripped, it prevents SPay from working. (It also prevents KNOX, the software suite mentioned above, from working.)
Now I need to express things in strange ways, and I hope you'll forgive the odd phrasing:
As far as devs on XDA and other sites similar to XDA have been able to determine, "root" does not prevent SPay from functioning. In fact, my understanding is that there are people who rooted their Galaxy S6 without tripping the KNOX fuse, later reverted to factory firmware, allowed the phone to OTA to newer firmware that included SPay, and SPay worked fine. However, there are others who have tripped the KNOX fuse while rooted who can no longer use SPay. The key here is that KNOX fuse...
I can say with a very large degree of confidence that SPay will work just fine if you happened to had a device that somehow had a working "su" binary in the path AND KNOX wasn't tripped. That might happen if the bootloader was designed to not trip KNOX... such as someone who developed software for preloads might have on a test device. Based only on information in the public domain, it might also happen if an exploit was found that didn't require flashing a custom kernel, recovery, etc.
It's POSSIBLE, and I actually don't know this, that the firmware released on these devices publicly has code to force tripping the KNOX fuse if root is detected. The galaxy S6 did NOT have this mechanism when towel root (or whatever root method it was) worked on it. I somehow doubt that samsung would have added this to the firmware, as there's too great a chance for a false positive, and tripping that KNOX flag is permanent.
In android user terms, a "rooted" device is merely a device that has a working suid "su" binary in the path owned by the 'root' user. (Later versions of android also require some sepolicy changes, but that's outside the scope of this thread.) That binary might be on /system or it might be in the kernel partition. However, neither is a permanent change to the device, and therefore it can be removed with no trace.
garyd9 said:
Okay.. I wonder if he's related to one of the "samsung reps" that work in Best Buy stores.... or the ones that come visit AT&T stores on occasion. For the most part, they are really good in reciting the marketing material, but when it comes to details, they are clueless. In fact, at least as bad as Radio Shack sales people.
Click to expand...
Click to collapse
No this wasn't in person... Nor was it someone from the states (from what I could tell).
It was with a technician over the phone because the first customer service rep had no idea - so she transferred me to a technician.
Regardless, there is no point in discussing this endlessly.
There are already plenty of folks out there who are trying to solve this issue, only time will tell if they can succeed.
Let's see what happens.

Reposting from Galaxy S5 forum

Heyyo heyyo. "I've got an Android G5 running 7.0 software, it's a LGUS992 and the carrier is under US Celluar.
I know this is going to sound like some tinfoil hat **** and someone who's hearing things, hallucinating, etc but without a doubt. 100 %. someone in my community has access to my phone [and my Chromebook, actually] I'm not very computer savvy but I know there are means through which you /might/ be able to do this kind of thing- stealing wifi, malware or spyware, keylogging, some kind of physical device, etc
I've heard people mention things as specific as individual songs I'm listening to, passwords I've used, things I've typed, etc. Like literally /everything and anything/ I'll do on my phone, I know people have access to and I absolutely need to know how this is being done and how I could stop it, I've been a phone addict for years, use mine for both professional and personal purposes, and since I live out of state from most of my family and friends it's literally the /only/ way I can talk to 99 % of the people I know. My life is already in the dumps, so to lose my main access to a ton of the important people and things in my life is soul crushing and whoever does this doesn't care at all.
It's not just something that could be from my Gmail account being linked through my devices and then hacked. I've heard mention of texts, etc. Phone only, offline stuff. Does this sound like something that could be done and if so, evaded somehow? I even considered that the park I live in might have cameras inside the places but that wouldn't explain why I hear about **** I'm doing no matter where it's done
I've changed my phone password, Gmail password, Skype password, Youtube password, put on a PIN, put on fingerprint access for my phone, blocked off unfamiliar MAC addresses on my router and this has still continued. Someone in the Galaxy S5 forum said I could try "resetting the whole thing - meaning all partitions on it - to stock configuration via a special tool." but like I said, I'm not computer or phone savvy so I wouldn't know how to or if this'd even fix the problem

Bypassing Pin on galaxy s21 without data loss

My father passed a couple days ago and I need to gain access to his phone in order to invite all his friends to the service as well as get into contact with some family overseas.
He has a 4 pin code that I've been trying to guess but have not yet succeded.
I can provide proof that it is my fathers phone incase people believe it is stolen.
I can't get into his samsung account because it is basically his google account, I set up his google account with two factor authorization. Which requires me to get into his phone to even access.
Anything Helps
I don't have easy-to-hear information for you. But I offer these words as a way to think about this situation.
I believe Samsung intentionally builds phones which are extremely hard to break into. This is a conscious design decision they make. Why? Because so many users do things like credit card payments, banking, and social media, where, if you lost your phone and a bad person found it, an easy-to-break-into device would have potentially catastrophic results. Aside from the harm to a user who lost a phone, Samsung themselves would be subjected to great reputational damage, too. It's bad press when it's easy to break into and steal something.
Also, you may not be able to break into the device, even with the help of a commercial vendor. Exploits in Android, when found, are patched regularly. A very smart person might have had a way to crack into a phone last week, last month, or last year. But again, Samsung intends to continually patch the software to keep it secure. They make a point to telling people that Samsung phones are patched for several years, so users will feel confident their data will be secure.
One suspects certain governments have police or security organizations who likely could break in, but they are unlikely to help in a personal situation, as you described.
It's worth saying that Samsung phones are also backed up (by default) to their "cloud." It's possible that a lawyer might be able, with proper documentation of the owner's death, to get access to Samsung's (or Google's) cloud backup(s). I don't think it's easy though. Google, at least in the USA, allows the owner of an account to specify how Google should handle their data if they stop accessing their accounts. (I think Google treats an idle account as "dead" and for reasons like this, if you no longer want to use a vendor like Samsung or Google, you should proactively delete your account, not merely let it go idle.)
Anyone reading this post, might want to consider having what can be an uncomfortable conversation with your friends and family: "How would you like your friends and family handle your electronic, financial, and social accounts in the event of your death?"
Please, forgive me if any of this sounds insensitive. My father worked in insurance and as part of his job he knew all to well that all people eventually die. And how hard it is for those left behind to pick up the pieces, especially when secrets are involved. My family knows where to find my keys.
Uzuki12 said:
My father passed a couple days ago and I need to gain access to his phone in order to invite all his friends to the service as well as get into contact with some family overseas.
He has a 4 pin code that I've been trying to guess but have not yet succeded.
I can provide proof that it is my fathers phone incase people believe it is stolen.
I can't get into his samsung account because it is basically his google account, I set up his google account with two factor authorization. Which requires me to get into his phone to even access.
Anything Helps
Click to expand...
Click to collapse
You can see his contacts in his Google account on a browser, but if he saved the contacts locally (which is annoying that many phones don't make it clear that contacts are saved locally only until specifying Google as the account to save to)

Question I have been totally hacked for 9 months

We have been through five phones -Samsung Galaxy, then Motorola, two internet providers two cell phone providers, made so many calls I have lost count. He uses Chromebook and a Motorola Droid phone. He has even hacked my old home phone, tv, you name it, he has tried to own it . Oh, I forgot-my home security and ring doorbells also. I can change an app permission and I can see him go right in and change it back. I am sure he lives close in the neighborhood How do I get rid of this horrible person?
He grays out permissions, default apps, etc., Which keeps me from being able to delete an app, or change someone being able to access in the background. He has confiscated our emails (Gmail), prevents us from sending or receiving ones he doesn't like. He uses email for email on the web, advertising, chat, and many other things. He listens to phone calls steals all photos, maps addresses to companies or people in contacts, uses maps for ?? Xxx an anyone help me, or at least tell me how to reverse graying out on apps? This has become unbearable! Thank you!
How do you know it's a he?
It's always the girl next door.
Lol! I cannot prove it, but the big gamers nextdoor moved in when this started happening. Their best friend is an experienced IT guy who only appears when I have gone in and changed things. In those days, new changes happen, such as Ring doorbells hacker, etc. Not blaming, but coincidence?
blackhawk said:
How do you know it's a he?
It's always the girl next door.
Click to expand...
Click to collapse
Sorry. See reply in post.
Bro, I'm so sorry. My husband has been going through this VERY thing for the past year. They don't mess with mine. I just wanted to let you know even though I don't have any resolve for you, I hear you and know that it's not phony and we totally feel for you. Seriously, maybe you and my hubby can talk. I'm so sorry that you're going through it. Feel free to message me.
This sounds like a great fan fiction and will bookmark this to see how the story develops. Thank you for putting this in Moto G Power section right where it belongs!
Sounds like you might need to invest in a router with better security features.
Moosetears said:
This sounds like a great fan fiction and will bookmark this to see how the story develops. Thank you for putting this in Moto G Power section right where it belongs!
Sounds like you might need to invest in a router with better security features.
Click to expand...
Click to collapse
Definitely not fiction. It is a nightmare and could REALLY use some advice!
gunnshot81488 said:
Bro, I'm so sorry. My husband has been going through this VERY thing for the past year. They don't mess with mine. I just wanted to let you know even though I don't have any resolve for you, I hear you and know that it's not phony and we totally feel for you. Seriously, maybe you and my hubby can talk. I'm so sorry that you're going through it. Feel free to message me.
Click to expand...
Click to collapse
It has been a nightmare! They started with mine, and have now invaded my husband's phone also.
Scammed said:
It has been a nightmare! They started with mine, and have now invaded my husband's phone also.
Click to expand...
Click to collapse
Why are you posting on XDA? If you are this convinced that someone has unauthorized access to your devices, you need to be talking to law enforcement. The best advice we can offer you is to change all your passwords immediately, enable 2 factor authentication, and if possible seek a restraining order. XDA is a smart device hacking and development community, not a private investigation service.
V0latyle said:
Why are you posting on XDA? If you are this convinced that someone has unauthorized access to your devices, you need to be talking to law enforcement. The best advice we can offer you is to change all your passwords immediately, enable 2 factor authentication, and if possible seek a restraining order. XDA is a smart device hacking and development community, not a private investigation service.
Click to expand...
Click to collapse
I didn't think you were a p.i. firm. Obviously, I am not tech savvy. A little kindness please? I simply want to know how to ungray grayed out app permissions. I have searched on my own and cannot find the answer. I have reported it to local police, state police, Motorola, Samsung, Verizon, Xfinity, metronet, on and on and on. No help from anyone. I don't have $2,500.00 to just put down a retainer for a p.i. I knew someone on this forum would know the answer I am searching for and might kindly tell me. Thank you.
Scammed said:
I didn't think you were a p.i. firm. Obviously, I am not tech savvy. A little kindness please? I simply want to know how to ungray grayed out app permissions. I have searched on my own and cannot find the answer. I have reported it to local police, state police, Motorola, Samsung, Verizon, Xfinity, metronet, on and on and on. No help from anyone. I don't have $2,500.00 to just put down a retainer for a p.i. I knew someone on this forum would know the answer I am searching for and might kindly tell me. Thank you.
Click to expand...
Click to collapse
Well, it can be hard to distinguish the difference between reasonable concern over privacy violations vs unwarranted paranoia, and you aren't the only one who's come to XDA with this type of story. Most of your assumptions are likely mistaken and can be simply explained by the nature of Android itself.
Remote intrusion of mobile devices is actually pretty rare. The most common ways bad actors get ahold of sensitive user information are: phishing, user-approved permissions on questionable apps such as TikTok, and "connected" social media accounts, where users allow websites and apps access to their social media profiles, or use their social media as a login.
Regardless, to the technical point of the matter, grayed out app permissions are not the result of hacking or surreptitious malfeasance, but rather the nature of the "rules" inherent to Android - you can't remove system apps or disable system-controlled permissions without root.
If you still think you have reasons for concern, this is my only suggestion:
Change your phone number
Immediately change all relevant passwords - minimum 10 characters, a mix of upper case, lower case, numbers, and special characters, do not reuse them
Enable 2 factor authentication on all accounts, ensuring your 2nd factor is something that you and only you have access to
Once done, sign out all devices signed into those accounts
Perform a factory reset on your device; even better, reflash factory firmware. Keep bootloader locked.
Do not use questionable apps

Pin Locked out of Canadian A10s

Recently had this phone given to me by a friend. Unfortunately, it was her kid's, and her kid cannot remember the pin, or what, if any protection she had on it, i.e. Samsung or Google, though, if any, I would suspect Google would be the one. Unfortunately, the friend is also locked out of her Amazon account right now (even Amazon's massive money still doesn't eliminate mistakes in their system), so getting details direct from Samsung that could help me out, if I had access to the receipt (I'm assuming, here, but reasonably, I think) is, for now, out, which very much sucks, because I'm presently using a dated LG, cannot afford anything at all (hence the donation of the phone), and Samsung is what I know, and am familliar with, and, in my opinion, with cause, as, from my (admittedly limited) experience, they are the most feature rich, and most customizable. What I am wondering is if there is a way to get around this issue with the limited access I have. I know there must be more than one way - it's been awhile (like s5 Neo awhile), but I've installed ROMS and "broken into" phones, before (no, not stolen!) - but I've used the internet in a far more limited way, for the last few years, now, and, since my elder days of tireless research and such, Google has changed dramatically, making it hard to find out anything, anymore, without sifting an ocean of clutter, and I don't know my way around, like I used to; internet and phone technology have both changed very fast, the past few years, and so, here I am. Any info needed, I will do my best to find out. Thanks in advance to anyone who can help!
https://forum.xda-developers.com/t/...-it-and-i-dont-remember-my-password-s.4542379

Categories

Resources