Hi all,
I recently bought a P7 as my new smartphone. However, there is one thing missing. In the EMUI settings device encryption is not accesible, however this is a standard Android feature. I need this feature enabled because of enterprise policies otherwise I can't connect to our Exchange. Contact & agenda synchronization is necessary for me as my smartphone is a working device.
I tried updating to EMUI 3, but it's still not part of the ROM. It's a bit ridiculous Huawei isn't enabling this option within EMUI or doesn't even put encryption enabled by default.
Is their a workaround to enable this feature?
Thanks in advance.
Cerveza said:
Hi all,
I recently bought a P7 as my new smartphone. However, there is one thing missing. In the EMUI settings device encryption is not accesible, however this is a standard Android feature. I need this feature enabled because of enterprise policies otherwise I can't connect to our Exchange. Contact & agenda synchronization is necessary for me as my smartphone is a working device.
I tried updating to EMUI 3, but it's still not part of the ROM. It's a bit ridiculous Huawei isn't enabling this option within EMUI or doesn't even put encryption enabled by default.
Is their a workaround to enable this feature?
Thanks in advance.
Click to expand...
Click to collapse
I didn't find in setting but using the app "activity launcher" you can reach the hidden menu.
Open activity launcher>all activity>setting> encrypt phone
I don't know if encryption will work
Thank you for this interesting post usb2. I am able to open the Encrypt Phone activity and I can do all the prerequisites. When I start the encryption the phone gets "stuck" on a white screen with the green Android dude.
It's actually the same as the encryption screen on stock android, except without text and loading bar. Only the guy on a white background.
First I thought he was just busy encrypting but after 3 hours it was still like this. I just rebooted my phone and he is still working. Still not encrypted tho.
This is sad, I will need another ROM for this phone.
Related
Hi,
I cant find anywhere in EMUI something along the lines
"Encrypt phone: encrypted." like I had with pretty much any of my other devices.
I don´t believe Huawei would release a 8.1 Android without encryption. It is mandatory by Google, isn´t it? Maybe it is on by default once a PIN is set and the menu is just not shown by EMUI as you can´t change it anyhow on other phones as well.
Guess it is File based encryption rather than full disk enc. as there is no password upon boot process. That would be fine but can I somehow check with ADB command or something like that?
If it really is unencrypted entirely that appears to affect all Huawei I had in my hands lately.
Hey guys,
Does anyone know what's the encryption level supported by p20 pro and how do i check it?
My organization has disabled any mobile device to connect which does not support 256 bit encryption, this level of encryption is only on iphone's & knox enabled Samsung phones.
Hence wanted to know the encryption level supported by p20 pro.
Thanks in advance.
No one guys?
I've chased Huawei again for an answer, only been waiting since May and constantly chasing each month, so not sure when they will reply
Sent from my Huawei P20 Pro using XDA Labs
I've finally had an update from Huawei
In response to your question, please be informed that the Huawei P20 Pro device it is not encrypted. However, all the information you are saving on the "file safe" it is encrypted. This means that the information is private and it can be accessed only by you. This option it is secured and it can be accessed only with your fingerprint.
Click to expand...
Click to collapse
So by default the device is not encrypted
walkerx said:
I've finally had an update from Huawei
So by default the device is not encrypted
Click to expand...
Click to collapse
That's f*ing ridiculous!! It's 2018!!
krs360 said:
That's f*ing ridiculous!! It's 2018!!
Click to expand...
Click to collapse
another reason to not buy the next huawei device
walkerx said:
another reason to not buy the next huawei device
Click to expand...
Click to collapse
Really bizarre why full encryption is unavailable on the Pro. If there's no way to enable it, then ya, I might avoid Huawei for my next phone as well.
Me too, this is gonna be my last Huawei
Guys, are you sure this is correct? If you read the EMUI 8.0 Security Technology White Paper on consumer-img.huawei.com/content/dam/huawei-cbg-site/en/mkt/legal/privacy-policy/EMUI%208.0%20Security%20Technology%20White%20Paper.pdf it seems to indicate that the entire phone is encrypted using HW key (HUK):
"To ensure data security, user data is encrypted using a hardware-based hardware unique key
(HUK) and user lock screen passcode. Data files of different apps are stored in the directories
of the corresponding apps, so that the files of one app cannot be accessed by other apps. The
data erasure function is provided for permanently erasing data during device recycling or
factory default restoration to prevent illegitimate data restoration."
and then:
"The AES256 hardware encryption/decryption used by the secure storage function is
compatible with the GlobalPlatform TEE standard. The secure storage keys are derived by the
HUK and not sent outside of the TrustZone. Data encrypted using the keys cannot be
decrypted outside of the TrustZone"
soniva said:
Guys, are you sure this is correct? If you read the EMUI 8.0 Security Technology White Paper on consumer-img.huawei.com/content/dam/huawei-cbg-site/en/mkt/legal/privacy-policy/EMUI%208.0%20Security%20Technology%20White%20Paper.pdf it seems to indicate that the entire phone is encrypted using HW key (HUK):
"To ensure data security, user data is encrypted using a hardware-based hardware unique key
(HUK) and user lock screen passcode. Data files of different apps are stored in the directories
of the corresponding apps, so that the files of one app cannot be accessed by other apps. The
data erasure function is provided for permanently erasing data during device recycling or
factory default restoration to prevent illegitimate data restoration."
and then:
"The AES256 hardware encryption/decryption used by the secure storage function is
compatible with the GlobalPlatform TEE standard. The secure storage keys are derived by the
HUK and not sent outside of the TrustZone. Data encrypted using the keys cannot be
decrypted outside of the TrustZone"
Click to expand...
Click to collapse
Got the info from Huawei stating there is no default encryption on the device
walkerx said:
Got the info from Huawei stating there is no default encryption on the device
Click to expand...
Click to collapse
Yes, I saw that earlier in the thread. But as others are saying - "it's crazy not to support this"
Just wondering if I should trust Huaweis official white paper on security and privacy or a person in customer support. I would expect them to provide the same answer. Assuming I'm reading the white paper correctly, encryption is on by default for the entire phone, with some additional safety-level for personal files (i.e. docs and images).
We have similar policies for our company-services utilized on phones and I am allowed to download, read and send e-mails on my P20 Pro just as on phones I've used earlier (with explicit encryption). Which is also the reason for following up on this issue. Either my phone is ok, the policy is not working as intended or my phone is reporting the wrong answer when queried from the server "are you encrypted". The last one would be the most critical I guess.
Also note the last comment on this thread: forums.androidcentral.com/huawei-mate-10-mate-10-pro/865831-does-pro-have-full-device-encryption-like-most-phones-now-9-did-not.html
To put it bluntly, I wouldn't trust any Chinese device when it comes to encryption. I'm not surprised that the P20 Pro is unencrypted. I used to have a OnePlus 3 that was encrypted (according to OnePlus, anyway...), yet when I factory reset it through the bootloader and gave to a family member, half my apps and SMS messages were still on the phone. when they signed in with their own Google account.
If you want data security, I think Samsung and the Knox platform is about as good as you're going to get. Apple won't give governments advice on how to decrypt iPhones, but I'm pretty sure it's possible with the right third party equipment.
This is the answer I got from Huawei customer support:
Our devices are encrypted from the factory when they are made, a user can then also add passwords, fingerprints and facial recognition to allow access to the device but as a standard in the Android system the main security function is a password and this is required after a restart of the device even if you have other unlock functions.
The encryption from the factory is an encryption on the internal storage unit.
Click to expand...
Click to collapse
So based on this, and the white paper mentioned previously, the devices are encrypted.
soniva said:
This is the answer I got from Huawei customer support:
So based on this, and the white paper mentioned previously, the devices are encrypted.
Click to expand...
Click to collapse
I've replied to my email from Huawei advising to confirm as we are getting different answers from support staff (my updates are coming from the UK Technical Support Team)
Update: Further from my post earlier, I've now had more information back from Huawei who have confirmed there is encryption by default, so have asked them to ensure all staff know as I seem to be getting incorrect information (especially from one member of staff)
How to Remove FRP Lock From Android Device ?
The FRP feature is always enabled on your device as long as you have an active Google account. To disable FRP, you must remove your Google account.
To remove your Google account, follow these steps:
1 : From any Home screen, touch Apps > Settings.
2 : Touch Accounts > Google.
3 : Touch your Google account, and then touch MORE > Remove account.
Important: If you are sending your device in for service, selling your device, or giving it away, it is very important that you remove your Google account and reset your device.
Share it.
Wanheda-Klaus said:
How to Remove FRP Lock From Android Device ?
The FRP feature is always enabled on your device as long as you have an active Google account. To disable FRP, you must remove your Google account.
To remove your Google account, follow these steps:
1 : From any Home screen, touch Apps > Settings.
2 : Touch Accounts > Google.
3 : Touch your Google account, and then touch MORE > Remove account.
Important: If you are sending your device in for service, selling your device, or giving it away, it is very important that you remove your Google account and reset your device.
Share it.
Click to expand...
Click to collapse
How do you get around it if you bought a refurbished android moto XT1650-02 on FB and they didn't do what they should have done here in this post?
TonyDaTorch said:
How do you get around it if you bought a refurbished android moto XT1650-02 on FB and they didn't do what they should have done here in this post?
Click to expand...
Click to collapse
Have a look at my posts on this subject.
Currently I'm looking into whether I can side load some code via a FAT32 formatted SD card, and if possible, I need to locate where the flag is stored which sets this FRP. Now this could be stored on a rom chip of sorts and at this stage I dont want to break open the device to desolder chips, so this blog could be useful at giving clues into what needs to be looked at. Although the device is a Blink Mini camera, the technique can be applied on other devices, like smart phones.
Blink Mini RE, Part 3 -- Staring into the eye of the binary
If we stare at a binary for long enough, we will intimidate it into giving us its little secrets
astrid.tech
Ideally, I'd have a working device, dump the rom contents, then trigger the FRP and then dump the roms again to compare whats been changed, which would hilight areas for further investigation and maybe even the bit flag in question.
The other area of interest currently is Wireshark with the USB packet sniffer. Lenovo's/Motorola's Rescue and Smart Assist program aka LRMA can interrogate the device via a USB cable and detect the firmware. LRMA also suggests enabling the Developer mode/USB debugging which is enabled by clicking the build number seven times in the Google Android settings. So the question is can LRMA detect the FRP has been set? If it can, Ghidra https://ghidra-sre.org/ can be used to detect the FRP bit flag. I say bit Flag, it could be multiple bit flags in a variety of locations. Never under estimate your enemy.
I've used the Emergency Contact select a photo trick, to gain access to all apps, where I've gone straight for the Settings and Build number, tapped it 7 times as per LRMA's instructions but its not unhidden the developer mode and USB debugging options. This could be disabled once FRP is triggered, but its why I say it could be more than one bit flag which is set. Like you see with UEFI bios on some pc motherboards, there could actually be a two or more locations which could be used.
Like I said earlier, having a working device, dumping roms and then triggering FRP would be ideal, but when you dont have any money, it forces you to use your brain as you can't just step out and buy a new device mirrored in every way.
At this stage I dont know if this FRP flag can be undone. It might be like these RaspberryPi One Time Programmable switches as seen here, but I have been able to toggle some of those as well! https://github.com/raspberrypi/docu...asciidoc/computers/raspberry-pi/otp-bits.adoc
I've so far been unsuccessful in finding out if there is an equivalent of vcgencmd otp_dump for Android phones as this could be another way I might be able to find the FRP flag without having to dump the roms.
This is all new to me so I might be looking in the wrong area's as I'm just an unqualified out of work for decades boring old penniless windows programmer so I'm learning as I go along. But you might find what I've put is useful if you fancy a Thanksgiving, Xmas & New Year challenge for a change.
Hi all. I'm thinking to buy a MI9 but only in case I could find a way to setup multiple users on the device. I understand the MIUI doesn't have this feature by default which has been keeping me away from this manufacturer for a long time. However, I still hope there should be a way to enable the multiuser mode? Anyone?
you're wrong. MIUI has user accounts. just go to settings, special functions and profiles
Not only that, apart from user accounts, you can clone applications on one account that you won't find on other smartphones
You have second space in MIUI 11, but it's only 1 user more
I was very happy with my find x3 neo... Until yesterday android 13 upgrade, now I'm getting this really annoying popup every ten minutes, no way to stop it or fix that (or disable) that app. It's a system app, in English is named Quick Device Connect i think, it's a feature like airdrop I think, something that I won't use at all and I'm totally not interested in using it.
Already chatted with official support, they suggested me to go back to factory defaults (lol) I have a lot of data and settings, I just don't want to do that, it would be sufficient to simply make this useless feature to no start at all or simply hide this error popup. I don't feel the need to fix this app since I'm not planning to use it at all.
Any new updates after android 13?
I've fixed by installing the oneplus version of quick device connect using an apk i found in the wild, if someone has the same problem can try this method