Related
Good day all,
With all the hubub about airport security screening your phone I'm interested in an 'airport app'. Namely, as opposed to full encryption (meh good if needed, but I don't really want to trade battery life for security) or the hassle of backing up an image, flashing a virgin phone image for travel, and then restoring the image after travel..
Why not create a 'sandbox' app of sorts. Start it, it simulates virgin or near virgin status, have an advanced unlock sequence to close it. The only issue, I see, would be if the phone was restarted while in 'airport mode' could it be triggered to restart in said mode.
After typing out my whole idea, I'm thinking the backup and flash of virgin rom might be a lot simpler. But I'm interested if any other world travelers, or US travelers would be interested in something like this.
So I guess the question is, anyone else thought about this, anyone know of something similar out already? Anyone want to develop something like this?
~HattZ
Screening in X-rays? What does it have to do with anything?
Or some other screening (don't believe it's technically possible - too many phones)? Can you point to your info source?
I don't understand the point of this, it is not like they take your phone and play with it when you go through security. In fact, mine has never been removed from my carry on when passing through security.
Maybe you have some evidence to support your theory that our phones data is at risk when passing through security checkpoints... but I doubt it.
Are you in the US? 'cause 1) that never happened, and 2) that would be illegal (to search the content of your phone), unless they had reasonable suspicion that your phone contained data that showed evidence of criminal activity.
They might 'touch' some phones to make sure they are real (as in really work vs being a bomb or something), but they wouldn't search the content of your phone.
pconwell said:
Are you in the US? 'cause 1) that never happened, and 2) that would be illegal (to search the content of your phone), unless they had reasonable suspicion that your phone contained data that showed evidence of criminal activity.
They might 'touch' some phones to make sure they are real (as in really work vs being a bomb or something), but they wouldn't search the content of your phone.
Click to expand...
Click to collapse
Sorry, wrong answer, it is the US, most national travel is not submitted to this type of search. All international (incoming) travel can be.
Lots of interesting talk on it: http://yro.slashdot.org/story/10/11...r-Moxie-Marlinspikes-Laptop-Cellphones-Seized
Legal explanation: http://caselaw.lp.findlaw.com/data/constitution/amendment04/04.html
pertinent excerpt: "Border Searches .--''That searches made at the border, pursuant to the longstanding right of the sovereign to protect itself by stopping and examining persons and property crossing into this country, are reasonable simply by virtue of the fact that they occur at the border, should, by now, require no extended demonstration.'' 87 Authorized by the First Congress, 88 the customs search in these circumstances requires no warrant, no probable cause, not even the showing of some degree of suspicion that accompanies even investigatory stops."
A google search for "international travel us border checking laptops and phones" give about a million other examples, I'll throw a few below.
from Feb 12, 2008 (this isn't a new phenomenon, just getting more press)
http://www.pcworld.com/article/142429/five_things_to_know_about_us_border_laptop_searches.html
from 21 September 2009
http://www.mondaq.com/unitedstates/article.asp?articleid=86010
Don't like it? neither do I.
http://www.aclunc.org/issues/technology/blog/checking_your_privacy_at_the_border.shtml
ACLU excerpt (it's liberal, and slanted but a valid presentation of the worst case scenario): "Originally announced in July 2008, the current policy permits border agents to search electronic devices “absent individualized suspicion.” Agents may hold on to devices “for a reasonable period of time” to “review and analyze information.” In other words, border agents are legally able to take travelers’ information whenever they want at security checkpoints at airports or along the border, and hold on to it for as they long as they want. Agents may also copy information and send it off-site to be analyzed. The policy applies to all electronic devices, including computers, disks, hard drives, cell phones and cameras. Travelers have to be concerned about more than the possibility of security agents rifling through their belongings. Their private data might be compromised, erased, or kept indefinitely, and they don’t know how that data might be used."
Best I can say is nandroid + ext backup to your home computer, wipe phone before coming back into country, then recovery nandroid once you're back at home.
MaximReapage said:
Best I can say is nandroid + ext backup to your home computer, wipe phone before coming back into country, then recovery nandroid once you're back at home.
Click to expand...
Click to collapse
Yeah, sorta realized that or something similar would be the most efficient. I'm thinking even a step lazier, nandroid backup to SD, restore a stock rom / clear sim card, remove SD, maybe even backup to laptop (truecrypt FDE - custom error message at boot saying master boot record is corrupt)
walk out of security, pop in SD, start nandroid restore...
sigh.. a sandbox app would be sorta fun though.
If they have a right to detain your laptop, clone your HD and you have to submit all your passwords - it's kinda useless to try and protect the data somewhere on the computer, and it's better just to back it up on microSD hidden in the suitcase - no way it'll be detained.
Definitely keep a copy of it on your computer at home, though.
airplanemode anyone?
Or turn of your phone.
I know what will make it a quick transition through airport security when flying international..
Put some heavy encryption on my phone, obfuscate my data, and then pass it off with a flimsy cover program to make it look like there is nothing there. That way if they do find it, it's GITMO TIME.
Jack_R1 said:
If they have a right to detain your laptop, clone your HD and you have to submit all your passwords - it's kinda useless to try and protect the data somewhere on the computer, and it's better just to back it up on microSD hidden in the suitcase - no way it'll be detained.
Click to expand...
Click to collapse
meh, at the lower tier of airport security a custom boot message from a full disk encrypted truecrypt volume. "please insert windows disk" "cannot find master boot record" or similar.. and a sob story about how your laptop stopped working on vacation and when you get home you have a friend that you hope can fix it..
gets by most, it's not NSA at every checkpoint. it's just over min wage, uneducated, folks..
so backing it up to laptop, and tossing micro SD card in the bottom of a bag or in a jacket pocket.. will work just fine.
Hi there,
After the advice of John on this thread
https://groups.google.com/a/googlep...forums.com?utm_medium=email&utm_source=footer
I finally got passed the boot loop after another attempt. I am travelling in China and this country is so beautiful that I could not stand living without a camera. So I simply tried again and it worked. (I have a software VPN that helps to reach the Google servers).
So I have setup a hosted network on my Windows 10 device with the VPN on it and went ahead with the install.
It went all fine (a bit longer as the packets have to transit via San Fransico hardware VPN hosted by VPN Express) however once I'm on the "Verifying your account" page, I enter my email and it grays out in the wait of completion but it rolls and rolls, it never ends.
I have searched on Google search engine about documentation to fix that quick and I ended in an ocean of people running around like headless chickens, sake oil dealers etc etc. So what's all these hurdles about this FPR thing???
I am scared.
I am in china and my phone helps me to get around.
It's now a useless paper weight.
What if I end up in a trap because I asked some people for my way and I get hurt? Am I allowed to blame the new fancy "security" policies?
PLEASE HELP ME FAST - I NEED URGENT ASSISTANCE - I will be refreshing my email every 30mns from now.
vonz33 said:
Hi there,
After the advice of John on this thread
https://groups.google.com/a/googlep...forums.com?utm_medium=email&utm_source=footer
I finally got passed the boot loop after another attempt. I am travelling in China and this country is so beautiful that I could not stand living without a camera. So I simply tried again and it worked. (I have a software VPN that helps to reach the Google servers).
So I have setup a hosted network on my Windows 10 device with the VPN on it and went ahead with the install.
It went all fine (a bit longer as the packets have to transit via San Fransico hardware VPN hosted by VPN Express) however once I'm on the "Verifying your account" page, I enter my email and it grays out in the wait of completion but it rolls and rolls, it never ends.
I have searched on Google search engine about documentation to fix that quick and I ended in an ocean of people running around like headless chickens, sake oil dealers etc etc. So what's all these hurdles about this FPR thing???
I am scared.
I am in china and my phone helps me to get around.
It's now a useless paper weight.
What if I end up in a trap because I asked some people for my way and I get hurt? Am I allowed to blame the new fancy "security" policies?
PLEASE HELP ME FAST - I NEED URGENT ASSISTANCE - I will be refreshing my email every 30mns from now.
Click to expand...
Click to collapse
There are a few options you can take (if you have an unlocked bootloader). The quickest would be to simply delete the SetupWizard apk from TWRP.
Another option is to download and flash a ROM without Google Apps (make sure to download the camera apk of your choice- whether it be Snap or Google Camera).
Finally, you could try another VPN service (or server).
Go to a country that allows Google services to be used, or simply be patient as the VPN is apparently the problem. Your last two questions are likely rhetorical, but if you end up in a trap and get hurt it's your fault, not Google's. So no, you can't blame them for their Factory Reset Protection.
The "issue" with FRP is a simple one. It requires knowing the last Google account used and its password. This affects two different groups of people: those with "burner" accounts, and resellers.
In the case of the burner accounts people create a Google account with a password and don't bother to remember it because they don't want to give any information to Google. Then when they have to reset their devices for whatever reason FRP kicks in and they're screwed. Since they don't know the Google account or password they can't get back into the device.
The resellers purchase used devices and try to move them. However the person selling the device often does not clear out the account information from the device or does not remove the device from their account. When the device is sold the new owner attempts to enter their information and gets tripped up by FRP as they don't have the last Google account and its password.
"Burner" accounts are a pathway to disaster. Resellers are a bit more careful, and instances of FRP on a used device from a reseller have gone down.
negusp said:
There are a few options you can take (if you have an unlocked bootloader). The quickest would be to simply delete the SetupWizard apk from TWRP.
Another option is to download and flash a ROM without Google Apps (make sure to download the camera apk of your choice- whether it be Snap or Google Camera).
Finally, you could try another VPN service (or server).
Click to expand...
Click to collapse
Thanks for these options!
Yes, good old TWRP... Good option however since the phone is not rooted it would require a way to root it via fastboot flash, and also a way to push TWRP the same way.
I would perhaps rather downgrade to 6.0 or even 5.0 to see if I get lucky.
I could also buy a new phone here but the pricings are rather prohibitive and the models they have would be of no use outside of China.
I have tried mucking around with other VPNs today, it allowed me to go one or 2 steps further but the procedure finally s+++t itself in the end.
I should be in Vietnam tomorrow so hopefully the local telecom towers will allow me to finish my install....
I have no idea how i'm going to tell the taxi driver that I need to go to the train station without a portable system like an android phone, time is a bit short to chase down a paper dictionary.
If you still have some more leads on your TWRP methods that would solve this, please post ahead. I have no guarantees that Vietnam will solve this at this point in time.
Cheers mate.
Strephon Alkhalikoi said:
Go to a country that allows Google services to be used, or simply be patient as the VPN is apparently the problem. Your last two questions are likely rhetorical, but if you end up in a trap and get hurt it's your fault, not Google's. So no, you can't blame them for their Factory Reset Protection.
The "issue" with FRP is a simple one. It requires knowing the last Google account used and its password. This affects two different groups of people: those with "burner" accounts, and resellers.
In the case of the burner accounts people create a Google account with a password and don't bother to remember it because they don't want to give any information to Google. Then when they have to reset their devices for whatever reason FRP kicks in and they're screwed. Since they don't know the Google account or password they can't get back into the device.
The resellers purchase used devices and try to move them. However the person selling the device often does not clear out the account information from the device or does not remove the device from their account. When the device is sold the new owner attempts to enter their information and gets tripped up by FRP as they don't have the last Google account and its password.
"Burner" accounts are a pathway to disaster. Resellers are a bit more careful, and instances of FRP on a used device from a reseller have gone down.
Click to expand...
Click to collapse
Not Google's fault? Lets unpack this one... I am a council fixing up a foot path. The engineers have let a slight gap in the concrete due to a fabrication method process. If you trip and hurt yourself it's your fault yeah?
Secondo, it's not Google's job to make my phone safe from thieves, it's mine. Why in hell would they make my life complicated because some idiots spends $2000 on a phone a forget it in a taxi, I don't want to have to do all these things, I just want my phone to be able to be serviced easily. and especially if i'm in a critical area, my safety is more important than these people's concerns about thieves. An the cherry on the pie is that today with the cloud sync technology, who cares in the first place.
""Burner" accounts are a pathway to disaster." Mate, look up the word disaster's definition from the dictionary and see if it applied to a chum that has got his phone stolen and get back to me with that.
Kind regards
I normally don't dissect posts but...
vonz33 said:
]Not Google's fault? Lets unpack this one... I am a council fixing up a foot path. The engineers have let a slight gap in the concrete due to a fabrication method process. If you trip and hurt yourself it's your fault yeah?
Click to expand...
Click to collapse
It's not Google's fault as you have alternative options you could take. For instance, a dedicated GPS receiver from Garmin or Tom Tom. I keep both a Garmin GPS and a street atlas in my car as a backup to my N6 and I live stateside. Should I encounter an issue, I have a means to get where I need to go. It's called "being prepared".
Your argument is a strawman argument, because Google's Android software is working as intended. Your argument might have more weight if there was a bug in the software that prevented you from using it. FRP is not a bug.
Secondo, it's not Google's job to make my phone safe from thieves, it's mine. Why in hell would they make my life complicated because some idiots spends $2000 on a phone a forget it in a taxi, I don't want to have to do all these things, I just want my phone to be able to be serviced easily. and especially if i'm in a critical area, my safety is more important than these people's concerns about thieves. An the cherry on the pie is that today with the cloud sync technology, who cares in the first place.
Click to expand...
Click to collapse
Bit of a strawman here as well, as the issue isn't the person accidentally leaving his device in a taxi, but the person who gets their device stolen. Add to that the hyperbole of a $2,000 phone and you have a funny comment.
This is Google complying with California's kill switch law that went into effect two years ago. Since people travel in and out of California all the time and it's nearly impossible to target devices with "California-only" firmware Google implemented FRP worldwide. The entire idea of FRP is to make the phone impossible to use if it is stolen.
""Burner" accounts are a pathway to disaster." Mate, look up the word disaster's definition from the dictionary and see if it applied to a chum that has got his phone stolen and get back to me with that.
Kind regards.
Click to expand...
Click to collapse
The situation you describe is exactly why FRP was implemented on devices. Burner accounts will lead to disaster because it is inevitable that the owner will have to reset his device for whatever reason. When he does, he's screwed. I will clarify one thing here: when I refer to a "Burner" account I refer to an account with a random string of letters and numbers used for both email address and password with the express purpose of preventing Google from tying data collected from the device to the owner of that device. Ideally, if you really want to use a throwaway account, you at least make up an email address and password that are both easy to remember.
For the record, here's the definition of "disaster". Definition 3 applies to this conversation.
dis·as·ter (dəˈzastər)
noun
1. a sudden event, such as an accident or a natural catastrophe, that causes great damage or loss of life. "159 people died in the disaster"
synonyms: catastrophe, calamity, cataclysm, tragedy, act of God, holocaust; accident. "a subway disaster"
2. denoting a genre of films that use natural or accidental catastrophe as the mainspring of plot and setting.
modifier noun: disaster. "a disaster movie"
3. an event or fact that has unfortunate consequences. "a string of personal disasters"
synonyms: misfortune, mishap, misadventure, mischance, setback, reversal, stroke of bad luck, blow. "a string of personal disasters"
P.S. When quoting something written in quotes, double quotes are replaced with single quotes. Thus, in quoting me you want to say, "'Burner' accounts are a pathway to disaster."
Hello,
I'm a bit of desperate and I come here to XDA with the hope to find some useful advide. :crying:
I know you probably have read many posts like these, but if you will read mine I hope you will find it different because there are some technical things to be explained (interesting at least for me).
I've lost 99% of my photos and videos taken in July on my phone (64 GB Memory model).
I know I know I should have implemented some sort of backups whatsoever in the cloud or with a home NAS, but unfortunately for me I'm not that kind of guy. The Android built-in backup is also disabled.
What has really happened here I think that probably somehow my daughter has grabbed my phone and has played with it and has deleted about hundreds of photos and videos taken in July. Of her mainly! Never underestimate the damage capabilities of a toddler.
In the meanwhile I've taken lots of photos in August and used a phone a lot and also got the OTA update to Oxygen 4.1.7 / Android 7.1.1
Now I have found that most of July media files are missing!!!!
At the moment there are 25 GB used out of the whole 54 in the Internal Archive Memory as it seen on the Phone Setup.
I have bought DiskDigger Pro for Android but somehow it cannot find the right files all it finds are Whatsapp Images and other files. Does not really find the missing files which I suspect have been somehow deleted.
I think it needs root privileged to dig deeper but I don't understand why, in theory the files should be recoverable on the same partition as the DCIM folder. To my understanding the files should be marked as "deleted" in the same partition as where the DCIM folder is. But there is also this TRIM mechanism on the newer phones flash memories that confuses me.
Q1) Can you please clarify why this and all other media files recovery programs which seem to be a bit serious need root to recover missing media files?
So given as assumption that I need to root, I've read here and there and it seems that sometime ago for OP One that was the possibility to root without unlocking the boot loader. But if I unlock somehow all the data will be wiped. And I fear this will make any further software base recovery method like diskdigger or photorec hopeless even with elevated root privileges.
Q2) Can you confirm that I cannot root without unlocking the bootloader and therefore without wiping the device?
For your information I have also bought tonight a 100 USD root + files recovery package one oneclickroot but the agent promised to refund me after I told her the model of my phone (scary!).
Q3) I know a couple of things in Linux, do you think is it possible without root to create a raw image of the internal phone memory or the proper partitions with a tool such as "dd" ? Then I would process those raw images on a Windows or linux PC with file recovery software.
Q4) Do you think that the wiping caused by the bootloader unlocking will render any possible further diskdigger like solution without hope? Or should I go that way because the wiping is not so deep after all?
I don't know what to think, the fact that the phone is also encrypted makes me fear the worst. Maybe after the wiping it will get re-encrypted over.
Q5) Any advice in general before contacting kroll on track and pay thousands of dollar with the hope to recover?
Thanks a lot for any useful reply! I hope this topic will bring a definitive guide on how to recover files on unrooted oneplus 3t!
I can't answer all your questions here, however I can say with 100% confidence that you cannot root without unlocking bootloader. Some people claim of other methods, but keep away from them.
And there is nothing to be scared of when rooting OnePlus 3T if you follow the correct steps.
Are you sure that your daughter deleted those photos? How can she specifically delete photos taken in July? Do you have Google photos installed?
Aneejian said:
I can't answer all your questions here, however I can say with 100% confidence that you cannot root without unlocking bootloader. Some people claim of other methods, but keep away from them.
And there is nothing to be scared of when rooting OnePlus 3T if you follow the correct steps.
Are you sure that your daughter deleted those photos? How can she specifically delete photos taken in July? Do you have Google photos installed?
Click to expand...
Click to collapse
Thanks for your answer.
I'm not scared of rooting, as I have rooted other phones in the past. I'm ready to spend 1000USD and maybe even more to recover these media files and therefore I'm not really scared of rooting or bricking the device. What really scares me is that by
unlocking bootloader -> wiping -> rooting -> (new encryption of the filesystem ?)
I will render the deleted missing files completely unrecoverable.
I don't have google photos and I'm not 100% sure that my daughter has deleted the files. Maybe I've done a cut & paste which has not worked correctly on the phone as I've only 1 or 2 days of the beginning of July in my external hard drive. But it's more likely that my daughter has played with the gallery application on the phone.
I don't have a lock gesture or pin and my screen can be unlocked just by sliding, however it seems my phone is encrypted.
This encryption I don't know how it works and how it relates with the bootloader unlocking, if someone have more information I would be glad to hear.
And also I've done some more research and it seems impossible to perform a "dd" command of the partitions without first being superuser / root. ;-(
Regards,
Claudio
Did you try connecting your phone to the pc and use the programm recuva?
I managed to restore my files with it once
I can feel your pain of loosing those valuable moments of your daughter. I feel sorry that I can help you much with this.
In future, I suggest you to use Google photos which can automatically backup all your photos for free.
StarShoot97 said:
Did you try connecting your phone to the pc and use the programm recuva?
I managed to restore my files with it once
Click to expand...
Click to collapse
I don't think that recuva can do anything here. I am not allowed to past links here but as explained here
ht*ps://forums.androidcentral.com/ambassador-guides-tips-how-tos/500142-guide-recovering-deleted-files.html
and here
ht*ps://forum.xda-developers.com/galaxy-nexus/general/guide-internal-memory-data-recovery-yes-t1994705
Recuva can't do anything for internal memory.
But thanks for the hint!
Aneejian said:
I can feel your pain of loosing those valuable moments of your daughter. I feel sorry that I can help you much with this.
In future, I suggest you to use Google photos which can automatically backup all your photos for free.
Click to expand...
Click to collapse
One of the most affordable options I'm considering is this:
1) get another oneplus 3t
2) take some pictures and videos on it
3) delete those pictures and videos
4) root it
5) Install diskdigger to check if he can find anything after the wipe
I feel huge pain, my wife is also kindly pushing me. ^^
The problem ought to be that since this phone is force encrypted per default, unlocking the bootloader will destroy the encryption key for the previous installation won't it? Isn't that they point as to avoid anyone accessing your data by simply doing a factory restore and still keep the data in the internal storage. At least that's what I though, else where's the security of someone steals your phone.
Without that, any recovery software will just see rubbish when trying to recovery anything since it's encrypted.
pitrus- said:
The problem ought to be that since this phone is force encrypted per default, unlocking the bootloader will destroy the encryption key for the previous installation won't it? Isn't that they point as to avoid anyone accessing your data by simply doing a factory restore and still keep the data in the internal storage. At least that's what I though, else where's the security of someone steals your phone.
Without that, any recovery software will just see rubbish when trying to recovery anything since it's encrypted.
Click to expand...
Click to collapse
Thanks a lot, eventually some technical info on xda
If I lose my phone someone can use it and read everything because there is no lock, no pin, no gesture nothing. I would try a remote wipe via google android devices or something like that. Life is too short to unlock your phone every time you look at it even if it is via finger print!
This being said I've read year
ht*ps://source.android.com/security/encryption/full-disk
this paragraph among the others is not clear to me
Upon first boot, the device creates a randomly generated 128-bit master key and then hashes it with a default password and stored salt. The default password is: "default_password" However, the resultant hash is also signed through a TEE (such as TrustZone), which uses a hash of the signature to encrypt the master key.
You can find the default password defined in the Android Open Source Project cryptfs.c file.
When the user sets the PIN/pass or password on the device, only the 128-bit key is re-encrypted and stored. (ie. user PIN/pass/pattern changes do NOT cause re-encryption of userdata.) Note that managed device may be subject to PIN, pattern, or password restrictions.
Does this paragraph give me hope or not?
Thanks a lot for your interest! Sleepless nights go on here.
lallissimo said:
I know I know I should have implemented some sort of backups whatsoever in the cloud or with a home NAS, but unfortunately for me I'm not that kind of guy.
Click to expand...
Click to collapse
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
---------- Post added at 10:53 AM ---------- Previous post was at 10:46 AM ----------
lallissimo said:
I'm not really scared of rooting or bricking the device. What really scares me is that by
unlocking bootloader -> wiping -> rooting -> (new encryption of the filesystem ?)
I will render the deleted missing files completely unrecoverable.
I don't have a lock gesture or pin and my screen can be unlocked just by sliding, however it seems my phone is encrypted.
This encryption I don't know how it works and how it relates with the bootloader unlocking, if someone have more information I would be glad to hear.
Click to expand...
Click to collapse
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
lallissimo said:
I'm not 100% sure that my daughter has deleted the files. Maybe I've done a cut & paste which has not worked correctly on the phone as I've only 1 or 2 days of the beginning of July in my external hard drive. But it's more likely that my daughter has played with the gallery application on the phone.
Click to expand...
Click to collapse
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
redpoint73 said:
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
Click to expand...
Click to collapse
Thank you for the interest in my thread I really appreciate it.
I know a things or two about backups and I see your point. There is an ancient Chinese proverb saying something like this: Backup is that thing that should have done before.
However, being on xda I'd like to keep the discussion on a technical level if possible.
If you have any information or links on the way the internal memory is managed at physical level I'd like to discuss about it. As far as I know in order to extend the duration of this solid state memories the system makes his best to write on the blocks the least possible. I don't think I have already overwritten all the blocks of the internal memory. We'll see.
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
Click to expand...
Click to collapse
I'm almost sure that the wiping does not scrape the memory with all 0 and 1. That would take really a lot of time and also that would reduce the duration of the memory.
Take a look here for example
h*tps://www.krollontrack.co.uk/blog//top-tips/what-you-need-to-know-about-androids-factory-reset-function/
so my real enemy here is encryption.
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
Click to expand...
Click to collapse
You could be right, still I need to be root to dig deeper.
lallissimo said:
I'm almost sure that the wiping does not scrape the memory with all 0 and 1. That would take really a lot of time and also that would reduce the duration of the memory.
Take a look here for example
h*tps://www.krollontrack.co.uk/blog//top-tips/what-you-need-to-know-about-androids-factory-reset-function/
so my real enemy here is encryption.
Click to expand...
Click to collapse
This is just wishful thinking. That article sounds really paranoid to me. Whatever method the system is using to "scramble" the data is going to put it out of the realm of the cheap, consumer data retrieval tools (as you've pretty much already experienced). The article states:
A recovery is possible by looking at the data structures from a low-level and using specialist tools to recreate the data into a useable format
We aren't talking about free or $5 Android apps here. We're probably talking about specialist software that costs thousands of dollars. Yes, technically data is almost always retrievable. Law enforcement has tools that can retrieve "ghost" data images even after being overwritten multiple times. But such tools are feasible for consumers from a cost/benefit standpoint.
redpoint73 said:
This is a really weak excuse. If the photos were that valuable to you, you should have been backing them up. There really is no excuse. Backup options are available that are effective, free, and require hardly any action on your part (aside form the initial setup - you've done more by disabling the default backup options).
Recovering deleted data is always a hit-or-miss proposition, at best. The longer you have the phone on, the higher the chance those memory sectors will be over-written. May have already happened.
---------- Post added at 10:53 AM ---------- Previous post was at 10:46 AM ----------
It doesn't matter. Unlocking the bootloader wipes all data on the phone by definition, regardless of whether it is encrypted or not. At least that is how it worked on previous Android devices I've owned, that did not have encryption by default. So I'd be willing to bet the same is try on the 3T.
I find it a little unlikely your daughter deleted all the photos. I don't see an easy way she could have done that to hundreds of photos, without an improbable number of screen taps. I'd use a good file explorer, and just keep digging. They might just be moved somewhere odd.
Click to expand...
Click to collapse
redpoint73 said:
This is just wishful thinking. That article sounds really paranoid to me. Whatever method the system is using to "scramble" the data is going to put it out of the realm of the cheap, consumer data retrieval tools (as you've pretty much already experienced). The article states:
A recovery is possible by looking at the data structures from a low-level and using specialist tools to recreate the data into a useable format
We aren't talking about free or $5 Android apps here. We're probably talking about specialist software that costs thousands of dollars. Yes, technically data is almost always retrievable. Law enforcement has tools that can retrieve "ghost" data images even after being overwritten multiple times. But such tools are feasible for consumers from a cost/benefit standpoint.
Click to expand...
Click to collapse
If someone has more technical information about the encryption part I'll gladly look at it.
As far as wiping is concerned I have given a quick look at the source code, so for example here:
https://www.pentestpartners.com/sec...ta-from-wiped-android-devices-a-how-to-guide/
and if this is still what's inside my android phone I'm sure that mkfs.ext4 is nothing to fear when you need to recover data.
Problem for me is encryption, but yest I'm considering expensive solutions too. Just for the sake of the technical satisfaction, of course.
I have encountered a two year (?) Android lock screen glitch on the 10 Pro. I enter the correct pin and it takes it as incorrect. Now, I am locked out for 24 hours at a time. There's no allowance for me to use face unlock or finger print unlock. Encountered the glitch shortly after coming back from a vacation where I have captured 150+ GB of media chronicling my family and I. I cannot afford to lose these pictures and videos so looking for any help in getting my data off/phone unlocked. OnePlus official tech support is horrible and Google has no support on this. It's pretty crappy so looking for a needle in the haystack. Been stuck for two months and a friend recommended this site!
Use a data recovery specialist that has worked with that brand before successfully. That's your best shot if really need the data.
I never use screen locks or set bios passwords, you see why now. You are the one most likely to be locked out sometimes through no fault of your own. Redundantly and regularly backup critical data. NEVER encrypt data drives.
Having expandable storage helps too if you use the SD card as an unencrypted data drive. I also use two 500gb OTG flashsticks for "dirty" backups, main backups are on hdds.
All you can do sometimes is to learn from your mistakes... and not repeat them.
Dragonzord94 said:
I have encountered a two year (?) Android lock screen glitch on the 10 Pro. I enter the correct pin and it takes it as incorrect. Now, I am locked out for 24 hours at a time. There's no allowance for me to use face unlock or finger print unlock. Encountered the glitch shortly after coming back from a vacation where I have captured 150+ GB of media chronicling my family and I. I cannot afford to lose these pictures and videos so looking for any help in getting my data off/phone unlocked. OnePlus official tech support is horrible and Google has no support on this. It's pretty crappy so looking for a needle in the haystack. Been stuck for two months and a friend recommended this site!
Click to expand...
Click to collapse
Could maybe try resetting system, that'll leave your storage intact?
May be a Fastboot command to kill the kitchen but I'm not sure,, there used to be a file you can delete from twrp but we unfortunately don't have a custom recovery yet.
In future, install the mod I offered in another thread that allows unlimited Google photos backup..
Have you checked your Google photos to see if anything was backed up?
Google Photos
Google Photos is the home for all your photos and videos, automatically organized and easy to share.
google.com
Hey Blackhawk and dladz. Thanks for the advice! Will attempt to find a data recovery specialist. Thanks for suggesting this as there seems to be some hope that data recovery is doable for a locked phone!
Unfortunately, nothing is backed up to Google photos. It happened just after my trip and I didn't get the chance to back up. Surely in the future,I will not use a password.
If I can't get the data off, is there any possible chance to file a lawsuit against Google?
Dragonzord94 said:
Hey Blackhawk and dladz. Thanks for the advice! Will attempt to find a data recovery specialist. Thanks for suggesting this as there seems to be some hope that data recovery is doable for a locked phone!
Unfortunately, nothing is backed up to Google photos. It happened just after my trip and I didn't get the chance to back up. Surely in the future,I will not use a password.
If I can't get the data off, is there any possible chance to file a lawsuit against Google?
Click to expand...
Click to collapse
A lawsuit against Google? You'd have a hard time buddy...it'll be challenging to get the data from a locked phone..
What about connecting your phone to WiFi whilst it's locked and seeing if Google photos syncs and backs up?
Have you checked if photos has been syncing? It'll do it automatically if you've ever accessed and advised the app to back up automatically
Dragonzord94 said:
Hey Blackhawk and dladz. Thanks for the advice! Will attempt to find a data recovery specialist. Thanks for suggesting this as there seems to be some hope that data recovery is doable for a locked phone!
Unfortunately, nothing is backed up to Google photos. It happened just after my trip and I didn't get the chance to back up. Surely in the future,I will not use a password.
If I can't get the data off, is there any possible chance to file a lawsuit against Google?
Click to expand...
Click to collapse
A OTG .5tb flashstick or two could have backed them up. Too much backup is a good thing.
Less Google is good. I use Gmail and that's it for anything that's cloud based.
try this https://techcrunch.com/2022/11/14/android-lock-screen-bypass-google-pixel/
op is fairly slow with security patches so you might be in luck
g96818 said:
try this https://techcrunch.com/2022/11/14/android-lock-screen-bypass-google-pixel/
op is fairly slow with security patches so you might be in luck
Click to expand...
Click to collapse
That's clever...I like it
dladz said:
A lawsuit against Google? You'd have a hard time buddy...it'll be challenging to get the data from a locked phone..
What about connecting your phone to WiFi whilst it's locked and seeing if Google photos syncs and backs up?
Have you checked if photos has been syncing? It'll do it automatically if you've ever accessed and advised the app to back up automatically
Click to expand...
Click to collapse
Dang thanks for the advice. I thought it would be easy because the glitch is their fault and they haven't fixed it.
It's been connected to WiFi but nothing backed up
It doesn't even show up on find my phone
blackhawk said:
A OTG .5tb flashstick or two could have backed them up. Too much backup is a good thing.
Less Google is good. I use Gmail and that's it for anything that's cloud based.
Click to expand...
Click to collapse
Hopefully I can get back into my phone and use this advice. Thanks!
g96818 said:
try this https://techcrunch.com/2022/11/14/android-lock-screen-bypass-google-pixel/
op is fairly slow with security patches so you might be in luck
Click to expand...
Click to collapse
How do I go about unlocking the SIM card? I've tried before but haven't found an option to do so.
Dragonzord94 said:
Dang thanks for the advice. I thought it would be easy because the glitch is their fault and they haven't fixed it.
It's been connected to WiFi but nothing backed up
It doesn't even show up on find my phone
Click to expand...
Click to collapse
That's a shame man, when you do get it set up...install the Google photos mod I uploaded and you can back up with no limits..
Doesn't help this situation but food for thought.
The sim lock glitch is a great shout and can be accessed from any phone usually. May need to pop it in another.. there could be a default one so Google your current provider incase there's a default code.
Dragonzord94 said:
How do I go about unlocking the SIM card? I've tried before but haven't found an option to do so.
Click to expand...
Click to collapse
phone lock and sim lock are two completely different things. you'll need a second phone and someone else's sim. you can use google to find out how.
try just popping out your sim, restart, and see if you can get in
Thanks for the help! The SIM card is already out (tried this at the beginning). So I'll do what you said about using someone else's sim! Will let you all know the results after work.
I have tried the SIM glitch, but alas it didn't unlock will have to try to find a specialist. Any programs that can unlock phones?
dladz said:
That's a shame man, when you do get it set up...install the Google photos mod I uploaded and you can back up with no limits..
Doesn't help this situation but food for thought.
The sim lock glitch is a great shout and can be accessed from any phone usually. May need to pop it in another.. there could be a default one so Google your current provider incase there's a default code.
Click to expand...
Click to collapse
Uploaded where? I don't see it...
Loustsoul said:
Uploaded where? I don't see it...
Click to expand...
Click to collapse
It's in its thread called a
little gem
(mod) G-Photos -A little gem
Found this little gem. Pop it in magisk then install it. Check G-Photos after the reboot. Enjoy unlimited photos on your device. 👍🏻
forum.xda-developers.com
Problem:
My mum has an Android-based Samsung phone and unfortunately, when the main folder with photos ("Camera") was moved from the Phone to PC via USB cable, it was made using Cut and Paste. By accident the files were pasted into Recycle Bin and we received warning "Files will be permanently deleted. Do you wish to proceed?". We pressed "No" to abandon this process and undo the mistake. Nevertheless, the entire folder "Camera" has already disappeared from the window of DCIM folder on the phone (as viewed from PC). Similarly, the folder appears to have been deleted when viewed from within the phone. (also the phone now has 150 Gb free, while before the process it had 110 Gb free, so it appears 40 Gb of photos have been deleted....
Attempts to fix:
Standard photo / data recovery services failed to bring results (searching hidden folders using Windows Explorer, Total Commander and Ultdata Android).
We then tried two professional software solutions (Cellebrite UFED and Oxygen Forensic Device Extractor -- Android Agent), which also did not manage to locate photos on the device.
It appears as if they were completely deleted.
The same person who used the two prof software solutions above has access to PC-3000, but he claims it's not suitable for Android data recovery (?)
We have already spent 2 days and hundreds of dollars on consultations, which unfortunately still have not brought any results, while the emotional weight of deleted memories is haunting us. Thus, we appeal to help of this forum.
Current thoughts:
#1 All other methods suggested require rooting the phone, which apparently will wipe the whole and make recovery of that specific folder even less likely (correct me if I'm wrong).
#2 All suggestions to make back-up of the phone / clone the entire memory are not relevant, as the only files that are of importance here are the files in the deleted folder, and those files are not hidden and therefore will not copy into this back-up anyway (correct me if I'm wrong).
#3 One person told us to ask Samsung customer service, but their response was that they don't do data recovery and that they only can restore if there was Samsung cloud backup activated.
Questions:
Q1: What is our best course of action? It seems, rooting is one way or another, inevitable. What rooting method would be best to use here, given the situation and my phone specifications? I understand that there is no 100% guarantee to recover the erased photos, but we would like to at least give it a try with maximum chances of success.
Q2: Given that the files we want to back-up are already deleted and not visible, is it even worth it to try to make any back-ups? or will it be in vain, and should we just proceed to rooting and further recovery attempts?
Q3: IF, we successfully root, what is the best way to access the hidden data? Do we need help of this expert who has PC-3000 and specialized software, or is it going to be accessible using our own PC+USB cable + extra downloaded software?
Phone:
Samsung S21 Ultra (G998B). Android 12. No cloud, no backup. Phone not used for now. New data is not copied onto the phone. Phone not rooted.
Thank you for all your help. I do hope to find some solution. We are down hundreds of dollars, many hours of talking to consultants, many of whom appear to just google potential solutions and offer us some basic things, while the pain of cherished memories potentially lost forever is the worst, much worse than money lost. Any help or constructive feedback would be appreciated!
BTW if someone offers a working solution, I can offer consultancy fee for time and success fee in case of recovery.
Root probably won't be possible without unlocking the bootloader, and unlocking the bootloader factory resets the phone, which formats the internal storage and permanently deletes everything. I've used root apps to recover deleted photos and videos before but that only works if the phone was already rooted, or if there's a way to do it without wiping the phone. When I joined XDA almost a decade ago it was relatively common to see root methods that used exploits, and didn't require you to wipe the phone but that's not really a thing today. All this is to say that root is almost certainly not a viable option.
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Maybe you can download a folder files of camera for the S21 Ultra :U
KingFatty said:
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Click to expand...
Click to collapse
^this^ Your best shot. With this you may only get one shot especially if you cause more damage by misadventure...
Others here have gone this route and gotten good results. $400-800 for non rush service is in the ballpark.
KingFatty said:
Have you checked for professional forensics services that can disassemble the phone and connect wires directly to the storage chips?
I've seen Youtube videos like this, where they get into the guts of the electronics and use solder and wiring. Sorry I don't know more specifics, but perhaps you can find them online and mail your phone for professional forensics recovery.
Click to expand...
Click to collapse
blackhawk said:
^this^ Your best shot. With this you may only get one shot especially if you cause more damage by misadventure...
Others here have gone this route and gotten good results. $400-800 for non rush service is in the ballpark.
Click to expand...
Click to collapse
Thank you. I have come across some websites mentioning this, but could not find any agency of repute in my region offering such a solution. And especially if I can only get one shot with this, I definitely want to pick the best agency to try it out. The photos inside are worth it for me to shell out hundreds of dollars if necessary...
I wonder also, if we can reasonably expect technical progress to be able to solve this situation. I don't mean some stuff like quantum computing, but for instance I'm aware that PS3 has recently been cracked , a few years after it came out. Can I reasonably expect something similar to happen to Android 12 that what's not breakable/crackable today, may become so in 1-2 or maybe 3-4 years? While I'd hate to have to wait for 2-3 years, there's nothing time-sensitive in those photos; just family moments that I would like to be able to revisit 10 years later, so if I only will be able to access them later on, that's fine, I can just put my phone in a drawer for a few years and wait. As long as this wait is not in vain. Definitely don't need false hope.
Thanks for your feedback!
samsungs21 said:
Thank you. I have come across some websites mentioning this, but could not find any agency of repute in my region offering such a solution. And especially if I can only get one shot with this, I definitely want to pick the best agency to try it out. The photos inside are worth it for me to shell out hundreds of dollars if necessary...
I wonder also, if we can reasonably expect technical progress to be able to solve this situation. I don't mean some stuff like quantum computing, but for instance I'm aware that PS3 has recently been cracked , a few years after it came out. Can I reasonably expect something similar to happen to Android 12 that what's not breakable/crackable today, may become so in 1-2 or maybe 3-4 years? While I'd hate to have to wait for 2-3 years, there's nothing time-sensitive in those photos; just family moments that I would like to be able to revisit 10 years later, so if I only will be able to access them later on, that's fine, I can just put my phone in a drawer for a few years and wait. As long as this wait is not in vain. Definitely don't need false hope.
Thanks for your feedback!
Click to expand...
Click to collapse
There's a thread here I posted on going 4-8 months. He had hid data recovered from a Samsung for $1200 rush job vs the usual $800 charge). I've tried to find it, but you see my post count. Usually that works in my favor but not always He shipped it to them if I recall correctly.
Try these guys. That may be the company he used. Been too long and it was of passing interest to me. If you do recover the data please report back. Many posters here have asked for this.
Due to the way those files were lost they may not be recoverable. Personally I would've written them off. However only a recovery specialist can say for sure.
blackhawk said:
There's a thread here I posted on going 4-8 months. He had hid data recovered from a Samsung for $1200 rush job vs the usual $800 charge). I've tried to find it, but you see my post count. Usually that works in my favor but not always He shipped it to them if I recall correctly.
Try these guys. That may be the company he used. Been too long and it was of passing interest to me. If you do recover the data please report back. Many posters here have asked for this.
Due to the way those files were lost they may not be recoverable. Personally I would've written them off. However only a recovery specialist can say for sure.
Click to expand...
Click to collapse
reached out to the guys you recommended, though their website / social media have not been updated since 2020... Will report back on the progress.
samsungs21 said:
reached out to the guys you recommended, though their website / social media have not been updated since 2020... Will report back on the progress.
Click to expand...
Click to collapse
I'm not sure that's who he used and I know only what I read on their site. Just saying...
Can't you just plug the phone to a PC and use a recovery tool like DiskDrill, or something?
Flash the original firmware
Samarimama said:
Flash the original firmware
Click to expand...
Click to collapse
That would do nothing except complicate the issue.
RSGI said:
Can't you just plug the phone to a PC and use a recovery tool like DiskDrill, or something?
Click to expand...
Click to collapse
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
samsungs21 said:
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
Click to expand...
Click to collapse
I should mention that even if the jpegs can be recovered their exif data is not able to be associated with the jpeg. The folder structure is lost as well. A sea of jpegs with no time stamp or original image name. A daunting task in itself to sort these out.
Make a factory reset
Samarimama said:
Make a factory reset
Click to expand...
Click to collapse
That would overwrite the lost data potentially making it impossible to recover as if it's not already bad enough.
It was a simple data transfer that went bad (this can happen), nothing indicates the user partition or rom are corrupted... throwing rocks at it doesn't help.
samsungs21 said:
tried that. The phone is not considered a hard drive, hence neither appears on the list of hard drives on Disk Drill, nor can be selected as folder/destination to run it on...
Click to expand...
Click to collapse
Try an app called "Disk Digger". Its on the playstore. It might belp.
RSGI said:
Try an app called "Disk Digger". Its on the playstore. It might belp.
Click to expand...
Click to collapse
If you're not going to use a professional recovery service, go for it.
Otherwise using the device risks overwriting the now unallocated data... once overwritten recovery is completely impossible on a flash drive.
blackhawk said:
That would overwrite the lost data potentially making it impossible to recover as if it's not already bad enough.
It was a simple data transfer that went bad (this can happen), nothing indicates the user partition or rom are corrupted... throwing rocks at it doesn't he
Click to expand...
Click to collapse
Samarimama said:
Make a factory reset
Click to expand...
Click to collapse
That would definitely ruin his chances of any recovery... just avoid making any writing on the storage, cause if the data you want to recover is overwrite, it's definitely gone... at least intact...