FORUMS

Galaxy S6 Weekly Shooting Challenge

Over in our forums this weekend, XDA Forum member DevonSloan has started a thread for talented … more

Which Features from Apple Watch Do You Think Android Wear Will Copy?

The Apple Watch and Android Wear are both growing platforms. Now … more

XDA Picks: Best Apps of the Week (May 15 – 22)

Apps are at the front and center of any smartphone experience, and with over a … more

Android 5.1 for the Nvidia Shield Tablet is Out!

Nvidia is quite good at delivering updates in a timely fashion. The producer of famous … more
Post Reply Subscribe to Thread Email Thread

Help locked out of recovery

5th March 2014, 04:43 AM |#1  
anthonyly's Avatar
OP Senior Member
Thanks Meter: 46
 
More
I was literally flashing something ten minutes before and then I tried going back to recovery and there were no directory so I then rebooted it says I need a password... But I never one made a password, I didn't even know there was passwords for recovery

Sent from my Nexus 5 using xda app-developers app
 
 
5th March 2014, 05:06 AM |#2  
anthonyly's Avatar
OP Senior Member
Thanks Meter: 46
 
More
Never mind... Just kept rebooting then eventually the problem was gone... How can I set a password for bootloader and recovery... Just wondering if it's even possible

Sent from my Nexus 5 using xda app-developers app
5th March 2014, 09:32 AM |#3  
EddyOS's Avatar
Recognized Contributor
Flag Liverpool, Merseyside
Thanks Meter: 3,665
 
More
You can't set a password for either (well, not to my knowledge!)
5th March 2014, 09:52 AM |#4  
Primokorn's Avatar
Recognized Contributor
Thanks Meter: 3,871
 
Donate to Me
More
Even with a password we can fastboot flash new images.
Team Win explains this on their website.
5th March 2014, 10:40 AM |#5  
rootSU's Avatar
Senior Member
Flag Oxenhope, West Yorkshire, UK
Thanks Meter: 17,478
 
More
Quote:
Originally Posted by Primokorn

Even with a password we can fastboot flash new images.
Team Win explains this on their website.

Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
  • Mount of external (OTG) media
  • adb access
  • file manager capabilities

This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.

recovery is the only weak point of my device.

Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.

Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.

Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.
The Following User Says Thank You to rootSU For This Useful Post: [ View ]
5th March 2014, 01:02 PM |#6  
Primokorn's Avatar
Recognized Contributor
Thanks Meter: 3,871
 
Donate to Me
More
Quote:
Originally Posted by rootSU

Yes and no.. Actually we can lock the bootloader so fastboot flash wont work.... All we need is for the recovery password to block the following to secure your data (on the nexus 5):
  • Mount of external (OTG) media
  • adb access
  • file manager capabilities

This would mean you can still boot into recovery and flash / backup (although not to removable media) until you went into a security menu to "unlock recovery". This would even mean that your automated jobs can still occur without having to face a "boot password". The password could be stored on /sdcard in clear test and there could be an option to delete the password incase you forgot it in this same recovery menu, which also wipes the device.

recovery is the only weak point of my device.

Sure, Samsung's Odin will get round this password on their devices as the BL is not locked but any device with a locked bootloader (locakbale bootloader) will benefit.

Another caveat is that this is not to prevent the device being wiped.... unlocking the bootloader will wipe the device, and this is what I want. I don't care about getting the phone back as much as I would care about securing my data. Its all backed up. Nothing is lost. I just might not want someone else getting access to it.

Although this is beyond the extent of my knowledge to achieve, I don't think it would be hard for anyone who knows what they're doing with code.

Do u mean that you always have a locked BL?

Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.
5th March 2014, 02:45 PM |#7  
rootSU's Avatar
Senior Member
Flag Oxenhope, West Yorkshire, UK
Thanks Meter: 17,478
 
More
Quote:
Originally Posted by Primokorn

Do u mean that you always have a locked BL?

Thanks for your feedback but one thing remains the same IMHO. Of course we can lock the BL but a thief can unlock it then flash factory images. No more custom recovery, passwords...
I'm not talking about the user data but to be able for a thieft to use a device even with locked stuff.

I'm just talking about data security. That is my only concern. Devices are replaceable. Unlock bootloader, data wiped. fine!
5th March 2014, 07:13 PM |#8  
anthonyly's Avatar
OP Senior Member
Thanks Meter: 46
 
More
Oh thanks everyone, I just wouldn't want a theif to use a phone they don't deserve, pretty much the only security on my phone to not go to bootloader is for no power menu on my lockscreen but you could probably use adb to get through

Sent from my Nexus 5 using xda app-developers app
5th March 2014, 07:59 PM |#9  
rootSU's Avatar
Senior Member
Flag Oxenhope, West Yorkshire, UK
Thanks Meter: 17,478
 
More
That's what imei blocking is for

Sent from my Nexus 5 using Tapatalk
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes