[Q] Password Protect Bootloader/Recovery?

Search This thread
By:
Advanced…
spearoid

spearoid

Senior Member
Feb 21, 2009
763
166
demkantor said:
@spearoid
If your tab has fastboot or a download mode that you could use yourself in the future, why not just erase the recovery from tablet all together?
Then when you need to add the recovery back in just flash it yourself first? Just an idea
Click to expand...
Click to collapse

Yeah, I hadn't thought deeply about what to do if a passworded recovery doesn't exist. I really like having a recovery so that I can restore an image easily if something gets screwed up, or if I make a new/updated image, I could install it via SD card pretty easily.

If I have to destroy the recovery to close this loophole I will, but I'm not totally sure someone can get into recovery right now anyway because of the way I have locked down the power button when the tablet is on. There doesn't seem to be a way to power off the tablet at all with this mod installed....unless the battery runs out.
 
demkantor

demkantor

Inactive Recognized Contributor
Nov 10, 2011
6,860
3,765
mpls
Well not sure what make and model tablet you are using but I haven't seen an android device that doesn't allow for a reboot with hardware keys.
Even if it is a sealed battery device with only power and volume keys usually the combo is hold all three keys for 10seconds and it will reboot
Not to say what you're doing isn't helpful, just that it is near impossible to fully protect any android device (or any tech really) but depending on situation there are many things to make unwarranted use very difficult
Best of luck with your project!
 
spearoid

spearoid

Senior Member
Feb 21, 2009
763
166
demkantor said:
Well not sure what make and model tablet you are using but I haven't seen an android device that doesn't allow for a reboot with hardware keys.
Even if it is a sealed battery device with only power and volume keys usually the combo is hold all three keys for 10seconds and it will reboot
Not to say what you're doing isn't helpful, just that it is near impossible to fully protect any android device (or any tech really) but depending on situation there are many things to make unwarranted use very difficult
Best of luck with your project!
Click to expand...
Click to collapse

We're using galaxy tabs. And the only way to do anything with this tablet, with the mods I have running, is to hold the power button for ten seconds. That forces a reboot. You then have to try to press the right buttons as soon as the reboot starts to get into recovery. There is no way to power off the tablet without just letting the battery run down.

So one can get into recovery, but it isn't as easy as normal given the way the power button is being hacked with an Xposed module.

This is why I'd love to password protect the recovery. That's the only way someone could do any damage to the software I have installed. Even though it is harder to get into recovery than normal, it can still be accessed. And I'd rather keep the recovery around so I can do backups and restores without having to use a computer at all.
 
THE_KINGDOM

THE_KINGDOM

Senior Member
Sep 20, 2011
1,071
137
OnePlus 11
+1 for dev's to develop a kernel/recovery that gives the OPTION to password protect the bootloader. This would prevent a thief from wiping the device, and phone would eventually be trackable when turned back on.
 
B

baldbunny619

New member
Aug 16, 2014
3
0
fastboot oem lock

So much ignorance in this thread. Why would anyone forget the password hmm? IT DOESN'T EVEN HAVE TO BE DIFFICULT, just difficult enough for a FENCE(not the thief) to recognize that its not the OEM lock and its not wide open and OMG how do I sell this? CONTACT THE OWNER and pray they offer a fiver for the stolen goods you have no right to demand a reward for!

Using fastboot its possible to re-enable the OEM lock. It shouldn't be too far a stretch to setup a custom password fastboot lock, and from there set up CWM or whatever recovery environment to recognize the OEM lock is in place and refuse to install zip files or wipe data without the fastboot password. One of these is on the dev/mod/hacker community. There is simply no reason not to have something resembling a password in CWM. I wouldn't be surprised if the same community could also mod fastboot, but I can't say its their responsibility either.

Dear lord though people. Every other post in this thread opposes password locks at all. Suddenly, honor among thieves is not locking your own doors? I mean, what other environment asks everyone entering to please remove all weapons and lockables besides a thieves den? ... and one run by idiots who hate pracice at that?
 
Last edited:
lulli1

lulli1

Senior Member
Dec 12, 2011
1,469
834
Samsung Galaxy Note 10.1 (2014 Edition)
Google Nexus 5
+1 for a password protected Bootloader.
No need for a password protected custom recovery, because if you switch of usb-debugging and don´t allow to enter the status bar as well as don't allow to power off your device from lockscreen, this would be a great security method. No access to any recovery would be possible.
In combination with SMSTasks you could toggle gps on, to find your device and the thief can´t do anything (in case of Nexus 5 without battery pulling possibility).

That would be THE thing!
 
D

devinger

Member
Mar 4, 2014
21
4
So I went on searching and have some good news. :D
1. Samsung will be releasing a feature that will detect if your phone is flashed to an other rom without your authorisation. The test starts in the Netherlands with the note 4. I would really like to know how that works, and if we can implement such a feature ourselves with a few custom features.

2. PhilZ Touch costum recovery now has a Recovery Pass-Key Lock! I can't link yet so google it :)
 
x111

x111

Senior Member
Jul 3, 2009
1,325
375
+1 for a password protected Bootloader, recovery
 
Last edited:
AAA118

AAA118

Senior Member
Dec 10, 2014
92
3
RusherDude said:
3 is very wrong. non-removable battery phones have hardware routines to simulate a baterry pull-off (example, pressing power-off button for 15s on Nexus 5 resarts the phone simulating a battery pull-off).
Click to expand...
Click to collapse

Yup this is true and thats why password protection is needed. The advantage of non removal battery phones is they cant be shut down.
 
F

frnt

Senior Member
May 6, 2009
113
11
i just think about this feature, googled. and after visiting this old thread, i began to think there will be no password protected CWM / Bootloader :(
 
A

ayush321

Senior Member
May 9, 2015
137
40
New Delhi
+10
I relly like this concept of password protected bootloader for anti theft.
The thieves will obviously know how to get into recovery or odin but if it gets a paasword protection, no one can steal our phone.
Plus with some apps you could easily trace your phone. The would be really handy.
 
  • Like
Reactions: seansc144
S

starslab

Member
Apr 8, 2010
24
0
I'm going to weigh in here with something that doesn't seem to have been considered.

I don't give a **** about the phone. Seriously. Some **** steals it (which hasn't happened to me before) I'll just buy a new one.

I care greatly about the security of the data on the device. I keep backups, so I don't care about _losing_ it, but I don't want it disclosed to the thief or whoever ends up with the phone. The FDE in Android is most of the solution to this problem. My Nexus device can have the bootloader locked, so an attacker can only install factory software images (which won't compromise my data, and will immediately alert me that - hey - this isn't my ROM). To unlock the bootloader the attacker has to nuke my data. So I'm perfectly fine with the current state of affairs as far as the bootloader on the Nexus devices goes.

However, even if I lock the bootloader, an attacker can boot into Cyanogen Recovery and install a trojan-horse ROM that'll bone me when I "find" my phone. This is the hole that I want to close with an optional password-protected Recovery.

And yes, I do realize that I am paranoid. However, this approach has already saved my ass with Truecrypt on my laptop. The thief would have taken the laptop with him out the window if he hadn't turned it on and realized it was a brick.
 
Last edited:
optimumpro

optimumpro

Senior Member
Jan 18, 2013
8,125
15,477
OnePlus 8
starslab said:
I'm going to weigh in here with something that doesn't seem to have been considered.

I don't give a **** about the phone. Seriously. Some **** steals it (which hasn't happened to me before) I'll just buy a new one.

I care greatly about the security of the data on the device. I keep backups, so I don't care about _losing_ it, but I don't want it disclosed to the thief or whoever ends up with the phone. The FDE in Android is most of the solution to this problem. My Nexus device can have the bootloader locked, so an attacker can only install factory software images (which won't compromise my data, and will immediately alert me that - hey - this isn't my ROM). To unlock the bootloader the attacker has to nuke my data. So I'm perfectly fine with the current state of affairs as far as the bootloader on the Nexus devices goes.

However, even if I lock the bootloader, an attacker can boot into Cyanogen Recovery and install a trojan-horse ROM that'll bone me when I "find" my phone. This is the hole that I want to close with an optional password-protected Recovery.

And yes, I do realize that I am paranoid. However, this approach has already saved my ass with Truecrypt on my laptop. The thief would have taken the laptop with him out the window if he hadn't turned it on and realized it was a brick.
Click to expand...
Click to collapse

I am with you, but it simply won't be possible until your manufacturer implements it or open source their bootloaders. The latter will never happen, because if they do, you might find multiple backdoors for "freedom loving" governments, which nowdays include all western governments+.

Also, even if you have a bootloader password, nothing prevents a thief from flashing stock rom wiping everything without ever accessing bootloader. So, you also need a mechanism to prevent access to flashing mode. Again, no one but your manufacturer can do it...

I see only one solution: if your phone has a separate charging outlet, epoxy usb connection, get rid of external sd card and epoxy that socket too. Then encrypt your phone, and before losing, turn it off. That way it might be quite difficult even for a state adversary to get to your data. Yet, they still have other means of "talking" you into turning the phone on for them: fingers jammed in the door? :)
 
S

starslab

Member
Apr 8, 2010
24
0
optimumpro said:
I am with you, but it simply won't be possible until your manufacturer implements it or open source their bootloaders. The latter will never happen, because if they do, you might find multiple backdoors for "freedom loving" governments, which nowdays include all western governments+.

Also, even if you have a bootloader password, nothing prevents a thief from flashing stock rom wiping everything without ever accessing bootloader. So, you also need a mechanism to prevent access to flashing mode. Again, no one but your manufacturer can do it...

I see only one solution: if your phone has a separate charging outlet, epoxy usb connection, get rid of external sd card and epoxy that socket too. Then encrypt your phone, and before losing, turn it off. That way it might be quite difficult even for a state adversary to get to your data. Yet, they still have other means of "talking" you into turning the phone on for them: fingers jammed in the door? :)
Click to expand...
Click to collapse

Erm.... Did you even read the post? I explicitly said I'm fine with the bootloader on my Nexus device, it's an optional password-protected Recovery that I want....
 
optimumpro

optimumpro

Senior Member
Jan 18, 2013
8,125
15,477
OnePlus 8
starslab said:
Erm.... Did you even read the post? I explicitly said I'm fine with the bootloader on my Nexus device, it's an optional password-protected Recovery that I want....
Click to expand...
Click to collapse

I read the post, so, there is no reason for jumping to conclusions...

Password for recovery? You can have 20 passwords: all I have to do is put the phone in fastboot and execute the following: fastboot erase recovery. And your recovery (together with passwords) will be gone. Then the next step is: fastboot flash boot boot.img (my image) and I have access to your phone.

I don't think you are paranoid at all, but what you are asking is impossible to implement unless done by manufacturer or bootloader source code is made available for everybody...

Edit: even if your bootloader is locked, no sophisticated attacker would ever need to install a rigged rom to spy on you. If they need your data, they will simply and easily target your phone through modem/baseband and will get everything without you or Android noticing anything (and note, they don't even have to have physical access to your phone).. Baseband is a mini OS with its own kernel, which is hooked directly into your ram and hardware. And pretty conveniently, baseband (hardware and software), as well as gps, are hidden inside the cpu chip (so, you can't touch anything there). So, in this case, your protected recovery, as well as data encryption will be useless.

The only way to protect against the above attack (provided they had not targeted you before) is what I have described (epoxing usb and sd card slots). This way you will create a big headache for snoops. Again, It will only work if they come to you and you have time to turn your phone off. To be sure, you should turn the phone off, then on and off again before the interface is up. This way, you will prevent a cold boot attack, which otherwise may recover your encryption key from ram. But if they had targeted your phone already (through baseband), even this won't help. In that case, you'll have to throw away your phone and run...
 
Last edited:
You must log in or register to reply here.

Similar threads

keifus.rahn
Ultimate Guide For [BOOTLOOP RECOVERY] Noob Friendly
Replies
571
Views
563K
H
Hadi Hesam
A
  • Poll
[FIX][SOLVED]Status 7 Error with CWM or TWRP Recovery on Rooted Android!
Replies
166
Views
889K
P
pawtz
amith007
Any way to retrieve stored wifi password from Android device without root and ADB??
Replies
47
Views
420K
NoahDomingues
NoahDomingues
J
[Q] Pantech Burst Love, Anyone? Anyone?
Replies
5K
Views
835K
hawkwind212
hawkwind212
RajGopi
  • Locked
ROOT ZENFONE 5 KITKAT UPDATED(bootloader unlock,recovery)
Replies
248
Views
223K
justmpm
justmpm

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 11
    aarongillion63
    aarongillion63
    It's almost 2016 now! Recent advancements + how to secure your phone

    This is the first result on Google search for "password protect bootloader", I'd like to pitch in some options (with links) for those who are dedicated to read to the 10th page.

    First and foremost, password protected recovery is here, it's called Philz Touch and it works with 50+ Samsung phones, LG G2 or various Optimus phones, Nexus, Moto G/X, HTC One, and Xperia devices.

    Because this is the 10th page, you probably know that locking recovery alone won't leave you worry-free.
    I'd like to share some nearly uncrackable scenarios you can set up on different brand-name phones, even considering our limitations of not being able to add passwords to our bootloaders.

    Because the topic is about protecting our phones, I can safely assume you won't want get a specific phone to get the protection you want. So I organized my findings by phone, but I recommend you read all of them!

    First, for those who are stock, unrooted, and carrier-locked bootloader (Verizon, Sprint, AT&T, *not* T-mobile!) :
    There was a post in this thread about carrier-locked-bootloader phones being protected, this is partially true. Here's the summary: you can't flash custom recovery if the phone is carrier locked, has a passcode, and USB Debugging is turned off. Your thief will need ADB or a custom recovery to bypass your lockscreen (gesture.key). Of course this doesn't mean your data is protected from an FBI investigation. To get maximum protection in this category, you should turn on Device Encryption. There are really no downsides on a completely stock device, it doesn't actually make your phone slower, it only makes boot slower and bulk file transfer slower. Device encryption only goes to sh!t when you have custom recovery and wanting to make full device backups. It's a hit-or-miss with TWRP and Philz trying to access encrypted filesystem. With an unrooted phone, backup your pictures and text messages often, to an SD card/USB drive, or use a backup service. I don't trust backup services, but I also don't like losing vacation pictures. If bite comes to chew, I would use a Tasker profile to detect when your DCIM Pictures directory receives a new file (changes size) and upload that file to Dropbox or a personal cloud. That covers data integrity, let's cover device. Have a GPS Locator installed such as Lookout or AVG, and use Android Device Manager. You can set up those apps to e-mail you pictures from the front camera, detect when SIM card is removed, and remote wipe, all without root--just device administrator rights. All 'n all you may not get your device back, but you may get a picture of the thief, and if you're on the lookout you may be able to find your device on ebay based on IMEI (always take note of that info!), purchase it, receive it, then backcharge him and report ebay ID, address, paypal account to authorities. If it's Craiglist then you can meet up and give him a nosejob. It will be worth it after messaging so many people on what the IMEI number is.

    Those who rock their rooted LG G2, Oneplus One/Two, Optimus G, Xperia Z, Moto G, Moto X, Galaxy S6, Galaxy Note 5, HTC One, Nexus 5, or other sealed battery phone:
    You guys have it easy. Your sealed battery provides a strong basis to work against. For immediate protection, install a GPS Locator such as Lookout, AVG, ADM, Prey, and/or Cerberus, then install Xposed framework and install Advanced Power Menu. This mod allows you to hide power off and airplane mode options in the lockscreen, preventing thieves from turning off your phone. However, some sealed phones have a 10/15 second hard reboot key combo, which APM+ has accounted for. Instead of disabling the options on the lockscreen, you can instead have a "Fake Power Off" animation that tricks your thieves into thinking the phone is off. This can give you the upper hand when it matters most: the first hour of theft. On top of all of that, have Philz Touch recovery installed and password protected (you're already rooted, and you should be making backups), if you're still worried, apply some additional devilish tactics mentioned below! And please, have USB Debugging turned off when you're not using it!

    Those who sport their rooted Galaxy S3 thru S5, Note 2 thru Note 4, Galaxy Nexus, LG G3-G4, Redmi Note 2, Oppo Find, or any other removable battery phone:
    This is where we have to get aggressive. The thief can just pull the battery out at any time. This is where I'm going to share my tactical Galaxy-owner ideas, I hope you guys enjoy. To cover the basis, have a GPS Locator installed, and also have Advanced Power Menu (mentioned above) installed. You never know what kind of dumb@ss will actually give up there. 2nd base, install Philz recovery and password protect it. (Don't forget to unlock your bootloader). Now here's the meat of this operation: we're gonna use Tasker to display a ransom message. Install Tasker, create a profile: SMS Received, any number, text contains "{secret password}-ransom" --> Action: Show Scene - Fullscreen Overlay. "Call {this number} to return phone, cash will be rewarded". Make sure you selected overlay! Overlays will cover the lockscreen and are NOT dismissible by the home button. They cannot be focused, tapped or dismissed. That's how screen dimmer apps work. It's just a semi-transparent overlay (you can make that in Tasker in 3 minutes btw) that lets screen taps go right through it to the app/lockscreen underneath. Anyway, that is the "nice" version of the ransom. Professional thieves are gonna laugh at that, so we need a little more meat. Everyone has a phone case right? 3rd base: have a phone case with a close-range NFC tag hidden inside it, and have phone detect when case is removed! After installing this mod, have Tasker change the ransom message after case removal, this gets dirty: Task caseRemoval: Show Scene "Ransom2" -- Large text: "(Paraphrase) You've messed with the wrong guy! You have 6 minutes to call {this number} or the phone will be rendered unusable. Removing the battery will also brick the phone permanently. A "device stolen" message will appear every time you start the phone and no reset menus will be available." -> Activate Shell "su dd if=/sdcard/death.img of=/dev/block/platform/msm_sdcc.1/by-name/boot" Let's stop for a second. The shell command I just wrote, given you have a dummy .img file in memory, will f**k your bootloader when ran. This dummy .img file can be ANYTHING. Just take any file nearby, like a large .jpg photo from your DCIM folder, and rename it to an .img. Of course it will not display the image, because it is not binary. But it will hard-brick your phone. You should have a backup of your bootloader saved for when you get the phone back via "dd if=/dev/block/platform/msm_sdcc.1/by-name/boot of=/sdcard/backup.img", you should also have another SMS Received profile to disable the ransom in case you can't draw your lock pattern underneath to get the phone unlocked without seeing the lockscreen. That's Tasker profile "Phone Unlocked" or "SMS Received {password unlock}" then "Close Scene: Ransom". You'll also want a battery level text label in your scene, just in case the phone is close to dying. You may have to modify the shell commands to reflect the actual partitions ex. "mmcblk0p7" (check this guide). I have not implemented this Tasker profile yet but now that I took the time to write it I am thoroughly motivated to get this running, HA! I will include Tasker exports when I am done.

    There's only one loophole left with the galaxy devices. Either you don't notice that your phone is missing for too long, or you're all in a no-service area. Well, this one is for the hardware folks! If you're into soldering, you may want to try this cruel trick: reverse the data I/O pins on the microUSB socket, with some fine soldering. Then splice your cable and reverse the I/O wires on your cable! That way, you can still use OTG and transfer data, but only your special cable will work! Realize that the charge wires are separate, any charger will work with the phone. Just data transfer will not!
    Micro_USB_5P_Female_Connector_B_type.jpg_200x200.jpg


    Still paranoid? Every other Android phone has a Windows autorun driver installation ISO that runs when you first plug your phone into your computer. My Galaxy Note II does, as well as my various LG phones. If you can't catch the thief via Android, then I can hook you up with a copy/paste autorun ISO that, when run, grabs the thief's registered info on his computer and sends it to you so you can send it to authorities. PM me if you're interested, I will have to compile on a per-user basis so the driver installer matches the phone and sends info to *your* e-mail.

    I will probably fan this out into another thread, but let's see what you guys think.

    Hit thanks if you liked the freakshow

    From one paranoid dude to another,
    View
    6
    J
    Jorgitosms
    Bootloader Password + Recovery Password + Cerberus installed as System

    Bootloader Password + Recovery Password + Cerberus installed as System APP with fixed configuration would be the way to be able to recover the phone. The thief has 3 chances:

    - Throw it through the window, as it is not possible to format it.

    - Do a Wipe from Settings menu and use it normally (that's why Cerberus or similar should be as System app and must keep the configuration)

    - Sell it... but this is nothing against our possibilities to recover it!


    BTW, do you really think that "professional" phone thiefs don't know how to wipe and flash mainly all devices in the market?!?! If you think that way... let me say you are dreamer... they are experts, and they get a lot of money from our phones!

    So I vote... YES, let's develope it. I would buy such a solution!
    View
    5
    M
    mightyiam
    What we're looking for is a password protected bootloader which will require password for booting into recovery or using download mode or fastboot.
    View
    4
    M
    marclais
    I lose phones... habitually. Sometimes they find their way back to me and sometimes they don't, It is unsettling to me that even if I have a security app installed, or a GPS tracker that anyone with the ability to perform a google search can simply factory wipe my phone and make it their own.

    So the question: Is it possible to include a password requirement to access the bootloader or recovery? I realize that if you forget your password there would likely be no way to save your phone in the event you need to, but I don't forget my passwords so this does not affect me.

    Just wondering if this is even possible or worthwhile. Any input will be appreciated.
    View
    3
    L
    logic5
    if my phone or tablet got stolen and the thief formatted the device or flashed a new ROM with download mode then I am screwed,,

    if the bootloader is protected then no matter what the thief do ,, I will find my device.

    please developers do this please.
    View

New posts