Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,807,397 Members 45,855 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Password Protect Bootloader/Recovery?

Tip us?
 
spearoid
Old
#81  
spearoid's Avatar
Senior Member
Thanks Meter 151
Posts: 674
Join Date: Feb 2009
Quote:
Originally Posted by demkantor View Post
@spearoid
If your tab has fastboot or a download mode that you could use yourself in the future, why not just erase the recovery from tablet all together?
Then when you need to add the recovery back in just flash it yourself first? Just an idea
Yeah, I hadn't thought deeply about what to do if a passworded recovery doesn't exist. I really like having a recovery so that I can restore an image easily if something gets screwed up, or if I make a new/updated image, I could install it via SD card pretty easily.

If I have to destroy the recovery to close this loophole I will, but I'm not totally sure someone can get into recovery right now anyway because of the way I have locked down the power button when the tablet is on. There doesn't seem to be a way to power off the tablet at all with this mod installed....unless the battery runs out.
 
demkantor
Old
#82  
demkantor's Avatar
Recognized Contributor
Thanks Meter 2,751
Posts: 5,772
Join Date: Nov 2011
Location: mpls
Well not sure what make and model tablet you are using but I haven't seen an android device that doesn't allow for a reboot with hardware keys.
Even if it is a sealed battery device with only power and volume keys usually the combo is hold all three keys for 10seconds and it will reboot
Not to say what you're doing isn't helpful, just that it is near impossible to fully protect any android device (or any tech really) but depending on situation there are many things to make unwarranted use very difficult
Best of luck with your project!
 
spearoid
Old
#83  
spearoid's Avatar
Senior Member
Thanks Meter 151
Posts: 674
Join Date: Feb 2009
Quote:
Originally Posted by demkantor View Post
Well not sure what make and model tablet you are using but I haven't seen an android device that doesn't allow for a reboot with hardware keys.
Even if it is a sealed battery device with only power and volume keys usually the combo is hold all three keys for 10seconds and it will reboot
Not to say what you're doing isn't helpful, just that it is near impossible to fully protect any android device (or any tech really) but depending on situation there are many things to make unwarranted use very difficult
Best of luck with your project!
We're using galaxy tabs. And the only way to do anything with this tablet, with the mods I have running, is to hold the power button for ten seconds. That forces a reboot. You then have to try to press the right buttons as soon as the reboot starts to get into recovery. There is no way to power off the tablet without just letting the battery run down.

So one can get into recovery, but it isn't as easy as normal given the way the power button is being hacked with an Xposed module.

This is why I'd love to password protect the recovery. That's the only way someone could do any damage to the software I have installed. Even though it is harder to get into recovery than normal, it can still be accessed. And I'd rather keep the recovery around so I can do backups and restores without having to use a computer at all.
 
THE_KINGDOM
Old
#84  
THE_KINGDOM's Avatar
Senior Member
Thanks Meter 103
Posts: 873
Join Date: Sep 2011
+1 for dev's to develop a kernel/recovery that gives the OPTION to password protect the bootloader. This would prevent a thief from wiping the device, and phone would eventually be trackable when turned back on.
PHONE: Nexus 5 | White | 32GB
OTHER MEDIA DEVICE: Nexus Q - CM
KERNEL: ---
 
baldbunny619
Old
(Last edited by baldbunny619; 16th August 2014 at 11:54 PM.) Reason: punctuation
#85  
Junior Member
Thanks Meter 0
Posts: 3
Join Date: Aug 2014
Default fastboot oem lock

So much ignorance in this thread. Why would anyone forget the password hmm? IT DOESN'T EVEN HAVE TO BE DIFFICULT, just difficult enough for a FENCE(not the thief) to recognize that its not the OEM lock and its not wide open and OMG how do I sell this? CONTACT THE OWNER and pray they offer a fiver for the stolen goods you have no right to demand a reward for!

Using fastboot its possible to re-enable the OEM lock. It shouldn't be too far a stretch to setup a custom password fastboot lock, and from there set up CWM or whatever recovery environment to recognize the OEM lock is in place and refuse to install zip files or wipe data without the fastboot password. One of these is on the dev/mod/hacker community. There is simply no reason not to have something resembling a password in CWM. I wouldn't be surprised if the same community could also mod fastboot, but I can't say its their responsibility either.

Dear lord though people. Every other post in this thread opposes password locks at all. Suddenly, honor among thieves is not locking your own doors? I mean, what other environment asks everyone entering to please remove all weapons and lockables besides a thieves den? ... and one run by idiots who hate pracice at that?
 
lulli1
Old
#86  
lulli1's Avatar
Senior Member
Thanks Meter 253
Posts: 416
Join Date: Dec 2011
+1 for a password protected Bootloader.
No need for a password protected custom recovery, because if you switch of usb-debugging and donīt allow to enter the status bar as well as don't allow to power off your device from lockscreen, this would be a great security method. No access to any recovery would be possible.
In combination with SMSTasks you could toggle gps on, to find your device and the thief canīt do anything (in case of Nexus 5 without battery pulling possibility).

That would be THE thing!
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes