Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,729,619 Members 46,530 Now Online
XDA Developers Android and Mobile Development Forum

the risks of running an unlocked bootloader

Tip us?
 
wkwkwk
Old
#1  
Senior Member - OP
Thanks Meter 49
Posts: 218
Join Date: Jun 2008
Default the risks of running an unlocked bootloader

Hi,

Running an unlocked bootloader is quite risky assuming someone has physical access to your phone.

It's extremely easy simply to put it into fastboot mode, flash a recovery (cwm/twrp) and then adb will provide root access to all data.

This is mitigated by encrypting the device, however, I haven't been successful in doing this (http://forum.xda-developers.com/show...php?p=48848592) on this particular phone although it works without any issues on nexus phones.

For the people with unlocked bootloaders, do you simply don't care about someone getting physical access or is there anything that can be done?

Also, did someone manage to successfully encrypt the phone (using the standard settings -> security -> encrypt phone) or is everyone running unencrypted?

Having a remote wipe capability is next to useless assuming the thief will power off the phone immediately (before you have a chance to issue the remote wipe).
An unlocked bootloader is mandatory for running Cyanogenmod so that's that.

Thank you.
 
shoey63
Old
(Last edited by shoey63; 12th January 2014 at 01:44 PM.)
#2  
shoey63's Avatar
Recognized Contributor
Thanks Meter 1297
Posts: 2,147
Join Date: Jun 2012
Location: Somewhere in Oz...
A thief (if he had the knowledge or the inclination), could steal a locked bootloader phone (without encryption) and simply flash an ftf and untick "wipe data". He would then have full access to the data on the phone by rooting and flashing a recovery for LB. So locked bootloader is cold comfort really

Sent from my C6603 using xda app-developers app
 
elias234
Old
#3  
Senior Member
Thanks Meter 65
Posts: 382
Join Date: Dec 2011
i think the best to happen is to have passwords , when entering fastboot or flashtool , a password should pop up to access the fastboot or flash tool connection , and when entering recovery , a password should also pop up , it is so much secure to get these , but i think it is so hard to make it work or even impossible
 
wkwkwk
Old
#4  
Senior Member - OP
Thanks Meter 49
Posts: 218
Join Date: Jun 2008
You're right, a locked bootloader is indeed a false security.

At the end, encryption is needed but on this phone, it doesn't seem to work and no one tried using it apart from me...
 
SmallsXD
Old
#5  
Member
Thanks Meter 19
Posts: 98
Join Date: Nov 2012
I have my BL locked and I ensure that USB debugging is off, seeing as most rooting solutions required USB debugging I should be good for the average criminal. So the only way to have access to my data...(obviously SD card is immediately compromised with physical access) would be to guess my unlock code. Otherwise, a full wipe of the phone would be required for it to be usable but that should delete all my accounts off the device.

(At least this is what I tell myself to sleep better at night lol)
 
wkwkwk
Old
#6  
Senior Member - OP
Thanks Meter 49
Posts: 218
Join Date: Jun 2008
Quote:
Originally Posted by SmallsXD View Post
I have my BL locked and I ensure that USB debugging is off, seeing as most rooting solutions required USB debugging I should be good for the average criminal. So the only way to have access to my data...(obviously SD card is immediately compromised with physical access) would be to guess my unlock code. Otherwise, a full wipe of the phone would be required for it to be usable but that should delete all my accounts off the device.

(At least this is what I tell myself to sleep better at night lol)
Getting all your data is as trivial as flashing a custom recovery for locked bootloaders which will provide direct root access.

It probably takes less than a few minutes.

Like they say, there's nothing more dangerous than the sense of false security.
 
SmallsXD
Old
#7  
Member
Thanks Meter 19
Posts: 98
Join Date: Nov 2012
Its not just having a Locked bootloader but also having USB Debugging off, 3rd Party App installs off as that alone would dramatically reduce the number of compatible tools to achieve root access to your device. As far as I know you have to be rooted in most cases to install custom recoveries or at least that is what most instructions say. Remember security is hardly ever a complete solution, its about making it not worth the effort.

For the average person/criminal it is not worth their time to access my data as it is actually worthless to them, As I said the SD card is already taken as soon.
My antitheft software will be lingering with a Data Wipe command, I would have changed the account information stored, I never stored Billing information. So my risk level is very low and not worth any more effort on my end.

As stated, Im speaking from a personal perspective and not a "best practice" one.

The real problem is we like to unlock everything and tick every security risk option and then complain when things get patched that make our device more secure, like all the root exploits.

BL unlocked - Any compilable kernel can now run
USB Debugging - Access from PC's to send commands to your device
Installs from unknown sources - Allows installations of root apps and other apps

All things we need set to do some great things with our devices but how many of us actually look back at these setting once we enable them. It is the equivalent to taking off a door to get the fancy new furniture inside but never putting it back on when we are done.

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

Make Your Own DIY Capacitive Stylus

The XDA Portal is a place where we like to talkabout things that are interesting, fun, and sometimes … more

Remove Unnecessary WhatsApp Elements with Xposed

In modern life, you can’t underestimate the power ofthe dark sidemessaging … more