[App] [Root] OnePlus Data Protector

[_Tobias]

This app can be used to maximize the protection of the data on your rooted phone in situations in which someone has physical access to your device. It only works on OnePlus One 64GB phones (and might work on the 16GB edition).

Features:

• Toggling tamper flag
• Unlocking/locking bootloader without wiping your data
• Disabling and enabling the recovery program (such as TWRP) from within Android

Use case:
Suppose you have rooted your phone and in the process you have also installed a custom recovery program. Anyone with physical access to your phone can now easily extract all files that are on your internal storage, by booting the phone into recovery mode and connecting it to a computer. Imagine that, to counter this problem, you install a recovery program that does not expose any files and only accepts signed flashable packages. Now, an intruder cannot access files through recovery mode, but can still flash a new recovery program that does expose files. To prevent this from happening, one must also lock the bootloader, to prevent malicious images from being flashed. This app makes taking these measures easy. It is able to completely block access to the recovery program by backing up and erasing the recovery partition, and toggle the bootloader lock. This will make it (nearly) impossible for anyone without special hardware, tools and soldering equipment and experience to gain access to your files.

Tested on:
OnePlus One 64GB, Resurrection Remix

Important:
If you lock your bootloader and disable your recovery, the only way to get to your data is through Android. If you corrupt Android in one way or another, i.e. it does not boot anymore, you have practically lost your data. I advise you to only disable access to the recovery program in situations in which there is an increased likelihood your phone will be stolen.

You can also use device encryption.

Downloads:
OnePlus Data Protector 1.1
OnePlus Data Protector 1.0

XDA:DevDB Information
OnePlus Data Protector, Device Specific App for the OnePlus One

Contributors
_Tobias
Source Code: https://github.com/Tobiaqs/OnePlusDP


Version Information
Status: Stable
Current Stable Version: 1.1
Stable Release Date: 2017-07-18

Created 2017-07-17
Last Updated 2017-07-18

 

[ThunderThighs]

Would this be considered a workaround to not being able to encrypt the /data partition with f2fs? Or would they still have the ability to view my data in plain text?

 

[ThunderThighs]

Does this work with custom roms/kernels/firmware? Once I re-lock my bootloader, will I be able to unlock it again without wiping my device? I tried looking on github but there's no info about this.

 

[_Tobias]

Does this work with custom roms/kernels/firmware? Once I re-lock my bootloader, will I be able to unlock it again without wiping my device? I tried looking on github but there's no info about this.

Once you lock your bootloader, you will be able to unlock it without wiping your device, provided you unlock it through the app (or find another way to write the flag value to the aboot partition). This will work on almost all custom roms/kernels, however, disabling the recovery will probably not work if you for some reason have a resized recovery partition (not likely to be the case).

Unlocking it through fastboot will initiate a full wipe.

Would this be considered a workaround to not being able to encrypt the /data partition with f2fs? Or would they still have the ability to view my data in plain text?

Given enough hardware and tools, one would still be able to read from your memory chip, but not with just a USB cable. Encrypting the data partition, combined with the use of this app would be more secure.

 

[_Tobias]

I just noticed a bug. The app incorrectly shows the value of the unlocked flag. Setting the flag still works all the same.

This has been fixed in version 1.1.

 

[ThunderThighs]

Thank you for making this useful app. It really does work as advertised, and the only bug I experienced was fixed in v1.1.