Status
Not open for further replies.

HarborFront

Level 53
Verified
Content Creator
Hi

I think LOCKER from F-Droid can do it. It wipes the phone clean after a certain number of failed password attempts. It's similar to iPhone's "Erase Data" self-destruct feature. I guess LOCKER won't work if Google lock screen has been bypassed like mentioned below.

8 Methods to Hack/Bypass Android lock screen Pin/Pattern/Password - dr.fone

Anyone knows of other similar android app to wipe clean (self-destruct) the phone (not data wipe) in the event of any emergency and can withstand Google lock screen from being bypassed?

Imagine if you are in a certain emergency situation and you require to immediately on-the-spot to self-destruct your phone.

Thanks
 
Last edited:

Slyguy

Level 43
I use Dr. Web for Android with the 10-wipe setting.. 10 missed logins, it deletes all data. However that's just a data delete, not self destruct.

Cerberus App I believe provides a full self destruct but due to Android Restrictions for Apps, it requires rooting to work.
 

HarborFront

Level 53
Verified
Content Creator
I use Dr. Web for Android with the 10-wipe setting.. 10 missed logins, it deletes all data. However that's just a data delete, not self destruct.

Cerberus App I believe provides a full self destruct but due to Android Restrictions for Apps, it requires rooting to work.
I believe if your lock screen is bypassed then Dr Web is useless

Not sure if rooting can prevent lock screen from being bypassed
 

Slyguy

Level 43
Profanity, insults, personal attacks or purposeless inflammatory posts will not be tolerated
I believe if your lock screen is bypassed then Dr Web is useless

Not sure if rooting can prevent lock screen from being bypassed
Not sure either, we should look into this. I work under the assumption my Android has virtually no security other than to stop a 12 year old child from getting into it. Which is why I limit my telemetry, limit apps installed, don't use default apps, and keep anything important OFF of them. If we can find a way to better secure them we should. You are making me lose some sleep thinking about this!

I'm not entirely sure it's even possible to secure Android. Since we know iPhone's all can be unlocked now, that's not a real answer either.
 
Last edited by a moderator:

HarborFront

Level 53
Verified
Content Creator
Not sure either, we should look into this. I work under the assumption my Android has virtually no security other than to stop a 12 year old child from getting into it. Which is why I limit my telemetry, limit apps installed, don't use default apps, and keep anything important OFF of them. If we can find a way to better secure them we should. You are making me lose some sleep thinking about this!

I'm not entirely sure it's even possible to secure Android. Since we know iPhone's all can be unlocked now, that's not a real answer either.
iPhone can be unlocked provided you pay the Isralies! For any normal person or hacker the probability is zero

My upcoming Samsung Galaxy S9+ will be secured as follows

1) Password protect and biometric protection. 3 input methods to deploy (if possible) - password + intelligent scan (face and iris)
2) Full disk encryption enabled for android v6 and above; for upgraded OS devices enabling is still optional
3) Remote Wipe feature in phone (needs to turn on Location). If you value your privacy then disable Location. You can use an AV with remote wipe feature
4) LOCKER from F-Droid – erase and wipe entire phone after a few failed password attempts

If the Goggle lock screen can be bypassed then the above becomes useless and full disk encryption can also be cracked

The full-disk encryption protecting your Android can be cracked

Well, better than no security at all when in a public place or if you lost the phone :)
 
Last edited by a moderator:

Slyguy

Level 43
iPhone can be unlocked provided you pay the Isralies! For any normal person or hacker the probability is zero

My upcoming Samsung Galaxy S9+ will be secured as follows

1) Password protect and biometric protection. 3 input methods to deploy (if possible) - password + intelligent scan (face and iris)
2) Full disk encryption enabled for android v6 and above; for upgraded OS devices enabling is still optional
3) Remote Wipe feature in phone (needs to turn on Location). If you value your privacy then disable Location. You can use an AV with remote wipe feature
4) LOCKER from F-Droid – erase and wipe entire phone after a few failed password attempts

If the Goggle lock screen can be bypassed then the above becomes useless and full disk encryption can also be cracked

The full-disk encryption protecting your Android can be cracked

Well, better than no security at all when in a public place or if you lost the phone :)
It comes down to physical security - Layer 1.

If you lost physical control of your device all bets are off. This includes network appliances, laptops, desktops, etc. This is why servers have front face panel locks, then are locked in enclosures, then locked in cages, then locked inside of high security COLOS. Once physical L1 access is breached an attacker can do anything they want with anything, for the most part.

There is a reason I have reinforced door jams, Bi-Lock deadbolts, Primeline Defender U's, Cameras, Alarm System, Dog, jim proof window locks and ballistic window film. If I lose control of Layer 1 then nothing else I do matters. Remember, ALMOST all UTM's and Firewalls have local bypass backdoors if L1 is established. Cisco, Juniper, Fortinet. German Made Rohde & Schwarz and Untangle(opensource) UTM's are the only one I know of without local backdoor access.

So in close - if someone has your device, regardless of what it is, they can get into it in most cases. Android included. So wiping it is your best bet if you lose physical access.
 
Last edited:

upnorth

Level 44
Verified
Trusted
Content Creator
Malware Hunter
Installed the Cerberus App. Was surprised as it apparently worked without root so you could also test that @HarborFront but I haven't tested it's self destruction feature or was it perhaps that specific it needs root for?
 

Thales

Level 8
Yeah this is very interesting because a lot of brand (included blackberry) use (or will use) android.
Drop android or do not store any, I repeat ANY sensitive information on it!
 

DeepWeb

Level 25
Verified
I need an app that locks my bootloader and encrypts my phone after a certain number of password attempts. It's crazy that it's so hard to find a legitimate program like this YET you have thousands of ransomware programs in the wild that do exactly that.
 
Status
Not open for further replies.
Top