For this scenario let's assume the following:
- The phone is stolen and locked. The thief does not know the lock combination and cannot determine it.
- There is no external SD slot.
- USB debugging is disabled.
- The bootloader is locked.
In case it matters, the phone is a Moto G from Motorola (i. e. not the Google play edition)
Is this enough to hinder a smart thief from resetting or flashing my phone? If not, what else could go wrong?
Answer
Although difficult to generalize, in a pretty good number of cases, using a lock screen PIN/password is not going to be sufficient to prevent someone from wiping your phone and/or flashing it with a new ROM. It may be an effective enough deterrent to prevent them from accessing your personal data, but there are a few considerations that go along with that, as well.
Firstly, if the bootloader is unlockable, then there is effectively no way to prevent someone from reflashing the device. The fastboot utility will give them the ability to flash unsigned images once the bootloader is unlocked, and unlocking it will not be prevented by any userspace security (like a PIN/password or keeping USB debugging disabled). Nexus devices always have unlockable bootloaders, so those are a given. For other devices, you can typically find out if your device has an unlockable bootloader by visiting the development portal of your manufacturer's website. Samsung devices will use Odin/Heimdall instead of fastboot (excepting some outliers, like Nexus devices made by Samsung which also have fastboot), but you can generally find out if a Samsung device will accept unsigned images via a bit of searching (in many cases they will).
Some devices have other ways of accessing fastboot/recovery, some more esoteric than others. It's not terribly uncommon for there to be a key combination that will boot a device into its stock recovery system, which will provide some means of performing a factory reset, thereby removing any lock screen security that was configured on the device. Another complication can be if the device recognizes a factory cable. The Kindle Fire, for example, would let you flash an unsigned image with a factory cable, meaning you could actually get a custom recovery installed without wiping the device. This would put all of your data at risk if the attacker was properly equipped and technologically savvy.
There are probably other concerns that I'm not considering here, as well, but these are the basic ones aside from bootloader exploits and the like, which are not really predictable in the long-term. In general, though, there is a saying about security which Microsoft sums up as such:
If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
...and that's a pretty accurate way of putting it for an Android device. If your concern is securing your data then userspace security like a lock screen password, locked bootloader, and keeping USB debugging off are going to be great defenses. If you're looking to secure your device such that no attacker could make use of it, then you've got a significant uphill battle, and the odds of winning are going to be very slim (and quite possibly zero).
NB: For your specific scenario: the Moto G is supported by Motorola's bootloader unlock program. Therefore, userspace security will not prevent someone from resetting or reflashing your device.
No comments:
Post a Comment