Hello,
I have been using /e/ for 2 weeks and so far I was getting more and more satisfied, but today I did a big mistake. I was messing around with the settings about the screen lock pattern and I stumbled on some weird options.
Make pattern visible
Show pattern error
Show pattern dots
I decided to turn all of them off just to see what would happen… guess what? You can’t see the unlock pattern and have no f** clue what you did wrong… Seriously why would you even add these options? The last one is a nightmare. Sorry for the rant but I obviously managed to stupidly lock myself out of my phone by failing the unvisible pattern a good dozen times and as the icing on the cake the fingerprint recognition was disabled “for security reasons”.
As I was getting kinda scared of having to perform a factory reset I desperately googled “how to bypass android pattern lock screen”, guess what? It’s trivial.
Reboot phone on TWRP
Go to advanced -> File Manager
Locate /data/system/locksettings.db
Delete it
Reboot normally
You are in! Just swipe up to access everything
How is that even possible? I thought there was some sort of disk encryption… Does that mean that simply loosing your phone exposes all of your data?
Is there any way to secure the disk data on /e/ without reverting to stock? Or is it a default Android “feature”?
Not by default. You have to encrypt your data manually. Than you have no access to /data via TWRP.
But anyway. Good find and I think someone should have a look into this issue
EDIT: I have just tried it with password on lock screen on a Android Q device. And after deleting the .db I no PW needed for login. So it seems to be an general Android issue
Yes, it is possible to circumvent any password without encryption disable. This holds true for all operating systems. I did that for some friends on their windows devices when they lost their windows password…
Even then, if you decrypt via TWRP with your pin, you could still delete, right?
Not that I’m saying this is an issue, just this is how encryption works. If the phone isn’t encrypted, any other “OS” (which is essentially what TWRP is) can read the data.
And TWRP has the ability to decrypt IF you enter the correct pin.
I’m assuming the phone in this case wasn’t encrypted, or the pin was entered in TWRP.
I never have encrypted a phone til now so i’m not sure. But when there is an automatic encryption while flashing eOS than no one knows the key and twrp can’t decrypt data.
As far as I can remember, my Xiaomi MiMix2 has always been encrypted.
At first boot in TWRP from stock ROM I was asked for the unlock pattern, so I guess my phone was already encrypted.
So, maybe is encryption device or vendor specific ?
A phone or whatever should always been encrypted in a way you need to enter a password/PIN code to “release” the decryption key.
For instance, go to TWRP, advanced, file manager and go to “sdcard” and you will see that anybody is able to copy or delete your pictures, documents and downloads and everything else.
In Windows, boot Ubuntu in an USB key, do not install it just use the live demo mode and your Windows C: internal drive will just appear as it was an USB stick. You will now be able to copy everything on the hardrive. I’m sure at least 90% of Windows installation aren’t encrypted, that’s crazy how it is simple to steal data.
Apart from the security problems and it’s implication, could anyone dare to explain why isn’t the disk encrypted by default on a new install, and then how do I enable it now ? Should I reinstall my system ? Where is this mentioned (if it is) in the install docs ?
