Beta

Ask Slashdot: How Can I Prepare For the Theft of My Android Phone?

Unknown Lamer posted about 8 months ago | from the self-destruct-fuse dept.

Android 374

New submitter Adam Jorgensen writes "Last week my 4-week old Moto G phone was stolen while getting onto the train at Salt River in Cape Town, South Africa. That in itself is no big deal. Cellphone theft is a huge problem here in South Africa and I've had at least two previous cellphones stolen. The big deal this time, for me at least, was that this was the first time I've lost an Android phone to theft. When I actually sat down and thought about it, losing a fully configured Android phone is actually a big deal as it provides ready access to all kinds of accounts, including ones Google account. This could potentially allow the thief to engage in all kinds of malicious behavior, some of which could have major implications beyond the scope of the theft.

Luckily for me it seems that the thief did the usual thing: Dumped the SIM card, wiped the phone, and switched it off. It's probably had its IMEI changed by now and been sold on to some oblivious punter, possibly some oblivious punter in another country. Still, the potential for serious issue is making me have second thoughts about replacing the phone with anything capable of doing much more than calling. My question is this: Are there any serious solutions out there for Android that secure against theft?"

He continues:

By serious I mean solutions that go beyond the laughably easy to defeat 'Find My Phone' and 'Remote Wipe' options provided at present. Presently I'm thinking along the lines of:

  • Full encryption of phone contents
  • Some kind of 'Travel Safe' mode that would lock the phone down and trigger a full wipe of not unlocked correctly (Including wiping the phone on next boot if not unlocked before being switched off/running out of battery).

So, any ideas?"

Sorry! There are no comments related to the filter you selected.

oops... just wanted to read the comments (1, Offtopic)

endoboy (560088) | about 8 months ago | (#46451059)

but I'd like to go on record as joining the beta sucks bandwagon

"How Can I Prepare For the Theft of My Android?" (3, Funny)

Jeremiah Cornelius (137) | about 8 months ago | (#46451179)

Save us both some time, and just send it to me...

Seriously? (5, Informative)

LordLimecat (1103839) | about 8 months ago | (#46451065)

Encrypt the phone, and set a numeric PIN of 6 or more.

Done and done.

Re:Seriously? (5, Funny)

dfsmith (960400) | about 8 months ago | (#46451077)

Thanks! I set my PIN to "7".

Re:Seriously? (4, Funny)

K. S. Kyosuke (729550) | about 8 months ago | (#46451473)

You've set it awfully low, most phones these days go at least up to "11".

Re:Seriously? (-1, Troll)

Anonymous Coward | about 8 months ago | (#46451625)

That in itself is no big deal. Cellphone theft is a huge problem here in South Africa

Same deal in any American inner city. That is funny! Anywhere there are large numbers of blacks there is lots of crime. Even in nations that had no history of slavery. I am sure this is total coincidence and anyone who suggests there maybe a link is obviously a heretic and must be shunned and persecuted, because that is what we scientifically minded folk do when we are secure our evidence against someone's idea is so strong.

Re:Seriously? (-1)

Anonymous Coward | about 8 months ago | (#46451741)

...know what's worse than Basketball Americans? /. Beta

Re:Seriously? (4, Informative)

LordLimecat (1103839) | about 8 months ago | (#46451079)

Followup, in case you dont know how to do that:
http://www.howtogeek.com/14195... [howtogeek.com]
Its been available for quite some time IIRC.

Re:Seriously? (1)

FuzzNugget (2840687) | about 8 months ago | (#46451545)

The major with built-in storage encryption for a smartphone is that it can't encrypt/decrypt on the fly, it's only encrypted when the phone is completely off. OTF encryption would be pretty incongruous to the functionality of a phone; the only way it would work would be with an asymmetrical encryption setup (yeah, try exchanging keys with your mom and see how that goes) or for it to demand your key to unlock with every call, SMS, notification, etc.

Re:Seriously? (1)

Frobnicator (565869) | about 8 months ago | (#46451265)

None of the things will protect against theft.

The thief will still pick your pocket. When they get back to their evil lair, they will find it is password protected. If they try to break the protection (which is easy with the right tools) they will find it is encrypted. Then they will trash the device or perhaps attempt to sell it. For you it doesn't matter, your device is still stolen and must be replaced.

There are tons of tools out there to make backups so restoration is easy on a new device. But your device is still stolen and must be replaced.

Re:Seriously? (5, Insightful)

Anonymous Coward | about 8 months ago | (#46451367)

None of the things will protect against theft.

The thief will still pick your pocket. When they get back to their evil lair, they will find it is password protected. If they try to break the protection (which is easy with the right tools) they will find it is encrypted. Then they will trash the device or perhaps attempt to sell it. For you it doesn't matter, your device is still stolen and must be replaced.

There are tons of tools out there to make backups so restoration is easy on a new device. But your device is still stolen and must be replaced.

Encryption has jack shit to do with recovering the hardware.

Your data and personal information contained on the phone can be proven far more valuable and far more difficult to recover from if leaked.

Neither of these facts belie your ignorance here. Use your damn head. Encryption helps mitigate a rather specific problem with phone theft.

Re:Seriously? (2)

Charliemopps (1157495) | about 8 months ago | (#46451271)

Exactly, if the phones encrypted they're going to have to wipe it to use it. Ok, yea, if the NSA gets the phone, I'm sure they could guess the password eventually, but I doubt you're a political dissident or whatever. You could also get one of many programs that let you remotely control or locate your phone. Yes, if they turn it off you're not going to find it but at least you have a decent chance. The number of criminals that are smart enough to plan for such things are few and far between.

Re:Seriously? (5, Informative)

slashgordo. (2772763) | about 8 months ago | (#46451331)

After encrypting the phone with a good passwd/pin, go to all apps -> Google Settings app -> Android Device Manager, and enable "Remotely locate this device" and "Allow remote lock and erase". Then if it does get stolen, you can use the Device Manager app or https://www.google.com/android... [google.com] to find it or remotely wipe it. Then go to your Google account settings at https://security.google.com/se... [google.com] , select your device and "Revoke Access". If you used an application specific password for your Android device, go to https://accounts.google.com/b/... [google.com] and revoke it. Change your Google password. If you used 2-step verification, move the Google Authenticator to a different device, and re-seed the keys with a new QR code. It is scary how much important private stuff we keep on these portable smartphones, tablets, etc these days, and how screwed we could be if that falls into the wrong hands.

Re:Seriously? (1)

Mashiki (184564) | about 8 months ago | (#46451777)

Encrypt the phone, and set a numeric PIN of 6 or more.

Done and done.

Funny you suggest that, but as a trial a few years back on my android smart phone I did just what you suggested. I was easily able to bypass it by going into the developer menu and turning it off after doing a factory reset.

Re:Seriously? (0)

Anonymous Coward | about 8 months ago | (#46451817)

Many, not all , android phones have the lock screen too easily bypassed without knowing the passcode for this to be viable. 4.4.x devices are much more robust in this regard.

Rooted? (1)

mythosaz (572040) | about 8 months ago | (#46451089)

For rooted phones there are both a variety of backup options and variety of stolen phone options all of which you can locate in the Play store, or which can be found by simple Google search, since the options are discussed endlessly with their pros and cons on every major Android forum.

For unrooted phones, you can still fully encrypt, and still backup -- although not fully. How painless the recovery is will come down to how much you trust and buy into online services. Your Candy Crush progress is going to have to depend on if you decided to integrate with Facebook, or if you've got your tinfoil set to max.

Re:Rooted? (1)

Immerman (2627577) | about 8 months ago | (#46451639)

> if you decided to integrate with Facebook, or if you've got your tinfoil set to max.

Given Facebook's long history of privacy violations, I do believe there's a *few* steps on the dial between those options...

Re:Rooted? (-1)

Anonymous Coward | about 8 months ago | (#46451645)

For rooted phones there are both a variety of backup options and variety of stolen phone options all of which you can locate in the Play store, or which can be found by simple Google search, since the options are discussed endlessly with their pros and cons on every major Android forum.

It's as though nearly every Ask Slashdot is a topic that is easily and satisfyingly and much more quickly Googled, huh. Ah well. Some people just love to be spoonfed and depend on random strangers for advice on how to run their lives. The polite term for these people is "followers". Many more accurate but less polite terms exist.

Android Has Full Device Encryption (0)

Anonymous Coward | about 8 months ago | (#46451095)

Android has full device encryption, turn it on when you travel. Leave it on when you aren't travelling. Enable the "Wipe after X failures."

Re:Android Has Full Device Encryption (1)

Pow (107003) | about 8 months ago | (#46451569)

No, android does not have full device encryption unfortunately. Only the encryption of /data partition. In most cases this should be sufficient though.

I'm not sure about external sdcard for devices that have it. I have Nexus so emulated sdcard is part of /data and it gets encrypted. If that is not the case with external sdcard, tough luck.

Also, doesn't look like google particularry cares about older devices and device encryption. See this issue for example (TRIM support on encrypted volume): https://code.google.com/p/andr... [google.com]
I'm not holding my breath to ever get this resolved for my 1st gen Nexus 7.

Re:Android Has Full Device Encryption (1)

Anonymous Coward | about 8 months ago | (#46451637)

Enable the "Wipe after X failures."

I presume you don't have kids :-)

Re:Android Has Full Device Encryption (1, Insightful)

Anonymous Coward | about 8 months ago | (#46451745)

Enable the "Wipe after X failures."

I presume you don't have kids :-)

Or you teach them that certain things are not toys. Why, maybe you even keep those things out of the kid's reach! Wow! Y'know, like every real parent has done throughout the ages. Knives, matches, car keys, stoves, cleaning chemicals, really there are things much worse than cellphones out there. If you cannot grasp the principle, you have problems much bigger and more important than having your smartphone wiped.

How exactly was it stolen? (1)

Anonymous Coward | about 8 months ago | (#46451121)

Was it stolen out of the front pocket of your pants? Seems most of these thefts occur when people put it in the back pocket, which still baffles me to this day. The back pocket is the worst place to store anything of value.

Re:How exactly was it stolen? (0)

Anonymous Coward | about 8 months ago | (#46451219)

terrible if you live in a shit hole where people steal from your back pocket...

Re:How exactly was it stolen? (1)

SydShamino (547793) | about 8 months ago | (#46451407)

a.k.a. everywhere on this planet, at least

Re:How exactly was it stolen? (1, Informative)

Anonymous Coward | about 8 months ago | (#46451509)

No, it's not a problem here in Texas. I don't ride public transportation. I keep it in my front pocket right next to my gun.

Re:How exactly was it stolen? (0)

Anonymous Coward | about 8 months ago | (#46451675)

lol awesome

Re:How exactly was it stolen? (-1)

Anonymous Coward | about 8 months ago | (#46451689)

No, it's not a problem here in Texas. I don't ride public transportation. I keep it in my front pocket right next to my gun.

All ready to kill someone over a phone, huh? Thanks for reminding me why I don't have any interest in going to Texas. Too many mucho-macho fools with guns there.

Re:How exactly was it stolen? (-1)

Anonymous Coward | about 8 months ago | (#46451897)

No, it's not a problem here in Texas. I don't ride public transportation. I keep it in my front pocket right next to my gun.

All ready to kill someone over a phone, huh? Thanks for reminding me why I don't have any interest in going to Texas. Too many mucho-macho fools with guns there.

Yeah I'd really hate to live someplace where criminals don't live long and those choosing a life of violent crime swiftly encounter some natural selection. Man that really sounds like hell on earth! We all know how easy it is to accidentally rob somebody, after all.

This "sympathy for the devil" bullshit is part of the pussification of America. Oh gee I'm sorry if choosing a lifestyle that involves repeatedly victimizing others is unsafe. Yeah cry me a river. I wish more criminals got shot more often. And yeah if the gun is going to come out at all, you are no longer talking about a pickpocket (propety crime). You are talking about a mugger or a robber, that is a violent crime done by force or threat of force. Wow, who knew choosing to be a violent criminal might be a dangerous career path? Again, cry me a river.

Hate to burst your fairy-tale bubble but some people are just trash and serve only to make the world a shittier place. ("Hurp durp, like you!" - if you thought that, then no you are not as clever as you like to think, you are predictable and shallow and boring) They are trash not for holding opinions you dislike, but because they actively go out of their way to bodily hurt and threaten and victimize other people. WE ARE BETTER OFF WITHOUT THEM. That is reality. The wise man accepts reality and makes the best of it and tries to be a good example. The emotional fool cries about how reality is not what he wishes it would be and gets angry that everybody doesn't already agree with him.

Re:How exactly was it stolen? (-1)

Anonymous Coward | about 8 months ago | (#46451813)

a.k.a. everywhere on this planet, at least

Just everywhere with lots of blacks. I've been in poor white rural areas and never had anything stolen from me. Can't say the same for inner cities full of blacks. Sorry if the facts bother you, I guess that is cause enough to mod me down right?

The difference between me and a racist is: I wish it weren't true. I would like to see blacks stop being so tribal and start rejecting the whole thug gangsta bullshit. That would be better for them and everybody else. But I'm not going to pretend that what I can see with my own eyes isn't real. Sorry, if that is what you demand of me I say the price is too high. I guess you will have to hate me because you certainly cannot rationally argue against me. That is what you do with ppl you cannot argue against, right? Hate them and mod them down and curse them for not just going away?

The USA murder stats alone, ALONE make the case not only clear but obvious. So do nonfatal assaults and property crimes. Over 80% of all murders in USA are a black perpetrator and a black victim. But I guess that's whitey's fault too right? I just can't imagine why your argument is not more compelling and convincing, or why you are so unwilling to articulate the premises of your beliefs that you are so certain about... Hah. No, you have a desired out come, a party line, and all facts must be twisted and forced to fit that predetermined outcome no matter what. That is why you mod me down instead of proving me wrong. You just don't have the guts to admit it.

Re:How exactly was it stolen? (1)

hymie! (95907) | about 8 months ago | (#46451709)

I couldn't believe, when I left New York to go to college, how many people stored things in their back pockets. I used to tell them all the same little rhyme --

(tap front left pocket) wallet pocket
(tap front right pocket) key pocket
(tap back left pocket) pick pocket

Re: How exactly was it stolen? (0)

Anonymous Coward | about 8 months ago | (#46451801)

Taps front left pocket : phone pocket, key pocket
Taps front right pocket : change pocket, wallet pocket ...

Here's a rhyme;
Wallet, keys, phone
And I can get home.

Here's a tip
Don't leave your Wallet, keys, or phone open the theft.

Re: How exactly was it stolen? (1)

GigaplexNZ (1233886) | about 8 months ago | (#46451867)

Phone and keys in the same pocket? That's a great way to scratch up the phone.

Laughably Easy? (5, Interesting)

noh8rz10 (2716597) | about 8 months ago | (#46451125)

Citation needed for the "laughably easy to defeat 'Find My Phone' and 'Remote Wipe' options". How are these laughably easy to defeat? Do tell. Also iphones have a kill switch installed, so they can't be wiped and reused. Compare this to your android solution of asking slashdot. I await more information.

Re:Laughably Easy? (3, Informative)

gnasher719 (869701) | about 8 months ago | (#46451161)

Well, there was huge discussion a week ago how to defeat it. Take a stolen iPhone, wait for your mum to die, take iPhone, death certificate and will to the Apple Store... and damn, they still don't unlock it for you!

Pretty easy. (1)

Sable Drakon (831800) | about 8 months ago | (#46451295)

It's as simple as: Power down device, remove battery, remove SIM, do not re-connect to wifi hotspots. All of which can be done by anybody in less than 45 seconds. If the battery is non-removable? Power down, remove SIM, don't use wifi. Find my phone and remote wipe are pretty much a big hilarous joke if the theif know how to handle phones.

Re:Pretty easy. (1)

Quick Reply (688867) | about 8 months ago | (#46451349)

And getting past the PIN? And how useful would an iPhone be without Wi-Fi/Cellular Internet connectivity?

You can't even restore the firmware without it verifying with Apple. Unless it is an old model that can be defeated offline, it would be more valuable for spare parts.

Re:Pretty easy. (0)

Sable Drakon (831800) | about 8 months ago | (#46451389)

With an iPhone? It's only 1,000 possible PINs for that lock. If you've got the hardware, take your time fingerhacking the pin. For Android, depending on ROM, the pin can get insanely long and you're pretty much boned.

Re:Pretty easy. (5, Informative)

dugancent (2616577) | about 8 months ago | (#46451425)

You can use an alphanumeric password on iOS. You do t have to use a 4-digit pin.

Re:Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451439)

There is an option on the iPhone to have a PIN that's not four digits, I hope anyone security conscious is using the advanced PIN.

Re: Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451441)

It's actually 10,000 possible pins, and I would assume most people have the wipe after 10 failed attempts enabled.

Re:Pretty easy. (1)

Desler (1608317) | about 8 months ago | (#46451477)

With an iPhone? It's only 1,000 possible PINs for that lock.

Which is why they offer the passcode option for something longer.

For Android, depending on ROM, the pin can get insanely long and you're pretty much boned.

You need a ROM to get a long passcode? LOL. You can have an "insanely long" passcode in iOS simply by disabling the "simple passcode" option. I just typed in over 100 alphanumeric characters and it was still letting me type more when I stopped.

Re: Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451629)

10,000. Not 1,000. 10,000. I think you're being disingenuous or you've never used an iPhone.

That, and you can have it wipe the device after 10 incorrect entries. Try again.

Re:Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451755)

10,000 in the default configuration 0000-9999 assuming you don't use alpha numeric.

Even so, you can set the phone to wipe itself after a few wrong entries.

Re:Pretty easy. (1)

LocalH (28506) | about 8 months ago | (#46451511)

Good luck restoring iOS to that device and making it usable as anything other than a stylish paperweight, if it was running iOS 7 and had Find my iPhone enabled.

Re:Pretty easy. (1)

maccodemonkey (1438585) | about 8 months ago | (#46451615)

It's as simple as: Power down device, remove battery, remove SIM, do not re-connect to wifi hotspots. All of which can be done by anybody in less than 45 seconds. If the battery is non-removable? Power down, remove SIM, don't use wifi. Find my phone and remote wipe are pretty much a big hilarous joke if the theif know how to handle phones.

iPhones wipe themselves unless the correct PIN or fingerprint is entered. I think you get 5 tries.

So congrats. You've powered it down and kept it off networks. As soon as you power it back on you're still stuck on the lock screen.

Actually, that's not true. You can unstuck it. If you take it online and let it talk Apple...

Re:Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451807)

If you have Find my iPhone active on an iPhone, usually Activation Lock will be on. (there are exceptions to this for supervised devices, and it does require iOS 7, but given thats in excess of 85% of iOS devices out there, its a reasonable assumption)

If you wipe the phone, you can not set it up or activate it without supplying the iCloud credentials used to set up Find my iPhone.

You can't do anything with the phone, until it communicates the credentials back to servers at Apple - for uses other than as a paperweight, its bricked.

So you can steal it, and deprive the user of their phone, but the device is useless as a device.

Re:Pretty easy. (0)

Anonymous Coward | about 8 months ago | (#46451857)

Wow, you failed again. iphones cannot be activated in this circumstance.

Android fangirls ftl.

Re:Pretty easy. (1)

swillden (191260) | about 8 months ago | (#46451905)

It's as simple as: Power down device, remove battery, remove SIM, do not re-connect to wifi hotspots.

Why work so hard? Just turn on airplane mode.

Of course, if the phone is password-locked, getting the data from it requires some hardware and software knowledge. If it's also encrypted and the password is a good one, the data is safe.

Re:Laughably Easy? (0)

Anonymous Coward | about 8 months ago | (#46451873)

http://www.google.com/android/devicemanager or use Prey

Re:Laughably Easy? (1)

swillden (191260) | about 8 months ago | (#46451893)

Citation needed for the "laughably easy to defeat 'Find My Phone' and 'Remote Wipe' options". How are these laughably easy to defeat?

It depends on how the user's phone is set up.

If the phone is not password-protected, it's laughably easy: put the phone in airplane mode. As long as the thief does that before the owner can get to a web browser, the thief can peruse the data on the phone at leisure.

If the phone is password-protected but not encrypted, it's a little tougher. Airplane mode still blocks "Find my Phone" and "Remote Erase", but actually getting at the data is harder. If the thief can't guess the password within a few tries then he has to dump the flash and pick through the data, but that requires significant expertise which few, if any, thieves will have.

If the phone is encrypted (which implies password-protected), getting the data requires dumping the flash and then brute-forcing the password, which can likely be done with an offline attack, but further ups the ante on the level of expertise required. How difficult that is depends on how good the password is. If it's a good password the data is safe from basically anyone. Of course, good passwords are a pain in the ass to type on a phone.

Note that I only mentioned passwords. Android offers other authentication options, including face unlock, pattern and PIN (arbitrary-length numeric password) as well as alphanumeric password. Encryption requires PIN or password. Face unlock is convenient (once sufficiently well-trained), but not very secure; lots of random people will be able to unlock your phone and pattern is moderately good if you use a complex pattern and make a habit of wiping the screen clean, at least enough to smear out any pattern trails.

Google device manager (1)

Anonymous Coward | about 8 months ago | (#46451127)

https://play.google.com/store/apps/details?id=com.google.android.apps.adm

You can see where your device is, and wipe it. Also, use two step authentication.

Re:Google device manager (1)

HairyNevus (992803) | about 8 months ago | (#46451769)

Nice, thanks. I already have Avast! Anti-Theft [google.com] , data encryption, and a 10 digit password, but the more the merrier. My last line of defense: I put all my money/financial apps in a folder called "PlsDontH4x". 'Cause you never know where asking nicely will get you...

Cerberus (5, Informative)

iviv66 (1146639) | about 8 months ago | (#46451129)

I use Cerberus. It's available on the store: https://play.google.com/store/... [google.com] Though if you download it direct from their website then you can flash it straight into the ROM, meaning that even if someone does a factory wipe on your phone it will still be installed and you can remote into it: https://www.cerberusapp.com/do... [cerberusapp.com] With it installed, you register your phone on the website, then sign into your account on the phone. From there you can carry out all sorts of commands, including GPS tracking, location history, call and SMS logs. You can even call or message the phone, get it to display messages, record audio, video, take pictures, all sorts. And finally you can wipe the SD card, wipe the phone, or reboot it. I don't remember how much it cost, but it was only a couple of pounds. I've never had my phone stolen yet, but I occasionally log into the site to check that everything is working and it always does what I want it to, so I've had no complaints with it.

Re:Cerberus (0)

Anonymous Coward | about 8 months ago | (#46451255)

This.

Re:Cerberus (0)

Anonymous Coward | about 8 months ago | (#46451459)

Thanks. Next time I steal a phone I'll make sure to re-flash a new copy of Cerberus to the phone's rom, thus overwriting the previous install.

lol.

Re:Cerberus (2)

Lumpy (12016) | about 8 months ago | (#46451707)

flashed into the rom would be fun if they had a random X hours and erase contents mode... Nothing is more enjoyable than knowing you are pissing off whoever bough your phone. I would like random insulting popups as well.

Re:Cerberus (3, Informative)

Mr 44 (180750) | about 8 months ago | (#46451811)

Note that there was a major security hole in this last year:
http://www.ifc0nfig.com/cerber... [ifc0nfig.com]

Hah! You wish! Get an iPhone and THEN you can (-1, Troll)

Anonymous Coward | about 8 months ago | (#46451159)

No one wants your shit android.

Re:Hah! You wish! Get an iPhone and THEN you can (-1)

Anonymous Coward | about 8 months ago | (#46451195)

no one wants your horse shit iphone either
buy a $25 phone .its as good as any ..

Re:Hah! You wish! Get an iPhone and THEN you can (0)

Anonymous Coward | about 8 months ago | (#46451799)

Yeah, nicca. Where duh white womenz be at?

These things are often stolen for quick resale (1)

rmdingler (1955220) | about 8 months ago | (#46451171)

You could treat all your lost info as if it were a stolen credit card, but the folks capable of hacking the phone and private particulars are statistically unlikely to be grabbing them from folks on the subway.

It's not even necessary to find a black market for them since several well-publicized used phone brokers will purchase late model phones for up to $200 US.

I would hire a credit watch company to eyeball my credit inquiries for a year or two, and even that'll get your card suspended if you enter the wrong info a single time on Amazon, but unless there's reason to suspect foul play just assume a Mexican drug lord is pleased with your lost precious cellie.

Root, Push Whatever (3, Informative)

sexconker (1179573) | about 8 months ago | (#46451205)

Don't store important shit on your phone.
When your shit gets stolen, just change the passwords to any accounts it was authorized to.
Don't be one of those idiots who uses 2-factor authentication with one of those RSA hash clock apps on their phone. You'll just end up locking yourself out of shit when you lose your phone.

Encrypting your phone does nothing because you decrypt it every time you power it on, and you always have your phone on, don't you?
Passwords / locks will stop casual thieves from getting in, but they don't want in - they just want to sell the phone.
Passwords / locks will NOT stop thieves who want your information. If your info is worth enough to be targeted it's worth enough for a 0-day bounty. (And with Android you don't even need that - it's likely to be a 6+ month old bug that your manufacturer / carrier never patched / pushed out the patch for).

You may as well ask how to make sure your car can't be stolen. Can't win, don't try. Just minimize the impact.

Re:Root, Push Whatever (1)

SydShamino (547793) | about 8 months ago | (#46451437)

Encrypting your phone does nothing because you decrypt it every time you power it on, and you always have your phone on, don't you?

But the first thing any thief will do is turn it off by pulling the battery, so it can't be located. When they next power it on, that encryption might help.

Re:Root, Push Whatever (1)

Lumpy (12016) | about 8 months ago | (#46451693)

Moto G you cant pull the battery, Got another tip?

Buy a "Hello Kitty" wrist strap. (1)

tlambert (566799) | about 8 months ago | (#46451223)

Buy a "Hello Kitty" wrist strap. That way you can prevent your phone from being stolen in the first place.

If you want everything encrypted: Sorry, you can't have that.

Re:Buy a "Hello Kitty" wrist strap. (1)

sphealey (2855) | about 8 months ago | (#46451267)

Unfortunate when the thieves cut your hand off to get the phone though.

sPh

Re:Buy a "Hello Kitty" wrist strap. (2)

tlambert (566799) | about 8 months ago | (#46451695)

Unfortunate when the thieves cut your hand off to get the phone though.

sPh

They could always cut your hand off anyway.

Re:Buy a "Hello Kitty" wrist strap. (2, Funny)

freeze128 (544774) | about 8 months ago | (#46451579)

Buy a .44 Magnum. That way you can prevent your phone from being stolen in the first place, and not look like a complete fool.

Re:Buy a "Hello Kitty" wrist strap. (2)

mab (17941) | about 8 months ago | (#46451691)

But then someone steals your .44 Magnum

Re:Buy a "Hello Kitty" wrist strap. (1)

swillden (191260) | about 8 months ago | (#46451913)

If you want everything encrypted: Sorry, you can't have that.

Sure you can. All Android versions from Gingerbread (IIRC) forward support full device encryption, using dm-crypt. Of course, it's only as strong as your password, so you have to trade off convenience against security.

They copied Apple Find my iPhone (0)

Anonymous Coward | about 8 months ago | (#46451233)

Google finally has copied Find my iPhone. Not sure if it works on all fragmented Android phones or not though. Best to move to the original and get an iPhone instead of a knockoff Android.

http://techcrunch.com/2013/12/11/google-android-device-manager-play-store/

Re: They copied Apple Find my iPhone (0)

Anonymous Coward | about 8 months ago | (#46451537)

Which copied Lookout, which appeared on Android first? Original...yeah right.

Android Device Manager (0)

Anonymous Coward | about 8 months ago | (#46451251)

I just came across this a week ago and it has device locator and remote wipe (you can also ring the phone in case you misplaced it in your house). It doesn't need to be installed on the phone, you can do it through any web browser with the google username and password.

Really? Are you of legal age? (0)

Anonymous Coward | about 8 months ago | (#46451257)

Are there any serious solutions out there for Android that secure against theft?"

Get a concealed carry permit, lock your phone up when not in use and pay attention.

Physical security? (2)

Reckless Visionary (323969) | about 8 months ago | (#46451263)

What are you doing with your phone that makes it possible that you've had 3 stolen from you? Are these thefts physically violent? I just can't imagine, for myself, that it would be super-easy to get my phone from inside my pocket or out of my hand without violence.

Re:Physical security? (3, Informative)

baka_toroi (1194359) | about 8 months ago | (#46451395)

It seems Lady Luck has bestowed you with the privilege of being born in a first-world country. Good for you!

Re:Physical security? (1)

sayfawa (1099071) | about 8 months ago | (#46451729)

As someone who has traveled quite a bit in so-called third-world countries, I was also wondering how it is that he's getting so many phones stolen. No it's not impossible (or hard) to stop yourself from being pick-pocketed in poor countries.

If the thief wasn't threatening him with violence, he could probably solve his problem by keeping his phone in a zipped pocket when he's not using it.

Re:Physical security? (0)

Anonymous Coward | about 8 months ago | (#46451903)

Pick pockets can be INSANELY skilled. Zipped pocket ooh Fort Knox here we come.

Re:Physical security? (1)

Anonymous Coward | about 8 months ago | (#46451723)

As a suggestion to the OP, I recommend "casing" the phone. It's unlikely anyone will try to steal the phone if you answer it by withdrawing it from your anal cavity.

Re:Physical security? (0)

Anonymous Coward | about 8 months ago | (#46451733)

He needed money for weed so he traded his phone to his dealer then reported it stolen and had his parents buy him a new one. Oldest trick in the trustfunders handbook.

Umm.. (1)

Sable Drakon (831800) | about 8 months ago | (#46451275)

Android already features full device encryption, you've just got to turn it on. Keep in mind that not all OEMs support the feature, CyanogenMod and most AOSP derivitaves do. There's currently no self-destruct option should the pattern/pin lock be entered wrong X number of times, though I'm surprised Google hasn't implimented one as of yet.

Re:Umm.. (0)

Anonymous Coward | about 8 months ago | (#46451521)

It's not really a full device encryption when it encrypts on the data partition.
But I guess in this particular case it doesn't matter all that much.

Re:Umm.. (0)

Anonymous Coward | about 8 months ago | (#46451541)

* only the data partition.

Public kiosk (4, Insightful)

pla (258480) | about 8 months ago | (#46451289)

Simple answer: Treat your phone/tablet as only slightly more trusted than logged in from a semi-public PC, such as at a library.

I pretty much only log in to anything from my Android tablet via a browser in private browsing mode / incognito. I can then do everything through the browser that TFS' author presumably uses pre-logged-in native apps to do. Email, IM, cloud storage... I use them all, I just don't have my device set up to one-click root-my-life.

I don't even bother with a password on the thing - It wastes more of my time than that of a potential thief. If someone nabs it, hey, they get a few gigs of music (that I have backups of) and a $50 (replacement value - they don't tend to age well) tablet. Woo-hoo.

Re:Public kiosk (0)

Anonymous Coward | about 8 months ago | (#46451915)

Name? Address? Please!!!!

It's easy (0)

Anonymous Coward | about 8 months ago | (#46451297)

Either,
A: Never get an NSA/Android phone.
B: Get rid of your NSA/Android phone.

When is Blackphone out?

Oh, almost forgot. FUCK BETA. Kill it with fire.

secure against theft? (1)

turkeydance (1266624) | about 8 months ago | (#46451325)

so...not AFTER theft, but before: 1. wear a watch. that's how you check the time. don't flash your phone. 2. look around Before looking at your screen. really that simple. 3. finally, carry a dead one. give them that one. they only expect you to have ONE.

Android phones are already theft-proof! (-1)

Anonymous Coward | about 8 months ago | (#46451337)

...because nobody wants one.

A thermite charge will do (1)

K. S. Kyosuke (729550) | about 8 months ago | (#46451485)

Detonate automatically when the phone for a given period of time can't contact the wireless HW token you have on yourself.

sec (0)

shentino (1139071) | about 8 months ago | (#46451487)

I'm surprised mostly becuase it didn't get seized by the TSA before he got there.

Re:sec (1)

CRCulver (715279) | about 8 months ago | (#46451571)

The submitter appears to live in South Africa. After all, he wrote:

"Last week my 4-week old Moto G phone was stolen while getting onto the train at Salt River in Cape Town, South Africa. That in itself is no big deal. Cellphone theft is a huge problem here in South Africa and I've had at least two previous cellphones stolen.

There's no suggestion that he is an American who has ever had to to deal with "the TSA". Slashdot has had a global readership since forever.

IMEI change (1)

manu0601 (2221348) | about 8 months ago | (#46451647)

I thought IMEI could not be changed. Is it possible here because on a smartphone everything is software defined?

really simple. (1)

Lumpy (12016) | about 8 months ago | (#46451681)

Step 1 change gmail password.
Step 2 realize you were dumb for not setting a lock screen code.
Step 3 - buy unlocked Moto X used on ebay for $260 and keep it in your front pocket next time.

I use Prey (0)

Anonymous Coward | about 8 months ago | (#46451699)

I'm a paranoid type about big brother and his cousin google, so i always would leave GPS off...

After my Nexus 4 got stolen, I got a 5 and installed 'Prey' (google Prey Project'), which is a pretty good tool...Like 'Find my iPhone' on steroids. I just hate leaving my GPS on all the time now.. :(

don't leave it lying around (0)

markass530 (870112) | about 8 months ago | (#46451715)

you have to fuck up pretty big for your phone to get stolen

Google 2 Factor Auth (1)

heezer7 (708308) | about 8 months ago | (#46451751)

If you use that you can at least revoke that devices access so your google account is protected.

Android Device Manager (0)

Anonymous Coward | about 8 months ago | (#46451787)

Use built-in encryption and use Android Device Manager to ring, lock and wipe device:

https://www.google.com/android/devicemanager

Whitest Niggers I Know. (-1)

Anonymous Coward | about 8 months ago | (#46451819)

Buy a BlackBerry, seriously. Y'all (/. readership) are the whitest niggers I interact with. Fucking niggers

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?