Can a stolen Android phone with USB debugging enabled have screen lock bypassed?

A sophisticated threat actor could potentially try to exploit the Android Debug Bridge's authorization protocol by switching your phone's storage media to another same model phone with already active ADB/ADBD authorizations (based on HWID like the network chip's MAC address) and maybe some additional tinkering.

From then on, provided he knew how to get there, even an encrypted device might be under threat of full decryption. Depending on multiple factors, like OS version, startup default mode (lockdown or not), ADBD startup policies...

The key factor here is the fact nothing is encrypted and USB Debugging is enabled.

Essentially anyone with slight IT knowledge should be able to access everything in there.

I'm fairly certain your phone will get wiped and sold.

Protips:

  • No root.
  • No debug.
  • Latest updates.
  • Full device encryption.
  • Disable PIN/Fingerprint/Face unlock (Either completely disabled or lockdown-only disable)
  • Strong password.

*This should take care of the unfortunate event where your phone is not in your possession and not communicating through any channels (e.g. SIM removed, WiFi disabled).

Optional:

  • Tasker Automations in case you need to remotely wipe your communicating phone.
    • e.g. perform rm -f /storage/emulated/0/ when "X" message is received by text, effectively launching wipes from SMS/GSM instead of Data/WiFi
    • e.g. Launch camera silently to snap the person's face/geolocation
  • Keep an eye on Google's Find My Phone.

Without full-disk encryption, your unencrypted data can be read without recovering the pincode. Enabled USB debugging, definitely, extends the attack surface, but it's not necessary for a determined and skilled thief.

But most likely, they will wipe everything and resell your phone to get the daily dose.


Without the encryption, your data can be trivially read out using a flash adapter such as this one:

USB flash adapter

Removing a flash chip is a 5 minutes job on a hot air rework station.

Of course, this assumes that the thief decides that the data on your phone is worth more than they could get by wiping and reselling it. If you have an old inexpensive phone or it has suffered a lot (cracks on the screen / case, broken buttons, etc.) it makes data theft more likely.

Tags:

Android

Usb

Smartphone

Related

Is exploit-free software possible? Why are my plastic credit card and activation code sent separately? Why do some web servers still provide information on vendor and version in the HTTP response headers Is Bcrypt a hashing algorithm or is my study material wrong? How do we cross-verify if the device is doing exactly what it is supposed to do? If you revoke a certificate authority's certificate, do all of the certificates it issued become invalid as well? Does code obfuscation give any measurable security benefit? How does a CDN actually prevent DDoS attacks, when an origin server accepts direct connections? If we should encrypt the message rather than the method of transfer, why do we care about wifi security? Is this just security theatre? Is it safe to pay bills over satellite internet? Why are KDFs slow? Is using a KDF more secure than using the original secret? Is storing files under a web server root unsafe if it is handled by PHP and blocked by the web server site configuration file?

Recent Posts