Samsung adds 'repair mode' that hides data on Galaxy smartphones in South Korea Samsung has added a "repair mode" to its Galaxy smartphones, hiding users' data when they entrust an ailing device to a technician. When activated, repair mode prevents a range of behaviors – from casual snooping to outright lifting of personal data – by blocking access to photos, messages, and account information. The mode …
"To exit, the user reboots again after logging in their normal way and turning the setting off"
So how does this provide security? I've never taken a phone in for repair but I would assume you disable login or give the tech a temporary pin.
Am I wrong? What keeps the tech from just turning the setting off?
It sounds like you might need more credentials to turn it off than you do to open the device. Perhaps the pin unlocks the device, but the user has to enter their account password to disable the feature. I wouldn't expect this to withstand an attack by someone with exploits, but hopefully it's at least a step above what we have now.
It's a good idea in theory, but I feel it may be of limited use in practice, certainly for the large number of devices that are completely non-functional at the point where they are brought to me (doesn't switch on, screen is smashed, charging port is knackered and they've waited until the battery is totally flat to do anything about it etc)
If the customer can't get into the phone, they can't leave it in repair mode, so after repairing it, I'm generally still not going to be able to test that it's fully functional until the customer unlocks it, or trusts me with the unlock code.
What we need is a technician's testing mode that does not require getting past the user's security settings to enable it. Something that can be accessed through the recovery menu, that allows us to fully test the functionality of the device without accessing or overwriting the user's data, and without potentially giving a route to turning a stolen phone into a sellable one. Perhaps a mode that only functions when USB tethered to a technician's computer? Or engineer's firmware that can be flashed to RAM without overwriting the ROM?
Of course, if they just designed the things so users were able to create an encrypted back up of a broken device via USB, without needing a functional screen to do it, this would be far less of a problem to start with.
"Perhaps a mode that only functions when USB tethered to a technician's computer? Or engineer's firmware that can be flashed to RAM without overwriting the ROM?"
That's already possible with the command 'fastboot boot /path/to/file/image.img' which will load the image into the devices RAM and then boot from it. Of course if you have a locked bootloader then the image needs to be signed with the OEM keys. But there is no reason that Samsung couldn't release a signed image containing a simple test image that allows the technician to test the device.
In fact this is now the preferred way of installing custom recoveries on Android devices instead of using 'fastboot flash' which flashes to ROM, instead use 'fastboot boot' which loads the custom recovery and boots it, the recovery then does a self test to make sure the device is configured correctly and that the image was copied over correctly and then flashes itself to ROM.
User's data is encrypted with a personal key that is obtained from <waves hands>.
Device goes in for repair, which invalidates and clears the cache of keys.
Device is repaired and fully operational.
User's data is optionally restored from latest encrypted backup (still inaccessible on the device).
Device is returned to user.
User authenticates, and personal key is restored from <waves hands>.
Obviously I've left some of the clever bits in the "<waves hands>" section...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
