Security of data and passwords when phone is lost/stolen

Hi,

I'm in the process of setting up a Google Nexus 5 with ubports for somebody else. And I keep wondering, what are the security implications of running ubports on a device with unlocked boot-loader?

In case the phone is lost or stolen, will any new "owner" of the device be able to access the WiFi passwords, IMAP passwords and all data, photos etc. stored on the phone by just connecting USB cable and running adb/fastboot to dump the flash?

Are passwords stored on the device encrypted with the unlock passcode?

What precautions can/should be done to secure the data on a phone running ubports?

Thanks for any insights,
cheers,

Dave

Hi @advocatux ,

I ran into the same "signature error", attempting to update my Aquaris 10 FHD tablet. As I don't mind breaking the tablet (as opposed to my phone), I just attempted to upgrade using the development channel, which worked (i.e. no signature error), then once that was running switched back to the stable image, and this time no signature error as well.

Working nicely now, no problems, some bugs I encountered with 15.04 seem to be fixed with that release. Very happy. Will attempt the same procedure on my phone.

Dave

@advocatux , yes that makes sense. However, what's the recommended way to upgrade to 16.04 stable, in spite of the signature error I get?

Hi,

running an ubports installation on LGE Nexus 5, "stable" channel ( 15.04 r3).

The download of the new stable image under "System Settings" -> "Updates" fails with :

Update failed
SignatureErorr:
sig path : 060f5c1283d44... /android/cache/recovery/device-f43cba6c627...
[..]
keyrings: ['56b9554d8355b87653425cb..'] ['/var/lib/system-image/keyrings/image-signing.tar.xz']

[..]

If I switch to the development channel, I do get a successful download (but don't want to install development version on my phone). If I switch back to stable, the download restarts and fails with the same error.

Any idea what's broken? Is this a local or server-side problem?

cheers,

David

Yes, I retried, the "stable", channel download (Versiwon 3) reproducibly fails with an "Signature Error". The development channel download (Verison 287) works and offers an "Install..." button once done.

Maybe will add another forum topic about the signature error.

Dave

@Lakotaubp ,

just switched channels to development and back to stable. It then started downloading an image. Though finally it failed "Update failed,; signatureError: ...".

Will retry again later and if this can't be made to work, commence with the manual upgrade procedure you linked.

thanks,

Dave

Hi,

I installed my Nexus 5 with ubports more than a year ago. According to "System Settings" -> "About" it is running Ubuntu 15.04 (r3), stating "Last updated "1/3/70" (which maybe means "never").

Pressing "check for updates" says "Software is up to date".

However, on devices.ubuntu-touch.io latest stable version is listed as 16.04.

In "channel settings" I have selected "Stable". I see no way to request the upgrade to 16.04.

Any ideas on how to get my installation up-to-date?

Thanks and cheers,

Dave

see also

Hi,

I sort of start feeling old, trying to participate in UBports: An open source project without a mailing list and without IRC channel does not really integrate with the modes of communication I'm used to use.

Just tried to make a telegram account (via web.telegram.org), however it needs a phone number, and (one of my) "landline" SIP-based phone numbers is not accepted ("incorrect phone number"). I'm not really willing to give my cell phone number to an untrusted 3rd party to participate in an open-source project. I mean, if I were, then I probably would just be using Google Android and not bothering with UBports, would I ?

So I guess I'll have to stay at the outside for now.

cheers,

Dave

So this is where my flash memory is going:

$ mount|grep mmcblk0p23 | sed -n -e 's/.*on \([^ ]\+\).*/\1/p'|sudo xargs du --max-depth=2 -c -h

-> /userdata/system.img is taking 2 GB and seems to be the actual ubuntu touch file system image. Then I wonder why there is another 4 GB partition in /dev/mmcblk0p21. This is mounted on /android/cache. Is there any reason for that "cache" partition taking up so much memory? Can its size be changed during installation from the ubports-installer to leave more room for my home partition?