Duress, Wasted and Sentry

Tiny app to listen for a duress password on the lockscreen.
When found, it can send a broadcast message or wipe the device.

Lock a device and wipe its data on emergency.

You can use PanicKit, Tile, Shortcut, Broadcast, Notification, lock or send a message with a secret code. On trigger, using
Device Administration API, it locks a device and optionally runs wipe (factory reset). Also it can
send a broadcast message instead of the wipe.

Also you can:

  • fire when a device was not unlocked for X time
  • fire when a USB data connection is made while a device is locked
  • fire when a fake messenger app is launched
  • fire when a duress password is entered (companion app: Duress)

The app works in Work Profile too, but with limitations. Use it to install risky apps and
Wasted in it. Then you can wipe this profile data with one click without wiping the whole device.

Enforce security policies.

Note: Only encrypted device may guarantee that the data will not be recoverable.

Were also discussed in one of the first topics on this forum What is Your Private Phone setup? - #4 by ph00lt0

1 Like

These largely don’t look maintained.

1 Like

Well to add to that also. Duress passwords will be implemented on grapheneOS and also USB disablement was already done. So there is also not much these apps would add. Perhaps some instructions on grapheneOS should be updated on this.

1 Like

Agree, but while everyone should be using grapheneOS if they are able to, a lot of other people will be using other recommended OSes like DivestOS.

These apps [Sentry, Duress, and Wasted] don’t work properly since they trigger a reset via a standard recovery factory reset. You can demonstrate this for yourself easily if you have a phone for testing purposes. Once you trigger the reset, hold volume down to enter fastboot mode and you’ll bypass it. You can boot up the OS again from fastboot mode. It would be possible for these apps to remember that they tried to wipe and to do it again after boot if they implemented Direct Boot support to work before first unlock, but an attacker could just not boot the device again until they’re ready to exploit it.

This is also concerning:

1 Like

Yeah, it indeed sucks.

The forensics company, the Sweden-based MSAB, apparently released a video, instructing customers how to bypass an app called “Wasted,” which can help an owner remotely wipe an Android phone after its been confiscated.

The forensics company released a video on how to bypass Wasted app, titled “How to disable the Wasted App”, but they made the video private. Would be grateful if anyone who has downloaded the video could share it with us.

Pictures from GrapheneOS discussion forum Exploit of device after first unlock to obtain data that isn't at rest - GrapheneOS Discussion Forum

EDIT: It is not related directely to Wasted app as mentioned here

Use a supported Pixel with the April ASB with either GrapheneOS or the stock Pixel OS and you will mitigate this attack.