New protection based on detection of a sequence of potentially malicious actions

[serrq]

Suppose we want to set up the device as follows:

1. After a single failed pin entry attempt (or giving up typing it after displaying it) Sentry will start the "delayed wipe" mode (24h countdown) that will wait for a valid pin before initiating a wipe (as explained in another post)

2. If, however, during the 24h countdown of waiting for a valid code someone tries to connect the usb connector (excluding electric charging only) then a wipe will start because someone has deliberately figured out that there is a blockage and wants to get around it by usb hacking.

Is this feasible? Has my idea any functional problems?

[x13a]

Wasted already has a USB trigger. It will fire if USB data connection will be made (excluding electric charging only).

[serrq]

I just now saw that trigger: thanks for pointing it out.

One question from a layman: if I connect my usb key to the smartphone while the device is already unlocked nothing happens. But what happens if I forget the connected usb key (from a previous lawful unlock) and in the meantime the screen lock for timeout lighting is activated?

[x13a]

It may fire Wasted.

On Sat, Sep 24, 2022, 08:19 serrq @.***> wrote:

Hi just now saw that trigger :thanks for pointing it out.

One question from a layman: if I connect my usb key to the smartphone while the device is already unlocked nothing happens. But what happens if I forget the connected usb key (from a previous lawful unlock) and in the meantime the screen lock for timout lighting is activated?

— Reply to this email directly, view it on GitHub https://github.com/x13a/Sentry/issues/22#issuecomment-1256864535, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMXH7T2UT3U6SYW2PVR6GC3V72FOFANCNFSM6AAAAAAQTU2L5E . You are receiving this because you commented.Message ID: @.***>

[serrq]

Forgive me I didn't understand. Wasted deletes everything In the case I described?

[x13a]

It depends on Wasted settings. If you turn on Wipe Data, it will run factory reset. Without it only force lock your device.

[serrq]

Thank you very much for the explanations. My only concern is that I connect a usb key myself (with the screen off) forgetting that I have the usb listener turned on.

At the moment I can't come up with a protection scheme that can avoid false alarms (me mistakenly connecting the usb key with screen off).

Also, it is not 100% clear to me whether the SuperVooc (80W) charging of my OnePlus exchanges not only energy but also data... triggering the wipe (since it is a proprietary technology that exchanges data on monitoring charging status).

[x13a]

You always can do not turn on Wipe Data option and test your SuperVooc (80W).

[serrq]

You always can do not turn on Wipe Data option and test your SuperVooc (80W).

This morning I tested both SuperVooc and the USB key.

I specify that my device is locked regardless of Wasted's requests. In both cases I could not tell if Wasted fired because I do not have an objective data with which to measure myself.

It would be interesting if it added an events' log or even better to have the flashlight LED flash for 5 seconds as evidence of fired. Or both.

[x13a]

It depends on Wasted settings. If you turn on Wipe Data, it will run factory reset. Without it only force lock your device.

On Sat, Sep 24, 2022, 12:47 serrq @.***> wrote:

Forgive me I didn't understand. Wasted deletes everything?

— Reply to this email directly, view it on GitHub https://github.com/x13a/Sentry/issues/22#issuecomment-1256926642, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMXH7T2C3IRAUVB3XHR5QKLV73E3NANCNFSM6AAAAAAQTU2L5E . You are receiving this because you commented.Message ID: @.***>