This is really secure…

I can’t reuse my deceased brother’s mobile phone. He set up a secure code and/or fingerprint, and that cannot be removed except by himself – which is of course a problem.

I have written to Google about it, because although I’m really not a beginner in putting other operating systems on a phone, to do so you still have to unlock the bootloader first, which cannot be done if you can’t log in into the device. No way, and I’ve tried several times to factory reset it – still the security wants Willi’s secret number and/or credentials after rebooting it. And Google wrote back that they are sorry for our loss, but cannot help – they don’t store copies of your device passwords and/or fingerprints.

And that seems to be pretty secure indeed. In fact, in 2018 they were proud to announce their new ‘Titan M’ chip, and the media was full of praise, since while not perfect, that is a better and more secure setup than even Apple’s, as some wrote. Google even went so far to offer a reward of up to 1.5 million dollars to anyone who could hack the chip, and although that was done by three capable gentlemen, it took them a year and a half to fully understand what’s going on. Google thanked them and removed that possibility, giving the team some 75,000$ as they wrote.

So for me/us, my brother Willi’s device – a Google Pixel 3a which he got from us (I bought it for my wife originally) – is what you call a ‘landfill’, which is too bad considering the hardware being not even 4 years old. Maybe we could trade it in with our next purchase, let’s see. But hats off to Google as it really seems to be practically impossible (read: 4.5 man years worth only 75k$) to hack these devices.

What does that mean for me and for you? Well our data – at least the one on our phones – is pretty secure indeed (assumed you’re not too sloppy with security yourself). But if you want to have your relatives backed up in case of your own demise, you should probably consider to set up Google’s ‘Inactive Account Manager’, and probably send your secret code to your family if you don’t want your phone buried together with you… (this is a joke of course, these devices should at least be recycled).

Like always, thanks for reading.

Edit/update, from 3 days later:

[x] done. Guessed the right number, installed LineageOS 20 which is Android 13. Cool – this is a much better device than my old Nexus 5 which I still had in reserve and/or for development.

It’s astonishing by the way how close the look and feel can be to Google’s interpretation of Android on their Pixel phones – even the Easter eggs work in LineageOS as well, like the one simply called “13”. And once you have that, you can hold one of these bubbles to change that look. Funny:

13. Or, better said, LOS20’s view of it.

Edit/update, from 5 days later:

That Pixel 3a is still a wonderful device, especially with that inofficial LineageOS 20 image I have on it right now. That even came with the Pixel Launcher, so it almost looks like my 4a with Google’s version of Android on it. The only difference is that I didn’t set up an account on that 3a, so I also don’t have Google’s weather applet but a free one from OpenWeather instead. Look at them side by side:

Pixel 3a with LineageOS 20 left, Pixel 4a with stock ROM right

Like always, thanks for reading.