Locking devices down too hard, and other tales of broken phones
One day I noticed my nice 7 month old Nexus 4 had a think crack on the screen. Not sure where it came from, but my old Nexus One had had a similar crack and when it was on you barely saw it and the phone worked fine, so I wasn't scared -- until I saw that the crack stopped the digitizer from recognizing my finger in a band in the middle of the screen. A band which included dots from my "unlock" code.
And so, while the phone worked fine, you could not unlock it. That was bad news because with 4.3, the Android team had done a lot of work to make sure unlocked phones are secure if people randomly pick them up. As I'll explain in more detail, you really can't unlock it. And while it's locked, it won't respond to USB commands either. I had enabled debugging some time ago, but either that doesn't work unlocked or that state had been reset in a system update.
No unlocking meant no backing up the things that Google doesn't back up for you. It backs up a lot, these days, but there's still dozens of settings, lots of app data, logs of calls and texts, your app screen layout and much more that's lost.
I could repair the phone -- but when LG designed this phone they merged the digitizer and screen, so the repair is $180, and the parts take weeks to come in at most shops. Problem is, you can now buy a new Nexus 4 for just $199 (which is a truly great price for an unlocked phone) or the larger model I have for $249. Since the phone still has some uses, it makes much more sense to get a new one than to repair, other than to get that lost data. But more to the point, it's been 7 months and there are newer, hotter phones out there! So I eventually got a new phone.
But first I did restore functionality on the N4 by doing a factory wipe. That's possible without the screen, and the wiped phone has no lock code. It's actually possible to use quite a bit of the phone. Typing is a pain since a few letters on the right don't register but you can get them by rotating. You would not want to use this long term, but many apps are quite usable, such as maps and in particular eBook reading -- for cheap I have a nice small eBook reader. And you can make and receive calls. (Even on the locked phone I could receive a call somebody made to me -- it was the only thing it could do.) In addition, by connecting a bluetooth mouse and keyboard, I could use the phone fully -- this was essential for setting the phone up again, where the lack of that region on the touchpad would have made it impossible.
One of my security maxims is "Every security system ends up blocking legitimate users, often more than it blocks out the bad guys." I got bitten by that. There are a number of ways I could have been allowed into the phone that would still be secure. Here are some:
- Some Android devices let you plug in a USB mouse using an OTG adapter. The N4 doesn't allow this, the N7 does. With a mouse, I could have traced the lock code and been set to go.
- As an alternative, the best solution would probably be a way to do an emergency pairing of a Bluetooth mouse using just the volume and power keys or other external clues. For example if the phone is locked and you press a certain sequence of the external buttons, then pair with any mouse or keyboard you find nearby which is waiting to pair, and confirm with final press. Then, again you would be able to unlock and do all other things.
- Failing that, since the device regularly checks with big-G for new apps you have requested on the web site, let me issue a command on the web site that tells my phone to unlock itself. I would probably need to provide my unlock code (as a series of digits) when doing this, though strictly, since on the web site I can download any app and give it any permissions, I'm not sure if a remote unlock is all that dangerous, security-wise.
- Likewise, a computer connected by USB should be able to send a version of the lock code as digits, and get access. Since mostly what I wanted was a backup, the backup tool which work over USB could do this.
- If I had put a suitable app into the phone while rooted, I probably could have done some of the above things. But I lost root with the 4.3.3 update and had not restored it.
In addition, it would be nice if my carrier (T-mobile) had been able to let me set up call forwarding from the web, without access to the phone. At first I switched to another phone and so forwarding would have helped -- though as noted the phone could still answer, but that's just luck. This would be a very handy feature for people who leave phones at home etc. -- does anybody offer it?
Now, it's easy for me to think of these alternate methods after the fact. The truth is, phone digitizers are cracking left and right -- I see it all the time. Repair stores must be doing well. But phones are going obsolete so fast that most people just want to upgrade if the repair is expensive. (It's not that expensive on devices where the digitizer is not glued to the screen and the screen is undamaged. There typical repairs are in the $50-$80 range and can be less if you do it yourself.) Problem is people are buying $600 phones with $400 subsidy for a contract, and the replacement is expensive. I may be talked into putting the phone into a case. That does goad me because I know how much work phone designers do to make their phones small, light and thin, and then the cases just take that away. It may be time for phone designers to put more shock protection right into the phone, even though that makes it bigger.