Retrieving Stolen/Lost Mobile Phones

Just recently, my sister fell victim to three knife yielding phone thieves who violently ambushed her in the wee hours of the morning on her way to work just moments after alighting a Matatu (I can only thank God she’s alive). She then calls me afterwards narrating her chilling experience and asked on how she could go about blocking and tracking her Phone.

Well in this day and age where a majority of phone snatchers are smart enough to hard reset phones or take them to their rendezvous backstreet shop to have the same done and/or have its IMEI changed is making it difficult for victims to locate their phones using those inbuilt or third party device tracking apps installed on their phones. Tech blogger @echenze couldn’t have said it any better here.

But for Sony users it’s different. Every Sony Xperia user (Myself included) knows about the My Xperia Theft Protection function of their Xperia Device. It’s a bit like googles ‘Android Device Manager’ which helps to Find,Lock or Wipe your device remotely if lost or stolen. But MXTP (My Xperia Theft Protection) enables you to render your device completely useless to a thief, (Yaani simu inakuwa mawe), how you ask? what makes it Sony so different you ask?

Well existing security solutions are usually a part of an android operating system. This means that by swapping the operating system the security feature or application is deleted. MXTP is different as it’s added to the bootloader of Xperia devices. The bootloader is needed to start the operating system of your device, and it is not part of the operating system itself. So even if you delete the operating system, MXTP will stay active and your device will still be protected

With MXTP activated you can’t even perform a hard reset (Power button + Volume up/Down) as it disables that too. (I’ve tried this on my Xperia Z3+ and it doesn’t light up.) Other tasks you also cant do are;

  • Performing a software repair using PCC or B4M (or third party flash tools).
  • Deleting the Google account used for enabling MXTP.
  • Trying to disable MXTP in the settings (failing to provide the correct login credentials 5 times automatically activates it)
  • Trying to delete MXTP or remove the administration rights of MXTP.
  • (I especially like this one) The USB port will only be available for charging. It will not be possible for a PC or Mac to detect the device.

Essentially MXTP renders your device completely useless (kama mawe) unless you have the correct Google credentials to validate the device:

  • All running applications are stopped.
  • You can no longer maximize the notification panel.
  • Incoming calls are sent to voicemail (if available).
  • Outgoing calls (except emergency calls) are blocked.
  • Switching it off and trying to hard reset it doesn’t work.
  • (And still my favorite) The USB port will only be available for charging. It will not be possible for a PC or Mac to detect the device.

I used to be a Samsung Fanboy but ever since i switched to Sony Xperia two years ago I’ve never looked back. Not only because of this useful Mawe Feature (that’s how i fondly refer to it), but lots of other advantages. But that’s a story for another day.

1 Like

Actually since Android Nougat, all phones running Android Nougat and above can enable a security feature that encrypts the phone and requires one to input a set PIN to start the device. Flashing the device, installing a new ROM all can’t help and without inputting the said PIN, the phone is pretty much useless.

I usually find that adding a Google account or removing requires me to input a fingerprint or password before I can do it. That’s on Galaxy A5 2016.

That definitely warrants a device upgrade.

Careful with the all phones running Android Nougat and above comment. My S7 Edge was encrypted and i successfully flashed everything and installed a new OS without it asking for the previous pin.

I suspect Sony’s environment may be susceptible to ROM cloning - like what they allegedly did to the San Bernardino attackers phone. iCloud is king of bricking stolen phones and short of geohots’ modified bypass methods (these bypass iCloud but turn the phone into an iPod with 3hr battery life as the phone constantly tries t connect to iCloud but fails)

@Krizwech The MXTP seems really useful. I never recommend Sony phones because of my experience with them:

Their UI is tedious to use
Slow on updates
Camera is kinda bad - ironic because their full frame cameras are really great
Bad battery life, and worse battery lifespan
Their bootloader is unnecessarily difficult to unlock

If you have a different experience then that is great, but all those i know with one regret buying it.

Kindly note the Android Nougat security feature is within the OS itself and not in the phones bootloader as is the case with Sony Xperia Devices. Sure reseting your Nougat device might prompt you to input the pin but flashing a new OS in those phones deletes the pin and your phone is as good as gone, but with Sony Xperia its MXTP still exists in the phone as it is not present in the OS.

Some time last year i factory reset my Xperia and upon startup the phone immediately locked itself and still asked for my gmail password (This means your Xperia device MXTP only knows one gmail account thus selling it becomes a problem to the buyer unless you first deregister your gmail account with MXTP and input theirs), please note after inputing the password to begin phone setup i still had to input my gmail account and password for the OS to sync back my contacts and apps.

Also note that flashing a new OS in Xperia Devices is not possible without your presence so a stranger can’t do it simply because once your phone is locked, your Xperia can’t be detected by PC or Mac whilst connected via USB nor hard reset it.

To sell an Xperia phone you not only have to factory reset it, but also disable MXTP security with your account so that the next user won’t have to call you every now and again when they need to reset or flash it themselves. (You can only flash an Xperia device with its MXTP disabled)

U got me interested in Sony coz i have lost 3smartphones the most precious one my galaxy s2 and i feel pained the thieves go unpunished

My sister’s bag got snatched just around Bus station, No one even stopped the thieves all of them were staring as they normally do. Then later I almost got robbed inside a mat

Just to answer your concerns

Hey i’m with you when it comes to Sony UI its not that pleasing, I once had an Xperia Z2 and installing Nova Launcher solved that problem. Upgrading to Xperia Z3+ that annoying UI isn’t there Sony removed it.

When it comes to updates Sony flagships aren’t that bad, i remember buying my current Z3+ while it still had lollipop, marshmallow came out and i only had to wait a few months to get it, now we have Nougat and by January 2017 Xperias were already receiving Nougat updates (Just checked Sonys Website and Z3+ is in the list)

I can’t really say much on Xperia Phone Cameras for i was once a Samsung Fanboy and Samsung is good i can attest to that.

Battery Life
Cant comment on this one as i think it all depends on how you use and what apps you have installed in your phone.

Their bootloader is unnecessarily difficult to unlock
That’s the whole point, why would i want it unlocked. Phone snatchers also find it difficult i have no qualms there.

Overall, when i switched to Sony i have never looked back. People who complain of their Samsung hanging i usually recommend Sony Xperias to them (well flagships mostly) and they have not come back complaining of hanging problems. I’m now thinking of upgrading to the their Xperia X range phones.

Just a heads up that Sonys MXTP is only available on certain Xperias devices such as Xperia M4 Aqua, Xperia Z4 Tablet, Xperia C4, Xperia Z3+ and others which i may not know of. I don’t know about the Z2 coz the last time i had it it didn’t have it

All android devices do that, well the password part that is,

thought on Samsung note 5.

And How unlikely or likely is it for me to get my phone back?

@TeriWanderi and @Krizwech To install a new ROM, you need to load the bootloader. Even to access recovery mode on my OnePlus 3, since I installed Nougat, you need that Anti-Theft PIN. I have also realized (through online research) that not all OEMs have integrated the security features from Nougat and some features require the user to actually dig in and activate them.
With my Anti-Theft PIN active, I haven’t been able to alter anything on the device before inputting the correct Anti-Theft PIN.

1 Like

Thanks @Krizwech for this info. I will certainly consider Sony Xperia when purchasing my next phone. Can MXTP also track the phone once it’s stolen?

MXTP just like any other tracking app can track a phone’s location provided the phones internet connectivity and location service are turned on

Just to cement my Xperia System Update frequency fact, Android 7.0 Nougat just checked into my Xperia Z3+ today, Part of the reason i love Xperia phones, No need to keep on buying phones just to get the new android update like i did with Samsungs in the past @TeriWanderi


And the updates just keep on coming, Its July 7th and Sony Xperia Z3+ receives the 7.1.1 update, 7.0 checked in on 25th April 2017, remember i purchased this phone way back while it still had lollipop installed

1 Like

I like the sound of MXTP. From what I understand, Samsung is a step ahead and is actually playing with non-programmable chips to store sensitive information like Knox encryption data. If that’s true, it’s only a matter of time before the bootloader goes in there. But I doubt they’ll go to extreme lengths to safeguard their phones because they are a member of the Open Handset Alliance. It is therefore their job to encourage creativity and part of that entails enabling developers to create software unencumbered by proprietary hardware. The open handset alliance does not encourage companies to ship phones with locked bootloaders but some still do. Luckily even ones that do have an official process for a user to unlock it.

Most high-end phones ship with a locked boatloader. Even if you change the IMEI the phome is tracked using the serial number. That means you have to change the motherboard, which is a costly affair to anyone.

In my Samsung security account, the phone serial number is included and not the IMEI. But a locked boatloader should work with Android’s security features.

In S8 and Note 7 heard the recorded iris features cannot be erased since they are stored in the hardware. So if you want to erase any, you need the phone’s owner to unlock the device first.