Last-generation Android devices are gradually getting more secure, even approaching iOS-grade security in some usage scenarios. Equipped with fingerprint readers and compulsory encryption of the data partition, Android smartphones became a much tougher acquisition target compared to just a couple of years ago. In this world of increasing security, security firms go out of their way to discover usable techniques for imaging such devices. In this article, we will discuss the latest technique allowing experts to perform bootloader-level imaging and decryption of 2015, 2016 and 2017 Motorola models running Android 5.0 through 7.0.
Before we go on to the new acquisition method, let us first have a look at Android data protection mechanisms. In this article, we’ll concentrate on three things: bootloader lock, encryption, and passcode. Let’s start with bootloader.