
I built ScuttlePod: An Android app lock & digital escape pod to rescue your folders and secure-wipe them under duress
TLDR: ScuttlePod is an overlay lock screen that uses 4 different PINs to trigger different behaviors (like a guest mode, Decoy guest mode with cloud backups, or a secure wipe). It can also trigger remotely via a secret keyword text or by deleting a file in your personal Google Drive/Dropbox. (No ads, no subscriptions).
Hi everyone,
I’m a solo developer, and I wanted to share a project I’ve been working on.
Standard Android lock screens and native theft protection features are great for locking your screen, but they don’t protect, back up, or wipe your specific sensitive folders if you are forced to unlock your phone under duress.
To solve this, I built ScuttlePod, an app lock that acts as a digital escape pod for your sensitive folders.
Key Features:
- The 4-PIN Lock Screen: Working in tandem with your native lock screen, different PINs trigger different actions:
- Master PIN: Unlocks the overlay and grants access to ScuttlePod settings.
- Guest PIN: Keeps restricted apps protected behind an overlay. You can hand your unlocked phone to a friend, but if they tap a restricted app, the ScuttlePod overlay blocks them.
- Panic-Backup PIN: Mimics a Guest unlock but silently backs up your selected folders to your cloud in the background.
- Panic-Wipe PIN: Starts a countdown (10-60s) to securely shred your selected folders. The countdown even survives device reboots.
- Scorched-Earth Wipe: Standard deleting leaves files intact on storage. ScuttlePod overwrites your files with random bytes and renames them to randomized numbers before executing the delete command, making recovery extremely difficult. (Note: This excludes system-protected or volume root directories from being renamed or removed, though all files inside them are still securely zero-filled and deleted).*
- Remote Triggers: Trigger a backup or wipe remotely by sending your phone a secret keyword from any messaging app. Or, if the phone is turned off, simply log into your Drive/Dropbox from another device and delete the [SCUTTLEPOD_CANARY] - TRASH TO WIPE PHONE.txt file. ScuttlePod will execute the emergency backup and wipe the second the phone connects to the internet.
- Intruder Logs: If someone enters a wrong PIN, ScuttlePod captures photos using both the front and back cameras. It logs the time and which restricted apps they tried to open. All logs and photos are saved in a private, hardware-encrypted sandbox not accessible to other apps.
- Bring Your Own Cloud (BYOC): I have zero backend servers and absolutely no access to your data. Your backup folders stream directly and securely from your device to your personal Google Drive or Dropbox account.
I would love to get your feedback on the concept, the offline security logic, or answer any questions you might have!
Play Store Link: https://play.google.com/store/apps/details?id=com.sphereforge.scuttlepod
Privacy Policy: https://scuttlepod.com/scuttlepod-privacy.html