maemo.org - Talk - View Single Post - Privacy, Passwords, and Encryption

	WereCatf	2011-01-21 , 13:07
	Posts: 255 \| Thanked: 160 times \| Joined on Oct 2010 @ Finland	#8

Originally Posted by storkus

1. App level: how do you make sure that, once you save them, app data from texts and the web browser are wiped?

Basically, it must be encrypted at all times, there is no way to ensure that the data is actually gone if you delete it. (Well, except for writing random stuff on all the available free space every time you delete something. But that's not really a feasible alternative.)

2. System Password level: it seems to me you can overcome an installed password just by accessing the eMMC in mass storage mode, just like you would with any other drive--you don't even need special forensic tools. Is it worth even setting a password just to defeat n00b thieves and the curious?

Browser data and such reside on /home/user which can't be accessed in mass-storage mode. So, a password would protect very simple tampering. It wouldn't protect ~/MyDocs though.

3. Full Disk Encryption: the ultimate achievable level, IMHO, but subject to the flash limitations I said above. If that can be overcome, it seems it ought to be trivial to use whole-disk encryption. Has anyone done it? Has anyohe done it on Android?

Full-disk encryption is infeasible. It would require heavy modifications to the whole boot-up process and kernel. Encrypting just the home directory is a much better approach and can be done as I posted above. There is one caveat to such though: it consumer slightly more CPU-time thus eating into battery, and it wears out the flash chips faster as there's more data to write and more often.

__________________
HAND, n.
A singular instrument worn at the end of the human arm and commonly thrust into somebody's pocket.

Quote & Reply |