Page 2 of 2 1 2
Reply
Thread Tools
v13 is offline v13
2011-01-21 , 18:55
Posts: 376 | Thanked: 511 times | Joined on Aug 2009 @ Greece
#11
The best way (only-way perhaps) is to encrypt your sensitive data. A loopback device or a physical partition with LUKS should work well, as long all sensitive data are stored there. Encrypting the whole /home is not a simple thing for N900, so it could better work with the cooperation of programs that store sensitive data.

In any case, as a starting point, infrastructure for a password manager seems like a must these days. Encrypting the stored passwords is a first (and needed) step. I'm describing something like kwallet.

However, if you're considering the authorities, I suggest that you don't underestimate the point of the following sketch:
 
WereCatf's Avatar
WereCatf is offline WereCatf
2011-01-21 , 19:26
Posts: 255 | Thanked: 160 times | Joined on Oct 2010 @ Finland
#12
Originally Posted by retsaw View Post
Normally true, but if you boot the rescue kernel you can access the whole of the eMMC in mass-storage mode.
Indeed, that's why I said "simple tampering" Password-protecting the thing simply would not be good enough, though it too is better than nothing...

The best approach of course would be for the OS to provide function calls for reading, writing and creating encrypted files, and then for every application themselves to use those functions for any sensitive data and use non-encrypted function calls for nonsensitive data. That's how a well-designed, security-oriented OS would do it. But modifying every single existing application to use such functions would simply not be feasible :/

EDIT: Perhaps we could still petition for atleast Firefox and other large F/OSS applications to move to such design. The function calls for reading, writing and creating encrypted files could be made a separate library and thus shareable between several projects, and hopefully eventually become an inseparable part of any general distribution.
__________________
HAND, n.
A singular instrument worn at the end of the human arm and commonly thrust into somebody's pocket.
Last edited by WereCatf; 2011-01-21 at 19:29.
 
RobbieThe1st is offline RobbieThe1st
2011-01-29 , 02:27
Posts: 842 | Thanked: 1,197 times | Joined on May 2010
#13
Originally Posted by NIN101 View Post
33 seconds on mine. Not longer than 2 minutes on everyones I would say. But of course it depends on the hardware they have. And we can say without any doubt, that they have access to good hardware lol.
Ah, but in order to crack it, you need to find the encrypted password itself.
Which, in case you haven't been reading the forums recently, requires root access.
Provided you can use a password to prevent the raw data being read(i.e. lock down all methods of connecting before logging in), the only way to gain access to the raw data would be to physically remove the eMMC chip from the board and connect it to a test-rig.
Your average police officer doesn't have that. And can't do it in a short period of time.
Sure, if the FBI decides they want it, thet can try... But they'd probably just go with the rubber-hose method mentioned earlier.
__________________
My projects: BackupMenu - OS Backup & restore | Video: Flashing your n900(LiveCD)
My devices: N770 + 8GB SD card soldered internally, N900 with 8GB SD card + Custom OC(125-950 typically).
OC freqs: 0:22,90 125:22,90 250:28,180 500:30,360 550:32,400 600:34,430 700:39,430 750:41,430 805:45,430 850:47,500 900:50,500 950:54,500 1000:58,500 1100:67,520 1150:71,520
 
TiagoTiago is offline TiagoTiago
2011-01-31 , 08:42
Posts: 1,522 | Thanked: 392 times | Joined on Jul 2010 @ São Paulo, Brazil
#14
In some countries the law says you must provide the key to encrypted data to authorities when asked, or else you get jailed, keep that in mind.
__________________
NOKIA N900: IT'S OVER NINE THOUSAND


How to use HotspotShield in the N900
Google Voice from outside the US + Free international calls: LEARN HOW HERE!!!
 
Reply
Page 2 of 2 1 2

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 19:58.

Contact Us - Home - Archive - Top