92

Magnet Graykey can provide same-day access to the latest iOS and Android devices – often in under one hour.(www.magnetforensics.com)

posted
by
Avatar
TheReturnOfPEB@reddthat.com
in
Avatar
privacy@lemmy.ml
51 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
SomeLemmyUser@discuss.tchncs.de
-1 points
*

I am aware that there are secure encryptions, but android isn’t hardware encrypted isn’t it? Haven’t used google android for a while, but no encryption was one of the reasons I moved away from it.

No idea about apple, but longer startup times for storage encryption doesn’t seem like a very apple thing to do

Also phones are so seldom turned off, and if the system is running storage encryption becomes less of a concern as the key is somewhere in the ram

permalink
report
parent
reply
Avatar
ReversalHatchery@beehaw.org
5 points
*

For a few years now Android has been encrypting storage. Not the SD card, and maybe not even the internal storage (which on android land means your files that you can access with a file manager without root) but I’m not sure about that part. The app’s main data is surely encrypted though, when the security menu in the settings says so.

But, there’s a loophole. Or two.
The parent commenter said, actual encryption can’t be broken without keys.
First, the keys are in the black box TPM of the phone.
Second, how do you verify that the phone uses an effective and unmodified encryption algorithm, and also that keys are never leaked anywhere?
And now consider that popular brands have been bundling malware for years, some of which cannot really be uninstalled either.

permalink
report
parent
reply
Avatar
SomeLemmyUser@discuss.tchncs.de
-1 points
*

Yeah TPM chip encryption is mostly not secure (at least not by simply existing, as an encryption with with a strong password that only exists in your head is) I’ve seen a german youtuber crack the bitlocker TPM encryption of a windows think pad, I have no doubt big companies can do this for the 3-4 most used TPM chips in android phones

And if you got the device and can damage it, even if you couldn’t crack the chip, putting the silicia under an electron microscope is always an option (lots of actual manhours of actual experts needed, but you could charge the client heavily to compensate)

permalink
report
parent
reply
Avatar
ShortN0te@lemmy.ml
3 points

No. The TPM was not cracked. The communication was sniffed, which is unencrypted. This requires a Device to be modified and then successfully unlocked to get exploited also this does not affect devices where the tpm is integrated in the SoC.

permalink
report
parent
reply
Show more comments

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 8K

    Monthly active users

  • 1.4K

    Posts

  • 18K

    Comments

Community moderators