32
submitted 4 months ago* (last edited 4 months ago) by questionnaire@programming.dev to c/asklemmy@lemmy.ml

After the news about FBI accesing trump shooters phone some people are speculating that they copied the phone storage so that they could bruteforce it without getting locked out if that is true is there anyway to make it so that your digital device can't be copied without the passwd if someone has physical acess to it and all the bruteforcing etc have to be done on the original device itself so we have a better chance of privacy . I am a layman but i use a good enough password on my phone and encrypt some sd card storage (which i knoe can be copied bcause i do it myself) but if the phones whole storage can be copied it seems kinda pointless . so my questions are :

1 Does new smartphones do it by default ? if so how is wiping the phone when forgetting password possible ?

2 does full disk encryption do this ?

3 Does windows (8) have any thing that could do this for micro sd card and smartphone ? (some background is i only have a windows 8 craptop and it takes ages to load and Microsoft appstore nor sideloading works now encrypting the laptop is not needed as i barely do anything on it but was thinking if i could encrypt my phone or sd card using it (it is really really slow (think can't even load MS word in an hour slow) ) if not see question 4 ) also before you ask can't install linux tried and failed.

4 beside from encrypting certain files using file manager encryption can i encrypt my sd card on android itself by using any app ? (preferably from fdroid ) .

5 is all these even possible or is our only option hoping that our passwds are too complex to be bruteforced ?

6 also many people talk about updating your OS to increasing security but what about outdated hardware ? do they posses a risk or things like USB,sd cards etc which doesn't get any update ? Do they suffer security risk as time moves on ? is that even a thing ?

Try to answer questions in these format . pardon my ignorance and grammer even if i delete my acc feel free to still comment so it can be useful to others and i may still drop in to see the answers .

all 13 comments
sorted by: hot top controversial new old
[-] abrahambelch@programming.dev 23 points 4 months ago* (last edited 4 months ago)

First of all:

You can always copy storage if you're able to physically access it. The only way to prevent this is to secure the chip in a way it destroys itself if physically tampered with (like some TPM chips).

You should instead opt for a passphrase that is practically impossible to bruteforce on current hardware due to its complexity. Also, try not to disclose the encryption algorithm or software used as this information opens the possibility of exploiting known vulnerabilities.

VeraCrypt for example is able to completely hide its presence on a volume and the only way to know if a device is encrypted with it is trying to decrypt it using VeraCrypt with the correct passphrase.


Trying to answer your questions:

  1. Most modern smartphones encrypt their data by default nowadays. The rest depends on the phone itself. Mostly they just delete the encryption keys from the TPM when formatted so this still enables an authority to copy your storage and bruteforce.

  2. No. Encryption does never prevent you from copying the encrypted information. Those are two completely different things.

  3. No. You cannot encrypt the SD card with say Bitlocker and use it on a phone afaik.

  4. Yes, some Androids allow you to encrypt the SD card from within the storage settings.

[-] Dekkia@this.doesnotcut.it 10 points 4 months ago

One thing I haven't seen mentioned here yet is that windows 8 is out of support since January 2023.

It's good that you don't use it for anything because there are for sure as hell security issues with it by now.

[-] RobotToaster@mander.xyz 5 points 4 months ago

There are USB flash drives that self destruct after the wrong password is entered too many times.

[-] argentcorvid@midwest.social 1 points 4 months ago

At work, if we want to use a USB drive we are required to use one that has a hardware pin pad and onboard encryption. So those exist

[-] blackstrat@lemmy.fwgx.uk 5 points 4 months ago

To avoid copying data out of a device it would need to be stored in a secure enclave of some sort that doesnt allow that. Basically that doesnt exist on consumer devices. You need good passwords, algorithms and OpSec.

[-] DudeDudenson 4 points 4 months ago

I hope op Isnt planning something nefarious and asking security advice in lemmy beforehand

[-] slazer2au@lemmy.world 3 points 4 months ago

For phones most modern ones come with encryption at rest by default which is why you need a passcode to finish the boot process.

As for windows, there is Bitlocker but I don't know if win 8 supports Bitlocker on external drives.

[-] Squizzy@lemmy.world -5 points 4 months ago

Bitlocker is a pain, but also my mother forgot hers a neighbour bypassed it.

[-] Carighan@lemmy.world 12 points 4 months ago

That's not how bitlocker works, it was quite obviously not set up correctly.

[-] Bitrot@lemmy.sdf.org 4 points 4 months ago

Bet the recovery key was stored in the users MS account. More common since they are pushing the online accounts so hard.

[-] jet@hackertalks.com 2 points 4 months ago
[-] FelipeFelop@discuss.online 2 points 4 months ago

Phones encrypt the data by default, your password or pin is also needed to authorise the connection with a computer.

However, many people do insecure things like storing passwords etc in Notes applications, or having simple PINs that are easy to guess, don’t update their devices, or even turning off security features (if they can) because they won’t take a small amount of time to understand them.

this post was submitted on 20 Jul 2024
32 points (100.0% liked)

Asklemmy

43898 readers
1256 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS