i am using a nexus S with whisper systems whisper core
it has real luks based AES full disk encryption and the ability to selectivity revoke application permissions
there seems to be no public info on the encrytion on ice cream sandwich
can anyone comment on it?
Anyone?
Sent from my Nexus S using Tapatalk
thanks for the replys
I got my LTE Galaxy Nexus today by far the best android device ever
I enable encryption
and it works fine
I wonder how long till theres a story about cops unable ( or able ) to get into someones phone because of encryption..
You must use a password/pin to encrypt. Swipe and face unlock are not a option. In cant be more than 16 characters. The same password used to encrypt the device must be used to unlock the screensaver. VERY annoying. You can however change your pass code/pin used to encrypt the device after encrypted nearly instantly. I'm not sure how its able to do this without a complete re-encryption of all encrypted blocks?
Sent from my Galaxy Nexus using Tapatalk
gophet said:
You must use a password/pin to encrypt. Swipe and face unlock are not a option. In cant be more than 16 characters. The same password used to encrypt the device must be used to unlock the screensaver. VERY annoying. You can however change your pass code/pin used to encrypt the device after encrypted nearly instantly. I'm not sure how its able to do this without a complete re-encryption of all encrypted blocks?
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
So, if you encrypt you have to enter your PIN to start the phone AND unlock the phone?
The information I read says you only need the PIN when you "turn on" your phone...
That would be okay but not for unlock too...
Yes your pin (or pass code) is used both to turn on the device and unlock the lock screen... I initially created a long random hard to type string of characters for my password but when I figured out I'd have to type it in for my unlock code also I quickly change into a numerical pin the fact I could change it without re encrypting the the tire device leave me to believe encryption keys for the entire disk is stored in small separate encrypted file somewhere.
Still wondering if this is AES or something else? And what partitions exzatly is encrypted.
Sent from my Galaxy Nexus using Tapatalk
gophet said:
Yes your pin (or pass code) is used both to turn on the device and unlock the lock screen... I initially created a long random hard to type string of characters for my password but when I figured out I'd have to type it in for my unlock code also I quickly change into a numerical pin the fact I could change it without re encrypting the the tire device leave me to believe encryption keys for the entire disk is stored in small separate encrypted file somewhere.
Still wondering if this is AES or something else? And what partitions exzatly is encrypted.
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
Thanks for the clarification... that sucks...
Ive been begging for this option on my Nexus One and now that ive upgraded are there any negatives to doing this? any negative performance hits etc.
What happens when you connect the Nexus to a computer? Can you see the contents of the internal memory via MTP, ei. pictures?
bunklung said:
What happens when you connect the Nexus to a computer? Can you see the contents of the internal memory via MTP, ei. pictures?
Click to expand...
Click to collapse
Yes you can.
gophet said:
You must use a password/pin to encrypt. Swipe and face unlock are not a option. In cant be more than 16 characters. The same password used to encrypt the device must be used to unlock the screensaver. VERY annoying. You can however change your pass code/pin used to encrypt the device after encrypted nearly instantly. I'm not sure how its able to do this without a complete re-encryption of all encrypted blocks?
Sent from my Galaxy Nexus using Tapatalk
Click to expand...
Click to collapse
you can change the password quickly because it does not reencrypt the whole storage. the actual key used for encryption is static, the password encrypts the key itself, not the storage.
it's a common theme in encryption schemas, truecrypt does the same thing. you generate strong keys once, and protect them with passwords. PGP does the same thing to your private key...
gkaugustine said:
Ive been begging for this option on my Nexus One and now that ive upgraded are there any negatives to doing this? any negative performance hits etc.
Click to expand...
Click to collapse
whisper system whispercord does FDE on nexus one and S
no notable performance issues - have not run any benchmarks
mvorbrodt said:
you can change the password quickly because it does not reencrypt the whole storage. the actual key used for encryption is static, the password encrypts the key itself, not the storage.
it's a common theme in encryption schemas, truecrypt does the same thing. you generate strong keys once, and protect them with passwords. PGP does the same thing to your private key...
Click to expand...
Click to collapse
yeah thats what i kinda figured - now i wonder what file it is that hold the key and how it is encrypted
Petrovski80 said:
Yes you can.
Click to expand...
Click to collapse
Does MTP or Windows prompt you for a password?
Does your phone need to be unlocked for the MTP drive to show? If you lock your phone does a file transfer stop?
Thanks again.
Do you know if the encryption slow down the phone?
It must encrypt every new file. Does this result in slower operations?
sblantipodi said:
Do you know if the encryption slow down the phone?
It must encrypt every new file. Does this result in slower operations?
Click to expand...
Click to collapse
The overhead will be when writing to and reading to the block device. There will be very few scenarios where you are maxing io (aka writing/reading) and the cpu at the same time. And that's the only scenarios where you'd really notice any slowdown.
There will be some increased cpu usage while writing to/reading from file though, so you could take a theoretical battery usage hit. But I doubt you'll notice it.
//edit, I should also point out that even if you find a game that's bothered doing background loading and pushing some cpu task in parallel, the phone has 2 cores.
//edit 2, some more digging:
http://source.android.com/tech/encryption/android_crypto_implementation.html
So we're talking dm-crypt with aes-cbc-essiv 128bit keys and sha256.
thanks! just what i was looking for
I had encryption on for a while. It took 45mins to encrypt my device when first activated. If I rebooted my phone it would take 3mins to boot up during which time I would be asked for my sim pin, encryption pin and finally the SIM pin again. The screen would repeatedly turn off during this time. In the end I removed encryption (factory reset is the only way to do this).
Sent from my Galaxy Nexus using Tapatalk
How does this work for flashing/upgrading the rom? I suppose it would need be be re-encrypted each time, however is the pin entered even before fastboot?
you cant backup a encrypted running system
you can only do a wipe
taking the galaxy nexus back as my nexus S seems to do most everything the galaxy nexus does only slower and smaller
When you try to setup VPN on the phone ICS enforces a pin screen lock policy. Why the hell do I need to use a numberic pin if I want to use VPN, and to make matters worse there is no timeout on the lock so as soon as your screen goes off you'll have to enter the pin again. WTF, is there a way to bypass this?
ilogik said:
When you try to setup VPN on the phone ICS enforces a pin screen lock policy. Why the hell do I need to use a numberic pin if I want to use VPN, and to make matters worse there is no timeout on the lock so as soon as your screen goes off you'll have to enter the pin again. WTF, is there a way to bypass this?
Click to expand...
Click to collapse
It doesn't on mine.... I have not pin set btw.. just face recog unlock.
ilogik said:
When you try to setup VPN on the phone ICS enforces a pin screen lock policy. Why the hell do I need to use a numberic pin if I want to use VPN, and to make matters worse there is no timeout on the lock so as soon as your screen goes off you'll have to enter the pin again. WTF, is there a way to bypass this?
Click to expand...
Click to collapse
I found the same for SSTP/IPsec/PPTP
If you can use OpenVPN, you can get around it, since it's 3rd party and not integrated into that stupid forced lock. I'd imagine someone must have fixed this in a custom rom? but don't know of any personally.
I've noticed that if you set up facial recognition unlock before attempting the VPN settings, that will work out fine. You can't add it after the fact though.
Personally, I just use a simple pattern. It's not terribly secure, but is just as quick to unlock as slide-to-unlock would be.
We attempted to find an answer earlier, but it died off.
thread: http://forum.xda-developers.com/showthread.php?t=1462026
and here: http://forum.xda-developers.com/showthread.php?t=1443505
and here: http://www.google.com/support/forum/p/gmail/thread?tid=31b8c3b478787fef&hl=en
and here: http://android.modaco.com/topic/349519-vpn-access-now-demands-a-pin-lock/
and here: http://androidforums.com/android-lounge/488613-ics-forcing-me-enable-pin-lock-screen.html
*edit: added links
ilogik said:
When you try to setup VPN on the phone ICS enforces a pin screen lock policy. Why the hell do I need to use a numberic pin if I want to use VPN, and to make matters worse there is no timeout on the lock so as soon as your screen goes off you'll have to enter the pin again. WTF, is there a way to bypass this?
Click to expand...
Click to collapse
Hy,
I wrote an application that can connect to a PPTP VPN Server
without having to use PIN or Pattern :
PPTP VPN Manager
Work around found..
I'm not sure if it's again the rules.. to post a link to another thread...
but a work around was found.
http://forum.xda-developers.com/showthread.php?t=1597093
As some of you might have experienced, there are situations when the phone gets into the "locked" state on power up. By "locked" I mean that it request some password you have probably never established by yourself.
I've already seen some posts on several sites from people asking about that password and personally called Samsung support to ask about it.
It seems that happens in several situations. One of tjen is a phone with a SIM lock enabled, but I've also noticed that it generally is a problem on phones that have Exchange synchronization enabled and are using phone password. You might have entered the password or SIM unlock code incorrectly several times, but it seems that might not necessarily be required. It JUST happens.
The password prompt is pretty brief and does not constitute for anything you might have entered by yourself. Samsung support says the default password is 00000000. Well, if your phone ends up in the locked state. It is probably not the password you will be looking for.
The solution is flashing your phone, but it results in data loss.
The other way is entering the password (called Freeze Password) generated by the tool in this thred. The password is unique to your particular phone and consists of 8 digits.
After entering them you may be asked for your current Phone Password. Although you might have established that while using your phone, you need to enter 00000000 then. That being done, you can choose new Phone Password that has to be different from previous one. Your data should stay intact.
It happened to me twice already while using Wave and I managed to address the problem having the FLOCK installed. You may try it for yourself.
My son has a Note 4 from Sprint on FreedomPop. (Only the best for my boy!)
A few days ago he enabled "Secured with Password" for the Screen Lock. He typed twice a well known password for us. But now the phone unlocks with a swipe and it won't accept his password for the screen lock.
I rebooted, wiped the cache, etc. No matter what we type (even his last few passwords) it won't accept and let us in to modify the Screen Lock. So now he can get in but it is less secure than before. Rooting probably won't help unless maybe I figure out what file or command might take care of this.
Any ideas?
I forgot my password to this old phone. it was an alphanumeric password.
id like to bypass that without loosing data since id like to access my pictures.
it would be nice to access my apps as well, but i primarily want the photos.
Did you ever figure this out? Back in 2018 I broke the lock screen for a verizon s7 edge. There was a script floating around to disable then re-enable the lock screen. I didn't follow it correctly and just broke the lock screen. No data was lost, everything else worked except settings would crash when you tried to lock the phone. I'm just saying that it should be possible since I did it for a newer phone once. But adding some info like if your phone was rooted, what firmware it's on, or if you have usb debugging enabled may help.