Related
I'm assuming this is associated with the recent phenomenon of hardware ID's changing everytime a new ROM is installed. Apparently MS uses the same hardware ID when it encrypts files on SD cards. What this means is you will lose all of your files on the SD card (including backup files) if you have encryption turned on, the files get encrypted, and then you switch ROM's.
So.. uh.. this is just a little warning, and it might be obvious to everyone but me... don't use SD encryption unless you know you're going to stick with a ROM.
I have no idea why MS doesn't just use the IMEI, but... they don't.
From what I read about the encryption, the key is generated after a hard reset, so basically you can't hard reset the device once data is encrypted.
Do you know wether there is an option to backup ones key to a file, save it to ones PC, and then reimport it once one has finished hardresetting the device?
If I were MS I'd see the vast usefullness of such an option and integrate it at once
the encryption key is created when you turn the Setting on...
and when flashing a new ROM or a HardReset the key is desteroid...
i am still yet to find the location... still looking...
Providing you remember, can't you just turn off the setting before a flash or hard reset and restore all the files to there unencrypted state?
Once the ROM has been flash and everything hard-reset you can just encrypt them again?
Percz said:
Providing you remember, can't you just turn off the setting before a flash or hard reset and restore all the files to there unencrypted state?
Once the ROM has been flash and everything hard-reset you can just encrypt them again?
Click to expand...
Click to collapse
No, because turning it off doesn't decrypt existing encrypted files. Just like turning it on doesn't encrypt the normal files. It will decrypt them as you open and resave them.
:-\
walshieau said:
the encryption key is created when you turn the Setting on...
and when flashing a new ROM or a HardReset the key is desteroid...
i am still yet to find the location... still looking...
Click to expand...
Click to collapse
OK; that makes sense. I just realized that after I hard-reset I restored most of my settings with the data from a backup (Sprite Backup). I wasn't seeing the encoded files problem because I was restoring from a non-encrypted file.
ugh.
y2whisper said:
From what I read about the encryption, the key is generated after a hard reset, so basically you can't hard reset the device once data is encrypted.
Click to expand...
Click to collapse
That makes perfect sense, actually. That way someone can't hard reset your phone to get at the data.
Too bad it also means the real owner can't get to his own data..
Some FAQs from the horse's mouth: http://blogs.msdn.com/windowsmobile...ows-mobile-6-storage-card-encryption-faq.aspx
What you can do is ActiveSync your Device and then drag and drop all the files you want to keep before the hardreset. And then when you finish installing your ROM and Hardresetting your device, just transfer back the files via activesync. I know its tedious and long if you have like 1 gig of **** in the SD card, but thats the only way i've found.
just lost files to encryption
Been reflashing my 8525 with new versions of custels and vanilla and have never lost files to encyption. However just flashed to Black 3.01 and lost all my stuff. If i flash back to my previous ROM is it conceivable that the same key will be created and i will regain access to my files?
Unfortunately, I was also unaware of this. I presumed MS would use a key based on the hardware or something like that.
Anyway, is there any way of breaking the encryption and get back the files?
Thanks!
Keshen
As the DataProtection API as in WinXP and Win2003 is used, it is AES-128 by default.
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths."
So brute force attack is not really an option….
As the key is stored somewhere in the flash I think this will be the only feasible way to decrypt the files.
But as the key is lost because of the hard-reset during upgrade, there is not much hope...
Only if we can get more information on how the keys are generated, maybe this will reduce
the complexity of an attack.
You won't have good luck trying to crack the encryption. Which, is actually a good thing since the purpose is to keep your data safe in the wrong hands. I prefer to use a 3rd party encryption solution as it allows more choices and control.
MrGAN said:
As the DataProtection API as in WinXP and Win2003 is used, it is AES-128 by default.
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths."
So brute force attack is not really an option….
As the key is stored somewhere in the flash I think this will be the only feasible way to decrypt the files.
But as the key is lost because of the hard-reset during upgrade, there is not much hope...
Only if we can get more information on how the keys are generated, maybe this will reduce
the complexity of an attack.
Click to expand...
Click to collapse
Breaking AES is pretty hopeless unless you have access to the NSA's computer systems.
The big problem, in my opinion, is MS doesn't give you an easy way to back up the key and restore it. Now that I've given it more thought, it makes perfect sense that the key gets nuked on a hard-reset: otherwise someone could just hard-reset your phone and have access to your data. In most cases, it's better to permanently lose the data than to allow someone else to have access to it.
Another thing that MS would be wise to offer is a "mass decrypt" function that would go through the entire SD and decrypt all of the encrypted files.
Other than that -- the way I've been dealing with it is by using SpriteBackup (I'm sure SBP does this too) and back up the SD card along with the main memory. Since the encoding happens in the OS level, the backup software sees the normal unencrypted files. So this way I can restore the SD backup after a rebuild (I don't recommend restoring the main ROM image, since so much changes between each release).
j
keshen said:
Unfortunately, I was also unaware of this. I presumed MS would use a key based on the hardware or something like that.
Anyway, is there any way of breaking the encryption and get back the files?
Click to expand...
Click to collapse
Once you hard-reset your device and lose that key, your files are gone, unless you somehow have access to some very very high powered computer systems that can break AES -- and even then it would take several years.
I think the NSA in the US has managed to break AES (that's the rumor I've heard), but it takes quite some time.
j
AES-128 offers a sufficiently large number of possible keys, making an exhaustive search impractical for many decades.Correctly implemented AES-128 is likely to protect against a million dollar budget for at least 50 – 60 years and against individual budgets for at least another 10 years.
But as there are many pitfalls to avoid when encryption is implemented, and keys are generated.
So if the key is easy to guess it doesn’t matter if AES is secure ot not.
Creating good and strong keys is a surprisingly difficult problem and requires careful design when done with a computer. The challenge is that computers are notoriously deterministic, but what is required of a good and strong key is the opposite – unpredictability and randomness.
Provided that the implementation is correct, the security provided reduces to a relatively simple question about how many bits the chosen key, password or pass phrase really corresponds to. Unfortunately this estimate is somewhat difficult to calculate, when the key is not generated by a true random generator.
To make a long story short: if at all then the key generation might be the weak spot...
So i've to realyze that i've lost all the data of mi SD card. That sounds incredible!!, i don't know if i will be able to recover all the changes made.
I installed Mobsync, wich makes me backups of the SD data to avoid SD corruption, but the files are also encrypted on my PC.
WM5torage
I'm curious if anybody has tried turning encryption on, and using WM5torage to transfer files to/from the Hermes. Does it properly encrypt/decrypt the files, or does that work only when using ActiveSync?
-- Joe
Hi! I managed to compile a bionic version of cryptsetup with libcrypto instead of gcrypt, and I put it inside Steam Kernel, so anyone can play with it. This is actually not new to android, as from Froyo, the APKs that can get installed on the external SD, are actually also uding dm-crypt, although they are doing through vold, and not via device-mapper. It is actually strange, that Android has filesystem encryption on inside the kernels by default, but they are using it to keep us out from the system, and not actually to make other people get inside the system more harder.
In Steam Kernel, you can now chose to apply filesystem encryption to any of the 3 main partitions (cache, data, dbdata). The password can be entered using the screen by one, or multiple Swypes (up to 255 elements). Each swype creates a word, and words will be separated by "_". This mechanism was invented, as with this one can potentially achieve a good-enough entropy (although I'm not a cryptoanalyst), than by for example a simple PIN code entry box.
If you worry about speed, quadrant scores are around 1400 if using ext4+crypt, so they're still better, than stock rfs. I can't say much about battery life yet.
This feature is beta however, so don't rely valuable data to it yet, as it hasn't been throughly tested yet. (ancrpytion should be fine, I'm actually worried about data corruption).
The way to secure android is not yet finished however. I'm trying to find a way to secure adb, even if it's running root mode. (as running adb in root mode is good for debugging, but bad for security).
Questions on this topic is welcome.
Very impressive stuff, and still opensource.
It's a real innovation, congrats!
sztupy said:
The way to secure android is not yet finished however. I'm trying to find a way to secure adb, even if it's running root mode. (as running adb in root mode is good for debugging, but bad for security).
Click to expand...
Click to collapse
First weak security point for the Galaxy S phones is definitely the ability to flash anything with Odin.
As you cannot trust, well... anything your Filesystem Encryption approach is definitely the good one!
Other current weak point is the adbd exploit (rageagainstthecage) - so easy to use. I guess you can replace adbd in your ramdisk by the Gingerbread one, which is not vulnerable, if not done already
Yes this is really impressive man...
You should be hired by samsung to set there software ass rite :-D
Sent from my GT-I9000 using XDA App
supercurio said:
First weak security point for the Galaxy S phones is definitely the ability to flash anything with Odin.
As you cannot trust, well... anything your Filesystem Encryption approach is definitely the good one!
Other current weak point is the adbd exploit (rageagainstthecage) - so easy to use. I guess you can replace adbd in your ramdisk by the Gingerbread one, which is not vulnerable, if not done already
Click to expand...
Click to collapse
You would still lose the benefit of being secure + having the comfort of adb root. I'm more into the fact you have to login to the phone in order to use adb, just like you have to login to a real linux.
sztupy said:
You would still lose the benefit of being secure + having the comfort of adb root. I'm more into the fact you have to login to the phone in order to use adb, just like you have to login to a real linux.
Click to expand...
Click to collapse
I meant, for general security, we can replace the vulnerable adbd by a non vulnerable updated one - just that -
I feel your title could have security under [ ]. More noticiable.
AS I SEE IT NOW. supercurio's THANK's meter stands at 666. ROFL...
EVIL
Seems really great !
I'm not sure about a thing : Does this work when you power on the device (ie, you'll have to enter a pass to make it boot to Android), or before to be able entering into recovery ? Or none of these two things, and I totally misunderstood what you're saying ?
I was about to make a request to Koush if he could add some (basic?) security system to his recovery, as if you phone is stolen, they even won't be able to reflash a new rom.
This security layer + WaveSecure or any similar soft, and you would be sure that even if you phone is stolen / lost, nobody will be able to use it
Anyway thanks for your big stuff, will look deeper for sure when I'll get some free time, but your steam package seems amazing
Cheers
This works when you want to mount the partition. (eg at every boot). The partition can not be mounted wirhout a password ever
Amazing project. Good work.
Now wait just a moment...why would you encrypt those directories, when you alone (the user) are responsible for giving applications certain permissions. I mean...you agree to giving access to your Radio, messages and...whatever when you install applications, but then you want to encrypt certain directories. Why? You've already installed a trojan or a root kit and given it permission to do whatever it wants to do. That's the main security issue.
If your phone gets stolen they can't access your data.
Sent from my GT-I9000 using XDA App
... But another issue! Great work, Great project!
Edit: to slow, I was referring the post 2 above
sztupy said:
This works when you want to mount the partition. (eg at every boot). The partition can not be mounted wirhout a password ever
Click to expand...
Click to collapse
And I guess the partition has to be mounted if you want to flash another rom (By recovery, Odin, Kies, whatever) ?
If it's the case, then it's really really great !!!
No, if you're flashing a new ROM, you don't have to mount the partition. But the point is that nobody can read your data from the partition - that's the security risk sztupy is trying to prevent.
kidoucorp said:
And I guess the partition has to be mounted if you want to flash another rom (By recovery, Odin, Kies, whatever) ?
If it's the case, then it's really really great !!!
Click to expand...
Click to collapse
When you flash a new rom the data will be inaccessible (unless it's a steam rom and you know the password, or you can dump the partition AND know the password. Without the password the data can not be accessed, as it's AES encoded there).
This means that if you use all the security feautres inside Android (lockscreens, pin code, etc.), and use this too, and you don't allow adb to be run as root, there is actually no way of accessing your data (unless you can circumvent the security provided by Android, like the lockscreen), not even by flashing a new ROM.
Good work these kind of improvements make android better and better. I think the phones should be encrypted from the factory.
Great idea
If I might suggest though - can you make it so that it turns off decryption a couple of minutes after the screen is locked so that you have to enter the code again? Otherwise if the unit is on and stolen and never rebooted...
Being in Healthcare related IT I can say you'd have a product that is in severe need if any doctors really want to start using an Android tablet.
@sztupy
This is simply the best thing to happen to my SGS I've ever heard.
I can not test it right now (running 2.2.1 Darky's mod) but I have some questions about the security.
- What type of encryption is used? 128/256? weaker?
- Is it possible for you to figure how to use this encryption with different kernels/mods? We're talking about quite big a deal breaker for lots of people here. Perhaps even a separate app? I almost bought a blackberry as a second phone *kugh kugh* because android lacks encryption I so hardly need.
Sierra November said:
@sztupy
This is simply the best thing to happen to my SGS I've ever heard.
I can not test it right now (running 2.2.1 Darky's mod) but I have some questions about the security.
- What type of encryption is used? 128/256? weaker?
- Is it possible for you to figure how to use this encryption with different kernels/mods? We're talking about quite big a deal breaker for lots of people here. Perhaps even a separate app? I almost bought a blackberry as a second phone *kugh kugh* because android lacks encryption I so hardly need.
Click to expand...
Click to collapse
As already stated Android already uses dm-crypt for encrypting the application data on the external sd card, so in theory any kernel can actually use dm-crypt. Originally Android kernels only support aes-plain (which is AES-128 I think), and that is what you can use on probably every 2.2+ android (and even on some 2.1 too). (You can get a stronger encryption if you compile a better kernel as aes-plain has some weaknesses).
The hard part is actually not the encryption therefore (You just have to run cryptsetup before init, which is very-very similar of the process of creating "lagfixes"), but the fact that you'll need a way to enter the password every run. The latter is problematic, as you'll need to access the framebuffer to show the user the pin code panel, then leave the framebuffer in a state, so Android can boot from it without problems. On SGS, and probably all SGS based devices (including the Nexus S), this is already accomplished (in steam kernel). On other devices it might work too, but the framebuffer support might need to be rewritten. On other devices the fact that they use yaffs2 might also pose problems (as yaffs is working on a block), but that can be circumvented using a few tricks (like creating loop devices, putting the /data partition on the sd card, etc.)
Hello!
I am a security researcher, my project is to secure data on android devices by live replacing /data/ container with encrypted one.
I did this many times on different devices and with P601 I am encountered a problem.
The problem is - device ignores filesystem changes like there are no of them.
For example - if you unmount/move /data/ on any other android device - system will hang up, because it will lose connection with applications, cache and user settings. But if you do so on Samsung Galaxy Tab 10.1 2014ed - nothing will change! Android will just ignore replacement/remove and will still read/write to data partition wherever it is. How this is works? It is connected with KNOX framework?
My screen on my samsung galaxy is completely done and want to know how i can recover data off of it
wsperling said:
My screen on my samsung galaxy is completely done and want to know how i can recover data off of it
Click to expand...
Click to collapse
If you can't access it using a PC you're boned.
You have the ability to use an SD card as a data drive, why didn't you?
All your critical data should be stored there for reloads and... this.
I did someone hacked my Gmail and reset my phone boom therewent everything
wsperling said:
I did someone hacked my Gmail and reset my phone boom therewent everything
Click to expand...
Click to collapse
So the hardware's still good?
Check alternative 2nd email account if you have one to determine if it was unauthorized access took place.
Factory reload and change Google password after reload.
*You may have to reset Google account password if it was indeed hacked before you can regain device access. Try the original password first.
You get 3 tries before you get locked out for 72 hours.
If you got hacked, one or more of your devices was/is compromised. Always use a strong password and change it every few months.
Never use a "master" password for the Google account, it needs to be unique.
ALWAYS backup critical data on the PC and at least 2 more hdds that are physically and electronically isolated from the PC. If the your PC got hacked don't connect the backup hdds until it's clean.
I keep the laptop I use for backup offline and with no Google account on it for this very reason...
My wife has a PIN on her phone. She told our 6 yr old to put the phone down as she put my our other children to bed, and when she came back the phone was erased and reset. He couldn't have got in to the phone and through the menus. Does the phone reset and wipe everything after too many failed attempts at the PIN? Is there anyway out of this? I am familiar with rooting phones. Is there any back entry and restore through ADB? The phone was not previously rooted.
Doesn't take long to navigate to settings and do a factory reset.
Data is likely lost but you can try... I hope you backed up critical data. Even if you do manage to retrieve it the file structure has been lost.
A sea of random files and no way to recreate the file structure or associations except by memory.
blackhawk said:
Doesn't take long to navigate to settings and do a factory reset.
Data is likely lost but you can try... I hope you backed up critical data. Even if you do manage to retrieve it the file structure has been lost.
A sea of random files and no way to recreate the file structure or associations except by memory.
Click to expand...
Click to collapse
So pictures and everything are gone?
He doesn't know the PIN. Is there something that comes up that's says the phone will be wiped after so many bad attempts that he could have pressed?
Schroeder09 said:
So pictures and everything are gone?
He doesn't know the PIN. Is there something that comes up that's says the phone will be wiped after so many bad attempts that he could have pressed?
Click to expand...
Click to collapse
Jpeg files if recoverable will be separated from their exif files, no order, original time stamp or number. Even 100 jpegs are a small nightmare to try and sort.
You start to get the depth of the problem.
Not sure but I think you're correct.
I never use screen locks or encryption; security is purely physical. Meh, wysiwyg
"Kids do the darndest things..."
My cousin once "waxed" the whole kitchen floor with a bottle of baby oil.
My mother exclaimed:"Who did this?!"
Danny replied:"I doed it!"
He was quite proud of his achievement. The floor really did shine... clean up took a bit longer then the wax job.
Somebody may have a better plan than my call it a wash. If backed up on cloud you have another option. Personally I use hard backups.
blackhawk said:
Jpeg files if recoverable will be separated from their exif files, no order, original time stamp or number. Even 100 jpegs are a small nightmare to try and sort.
You start to get the depth of the problem.
Not sure but I think you're correct.
I never use screen locks or encryption; security is purely physical. Meh, wysiwyg
"Kids do the darndest things..."
My cousin once "waxed" the whole kitchen floor with a bottle of baby oil.
My mother exclaimed:"Who did this?!"
Danny replied:"I doed it!"
He was quite proud of his achievement. The floor really did shine... clean up took a bit longer then the wax job.
Somebody may have a better plan than my call it a wash. If backed up on cloud you have another option. Personally I use hard backups.
Click to expand...
Click to collapse
How do I try to see what is left on the phone? Is there an ADB process for this?
I've never understood backing stuff up on a phone. The restoring part seems to be more the problem for me. I did used to do multiple backups with titanium backup, but never once was successful restoring from the backup. How are you backing up and how are you restoring from it? Especially on a NON-ROOTED device? The latter will be more important. When I pick up my next phone (probably an s22. Currently have rooted 2xl running A10 yet) I will not be rooting. It's too much of a time-consuming PITA, and while the gains are noticeable; they're not worth the effort.
Not sure what if anything adb can do for you. I never use that to restore as I run stock devices and assume the file decryption keys are already lost as well as file structure after a factory reset!
For backup first identify all critical data that can be backed up. DCIM folder, Documents, contacts, all needed accounts/passwords written or as text files etc, music, vids and so on.
Apps that allow backup of settings like Poweramp and Color Note (can be used for bookmarks rather than the browser). I use ApkExport to make installable copies of all my apps and updates. On reload no Playstore needed.
Copy, paste, verify size and if readable to 2 or more hdds that are physically and electronically isolated from each other and the PC. A OTG flashstick can be used for quick backups but don't use as the only backup; hdds are more reliable. Work out a sync folder for media, etc.
SmartSwitch can be used to backuo homepage but never rely on it to backup critical data! It may or may not work!!!
If you have an SD card slot use an SD card as a data drive; all critical data goes here. There can be only DCIM folder so periodically backup the DCIM folder to the SD card but name something without DCIM in the name. Only apps and the download folder go on internal memory. Then backup the SD card redundantly and regularly to the hdd backups. That gives you multiple backups should one fail. NEVER encrypt backup data drives!!!
You have to methodically plan this to do backup this way but it's pretty foolproof and has built in redundantcy. Once you get used to it, it's not hard to do.
I have over a dozen backup hdds in various locations. I may lose some data but never all my data. Syncing data is the biggest headache with this method.
blackhawk said:
Jpeg files if recoverable will be separated from their exif files, no order, original time stamp or number. Even 100 jpegs are a small nightmare to try and sort.
You start to get the depth of the problem.
Not sure but I think you're correct.
I never use screen locks or encryption; security is purely physical. Meh, wysiwyg
"Kids do the darndest things..."
My cousin once "waxed" the whole kitchen floor with a bottle of baby oil.
My mother exclaimed:"Who did this?!"
Danny replied:"I doed it!"
He was quite proud of his achievement. The floor really did shine... clean up took a bit longer then the wax job.
Somebody may have a better plan than my call it a wash. If backed up on cloud you have another option. Personally I use hard backups.
Click to expand...
Click to collapse
how could I attempt to recover these JPEG files?
Schroeder09 said:
how could I attempt to recover these JPEG files?
Click to expand...
Click to collapse
What OS version? Not rooted?
I don't think you got a prayer but it depends on if the old data is encrypted which I assume it is because of the screen lock.
Full-Disk Encryption | Android Open Source Project
source.android.com
Of you're really hell bent on recovering some of the data a data recovery service that specializes in Samsung's is probably your best shot.
I could be wrong... do some Google searches, to search XDA simply add "XDA" to the end of the Google search parameter. XDA's search engine leaves something to be desired... and misses a lot that the all seeing Google web crawlers don't.
Leave the phone powered down until you decide what to do as any activity can now overwrite those old files.
Is this droidkit a gimic or will it work? the note 8 is on android 8 or 9.
Get Data Recovery, Screen Unlock, and FRP Bypass with DroidKit
www.xda-developers.com
Schroeder09 said:
Is this droidkit a gimic or will it work? the note 8 is on android 8 or 9.
Get Data Recovery, Screen Unlock, and FRP Bypass with DroidKit
www.xda-developers.com
Click to expand...
Click to collapse
Most likely a gimmick if not malware. AFAIK a factory wipe doesn't actually erase or overwrite the storage, it just removes the file structure and pointers, so a forensic data recovery tool could potentially help. Unfortunately, doing this on a smartphone is even harder to do, especially considering that most newer Samsung devices use encryption, and since a new key is generated when the device is reset, it won't be able to read the old data.
V0latyle said:
Most likely a gimmick if not malware. AFAIK a factory wipe doesn't actually erase or overwrite the storage, it just removes the file structure and pointers, so a forensic data recovery tool could potentially help. Unfortunately, doing this on a smartphone is even harder to do, especially considering that most newer Samsung devices use encryption, and since a new key is generated when the device is reset, it won't be able to read the old data.
Click to expand...
Click to collapse
Brute forced decryption be the only way as it uses random encryption. Folders are encrypted vs full disk encryption on the newer OS's if I recall correctly. The folder association with the files is already gone, lost with the factory reset. How the effects the encryption, no clue.
It's a mess.
blackhawk said:
Brute forced decryption be the only way as it uses random encryption. Folders are encrypted vs full disk encryption on the newer OS's if I recall correctly. The folder association with the files is already gone, lost with the factory reset. How the effects the encryption, no clue.
It's a mess.
Click to expand...
Click to collapse
is there a service that can recover the pictures? my wife already restarted the phone and has started downloading stuff (if that matters). I told her it would have been best to not even have restarted it and hand it to someone so they could recover from recovery mode prior to any new data being installed.
V0latyle said:
Most likely a gimmick if not malware. AFAIK a factory wipe doesn't actually erase or overwrite the storage, it just removes the file structure and pointers, so a forensic data recovery tool could potentially help. Unfortunately, doing this on a smartphone is even harder to do, especially considering that most newer Samsung devices use encryption, and since a new key is generated when the device is reset, it won't be able to read the old data.
Click to expand...
Click to collapse
Is there any company or service who aren't criminals that I can send it to to recover the pictures?
I think it's a dead horse especially if you're wife keeps using it!
Found this one. Do some searches and research.
Keep the phone powered off until you decide.