Sailfish X protecting private data
Dear all,
with the rise of Sailfish X a concern about private data security came into my mind. As we have to unlock the bootloader to install the OS a thief would be able to flash custom recovery and get hold of the user data partition.
What countermeasurements are on the roadmap to make this impossible (LUKS, FUSE (encFs, cryptoFs...))?
If you lose your phone I'm not sure how anyone else is meant to be able to offer protection ideas to combat that, how else could they flash anything? Am I missing something? I wouldn't put any info on my phone like stored card numbers etc, if someone steals your phone they're gonna get what? email/pass combo's/ login details? If you unlock the bootloader to install, like I'll have to if I buy one to flash SFOS on, I just take it that this is the chance I have to take to get what I want on the phone, wouldn't this be the same scenario on any phone?
davekelly ( 2017-08-29 14:38:34 +0200 )edit@davekelly The iPhone has for some time had some pretty tough protections with device memory encryption using a secure enclave. The only currently working ways to get data off a locked iPhone is a pretty impractical passcode brute force hack that requires you to solder the NAND flash chips off the board and something referred to as "rubber hose cryptoanalysis".
Android also offers something similar, but from what I've gathered it's not as involved and while not trivial, it's much easier to crack than the protection on recent iPhones.
L_A_G ( 2017-08-29 15:12:30 +0200 )edit@davekelley i think the answer is more obvious and easier to implement than you think. Apple has successfully worked with backup encryption, whole drive encryption, and with the new high Sierra file system, individual file transfer encryption.
What Jolla can do is simply encrypt the user partition using the same passcode you use to unlock your phone for example (to combine ease of use and security).Now loose your phone and the data on it is useless unless for some dedicated and persistant hackers maybe.
DarkTuring ( 2017-08-29 18:59:49 +0200 )edit