Ask Slashdot: How Do You Protect Data On Android?

Gibbs-Duhem writes "It makes me very nervous that my Android phone has access to my email/AIM/G-talk/Facebook, protected only by a presumably fairly easily hacked geometric password protection scheme. Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered. I have no idea how much of that information ranging from cached emails to passwords stored in plaintext is accessible when mounting the device as a USB drive, and that worries me." For the rest of Gibbs-Duhem's question about issues in Android security, read on below.

Gibbs-Duhem continues:"I have a lot of sensitive information in my email, including passwords for websites and confidential business/technical strategy discussions (not to mention personal emails ranging from racy emails from boyfriends to health discussions). My email and messaging client passwords are difficult to type (or even remember), so I would ideally want them saved in the device, although at least having something like a keyring password that needed to be re-entered after a time delay would make me feel better. This leaves me relying on encryption and OS level security to protect me.

I'm okay with this on my real laptop and computers as my hard disks are software encrypted and I make a habit of locking my session whenever I leave my desk. For instance, if I lost my laptop, the odds of the thief getting access to my information is minimal. However, I don't feel that this is at all true for my phone (which is frankly far more likely to be lost).

How is it that the Slashdot security pros handle this issue? Do you just not use email or the many other incredibly convenient capabilities of new Android smartphones due to the risk? Or are there specific ways in which we can guarantee (or at least greatly augment) the existing security practices?"

You can't have your cake and eat it too

[Anonymous Coward]

Just suck it up and type your password each time.

Re:

[Anonymous Coward]

Actually you can have your cake and fucking eat it too:

Set the default USB connection activity on the phone to "CHARGE" instead of "MOUNT SDCARD LIKE A FUCKING DUMB ASS".

Then enable the lockscreen option and if someone picks your phone up and connects it to a PC, its only going to charge the battery.

Now the thing to really worry about is someone taking your phone and then pulling the SDCARD out and mounting that on their PC, that will give them full access to everything stored on it, including all downloade

Re:

[jdgeorge]

Actually you can have your cake and fucking eat it too:

Set the default USB connection activity on the phone to "CHARGE" instead of "MOUNT SDCARD LIKE A FUCKING DUMB ASS".

Then enable the lockscreen option and if someone picks your phone up and connects it to a PC, its only going to charge the battery.

Now the thing to really worry about is someone taking your phone and then pulling the SDCARD out and mounting that on their PC, that will give them full access to everything stored on it, including all downloaded emails, dirty picks and movies you've shot in the bathroom to send your partner, etc.

Replying to this interesting comment to undo my accidental moderation.

Whispercore

[Baloroth]

This [whispersys.com] looks like exactly what you want. It warns that its in beta, though, so I'm not sure how well I would trust it. Seems like better than nothing.Says it does full encryption of the entire system, optionally your SD card, as well as optional firewall for your phone. Wouldn't rely on it without backups, but it should work. Also, you could look at a system that keeps passwords off your actual phone, like LastPass does. Not sure how well it works with Android, but I'd look into it.

Also, Honeycomb supposedly offers device-level encryption link [engadget.com]), so if you can wait for that on phones, that'd work too.

Re:

[dark_requiem]

WhisperCore is nice, basically uses the same approach as honeycomb. On capable devices, it uses dm-crypt to encrypt the mmc block devices, and they also have WhisperYAFFS (now GPL'd, I believe) for use on other devices.

I'd like to add this functionality to other ROMs like CM, but time forbids lately. However, since Honeycomb supports full disk encryption, and the tablet/phone forks are supposed to merge in the next major version, full disk encryption should be available for both Android phones and tabl

Re:

[quickgold192]

Even if I don't end up using that software, simply learning about smudge attacks [usenix.org] made that link worth following.

You can't.

[Threni]

Phones suck for that sort of thing. They also assume one user, so you can't hand your phone to your friend/daughter/colleague without wondering if they're going to phone/text/ install non-free apps etc. It would be nice if they were more like regular computers so they could log on as a guest and have largely read only access, limited access to the above etc. It would also be great if the filesystem was encrypted so if your phone was stolen it wouldn't give up its secrets quite so easily. All solved on a

Re:

[DemonGenius]

With the exception of multiple users (which is a good idea for phones BTW), this has already been solved with the N900. I can store a backup of all my important data secured on the phone's internal memory with a numeric password that is several characters long (should probably be alphanumeric, but this is still a phone we're talking about, not quite a computer). There is no way someone can get my data unless I store it on a micro SD. They can take the phone, but the internal memory would have to be wiped

Re:

[Mia'cova]

There are plenty of phones which do a great job with security. Blackberry being the primary example. Even the iphone now supports full-disk encryption and remote wipe. Just because most android devices are horrible doesn't mean all phones are.. To counter your desktop point, I doubt most linux desktops are put together with full drive encryption by default..

Re:

[jackspenn]

Apple has had it's share of security mistakes. Apple has ignored reported security flaws for months and in some cases for over a year. They just hide their shortcomings better.

How Do You Protect Data On Android?

[camperdave]

How Do You Protect Data On Android?

One seven three four six seven three two one four seven six Charlie three two seven eight nine seven seven seven six four three Tango seven three two Victor seven three one one seven eight eight eight seven three two four seven six seven eight nine seven six four three seven six. Lock? [youtube.com]

Re:

[DarwinSurvivor]

You seem to be assuming it's a reusable code. Since ALL codes seem to be given verbally, it stands to reason that would be on-time use only.

Re:

[Shillo]

And how do you secure the electronic device that generated the code in the first place?

You give it a phaser and combat training.

Re:

[DarwinSurvivor]

Judging by the the amount of 7's and 3's (common in human generated "random" numbers), it was most likely generated by a human (possibly on the fly during filming)

Re:

[macs4all]

Judging by the the amount of 7's and 3's (common in human generated "random" numbers), it was most likely generated by a human (possibly on the fly during filming)

I think they just told Brent to generate it on the spot, and then generated the "display" during Post, based on what he rattled-off.

Simple...

[TWX]

...don't lose your phone.

Yes, I know, there are some people who lose things all of the time, things like keys, wallets, pagers, phones...

So far in the roughly sixteen years that this could be a problem for me, I have never lost a wallet, a set of keys, a pager, or a phone. I have locked keys in the car twice, but that was within my first two or three years of driving. I lost a Gerber Model 600 multitool once, but I think someone grabbed it and it wasn't simply lost.

If I was the kind of person who lost stu

Re:

[daenris]

Losing the phone isn't always in the person's control. You might set it down for a moment and someone just grabs it. I once had my phone sitting on a shelf in my apartment, and a friend of a friend of a friend swiped it while helping my friend move furniture. Luckily it wasn't a smart phone, so no real information breach, so canceling service was all I had to do.

Keeping the phone tethered to you at all times is unrealistic. For example, I work with MRI scanners. I'm not allowed to bring my phone int

Re:

[dudpixel]

I disagree.

If your phone has data on it that is just as sensitive as your credit card details, then treat it that way.

You wouldn't leave your wallet lying around would you? Then treat your phone the same way.

I dont see how this is any different to keeping your wallet safe.

I really dont see anyone trying to "encrypt" their wallet (whatever that would mean), and yet the issue is exactly the same. I guess the difference is you can cancel your cards if your wallet gets stolen...so install an app that can do r

I am also curious.

[MyFirstNameIsPaul]

I'm not a pro, so I use a BlackBerry because I haven't read about BlackBerry phones having all these various issues.

Re:

[Lehk228]

BB password manager is very secure, if you turn on encryption for the phone you also get that level of security for the entire device

Re:

[MyFirstNameIsPaul]

Yes, that's exactly what I use. After 15 minutes it irritatingly forces me to enter a password, and after 5 failures the device wipes itself. The same is true for anyone trying to download the information through USB. I assume there is some way to make an Android device or iPhone similarly secure, but it seems like every few months some new hack comes out for those devices. The only hack I can recall reading regarding a BlackBerry device was some sort of Java exploit on the latest browser, which BlackBe

I don't...

[TemporalBeing]

...keep that kind of data on my Android phone to start with. That's how.

Re:

[stretch0611]

I don't keep that kind of data on my Android phone to start with.

This is a great idea, except that Android devices can pretty much access all data you leave in Google's cloud. It does not need to be on your device. This includes, Gmail, Google+, Google Docs, Picasa, Google Finance, Google Wallet, Android Market, Google Maps, and more. Android can even log you in to any website that uses google as a sign in... (I know a few things on appspot.com utilize google in this way.)

Now, you can say you can avoid using google services and accessing them from your phone, but then wh

Re:

[Simon Brooke]

Exactly.

I do keep sensitive data on my phone and in Google's cloud. That's why I use Android, after all. My phone is either in my belt or in my hand all the time. I don't put it down except when asleep in my bed, and when I'm asleep in my bed there aren't friends of friends present.What about recharging, you say? I have four batteries, one in the phone, one in the charger, two spare, usually fully charged. I shall investigate WhisperCore [whispersys.com], but the fundamental security is physical security. Never lose the dev

Re:

[TemporalBeing]

then why did you buy a smartphone in the first place?

Primarily for better contact functionality, and I like knowing it runs Linux (why I didn't get the iPhone). I didn't get a smart phone for Internet access, data plans, etc.

Now I do access the Internet, apps, etc - but that's not why I got it. And I still don't keep the sensitive information on it, or in the Cloud for that matter. Sensitive information stays on my laptop (also Linux).

Re:

[Dunega]

If you were so concerned with keeping your data secure why the hell did you send all of it to Google in the first place? via desktop or phone?

Re:

[AmiMoJo]

So the answer is "don't use a smart phone". Pardon me but I think we should be trying to find a way to make technology better and improve our lives, not simply reject advancements that can improve our lives.

To give you a real world example I use my Android phone's mapping software. I am now living in a world where I will never be lost ever again. Don't even have to wonder where the nearest branch of is or how to walk from here to . The down side is that both my phone and the phone company knows where I am

Re:

[TemporalBeing]

So the answer is "don't use a smart phone". Pardon me but I think we should be trying to find a way to make technology better and improve our lives, not simply reject advancements that can improve our lives.

To give you a real world example I use my Android phone's mapping software. I am now living in a world where I will never be lost ever again. Don't even have to wonder where the nearest branch of is or how to walk from here to . The down side is that both my phone and the phone company knows where I am and at least the latter keeps logs. In fact sometimes I keep logs, e.g. for geotagging photos I take. Rather than give that up how about we find a way to encrypt the data on the phone and change the law to ban the phone company from keeping logs.

FYI - even with a dumb-phone the phone company knows where you are. Somethings like that have no relation to being a smart phone. The nice thing about the smart phone is that you also easily know where you are on the maps.

Re:

[nedlohs]

The google account tied to my phone is completely unrelated to the google account that has my email/etc. What sort of crazy person wouldn't create a random google account when setting up the phone in the first place?

Don't worry...

[WillyWanker]

Be happy. Seriously. No one is interested in your Facebook page or your emails unless you've done something very, very bad.

Complete access to the internal memory?

[shutdown -p now]

Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered.

No, it doesn't. You get access to /sdcard (whether it corresponds to a physical SD card or not), but that's it. You don't get access (even read access) to sandboxed application and system data storage, unless your phone is rooted.

So the obvious answer is that, if you want security, don't root your phone. It should be kinda obvious that if you can do what you want with the phone via USB, so can any application running on your PC.

Re:

[machxor]

Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered.

No, it doesn't. You get access to /sdcard (whether it corresponds to a physical SD card or not), but that's it. You don't get access (even read access) to sandboxed application and system data storage, unless your phone is rooted.

So the obvious answer is that, if you want security, don't root your phone. It should be kinda obvious that if you can do what you want with the phone via USB, so can any application running on your PC.

Even if you're not kernel-rooted chances are (depending on the phone) all the hacker has to do is bypass your lock screen to enable usb debugging and root the phone himself.

Re:

[shutdown -p now]

Note the quoted part. It says "regardless of whether a password is entered".

If the hacker bypasses the lock screen, he can already have fun with your mail/FB/whatnot by using the apps directly, without even bothering to extract the password. Obviously, the first thing you should do if you're concerned that someone may steal your phone and get access to valuable info within, is to ensure that it is locked with a reasonably strong password, not a simple PIN.

Or are you saying that there is some known vulnerabi

Re:

[complete loony]

If the attacker has access to your phone they can simply remove the sd card and mount it on another system. Complaining that it can be accessed via USB seems a bit redundant.

But even if you do attach a usb cable, you must enable remote debugging or manually confirm every time you wish to share the sdcard.

Re:

[AmiMoJo]

You can't even access the internal memory or SD card over USB without unlocking the phone first, because Android requires you to click a button before it will actually mount the drives on USB. If the attacker doesn't know the code to unlock the phone they can't press the button.

Obviously an SD card can be removed, but many phones have a large internal memory that can't. My Galaxy S has 8GB. None of this is foolproof because I suppose in theory an attacker could do a factory reset, but it raises the bar a bi

Re:

[shutdown -p now]

Let's say the phone was lost or stolen. It'd be pretty trivial to root would it not?

All root guides that I've seen for Android phones (admittedly, just a few, for those which I either owned or considered owning) require the phone to be put into USB debugging mode first. That is not on by default, and is tucked away pretty far, so it's not like you're going to enable it by default. If your phone is PIN or password-protected - which TFA seems to assume it is (makes sense if you're concerned about valuable data on it!) - I don't know of any way to enable USB debugging without getting past the

Re:

[shutdown -p now]

I don't care much about the "true nature" of the source, so long as idea itself is good. E.g.:

"Those who have no understanding of the political world around them have no right to criticize or complain."

"We want the people to be peace-loving, but also to be courageous."

"History shows that there are no invincible armies and that there never have been."

Should be semi-doable

[quantaman]

First you encrypt the sensitive bits on the android (ie passwords) with a master key.

Then you store the master key on an external server.

When you check your email the phone automatically sends the encrypted password to the server, gets back a decrypted password, and uses that to check your email. So there's no loss in convenience.

But if you lose your phone you can de-authorize it at the server level so the phone can no longer access the passwords and other encrypted data that was stored on it. This also mea

Nice idea.

[Vario]

This sounds like a pretty nice and simple idea to me.

The extra amount of traffic does not matter, just a few bytes for the passwords and the delay does not really matter. Additionally that helps you if someone stole your phone as you could easily add some information about the current location.

One loophole is that you have to disable access/decryption instantly after your phone is missing, otherwise interception of the traffic would give the attacker the unencrypted password.

Droid 3/Android 2.3.4

[Anonymous Coward]

FWIW, the Droid 3 has full device encryption (Android 2.3.4). You can encrypt the whole phone, or just the internal memory card & SD card. It also has a time-lock password/pin/pattern that kicks in after 1-20 minutes (configurable). I was very surprised after upgrading from a Droid 1, which has basically no device protection what so ever...

Facebook? Secure?

[damn_registrars]

Surely, you jest. You should know better than to ever expect anything you post on facebook to be secure, ever.

You do not

[gweihir]

Put data on a modern "smartphone" of any kind and you can expect everybody halfway competent to get all data on it. That includes thiefs, the police, customs etc.. Believing anything else is just foolish.

Re:

[AmiMoJo]

Not true. I keep a Keepass database on my phone and unless someone happens to wrench it from my hands in the few seconds when I have the database open and unlocked there is little they can do to get into it. Obviously I use a good password.

how do I protect my data?

[roc97007]

I keep my phone with me. I never get drunk enough that I'm likely to leave my phone in a bar. I do a belt check whenever I leave a hotel room. My phone charger is on my desk in full view so I'm not likely to forget it in the charger.

Keeping your phone near you is at least 80% of security. No tool will absolutely guarantee you won't lose your data if you lose your phone. So first and foremost, don't lose your phone.

Re:

[dudpixel]

Exactly.

I use LookOut which does remote backup and remote wipe (and can locate your phone I believe).

Its like this:
1. Enable remote backup. (should be able to find something that only syncs on wifi if you're worried about data usage).
2. Enable remote wipe.
3. Try to never lose your phone - treat it as if it is your credit card, because in many ways, it is.
4. Oh, and make sure you secure the passwords used for #1 and #2 - and never save them on the device.

Using encryption just seems like overkill and inconven

Re:

[roc97007]

"I treat my phone like my wallet or my kidney". That's my new favorite phrase.

For Google, Two-Factor Authentication

[Sancho]

For linking your Google account to your phone, turn on two-factor authentication. You can't actually use two-factor authentication to add your Google account to the phone, so you get the option to set up an application-specific password. Though nothing stops someone from reusing this password to access your mail, you can revoke this password at any time without affecting the rest of your application-specific passwords or your main Google account password. If your phone is lost, get to the nearest computer and revoke the phone password. Then if the thief does manage to extract your password, it's useless.

For the rest... well, the advice in the other comments seems to be about the best you can do.

Re:

[Sancho]

Those are some valid points to consider. Here are some others.

You can carry a set of one-time use tokens with you, or leave them with someone trusted and that you will be able to contact. In this way, you won't require Google Authenticator to log in and revoke. You get 10 of these, and an emergency code can be sent to a landline or other mobile phone.

I'm not sure how or if Authenticator tries to protect its data. I would hope that it does something, as anything which slows down the thief buys you more ti

Android? Good question

[no-body]

Any used Blackberry form Ebay, unlocked for $ 2, set encryption on, password tries to 3, store word documents password protected on internal memory.

Effect:
- All content on device is encrypted.
- Any attempt to enter device password wrong 3 x wipes device - erases all content.

Re:

[nedlohs]

You restore from your backup.

Re:

[no-body]

He doesn't do backups or he would not post this nonsense.

Short answer.

[moneybabylon]

There is no way to 100% secure data on smartphones (Android/iPhone/Blackberry) against government level investigations. In fact, there is no way to 100% secure data against mere professional snoopers, both on the data extraction front, and on the wireless snooping front. In case you didn't realize, the philosophy of smartphones is to communicate and exchange data on as many fronts as possible. It is also designed to pack as many sensors to get data on you (microphone, GPS, camera...). Its form factor is

Where are the lame Star Trek Jokes?

[BryanL]

I'll Start. In Starfleet Federation, android Data protects you.

I'm screwed

[Vecanti]

I'm totally screwed if I lose my phone. I handle my phone security like I do my data backups. I'll worry about once it's too late.

Two Environments?

[Gyorg_Lavode]

It seems that, while android can be encrypted, it's typically irrelevant since the system is always on. To deal with that, could you run a second environment? I see it's common to run linux chrooted on android. Could you do something similar, except the second environment is encrypted when not running? This way, quick but unsecure information is immediately available. Sensitive information is slower to access but is secured?

And so that you didn't have to regularly encrypt/decrypt the secure environm

Re:

[The Dawn Of Time]

Yes but let's assume we aren't asking the question for the 0.00001% of humanity with no interest in being a part of society.

Re:

[tehcyder]

Yes but let's assume we aren't asking the question for the 0.00001% of humanity with no interest in being a part of society.

Boy are you on the wrong site.

Re:

[RapmasterT]

If you think that 99% of people use "smart phones", you're grossly out of touch with reality. "Smart phones" are grossly expensive status symbols. The only people I know who use "smart phones" have them to impress other people. I run a multi-million dollar business just fine with a laptop and a "dumb" cell phone.

I think you are grossly out of touch with reality. A smartphone lets me do my business without having to carry the laptop around, like you are apparently doing everywhere you go. I suppose you'd also like the children to stay off your lawn?

Re:

[datapharmer]

Yeah, tried that.... fail. Maybe your android is better, but vpn support varies wildly from model to model, and forget remote desktop or vnc - It isn't worth the frustration. I got a motorola droid with a hardware keyboard thinking "at least I can use the command line", but the key mapping really isn't appropriate for vi or anything serious in the shell. Sure it is nice to have access to email and the ability to remote in, but I have found many times where it was so frustrating I just said "forget it, I'm

Re:

[oakgrove]

I have a Droid and find the key mapping for vi to be just fine. ESC is a simple double tap on the button in the center of the D pad and since it's vi, you can map the keys however you want. As far as the shell, with connectbot, you can map one of the shift keys for tab completion. You did't give any specifics so, what are the issues you are having? My Droid is the best command line phone I've ever used.

Re:

[h4rr4r]

I use it for vim and ssh all the time.

VPN is great on CM7. I too have a D1.

Re:How do you protect your mobile phone

[godel_56]

If you think that 99% of people use "smart phones", you're grossly out of touch with reality. "Smart phones" are grossly expensive status symbols. The only people I know who use "smart phones" have them to impress other people. I run a multi-million dollar business just fine with a laptop and a "dumb" cell phone.

In Australia in 2010, 43% of phones sales were smart phones. The prediction for 2011 is 70% of sales will be smart phones..

Smart phones are becoming the norm.

Re:

[exomondo]

"Smart phones" are grossly expensive status symbols.

Thems new-fangled smartphones are just for them there kids that want to look "cool" with their myface, their twizzler and their spacebook. I don't want no smarphones on my lawn!

Re:

[macs4all]

Where did you get that stupid idea from (that they are more secure)? You do understand that they have to store their passwords in plain-text aswell?

Why couldn't they just store a hash? -Doug

Re:

[amRadioHed]

Ok, so if they can store a hash that is capable of logging into your account, how do they protect the hash?

Re:

[exomondo]

Why couldn't they just store a hash?

What would be the point of that?

Re:

[ozmanjusri]

Maybe it would cut down on this pointless FUD.

Re:

[avxo]

OK, so you store a hash. Now this means that the hash (remember, hashes are one-way -- you can't get the password back from the hash) itself must be usable to log into your account. In other words, the hash itself is a password. Password hashing is meaningful only on the server-side (by server-side, in this case, I mean whichever side of the protocol does the validation of the username/password and grants access) and not on the client side.

Re:

[macs4all]

Ok, you got me!

I'm an embedded dev. by trade; but I have to admit that I don't know diddly about how this sort of thing works. I just assumed that the firmware in the phone would have a routine that would generate the hash from user input, and the text to hash algorithm would use some "trapdoor" (non-reversible) math. That way, the only way to really get the data out would be to dump the data out of the flash directly (kinda hard when the flash is built into a SoC, and then decrypt it with the hash, and t

Re:

[Gordonjcp]

But then if you do reverse the hash then what's to stop an attacker reversing the "hash" to recover your password? But a reversible hash isn't a hash, it's an encryption scheme - with the key right there on the device. Think of it as being like storing your password in ROT13.

There is no real way of storing a password securely in an encrypted form, without requiring a password to decrypt it.

Re:

[avxo]

There is no real way of storing a password securely in an encrypted form, without requiring a password to decrypt it.

That is certainly true. But at the same time, it points to how Android (or iOS, or WP7 and so on) could implement better security. Encrypt all files (say with AES-128 for the purposes of this discussion) using a randomly generated AES key. Then encrypt that key with a password/passphrase required when the phone boots. This would ensure that data would be stored securely when at-rest, which

Re:

[node 3]

Where did you get that stupid idea from (that they are more secure)? You do understand that they have to store their passwords in plain-text aswell?

iOS doesn't. So clearly this isn't required.

Re:

[Nick Ives]

If iOS doesn't store passwords as plaintext, it's really dumb.

In order for your phone to authenticate with an online service, it has to send the password. In order to be able to do that, it has to retrieve the plaintext.

You could hash the plaintext to obscure it in some manner, but whatever process you use has to be easily reversable in order to get the plaintext back so you can send it off to the server (hopefully over a secure connection!).

You can only access the plaintext from that database if you've roo

Re:

[node 3]

If iOS doesn't store passwords as plaintext, it's really dumb.

In order for your phone to authenticate with an online service, it has to send the password. In order to be able to do that, it has to retrieve the plaintext.

You could hash the plaintext to obscure it in some manner, but whatever process you use has to be easily reversable in order to get the plaintext back so you can send it off to the server (hopefully over a secure connection!).

You can only access the plaintext from that database if you've rooted your phone. Even then, you have to be using an application that you've allowed to run as root.

Given all of the above, there's no point in obscuring passwords. If the password database is compromised, the phone is compromised and whatever mechanism there is for retrieving the passwords is also compromised.

I don't think you understand. iOS has a keychain (just like OS X, upon which it's based). The keychain is an encrypted file that contains things likes passwords.

The iPhone is just as insecure: http://www.slashgear.com/iphone-password-broken-in-6-minutes-10132627/ [slashgear.com]

Note that process also requires the iPhone to be rooted.

That's the very definition of being more secure.

Re:

[Nick Ives]

I don't think you understand. iOS has a keychain (just like OS X, upon which it's based). The keychain is an encrypted file that contains things likes passwords.

But that only keeps you safe if your storage media is somehow stolen. Given that the media is soldered into the phone, that's an unlikely scenario.

The only way to access the password database on Androind (and I presume iOS) is to be root. If you're root, you've got access to the procedure for decrypting passwords.

Therefore, what's the point of obscuring the passwords?

Re:

[avxo]

But that only keeps you safe if your storage media is somehow stolen. Given that the media is soldered into the phone, that's an unlikely scenario.

First of all, it is not an unlikely scenario. Why should someone bothering with getting the media when they can simply get the container of the media much more easily. Secondly, that is the only scenario where encryption helps -- your phone is stolen, or taken by police or somesuch. I would venture to say that is a very probable scenario, and from a risk analys

Re:

[Zero__Kelvin]

In which case his post was even more moronic, if that is possible.

Re:How do you protect your mobile phone

[k31]

Yea,

and I secure my car by having a bicycle, instead.

Sure, I get wet when it rains, but I'm a so much safer.

As Ben Franklin would say...

[Anonymous Coward]

Those who would gain a little safety by giving up necessary not-being-molested deserve neither and will lose both.

Re:

[Zero__Kelvin]

It is the old error coming back again. Nobody is talking about phones. We are talking about hand held computers that happen to be able to place and receive phone calls. I like your answer though, and I am going to use it for my new security firm. "Yes sir, I can guarantee your computer won't be hacked! Give me your computer, and take this pencil and pad of paper to use instead. That will be $100,000 please, and your welcome!

I swear to god most of the people here these days don't even think before th

Re:

[klubar]

If you are seriously interested in security, and have the budget to support it, get a enterprise-level Blackberry. These are used for highly sensitive data and are encrypted, remotely wiped.

Second, don't load a bunch of applications that offer to share your data--do you really need twitter on your work phone? I'd recommend a basic phone and a encypted laptop if your data is that valuable. If you need a cool phone for social stuff, carry two phones. One for your top secret data and other for social inter

Re:

[NFN_NLN]

"Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered."

I have a Nexus S with Android 2.3.4. Whenever I plug in a USB data cable, a pop-up asks me to "Turn on USB storage". This is only accessible after I enter my password. I realize he is bitching in general but with respect to this specific problem... it's a non-issue.

Re:

[NFN_NLN]

I have a Nexus S with Android 2.3.4. Whenever I plug in a USB data cable, a pop-up asks me to "Turn on USB storage". This is only accessible after I enter my password. I realize he is bitching in general but with respect to this specific problem... it's a non-issue.

This first appeared in Android 2.2.1

http://books.google.ca/books?id=yTrYZ2t7oPQC&pg=PA60&lpg=PA60&dq=android+%22turn+on+usb+storage%22+android+2.2&source=bl&ots=h4Z4ERUvtP&sig=REGSUTfY4y2VrnRHwUIsdsJh7ew&hl=en&ei=TeQxTpq9Gqnu0gHEn6XiCw&sa=X&oi=book_result&ct=result&resnum=8&ved=0CFgQ6AEwBw#v=onepage&q&f=false [google.ca]

And technically, unauthorized people cannot remove the SD card from a Nexus S :)

Re:

[whoop]

Yes, but how do you keep your stuff secure after you plug it into a computer, give it to an enemy, give apps permission to view your email/sdcard/facebook/twitter/texts/etc? I mean, with a system like this that just "lets" users give away their data, I don't see how anyone can ever consider using it!

complex passwords vs. saving

[manekineko2]

Not necessarily I think, as these two things protect against different style attacks.

Complex passwords:
+protects against brute force attacks
Manual entry of passwords every time (as opposed to saving them in client):
+protects against loss of control of your device

Depending on the situation, it's completely plausible that a complex saved password may be the right call.

Moreover, manual entry of passwords has a big negative: weak against shoulder surfing and entry loggers, which is enhanced by the fact that this is a mobile phone and you never know who might be watching.

Re:usb security

[manekineko2]

Can you even access the pull down the activate USB mass-storage mode when the phone is locked?

I would think it's sufficient just to disable development mode, so that ADB cannot be hooked into USB, which I think does work when the phone is locked.

Re:

[blair1q]

My Android phone frequently does not lock when the screen times out.

And it's not just a matter of forgetting to paint the lock screen. It's unlocked when I hit the power button. Sometimes a day or two after I put it down.

Re:

[bhmit1]

Can you even access the pull down the activate USB mass-storage mode when the phone is locked?

Yes you can activate the USB without unlocking the phone, at least that's the case on my G2. But this only gives access to the SD card, which you have physical access to anyway (remove battery, pull SD card, mount with any adapter). The device's internal memory is another case, and may be protected when the screen is locked and development mode is disabled, but I personally wouldn't trust this lock. An obvious f

Re:

[sjames]

You still get debugger access on charge only. Also, they can just take the sdcard out of the phone and mount it on something else.

Re:

[Nick Ives]

So don't have USB debug turned on in your phone options.

If someone can take your SD card out, your physical security has failed. Give me enough time alone with just about any computer short of some serious enterprise system and I can break the security. That's why physical security is paramount.

Re:

[sjames]

If they can plug in a USB cable, they can take the SD card out. That was my point.

If they can't do either of those things, that means they don't have your phone and there's no worry.

Re:

[Nick Ives]

Ah, I see.

I totally agree then.

Re:

[The Yuckinator]

Your phone may be fragmented, but my phone only has a bit of a dead spot in the upper left corner of the screen because I dropped it about 45 minutes ago. Nothing's fallen off it yet though.

But seriously, you're either grossly uninformed, a rabid fanboy parroting talking points, have never used an Android device for more than a few minutes, or just a weak troll. Fragmentation is largely irrelevant when you have a developer community like the folks at XDA [xda-developers.com] working on pretty much any android device they can ge

Re:

[macs4all]

Doesn't the iPhone suffer from pretty much the same problems as well? Moving to iPhone as the troll suggests solves nothing, and may even make the problem worse.

Nope. Encryption + Remote Wipe + Local Wipe on too many failed password attempts (see "Safe and Secure by Design" and "Ready for Business" on this page [apple.com]). Not even in the same universe as far as security goes...

Re:

[PCM2]

Nope. Encryption + Remote Wipe + Local Wipe on too many failed password attempts (see "Safe and Secure by Design" and "Ready for Business" on this page [apple.com]). Not even in the same universe as far as security goes...

See, I don't get all the people in this thread saying Android devices are "horrible" and "not even in the same universe as far as security." I have an Android phone from Motorola. It's billed by T-Mobile as one of their lower-end, entry-level smartphones, as opposed to a "teh awesomeness" phone. Nonetheless, my phone can encrypt the data on the device and the SD card, and it comes bundled with a (free) service from Motorola that not only lets you remote wipe your data, but will tell you where your phone is

Re:

[macs4all]

Take your phone, run it over with a truck. Then set it (the phone, not the truck) on fire. Then throw the ashes in a glass block. Then launch the glass block into the sun.

And so you think that isn't susceptible to an extraterrestrial-in-the-middle attack?

Re:

[Terrasque]

I was thinking more of a moon-in-the-middle attack here, but hey.. that could work too.

Re:

[datapharmer]

Do you do that on your laptop? Most people freak out about their phones but are perfectly okay not encrypting data on their other devices. people are weak and make mistakes. Unless you want to play James Bond for a living get a life and move along.

Re:

[shutdown -p now]

Passwords and other sensitive data are not stored on SD card though (unless the app in question is written by someone really clueless).

Re:

[wdef]

Impressive. Wondering: are you in the security industry, hence the interest in working out how to close any back doors in the phone? There are probably clients in government/industry/crime who would pay to have their phones locked down.