Re: [Hackmeeting] Secure phone?

Delete this message

Reply to this message
Author: pasky
Date:  
To: hackmeeting
Subject: Re: [Hackmeeting] Secure phone?
On 2016-02-11 10:27, pak0 wrote:
> Mi accoderei alla richiesta, cm (dalla 10 in su mi pare) ha un opzione
> per criptare il telefono, purtroppo però tale opzione cripta solo /data
> e non l'intero filesystem.


Quello che ti serve è criptare i dati l'intero filesystem lo fa
la versione Lollipop di andrond con FDE (Full Disk Encryption),
FDE è stato introdotto comunque dalla versione 3.0 di Android,
ho visto che vi sono un pò di app che cryptano i dati pur non
avendole mai testate, ma richiedono SuperUser come minimo e sono
basati su LUKS (aka Linux disk encryption specification) che
crea una partizione cryptata virtuale sulla scheda SD dove
poi vanno messi tutti i dati.

Per esempio Cryptfs Password:

Android 3.0 (Honeycomb) introduced disk encryption and it has
been available on all subsequent versions. It encrypts the data
partition with a key protected by a user-selected password and
requires entering the password in order to boot the device.
However, Android uses the device unlock password or PIN as the
device encryption password, and doesn't allow you to change
them independently. This effectively forces you to use a simple
password, since you have to enter it each time you unlock your
device, usually dozens of times a day. This tool allows you to
change the encryption password to a more secure one, without
affecting the screen unlock password/PIN. To change the device
encryption password simply:

Enter the current password (initially the same as the unlock
password/PIN)
Enter and confirm the new password
Hit 'Change password'

(If you are using a pattern lock (5.0+), enter the dots as a
sequence of numbers, where '1' is top left and '9' -- bottom
right.)

The changes take effect immediately, but you will only be required
to enter the new password the next time you boot your device. Make
sure you choose a good password, not based on a dictionary word,
since automated tools can brute force a simple password in minutes.
Above all, make sure you REMEMBER the new password.

If you change the device unlock password/PIN, the encryption password
will be automatically changed as well. You need to use this tool again
to change it back, if required.

Once Android adds an official way (system UI) to change the passwords
independently, this tool will no longer be needed. Star this issue if
you want this to happen:

http://code.google.com/p/android/issues/detail?id=29468
How to get it

The app is also available in the Google Play Store:

https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager

Happy Hacking


-- 
P@sKy
Makkinista -⁠⁠ Fuokista
Isole Nella Rete -⁠⁠ http://www.ecn.org/
GPG/⁠⁠PGP keys available via keyservers http://pgpkeys.mit.edu:11371/
        DSA: 6CBE 6982 5C10 CFF0 D676  6420 C1C5 B8EC 8690 0F88