Both Android and iOS use the same default for app storage, which keeps it at rest only after a reboot until the first unlock. iOS apps can more easily opt-in to having data protected when the screen is locked, but Android does have that functionality. It's just more verbose.
-
-
Replying to @CopperheadOS @Snowden
My definition is operational. As a non-technical user, you can take a stock iPhone and configure it very securely by following a short guide. To get an equivalent level of protection in Android, you need to be an expert, or have expert assistance.
2 replies 0 retweets 2 likes -
In what way is it harder to get similar protection on a Pixel 2 compared to an iPhone 8? What additional steps are there for Android? Should probably tell someone like
@rene_mobile because they should fix it.2 replies 1 retweet 5 likes -
Is my data encrypted when the lock screen comes on on a Pixel 2, or do I need to fully power off the device?
1 reply 0 retweets 2 likes -
CopperheadOS Retweeted CopperheadOS
You need to power off an iPhone for most data to be at rest when locked too. Mentioned that in a previous tweet: https://twitter.com/CopperheadOS/status/968231976468602880 … Most Android and iOS support protecting data when locked and both have the same default. iOS just makes it a lot easier for apps to do this.
CopperheadOS added,
CopperheadOS @CopperheadOSReplying to @CopperheadOS @Pinboard @SnowdenBoth Android and iOS use the same default for app storage, which keeps it at rest only after a reboot until the first unlock. iOS apps can more easily opt-in to having data protected when the screen is locked, but Android does have that functionality. It's just more verbose.1 reply 0 retweets 3 likes -
Replying to @CopperheadOS @Pinboard and
Since on iOS, you just switch data from the default class to the class at rest when locked. On Android, you need to use the keystore to encrypt data, which is a lot more verbose without using a third party library. They need to add other data classes to make it easier on Android.
1 reply 0 retweets 2 likes -
Replying to @CopperheadOS @Pinboard and
CopperheadOS Retweeted CopperheadOS
https://twitter.com/CopperheadOS/status/968235756098473984 … Typo: meant "Both support" not "Most support". Would like to edit it but don't want to risk breaking the thread.
CopperheadOS added,
CopperheadOS @CopperheadOSReplying to @Pinboard @Snowden @rene_mobileYou need to power off an iPhone for most data to be at rest when locked too. Mentioned that in a previous tweet: https://twitter.com/CopperheadOS/status/968231976468602880 … Most Android and iOS support protecting data when locked and both have the same default. iOS just makes it a lot easier for apps to do this.2 replies 0 retweets 2 likes -
My understanding of the differences in lock screen behavior comes from https://blog.cryptographyengineering.com/2016/11/24/android-n-encryption/ …. Is this out of date?
1 reply 0 retweets 1 like -
No, it's not out-of-date, but it's important to note that Android does have a hardware-backed keystore which offers the option of tying keys to the user unlocking the device. Default on iOS is not more secure than Android, look at that section in https://www.apple.com/business/docs/iOS_Security_Guide.pdf ….
1 reply 0 retweets 3 likes -
Replying to @CopperheadOS @Pinboard and
iOS makes it a *lot easier* for app developers to opt-in to various data being at rest when the screen is locked. It's quite fair to criticize the lack of an Android API for this. Situation isn't as cut and dry as iOS protecting data when locked and Android not doing it though.
2 replies 0 retweets 6 likes
Thanks for the informative answers! I genuinely appreciate the context.
-
-
Also worth noting that Android adding the API wouldn't make the difference overnight, since app developers would need to adopt it, just like on iOS. Hard to know which apps actually bother with this stuff. Likely way more on iOS since it's easier, but still it's not a default.
2 replies 0 retweets 5 likes -
Replying to @CopperheadOS @Pinboard and
This isn't magic, it is not even worth considering.
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.