Sure, you can try to attack my phone from a powered-but-locked state, but if you screw up and it reboots, or if you attempt any boot chain attacks, or if the battery runs out, you are *not* getting in. Period.
-
-
Show this thread
-
I don't know why nobody offers this option of split FDE/unlock codes by default (neither iPhones nor stock Android). It's such a massive no-brainer to increase security to basically "unbreakable" under an entire class of practical attack scenarios.
Show this thread -
(And we can already do this exact thing for FDE on desktops/laptops, so it's not like it's novel)
Show this thread
End of conversation
New conversation -
-
-
i mean… my unlock passcode is 20 chars
-
My patience isn't that high :-)
- 3 more replies
New conversation -
-
-
hmm i suddenly feel pretty safe with my 14 digit password
-
I only have 32 digit passwords lol (doesn't work on every website though, as it's "too long")
- 3 more replies
New conversation -
-
-
But having a custom recovery doesn't kind of defeat the purpose?
-
No, why would it? The FDE passphrase is cryptographically bound to the userdata partition, it doesn't matter if you can compromise all software. At most, if you break the TrustZone bit (which is separate from custom rec), you can speed up the cracking attempt, but not enough.
- 1 more reply
New conversation -
-
-
out of curiosity - does rooted equal unlocked bootloader? How do you prevent somebody from backdooring the password dialog?
-
You don't; I'm talking about people taking your phone, not evil maid attacks. I don't consider the latter in scope, because I don't really leave my phone unattended, basically ever.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.