There is a way to encrypt all the filesystems (/system, /data/, /sdcard, etc..) on the Nexus S? Like dm-crypt does on a standard Linux box..
Recently I got worried about protection of my system..
I know there's stuff to encrypt files or directories, but really don't exist tools to keep whole device encrypted?
How do you protect data on your phones?
Sent from my Nexus S using XDA App
Correct me someone if I'm wrong but I remember seeing something about device encryption in ICS so it might work then.
Sent from my Nexus S using Tapatalk
Thanks for reply.. And yes, ICS will have this feature (I saw it in the SDK-based port, and I think it's already available).
Surely I can wait until a stable ICS-based ROM will be released, but I wondered how people do this at this time..
Anyway, nevermind.. I think I'll be waiting for ICS directly, giving special attention to my phone!
what exactly do you want ?
if just like keep somebody else to see your gallery , contacts or something like that , MIUI has that feature , and lots applications...
easiest way , why don't you just put out your battery ?
I would protect especially login credentials of several services (e.g. google, facebook, msn, skype, etc..): all those informations are stored in /data partition, not in SD. Of course, I'd not dislike protect even sms or contacts, or everything else.
Anyway, I found something: Whispercore. This seems exactly what I've been looking for (encrypt /data and /sdcard as well).
I will also check MIUI features.
qtwrk said:
easiest way , why don't you just put out your battery ?
Click to expand...
Click to collapse
Related
I'm looking for beta testers for a new App2SD implementation that does not require your MicroSD card to be partitioned which is potentially unsafe and can result in a loss of your data. If you'd like to test this new implementation before it's release here on XDA shoot me an email at [email protected] with what firmware and version you're using.
More information will be released after I get a few positive beta tests out of the way.
loopback device, eh?
I tried that a while back but never could get the loopback driver to load early enough in the boot process reliably.
Hope you have better luck than I did.
As [email protected] pointed out to me a while ago, this is not a good idea for security reasons. If your loopback file sits on the FAT partition, it is accessible by all of the apps, it can be read, overwritten and deleted by a rogue app bypassing the entire android security model. If this is what you intend to do, it's probably not "safer".
Hey, shot you an email. Ready to try it out. But only for beta.
Hit me up, I have no apps to lose.
But security? Idk just let me know whats up.
what happens when you mount the SD card to your computer?
I'd like to try it, but i don't yet have a class6 sd card. Is that necessary?
i'd be willing to give this a shot. I have no data to lose as well.
southsko said:
what happens when you mount the SD card to your computer?
Click to expand...
Click to collapse
That's true. Won't all your apps disappear when you mount the SD?
This smells fishy not many app developers with 1 post can this be someone testing their new exploit/virus?No offense to original poster im just sayin....???
Edit:Sorry to OP clearly not a virus,and good luck on getting it stable I will gladly donate to your cause partitioning is a pain!
don't be a jackass, many people have had great ideas and decided to come to XDA to share them. just because you are a complete idiot who can't program does not mean that the OP is too.
@@OP
you are playing with fire my dear friend. i don't think that mounting your apps on the FAT32 partition is a good idea at all. not only because it would allow any program to access and write without asking android permission first, but because it would allow people to mount the SDcard and steal paid apps even easier. i beg of you please rethink your idea
I imagine the phone would be crashing when the phone is mounted to the computer. lol. just kidding. =]
tubaking182 said:
don't be a jackass, many people have had great ideas and decided to come to XDA to share them. just because you are a complete idiot who can't program does not mean that the OP is too.
Click to expand...
Click to collapse
WTF?Just came back to edit my post and put that its for real cause like I should have done first I found this http://noderat.com/loop2sd/.But as for your insults who the hell are you?How the f**k do you know what I can or can not do?I was posting in the first place to start trying be more active in the forums no reason for you to be a **** anyways,I was tryin to help people not get what I thought may have been a virus was that really that bad?
i'm not sure that is 100% true. when i mount my phone(apps2sd) my phone decides to mount the ext2 partion and the FAT32 partition, i am using ubuntu so my computer is able to read the partition, but my phone doesn't crash(i've yet to try running an app while mounted though)
Android can acces the sdcard while mounted.
Try terminal emulator.
crotalusfreak said:
This smells fishy not many app developers with 1 post can this be someone testing their new exploit/virus?No offense to original poster im just sayin....???
Click to expand...
Click to collapse
Well, take it from someone who has many posts and 15 years of unix experience, it is a bad idea.
Most of the devs here had this same idea, but as I mention in my previous post, this is opening yourself up to many bad security issues. To all those who answer, "I have no data to lose", that's fine as a beta tester. But what's the point in beta testing something that cannot be safely used by anyone who does have data (or apps) to lose?
I should point out to those who perhaps do not realize some the consequences of my original post, that it is not just a potential data loss problem, but a potential arbitrary code execution vulnerability. If an application manages to replace the loopback file with a new loopback file, it could inject altered common applications. If this succeeds, it means that previously trusted applications which have been granted privileges (or root using the various su apps) at install time, could be replaced with trojan versions which can have complete control over your system... steal your passwords... reflash your bootloader and literally install a permanent trojan... brick your phone... <insert other scary things besides data loss here>.
It's your phone, do what you want. I just figured that I would re-post that this not a new idea, but one that has been rejected by those of us with unix experience who realize the consequences. If you are just messing around, go ahead, it's not likely to hurt your phone. But, as a general method to build upon and be depended on, this should not have a future. If this becomes common practice, it is highly likely that exploits will be written to take advantage of this vulnerability.
So, if you are asking yourself if something is fishy, yes something is: it's a logical idea which seems great on the surface, but it has an unfortunate flaw.
Note: I am not suggesting malicious intent on the OP's part, just that they may not have thought of the consequences of suggesting this as a common method to do apps2sd. And if the OP (or someone else) is able to point out a method to avoid the things I warn against I will happily retract my statements (if I agree that this method would indeed work) since this method has some obvious benefits. However sadly, I think that is highly unlikely.
maxisma said:
Android can acces the sdcard while mounted.
Try terminal emulator.
Click to expand...
Click to collapse
No it can't. It can only access the empty mountpoint.
If you want to do this, there IS a way to make it work SAFELY....
Find the functions that control sdcard mounting and unmounting and FIX it so that it will mount an ext2 first partition. Then forget about the whole loopback thing as thats not going to do anyone any good... If you do it like this, then unionfs it, then unmounting the sdcard should safely vanish the apps that are stored on the card (leaving the internally stored apps), might crash the launcher, but that'll restart immediately and won't even error out.
A second step in the right direction would be to find the place where programs are detected from, which currently looks in /data/app, /data/app-private, /system/app, so it can clearly handle loading software from multiple locations -- add in a new path. Or maybe link app-private to /sdcard... A little more challenging would be to allow it look in multiple locations for thing that are ALL currently in /data/data and /data/dalvik-cache.
And then when its done, submit a patch for the source.
Wow what a response. Here's a few key bulletpoints:
I'm not a forum poster, not the kinda person for it but I have been on XDA Dream since I got my pre-launch G1 as a CSR.
There are potential security flaws with the current ext2 method of a2sd, and bypassing root to mount the ext2 partition is possible.
a2sd is not stable in any format, so it's a use at your own risk until android improves kinda deal.
I'm not cool enough to write a virus, but thank you for the ego boost
Anybody using a third-party firmware is not safe nor secure. If you're reading this forum you're not safe nor secure. The idea of homebrew roms is to add extra features that are not in Android to begin with and with that comes security risks. No ROM is ever perfect but I'd trust a Google or T-Mobile rom with my security before any homebrew-anything.So yes it's use at your own risk
This has the same results for mounting on a PC as MarcusMaximus's a2sd.sh
This doesn't really make it any easier to steal paid apps, it's always been easy and always will be but this doesn't change it.
If you guys have other questions shoot me an email, like I said I don't really do much forum-posting (never had much of anything to say, maybe this'll change all that)
[email protected]
JakeEv said:
I'd like to try it, but i don't yet have a class6 sd card. Is that necessary?
Click to expand...
Click to collapse
The faster the better but I've done it with the stock card that came in the G1 as well as a Class 6.
id try it since i can not get apps2sd to work.
[email protected]
using JF 1.51
Hi, there!
Like many others, I have only recently switched from WM6.5 to Android (with my new HTC Desire).
WM 6 introduced the possibility to encrypt the SD Card, making it only readable in the PPC it was originally encrypted in. I found this a very helpful tool and had bought a respective app from Spritesoft. Unfortunately, their Android software is still in the beginning status, and therefore, I bought yesterday the app from WaveSecure.
I was surprised, however, that they do not offer an encryption for the SD card as I know it from my old TyTN II.
Is anybody here who can advice - tweak, app, or whatever?
I mean, it's nice to secure the phone - but the sensible data are being stored in files on the SD card in the end. And if you lose your device, it may well be broke, but the SD card lives and cannot be wyped in a broken device either.
I couldn't agree more. There are a few applications that either offer individual file passwords, which is not very secure, or just offer encryption of its own text files, like OI Safe. I used to use a commercial application on Windows Mobile, Sentry 2020, which allowed you to create a an encrypted volume within your storage, internal or external. This was ideal, as it allowed you to store any kind of files in this. After a timeout period, the volume was automatically closed and your files were secure. It is a shame that the last activity in Sentry's website is in 2007.
I should be receiving a desire very shortly and am very concerned by the current lack of device level encryption.
Does anyone know if there are any products in development that will soon allow device encryption?
Is the hardware and OS itself capable of supporting full device encryption?
hi, i want to reopen this issue because today i asked myself the same question.
i have tested several apps but most of them are not useable for a large number of files or folders.... what we really need is a secret partition and something like truecrypt.... i didn´t find anything in the net... so if somebody has an idea or solution for that, i would be happy...
thank you!
htclerman said:
hi, i want to reopen this issue because today i asked myself the same question.
i have tested several apps but most of them are not useable for a large number of files or folders.... what we really need is a secret partition and something like truecrypt.... i didn´t find anything in the net... so if somebody has an idea or solution for that, i would be happy...
thank you!
Click to expand...
Click to collapse
did you encounter anything using AES/Rijndael or at least Blowfish or Twofish algorithm? I need something to encrypt single files/folders only. TIA!
wizja said:
did you encounter anything using AES/Rijndael or at least Blowfish or Twofish algorithm? I npartitioneed something to encrypt single files/folders only. TIA!
Click to expand...
Click to collapse
Do you speak about apps?
If yes, there is nothing out there
I know that is working fast with a big number of files. There must be an option to encrypt a whole partition,
That's the only thing that would make sense.
Sent from my HTC Desire using XDA App
http://tasker.dinglisch.net/tour.html
Claims to support encryption, kind of complicated through.
htclerman said:
Do you speak about apps?
If yes, there is nothing out there
I know that is working fast with a big number of files. There must be an option to encrypt a whole partition,
That's the only thing that would make sense.
Sent from my HTC Desire using XDA App
Click to expand...
Click to collapse
With the ability to put apps on the SDCard this is going to be an unlikely feature to work well....
Your best bet is looking for something with a good remote wipe/lock feature.
If you have a partition formatted with ext2/3/4, it's only a matter of copying over static binaries of lvm, device-mapper and cryptsetup, and creating a script called via initrc or controlled via /etc/init.d
I've posted about a similar solution for /data. Search for it.
Push for implementating it in Android:
Using dm-crypt to Encrypt the SD Card...? - xda-developers
Using dm-crypt to Encrypt the SD Card...? - CyanogenMod Forum
Issue 11211 - android - Android too insecure - Encryption of the SDcard is crucial - Project Hosting on Google Code
Issue 3748 - android - Add support for partition/block device encryption - Project Hosting on Google Code
I would really appreciate it if someone could help me out on this, some of you guys know the ins and outs of linux and Android, unfortunately for me my knowledge on OSs stops short at windows.
I have gone from a Nexus One running Gingerbread(never rooted) to a Nexus S.
The builds are the same, some other things are different such as the kernel etc but I wont list them as ofc I do not want to copy over system files.
I am after app data, all the nontemp noncached info my many apps save for reference everytime its launched so it remembers my settings, I want my phone to be close to how it was without me having to play spot the difference with all the interface menus. I am hoping there is an Appdata equiv in linux?
Most apps save their data in /data/data/...
Did you already look at "Titanium Backup" ? It is really good, though i don't know if it is gingerbread compatible yet.
I second titanium. It's working fine on GB for me, at least on CM7.
I am looking for a file encryption app that is dropbox and multi-platform compatible. I currently use a truecrypt container stored in dropbox for sensitive files that I need under both windows and Linux. Unfortunately, truecrypt doesn't exist for android. So I'm looking for alternatives.
thoughts?
-J
I'm in the same situation. Been hoping truecrypt would come out as an app, but no luck yet. I've been looking at RR File Locker. Looks pretty good and has some good reviews.
Sent from my Thunderbolt using Tapatalk
I have connections with people in investigation / forensics work, and if you have a decent lengthed truecrypt key then they aren't getting anywhere near your files. Honestly, I would stick with it as it's a proven application and provides top notch encryption.
wuala?
Maybe not answering your question exactly but you guys may want to check out Wuala. It works similar to dropbox (but has even more features) and securely encrypts your data before it leaves your machine (unlike dropbox). And of course, there is an android app.
sharkynolike said:
Maybe not answering your question exactly but you guys may want to check out Wuala. It works similar to dropbox (but has even more features) and securely encrypts your data before it leaves your machine (unlike dropbox). And of course, there is an android app.
Click to expand...
Click to collapse
Hey thanks sharkynolike. I was looking for something like DropBox but due to their security model I was not impressed. DropBox can (if they need to. i.e. warrant, etc) access your files. Wuala encrypts before the file is sent. No one but you has the password.
I did not know about Wuala. Just got storage space there. It is going to make a great backup location and the crypto sells it.
Skickat från min ASUS Eee Pad TF101
pgp?
Have you Considered pgp? Agp on my android and gnupgp on my pc combined with dropbox works for me...
sharkynolike said:
Maybe not answering your question exactly but you guys may want to check out Wuala. It works similar to dropbox (but has even more features) and securely encrypts your data before it leaves your machine (unlike dropbox). And of course, there is an android app.
Click to expand...
Click to collapse
Wuala seems to fit the bill and has a nice interface. Thanks
jayson269 said:
Hey thanks sharkynolike. I was looking for something like DropBox but due to their security model I was not impressed. DropBox can (if they need to. i.e. warrant, etc) access your files. Wuala encrypts before the file is sent. No one but you has the password.
Click to expand...
Click to collapse
This is exactly the reason I recently switched from Dropbox. So far, I am really enjoying Wuala as it does everything dropbox could, plus more. I also like the fact that you can gain additional free storage by trading local storage. Anyway, glad you found it useful.
Undelete
Welcome to the open beta of our newest root application - Undelete for Android, an application for root users that allows you
to recover deleted files on your SD card or internal storage.
Features:
- Fast scanning logic
- Restore any file that has not been written over
- Securely wipe/shred files
- Works with images, video, music, archives and binaries
Currently, only FAT is supported. On Tegra devices, only the external SD is supported.
We may write a special version supporting EXT4 if this app is successful.
Be warned: this is an early Beta build, provided "as is" with no support of any kind.
We take no responsibility for any issues that may arise from using the app. In some rare cases attempting to restore files may
corrupt the memory entirely (though we have not seen this problem, it is theoretically possible).
That said it has been in development for a while and well tested on the devices we have at the office - Incredible S, Nexus S,
Xoom, Transformer, Sensation, Galaxy S I/II, Galaxy Ace, Desire.
Market:
https://market.android.com/details?id=fahrbot.apps.undelete&feature=search_result
Screens:
You guys make nice apps!
Thanks. We are pretty awesome. And humble too
Really great idea! Looking forward to support for ext3 and ext4
For most people this will be enough. The only ones who will truly suffer will be those with no sd tablets like the galaxy tab family...
I myself build a variant of cm on ext4, but have no need to restore data from the internal memory.
Just took it for a spin and it found one file I deleted. It also showed an asec file. You might want to filter those out or have it for advanced users only.
I can see a need from some users to undelete from /data/app and /data/data. For example, an accidental app install. If you can tie the apk and deleted app data directory together, it would be even more convenient. I know some might have Titanium Backup but this would cover the cases where they don't or only have an older backup. Just an idea
Damn..I'm impressed. Keep up the good work.
One more question . Do you have plans to implement deeper recovery methods?
As mister morden told londo mollari - one thing at a time
Looking forward to it.
OK, you're going to hate me, but I have another suggestion . Since you opened a can of worms with file recovery some of your more paranoid users will want secure deletion (rewriting the file with junk data or 1s and 0s, etc) I think this would go pretty well in this app. So have a section for users to pick the file to be securely deleted and also give them an option to overwrite files that can be recovered.
doesn't seem to work for me,crashes every time I attempt to restore something
You'll have to be more specific. What file system are you using? What phone? Did you send logs?
Has anyone had problems? Lets get some feedback please!
No problems yet. I tried undeleting a few things and it has worked without a hitch.
ftgg99 said:
You'll have to be more specific. What file system are you using? What phone? Did you send logs?
Click to expand...
Click to collapse
incredible,cm7 rom with latest nightly and log was sent
I havent looked at the logs yet, have been avoiding work on my bday. However, there is no guarantee that a file can be recovered, sometimes the data is just corrupted.
If one file doesnt work, another will.
Any issues?
avgjoemomma said:
OK, you're going to hate me, but I have another suggestion . Since you opened a can of worms with file recovery some of your more paranoid users will want secure deletion (rewriting the file with junk data or 1s and 0s, etc) I think this would go pretty well in this app. So have a section for users to pick the file to be securely deleted and also give them an option to overwrite files that can be recovered.
Click to expand...
Click to collapse
There are already apps on the market that do this, look for SHRED, the typical name for this sort thing on PCs. I saw a few, although they all claim that due to journaling it will possibly not work.
Not sure what VFAT they're using, but the ones I know of don't journal So YMMV.
Indeed, deletion may not be right for this application...