Hey Folks,
I have a Motorola Droid X. I was running Encryption on it via the built in Android encryption option. I assume the key was derived from the pattern lock? I did not specify anything when I encrypted my phone, so I assume the Android device used eCryptFS to encrypt the files on my phone using a key derived from my pattern lock? Anyone have any information on how Android encrypts it's files and how it derives it's key when using the built in encryption options?
I read through this article \h\t\t\p\:\/\/\source.android.com/tech/encryption/android_crypto_implementation.\h\t\m\l (sorry about the fake tags, forums didn't want me spamming the place up) and can glean SOME information off of it.
The reason I ask these questions, and what my situation is, is as follows,
I had encrypted my device sometime ago. SD card and NAND. I wanted to reset my phone for freshness back to factory default (no root, etc etc). So I plugged 'er in and copied off my dcim folder directory. I noticed that the image/video files from the date of encryption were not accessible etc etc. (due to the encryption i'm sure.) So I turned off the encryption on the device, it rebooted itself and did it's thing. Great. I figured my files were decrypted at this point. I copy off the DCIM folder and reset the phone, wipe everything, etc etc. Well whatdya know? In my brilliance I forgot to check the DCIM folder I copied off the second time to make sure I could check out my images. Still couldn't, still encrypted? I assume as such.
I copy the DCIM folder to the formatted SD card, hoping that if I use the same pattern lock and enable encryption, my phone could then access those files. No go.
So as it stands, I have a bunch of encrypted files. I carved the MSD card sometime ago using test disk, just for grins, and it pulled a bunch of eCryptFS files out of it. That's why I assume eCryptFS.
At this point I am thinking, perhaps if I could figure out how Android derives the encryption key, and it's method of encryption. I could work some trickery decrypt those files. However through reading that link, I feel as if I have diminished hope. It would stand to reason that FS encryption would... encrypt the entire file system Obviously I could still see the directory structure so the fat tables and all that good stuff was still clear text, so I wonder if the files were individually encrypted file system wide?
I need to pull some more info, I did some light googling and searched over these forums and didn't see much that was of any value.
Any input is great! Thanks
Related
I'm looking for a reliable encryption application, preferably based on mountable file containers. I've just had a bad run-in with FreeOTFE with the encrypted file no longer mounting, and hence the data inside being lost. Thankfully I was only using test data to guard against exactly this occurance!
Anybody know of a reliable application for securing an entire folder? It's against theft of the entire device, so encrypting an SD card using the bundled app isn't a solution.
Thanks!
I've used Resco Explorer for years and it can encrypt all the contents of a folder at once, but it does not do as you've asked and encrypt the folder, in Resco's case you would be able to see the file names in the folder, but they would be encrypted. A single password can be used to encrypt a single folder.
Not much help, but I find it handy enough for me.
On a side note, I used to use the SD card encryption, but have stopped since my device locked up and had to be hard reset, I then lost all the SD card files which I intended to use as a backup incase I needed to wipe the device on the move, opps, great plan!!
I highly recommend visCrypt (http://www.sfr-software.de/cms/EN/pocketpc/viscrypt/index.html)! I'm very happy with it.
Thanks both!
I do like the look of VisCrypt, I'll check that out.
Thanks again!
DeathJester said:
I'm looking for a reliable encryption application, preferably based on mountable file containers. I've just had a bad run-in with FreeOTFE with the encrypted file no longer mounting, and hence the data inside being lost. Thankfully I was only using test data to guard against exactly this occurance!
Anybody know of a reliable application for securing an entire folder? It's against theft of the entire device, so encrypting an SD card using the bundled app isn't a solution.
Thanks!
Click to expand...
Click to collapse
Hi,
Maybe you can try Airscanner, http://www.airscanner.com/products/encrypter/
This is a very good program!!! I had used it for many years already, and does what you want!!!!
Okay what I want is a way to encrypt files on my SD Card transparently. For example, when I make a "Compressed Folder" in Astro File Manager called "b" it makes a file called "b.acd"
What I want is a way to encrypt file like that, where it makes a file on the SD Card but like b.acd, it's encrypted (I assume b.acd isn't because I am assuming anyone who has Astro can read it).
So I want the folder to act like any other folder on my phone (and in order to access it I have to unlock my phone, no one who doesn't know my unlock pattern can't use it) and if they take out the card and use a card reader all they see is a file that they cannot open.
I guess whatever app does this will ask me for a key when I install it so then the app will encrypt and decrypt the data as I am using it.
I have searched the market for encryption software, but with the apps I found I had to manually encrypt and decrypt the files myself unlike how Astro uses ACD archives...
Possibly maybe there could be a program I can run on my PC to access the encrypted files when I provide it with the key...
I have a similar requirement
What I did was make a disk image and call it pagefile.sys
Then I mount the image to a folder when I want access
If you use an ext filesystem on the image when you plug it into windows all you see is a 1gig file called pagefile.sys and can't access it.
It is not very secure, but hidden well enough so someone can't stumpble upon it. Unless they are a bit computer savvy.
So it depends what your hiding and who your hiding it from.
Where did you put the file, on your card? How did you mount it to a folder? I want something a little more secure. Should the phone get stolen or something, even if the crackhead that steals it doesn't know how to access the files, they might find someone who can...
Yep. The file can go anywhere on the SD and be called anything.
it is mounted with a terminal emulator to any folder in the same way you would in Linux.
the command would be
# mount -o loop -w -t ext2 filename foldername
If you want something more secure I would look elsewhere.
Truecrypt is excellent. But you won't be able to access your files on your phone. Truecrypt for android would be the nuts if someone wants to port it. It is open source.
Oh so you can get a termnal emulator? Where did you get yours from, the market?
Yep. Connectbot is the best.
It says ConnectBot is an SSH client, so do you have to connect to localhost or something?
That's right. You get 3 options in connectbot.
Telnet
SSH
Local.
You can set a shortcut to local on your homescreen if you like.
Anyways, does anyone here know how to actually encrypt the files?
I found a program on the Market that lets you store text and pictures (in the paid version) and acesss them directly without encrypting and decrypting them. But it would be nice if there was a free app that let you store files like normal...
APG is what you want if you want security.
An android port of GPG, which is basically NSA quality encryption depending on how you set your keys.
Create your filesystem as mentioned above, and then encrypt it using APG. Delete the original. Now you have an encrypted filesystem. When you want to access, decrypt, mount, make changes, unmount, reencrypt, delete original.
A pain in the butt, but you won't be able to be more secure.
Would you have to repeat those steps everytime you change the filesystem?
I don't know whether to ask it here or not.
Want to know that is there any way of hiding the apps and folder other then putting period(.) before file name or folder
I want to do it parametrically I just want to know the way or anyidea about it other then above one
I am working on app which is password protected and have to take care that hidden files once hidden that are even not visible to root users without that application.
So it here any way of doing this in external memory card.
Please provide me with solution or coding reference if you have.
Note that I am not asking for any android application that available in android market
Click to expand...
Click to collapse
dykhatri said:
I don't know whether to ask it here or not.
Want to know that is there any way of hiding the apps and folder other then putting period(.) before file name or folder
I want to do it parametrically I just want to know the way or anyidea about it other then above one
I am working on app which is password protected and have to take care that hidden files once hidden that are even not visible to root users without that application.
So it here any way of doing this in external memory card.
Please provide me with solution or coding reference if you have.
Click to expand...
Click to collapse
When we speak about media files:
an empty < no media > file, in a folder,
ussualy solves the problem of visibility, for other-media focused-on board apps,
I presume is not what you have in mind,
The ussual way-the apps are protecting their data-in windows for example,
is to create their own file format, like: .cpt, .dat, etc...
Files on an external sdcard are recognised by the strings to them,
and thus known to the index...
but when you remove those strings,
you ussualy destroy also the files structure
although he files themselves still do exist...
In my humble opinion, only the separate,encrypted partition on an sdcard,
along with internal file format, may provide
efficient level of security that you seek for your app...
There surely always will be an app, able to see hidden contents,
especially on removable media,
but to be able to see it- is one thing,
and the ability to read its contents- is a completely different story...
asgardr said:
When we speak about media files:
an empty < no media > file, in a folder,
ussualy solves the problem of visibility, for other-media focused-on board apps,
I presume is not what you have in mind,
The ussual way-the apps are protecting their data-in windows for example,
is to create their own file format, like: .cpt, .dat, etc...
Files on an external sdcard are recognised by the strings to them,
and thus known to the index...
but when you remove those strings,
you ussualy destroy also the files structure
although he files themselves still do exist...
In my humble opinion, only the separate,encrypted partition on an sdcard,
along with internal file format, may provide
efficient level of security that you seek for your app...
There surely always will be an app, able to see hidden contents,
especially on removable media,
but to be able to see it- is one thing,
and the ability to read its contents- is a completely different story...
Click to expand...
Click to collapse
What you have said makes seance to me sir but I forgot to mention here that I am only taking about android mobile OS specially. I am making application specially for android mobiles.I am not concern about another whether i can be display in PC or not that is not my concern.
can you have any idea for that
dykhatri said:
What you have said makes seance to me sir but I forgot to mention here that I am only taking about android mobile OS specially. I am making application specially for android mobiles.I am not concern about another whether i can be display in PC or not that is not my concern.
can you have any idea for that
Click to expand...
Click to collapse
1.there is always a possibility that something hidden locally- on board of your device-
could be found through a computer connection,
so if you wanted app sensitive data to be secure, this aspect should also be taken into consideration...
2. windows is just an example:
some dependancies are similar throughout many other systems- just because they work as expected...
An internal file format and file encription is to be found in some of the android apps as well
Hi all,
I have a quite special issue. I hope someone here can help me or point me into the right direction.
Huawei P9 with Android 6.0, rooted.
For my purposes (*) I use a MicroSD card with 128MB capacity that contains a lot of small files (abt. 1.5 million files).
I wondered for weeks, why the phone becomes incredibly slow and hangs from time to time.
I learned that the Media Storage service could be responsible, because it tries to index all files and that can take a very long time if there are lots of files.
I deactivated Media Storage (using Titanium Backup) and BINGO! My phone is like new. Snappy, well usable.
Since I don't need MTP access to the phone, I thought it might be good now.
HOWEVER:
I just found out that ring tones don't work anymore, neither for phone ringing, nor for the alarm clock etc.
It seems that those apps also rely on the file index, that's gone now.
Without any ring or alarm tone, the phone is almost unusable again.
Do you know of any way to make the MTP / Mediastorage server ignore one directory when indexing? That would help, as I could simply let it ignore the directory on SD card that contains those 1.5 million files.
Or can you think of any other good solution for my problem?
Thank you so much!
Daniel
(*) to explain my usecase, why I need so many files on SD: I am a photographer, doing gigapixel panorama photography. For presenting my work to customers, I put my demo panoramic tours onto the SD card. These are HTML files with a data directory containing JPG tiles of the gigapixel panoramas. One panorama image consist of up to a few 100.000 files. A webserver running on the phone makes the panorama tours accessible to onboard browsers or, via WiFi hotspot, to other devices in the surrounding, e.g. a PC or tablet of the customer.
I considered solutions like an external storage (USB OTG) connected to the phone only when I present that stuff to the customer, or an entirely separate device (Pandora / Dragonbox Pyra or so) to host and serve the panorama tours, but I like to carry only one device, the small smart phone, to do it all. An extenal OSB OTG storage solution would almost fit my needs. But.. only almost, because a small storage is something that can get lost or stolen easily and that needs additional handling and provides additional points of failure, which I don't want to have in front of the customer.
Android is capable of doing it all, and my philosophy is, that a computer needs to adapt to my way of work than vice versa. This was the intention when Neumann and Zuse invented programmable computers. And I don't really want to eat humble pie here.
daniel908 said:
Hi all,
I have a quite special issue. I hope someone here can help me or point me into the right direction.
Huawei P9 with Android 6.0, rooted.
For my purposes (*) I use a MicroSD card with 128MB capacity that contains a lot of small files (abt. 1.5 million files).
I wondered for weeks, why the phone becomes incredibly slow and hangs from time to time.
I learned that the Media Storage service could be responsible, because it tries to index all files and that can take a very long time if there are lots of files.
I deactivated Media Storage (using Titanium Backup) and BINGO! My phone is like new. Snappy, well usable.
Since I don't need MTP access to the phone, I thought it might be good now.
HOWEVER:
I just found out that ring tones don't work anymore, neither for phone ringing, nor for the alarm clock etc.
It seems that those apps also rely on the file index, that's gone now.
Without any ring or alarm tone, the phone is almost unusable again.
Do you know of any way to make the MTP / Mediastorage server ignore one directory when indexing? That would help, as I could simply let it ignore the directory on SD card that contains those 1.5 million files.
Or can you think of any other good solution for my problem?
Thank you so much!
Daniel
(*) to explain my usecase, why I need so many files on SD: I am a photographer, doing gigapixel panorama photography. For presenting my work to customers, I put my demo panoramic tours onto the SD card. These are HTML files with a data directory containing JPG tiles of the gigapixel panoramas. One panorama image consist of up to a few 100.000 files. A webserver running on the phone makes the panorama tours accessible to onboard browsers or, via WiFi hotspot, to other devices in the surrounding, e.g. a PC or tablet of the customer.
I considered solutions like an external storage (USB OTG) connected to the phone only when I present that stuff to the customer, or an entirely separate device (Pandora / Dragonbox Pyra or so) to host and serve the panorama tours, but I like to carry only one device, the small smart phone, to do it all. An extenal OSB OTG storage solution would almost fit my needs. But.. only almost, because a small storage is something that can get lost or stolen easily and that needs additional handling and provides additional points of failure, which I don't want to have in front of the customer.
Android is capable of doing it all, and my philosophy is, that a computer needs to adapt to my way of work than vice versa. This was the intention when Neumann and Zuse invented programmable computers. And I don't really want to eat humble pie here.
Click to expand...
Click to collapse
There's an Xposed module that can do exactly what you're asking. But I'm not sure how nicely the xposed framework will work with your Huawei device (assuming you're still stock). You can check it out if you feel its worth any hassle that might be involved. Here's the link to the forum and a screenshot of the app's description & capabilities
https://forum.xda-developers.com/xposed/modules/xposed-xposed-media-scanner-optimizer-t2942609
GREAT! THANKS!
I didn't know that an XPosed module existed that could solve that problem.
An attempt to install XPosed a few months ago has failed.
But I retried today with the Wanam build (official one failed back then) and it worked well. Downloaded this module now and will see how it works.
Thank you so much!
Quick question:
The manual for the Media Scanner Optimizer module says
"Directories: If checked the media scanner will only scan directories that have a .scanMedia file (i.e. an empty file with a dot as first part of the name similar to the .noMedia file). Use a file explorer app to create this file. This file can be placed in a directory that may contain subdirectories. The subdirectories will be scanned as well. If unchecked all directories will be scanned (except for the ones containing a .noMedia file - this default behavior of the media scanner is not altered by the Xposed Media Scanner Optimizer)."
(source: http://repo.xposed.info/module/com.thomashofmann.xposed.mediascanneroptimizer)
Does that mean, in my case I coud simply have placed a .noMedia file in the directory with the millions of files and my problem would have been solved, even without XPosed?
Somewhere I read that the media storage service does NOT care about the .noMedia files, so I refused experimenting with this quite early in my research phase.
Do you have experiences, if this really works or not?
daniel908 said:
Quick question:
The manual for the Media Scanner Optimizer module says
"Directories: If checked the media scanner will only scan directories that have a .scanMedia file (i.e. an empty file with a dot as first part of the name similar to the .noMedia file). Use a file explorer app to create this file. This file can be placed in a directory that may contain subdirectories. The subdirectories will be scanned as well. If unchecked all directories will be scanned (except for the ones containing a .noMedia file - this default behavior of the media scanner is not altered by the Xposed Media Scanner Optimizer)."
(source: http://repo.xposed.info/module/com.thomashofmann.xposed.mediascanneroptimizer)
Does that mean, in my case I coud simply have placed a .noMedia file in the directory with the millions of files and my problem would have been solved, even without XPosed?
Somewhere I read that the media storage service does NOT care about the .noMedia files, so I refused experimenting with this quite early in my research phase.
Do you have experiences, if this really works or not?
Click to expand...
Click to collapse
I initially thought about the .nomedia alternative. But I wasn't clear on if the 1.5 million files you have were actually media files. If they are then creating a .nomedia file should do the trick. If not, then you have the Xposed module
I personally have a few .nomedia files here and there on my SD card. And it does what its supposed to, ie; stops any media file that's present in those folders from showing up in the Gallery/music player.
So I guess its safe to assume that they weren't indexed either
Freewander10 said:
I initially thought about the .nomedia alternative. But I wasn't clear on if the 1.5 million files you have were actually media files. If they are then creating a .nomedia file should do the trick. If not, then you have the Xposed module
I personally have a few .nomedia files here and there on my SD card. And it does what its supposed to, ie; stops any media file that's present in those folders from showing up in the Gallery/music player.
So I guess its safe to assume that they weren't indexed either
Click to expand...
Click to collapse
I thought the .nomedia trick would only work, if the Xposed module was there?
Or does it work by default, even on a non-rooted stock ROM?
Thise mana files that I have are almost all JPG files. There are a few .js and .xml files, too, that control how the .jpgs are rendered on the client's browser, also some video files that are embedded into the virtual tours, but about 99.5% of the files are .jpg.
daniel908 said:
I thought the .nomedia trick would only work, if the Xposed module was there?
Or does it work by default, even on a non-rooted stock ROM?
Thise mana files that I have are almost all JPG files. There are a few .js and .xml files, too, that control how the .jpgs are rendered on the client's browser, also some video files that are embedded into the virtual tours, but about 99.5% of the files are .jpg.
Click to expand...
Click to collapse
It doesn't matter what type of files you have. If the folder has a .nomedia file, it will not be scanned for anything.
This is standard android behavior, and does not require xposed to be installed.
Hello, everyone,
Unfortunately, something "bad" happened to us two days ago.
My wife still has an "old" Samsung Galaxy S7 without root and with the actual standard rom.
Instead of copying the pictures and videos (the first 6 months of our child's life), we moved the data.
Now we have JPEG and movie files on the PC, but they show as 9 GB each (but they only occupy a 4kb block on the disk) - With the HEX editor I could see that except a block of 4KB it contains only 0-byte "info".
Unfortunately a recovery with tools like "Recuva" does not work, because the device is not recognized as a mass storage device (even in USB debug mode).
Other free tools which supposedly recover files on the device without root have not found any data.
Do you have an idea how we can recover the photos and videos?
We switched off the mobile phone for safety reasons, so that nothing is "overwritten" by mistake. Or a TRIM-mechanism for damage to the possibly still existing data fragments so called
My root experience with Android unfortunately dates back to the "KitKat" age and at that time, as far as I remember, the data had to be wiped after the root process.
In general, we are have no Problem, if there is no other possibility to root the device to try out local data recovery tools?
Do you have any ideas how we can somehow recover the really emotionally important data?
Thank you very much for your help!
AgentFrost said:
Hello, everyone,
Unfortunately, something "bad" happened to us two days ago.
My wife still has an "old" Samsung Galaxy S7 without root and with the actual standard rom.
Instead of copying the pictures and videos (the first 6 months of our child's life), we moved the data.
Now we have JPEG and movie files on the PC, but they show as 9 GB each (but they only occupy a 4kb block on the disk) - With the HEX editor I could see that except a block of 4KB it contains only 0-byte "info".
Unfortunately a recovery with tools like "Recuva" does not work, because the device is not recognized as a mass storage device (even in USB debug mode).
Other free tools which supposedly recover files on the device without root have not found any data.
Do you have an idea how we can recover the photos and videos?
We switched off the mobile phone for safety reasons, so that nothing is "overwritten" by mistake. Or a TRIM-mechanism for damage to the possibly still existing data fragments so called
My root experience with Android unfortunately dates back to the "KitKat" age and at that time, as far as I remember, the data had to be wiped after the root process.
In general, we are have no Problem, if there is no other possibility to root the device to try out local data recovery tools?
Do you have any ideas how we can somehow recover the really emotionally important data?
Thank you very much for your help!
Click to expand...
Click to collapse
Can you still access the photos on the phone?
cooltt said:
Can you still access the photos on the phone?
Click to expand...
Click to collapse
I'm afraid not.
We have transferred the photos with "move" instead of "copy".
From the perspective of the phone, the files were successfully transferred, even if they arrived corrupted on the Windows system.
AgentFrost said:
I'm afraid not.
We have transferred the photos with "move" instead of "copy".
From the perspective of the phone, the files were successfully transferred, even if they arrived corrupted on the Windows system.
Click to expand...
Click to collapse
Well all that would have been moved is a folder with all the files in. Windows should be able to open jpegs and videos easily. You possibly didn't move the correct folder.
Download Samsung USB drivers for your pc and install them.
Connect phone, wait for Windows to show in folder panel then choose allow data transfer on the phone itself.
You can then explore the various folders on the phone.
Vidoes and pictures are stored in the DCIM folder on the phone or SD card. Sometimes in folder called "Pictures".
It's highly unlikely you've lost those files if all you did was move the folder.
Even move the folder on the pc back to the phone where it came from?
cooltt said:
Well all that would have been moved is a folder with all the files in. Windows should be able to open jpegs and videos easily. You possibly didn't move the correct folder.
Download Samsung USB drivers for your pc and install them.
Connect phone, wait for Windows to show in folder panel then choose allow data transfer on the phone itself.
You can then explore the various folders on the phone.
Vidoes and pictures are stored in the DCIM folder on the phone or SD card. Sometimes in folder called "Pictures".
It's highly unlikely you've lost those files if all you did was move the folder.
Even move the folder on the pc back to the phone where it came from?
Click to expand...
Click to collapse
The photos have been transferred from the DCIM folder to a Windows PC.
However, there seem to have been problems during the transfer, as the files in Windows are each over 9GB in size (over 5TB of photos and videos in total) - this can't be right, of course. In the file properties of Windows it is shown that the 9GB file only takes up 4KB of space on the hard disk. Even when i inspect one of those files with an HEX-Viewer i can see, that there is only a 4KB -Data Block at the End of the .jpeg file with no content.
As I said, it looks like the files were somehow badly damaged during transfer. And the phone thinks that the files have been moved successfully and accordingly the files are no longer findable in the Android file system or, as usual when moving, deleted from the source.
Since Windows believes that a file alone is 9GB, we are not able to transfer the file back to the device.
Is there any way to restore the files on the Android device?
AgentFrost said:
The photos have been transferred from the DCIM folder to a Windows PC.
Is there any way to restore the files on the Android device?
Click to expand...
Click to collapse
Only if you set it to back up with the Google account which stores a copy of all photos video and files.
cooltt said:
Only if you set it to back up with the Google account which stores a copy of all photos video and files.
Click to expand...
Click to collapse
Sadly no Cloud Backup of the files.
That's why we already tried to recover the files with Recuva (which doesn't work because of the missing USB mass storage mode) and other tools.
In the meantime I have also read that a recovery of data on the mobile phone only works with root access.