It seems there is a security flaw when copying files from encrypted internal storage to encrypted sd card with third party tools.
I have installed a micro sd card and enabled encryption on external sd card. After every boot I get a notification that external sd is encrypted. If I put the sd card in a card reader on my pc, I can see the directory structue and file names on the sd, but I cannot see the contents of the file, because they are encrypted. So far this is expected behaviour.
Now the unexpected part: sd card is installed in phone (no pc involved). I copied files with solid explorer from internal storage to encrypted sd card (side note: i noticed solid explorer cannot access the copied files). I reboot my phone and suddenly it says "encrypting files on sd-card" and a percentage counter went up while the newly copied files get encrypted? Huh !? Second test: I copied files with solid explorer from internal storage to encrypted sd card and shut down the phone, put the sd card in a card reader on an pc and - guess what - the copied files are unencrypted. They get encrypted after next boot in the phone. This behaviour does not occur, if I copy the files with samsungs integrated file explorer. Files copied to the enrypted sd card over mtp connection are encrypted immediately.
I have experienced something similar. I wanted to create a directory on encrypted SD card in ES File Manager. It displayed the message like "...will be created asynchronously" and zero length file was created instead. After reboot and encryption the actual directory was created.
It seems that third party file explorers like solid explorer or ES file manager can access those files/folders (created by themselves on encrypted sd card) only after the files/folders got encrypted after reboot. The flaw I see here is not only that files unexpectedly remain unenrypted on sd card, but also that files are written unencrypted at all and only get encrypted later. There may remain unencrypted parts of sensitive data that someone might be able to recover from sd card (with a data revocery tool).
Sounds like those developers need to update their apps to support Marshmallow's encryption. In the meantime, if you've got sensitive files to copy, use the built-in app.
It seems, that there is some scheduler running encryption over the night. I created a folder on SD card as usually - no folder, only empty file was created initially - and next day there was a folder; without need of reboot.
pato said:
It seems, that there is some scheduler running encryption over the night. I created a folder on SD card as usually - no folder, only empty file was created initially - and next day there was a folder; without need of reboot.
Click to expand...
Click to collapse
I tried the same yesterday. I copied a file from internal storage to encrypted sd card with solid explorer and the file is stored unencrypted with 0 byte length. 24 hours later it still remains unencrypted with 0 byte length. Maybe there is something else that triggers the encrpytion (except reboot), but not sure what it is.
EDIT: 48 hours after copying the file it finally got encrypted.
delete
Related
I've only had this phone a few days, so my brief search may have missed this:
I am unable to move/copy/delete files on my external card (/mnt/sdcard/external_sd). The default "My Files" app allowed me to move a couple of files, but not others. But my favorites, "ES File Explorer" and "Root Explorer" seem completely unable to do anything but read files. How can this be?
If it matters, I'm rooted.
It u are cutting and pasting or moving files files to and from external to internal, mine doesn't work either. Move within the same or copying files however seems to work.
Can u delete?
I can delete some small files. But copy/paste from within external just fragged an entire folder...
Okay, here's a guess - I used this card on my Atrix that just died, which ran CM7 with ext4 formatting kernels. Should I just reformat the whole thing?
do a low level format. Use a micro sd - sd adapter and then use this free program:
http://hddguru.com/software/HDD-LLF-Low-Level-Format-Tool/
afterwards you will have to again format it to fat32 in Windows.
It does sound like the sd card is corrupt
Google blocks the Write ability for third party apps on Android 4.4 KitKat update for uncertain reason. File managers can’t access to SD card at all and lost the ability to manage external storage completely.
However people always find a way to solve problem, although the solution may not be super perfectly.
I recently update File Expert and find it restored the ability to manage external SD card.
Download app from Google Play and open to start. I notice my external SD Card is shown under Folder Tab.External SD Card is accessible and writable again in File Expert. Click to enter, choose a file and try all basic file operations, create, copy, cut, paste, rename, delete, edit and zip file within external SD card. File Expert completes all without any error.
You can even explore more available actions for External SD Card in File Expert. Like trying move a file from internal storage to SD card, sharing files on external sdcard with FTP, Web PC Suite it will be done perfectly, without any error.
What file manager do you use right now? Or is there any file manager can do more?
My work requires encryption of the SD Card. After doing a factory reset, Android reports unable to mount SD card and to format.
Using twrp, i can view the file structure when i mount the sd. I cannot view the data partition because the device is encrypted.
Using my PC, i can view the file structure, but when i try to open a pic or zip file, it says the file is unreadable/corrupt. I would think that it if were truly encrypted, i would be able to view the file structure.
I can even take a nand backup and save it to the SD card, so i know twrp can read/write
I plan to format the card, but since i can see the files in twrp, i just want to make sure i am not missing something. Or, get an OTG cable and see if i can copy files off SD Card to a thumb drive...
Hi all
Samsung S7, standard rom, encrypted SD card (Samsung 128 EVO)
My 128GB SD card held a huge amount of photos amongst other things. One day, the card stopped mounting (and I therefore couldn't decrypt the files). Taking the card out and putting it in a card reader connected to the phone, it would mount but didn't give me the option to decrypt the files. I copied all the encrypted files to my laptop, and formatted the card. A different volume name was generated. I copied all of the files back to the card, but the data couldn't be read. I imagine a new key was generated when I re-formatted the card.
Data recovery tools can see the files, but they remain encrypted.
Renaming the volume label to the original name and trying again didn't work either.
I have not changed my pattern code, not done a factory reset, and have not updated the OS since.
How do I go about recovering the encrypted data. I have all the files, but no way to decrypt them using the phone. Is there any way to restore the files?
You can try this
I am very hesitant to overwrite back all the encrypted files to the SD card so as not to write over the old files (which I can see in a data recovery tool, although they are encrypted)
So, I will try the following.:
1. I will connect an old SSD and format it as external storage and encrypt it using the method you linked.
2. I will copy the 80GB of encrypted data backed up on my PC onto the SSD (probably using wifi)
3. I will then try decrypting the external SSD drive using my phone and see whether I can read the files
4. I will report back
Ideally, I would like the volume to have the same volume name as the original SD card volume. I wonder if this plays a part in the encryption/decryption process
If any other suggestions are forthcoming, I'll take them too!
My SD card is set as adoptable storage, but it has gotten corrupted. It happened when I was copying files from my phone to PC via USB (ironically I was doing this to backup my files from my phone). Somewhere during copying, the phone virtually disconnected from the PC, and on my phone it said that it couldn't read my SD card.
Couple of things to note:
I'm using Lineage OS.
The SD card isn't encrypted.
When connecting the SD card directly to my PC, the SD card shows as two drives, D: and E:, with D: being accessible showing an almost empty drive of 29,4 GB (which is the full logical capacity of this drive), and E: inaccessible, requiring a reformat (no idea what E: is). On D: the folders that I can see are .android_secure, Android (with the sub folders data and media) and LOST.DIR. All folders are empty.
This SD card should be filled with data almost up to max capacity.
I haven't changed a thing to the corrupted SD card. I did not reformat, used CHKDSK or w/e. The only things that I have done is attempting to make raw copies with HDD Raw Copy Tool and R-Studio.
I've read here and there that it is (almost?) impossible to logically fix a corrupted adoptable storage SD card in that I could just pop it back into my phone to resume where I exactly left off. So I'm looking to recover as much data from the SD card as possible. I'm most concerned about recovering my Whatsapp folder (I haven't got a complete GDrive backup of this), but I'd prefer to recover everything else as well.
What must I do?