Hi,
a rather short search (i have to admit) here and in google didn't give me some usefull information about it. Anyone can give me a source for detailed infos about encyption method, algorithm, etc.? Basically I'm interessted if this is really trustworthy or just some proprietary encryption with backdors and everything.
ICS Encryption method for System and SD-Card
Hi
you can't encrypt the sdcard at the moment, because ics doesn't support that.
for the new encryption feature in ics it encrypts your /data partion with dmcrypt-luks essiv:cbc:128 this is the same encryption which is used in all minor linux distrubition for FDE. so i think it's trust worthy. On Linux the difference is that they use as default essiv:cbc:256 so on ICS the encryption isn't that hard, but i think it is still enough. And any why at this encryption the weakest point is you password!
more about dmcrypt und luks can be find in the internet. wikipedia linuxes..
if you wan't encrypted data on a sd card you can install LuksManager and create a container it uses the same technic and creates a encrypted container..
Hey folks,
I am thinking of improving security of my HOS and thought of encrypting it. I do know of the encryption feature provided by android but this seems to only encrypt the "internal" storage, namely the /data partition. I'd like to encrypt the sdcard as well but did not find a solution yet.
I had a few ideas on how to achieve this of which one was to use Cryptonite for encryption. This app uses EncFS to encrypt directorys on the fly by mounting the encrypted dir into another dir. I thought it could be used to encrypt the whole sdcard, mount this encrypted content to another dir and tell android to uses this new dir (the encrypted fs mount point) as sdcard (maybe with a symlink). I think I know much about android and linux but at this point I am stuck.
Does anybody have an idea about solving my problem?
Thanks
Max
Hi everyone,
i hope someone can help me with my Question.
Is the Mate9 encrypted by default?
Unfortunately there is no Option to encrypt the Phone manually.
Which enryption Type will be used? File Based or Full?
Will SD-Cards encrypted by default?
Is there any way to check this?
Update:
The Mate 9 is NOT encrypted.
This will be available in the future.
Pretty sad
Mate 9 is loaded with Android 7.0 Nougat which uses File-based Encryption by default rather than Full-Disk Encryption.
http://www.howtogeek.com/269422/how...ats-direct-boot-for-less-annoying-encryption/
For SD card, I don't know because I don't use SD card on my device.
no sorry, i called the Huawei Support Hotline, the Mate internal storage is not encrypted.
Only the SD Card can be encrypted.
btw: in the developer section there isn´t the point "convert to file encryption"
xacidx said:
Mate 9 is loaded with Android 7.0 Nougat which uses File-based Encryption by default rather than Full-Disk Encryption.
http://www.howtogeek.com/269422/how...ats-direct-boot-for-less-annoying-encryption/
For SD card, I don't know because I don't use SD card on my device.
Click to expand...
Click to collapse
I recall seeing in settings a way to encrypt SD and/or some kind of passcode protect for it.
Sent from my Huawei Mate 9 using XDA Labs
Internal storage is not encrypted by default? That's kinda surprising and disappointing considering how much Huawei was talking about security in their last few events. The file-based encryption should have a negligible performance impact.
Try : settings - fingerprint ID - fingerprint administration - security access - Enable - internal memory / Sd card
Yo can enable encryption there
Enviado desde mi MHA-L29
i think this is not real encryption, this is only a "passcode / fingerprint" safe
https://source.android.com/security/encryption/
Is there any way to check the Filesystem (encrypted or not)?
https://forum.xda-developers.com/mate-9/help/decrypt-internal-storage-t3530224
Someone has trouble seeing files via TWRP.. not sure.. maybe it has internal encryption afterall?
Confuuuzing
Not to get political here but you do know where the Mate series is made? The Chinese Government doesn't want device encryption - so it's not there. And even if it was, I wouldn't trust it.
i dont see this setting. may have to return the phone if i cant encrypt the whole device.
Nexus-Nerd said:
no sorry, i called the Huawei Support Hotline, the Mate internal storage is not encrypted.
Only the SD Card can be encrypted.
Click to expand...
Click to collapse
I can't say whether it is or isn't, but if I go to Settings, Memory & Storage, Default location, and try to switch the default from internal to SD card, I get a message saying my phone has been encrypted and to make sure the external storage is too before proceeding.
Everydevice which comes with nougat installed from huawei is encrypted with (filebased encryption) and every device which gets nougat update like honor 8 and p9 etc gets full diskencryption so the statement is false it's encrypted. The full disk encryption is one encryption step.
The filebased encryption is two way encryption. It uses default hard disk encryption and per app encryption so yes it's encrypted.
LastStandingDroid said:
Everydevice which comes with nougat installed from huawei is encrypted with (filebased encryption) and every device which gets nougat update like honor 8 and p9 etc gets full diskencryption so the statement is false it's encrypted. The full disk encryption is one encryption step.
The filebased encryption is two way encryption. It uses default hard disk encryption and per app encryption so yes it's encrypted.
Click to expand...
Click to collapse
I would like to add that we are talking about the encryption of the /data partition only.
Other parts of your internal memory (like /system) or the SD card are *not* encrpyted
Code:
> adb shell mount | grep cryp
/dev/block/bootdevice/by-name/userdata on /data type f2fs (rw,seclabel,nosuid,nodev,noatime,background_gc=on,discard,user_xattr,inline_xattr,acl,inline_data,extent_cache,[B]inline_encrypt[/B],active_logs=6)
File-based encryption should still be active on internal storage unless you have rooted.
st_voss said:
I would like to add that we are talking about the encryption of the /data partition only.
Other parts of your internal memory (like /system) or the SD card are *not* encrpyted
Code:
> adb shell mount | grep cryp
/dev/block/bootdevice/by-name/userdata on /data type f2fs (rw,seclabel,nosuid,nodev,noatime,background_gc=on,discard,user_xattr,inline_xattr,acl,inline_data,extent_cache,[B]inline_encrypt[/B],active_logs=6)
Click to expand...
Click to collapse
There's no needed for system to be encrypted as there's no sensual data that any vendor will release there. So yes only /data is encrypted
Would u see a reason why system would be encrypted?
Sent from my FRD-L09 using Tapatalk
---------- Post added at 10:00 PM ---------- Previous post was at 09:58 PM ----------
ResonanceZero said:
File-based encryption should still be active on internal storage unless you have rooted.
Click to expand...
Click to collapse
Well technically yes since on nougat it should encrypt all files on storage. Isn't it how it is? Because you still can get into internal storage but files are random names right?
Also I don't see why phone would encrypt your external sd because usually when setup you don't have any sd card inserted so why only /data partition is encrypted is how it should be since u have an option to encrypt external
Sent from my FRD-L09 using Tapatalk
Correct. And we know that this part is working because we see people trying to root struggling with it.
LastStandingDroid said:
There's no needed for system to be encrypted as there's no sensual data that any vendor will release there. So yes only /data is encrypted
Would u see a reason why system would be encrypted?
Sent from my FRD-L09 using Tapatalk
...
Click to expand...
Click to collapse
No, I don't see a reason for an encrypted system partition.
I wanted to make clear that when we talk about Android encryption only encryption of the data partition is meant.
So I was just supporting your point that the Mate 9 is indeed using encryption.
ResonanceZero said:
Correct. And we know that this part is working because we see people trying to root struggling with it.
Click to expand...
Click to collapse
I'm rooted and encrypted.
Everything but magisk.img and /data/magisk/ is encrypted in /data and it runs fine. I don't see why it doesn't encrypt other things when you reboot, but I guess files outside of /data/data, apps, etc are kept as they are since you're not supposed to install things straight to the root of /data anyway.
ante0 said:
I'm rooted and encrypted.
Everything but magisk.img and /data/magisk/ is encrypted in /data and it runs fine. I don't see why it doesn't encrypt other things when you reboot, but I guess files outside of /data/data, apps, etc are kept as they are since you're not supposed to install things straight to the root of /data anyway.
Click to expand...
Click to collapse
Huh. What method are you using? The last instructions I saw all pretty much started with TWRP, and the TWRP thread says that encryption isn't working.
st_voss said:
No, I don't see a reason for an encrypted system partition.
I wanted to make clear that when we talk about Android encryption only encryption of the data partition is meant.
So I was just supporting your point that the Mate 9 is indeed using encryption.
Click to expand...
Click to collapse
Ah i see, sometimes missreading help you to miss the point
Sent from my FRD-L09 using Tapatalk
---------- Post added at 06:56 AM ---------- Previous post was at 06:54 AM ----------
ante0 said:
I'm rooted and encrypted.
Everything but magisk.img and /data/magisk/ is encrypted in /data and it runs fine. I don't see why it doesn't encrypt other things when you reboot, but I guess files outside of /data/data, apps, etc are kept as they are since you're not supposed to install things straight to the root of /data anyway.
Click to expand...
Click to collapse
It should encrypt it if it doesn't there's something wrong. Because it should encrypt on each boot
Sent from my FRD-L09 using Tapatalk
I am a newbie at fone hacking.
I put a new Kingston 128G SD card in my Moto E40 phone. Android (v11) offered to help me by moving my pictures to the empty SD card and freeing up internal memory. Great.
Except then the SD card died - it is not visible (doesn't mount) in the phone or in my PC - I assume that it's fried ?
Can I retrieve my deleted photos from the internal memory of Android after it has deleted them ?
And, is there any way to resurrect the SD card ?
Please and thanks for any help... Ray
SilverCraftRay said:
...
Can I retrieve my deleted photos from the internal memory of Android after it has deleted them ?
...
Click to expand...
Click to collapse
If phone is succesfully got paired with PC ( read: ADB connection ), if phone's Android got successfully rooted, if phone's internal storage where photos are stored by default isn't got encrypted and isn't got overwritten by new data, then it's theoretically possible to retrieve the deleted photos.
If I use Magisk to get root access, the tutorial says that it will wipe my data.
How would I get my files back if the rooting process wipes my data ?
Can I root my phone without losing all it's data ?
Noone needs Magisk to root a phone's Android: that's a nurse fairy tale.
To root Android all you have to do is to create a copy of SU-binary in Android's filesystem and make it executable. After that you can run all Linux commands alike
mount and dd etc.pp. as ROOT.
Example - using ADB
Code:
adb devices
adb push <LOCATION-OF-SUITABLE-SU-BINARY-ON-PC-HERE> /data/local/tmp/
adb shell "cd /data/local/tmp & chmod 2776 su"
what will 1. connect the Android device to your desktop computer and 2. upload the su binary in the Android device temporary directory always available for the user.
Thanks. adb is very powerful.
Where can I find the suitable SU-binary for this phone? Is it in another system directory on the phone? Or in the internet based on my particular phone?
Once it is pushed, will my phone tools use it automatically? It seems that su is a manual command. Or will it be found automatically since it is in the /data/local/tmp directory ?
you can't root Android 5+ like that. the only nurse fairy tale is post #4 as discussed here.
even with root access it's impossible to recover deleted files from FBE file-based encryption (which is enforced on devices shipped Android 10+)
you can try to recover files from Kingston MicroSD Card with card reader on PC
https://www.z-a-recovery.com
Wrong
FBE ( what is significantly more insecure than FDE ) was introduced with Android 7 ( read: Nougat ) in August 2016.
Having elevated rights ( AKA SU ) you can dd a phone's internal memory via ADB to PC.
BTW: The FBE key of a file is stored directly in the ext4 file-system "dentry" of each file.
"For new devices running Android 10 and higher, file-based encryption is required."
(that means if device shipped on Android 9 it may receive update to Android 10 but is still running FDE btw)
while on FDE the DEK is ciphered with TEE static master key, FBE encryption keys are ciphered with random generated DEK in TEE keystore (which is flushed on factory reset). what you see in file metadata is KEK + DEK ciphered per-file-key (hash), where KEK is ciphered with lock screen credentials.
each files metadata is deleted when file is deleted, so the key is gone forever. as of the nature of encryption, file carving methods cannot understand what's left on disk and cannot restore any deleted files.
Now imagine, FBI forensics do a full dump of disk and find a method to magically restore each single byte of inode + dentry (for one single file), still they cannot decrypt that file without DEK.
FDE is encrypted with default_password without any lock screen pin at all (even if you set pin), which is common for most devices. that allows to bypass screen lock (impossible on FBE).
further the whole block partition is decrypted at once, so undeleting files (at least on ext4) is (in theory) possible.
if userdata and crypto-footer is dumped off the phone, that backup (on PC) will even survive factory reset, it can be restored afterwards and still it's possible to decrypt (online), as the static master key is burned to chip.
if one of the encryption methods is significantly more insecure then it's clearly FDE. to overcome this one should enable Secure Start-up.
btw modern devices (like OnePlus) combine both encryption methods FBE + FDE = metadata encryption (devices launched with Android 11+)
This intellectual outpouring is all well and good, but it completely misses the point: this thread is about data recovery from internal storage memory, OP was: "Can I retrieve my deleted photos from the internal memory of Android after it has deleted them ?". The answer is YES: retrieve and restore are different operations!
FYI: I know the difference between FBE and FDE, know how to lever out both locks.
the answer is NO. Moto E40 uses metadata encryption.
jwoegerbauer said:
FYI: I know the difference between FBE and FDE, know how to lever out both locks.
Click to expand...
Click to collapse
Obviously you don't.
I pay you 100 € if you show any proof. just rm a file and try to recover on FBE encrypted flash storage.
or explain in what way retrieving of deleted files differs from restore?
wait... so you're the same guy who don't understand how SUID bit works and still claim we can place "suitable" SU-binary in /data/local/tmp?
well we shouldn't expect any proof then lol