Confirmed users
502
edits
B2G/Architecture/System Security: Difference between revisions
Jump to navigation
Jump to search
B2G/Architecture/System Security (view source)
Revision as of 19:55, 1 November 2012
, 1 November 2012→Proposed Implementation: additional information for split encryption/unlock codes
Gdestuynder (talk | contribs) |
Gdestuynder (talk | contribs) (→Proposed Implementation: additional information for split encryption/unlock codes) |
||
| Line 210: | Line 210: | ||
** Devices are installed with the bootloader locked by default | ** Devices are installed with the bootloader locked by default | ||
* A user interface must be present to set the encryption password | * A user interface must be present to set the encryption password | ||
* | * Allow a weaker screen lock password: | ||
** Unlocking the phone screen can | ** Problem solved | ||
*** Unlocking the phone screen is done several times a day, sometimes several times within a few minutes, thus users very rarely use a strong phone unlocking mechanism (generally, a 4 to 8 number PIN code) | |||
*** User is not tempted to use a weak PIN to decrypt the phone, since decryption only occurs during phone startup (key is kept in memory afterwards) | |||
** Additional risks | |||
*** Weaker screen unlock mechanism (such as a PIN), can lead to access to the encrypted data | |||
** Rationale | |||
*** It is currently harder to crack a PIN on a running device (no brute force input available) | |||
*** Shutting the phone down ensures a better level of security assurance since the encryption is using a strong password | |||
*** Using a PIN for encryption generally renders the encryption useless as those can be cracked in seconds (see for example https://viaforensics.com/viaextract/viaextract-includes-android-encryption-cracking.html ) | |||
== Address Space Layout Randomization (ASLR) == | == Address Space Layout Randomization (ASLR) == | ||