lainchan archive - /sec/ - 4569
[ Return /
Go to bottom ]
File: 1488844974751.png (55.35 KB, 300x215, lainphone.jpg)
with governments forcibly demanding your passwords and cloning your whole phone to crawl through later when you travel, what solutions exist other than simply wiping your whole phone and reimaging it later(or something that might not work like pretending you forgot the battery).
It simply is a bad idea to let them trawl through your entire email and chat histories as well as every account password and detail on whatever websites you were on. It's not a question of having something to hide it's being worried about them constructing evidence from out of context information to their own benefit.
Example case: http://www.dailyxtra.com/canada/news-and-ideas/news/us-customs-block-canadian-man-reading-scruff-profile-215531
I was thinking a hidden volume style setup might help here. for example, if i unlock my phone for them using one code, it could go to the volume without any vitals on it. The other would lead to my real phone OS. It would be nice to have this not only for this specific scenario but because i'd like to be able to make calls and do simple soykaf without "unlocking" every little ounce of security i have on the device so someone could grab it out of my hand and keep it unlocked to dig through emails or some soykaf. My understanding of hidden volumes is that the use of the outer volume will destroy the hidden volume's data, which is a major problem if they go into the outer volume and start rifling through everything installed.
A layered solution could also work where you have an obviously encrypted container inside the OS but severe usability problems emerge there as well as the reliance on their laziness, they could still ask what that big inaccessible file is.
Are there any existing phone OS/implementations i can read up on that compares to this level of security?
It simply is a bad idea to let them trawl through your entire email and chat histories as well as every account password and detail on whatever websites you were on. It's not a question of having something to hide it's being worried about them constructing evidence from out of context information to their own benefit.
Example case: http://www.dailyxtra.com/canada/news-and-ideas/news/us-customs-block-canadian-man-reading-scruff-profile-215531
I was thinking a hidden volume style setup might help here. for example, if i unlock my phone for them using one code, it could go to the volume without any vitals on it. The other would lead to my real phone OS. It would be nice to have this not only for this specific scenario but because i'd like to be able to make calls and do simple soykaf without "unlocking" every little ounce of security i have on the device so someone could grab it out of my hand and keep it unlocked to dig through emails or some soykaf. My understanding of hidden volumes is that the use of the outer volume will destroy the hidden volume's data, which is a major problem if they go into the outer volume and start rifling through everything installed.
A layered solution could also work where you have an obviously encrypted container inside the OS but severe usability problems emerge there as well as the reliance on their laziness, they could still ask what that big inaccessible file is.
Are there any existing phone OS/implementations i can read up on that compares to this level of security?
Personally, I wouldn't even bother with plausible-deniability methods a la Truecrypt and instead encrypt the whole phone and tell 'em to go fuarrrk themselves. I'm not kidding, this bullsoykaf is well past putting up with and they need to have resistance toward their tyrannical behavior.
>My understanding of hidden volumes is that the use of the outer volume will destroy the hidden volume's data
I don't believe this is actually the case. The hidden volume has its space within the outer volume reserved which is why this type of thing doesn't scale well with increasing volume size.
>Are there any existing phone OS/implementations i can read up on that compares to this level of security?
You'd be looking at custom ROMs for this since Android doesn't actually encrypt the whole phone like iOS does. Even then, I don't think this is really feasible for a phone considering those Truecrypt-style hidden volumes are meant to be small enough to not raise any eyebrows when an adversary inspects volume size on the device.
If you want to stick with Android-compatibility but want to go down the route of full-disk encryption, check out Copperhead OS[1]. I can't vouch for its quality, as I have an unsupported phone, but it does look to be a more viable alternative to Android or iOS.
[1] https://copperhead.co/android/docs/technical_overview
>My understanding of hidden volumes is that the use of the outer volume will destroy the hidden volume's data
I don't believe this is actually the case. The hidden volume has its space within the outer volume reserved which is why this type of thing doesn't scale well with increasing volume size.
>Are there any existing phone OS/implementations i can read up on that compares to this level of security?
You'd be looking at custom ROMs for this since Android doesn't actually encrypt the whole phone like iOS does. Even then, I don't think this is really feasible for a phone considering those Truecrypt-style hidden volumes are meant to be small enough to not raise any eyebrows when an adversary inspects volume size on the device.
If you want to stick with Android-compatibility but want to go down the route of full-disk encryption, check out Copperhead OS[1]. I can't vouch for its quality, as I have an unsupported phone, but it does look to be a more viable alternative to Android or iOS.
[1] https://copperhead.co/android/docs/technical_overview
>>4571
Telling them to go fuarrrk themselves is nice when they aren't detaining you at an airport until you unlock your phone which you yourself know doesn't have anything incriminating on it, so you cave.
The issue is that even then they can construct a case against you out of thin air to fill their quotas so its best to just avoid the situation entirely. Im more likely to store an encrypted phone image on a home server or even random upload site and re-image it afterwards than i am to risk being forced to unlock my soykaf at an airport, avoiding confrontation in those circumstances is good opsec but also a good life skill.
I've heard of copperhead OS but their phone selection is incredibly limited and for half the phones it seems like they expect payment, not exactly the champion of open source security i was hoping for. I also looked at paranoid android, they seem to have full disk encryption working but also don't support my phone. Next phone purchase i make will need to take the ROM choice into account too. Its already hard enough to find a phone that meets basic requirements like sd card and removable battery damnit.
Telling them to go fuarrrk themselves is nice when they aren't detaining you at an airport until you unlock your phone which you yourself know doesn't have anything incriminating on it, so you cave.
The issue is that even then they can construct a case against you out of thin air to fill their quotas so its best to just avoid the situation entirely. Im more likely to store an encrypted phone image on a home server or even random upload site and re-image it afterwards than i am to risk being forced to unlock my soykaf at an airport, avoiding confrontation in those circumstances is good opsec but also a good life skill.
I've heard of copperhead OS but their phone selection is incredibly limited and for half the phones it seems like they expect payment, not exactly the champion of open source security i was hoping for. I also looked at paranoid android, they seem to have full disk encryption working but also don't support my phone. Next phone purchase i make will need to take the ROM choice into account too. Its already hard enough to find a phone that meets basic requirements like sd card and removable battery damnit.
>>4572
>Telling them to go fuarrrk themselves is nice when they aren't detaining you at an airport until you unlock your phone which you yourself know doesn't have anything incriminating on it, so you cave.
They can't keep you detained forever, so unless you're pressed for time and NEED to be somewhere within the next couple of days then think of it as a mini-vacation. It wouldn't be the worst thing you've ever experienced, I guarantee that.
>avoiding confrontation in those circumstances is good opsec but also a good life skill.
Why care about that anymore? As long as you have secure setups on your devices they can't do much to some random glitterboy who tells them to shove it. We have to resist somehow and it can't be in the shadows completely.
>Next phone purchase i make will need to take the ROM choice into account too. Its already hard enough to find a phone that meets basic requirements like sd card and removable battery damnit.
That's the sad state of cell phones today. Personally, I'm so cavalier about the whole thing because I'm fed up with this soykaf and I barely use my phone as a computer anyway. Everything worth seeing is on my laptop/desktop, which are encrypted.
>Telling them to go fuarrrk themselves is nice when they aren't detaining you at an airport until you unlock your phone which you yourself know doesn't have anything incriminating on it, so you cave.
They can't keep you detained forever, so unless you're pressed for time and NEED to be somewhere within the next couple of days then think of it as a mini-vacation. It wouldn't be the worst thing you've ever experienced, I guarantee that.
>avoiding confrontation in those circumstances is good opsec but also a good life skill.
Why care about that anymore? As long as you have secure setups on your devices they can't do much to some random glitterboy who tells them to shove it. We have to resist somehow and it can't be in the shadows completely.
>Next phone purchase i make will need to take the ROM choice into account too. Its already hard enough to find a phone that meets basic requirements like sd card and removable battery damnit.
That's the sad state of cell phones today. Personally, I'm so cavalier about the whole thing because I'm fed up with this soykaf and I barely use my phone as a computer anyway. Everything worth seeing is on my laptop/desktop, which are encrypted.