Encryption on your phone
-
Executioner
- Life Member
- Posts: 10140
- Joined: Wed Nov 22, 2000 11:34 am
- Location: Woodland, CA USA
Encryption on your phone
I have a Samsung S5 personal phone, and for work I have a Samsung S7. The phone for work, the S7, has encryption enabled. I noticed on my personal phone the S5, there is an option for encryption. Do you guys enable this if you have the option?
-
FlyingPenguin
- Flightless Bird
- Posts: 32781
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
Re: Encryption on your phone
There's no overhead for encryption anymore, so it's a no brainer. Might as well. I would also configure it to wipe the encryption key after 10 (or less) attempts of the password or PIN. Also DO NOT use the same password for the encryption as the lock code (rookie mistake I see all the time) and that encryption password needs to be a STRONG one (12+ digits, numbers, upper, lower, symbols). Keep in mind you only need to enter it if you reboot the phone, so it's not something you enter often, but you do need to have it handy. No reason you can't just write that on the back of a business card in your wallet somewhere, obscurely, maybe only partially with a part that you memorize. Keep in mind some phones need the encryption password after a restart for an update.
Just don't assume that will protect your phone's data. There are companies that specialize in hacking tools to get into ANY phone. iOS is arguably more secure, but there's still ways if you're determined. WvJohn and I have attended security conferences where there's dozens of companies like Celebrite that hawk their phone cracking tools. And certainly we now know that practically nothing is secure from state sponsored organizations.
But most people just worry about some punk stealing your phone and if it's encrypted that'll be secure enough. If they can't get into it then they're either going to wipe it and sell it, or else (more likely nowadays) just sell it for parts.
I didn't bother encrypting my new phone this year because I was in a hurry to set it up after my old phone died. I may turn it on later. Matter of fact this reminds me so I'll put it in my calendar to do this week. I do use a pin lock code (no fingerprint reader on the Moto-x).
My feeling is there's nothing on the phones I care about anyone seeing. I don't put banking apps or anything like that on them. I don't do social media except Twitter and I only use it for following, not posting. Someone steals my phone I'll change my Google account password and my Amazon password and I'm good. They're welcome to any photos on there.
I do keep important personal and client info on there like passwords, in a local document folder (basically a backup of what I carry on a flash drive), but that's all in AES256 encrypted zip files with a strong password, and I always force close the text file viewer and Zip archiver when I access one of those. Even with an encrypted drive I would never leave anything like that in the phone unencrypted. You have to worry about someone stealing your phone while while it's unlocked, or knowing of some workaround to the phone encryption.
Just don't assume that will protect your phone's data. There are companies that specialize in hacking tools to get into ANY phone. iOS is arguably more secure, but there's still ways if you're determined. WvJohn and I have attended security conferences where there's dozens of companies like Celebrite that hawk their phone cracking tools. And certainly we now know that practically nothing is secure from state sponsored organizations.
But most people just worry about some punk stealing your phone and if it's encrypted that'll be secure enough. If they can't get into it then they're either going to wipe it and sell it, or else (more likely nowadays) just sell it for parts.
I didn't bother encrypting my new phone this year because I was in a hurry to set it up after my old phone died. I may turn it on later. Matter of fact this reminds me so I'll put it in my calendar to do this week. I do use a pin lock code (no fingerprint reader on the Moto-x).
My feeling is there's nothing on the phones I care about anyone seeing. I don't put banking apps or anything like that on them. I don't do social media except Twitter and I only use it for following, not posting. Someone steals my phone I'll change my Google account password and my Amazon password and I'm good. They're welcome to any photos on there.
I do keep important personal and client info on there like passwords, in a local document folder (basically a backup of what I carry on a flash drive), but that's all in AES256 encrypted zip files with a strong password, and I always force close the text file viewer and Zip archiver when I access one of those. Even with an encrypted drive I would never leave anything like that in the phone unencrypted. You have to worry about someone stealing your phone while while it's unlocked, or knowing of some workaround to the phone encryption.
Christians warn us about the anti-christ for 2,000 years, and when he shows up, they buy a bible from him.
-
Executioner
- Life Member
- Posts: 10140
- Joined: Wed Nov 22, 2000 11:34 am
- Location: Woodland, CA USA
Re: Encryption on your phone
I was reading that most newer phones already have it enabled by default, and you can't undo it. For those that have the option of enabling the option, if I wanted to undo the encryption, the phone has to be reset which will wipe all information on the phone and restore it to factory defaults.
I still have not decided, but I'm leaning towards it. I do some banking on it, like mobile deposits, and transferring monies to my daughter's account which is a piggy back off of mine. Very convenient.
I still have not decided, but I'm leaning towards it. I do some banking on it, like mobile deposits, and transferring monies to my daughter's account which is a piggy back off of mine. Very convenient.
-
FlyingPenguin
- Flightless Bird
- Posts: 32781
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
Re: Encryption on your phone
iPhone is encrypted by default with no choice, I believe most Androids it's optional. Some enable it from the factory and some don't.
On Android you can always go back to no-encryption, but to do that you have to do a factory wipe and reset it. There's no way to encrypt and keep your data on the phone.
Oh that's the other thing, even if you don't use encryption, before you sell or dispose of it, DO encrypt it and then wipe it. A normal wipe still leaves traces in the flash memory. If it's encrypted and you do a wipe, it destroys the encryption key and even if anything is left in memory, it's encrypted and can't be recovered without the destroyed key.
On Android you can always go back to no-encryption, but to do that you have to do a factory wipe and reset it. There's no way to encrypt and keep your data on the phone.
Oh that's the other thing, even if you don't use encryption, before you sell or dispose of it, DO encrypt it and then wipe it. A normal wipe still leaves traces in the flash memory. If it's encrypted and you do a wipe, it destroys the encryption key and even if anything is left in memory, it's encrypted and can't be recovered without the destroyed key.
Christians warn us about the anti-christ for 2,000 years, and when he shows up, they buy a bible from him.
Re: Encryption on your phone
Good info.
-
Executioner
- Life Member
- Posts: 10140
- Joined: Wed Nov 22, 2000 11:34 am
- Location: Woodland, CA USA
Re: Encryption on your phone
I enabled it last week. Took about 20 minutes to complete.