Is there any protection against this kind of technology? This is extremely unsettling, and is frankly draconian..
Is there any protection against this kind of technology? This is extremely unsettling, and is frankly draconian
Other urls found in this thread:
androidauthority.com
twitter.com
Not getting caught is a good start
You don't even need to be guilty in a lot of countries.
Full disk encryption (of course not by some proprietary shit with a built-in backdoor)
Basically this
Use open source software and encryption protocols, and keep everything up to date
kys
What about for Android though, I don't think there's any open source encryption apps in existence?
Android offers disk encryption already, some newer models have it enable by default, older phones you need to encrypt it manually
>androidauthority.com
My galaxy s7 had it by default, I only had to enable the safe initialization on the settings
That's built in encryption. Open source offers more benefits.
Gimme a tl;dr on what that shit is. IMSI catcher? How would disc encryption save you from a man in the middle attack?
It's not an IMSI catcher. It's basically a data extractor. Bypasses basically every security measure you have, in a matter of minutes. With access to deleted messages on encrypted apps, just to give you an idea of what this thing's capable of.
Wait does this thing require physical access to the device or is this wireless?
Android is open source
bump
How can it extract encrypted data? Thats just bs
Its the best option I know for full disk encryption for android
Also, this
Not that user, but anyone can extract encrypted data, what matters is whether or not they will be able to decrypt it
OH, so theyre not saying they can decrypt it? Well then this tool is nothing amazing
Extract and decrypt in a matter of minutes. This thing is no fucking joke, if they use it they have everything.
So its a flaw in the encryption algorithm then? Theres surely no other way
bad random numbers always save the day for the spooks.
True, reminds me of sony and nintendo. I guess even the best have shit tier security
I don't have a clue, and I seriously doubt they're gonna tell people how they're doing it. Unless they have some kind of backdoor they're accessing.
ARM Trustzone perhaps?
yeah
>buy an android from a vendor that cares about security, i.e. pixel
>set a strong 10+ character screen lock
>don't use fingerprint unlock
Unless trustzone logs shit in plaintext...
Biometrics are a mistake
Why is fingerprint worse than a generic password?
Easy as hell to rake/ fake. The only way to get a password is by interrogation. Theres many ways to get a fingerprint
And by "easy as hell," this user means that you'd have to be targeted by a technologically savvy person with access to sophisticated equipment. All so they could unlock your phone.
Meanwhile the dude telling old people that they're being investigated for tax evasion is walking away with $25,000 from making one phone call. You tell me how common harvesting biometrics actually is.
Also phones lock themselves every once in a while.
I have to manually unlock mine every 2 days or so.
If I have a day off that I spend at home and I don't touch my phone all day, I usually have to put in my password when I finally pick it up. If I travel somewhere new, it happens faster. I think there's some set of parameters that dictate how often you have to put in the password that are built around how likely it is you've misplaced or lost your phone. Pretty neat idea, if you ask me.