Related
has anyone done this yet? I noticed it in the settings, but it said it can take up to 1 hour... just wondered if it was worth while.
if you have done it, does it slow anything down, and how long did it take you to run?
Sent from my HTC Desire using Tapatalk
iamdarren said:
has anyone done this yet? I noticed it in the settings, but it said it can take up to 1 hour... just wondered if it was worth while.
if you have done it, does it slow anything down, and how long did it take you to run?
Sent from my HTC Desire using Tapatalk
Click to expand...
Click to collapse
I tried but it appears to not work. You have to be plugged in and fully charged (seems to work from 90% ish), and you have to have unlock PIN set. But once you have selected and confirmed encryption, the screen blanks except for a green line drawing of an Android logo, and then after a minute or so the screen blanks out and then you wait...and wait....and wait...and wait. I gave up after 4 hours.
If at any point you switch screen on, you get the PIN prompt: enter PIN, and you're presented with the blank screen with green line diagram of android logo. I've left it like this for several hours. In the end I reset, and got my device back - but still unencrypted. I've also tried without ever trying to log in until at least 4 hours have elapsed, in case the login attempt disturbed the encryption.
I have logged a defect with Asus for this and a couple of other things, and this morning got a response back saying that "We're still looking into this", which seems to suggest that they agree it is a problem.
Cool in gonna try now, at 95percent battery.
Sent from my Transformer TF101 using Tapatalk
That didn't seem to do anything.... I saw the green android with cog body, maybe I need to give it more time. I will set out before i go bed.
Sent from my Transformer TF101 using Tapatalk
I'm wondering how the encryption is handled, is it software or hardware enabled. I have seen with PC's that use software encryption that there is a performance hit and if the encryption is handled by hardware, like a hardware enabled HDD encryption, there is little to no performance hit. The PC I tested the software encryption on took forever to boot vs the hardware enabled one.
Havoc6266 said:
I'm wondering how the encryption is handled, is it software or hardware enabled. I have seen with PC's that use software encryption that there is a performance hit and if the encryption is handled by hardware, like a hardware enabled HDD encryption, there is little to no performance hit. The PC I tested the software encryption on took forever to boot vs the hardware enabled one.
Click to expand...
Click to collapse
You must have used some strange encryption application or had an old computer.
Try truecrypt - on modern (2 core) computer there is practically no performance hit whatsoever (decrypting and even encrypting on the fly is faster than hard drives - on SSD it could be too slow though). The same goes for standard encryption used by Ubuntu (it's very probable that Android tablets use the same method).
Truecrypt (and probably most other full-disk encryptions too) work like that:
- all the data on hard drive is encrypted (edit: it's encrypted all the time, never, ever is decrypted data written to disk),
- when system reads data - it's decrypted before being send to applications,
- when system writes data - it's encrypted before it's saved to the disk.
Also - Tegra2 should have a part handling encryption and decryption so it could be at least partially hardware encryption.
Your right, it has been a while since I have used encryption due to a bad experience early on. I'll give Truecyrpt a try. The software I used before was Safeguard Easy.
iamdarren said:
That didn't seem to do anything.... I saw the green android with cog body, maybe I need to give it more time. I will set out before i go bed.
Sent from my Transformer TF101 using Tapatalk
Click to expand...
Click to collapse
I left mine overnight, and it still was not encrypted. I had even done a factory reset beforehand to minimize the amount of data to encrypt.
I'm pretty sure this doesn't work. I'll post as soon as I get a reply from Asus.
It did not work, maybe this feature isn't ready yet?
Sent from my Transformer TF101 using Tapatalk
As a feature, it's not ready for prime time. I have it working on the xoom, but every reset it erases my timezone and sets it to GMT. Also, it uses the same PIN as your lock screen, so if you have a numeric pin for easy access, anyone who sees it now knows your encryption password as well. It really should be two different passwords. I intend this weekend to reset my machine and remove the encryption, because it doesn't serve the purpose it was supposed to serve.
Bump. Any info from Asus? I started it at ~7pm. It's midnight, and on the last few power-ups I get nothing except the green android logo after I enter the PIN. So it seems it's still not doing anything? Gonna reset now I guess.
Same problem here with a Transformer TF-101 Build number HRI66.TW_epad-8.2.3.8-20110423
See nothing but a android robot after enter the PIN. 7 hrs later I manually shutdown the machine.
Same here on the Modaco ROM.
Left it on the android pic for 9 hours... it didn't lock the screen or anything, and at the end, the accelerometer still worked when I rotated the screen, but I had to power off and on to get it back.
What does the encryption do, anyway? Does it stop you being able to load files on from the PC? Does it ask for the password when you plug it into the PC?
So no one has been able to get encryption working? I was just going to test this out and saw this thread. Thanks.
I've seen someone talking about some minor issues when running with encryption, so someone got it working.
That MIGHT have been on xoom, but I think it was the transformer.
Just thought I would share my experience with the encryption feature in Honeycomb since some people can't get it working:
At first I couldn't get it working like some people on this thread, I too was stuck on the green wireframe Android for hours on end until I discovered I could still exit back to the homescreen by pressing the home key on the keyboard dock. This happened on both the stock Asus 3.1 ROM and v1.4 of the PRIME! ROM (installed via nvflash).
I then updated recently to v1.5 of PRIME! via CWM and I can report that I was able to encrypt my Transformer after this update. It displayed the green Android wireframe logo for a few seconds, then rebooted and went into the encryption progress page. I had not really done much with the ROM other than change a few small settings and add my Google account, so the encryption was complete in less than an hour. I think the 'hour or more' estimate Google gives within the encryption description text is probably more accurate if you've installed a few more apps afterwards, but of course your timing will vary.
Furthermore I think that the encryption is likely only partial, because I was then able to flash one of the zip files from this thread via CWM without any issues or prompts. Otherwise I'm sure it would've thrown some kind of error such as not being able to mount the system partition or something of that ilk.
Finally (lol ) I also found this page on the Android source website outlining the details of the encyption implementation in Android Honeycomb for anyone interested. There is a mention somewhere of the 128-bit flavour of the AES algorithm being used to encrypt the master key.
Hope this helps anyone trying to get encryption working on their Transformer .
yet another absolutely useless feature, besides bricking the thing for whoever tries to steal it. keeps your data safe.. even from yourself.
i noticed a problem when inserting a microsd (into the pad itself) that it would not be able to boot as long as this is inserted. i am guessing this is because it tries to decrypt the microsd (that is not encrypted) and therefore is stuck in boot.
This is another aspect one should expect if this was a pre-release software. I am extremely disappointed with this product so far, mostly because of the software. most of (not any of the cameras) the hardware (including the keyboard) is pretty good
I did it 2 days ago, and it worked flawless. It tooks about an hour. I use it since and I have no problems at all.
The only thing is that I have to insert the SD card again each time I power on the transformer. Any idea how to change rhat?
fjoesne said:
yet another absolutely useless feature, besides bricking the thing for whoever tries to steal it. keeps your data safe.. even from yourself.
i noticed a problem when inserting a microsd (into the pad itself) that it would not be able to boot as long as this is inserted. i am guessing this is because it tries to decrypt the microsd (that is not encrypted) and therefore is stuck in boot.
This is another aspect one should expect if this was a pre-release software. I am extremely disappointed with this product so far, mostly because of the software. most of (not any of the cameras) the hardware (including the keyboard) is pretty good
Click to expand...
Click to collapse
You likely have ASUS to blame for this, as my understanding is that the Thinkpad tablet deals properly (from the spec anyway) with SD cards attached to the device even to the point it can additionally encrypt them. Again we are all early adopters, Honeycomb was sort of an experiment for Google, and Ice Cream Sandwich is the real next version of the andoid platform.
And encryption is hardly a useless feature, it means Google is finally trying to consider enterprise usage of their products which is very important to the further growth of the platform.
I have a stock 32 gb wifi only Nexus 7.
I was in Vegas last week to get married, placed the Nexus 7 in the room safe and when I came back, it was gone. Strange part was the thief left several thousands of dollars in wedding rings, pearl necklace, etc in the safe. All they took was my Nexus 7.
I discovered it missing scant minutes before we had to meet the limo to take us to get married. So we got married and when we returned to the hotel I reported it.
Security came up to the room after we did a report in their offices and searched the room thoroughly at my request. I opened the safe and we emptied it, security searched the safe and all around it with a flashlight, it was not in the room.
My wife and I left with security after the room search, security went back to work (I suppose), we went to dinner.
A few hours later we returned and I noticed the closet doors had been disturbed. The maid had been to the room MUCH earlier in the day. So I opened the safe and lo and behold, my Nexus 7 had "found it's way home".
I can think of no good reasons why someone would steal a Nexus 7 then return it. I can certainly think of a few bad reasons why they would do such a thing.
So I left it in airplane mode for the remainder of the trip, just used it to read a book on the Kindle app.
Of course I took a LOT of security measures with my banks, etc.
Since this has happened I returned home and encrypted the tablet. There are two levels of passwords you have to go through now when it boots just to get to the "desktop".
I also installed AVG after the theft and did a complete scan, I made sure to tell AVG to scan EVERYTHING.
The scans came up clean.
ALL my passwords where I bank, etc have been changed. I always use passwords of 15+ characters and when I can I also mix in special characters such as [email protected]#$, etc. Often banks won't allow those though. Curious.
So, I do use this tablet to login to my bank accounts sometimes.
Do you feel I'm safe to do so again?
Should I do a complete wipe of the tablet?
I do have the correct version of Android and the correct build number that I downloaded. They are for the wifi only Nexus 7 and they match what's on the tablet now.
If you feel I should do a complete wipe, where can I find a tutorial? ... and will my apps including the paid ones automagically reinstall?
You shouldn't have touched the tablet at all, but called the police to take evidence, such as fingerprints and an analysis of whatever might have changed.
Now that aside, using a probably Compromised device any further is not the smartest thing either. It does not matter if you change the password of anything, if you then enter the password through the compromised device, since there you are giving away the new password again.
Wipe the device, reset it to factory and restore from a pre-vegas backup. Then change all accounts again.
Sent from my Nexus 7 using xda premium
Maybe its someone you know or room service. BTW the reason they returned it because they realized its not an iPad mini. Next time you need to spend more money on hip devices of you want it stolen.
You might want to wipe the device not just factory reset which is not wiping, since it will retain the system partition. I don't know how to write zeros to the partition and doing it wrong probably perm brick the device too, but someone else might know. But you can be more thorough by using fastboot to flash the factory image which will format all the partitions, then encrypt afterward. Just use the sticky thread in this section on hour to factory reset and use the fastboot links in my signature.
Also I don't use antivirus on Android, but last time I heard Microsoft once pulled AVG from their app store because it doesn't do anything but run adsware. Not saying that it's useless, but there are other good ones to look at: http://www.av-test.org/en/tests/mobile-devices/android/jan-2013/ I heard good things about Zoner as well. Just throwing a few suggestions out there, use which ever you prefer.
This is also a good time for you to check out the app Cerberus for theft prevention, but it required sending hidden text message so I guess you will need a 3G version to receive SMS, but still recommended for phones.
Also make sure to turn off USB debugging when not using it.
Sent from XDA app
My old (preordered in July) stock 16 GB Nexus 7 (4.2.2) which was stolen approximately 3 weeks ago was returned to me today with a flat battery. The thief said, "I could not get into your tablet to wipe its data. I'd like to return it to you and apologize for trying to make a quick buck."
During the three weeks it was missing, I remotely disconnected my Google account from the device by enabling two-step verification, and bought a new 32 GB (NO SCREEN SEPARATION ISSUES ).
He handed it to me, and promptly left the scene. Ecstatic, I rushed to the nearest outlet to charge the sucker up and use it again (I was thinking "WHOO HOO! TWO NEXUSES, NOW I CAN EXPERIMENT AND CRAP!"). However, while I was expecting to see my data, I found the device to have been wiped. The thief said that he had never had any experience with android devices, which leads me to believe that there is a wipe feature built into the Nexus.
Is there one or did this guy lie and actually get into it, steal whatever he needed and wipe? Should I be concerned? I checked the serial number and it IS the same device.
Sent from my [NEW] Nexus 7 using XDA Premium HD app
Well I know on iPhone after 10 failed attempts it wipes data but on android, I know it can disable your device but it usually makes you enter your password. If you disconnected your account its possible it wiped the device as well
Sent from my Nexus 4 @1.72 GHz on Stock 4.2.2
The stock recovery wipes everything and you can launch it without the OS, so no screen-unlock password is needed to do that.
OTOH, starting up the boot loader and then the recovery is not obvious to someone without android familiarity, but the instructions to do so are certainly readily available on the internet (e.g. here)
The story is rather odd - if you use the stock recovery to wipe the tablet, it is no longer locked by a password or gesture, so it is not obvious why someone that could wipe the device with the stock recovery would be unable to simply start the device up and notice that it was ready for configuration.
Then again, from your story it sounds like the thief isn't the brightest bulb in the room.
Either that or he was a CIA/Mossad agent and they planted hardware bugs in your device with the intent of returning it to you all along.
bftb0 said:
The stock recovery wipes everything and you can launch it without the OS, so no screen-unlock password is needed to do that.
OTOH, starting up the boot loader and then the recovery is not obvious to someone without android familiarity, but the instructions to do so are certainly readily available on the internet (e.g. here)
The story is rather odd - if you use the stock recovery to wipe the tablet, it is no longer locked by a password or gesture, so it is not obvious why someone that could wipe the device with the stock recovery would be unable to simply start the device up and notice that it was ready for configuration.
Then again, from your story it sounds like the thief isn't the brightest bulb in the room.
Either that or he was a CIA/Mossad agent and they planted hardware bugs in your device with the intent of returning it to you all along.
Click to expand...
Click to collapse
Lol, excellent theory! But my question is, what would a CIA agent want with a Canadian teenager that has a love of android?
Anyway, I'm going to try to find out more about it on Monday.
Hi,
I am thinking about encrypting my Nexus 4. I am already using encryption on all my computers but I never tried it on my smartphone, so there are three questions I hope you will answer:
1)
How is battery life affected? Well, fortunately the battery of the Nexus 4 is quite good and I hope encryption won't waste too much.
2)
How is speed affected? My Desktop CPU has AES-NI and there's a SSD, so you don't even recognize system encryption. How is it doing on the Nexus 4? I'm just doing the usual smartphone stuff, means E-Mail, messaging, phoning, checking News &Weather and sometimes playing Doodle Jump. My research on the Internet about encryption performance on Android didn't bring up things I can really rely on so I hope someone here can tell me his experiences.
3)
Which algorithm is used exactly? I know it's dm_crypt and I'm using it on my other computers, too, but on my PC I can choose which algorithm I want and on Android it's given as far as I know.
Regards,
becha
You can't use patter lock to unlock your screen, which is a pian for me right now.
Sent from my Nexus 4 using Tapatalk 2
1. Barely noticeable
2. Same as 1
3. Not sure
Sent from my Nexus 4 using Tapatalk 4 Beta
1) I doesn't notice any real impact on battery life. Used the N4 several months before encrypting it.
2) Booting the phone is slowed down, and not only because you have to enter the key for accessing the encrypted drive. But opening apps and doing backup, etc. isn't slowed down. I guess I wouldn't even notice an encrypted devices and so did no one until now, while using my phone.
I was also doubtful before, because in my experience, on a laptop back in the days (5 years ago), the battery drain and performance impact was just to big. But on the other side, I do a lot more disk based tasks on my laptop, than I do on my phone.
in short, after I lost my last phone, I really wanted to give it a try and I didn't regret it until now.
Hoping to hear good answers to question 3.
@HB_Mosh
Well, that's not too bad for me because I don't use Unlock Patterns.
@Vanhoud @memleak
Thanks for sharing your experiences, I'll give encryption a shot.
becha said:
@HB_Mosh
Well, that's not too bad for me because I don't use Unlock Patterns.
@Vanhoud @memleak
Thanks for sharing your experiences, I'll give encryption a shot.
Click to expand...
Click to collapse
can you please tell us your experiences, i was thinking about it, i guess you can CWM, encrypt then restore backup if you want to revert without starting all over
Yesterday I encrypted my Nexus 4, it took around an half an hour. Until now (well, one day...) I didn't discover any problems apart from the fact, that my Nexus 4 did a simple restart for the first time when trying to encrypt it. Everything went fine when trying the second time. The phone itself runs fluent, so up to now I didn't see any performance problems.
Now I can't backup my ROM - any suggestions? Perhaps Recovery can mount to an external USB storage or something? What a pain! You can't un-encrypt either, and there's no way to mount encrypted storage in Recovery I wanted to backup before installing privacy protection in case it borked my phone.
Another encryption question...
Don't mean to hijack this thread, but can anyone tell me if OTA updates will still work on a stock, unrooted N4 that's been encrypted?
Can't find a definitive answer - some have had success on other devices and others haven't.
I don't see why turning on stock encryption on a stock unmodified device would make any difference?
Sent from my Nexus 4 using Tapatalk 2
DroidBois said:
I don't see why turning on stock encryption on a stock unmodified device would make any difference?
Click to expand...
Click to collapse
I wasn't sure why / if this would make a difference either but as I said, I can't find a definitive answer. Some people say that you need to factory reset in order to remove the encryption before you can apply an OTA update, but others say different.
I'd be interested to know if the OTA would work after simply asking you for your encryption PIN on reboot, or if the encryption would prevent the OTA being applied because of the encrypted storage. Does anyone have any experience of this?
DroidBois said:
Now I can't backup my ROM - any suggestions? Perhaps Recovery can mount to an external USB storage or something? What a pain! You can't un-encrypt either, and there's no way to mount encrypted storage in Recovery I wanted to backup before installing privacy protection in case it borked my phone.
Click to expand...
Click to collapse
You have to use TWRP Recovery, which is able to mount your encrypted internal storage.
No way.. I thought I'd tried every option I could think of in TWRP but I'll take a closer look.
Sent from my Nexus 4 using Tapatalk 2
If you start TWRP, it should automatically ask for your passphrase to read the encrypted internal storage. Latest version of TWRP works for me, older ones had bugs regarding to encrypted devices.
In light of the recent kerfuffle between the government and Apple, I have a purely technical question (not looking for opinions) on 6P/Marshmallow encryption.
1) How does the actual encryption compare to Apple's (latest)?
2) Is it possible (within reason and with current technology) to be broken? (I know that theoretically ANYTHING can be broken, just asking if it would be practical (e.g. not take 100 years).
3) In there anything either Google or Huawei could do to assist the government in hacking a 6P/Marshmallow?
4) Is there any addon that would give the capability of n-wrong attempts/erase as in Apple. If so, would it require root?
Apple is being asked to provide a method to allow a brute force attack. Having a really strong password is a good way to prevent such an attack. And the 6P's fingerprint scanner makes a strong password doable, without the inconvenience usually associated with it.
After 10 incorrect entries, Android will make you wait 30 seconds after each attempt, which makes it a slow, arduous process. I don't have the patience to determine if there is a point in this process where data is automatically wiped from the phone.
Of course you can always use ADM to wipe your phone remotely if your phone is still connected.
Actually, (and I'm just speaking technically, not making political/moral judgements), fingerprint encryption does NOT stop the government from decrypting your phone. You can be legally compelled to swipe your finger (but NOT to provide your own password), and your fingerprint can be used even if you're dead.
Solutions Etcetera said:
Apple is being asked to provide a method to allow a brute force attack. Having a really strong password is a good way to prevent such an attack. And the 6P's fingerprint scanner makes a strong password doable, without the inconvenience usually associated with it.
After 10 incorrect entries, Android will make you wait 30 seconds after each attempt, which makes it a slow, arduous process. I don't have the patience to determine if there is a point in this process where data is automatically wiped from the phone.
Of course you can always use ADM to wipe your phone remotely if your phone is still connected.
Click to expand...
Click to collapse
l_stevens said:
Actually, (and I'm just speaking technically, not making political/moral judgements), fingerprint encryption does NOT stop the government from decrypting your phone. You can be legally compelled to swipe your finger (but NOT to provide your own password), and your fingerprint can be used even if you're dead.
Click to expand...
Click to collapse
Assuming they have your finger, that's all true. But turning the phone off will still require your pin/pattern/password to decrypt it.
IIRC, Android does not automatically wipe your phone, but enough attempts will put it into a state where no more attempts can be made. At that point, additional account credentials are required, or an FDR is necessary.
I also know first hand, that resetting a phone from recovery will not allow a phone to be used without account credentials.
Great information. Big thanks given!
Since Android is "Open Source", would it be feasible for someone to remove the delay to enable a brute force attack? In any case, Google could do it if ordered.
So, assuming a brute force attack occurs (delay removed), how easy to break the encryption set by a pattern (and is there anything else Google to do in addition to removing the delay to help decrypt)?
Solutions Etcetera said:
Assuming they have your finger, that's all true. But turning the phone off will still require your pin/pattern/password to decrypt it.
IIRC, Android does not automatically wipe your phone, but enough attempts will put it into a state where no more attempts can be made. At that point, additional account credentials are required, or an FDR is necessary.
I also know first hand, that resetting a phone from recovery will not allow a phone to be used without account credentials.
Click to expand...
Click to collapse
l_stevens said:
Great information. Big thanks given!
Since Android is "Open Source", would it be feasible for someone to remove the delay to enable a brute force attack? In any case, Google could do it if ordered.
So, assuming a brute force attack occurs (delay removed), how easy to break the encryption set by a pattern (and is there anything else Google to do in addition to removing the delay to help decrypt)?
Click to expand...
Click to collapse
On an unrooted phone with a locked bootloader, the only way to modify the system would be to unlock and root, which would wipe the phone.
Does Marshmallow use 256-bit AES encryption?
That about pattern lock? Is it the equivalent of a 4 digit passcode (or 6 or 8...)?
l_stevens said:
Does Marshmallow use 256-bit AES encryption?
That about pattern lock? Is it the equivalent of a 4 digit passcode (or 6 or 8...)?
Click to expand...
Click to collapse
https://source.android.com/security/encryption/
128 bit.
Sent from my Nexus 5X using Tapatalk
Solutions Etcetera said:
On an unrooted phone with a locked bootloader, the only way to modify the system would be to unlock and root, which would wipe the phone.
Click to expand...
Click to collapse
Google could create an special signed OTA update zip file and side load it to the device in Recovery without having to oem unlock the bootloader. This special OTA would allow for brute force unlocks.
SpookyTunes said:
Google could create an special signed OTA update
Click to expand...
Click to collapse
I suppose. But given Google's stance on the issue, I doubt that is any more likely to happen than with Apple.
SpookyTunes said:
Google could create an special signed OTA update zip file and side load it to the device in Recovery without having to oem unlock the bootloader. This special OTA would allow for brute force unlocks.
Click to expand...
Click to collapse
You have to unlock the phone to authorize the computer you're using to be able to connect to adb, correct? I could have sworn this needed to be done before you could adb sideload. Perhaps I'm incorrect.
At any rate, this is a fantastic reason why you should never leave your bootloader unlocked, unless you don't care if someone can have an easier time stealing your data.
Sent from a 128th Legion Stormtrooper 6P