GUO Yixuan on 6 Sep 2015 08:31:39 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Cheap Nexus 6

On Sun, Sep 06, 2015 at 10:02:13AM -0400, Rich Freeman wrote:
> On Sun, Sep 6, 2015 at 2:54 AM, brainbuz <> wrote:
> >
> > With so many phones coming to market with a fingerprint reader, any smart
> > phone that doesn't have one is obsolete junk. PINS and swipes are really
> > inconvenient compared to fingerprint and given the personal data thats going
> > on phones these days I don't see how a more secure and more convenient means
> > of securing the device can be considered optional.
> >
> A fingerprint reader only helps with security if the storage is
> completely encrypted (both the media/sdcard and data regions) either
> using a strong enough key to resist brute-force attacks, or using some
> mechanism that ensures a limitation on number of attempts per second.
> Chromebooks employ a TPM chip to accomplish the second. The password
> you enter is combined with an encrypted key stored on disk, and fed
> into the TPM to decrypt using a key stored in the chip.  If the
> decryption fails then the password is wrong.  If the decryption
> succeeds it yields the strong key used to access the storage contents.
> The TPM itself limits the number of attempted decrypts per second (it
> is slow), and you can't perform the process without it unless you
> extract the key stored inside (and the TPM is engineered to make this
> incredibly difficult even for a very sophisticated attacker).
> As far as I'm aware Android does not do anything like this - the only
> entropy in the system is whatever you enter in your password (which by
> default is intended to be a screen lock key you enter all the time),
> and there is nothing that guarantees that attacks on the storage will
> be rate-limited - you just need to extract the encrypted contents of
> the flash chips and attack it with the computer of your choice.

I think Android at least provide some support for TPM or similar
hardware based keystore[1]. However, I'm not sure whether the mandatory
encryption in Android 5 and Nexus 9/6 is making use of it.


However, using TPM might make it more difficult for debugging. (my


> I'd rate Android's data security as pretty casual overall.  I have no
> idea how it compares to iOS, but it is nowhere near as strong as
> ChromeOS (on a device with a supported TPM - which includes all
> commercially-sold machines but not anything you just build yourself).
> It doesn't hurt that ChromeOS devices tend to have keyboards which
> encourage more complex passwords, but either way an attacker with full
> hardware access (including taking the thing apart but not defeating
> the TPM) is limited to about 2 attempts per second at most.
> Now, maybe with a fingerprint reader you'd be more encouraged to enter
> a really long and complex password at boot.  If the thing allows the
> first unlock to use the fingerprint then they're storing the password
> somewhere and that is another potential vulnerability, depending on
> whether it involves a TPM.
> --
> Rich
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --