As forensic examiners, some of the last things we want to hear are
"encryption" and "enabled" in the same sentence, however that's what has
been happening with the current line of Android devices. Starting with
Android 3.0, devices have been shipping with the ability for the user to
enable full device encryption. Fortunately for the forensic community,
there are individuals steadfast to find a way to break that encryption -
and have already proven how to do so. Two such researchers - Thomas
Cannon and Seyton Bradford - have demonstrated successful brute force
attacks against Android encryption. Thomas detailed their findings at
DEF CON 2012 in his presentation "Into the Droid - Gaining Access to User Data"...
He
discusses that the encryption uses standard Linux dm-crypt,
incorporated in Android devices running version 3.0 and newer, and uses
the same password to encrypt and decrypt data as is used to unlock or
log in to the device. So while the encryption is generally considered
strong, users default to using short or easy-to-type passwords and pins
to protect their device and enable the encryption...
Read more
No comments:
Post a Comment