this post was submitted on 16 Oct 2024
80 points (97.6% liked)

Privacy

1132 readers
252 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
80
Police want the password to your phone (reason.com)
submitted 16 hours ago by throws_lemy@lemmy.nz to c/privacy@programming.dev
30 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] MelodiousFunk 8 points 14 hours ago (1 children)

That does not encrypt your storage.

It's encrypted by default.

[–] AsudoxDev@programming.dev 6 points 13 hours ago* (last edited 13 hours ago) (1 children)

You didn't read the article you linked to, did you?

The encryption by default you speak of is before the first unlock, that is, locked with something like a password or PIN. After the first unlock, the decryption key is stored in memory and your filesystem is pretty much vulnerable to anyone that can get access to the memory. That is why you can even unlock your phone with your face or fingers, because all that is a simple boolean value that indicates whether you logged in or not. You can't "generate" or get a key from your face nor fingers.

[–] pivot_root@lemmy.world 4 points 12 hours ago* (last edited 12 hours ago) (2 children)

In a lot of modern phones, and particularly iPhones, the encryption key is stored in the TPM. The TPM itself handles the encryption and decryption of data. If someone manages to get read access to the system memory, the most they're getting is whatever cleartext data is stored in memory for cache or process memory.

Citing my Claims:

I'm not going to bore myself or anyone else with whitepapers and PDFs, but Apple themselves summarize how T2 (TPM) works with disk encryption on Mac devices. The iPhone has the same chip and an even stricter threat model. In M-series Apple devices, they rolled its functionality into the SoC.

[–] AsudoxDev@programming.dev 1 points 12 hours ago (2 children)

Correct, though it still is saved somewhere. Just like how TPMs in Computers can be exploited as well, this also can be. What I meant in my original comment was that the emergency mode did not clear that hardware chip's storage and do a full encryption of the storage, which others said otherwise.

[–] firelizzard@programming.dev 1 points 28 minutes ago

do a full encryption of the storage

That’s not how disk encryption works. Data in storage is always encrypted. That’s the whole point. When an app requests data, it is decrypted on the fly. Decrypted data is never stored outside of RAM.

[–] pivot_root@lemmy.world 2 points 11 hours ago* (last edited 11 hours ago)

Ah. Then yeah, emergency mode won't suffice for protecting the full contents of the disk.

I can't say Apple actually does this, but it is possible to protect important data by further encrypting user data with a separate encryption key derived from the passcode, and then clearing the key whenever the screen is locked.