Isn’t that what Iphone and Android already do?
Rooki@lemmy.world 1 year ago
Yeah it can happen, when you force people without their consent encrypting their data.
Melonpoly@lemmy.world 1 year ago
Rooki@lemmy.world 1 year ago
The only phone manufacture that does that is Google with pixel. Any other phone is for my knowledge either “weakly” encrypted or not at all.
Still your Mobile OS isnt just upgrading and encrypting your SD card and main drive. Thats the point.
InnerScientist@lemmy.world 1 year ago
All devices launching with Android 10 and higher are required to use file-based encryption.
To use the AOSP implementation of FBE securely, a device needs to meet the following dependencies:
- Kernel Support for Ext4 encryption or F2FS encryption.
Keymaster Support with HAL version 1.0 or higher. There is no support for Keymaster 0.3 as that does not provide the necessary capabilities or assure sufficient protection for encryption keys.Keymaster/Keystore and Gatekeeper must be implemented in a Trusted Execution Environment (TEE) to provide protection for the DE keys so that an unauthorized OS (custom OS flashed onto the device) cannot simply request the DE keys.- Hardware Root of Trust and Verified Boot bound to the Keymaster initialization is required to ensure that DE keys are not accessible by an unauthorized operating system.
MonkderVierte@lemmy.ml 1 year ago
Different threat model and usage scenario.
OfficerBribe@lemm.ee 1 year ago
Android I think just uses same credentials you use to unlock account, at least I am not aware of any recovery key. And you are prompted for credentials from time to time so it is harder to forget. I use fingerprint as main unlock + pattern and I have to enter pattern roughly once a week I think.
On Windows if you set up Windows Hello (fingerprint or PIN usually), you are not reminded to enter password afterwards so eventually you can forget it.
Object@sh.itjust.works 1 year ago
One major difference is that it is so much easier to lock yourself out of the desktop TPM chip compared to mobile device security chips because they’re not tightly coupled.
acosmichippo@lemmy.world 1 year ago
and phones make you use your unlock pin often, so people are forced to remember it. on the other hand windows lets you use a short pin instead of your full account password pretty much forever which results in people forgetting the password completely.
Rooki@lemmy.world 1 year ago
That isnt even the part it is encrypted, the TPM encryption is either “Automatic” or over a password (any length) on startup so far i know it from my work with Bitlocker (tpm 2.0) on windows 10. Idk if this is different on windows 11.
surewhynotlem@lemmy.world 1 year ago
Huh … I never noticed. Probably because my phone OS never failed to boot, requiring me to pull data off the HDD directly.
Landless2029@lemmy.world 1 year ago
Samsung is notorious for this.
Lembot_0002@lemm.ee 1 year ago
Most people don’t have anything of importance on their phones. And the tuning options are almost absent on phones, so it is less problematic bug-wise.
pressanykeynow@lemmy.world 1 year ago
Yeah, nothing important. Just your banking apps, personal documents, photos, government apps, emails, all the services linked to your phone via mobile number, personal chats, work chats, 2fa codes, some other not important stuff. But at least it doesn’t have your games. Unless you play games on your phone, then you are fucked.
ieatpillowtags@lemm.ee 1 year ago
No you’re right, nobody has precious photos or videos on their phone 🙄
Lembot_0002@lemm.ee 1 year ago
If they don’t save those photos somewhere else from time to time, it means those photos aren’t that important.
thesystemisdown@lemmy.world 1 year ago
For many, a mobile device is their sole computer, and things of importance to them are stored on it.
cy_narrator@discuss.tchncs.de 1 year ago
Forcing people is one thing, not telling them its a thing is completely different. Most Windows users dont even know their Windows has bitlocker enabled and those keys are out of their sight