howcan I getreed of the device lock in settings. I had install it once but I cant get reed of it now.
this link or ?
https://jolla.zendesk.com/hc/en-us/articles/201440487-What-are-the-Device-Lock-and-Security-code-
It seems that we cant get reed of it ones we have install it. That could be something to be change in futures updates?
i am not sure i understand what you mean.
settings -> device lock settings ā¦
tap on user security code and should be disabled ?
longpress on fingerprint will remove fingerprint
what is missing ?
@pawel.spoon I have made a lock and now I cant get reed of it.
settings/ device lock-- change security code so no possible to tap user security code
?!
tip on the āUser security codeā check box (the light bulb)
then you need to confirm with security code and you are done
I cant see that User security code that youi say
Like I said before. I have to reinstall the OS to be able to do it. So hope that Jolla change this in the future
Jolla says that Xperia phones doesnt have it. Hope that can be change in the future.
Actually, I have just done what Jolla says to do , reinstalling the last image, and the device lock is still asked before been able to use the phone??
which device are u using??
ups you were right:
the picture above was a volla phone with 3.4
on my experia 10 with 4.0 it looks as on your phone
For all Xperias the device lock is now mandatory (due to encryption of /home) and cannot be circumvented since version 3.3.0.16, when flashed with this or higher.
(Afair for the X10 it was then from the beginning?)
So for X and XA2 you need to flash SFOS 3.2.1.20 (or lesser) and then update OTA. This is the only way you can achieve not having device encrypted and not using a device lock code.
Yes I know that, but you can choose if you wanna or not ti have a code for it.
And how can I downgrade to 3.2.1.20?? it is not easy, isnt?
I think it will be awesome to decide if you wanna have or not the code longer, eventhough the encryption is there.
tl;dr: What youāre asking unfortunately is not possible since thatās not how encryption works.
About the lock code
Thereās a reason why youāre required to use a lock code when having an encrypted device*:
When installing a security door on your house, itās of no use if you leave that door unlocked or with the key in the keyhole.
Since your storage gets unlocked when booting the phone, the only time your data would be protected without a display lock code would be when itās turned off.
* At least as far as I understand. Hopefully I'm not missing some aspect about this.
About the possibility to ādisableā encryption
When researching the encryption technology involved (in case of Sailfish OS, this is LUKS
), and setup options thereās mention of a detached header: Simply put it stores the key necessary to decrypt your data on an external device (e.g. USB flash drive). You can read up all about it on this Medium article.
The point in case: Sailfish stores the decryption key for LUKS on device. I donāt know the details (havenāt enabled encryption yet) but supposedly with an encrypted boot partition (cf. āGold Solutionā on the article mentioned above).
What this means: Decrypting on-device is very difficult and extremely volatile to data loss. Take, for example this warning from the related entry on the Arch Wiki
Note: As of 2020, and version 2.3.3, when using
cryptsetup
to decrypt a LUKS2 block device the program requires you to provide a LUKS--header
file. If you do not use the ādetached headerā feature of LUKS, and naively try to pass the block device itself (which contains a LUKS2 header) as the subject of the--header
,cryptsetup
will accept this and go ahead with alleged decryption. Afterwards the block device will show up as a LUKS2 device with no key-slots, and YOUR DATA WILL BE LOST. If you try to usecryptsetup luksHeaderBackup
as the header file used with--header
, YOUR DATA WILL BE LOST. If you try to restore a backed-up header after this faulty decryption, YOUR DATA WILL STILL BE LOST.
=> Assumption: There is no detached header available for the LUKS setup of Sailfish OS. Thus, there is technically no possibility to undo encryption on device. Reflashing is needed.
A possible workaround
There seems to be a work-around to avoid mandatory encryption:
On a philosophical note
Security and comfort most of the time are - especially in the context of information technology - mutually exclusive. The guys from Open Whisper Systems have done a fantastic job and some enormous effort to create such a comfortable app as Signal has become.
Maybe itās good to keep this in mind. Unrealistic expectations with this can quickly lead to frustration - although from a technical perspective everything is working as it should
I have reflash, and still is asking me for the code in the first boot. So reflasing hasnt workfor me.
Did you read my post?
Or seen the link in rozgwiās post above?
And it would help to help you telling us which device you have and which version you flash.