Strong encryption you can already achieve yourself, just type 30 digit pin each and every time you unlock your device, shorter pins for encrypting ram loaded pin are a bunk and israelis can break pixels that were initially unlocked (Ability to prevent encryption to become enabled - #51 by throwaway69), this is not about this, this is about an accidental feature where currently with C2 and forgotten pin you can only send it back, doing 2fa validation by jolla on factory resetting such hw probably already happens, but you have people reselling their C2s, soon noone will have track of who owns which one (the OG orders), right now there are maybe 3-5 new owners of C2 not in jollaās DB, being niche is actually working great for this scenario, as they can offer you to opt in (if you were the OG buyer) that they will not reflash if the C2 comes from unknown nigerian account and will consult with you what to do with it, costs nothing and adds a layer of security not iphone, not android offers (of course zero vs CIA/Mossad/FSB, but itās not aimed at that) (people who experienced theft, might just want to say F you to thieves for a fiver/year, good luck average pickpocket hacking turkish device with few k devices total in EU)
edit: and inb4 NO I do not plan to opt-in into such service as I expect to break my C2 way too many times while hacking on it, if they do come back up for sale might consider it for a daily driver that is just for regular use and not for hacking, but whatever itās neither here nor there
yes, this is what i was saying it amounts to.
yea, thatās bonkers for everyone, and absolutely not what i proposed. a 15-character ascii password, at boot only, fixes this issue fully, israelis or no. loading the full pin in ram, using only a short pin to encrypt it, sounds like a bad idea to me. encryption key for a device should never be stored on that device.
in my proposal, the pin-unlocking and data encryption are unrelated. if the phone is turned on but locked, you have 20 guesses before the phone turns off. if you can get unlock the phone without the pin while it is still turned on, then there is nothing you can do to prevent full exploitation, with encryption or firmware locking.
but once the phone is off, you would then be unable to boot the phone or recover the data from the phone without the ~105 bits of entropy in the key.
pls read the linked article, pixels are safe from israelis only powered down (that means before you enter your 15 char ascii password into ram), your super idea is so super hard to implement bloody googol with their own custom hw chip effed it up
what? pixel devices donāt require you to type long encryption keys at boot, how is this my proposal?
google effed it up because no amount of handwaving in the world will make a 5-digit pin have 100 bits of entropy.
my proposal is definitely easy to do, itās just that it doesnāt work for most users who donāt want to enter a long password when restarting the phone, or ever.
Your proposal is exactly what is being proposed by all amateur/enthusiast security specialists and what is employed in android/ios, long boot-up phrase, but then we donāt bother you that much, we surely have software ways to prevent bruteforce of the smaller key while google with thousands of engineers is pwned by israeli company, iOS <18 apparently too on 5 year old devices, somehow apple is not in portfolio of data extraction company most likely employed by your national police force, but please continue telling us how your solution is super easy to implement and in sw only as jolla cannot just magic in security enclave/titan chip (and googol with titan chip shat the bed anyway)
i see. you are confused about what i am saying.
you are now talking about breaking dm-crypt or LUKS or whatever FDE you are using by getting access to the key in RAM from a running, already un-encrypted device. but there is nothing to discuss about that. either itās hackable, or itās not, but locking the firmware OR using a 128-bit encryption key will not help.
we were talking about cases where your solution (locking the firmware) or my solution (strong FDE key) could possibly help. that concerns only recovering the data once the phone is off, and there is no key in RAM.
my argument is that an opt-in, strong FDE key could prevent a phone that is turned off from having the data recovered by a hacker with good equipmentā¦as long as you do NOT store the key on the device at rest with another short pin encrypting it. jolla already does not do that, so this would, in fact, be easy.
yeah thatās the whole thing, there is literaly zero development required to productize this bug/lacking feature into a premium feature people paiyng 5 bucks a month for vpn might consider valuable, pay us 5 bucks, enter your IMEI, we will call you back to make sure you want this and we just cash your bucks, boom, original product not android or iOS device provides
i will give you that; the disturbing lack of recovery mode on the C2 is easier to leave in place than to remove, but who would still want to buy it?
my proposal requires development, but very little. you can already use a 5-digit pin without using FDE in SFOS, and you can already set the FDE key to something long in SFOS. just do both of those things at once and youāre doneā¦
If you use 30 digit pin every time, you probably will spend one cappucino on your hw not being deflowered.
my proposal requires development, but very little
please understand that what you consider super easy, is in fact super hard to not introduce sidechannel attacks, google failed in securing their flagship with their own hw chip, but your solution Iām sure when you discuss it high level is just super easiest, implement in sw with no custom hw chips, then come back to us, just give us the solution not the general idea (we got the general idea, just invent AI and ask it for the solution, still noone implemented)
again, you switch topics. i am not trying to solve the problem of using a simple pin to get real security. i think google just showed us that this is a foolās errand. you are trying to make me sound like i am making an outlandish claim of security expertise exceeding google, but i am simply not talking about that problem.
this is about using the off-the-shelf LUKS solution that jolla already uses, which most of the security folks on here say would be good enough with 128-bit keys.
as a project manager, iāll be the first to admit that projects that sound this simple can have major unforeseen obstacles, but i would absolutely be willing to work on a PR for this soln right now:
- allow alphanumeric FDE key entry
- do not use the screen unlock PIN for FDE of $HOME
Iād say to spite thieves is basically the most important reason for 99% of all security features. Once word gets around that this or that thing is not worth stealing, other thieves wonāt/shouldnāt be interested in stealing your device anymore. And, well, if they still end up stealing it, you get to spite the damn thieves.
wait, am i free to do so? i donāt think those repos are FOSS. i will happily do this if iām wrong!
Pass, you do you man, Iām out, gn, Iām sure google will pay you a few million for your super easy secure idea of what they were trying to implement for the last decade, so good luck
heh, how many times do i need to say that i am not talking about solving that problem? i dont think it IS solvable, at least not in the long-term.
lol, why do you think google doesnāt pay you a few million for your ālets lock the bootloader and pay a subscription feeā solution? neither proposal is related to that problem.
This post was flagged by the community and is temporarily hidden.
lol, what are you on about? calm down friend, iām not criticizing you, just your idea. like most FOSS enthusiasts, i am strongly opposed to locking the firmware, and i have an alternative that is much better.
You have option to have X or not X, do you choose what your favourite youtuber does and install 5th vpn>?
I really hope you will become the gold standard of short pins, googol engineers just lack this high level overview where you tell them it gotta be secure dammit, and they make it secure, israelis just ignore them, Iām sure your personality grants the security needed, 30 digits pins are no longer needed, teleshoes just made it obsolete, 4-6 digit pins are good enough, gn
So can you help me please, I dont know which person I describe my problem and ask for help. Can you please name me a name or better send me a link to a profile. Thank you very much.
truly there is no recourse. as far as i know, you have to send your phone back.
try here:
https://jolla.zendesk.com/hc/en-us/requests/new
Thanks for advertising this feature, xda-rummagers in shambles