The only good news about this particular decryption hack requires physical access to your phone and as you should be aware once someone has your device in their hands all bets about security are off. The vulnerability exists on ARM-compatible Snapdragon system-on-chips and the TrustZone, a secure part of the chip which runs outside of the operating system and passes information pertaining to the encryption on your phone via the Qualcomm Secure Execution Environment.
It is possible to to exploit an Android kernel security vulnerability to load your own QSEE application which can then query the TrustZone for your unencrypted blob and RSA key. From there it is simply a matter of brute forcing the phones PIN or password which then allows you access to all the encrypted data on the device. The Register explains not only the vulnerability but also how TrustZone and KeyMaster work on your devices in this article.
"Essentially, if someone seizes your Qualcomm Snapdragon-powered phone, they can potentially decrypt its file system's contents with a friendly Python script without knowing your password or PIN."
Here is some more Tech News from around the web:
- Lenovo scrambling to get a fix for BIOS vuln @ The Register
- BlackBerry will release three more Android-powered smartphones @ The Inquirer
- Transcend Wifi SD Card Is A Tiny Linux Server @ Hack a Day
- 400 million Foxit users need to catch up with patched-up reader @ The Inquirer
- Ubuntu backs calls to wind down 32-bit Linux support @ The Inquirer
Full disk encryption is
Full disk encryption is supposed to mitigate a beach even if the phone is stolen (hopefully the phone is off).
So writing: “The only good news about this particular decryption hack requires physical access to your phone and as you should be aware once someone has your device in their hands all bets about security are off.”
Really makes no sense as if physical access makes full disk encryption useless then what’s there point of it in the first place?
If an unathorized person can
If an unathorized person can get physical access to your devices, without you being there to watch them, consider them breached. Air gapped, encrypted or some obscure system only 3 people on the planet actually know? Doesn't matter, once it is in someone elses hands you should consider it breached.
Encrpytion just slows them down … unless they cloned it and gave it back. Security is full of wonderful experiences like that.