[liberationtech] Fwd: Re: secure wipe of flash memory
Nathan of Guardian
nathan at guardianproject.info
Mon Jul 16 02:54:35 PDT 2012
On 07/15/2012 11:53 PM, coderman wrote:
> the only rational approach is to use Full Disk(Flash) Encryption.
It is rational, but not possible on the majority of mobile phones
(feature and smartphones), available today on the market.
Our task with InTheClear was to come up with a practical way to thwart
the immediate threat of an minimally-trained human doing a quick logical
extraction using USB mount or SD card reader. This is what the current
wipe code on the Android device does.
Our hope was by adding the additional "fill empty space" command, we
would add some amount of additional protection on physical extraction
analysis. If a user has a root-capable phone, then the areas of storage
we can access become even greater.
So, yes, we avidly promote any user who has an FDE encryption capable
smartphone to utilize that, but until then, our goal in the context of
LibTech is to provide practical solutions that can mitigate risks of
users today, without misleading them or worsening their situation. I
hope we have done that.
+n
More information about the liberationtech
mailing list