Forgot your password?
typodupeerror
Android Cellphones Handhelds Security IT

Ask Slashdot: How Do You Protect Data On Android? 238

Posted by timothy
from the big-ax-and-many-many-guns dept.
Gibbs-Duhem writes "It makes me very nervous that my Android phone has access to my email/AIM/G-talk/Facebook, protected only by a presumably fairly easily hacked geometric password protection scheme. Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered. I have no idea how much of that information ranging from cached emails to passwords stored in plaintext is accessible when mounting the device as a USB drive, and that worries me." For the rest of Gibbs-Duhem's question about issues in Android security, read on below.
Gibbs-Duhem continues:"I have a lot of sensitive information in my email, including passwords for websites and confidential business/technical strategy discussions (not to mention personal emails ranging from racy emails from boyfriends to health discussions). My email and messaging client passwords are difficult to type (or even remember), so I would ideally want them saved in the device, although at least having something like a keyring password that needed to be re-entered after a time delay would make me feel better. This leaves me relying on encryption and OS level security to protect me.

I'm okay with this on my real laptop and computers as my hard disks are software encrypted and I make a habit of locking my session whenever I leave my desk. For instance, if I lost my laptop, the odds of the thief getting access to my information is minimal. However, I don't feel that this is at all true for my phone (which is frankly far more likely to be lost).

How is it that the Slashdot security pros handle this issue? Do you just not use email or the many other incredibly convenient capabilities of new Android smartphones due to the risk? Or are there specific ways in which we can guarantee (or at least greatly augment) the existing security practices?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How Do You Protect Data On Android?

Comments Filter:
  • by Anonymous Coward on Thursday July 28, 2011 @06:22PM (#36914548)

    Just suck it up and type your password each time.

  • Whispercore (Score:5, Informative)

    by Baloroth (2370816) on Thursday July 28, 2011 @06:25PM (#36914580)

    This [whispersys.com] looks like exactly what you want. It warns that its in beta, though, so I'm not sure how well I would trust it. Seems like better than nothing.Says it does full encryption of the entire system, optionally your SD card, as well as optional firewall for your phone. Wouldn't rely on it without backups, but it should work. Also, you could look at a system that keeps passwords off your actual phone, like LastPass does. Not sure how well it works with Android, but I'd look into it.

    Also, Honeycomb supposedly offers device-level encryption link [engadget.com]), so if you can wait for that on phones, that'd work too.

    • WhisperCore is nice, basically uses the same approach as honeycomb. On capable devices, it uses dm-crypt to encrypt the mmc block devices, and they also have WhisperYAFFS (now GPL'd, I believe) for use on other devices.

      I'd like to add this functionality to other ROMs like CM, but time forbids lately. However, since Honeycomb supports full disk encryption, and the tablet/phone forks are supposed to merge in the next major version, full disk encryption should be available for both Android phones and tabl
    • Even if I don't end up using that software, simply learning about smudge attacks [usenix.org] made that link worth following.
  • Phones suck for that sort of thing. They also assume one user, so you can't hand your phone to your friend/daughter/colleague without wondering if they're going to phone/text/ install non-free apps etc. It would be nice if they were more like regular computers so they could log on as a guest and have largely read only access, limited access to the above etc. It would also be great if the filesystem was encrypted so if your phone was stolen it wouldn't give up its secrets quite so easily. All solved on a

    • With the exception of multiple users (which is a good idea for phones BTW), this has already been solved with the N900. I can store a backup of all my important data secured on the phone's internal memory with a numeric password that is several characters long (should probably be alphanumeric, but this is still a phone we're talking about, not quite a computer). There is no way someone can get my data unless I store it on a micro SD. They can take the phone, but the internal memory would have to be wiped
    • by Mia'cova (691309)

      There are plenty of phones which do a great job with security. Blackberry being the primary example. Even the iphone now supports full-disk encryption and remote wipe. Just because most android devices are horrible doesn't mean all phones are.. To counter your desktop point, I doubt most linux desktops are put together with full drive encryption by default..

  • by TWX (665546)

    ...don't lose your phone.

    Yes, I know, there are some people who lose things all of the time, things like keys, wallets, pagers, phones...

    So far in the roughly sixteen years that this could be a problem for me, I have never lost a wallet, a set of keys, a pager, or a phone. I have locked keys in the car twice, but that was within my first two or three years of driving. I lost a Gerber Model 600 multitool once, but I think someone grabbed it and it wasn't simply lost.

    If I was the kind of person who lost stu

    • by daenris (892027)
      Losing the phone isn't always in the person's control. You might set it down for a moment and someone just grabs it. I once had my phone sitting on a shelf in my apartment, and a friend of a friend of a friend swiped it while helping my friend move furniture. Luckily it wasn't a smart phone, so no real information breach, so canceling service was all I had to do.

      Keeping the phone tethered to you at all times is unrealistic. For example, I work with MRI scanners. I'm not allowed to bring my phone int
      • by dudpixel (1429789)

        I disagree.

        If your phone has data on it that is just as sensitive as your credit card details, then treat it that way.

        You wouldn't leave your wallet lying around would you? Then treat your phone the same way.

        I dont see how this is any different to keeping your wallet safe.

        I really dont see anyone trying to "encrypt" their wallet (whatever that would mean), and yet the issue is exactly the same. I guess the difference is you can cancel your cards if your wallet gets stolen...so install an app that can do r

  • I'm not a pro, so I use a BlackBerry because I haven't read about BlackBerry phones having all these various issues.
    • by Lehk228 (705449)
      BB password manager is very secure, if you turn on encryption for the phone you also get that level of security for the entire device
      • Yes, that's exactly what I use. After 15 minutes it irritatingly forces me to enter a password, and after 5 failures the device wipes itself. The same is true for anyone trying to download the information through USB. I assume there is some way to make an Android device or iPhone similarly secure, but it seems like every few months some new hack comes out for those devices. The only hack I can recall reading regarding a BlackBerry device was some sort of Java exploit on the latest browser, which BlackBe
  • by TemporalBeing (803363) <bm_witness.yahoo@com> on Thursday July 28, 2011 @06:55PM (#36914870) Homepage Journal
    ...keep that kind of data on my Android phone to start with. That's how.
    • I don't keep that kind of data on my Android phone to start with.

      This is a great idea, except that Android devices can pretty much access all data you leave in Google's cloud. It does not need to be on your device. This includes, Gmail, Google+, Google Docs, Picasa, Google Finance, Google Wallet, Android Market, Google Maps, and more. Android can even log you in to any website that uses google as a sign in... (I know a few things on appspot.com utilize google in this way.)

      Now, you can say you can avoid using google services and accessing them from your phone, but then wh

      • Exactly.

        I do keep sensitive data on my phone and in Google's cloud. That's why I use Android, after all. My phone is either in my belt or in my hand all the time. I don't put it down except when asleep in my bed, and when I'm asleep in my bed there aren't friends of friends present.What about recharging, you say? I have four batteries, one in the phone, one in the charger, two spare, usually fully charged. I shall investigate WhisperCore [whispersys.com], but the fundamental security is physical security. Never lose the dev

      • then why did you buy a smartphone in the first place?

        Primarily for better contact functionality, and I like knowing it runs Linux (why I didn't get the iPhone). I didn't get a smart phone for Internet access, data plans, etc.

        Now I do access the Internet, apps, etc - but that's not why I got it. And I still don't keep the sensitive information on it, or in the Cloud for that matter. Sensitive information stays on my laptop (also Linux).

      • by Dunega (901960)
        If you were so concerned with keeping your data secure why the hell did you send all of it to Google in the first place? via desktop or phone?
    • by AmiMoJo (196126)

      So the answer is "don't use a smart phone". Pardon me but I think we should be trying to find a way to make technology better and improve our lives, not simply reject advancements that can improve our lives.

      To give you a real world example I use my Android phone's mapping software. I am now living in a world where I will never be lost ever again. Don't even have to wonder where the nearest branch of is or how to walk from here to . The down side is that both my phone and the phone company knows where I am

      • So the answer is "don't use a smart phone". Pardon me but I think we should be trying to find a way to make technology better and improve our lives, not simply reject advancements that can improve our lives.

        To give you a real world example I use my Android phone's mapping software. I am now living in a world where I will never be lost ever again. Don't even have to wonder where the nearest branch of is or how to walk from here to . The down side is that both my phone and the phone company knows where I am and at least the latter keeps logs. In fact sometimes I keep logs, e.g. for geotagging photos I take. Rather than give that up how about we find a way to encrypt the data on the phone and change the law to ban the phone company from keeping logs.

        FYI - even with a dumb-phone the phone company knows where you are. Somethings like that have no relation to being a smart phone. The nice thing about the smart phone is that you also easily know where you are on the maps.

  • Be happy. Seriously. No one is interested in your Facebook page or your emails unless you've done something very, very bad.
  • by shutdown -p now (807394) on Thursday July 28, 2011 @06:57PM (#36914884) Journal

    Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered.

    No, it doesn't. You get access to /sdcard (whether it corresponds to a physical SD card or not), but that's it. You don't get access (even read access) to sandboxed application and system data storage, unless your phone is rooted.

    So the obvious answer is that, if you want security, don't root your phone. It should be kinda obvious that if you can do what you want with the phone via USB, so can any application running on your PC.

    • by machxor (1226486)

      Even more because simply attaching the phone to a USB port allows complete access to the internal memory and SD card regardless of whether a password is entered.

      No, it doesn't. You get access to /sdcard (whether it corresponds to a physical SD card or not), but that's it. You don't get access (even read access) to sandboxed application and system data storage, unless your phone is rooted.

      So the obvious answer is that, if you want security, don't root your phone. It should be kinda obvious that if you can do what you want with the phone via USB, so can any application running on your PC.

      Even if you're not kernel-rooted chances are (depending on the phone) all the hacker has to do is bypass your lock screen to enable usb debugging and root the phone himself.

      • Note the quoted part. It says "regardless of whether a password is entered".

        If the hacker bypasses the lock screen, he can already have fun with your mail/FB/whatnot by using the apps directly, without even bothering to extract the password. Obviously, the first thing you should do if you're concerned that someone may steal your phone and get access to valuable info within, is to ensure that it is locked with a reasonably strong password, not a simple PIN.

        Or are you saying that there is some known vulnerabi

    • If the attacker has access to your phone they can simply remove the sd card and mount it on another system. Complaining that it can be accessed via USB seems a bit redundant.

      But even if you do attach a usb cable, you must enable remote debugging or manually confirm every time you wish to share the sdcard.

    • by AmiMoJo (196126)

      You can't even access the internal memory or SD card over USB without unlocking the phone first, because Android requires you to click a button before it will actually mount the drives on USB. If the attacker doesn't know the code to unlock the phone they can't press the button.

      Obviously an SD card can be removed, but many phones have a large internal memory that can't. My Galaxy S has 8GB. None of this is foolproof because I suppose in theory an attacker could do a factory reset, but it raises the bar a bi

  • First you encrypt the sensitive bits on the android (ie passwords) with a master key.

    Then you store the master key on an external server.

    When you check your email the phone automatically sends the encrypted password to the server, gets back a decrypted password, and uses that to check your email. So there's no loss in convenience.

    But if you lose your phone you can de-authorize it at the server level so the phone can no longer access the passwords and other encrypted data that was stored on it. This also mea

    • This sounds like a pretty nice and simple idea to me.

      The extra amount of traffic does not matter, just a few bytes for the passwords and the delay does not really matter. Additionally that helps you if someone stole your phone as you could easily add some information about the current location.

      One loophole is that you have to disable access/decryption instantly after your phone is missing, otherwise interception of the traffic would give the attacker the unencrypted password.

  • by Anonymous Coward on Thursday July 28, 2011 @07:14PM (#36915096)

    FWIW, the Droid 3 has full device encryption (Android 2.3.4). You can encrypt the whole phone, or just the internal memory card & SD card. It also has a time-lock password/pin/pattern that kicks in after 1-20 minutes (configurable). I was very surprised after upgrading from a Droid 1, which has basically no device protection what so ever...

  • Surely, you jest. You should know better than to ever expect anything you post on facebook to be secure, ever.
  • by gweihir (88907) on Thursday July 28, 2011 @08:04PM (#36915640)

    Put data on a modern "smartphone" of any kind and you can expect everybody halfway competent to get all data on it. That includes thiefs, the police, customs etc.. Believing anything else is just foolish.

    • by AmiMoJo (196126)

      Not true. I keep a Keepass database on my phone and unless someone happens to wrench it from my hands in the few seconds when I have the database open and unlocked there is little they can do to get into it. Obviously I use a good password.

  • by roc97007 (608802) on Thursday July 28, 2011 @08:55PM (#36916208) Journal

    I keep my phone with me. I never get drunk enough that I'm likely to leave my phone in a bar. I do a belt check whenever I leave a hotel room. My phone charger is on my desk in full view so I'm not likely to forget it in the charger.

    Keeping your phone near you is at least 80% of security. No tool will absolutely guarantee you won't lose your data if you lose your phone. So first and foremost, don't lose your phone.

  • by Sancho (17056) * on Thursday July 28, 2011 @09:11PM (#36916384) Homepage

    For linking your Google account to your phone, turn on two-factor authentication. You can't actually use two-factor authentication to add your Google account to the phone, so you get the option to set up an application-specific password. Though nothing stops someone from reusing this password to access your mail, you can revoke this password at any time without affecting the rest of your application-specific passwords or your main Google account password. If your phone is lost, get to the nearest computer and revoke the phone password. Then if the thief does manage to extract your password, it's useless.

    For the rest... well, the advice in the other comments seems to be about the best you can do.

  • by no-body (127863) on Thursday July 28, 2011 @09:34PM (#36916568)
    Any used Blackberry form Ebay, unlocked for $ 2, set encryption on, password tries to 3, store word documents password protected on internal memory.

    Effect:
    - All content on device is encrypted.
    - Any attempt to enter device password wrong 3 x wipes device - erases all content.
  • There is no way to 100% secure data on smartphones (Android/iPhone/Blackberry) against government level investigations. In fact, there is no way to 100% secure data against mere professional snoopers, both on the data extraction front, and on the wireless snooping front. In case you didn't realize, the philosophy of smartphones is to communicate and exchange data on as many fronts as possible. It is also designed to pack as many sensors to get data on you (microphone, GPS, camera...). Its form factor is
  • I'll Start. In Starfleet Federation, android Data protects you.

  • I'm totally screwed if I lose my phone. I handle my phone security like I do my data backups. I'll worry about once it's too late.
  • It seems that, while android can be encrypted, it's typically irrelevant since the system is always on. To deal with that, could you run a second environment? I see it's common to run linux chrooted on android. Could you do something similar, except the second environment is encrypted when not running? This way, quick but unsecure information is immediately available. Sensitive information is slower to access but is secured?

    And so that you didn't have to regularly encrypt/decrypt the secure environm

"A mind is a terrible thing to have leaking out your ears." -- The League of Sadistic Telepaths

Working...