On Sep 3, 1:26 am, Chris Palmer <[email protected]> wrote: > So far, making good use of encryption + key storage/a TPM has proven > difficult on mobile devices, in large part due to the difficulty of > entering a good PIN or password at boot or (better) often. With Bit > Locker on a Windows 7 laptop, typing a good boot-up password is easy; > on a mobile it's very hard. And mobiles are generally always-on, so if > you lose the device in a cab, an attacker may well be able to figure > out a way to get the goods without ever needing the boot-up password.
Why is it so hard to type a password/phrase on a mobile? I think I would have no problems typing a 40-char passphrase on boot of my mobile using the touchscreen (not every 5 minutes though). To root the device the attacker would need to reboot the device and then the passphrase would be cleared. Perhaps this could be circumvented using special hardware to get the passphrase off a running mobile, but it would hopefully make it impossible for someone to just run some "password extractor" app to list all your logins and passwords after they've gotten hold of your phone?? -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
