On 07/15/2012 11:53 PM, coderman wrote: > the only rational approach is to use Full Disk(Flash) Encryption.
It is rational, but not possible on the majority of mobile phones (feature and smartphones), available today on the market. Our task with InTheClear was to come up with a practical way to thwart the immediate threat of an minimally-trained human doing a quick logical extraction using USB mount or SD card reader. This is what the current wipe code on the Android device does. Our hope was by adding the additional "fill empty space" command, we would add some amount of additional protection on physical extraction analysis. If a user has a root-capable phone, then the areas of storage we can access become even greater. So, yes, we avidly promote any user who has an FDE encryption capable smartphone to utilize that, but until then, our goal in the context of LibTech is to provide practical solutions that can mitigate risks of users today, without misleading them or worsening their situation. I hope we have done that. +n _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech