-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Ben,
I'd love to see hardware support for full-disk encryption and secure deletion. Apple is streets ahead of Android in this respect: iOS's disk encryption key depends on a unique key built into each device, so brute-force attempts to decrypt the disk have to be run on the device itself, slowing down such attacks. Android simply uses the screen lock password to encrypt the disk, which is easy to brute-force. iOS also has hardware support for secure deletion, making it hard or impossible to recover data from the disk after the device has been wiped. However, individual files may still be recovered if the entire device hasn't been wiped. Android has no hardware support for secure deletion, so there's no way to thoroughly wipe the device or an individual file short of using a hammer. So here's my wishlist for improving activists' digital security: (1) A unique key built into each device, which can't be read directly by software, but which can be used to derive other keys (e.g. for disk encryption) at a limited rate, slowing down brute-force attacks against such keys. (2) An effaceable area of flash storage where the operating system can store encryption keys for the entire disk and/or individual files, making it possible to securely delete the corresponding data without having to smash the device into tiny little pieces. (3) A pony. Cheers, Michael On 11/07/13 20:57, Ben Doernberg wrote: > Hi all, > > What would you change if you were the CEO of a major mobile device > manufacturer? One of my colleagues at WITNESS has a unique > opportunity to make a presentation to the CEOs of these companies. > He'll be discussing our work around verified video for human rights > abuse documentation, but we'd also like to make a case for other > priorities of the libtech world. > > What changes could these CEOs make to protect activists' physical > and digital security, make it easier for citizens to document and > report human rights abuses, and generally make mobile devices more > effective as human rights tools? We can't promise we'll get a > chance to share all of them, but the more suggestions the better! > > Thanks, > > Ben > > > -- Too many emails? Unsubscribe, change to digest, or change > password by emailing moderator at [email protected] or changing > your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJR3y2WAAoJEBEET9GfxSfMt+0H+wQSN+6I2PpJ3S9DnEPHMBDq qaIvSspLHxselmI7dRCluKD2/0nl70G64cxp0FoV7lBW0RlmoiTPEKb/TyEQ7JTi +nx1SZnrHyJ3H2QQVxd0ifBUYGmyavGygugi37zAVsGUpyRdW+iVEePyaZ18xNIo eciBTtTZivwtiQRcleyWA1lA9TbbNXwtPJ2mk9J7Qh7Bwrjfh4Cky6OFKMuWxfvm Y18+Cv51yfhkcDUuFLZbE29Xi9gWFgopUZynRxBd4tqXXvqo1gcG2tU+77p9+Hav f7yuanuC153gIYmElFbhdK27s/sh6o7AYi4+S98lFgZe7vPjF2iKO8atfOp9Z54= =CgaO -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
