cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Moto Sr Moderator
Moto Sr Moderator
Posts: 15,450
Registered: ‎02-03-2016
Location: US
Views: 806
Message 21 of 63

Re: SD card encryption issue?

Well, I for one, will be very interested in reading about your results. I have been staying away from the encryption mostly due to D.Harris. I, too, have had to do a Factory Data reset at one time because of it. That was an experiment that I was conducting after reading about it on this forum. Needless to say, I have stayed clear of it since. I also recommend to people I know personally to not use it as well.


I will be looking forward to a comment from you about your results. Thanks for taking the time in this. I am sure that it will help a lot of people.

I am not a Motorola/Lenovo Employee. I am just a volunteer who happens to be a Moderator. All comments are my own and are not necessarily Motorola/Lenovo's position.

appyface
What's DOS?
Posts: 7
Registered: ‎04-18-2012
Location: United States
Views: 806
Message 22 of 63

Re: SD card encryption issue?

I came in here for help and info, and found this thread.


I bought a droid razr maxx on 2/29 and have been using with encryption (password-only option) since the beginning.  Four times the phone has lost the ability to read the encrypted files on the external SD card.  The card is still mounted, the directory listing is there, but the thumbnails are no longer populated -- a big clue it has happened again Cry


I posted about this last experience here:


http://www.droidforums.net/forum/droid-razr-maxx/208278-phone-reports-sd-card-encrypted-another-devi...


 


I keep both cards backed up with MotoUSB.  I tried a restore, but apparently it doesn't restore everything needed because the phone still can't read the restored files.  I chose the "password-only" option as I'd hoped no device-specific info would be needed to decrypt the card.  If that's true I can't prove it yet...  I haven't found any utility for my PC that can read the files on the card, either.


I hope Motorola will (soon) provide a "decrypt" option in the MotoUSB backup software.  I can write my backups into a TrueCrypt volume so having them unencrypted first by MotoUSB is ideal for me

Moto Sr Moderator
Moto Sr Moderator
Posts: 13,987
Registered: ‎02-02-2016
Location: US
Views: 806
Message 23 of 63

Re: SD card encryption issue?


foxkat said:

This process is so confusing and risky and lacking of difinitive and complete information that in order to experiment with it, you really need a blank phone with no personal data on it, and LOTS of time on your hands to try different options, test the results, factory reset and start over again.  I have a new phone coming and will be giving it a full work-out with encryption to see just what the real results are.  I hope to build a matrix of what works how and what doesn't, and will post it once compiled.  In the mean time, if anyone asks about encryption my standard response will be to stay away from it like the plague.



Count me in as well--I look forward to reading the results of your experiments. Cool


Like you, at this juncture I too would caution users about implementing the encryption feature on their Moto device.

Comment in the spirit of COMMUNITY: "Share experiences / expertise, engage in the discussions, and offer advice and suggestions."
Moto Sr Moderator
Moto Sr Moderator
Posts: 13,987
Registered: ‎02-02-2016
Location: US
Views: 806
Message 24 of 63

Re: SD card encryption issue?


appyface said:

I came in here for help and info, and found this thread.


I bought a droid razr maxx on 2/29 and have been using with encryption (password-only option) since the beginning.  Four times the phone has lost the ability to read the encrypted files on the external SD card.  The card is still mounted, the directory listing is there, but the thumbnails are no longer populated -- a big clue it has happened again Cry


I posted about this last experience here:


http://www.droidforums.net/forum/droid-razr-maxx/208278-phone-reports-sd-card-encrypted-another-devi...


 


I keep both cards backed up with MotoUSB.  I tried a restore, but apparently it doesn't restore everything needed because the phone still can't read the restored files.  I chose the "password-only" option as I'd hoped no device-specific info would be needed to decrypt the card.  If that's true I can't prove it yet...  I haven't found any utility for my PC that can read the files on the card, either.


I hope Motorola will (soon) provide a "decrypt" option in the MotoUSB backup software.  I can write my backups into a TrueCrypt volume so having them unencrypted first by MotoUSB is ideal for me



OK.  After reading your post, and based on my own odd experience with encryption on my first Moto device, I'm going to take FoxKat's route:  "if anyone asks about encryption, my standard response will be to stay away from it like the plague." Cool

Comment in the spirit of COMMUNITY: "Share experiences / expertise, engage in the discussions, and offer advice and suggestions."
FoxKat
Token Ring
Posts: 298
Registered: ‎04-22-2010
Location: United States
Views: 806
Message 25 of 63

Re: SD card encryption issue?

OK, received the new phone today.  Will be wiping the old one and beginning my testing phase over the next couple days.  Will report back with my findings.

D_K_
What's DOS?
Posts: 14
Registered: ‎09-30-2010
Location: United States
Views: 806
Message 26 of 63

Re: SD card encryption issue?

Hi


 


I think everyone needs to pay attention to eaccents' posts as he(she?) seems to have the most comprehensive understanding of Motorola's implementation of encryption. A lot of good points there.


 


This would be my summary, hope it helps someone:


The encryption is really more of IT/enterprise functionality and they would be the main targets. And in this case IT cares most about protecting corporate data from being accessed.


The purpose of encryption is to protect the data from being read by someone who is not authorized to access the system. And it aparently does just that. Using weak passwords is completely different problem and as was mentioned earlier - user's choice, and not the problem of encryption.


Recovery of enrypted data (although really important for end users who lost their data) is by itself contradicting the purpose of encryption, which in fact is supposed to be making the data unreadable. So this scenario should not be expected as inherent to encryption itself (but again, would be a useful feature).


Again, encryption protects the data from unauthorized access, it doesn't help to prodect from data loss. So back ups are essential, and it's probably best to use some kind of automatic tools (like MotoCast or some cloud storage services). If you think about this, when your encrypted hard drive dies, it's also not recoverable.


Key backup is also one of the "desirable" options from user perspective, but again, it weakens the protection. The whole ide of using device key is for device to act as hardware trusted module, where keys are stored in non-exportable manner. Probably the only case where key back up makes sense, is when it's done securely through the IT device administration channel. But this is not the stituation being discussed here.


So, to the original question (actually all answers I can think of were already in the thread):


0. If you used "Device" or "Device+Password" option and device is dead, there is no way to recover the data. Well.. you could potentially crack AES256 in may be several thousand years.


1. Use "Password" option for the data stored on SD card. It will allow the data to be decrypted in the different phone. I'm not sure if any PC tools could do the same. I agree too, this should be the defaul option out of the box.


2. If "Device" or "Device+Password" option is used, and you expect the phone to be reset, simply copy all files to a PC. sallyc, please note, if you do not use USB Mass Storage mode for copying, then files will be decrypted "on the fly" during the operation. So what you get on the PC will be decrypted. Only "Mass Storage" mode would copy files in "raw" encrypted form.


3. Always do back ups either as described in #2 or via MotoCast or online services.


 


p.s. the only eaccents' comment I disagree with is the recommendation to avoid encryption Smiley Wink. It is useful when you expect from it what it is intended to do Smiley Happy.

Moto Sr Moderator
Moto Sr Moderator
Posts: 13,987
Registered: ‎02-02-2016
Location: US
Views: 806
Message 27 of 63

Re: SD card encryption issue?


D.K. said:

Hi


 


I think everyone needs to pay attention to eaccents' posts as he(she?) seems to have the most comprehensive understanding of Motorola's implementation of encryption. A lot of good points there.


 


This would be my summary, hope it helps someone:


The encryption is really more of IT/enterprise functionality and they would be the main targets. And in this case IT cares most about protecting corporate data from being accessed.


The purpose of encryption is to protect the data from being read by someone who is not authorized to access the system. And it aparently does just that. Using weak passwords is completely different problem and as was mentioned earlier - user's choice, and not the problem of encryption.


Recovery of enrypted data (although really important for end users who lost their data) is by itself contradicting the purpose of encryption, which in fact is supposed to be making the data unreadable. So this scenario should not be expected as inherent to encryption itself (but again, would be a useful feature).


Again, encryption protects the data from unauthorized access, it doesn't help to prodect from data loss. So back ups are essential, and it's probably best to use some kind of automatic tools (like MotoCast or some cloud storage services). If you think about this, when your encrypted hard drive dies, it's also not recoverable.


Key backup is also one of the "desirable" options from user perspective, but again, it weakens the protection. The whole ide of using device key is for device to act as hardware trusted module, where keys are stored in non-exportable manner. Probably the only case where key back up makes sense, is when it's done securely through the IT device administration channel. But this is not the stituation being discussed here.


So, to the original question (actually all answers I can think of were already in the thread):


0. If you used "Device" or "Device+Password" option and device is dead, there is no way to recover the data. Well.. you could potentially crack AES256 in may be several thousand years.


1. Use "Password" option for the data stored on SD card. It will allow the data to be decrypted in the different phone. I'm not sure if any PC tools could do the same. I agree too, this should be the defaul option out of the box.


2. If "Device" or "Device+Password" option is used, and you expect the phone to be reset, simply copy all files to a PC. sallyc, please note, if you do not use USB Mass Storage mode for copying, then files will be decrypted "on the fly" during the operation. So what you get on the PC will be decrypted. Only "Mass Storage" mode would copy files in "raw" encrypted form.


3. Always do back ups either as described in #2 or via MotoCast or online services.


 


p.s. the only eaccents' comment I disagree with is the recommendation to avoid encryption Smiley Wink. It is useful when you expect from it what it is intended to do Smiley Happy.



Awesome, awesome post!!!


I think @FoxKat has the best understanding of the details of encryption  Cool--I like to think that I am decent with "concepts" Smiley Happy


If I may, I'd amend my previous statement [again...this often happens as I learn more!]:  


  • "if anyone asks about encryption, my standard response will be to stay away from it like the plague unless you have a full and comprehensive understanding of how it works, what its purpose is, and what the pitfalls are." Cool  

  • After I tell them that, I'll direct them to @foxkat and @D.K. so they can fulfill the "unless" part of the statement Wink


Thank you to everyone for this great discussion!  
Comment in the spirit of COMMUNITY: "Share experiences / expertise, engage in the discussions, and offer advice and suggestions."
FoxKat
Token Ring
Posts: 298
Registered: ‎04-22-2010
Location: United States
Views: 806
Message 28 of 63

Re: SD card encryption issue?

Both in defense of eaccents and also perhaps (with all due respect) a contrasting view to one or two of your points...


 


First, eaccents was not the one who originally suggested that people avoid encryption.  That credit (good or bad) goes to me.  eaccents was simply echoing my comment and again for the following reasons.


The main reason I chose to take that position is because I dont' see any IT departments on the forums complaining about how their encrypted files were lost/corrupted/unable to be decrypted, or for that matter any IT departments complaining that their phones will no longer access the encrypted files on a SD card.  I have seen however quite a number of complaints across the forums and on the web thorugh Google searches that prove this is a big problem for end users who choose encryption to "protect" themselves from some unknown potential threat.


There are plenty of underlying reasons why I suggest that the "end user" should avoid encryption like the plague, and I stand by those reasons.  There is a disturbing lack of documentation for this feature, and what documentation is there is severely lacking regarding the specificc method(s) of encryption and what they bring with them or take away in terms of future data protection (and I don't mean from potential threats but from accidental loss).  I agree (and I said so), that backing up to a secure storage such as Box or Dropbox, or another secure cloud based or server based storage is a good safeguard and should be practiced in any case.  However backing up files that can't be decrypted outside of the original device, and can't be decrypted if the device had to suffer a factory reset, or if the device should fail entirely is a wasted exercise.


In response to your suggestion that this method of protection is "really more of IT/enterprise functionality ", I agree that may have been the intended purpose, but you yourself said that the data can be transferred via USB (as I indicated earlier), and that it would be decrypted in the transfer process to whatever external storage computer location it is attached to, which kind of defeats the purpose of "[protecting] the data from being read by someone who is not authorized to access the system..."


Furthermore, if the pin used to access the phone is simply a low level "inconvenience" for someone who wants that data, and once accessed the phone gives you free reign on the data then what is the real benefit to it being encrypted at 256 (actually 254) BIT AES encryption anyway?  Encryption is only as good as the key and if there is a GIANT lock behind a tiny one, and the tiny one is the key to accessing the GIANT one, then that is a flawed design.  SO in fact it IS a problem of the encryption if the encryption's solidarity is depending on the pin to protect it from unfettered reveal.


As for encryptions purposes, yes it is to "be making the data unreadable", but not to the level that it can never be read again, and that is at the root of the problem here.  You might just as well wipe the data with a DOD 7 pass or greater and you'll accomplish the same goal, but then why even store the data at all if you are never going to be able to reverse the encryption and use it again?


As for key backup "[weakening]" the encryption, backing up the data is far weaker than backing up the key and leaving the data in encrypted form.  The data can be compromised very easily as we've seen in so many newscasts, and if it is not encrypted, it's there for all to see once hacked.  If the data were however encrypted and the key were backed up to a different location, then not only is the data safe from hackers, but the key is likely not a known target and so is also safe, thereby securing the data's encryption.


 


So to summarize your points;


"0. If you used "Device" or "Device+Password" option and device is dead, there is no way to recover the data. Well.. you could potentially crack AES256 in may be several thousand years.


This is true, but it goes beyond "dead", and includes corrupted, locked, factory restored, and perhaps even other scenarios we haven't yet identified.  In other words, "secure" if used to describe how well "protected" the data is from anauthorized access may be accurate, but if used to describe how well "protected" from loss, is a terrible failure.


1. Use "Password" option for the data stored on SD card. It will allow the data to be decrypted in the different phone. I'm not sure if any PC tools could do the same. I agree too, this should be the defaul option out of the box.


We are not yet sure this is true, and like mentioned above, we've seen examples of people who could no longer access the data even on the original phone and with the original password, so I will take a conservative position on this subject and say "to be determined, but recent evidence suggests otherwise".


2. If "Device" or "Device+Password" option is used, and you expect the phone to be reset, simply copy all files to a PC. sallyc, please note, if you do not use USB Mass Storage mode for copying, then files will be decrypted "on the fly" during the operation. So what you get on the PC will be decrypted. Only "Mass Storage" mode would copy files in "raw" encrypted form.


This is all too obvious as we sit on Monday morning and review the game, but for those people who missed that ONE very MILD warning at the point just prior to taking the irreversible plunge to Factory restore, or for those who were simply following the directions of a "trusted advisor - namely the Verizon Technical Support representative" over the phone, this invormation is a day late and a dollar short.


3. Always do back ups either as described in #2 or via MotoCast or online services.


Again to reiterate, if you are backing up data that is unencrypted, it is only as safe as the method of communication and the server(s) on which it is stored.  If it is backed up encrypted, and with a proper key length so as to be virtually impossible to decrypt, then the safety of the data is only as good as the ability to decrypt it later succesfully, otherwise it's simply a large receptacle in the cloud known as a trash can.

D_K_
What's DOS?
Posts: 14
Registered: ‎09-30-2010
Location: United States
Views: 806
Message 29 of 63

Re: SD card encryption issue?


foxkat said:

I agree (and I said so), that backing up to a secure storage such as Box or Dropbox, or another secure cloud based or server based storage is a good safeguard and should be practiced in any case.  However backing up files that can't be decrypted outside of the original device, and can't be decrypted if the device had to suffer a factory reset, or if the device should fail entirely is a wasted exercise.



There is a flaw in this paragraph. You cannot back up files in encrypted form. All encrypted files are viewed as non-encrypted by all applications running on the device. So your cloud app will also back up the content that has been decrypted on the fly. In other words, your data in the cloud will be perfectly readable without the device.



foxkat said:

In response to your suggestion that this method of protection is "really more of IT/enterprise functionality ", I agree that may have been the intended purpose, but you yourself said that the data can be transferred via USB (as I indicated earlier), and that it would be decrypted in the transfer process to whatever external storage computer location it is attached to, which kind of defeats the purpose of "[protecting] the data from being read by someone who is not authorized to access the system..."



Not true. "authorized" here means "knows the password to unlock the device". You cannot transfer anything over USB until you unlock the device. So again, only authorized user has access to this functionality.



foxkat said:

Furthermore, if the pin used to access the phone is simply a low level "inconvenience" for someone who wants that data, and once accessed the phone gives you free reign on the data then what is the real benefit to it being encrypted at 256 (actually 254) BIT AES encryption anyway?  Encryption is only as good as the key and if there is a GIANT lock behind a tiny one, and the tiny one is the key to accessing the GIANT one, then that is a flawed design.  SO in fact it IS a problem of the encryption if the encryption's solidarity is depending on the pin to protect it from unfettered reveal.



Analogy with locks is great, but it depends on how you view it. That small lock you mentioned is not encryption. One (like you, who really understands how this works) should distinguish between access to the system, and protection of data at rest. Access to the system is that heavy door, on which user decided to use a small padlock. It's user's choice, and encryption is not involved here at all. What encryption of data at rest does, it protects the content of your house, if attacker somehow was able to get inside without unlocking the door (through the window or down the chimney). And yes, no steel door or bullet-proof windows can protect the sausage in your fridge if you don't lock the door.



foxkat said:

 


So to summarize your points;


"0. If you used "Device" or "Device+Password" option and device is dead, there is no way to recover the data. Well.. you could potentially crack AES256 in may be several thousand years.


This is true, but it goes beyond "dead", and includes corrupted, locked, factory restored, and perhaps even other scenarios we haven't yet identified.  In other words, "secure" if used to describe how well "protected" the data is from anauthorized access may be accurate, but if used to describe how well "protected" from loss, is a terrible failure.



Yes, it doesn't protect from loss. And yes, there are many more scenarios and the first one is probably when user forgot the password.



foxkat said:

1. Use "Password" option for the data stored on SD card. It will allow the data to be decrypted in the different phone. I'm not sure if any PC tools could do the same. I agree too, this should be the defaul option out of the box.


We are not yet sure this is true, and like mentioned above, we've seen examples of people who could no longer access the data even on the original phone and with the original password, so I will take a conservative position on this subject and say "to be determined, but recent evidence suggests otherwise".



If this doesn't work, this could be a different issue and actually a bug. We were discussing "concepts" here.



foxkat said:

2. If "Device" or "Device+Password" option is used, and you expect the phone to be reset, simply copy all files to a PC. sallyc, please note, if you do not use USB Mass Storage mode for copying, then files will be decrypted "on the fly" during the operation. So what you get on the PC will be decrypted. Only "Mass Storage" mode would copy files in "raw" encrypted form.


This is all too obvious as we sit on Monday morning and review the game, but for those people who missed that ONE very MILD warning at the point just prior to taking the irreversible plunge to Factory restore, or for those who were simply following the directions of a "trusted advisor - namely the Verizon Technical Support representative" over the phone, this invormation is a day late and a dollar short.



Well, true. But I am not trying to resolve this here, I'm just describing how it does work. I wouldn't be able to address bigger communication/education problem here.



foxkat said:

3. Always do back ups either as described in #2 or via MotoCast or online services.


Again to reiterate, if you are backing up data that is unencrypted, it is only as safe as the method of communication and the server(s) on which it is stored.  If it is backed up encrypted, and with a proper key length so as to be virtually impossible to decrypt, then the safety of the data is only as good as the ability to decrypt it later succesfully, otherwise it's simply a large receptacle in the cloud known as a trash can.



Yes, this is always the case. To protect something you have to establish the chain of trust. Encryption is a tool, not the solution. So user has to ask oneself "Do I trust my PIN? Do I trust my SSL connection? Do I trust the PC I'm copying the data to? Do I trust my cloud service?". These - are user's decisions. HW maker's responsibility is to make sure that encryption functionality is not the weakest part in this chain of trust.


 

Moto Sr Moderator
Moto Sr Moderator
Posts: 13,987
Registered: ‎02-02-2016
Location: US
Views: 806
Message 30 of 63

Re: SD card encryption issue?


foxkat said:

Both in defense of eaccents and also perhaps (with all due respect) a contrasting view to one or two of your points...


 


First, eaccents was not the one who originally suggested that people avoid encryption.  That credit (good or bad) goes to me.  eaccents was simply echoing my comment and again for the following reasons.


 



When tidbits of wisdom are dropped, I pick them up!  I combined your words of wisdom with @DK's Cool 



If I may, I'd amend my previous statement [again...this often happens as I learn more!]:  


  • "if anyone asks about encryption, my standard response will be to stay away from it like the plague [credit to @foxkat] unless you have a full and comprehensive understanding of how it works, what its purpose is, and what the pitfalls are [credit to what I learned from @dk]." Cool

  • After I tell them that, I'll direct them to @foxkat and @D.K. so they can fulfill the "unless" part of the statement Wink



All credit goes to both of you...I'm just here absorbing as much info as I can Smile
Comment in the spirit of COMMUNITY: "Share experiences / expertise, engage in the discussions, and offer advice and suggestions."