Re: You've encrypted data on your SD card?
Well, the #1 rule in informaiton security is that if you have physical access to the data storage media, and time to work with, you own the data.
That said, a good understanding of cryptography also presents that fact that no form of brute force attack can crack a lot of the encryption systems out their currently, and it takes an understanding of how something was encrypted to even know where to start to decrypt it. In this case it looks like they are referring to specific enrycption processes and therefor have a lot of the info need to try and crack it ... but anyone that has government or law enforcement officials wanting to covertly hack their phone should be able to figure out how to use one of the many tools out there to encrypt data to a ridiculous level.
Sure,the basic level of encryption used on a mobile device to make data casually obfuscated from anyone that might find your SD card laying around is probably a simple process - especially if you know the manner in which it was encrypted very specifically, but that encryption is not meant to be a bulletproof means of protecting data from someone with malicious intent and the resources to work on it.
The Window Mobile encryption that is certified for government is actually not just the encryption algorythm and capability built in, but rather the entire methodology possible with managed Windows Mobile devices using enterprise PKI-issued certificates and all of the necessary key recovery capabities to ensure decryption for data recovery when needed as well.
|