>>53449856
I don't enjoy giant rubber dicks up my ass so Apple is not really an option for me

Nokia 3310 meme wins now

>>53449856
>having incriminating info on your phone
>ever

top kek

>>53449882
Yea same. The metal spikes the government use are much more appealing to me.

File: WHAT.png (676 B, 48x38) Image search: [Google]

676 B, 48x38

>>53449856
what a retard

>>53449920
BTFO

>>53449856
so? It just means that the OS wont erase the memory chip after n attempts but they still have to battle the encryption scheme used by bruteforcing it to get access to the data in the chip.
Depending on the password itself this might take anywhere from a few minutes to a few trillion years of guesssing.

>>53449856
you can use autowipe to wipe your device after 3 incorrect passcodes

>>53449882
>>53449916
I would ask you to explain why the government is more appealing than Apple but I know you couldn't provide a sound reason anyway.

>>53449856
I'm not concerned with what happens if a government agency has physical possession of my phone.
I'm much more concerned what happens while they don't. An operating system dragging system backups and other information onto servers controlled by a US based company and across the US border is a real flaw affecting tens, hundreds of millions of people, not one dead terrorist.

>>53450744
second post was satire m8

>>53450514
which app?

>>53449856
Implying that the feds can't get into every other type of smartphone on the market.

>>53451102
>you can use autowipe

>>53451312
> 2016
> not using an inverted case

>>53449856
I don't commit crimes so I don't have to worry about the methods the FBI could physically use to get access to data on my device because they won't be confiscating it anyway.

>>53451476
Pardon my ignorance, but what exactly is an inverted case?

>>53451580
>I don't commit crimes so I don't have to worry about the methods the FBI
But when they are looking for a "bunny" to take the fall for one of their protected guys they can plant stuff on your phone easily.
Sometimes they just need someone to make up the monthly numbers.

>Only access is brute-forcing full disk encryption

Why is that a bad thing? That's working as intended, they can't feasibly do that.

>Storing sensitive information on your phone

>>53453500
>But when they are looking for a "bunny" to take the fall for one of their protected guys they can plant stuff on your phone easily.
>he believes this actually happens!
You watch too much TV.

>>53450015
actually, it could take anywhere from less than a second to a few trillion years, there's always a chance the first guess is the first one

>>53450015
the password for unlocking the disk and lock screen is the same
since you unlock screen all the time no one uses proper password that cant be broken in 10 minutes of brute force

What stops the FBI from trying to brute force an iPhone? I thought the whole point of wanting Apple to create software exploit was to avoid having to try to brute force the 256-bit AES key.

>>53454232
No it's not you moron. You think Android and iPhones encrypt using a 4 digit numeric key? That would take seconds to brute force.

>>53454254
>hardware throttle
>auto-erase after 10 attempts
>TPM/TRH
>every iphone is a "flagship device" so it has hardware accelleration of encryption, and encryption is enabled by default. not every android is a flagship

>>53454295
>not using at least a 6 digit key

>>53454349
You don't seem to understand that the key you input on Android and iOS is not the actual 256-bit key

>>53454295
the pins decrypt the master key and other ivs, but if it's stored on flash you can just dump it and bruteforce all pins

https://santoku-linux.com/howto/mobile-forensics/how-to-brute-force-android-encryption/

I don't get it. My Xperia is encrypted and will erase after 10 incorrect attempts. Pretty much same shit my iPhone has.

>>53454530
The difference is in how easy it is to insert another OS that won't obey the incorrect attempts rule.

With Android that is generally pretty simple. Most phones have publicly known ways of unlocking the bootloader, from there installing other software is simple and suddenly your autowipe on 10 incorrect attempts is useless.

And then there are phones with the bootloader already unlocked, or people who unlock their bootloaders and thus undermine the protection themselves.

>>53454498
What if the phone isnt rooted?

>>53455295
you can always dump the drive, the key is in the deader of partition
unless some newest L phones, but thats 1% of market? but they also have software crypto protected only by nda.

>>53449856
>>53450744
>>53449916
>what is AOSP

>>53449856
Not all Android devices support this because, for practical reasons, Google assumes the trusted execution environment that interfaces with the hardware-backed encryption engine on Android devices is stateless. They cannot mandate that OEMs support wiping data after X attempts until the CPUs catch up by having some on-chip persistent secure memory, or until they can mandate the use of an embedded secure element plus an Android applet on said secure element, or until they can mandate behavior on the flash firmware to set aside some space just for the trusted environment (and give the trusted environment some way to identify itself when communicating with the flash firmware). If the guys over at Google have any desire to protect user data, they're probably working on it.

The more you know

Well then maybe I shouldn't break the law....

>>53449856 (OP)
Android since Lollipop uses an hw-backed store for keys, same as iPhones.
if you chip off you have to brute-force the whole 128-bit aes masterkey, same as for iPhones.

>>53454498
that's for Android earlier than 4.4

>>53454656
>The difference is in how easy it is to insert another OS that won't obey the incorrect attempts rule.
easier for iPhones. you can't disallow updates signed by Apple's signature.
otoh for Android you can.
>With Android that is generally pretty simple. Most phones have publicly known ways of unlocking the bootloader
that's just not true.
most phones don't have an unlockable bootloader and need root exploits.
the phones with unlockable bootloaders like Nexus will wipe the device when you unlock. furthermore that's only possible if you enabled that before in the OS settings, which would mean you already have access to the unlocked device.

>>53455369
>unless some newest L phones, but thats 1% of market?
Lollipop and later are the majority now.

>>53449856
If you're fucking with enough heavy shit to get the fbi after you, theyd probably just beat whatever out of you

>>53449856
literally who

>Full disk encryption (FDE) is a last-ditch defense.
>The idea is, you’ve accidentally left your (idling!) laptop on a park bench, or had your (idling!) home computer seized by the FBI. Data on the (inert!) encrypted drive is inaccessible to anyone without your key.
>This sounds like a powerful capability. It isn’t.
>Your encrypted drives are either unlocked & usable, or locked & unusable. Locked & unusable isn’t a very useful state. You’re carrying that disk around, probably because you use it. But while you’re using it, FDE can’t really protect you. If your laptop is stolen or seized while you’re using it (or maybe even if it’s simply powered on) , your secrets are exposed.

>>53455859
Interesting. What's stopping the FBI from just imaging the disk and attempting to bruteforce the PIN with a difference disk every 10 attempts? Apple should be able to stop that by binding the CPU to the disk in the factory via custom firmware plus an efuse on the CPU, but to my knowledge, Apple doesn't play around with efuses.

>>53455859
>>53456014
Or, more reasonably, they could keep some encryption key material on their eSE and have an eSE applet guarantee the maximum user attempts. If they don't have some secure channel between their secure enclave and the eSE, I imagine they have much bigger problems than a bruteforceable PIN.

I don't order weapons of mass destruction using my phone.

>>53456014
nothing
https://www.aclu.org/blog/free-future/one-fbis-major-claims-iphone-case-fraudulent

File: applegenius.png (816 KB, 1107x947) Image search: [Google]

816 KB, 1107x947

>>53454085
>law enforcement has never planted false evidence to secure a conviction

>>53456439
>law enforcement is going to grab a completely unrelated person to a matter and plant false evidence on them

>>53456435
If that's true, it's pretty funny.

>>53456439
>>53456536
Everyone does parallel construction, but I've only ever heard of the CIA actually planting evidence. Never the FBI. Is there a source for FBI doing this, or were you not referring to them?

>>53449856
>niggers think they know shit about technology \
haha good bait 2/10

Here's a thought: don't break the law. Now you don't have to worry about which phone is more government proof.

>>53455728
>what is AOSP?

It stands for Android Open Source Project. You could have just googled this, you know.

>>53456536

You obviously have never dealt with police or a sheriff department employee, i'll add in any country.

>>53449912
>the nothing to hide argument
top kek

>>53458665
That's not what he said you dimwit.

this whole debacle has made the senate realize that the NSA isn't sharing their data with the FBI. so they're going to pressure the NSA into it and all of this will be a moot point anyway.

>>53456995
>>53455778

you need to be over 13 to use the web, and over 18 to post on 4chan

GTFO

>>53458665
not really, he only ridiculed you for being a plebean and not even owning an ibmp-pc anymore and having to do anythig on a cellphone

>>53458513
>spotted the newfag
Fortykeks.jpg

>>53454232
I use the maximum 16 (lol) an unrooted device permits. I assume the scummy memory in the device is still prone to cold boot anyway.

If your encryption key is backed by a 4 digit pin, then no, you can't FBI proof your phone. Not even if you use an iPhone, as both Snowden and McAfee have both argued.

But an Android user is not limited to encrypting their files with a 4 digit pin. To say an Android user cannot FBI proof their files with a good AES 256 key is to say that a Windows Desktop user cannot do the same, or a Linux Desktop user...

>>53459670
Windows doesn't crawl to a halt when you encrypt, is the thing. Y'all seriously underestimate how fucking weird Android is with hack-job stuff.

The debacle apple has been sucked into is hilarious tho, just because the FBI has had at minimum six other ways they could have gotten into the phone, but some idiot turned the phone off

>>53449856
Law enforcement has no problem at all getting access to any phone, FBI and apple are just putting on a show for the masses. If you have data to hide, encrypt it yourself and don't trust the devices encryption. Easy as 3.14.

>>53456536
>being this basic
how do you even survive?

>>53459734
>FBI and apple are just putting on a show for the masses

Bullshit. The whole reason Apple is doing this whole show is to prove to China, their 2nd largest market and growing, that the FBI can't snoop Xi Faging's phone.

>>53460099
Exactly, it's a show for the international masses to make them think they're safe with apple while in reality, american law enforcement has been cucking them from the start.

>>53460379
Why make this baseless claim? Apple os not loyal to the US.

File: S3222_DROPOUTJEEP.jpg (146 KB, 800x1035) Image search: [Google]

146 KB, 800x1035

>>53460547
>What is DROPOUTJEEP
I'll just leave this here.

>>53455782
>that's for Android earlier than 4.4
66% of market
http://developer.android.com/about/dashboards/index.html
given that half of 4.4 are upgrades that don't support all the features

>>53455782
>>unless some newest L phones, but thats 1% of market?
>Lollipop and later are the majority now.
delusional