Project

General

Profile

Actions

Issue #2096

open

Do a security analysis of the factory resets mode and improve it

Added by Denis 'GNUtoo' Carikli about 4 years ago. Updated about 4 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
07/23/2020
Due date:
% Done:

0%

Estimated time:
Resolution:
Device:
Unknown
Grant:
Type of work:
Actions #1

Updated by Denis 'GNUtoo' Carikli about 4 years ago

  • Subject changed from Do a security analysis of the factory resets mode to Do a security analysis of the factory resets mode and improve it
  • Target version deleted (Replicant 6.0)

There is also a paper mentioning that: https://redmine.replicant.us/projects/replicant/wiki/AcademicPapers#Security-Analysis-of-Android-Factory-Resets

But in a nutshell without having read the paper, the implementations are probably far from perfect, and we probably want to check the extend of the issue and/or improve things.

Ideally it should be at least as good as a well implemented 'wipe' command or "fast wipe with crypto-grade randomness" as described in the cryptsetup FAQ

As the eMMC firmware are nonfree, and that we probably don't have access to the flash translation layer, we probably can't guarantee that the block leveling scheme doesn't result in some data being kept. In fact some data is most probably kept away due to that.

However some crypto grade wipe is probably still order of magnitudes better than nothing as it most probably really erase data during the process.

Actions #2

Updated by Denis 'GNUtoo' Carikli about 4 years ago

We probably also want to target all major Replicant versions as it would enable to wipe older devices as well.

Actions

Also available in: Atom PDF