Issue #2096
openDo a security analysis of the factory resets mode and improve it
0%
Updated by Denis 'GNUtoo' Carikli about 4 years ago
- Subject changed from Do a security analysis of the factory resets mode to Do a security analysis of the factory resets mode and improve it
- Target version deleted (
Replicant 6.0)
There is also a paper mentioning that: https://redmine.replicant.us/projects/replicant/wiki/AcademicPapers#Security-Analysis-of-Android-Factory-Resets
But in a nutshell without having read the paper, the implementations are probably far from perfect, and we probably want to check the extend of the issue and/or improve things.
Ideally it should be at least as good as a well implemented 'wipe' command or "fast wipe with crypto-grade randomness" as described in the cryptsetup FAQ
As the eMMC firmware are nonfree, and that we probably don't have access to the flash translation layer, we probably can't guarantee that the block leveling scheme doesn't result in some data being kept. In fact some data is most probably kept away due to that.
However some crypto grade wipe is probably still order of magnitudes better than nothing as it most probably really erase data during the process.
Updated by Denis 'GNUtoo' Carikli about 4 years ago
We probably also want to target all major Replicant versions as it would enable to wipe older devices as well.