this post was submitted on 24 Oct 2024
39 points (93.3% liked)

Infosec News

214 readers
21 users here now

A community posting Cybersecurity related articles.

founded 1 month ago
MODERATORS
[email protected]
[email protected]
39
Don’t Ignore This Simple Tip: NSA Says Rebooting Can Protect Your Phone (thecyberexpress.com)
submitted 2 weeks ago by [email protected] to c/[email protected]
20 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

GrapheneOS provides an auto-reboot feature which reboots locked devices after a set period of time to put data at rest. A countdown timer is started each time the device is locked, and the device will reboot if a successful unlock doesn't occur before the timer reaches zero.

https://grapheneos.org/features#auto-reboot

Essentially it drops the decryption key derived from your unlock pattern / code. Attacks to access files while the decryption key is loaded, even if the phone is locked, are mitigated. The only things that works after a reboot are phone calls, SMS, and the alarm clock. I have mine set to reboot every 4 hours of inactivity.

I believe this feature is to not only to mitigate your average attacker but also law enforcement threat levels who purchase exploit kits. Can't do much without the decryption key so they are left with slow brute force attacks.

[–] [email protected] 6 points 2 weeks ago (1 children)

I really wish this was adopted as a general Android feature.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

Pretty sure it is part of AOSP so yeah, if your OS doesnt have it, its because the company removed it. CalyxOS has it too.

[–] [email protected] 4 points 2 weeks ago

This has all been a very interesting thread. Thank you. I'm thinking I need to set something up with my phone. It does force the password every 72 hours, but it won't do anything about the boot loader since it doesn't reboot automatically.

[–] [email protected] 3 points 2 weeks ago

I wonder why Pixel would remove this feature in that case.