What does it mean to encrypt a device? Card encryption. From whom should you protect your phone data? Alternative encryption of data on a memory card. Encrypting an external SD card

You use your Android smartphone (tablet) to save personal photos, read important emails, make online purchases using your credit card, edit and transfer important documents? If your answer is yes, then you should think about encrypting your device.

Unlike iPhones, Android devices don't automatically encrypt data stored on them, even if you use a passcode to unlock the device, but if you're running Android Gingerbread 2.3.4 or higher, it's easy to enable encryption.

Encrypting your phone means that if the phone is locked, the files are encrypted. Any files sent and received from your phone will not be encrypted unless you use additional methods.

The only difference between an unencrypted and an encrypted phone from a user's perspective is that you will now have to use a password to unlock the phone (tablet).

If your phone is not encrypted, then the password is just a screen lock. In fact, in this case, the password simply locks the screen - that is, it does nothing to protect the files stored on the device. So, if attackers find a way to bypass the lock screen, then they get full access to your files.

If the phone is encrypted, the password is the key that decrypts the encrypted files.

That is, when the phone is locked, all data is encrypted, and even if attackers find a way to bypass the lock screen, then all they find is encrypted data.

How to enable encryption on an Android device?

1. Open the Settings menu.

2. In Settings, select Security > Encryption (Encrypt device).

3. As required, you must enter a password of at least six characters, at least one of which is a number.

As soon as you set a password, the process of encrypting your files will begin. Encryption may take an hour or more, so you must turn on the charger before encryption begins.

Once the encryption process is complete, you're done! Make sure to save your password in a safe place because you will now need it every time you want to access your phone. Please note that if you forget your password, there is currently no way to recover it.

In fact, encryption of Android devices, along with obvious advantages, also has significant disadvantages:

  1. Imagine having to dial a complex password every time you want to make a call. I wonder how long it will take for you to get tired of it?
  2. You will not be able to decrypt an encrypted device; this is simply not provided. To decrypt, there is only one way - to reset the phone to factory settings. In this case, of course, all your data will be lost. This will look especially interesting if you forget to make a backup copy first.

Thus, today there is a difficult choice - either you encrypt your device and put up with huge inconveniences, or you get ease of use, but at the expense of security. Which path will you choose? I don't know. Which path would I choose? I can’t answer either. I just do not know.

Vladimir BEZMALY , MVP Consumer Security, Microsoft Security Trusted Advisor

Briefly: If you use a graphic key to access your phone, then 99% of the time this is enough to ensure that no one can access the information on your phone without your knowledge. If the data on your phone is very sensitive, then you should use the phone's built-in full encryption feature.

Today, almost all smartphones have become carriers of important personal or corporate data. Also, through the owner's phone, you can easily access his accounts, such as Gmail, DropBox, FaceBook and even corporate services. Therefore, to one degree or another, it is worth worrying about the confidentiality of this data and using special means to protect the phone from unauthorized access in the event of its theft or loss.

  1. From whom should you protect your phone data?
  2. Built-in data protection in Android.
  3. Full phone memory encryption
  4. Results

What information is stored on the phone and why protect it?

A smartphone or tablet often serves as a mobile secretary, freeing the owner’s head from storage large quantity important information. The phone book contains numbers of friends, co-workers, and family members. IN notebook they often write credit card numbers, access codes, passwords to social networks, e-mail and payment systems.
The list of recent calls is also very important.
Losing your phone can be a real disaster. Sometimes they are stolen specifically to penetrate personal life or to share profits with the owner.
Sometimes they are not stolen at all, but are used for a short time, unnoticed, but a few minutes is quite enough for an experienced malicious user to find out all the details.

The loss of confidential information can result in financial ruin, the collapse of your personal life, and the breakup of your family.
I wish I didn't have it! - the former owner will say. - It’s so good that you had him! - the attacker will say.

And so what needs to be protected on the phone:

  1. Accounts. This includes, for example, access to your email gmail mailbox. If you have set up synchronization with facebook, dropbox, twitter. Logins and passwords for these systems are stored in open form in the phone profile folder /data/system/accounts.db.
  2. History of SMS correspondence and phone book also contain confidential information.
  3. Web browser program. The entire browser profile must be protected. It is known that Web Browser(built-in or third-party) remembers all passwords and logins for you. This is all stored in open form in the program profile folder in the phone’s memory. Moreover, usually the sites themselves (using cookies) remember you and leave access to your account open, even if you did not specify to remember the password.
    If you are using sync mobile browser(Chrome, FireFox, Maxthon, etc.) with a desktop version of the browser to transfer bookmarks and passwords between devices, then you can assume that you can access all passwords from other sites from your phone.
  4. Memory card. If you store confidential files on your memory card or download documents from the Internet. Typically, photos and videos taken are stored on a memory card.
  5. Photo album.

Who should you protect your phone data from:

  1. From a random person who finds your lost phonel because from “accidental” theft of the phone.
    It is unlikely that the data on the phone will be of value to the new owner in this case. Therefore, even simple graphic key protection will ensure data safety. Most likely, the phone will simply be reformatted for reuse.
  2. From prying eyes(co-workers/children/wives), who can gain access to your phone without your knowledge, taking advantage of your absence. Simple protection will ensure the safety of your data.
  3. Providing forced access
    It happens that you are voluntarily forced to provide a phone number and open access to the system (information). For example, when your wife, government official or employee asks you to look at your phone service center Where did you take your phone for repair? In this case, any defense is useless. Although it is possible using additional programs, hide the fact of the presence of some information: hide part of the SMS correspondence, part of the contacts, some files.
  4. From targeted theft of your phone.
    For example, someone really wanted to know what was on your phone and made an effort to get it.
    In this case, only full encryption of the phone and SD card helps.

Built-in data protection on Android devices .

1. Lock screen with Pattern Key.
This method is very effective in the first and second cases (protection against accidental loss of the phone and protection from prying eyes). If you accidentally lose your phone or forget it at work, no one will be able to use it. But if your phone purposefully fell into the wrong hands, then this is unlikely to save you. Hacking can even occur at the hardware level.

The screen can be locked with a password, PIN code and Pattern Key. You can select the locking method by launching the settings and selecting the Security -> Screen lock section.

Graphic Key(Pattern) - c the most convenient and at the same time reliable way phone protection.

None- lack of protection,
Slide— to unlock, you need to swipe your finger across the screen in a certain direction.

Pattern- this is a Graphic Key, it looks something like this:

You can improve security in two ways.
1. Enlarge the Graphic key input field. It can vary from 3x3 dots on the screen to 6x6 (Android 4.2 is found in some models, depending on the Android version and phone model).
2. Hide the display of the points and “path” of the graphic key on the smartphone screen so that it is impossible to peek at the key.

3. Set the screen to automatically lock after 1 minute of inactivity on the phone.

Attention!!! What happens if you forgot your pattern key:

  1. The number of incorrect attempts to draw a Graphic Key is limited to 5 times (in different phone models the number of attempts can be up to 10 times).
  2. After you have tried all your attempts but have not drawn the Pattern correctly, the phone is locked for 30 seconds. After this, you will most likely have a couple of attempts again, depending on your phone model and Android version.
  3. Next, the phone requests the login and password of your Gmail account, which is registered in the phone Accounts settings.
    This method will only work if your phone or tablet is connected to the Internet. Otherwise deadlock or reboot to manufacturer settings.

It happens that the phone falls into the hands of a child - he starts playing, draws the key many times and this leads to the key being blocked.

PIN is a password consisting of several numbers.

And finally, Password— the most reliable protection, with the ability to use letters and numbers. If you decide to use a password, then you can enable the Phone encryption option.

Encryption of phone memory.

Feature included in the package Android versions 4.0* and higher. for tablets. But this feature may be missing in many budget phones.
Allows you to encrypt your phone's internal memory so that it can only be accessed with a password or PIN code. Encryption helps protect the information on your phone in the event ts targeted theft. There is no way that attackers will be able to access your data from your phone.

A prerequisite for using encryption is to set a screen lock using a password.
This method achieves the preservation of user data located in the phone's memory, such as the phone book, browser settings, passwords used on the Internet, photos and videos that the user received using the camera and did not copy to the SD card.

— SD card encryption is enabled as a separate option.
— Memory encryption may take up to an hour depending on the amount of memory on the device. The phone cannot be used during encryption.

What if you forgot your password?

Password recovery is not provided in this case. Can be done on a phone or tablet full RESET, i.e. reinstall Android, but user data from the phone or tablet will be erased. Thus, if an attacker does not know the password to unlock the phone, he will not be able to use it. It will also be impossible to see data from the phone’s memory using other programs by connecting the phone to a computer, because all internal memory is encrypted. The only way to make the phone work again - reformat it.

Attention, the full encryption function is present only starting from Android OS 4.0 - 4.1 and may simply not be available on some phone models. Most often found in phones from Samsung, HTC, LG, Sony. Some Chinese models also have an encryption function. On some phones this function is located in the “Memory” section.

Flaws:

  1. You will need to constantly enter a fairly complex password (6-10 characters) even if you just want to make a call. Although it is possible to set a long time interval (30 minutes) during which the password will not be requested when you turn on the phone screen. On some phone models, the minimum password length can be from 3 characters.
  2. On some phone models, it is not possible to disable encryption if you want to avoid having to constantly enter a password. Encryption can only be disabled by returning the phone to factory settings and erasing all data.

Encrypting an external SD memory card

The function is included in the standard Android 4.1.1 package for tablets. Missing from many budget builds.
The function provides reliable data protection on an external SD card. Personal photos can be stored here, text files with commercial and personal information.
Allows you to encrypt files on an SD card without changing their names or file structure, while preserving preview graphic files (icons). The function requires setting a display lock password of at least 6 characters.

It is possible to cancel encryption. When changing the password, automatic re-encryption occurs.
If the user has lost the memory card, the encrypted files cannot be read through the card-reader. If you put it on another tablet with a different password, then the encrypted data also cannot be read.
Other Encryption Properties:

  • Transparent encryption. If the card is inserted into the tablet and the user has unlocked the screen with a password, any application sees the files in decrypted form.
  • If you connect the tablet via a USB cable to a computer, encrypted files can also be read on the computer by first unlocking the card from the screen of the mobile device.
  • If you write some other unencrypted files onto the card via the card-reader, they will also be encrypted after inserting the card into the tablet.
  • If you have an encrypted card, you cannot cancel the lock password.
  • Data is encrypted at the file level (the file names are visible, but the contents of the file are encrypted).

Disadvantage of the program:O missing from most Android builds.

It should be emphasized that the best safety of data is a complete copy of it on your Computer in The smartphone is quite a fragile device small sizes, which means there is always a possibility of its breakdown or loss.

Improving the usability of a secure smartphone

Full phone encryption provides the strongest level of protection, but constantly entering a 6-digit password makes it difficult to use. But there is a solution.

In the Android system from version 4.2*, it is possible to move some applications\widgets to the lock screen, and thus you can perform simple steps without constantly unlocking the phone (without entering a 6-digit password).

Results:

  • The built-in and free features to protect your phone are very reliable. They are able to protect against prying eyes the user’s contacts, his correspondence and calls, accounts in various programs and networks, as well as files and folders located both in the phone’s memory and on a removable SD card.
  • Before buying a phone, you should make sure how the required protection works in this particular phone model: the requirement to use an overly complex PIN code or password on the lock screen (Pattern Key is not suitable), irreversible encryption internal memory phone, i.e. The only way to opt out of encryption is full reset phone settings.
  • Important! Make sure that if you forget your password or pattern key, you can restore access to your phone or you can easily restore your phone settings and information if you have to hard reset(resetting the phone to factory settings with loss of all data).
  • It is necessary to store a backup copy of confidential data only on your Computer, on DVD disc or in the cloud.
Tags: , Protect data on Android phones and tablets.

For improved privacy and data protection, concerned people can use encryption of information stored on their mobile device using a feature built into the Android operating system.
A number of caveats must be made when using this method. This process is one-way, that is, when it is turned on, there is no way to turn it off without consequences, since the encryption mechanism is disabled by resetting the mobile device to factory settings. Before starting encryption, it is recommended to do backups data, and in no case should the encryption process be interrupted, otherwise the owner of a smartphone or tablet will face irreversible consequences associated with the loss of information, and there is also a risk of completely “killing” the device. Before the encryption process, you should also make sure that you have set an alphanumeric password or PIN that is used to remove the screen lock, since operating system will use it as a decryption key.

What is the encryption process on Android

To start the encryption process, you need to go to System Settings - Security - Encrypt device. Once your data is encrypted, you will be required to enter your set alphanumeric password or PIN each time you boot your phone. If necessary, it is possible to encrypt not the entire device, but only selected files and directories. In such cases, the SSE Universal Encription application is excellent, which includes all popular encryption algorithms, including Blowfish-256, AES-256 and Sarpent-256. The application also includes three modules: Password Vault, for securely storing passwords in various folders, Message Encryptor, which allows you to encrypt both whole text and its fragments, and, as a more interesting and useful module, is File/Dir Encryptor, which through the built-in browser window allows you to choose how separate files, and directories, which are subsequently securely encrypted using the user-selected algorithm. You can download the application from Google Play or via your computer.

The online product catalog MagaZilla provides the ability to compare products and stores. If you need a computer mouse, prices are on the website http://m.ua/ available to every visitor. Come in and check out the catalog of companies where you can buy goods.

Also, for better data protection on mobile devices you can use Cyanogen Mod, which can only be installed using a computer with the Windows operating system. Instead of Cyanogen Mod, you can also install the Replicant distribution, which is based on Cyanogen Mod, but is free and open source and replaces all proprietary Android device drivers with alternative open source drivers.

If you look from the security side, then your Android smartphone is a compact box filled with important personal information, and you probably wouldn’t want it to fall into the wrong hands. To get a more realistic picture of the situation, think about your email, SMS messages, saved credit card numbers, personal photos and other sensitive data.

I think no one would want to be in a situation where a stranger took possession of this data, because it’s scary to even think about the consequences of this. And this is the main reason why we come to different methods for organizing the protection of our phone or tablet, and data encryption is the main means of protecting data.

What is encryption?

Encryption is the reversible process of converting data into an unreadable form for all persons except those who know how to decrypt it. The only way to get the data back into readable form is to decrypt it back using the correct key.

It’s easier to understand such things using simple examples, let’s say you lost your diary, and someone who finds it and knows Russian can easily read and find out your deepest secrets, but if you kept a diary in some kind of secret code, or a language that only you understand, then no one else could read it.

A similar approach can be applied to data stored on your Android device. A thief can take over your smartphone or tablet and gain access to personal data, but if the data is encrypted, then it will be just a bunch of useless gobbledygook that he cannot read.

We encrypt your Android

Android encryption is very simple procedure. Please note that on different devices menus for data encryption may be located in different places. In addition, custom firmware and UI, for example Samsung TouchWiz UX, may have different requirements.

First of all, set a password or PIN code to lock the screen. This password or PIN will form part of the key to decrypt the data, so it is important to set it before you begin encryption.

Some device manufacturers impose additional security requirements, such as the Galaxy S3 and Galaxy S4.

After setting a PIN or password, go to the “Security” subsection of the main menu and select “Encrypt Phone” or “Encrypt Tablet”. On different devices, the menu for data encryption may be located in different places, for example, in HTC One it is located in the “Memory” section in the main menu.

The encryption menu will look something like this:

The encryption process takes a long time, so it is important that your battery is fully charged. If there is insufficient battery power, you will receive a notification before encryption begins.

If everything is ready, click the button at the bottom of the “Encrypt Phone” or “Encrypt Tablet” screen. Here your phone will ask for a password or PIN code, enter it to confirm. A warning message will appear again, click the “Encrypt phone” button.

Your device will reboot and only after that the encryption will begin. You will see an encryption progress indicator on the screen. While the encryption process is running, do not play with your phone or try to perform any actions; if you interrupt the encryption process, you may lose all or part of the data.

Once encryption is complete, the phone (tablet) will reboot and you will have to enter your password or PIN to decrypt all data. After entering the password, all data will be decrypted and normal Android will boot.

Encrypting an external SD card

Some devices, such as the Galaxy S3 and Galaxy S4, allow data to be encrypted even on external drives- SD memory cards.

The format doesn't kill cards. Death occurs randomly and during random operations with data. It’s just that people everywhere are trying to find connections, create a chain of events.

I’m not an expert, I can’t say for sure, perhaps at that time there was a problem with the card itself.

But I know for sure that my card died after it was formatted by a smartphone, and after:

Spoiler

Cards are divided into three categories: Micro SD, Micro SDHC and Micro SDXC. Cards Micro SD can be up to a maximum volume of 2 GB, MicroSDHC from 4 GB to 32 GB (now widely used) and Micro SDXC from 64 GB to 2 TB (theoretically, practically at this moment there are 64 GB and 128 GB cards). Cards differ not only in memory capacity, but also in different file systems. For example, Micro SD is a FAT system, Micro SDHC is FAT32, Micro SDXC is theoretically only exFAT (in reality this is not the case). In addition, the user's card reading device must support a certain type of card. The situation is simple: if a device supports SDXC cards, then it also supports earlier generations - SD and SDHC.

Recently, quite a lot of Micro SD cards with a capacity of 64 GB have appeared, but unfortunately, most Android smartphones do not officially support Micro cards SD with a capacity of more than 32 GB. In fact, the smartphone is able to read a 64 GB card and work with it correctly if you carry out simple steps with the card before installation. All well-known manufacturers of Micro SDXC cards initially format them into the exFAT system, since this is the system designed for large-capacity cards. Since this system was created by Microsoft, Android smartphone manufacturers must buy the rights to use it in order for the smartphone to be able to work with this system. Companies are still reluctant to extra costs, and therefore very few devices support the exFAT system on memory cards, and they work with the FAT32 system. For your smartphone to work with a 64 GB card, you just need to format it to FAT32. But it turns out that this is not entirely easy to do. The fact is that the FAT32 system itself theoretically only supports media (cards, partitions, etc.) up to 32 GB, but in practice it can work very well with media up to 64 GB. The only problem that you may encounter is a slight loss of speed when reading/writing from the card, but it will be almost unnoticeable. Next, we will look at how to CORRECTLY format a Micro SDXC card into the FAT32 system, so that a smartphone that does not support this type cards, I saw it and the card DID NOT GO OUT OF SERVICE AFTER SOME TIME.

1. An SDXC CARD CAN ONLY BE FORMATTED IN A DEVICE THAT SUPPORTS THIS TYPE OF CARD. Those. your card reader must support Micro SDXC cards (or SDXC if you insert the card through an adapter). Under no circumstances should you format 64 GB cards in a smartphone that only supports a 32 GB card! Otherwise, your card will fail within a period of 1 day to several months. If you don't have a card reader that supports SDXC, you can purchase one separately.

So, format the SDXC card ONLY in a device that supports SDXC.

2. Since most users have an operating system installed on their computer Windows system, then consider the formatting option from it. If you have a Windows XP operating system, be sure to install an update on it that supports the exFAT file system. Windows 7 and Windows 8 already have this support.

3. Perhaps when you insert new map into the card reader, Windows will display a message that the card is not formatted. In this case, first format it using the SDFormatter utility to exFAT.

4. Standard method Windows format a 64 GB card in file system FAT32 will not work, so we will use the Guiformat utility.
MicroSDXC 64Gb Card With Adapter & Card Reader

The program is specifically designed for formatting media larger than 32 GB into the FAT32 file system. If the utility gives an error before formatting, follow step 3 (first format with SDFormatter), which is still better to do. ATTENTION! In order for the smartphone to correctly see Micro SDXC, select the cluster size of 32 KB! It is better to use quick formatting (Quick); there is no need to perform a full one.

5. If you have done everything strictly in accordance with the above recommendations, then your card is ready. Your Android smartphone will see it and show the correct volume of 59.XX GB. You can work with the card, write/read files, but NEVER FORMAT it in your smartphone. The card will serve you for a long time faithfully.

She has been living there for several years now and there are no problems.

4 hours ago, Reanimax said:

There is only one thing you can do. If the data is valuable to you, make data duplication, media duplication, a convenient option for you.

Unfortunately, at that time it was not expected that such a situation could happen.

Edited December 25, 2017 JEI-DI