Monday, 2022-01-10

giacoI have question. How can sailfish os be considered secure if you have to unlock the phone to install it?15:43
piggzgiaco: you have full disk encryption and app sandboxing. .... are you worried about someone installing a custom bootloader/kernel?16:00
giacopiggz: are you considering a phone without secure boot (or equivalent technology) a secure phone?16:02
piggzpersonally ... not something im worrying about .... the android app ecosystem is much more worrysome16:02
piggzthere are different aspects to securiy, a bootloader is only one16:03
giacoso, if I get it correctly, you install sailfish os just like any other third party android rom, breaking the secure boot chain on the device (forever)16:04
piggzpretty much16:06
piggzbut, i also have secure boot turned off on my laptop, and i consider it more secure than a windows box16:06
giacowhat gives you this level of confidence? root fs encryption?16:07
piggzless susceptible to malware, but also a level of personal responsibility on appropriate usage.  security isnt binary.16:09
piggzsailfish will encrypt your data, but not the rootfs16:09
giacowell, so you have zero level of defence on physical access (evil maid?)16:09
piggzon sailfish?16:10
giacoand laptop, too16:10
hnjgiaco: security has so many facets. it’s always a matter what you want to protect yourself against. are you a dissident going against an authoritarian nation state and are afraid that they will bug your phone? then you need to protect against all of them. most people mostly have to protect from opportunistic cryptominers, i.e. non-targeted attacks, though, so the security provided by16:11
piggzin my case yes, i would be susceptible to evil maid on my laptop ... but thats personal choice ... my laptop is rarely out of the house16:11
hnjsailfish is usually good enough.16:11
piggzbut thats not to say i -couldnt- make my laptop more secure16:11
giacoevil maid measn that someone breaks into your house to attack you, without you being aware of it16:12
piggzi keep my data backed up and use password amnager16:12
giacohnj: piggz just said that secure boot is out of scope, can you confirm this?16:12
piggzgiaco: why are you interested?16:12
giacobecause I'm interested in physical security of mobile devices16:13
piggzand, to be fair, im not a jolla employee, so i couldnt comment fully ... but as a device porter, ports are generally if not always unlocked16:13
giacountil there's no phone where you can burn your own key to TPM (or equivalent) at home and make it permanent and unreadable for the future, and then sign sailfish os (or alternative) with it, there's no security16:18
hnjgiaco: that sounds like oversimplification …16:26
hnjput it in a safe: bam! secure.16:27
hnjgiaco: and no, I cannot confirm this.16:28
piggzgiaco: and you consider iso and android to be secure?16:30
giacohnj: well, if you can assure which software is running at OS level on your device, how can consider the apps running on it safe?16:30
giacothere's a reason why major phone producers (like Apple and Samsung) use secure boot16:30
hnjgiaco: sorry, don’t understand the question, can you rephrase?16:31
piggzand yet there are devices which can still hack into those phones ... lets face it, whichever way you look at it, youre fucked anyway :D16:31
giacosorry, s/can assure/can't assure/ + s/can consider/can you consider/16:31
giacopiggiz well, it depends, not all of them, just check on the compatibility list of the products made to break into phone16:32
hnjyeah, what piggz says: basically anything is hackable at some point in some way … and most commercial "solutions" to this are snakeoil16:33
piggzmaybe, but i find it a very simplistic view to take16:34
piggzyour samsung can have back doors in the modem firmware....16:34
giacoI'm not talking about snakeoil, but the one used by law enforcers worldwide16:34
hnj"risk assessment" and "acceptable risk" are important concepts16:35
piggzyour pinephone has hardware siwtches, but comepletly open ... you just make a choice16:35
giacopiggz: sure thing, backdoor may be there, that's why I said to burn own key into TPM at home and sign OS16:35
piggzgiaco: but the modem is seperate, with its own OS16:35
piggzbackdoors were prevsouly found in samsung modems im sure16:36
giacosure, but baseband and modem are external components16:36
giacoans you can sandbox them as such16:36
piggzid consider my data more safe on a pinephone, with encrytped LVM storage, with the modem physically turned off .... even if the boot is open16:36
giacopiggz: I agree, password encrypted storage is the best bet today, and you have to consider that brute force is what happens on your data when things goes wrong16:38
rinigusgiaco: depends on what kind of resources evel maid has. if it is not government-scale, sfos has /home encryption. if you use open-source version of it, you could choose arbitrary passphrase (plain text) or android-keystore assisted key+shorter password17:24
rinigusnote that / is not encrypted, so you better detect that someone was messing with your phone17:25
giacorinigus: yes, it's still solid if the passphrase is hard to force brute17:40
rinigusgiaco: that's the solution I am using. password in plaintext is very long and could be used if android keystore layer fails for one reason or another. the keystore based key is long, but part is available only on phone itself, so you would have to brute force on phone. as trials are limited to once in few seconds, you can use relatively simple passphrase and be sure that it will be safe17:43
rinigusso, it is also relatively convenient to use17:44
rinigusgiaco: details at
giacorinigus: the "try after x second thing" is the easiest thing to overcome. You should consider that bruteforcing it MHash/s is something that could happen17:48
giacoencrypted blob on phone and long passphrase in your head is the only meaningful solution17:50
rinigusgiaco: no, not really. luks key is generated based on user passphrase and its signing by hw bound key. that key access is limited by hw to once in few seconds. generated luks key is long and that's the one that is used for encryption.17:50
giacorinigus: but making a physical dump of device memory is easy, so you attach the offline blob, not the hardware17:51
rinigusgiaco: you mean that type of memory (RAM) dump where device is disassembled and RAM frozen to keep the info?17:53
rinigusif you mean storage dump that will not work as keystore is on the chip (arm trustzone)17:53
rinigusor separate chip completely, TPM like17:54
rinigusgiaco: ^17:54
giacook, but your encrypted dump is still outside your phone, and bruteforcing it with very fast hardware is possible17:55
rinigusgiaco: yes, you can extract the luks volume and try to bruteforce it. you would have to bruteforce something that is 256 bytes from luks level as you would not be able to use hw bound key17:58
giacoyes, still very hard17:58
giacoall this drills down that the other part of the password is your head17:59
rinigusgiaco: as the password in your head has to go through hw key before it is used by luks, it is only available on device. and that has limited frequency of tries. but if you choose it very simple (1111), it will be possible to brute force, indeed18:01
giacoif you attack it offline, you attack it after lucks chain, not before. This obviously if you don't end up emulating the arm chip, but this is another level18:05
rinigusgiaco: I don't follow "after luks chain"18:11

Generated by 2.17.1 by Marius Gedminas - find it at!