How safe is the data stored on your smartphone? Depends on the capabilities of the adversaries you face. If you work in a high-stakes industry, the adversaries you face could be sophisticated enough to perform chip-off on your device if they get a hold of it and access all data it stores. How does Secure Group protect you from that?
Chip-off is a forensics technique usually used by law enforcement to extract data directly from the memory chip of a suspect’s handset that has been taken away. In essence, it boils down to taking the smartphone apart, unsoldering the eMMC storage chip containing all the phone memory from the motherboard, and mounting it on a separate device that can read it. From there it’s easy – the forensics specialists just access the data on the chip. It could include:
- Message contents
- Metadata
- Contact lists
- Stored files
- PGP keys
…The list goes on. It’s basically everything stored on the device.
Why should you be worried?
We started by mentioning chip-off is usually done by law-enforcement forensics teams. State agencies have a legal monopoly on such technology. But like any technology, you can’t really be sure it is used only by the “good guys.” Tutorials for chipping-off different smartphone models are readily available on the internet. And the forensics devices that are used to read the extracted chips are also out there for sale. Also, in certain industries and lines of work, you could actually face state-backed adversaries that have access to the technology.
It is important to note that to perform chip-off on your phone, the attackers must steal it or get hold of it in some other way and take it to a lab. If you know your device is stolen, you can use a remote-wipe feature like the ones available to users of Secure Group’s solutions. We give users several ways to erase all data stored on their devices (read more about them here). This way you can make sure there would be no data to extract with chip-off.
How can you counter chip-off?
If you can’t use remote wipe, you have to rely on the handset’s own security to protect your information. What security features a phone has – and what exploits can be used to bypass them – varies from model to model, and from manufacturer to manufacturer. The old BlackBerry phones, for example, stored encryption keys in their temporary memory. Which is like keeping your house keys under the doormat.
Android phones are much better in that regard. They can have full-disc encryption for the entire storage. This is something that is mandatory on our Secure Phone devices. Even if the chip is extracted and mounted on a forensics device, its entire content is encrypted. The only way to decrypt it is with the user’s encryption password – or by brute-forcing the password. This is why we advise using a strong password with over ten digits, numbers, and special characters.
Then, we have provided an extra layer of protection for your data. Secure Phone devices use only our suite of encrypted communication apps: Secure Chat, Secure Email, and Secure Vault. All three have encrypted databases which store everything the apps use: files, contacts, messages, keys, etc. While the apps are not in use, they are locked and encrypted – and can be decrypted only with the Secure Lock passphrase the user has picked.
Even if someone successfully brute-forces your encryption password (which they shouldn’t be able to do), they still wouldn’t be able to access any of the content stored in the apps themselves.
Comments