On 07/03/2016 11:44 AM, Spencer wrote:
Hi,
break Android's Full Disk Encryption
But muh dick pics!
Wordlife, Spencer
On Sun, Jul 03, 2016 at 11:53:37PM -0500, gnu3ra wrote:
This doesn't seem to be too much of a worry as long as the user uses a ridiculously long password.
The longer the picture, the longer the password, that's what I always say.
LUKS on linux does not use any hardware backed storage and it still fares fine. The only beef I have is if the key derivation function is weak (allowing for faster brute forcing). This can still be fixed by using >64 characters and many many bits of entropy.
Yep, instead of a 4-number pin at the login screen, I can really see folks going for a > 64 character pin phrase ... that extra entropy will be simply irresistible to folks with very, long, pictures.