AsudoxDev

joined 1 year ago
sorted by: new top controversial old
Police want the password to your phone in c/privacy@programming.dev
Police want the password to your phone in c/privacy@programming.dev
[–] AsudoxDev@programming.dev 0 points 9 months ago* (last edited 9 months ago) (2 children)

I never said anything about the phone not being encrypted by default. I am talking about the emergency mode iOS devices have.

rule life in c/196@lemmy.blahaj.zone
[–] AsudoxDev@programming.dev 4 points 9 months ago

Now that you mention it, does seem a bit like Louis as well lol

Police want the password to your phone in c/privacy@programming.dev
[–] AsudoxDev@programming.dev 2 points 9 months ago* (last edited 9 months ago) (2 children)

Correct, though it still is saved somewhere. Just like how TPMs in Computers can be exploited as well, this also can be. What I meant in my original comment was that the emergency mode did not clear that hardware chip's storage, which others said otherwise.

edit: corrected mistake according to ethan

Police want the password to your phone in c/privacy@programming.dev
[–] AsudoxDev@programming.dev 8 points 9 months ago* (last edited 9 months ago) (5 children)

You didn't read the article you linked to, did you?

The encryption by default you speak of is before the first unlock, that is, locked with something like a password or PIN. After the first unlock, the decryption key is stored in memory and your filesystem is pretty much vulnerable to anyone that can get access to the memory. That is why you can even unlock your phone with your face or fingers, because all that is a simple boolean value that indicates whether you logged in or not. You can't "generate" or get a key from your face nor fingers.

Police want the password to your phone in c/privacy@programming.dev
[–] AsudoxDev@programming.dev -3 points 9 months ago (12 children)

That does not encrypt your storage. It simply disables the biometric authentication methods. Which means they can see your stuff if they get into the phone via a exploit.

Is Cromite on Android a viable alternative to Firefox based browsers? Any Experience? in c/privacyguides@lemmy.one
Passwords have problems, but passkeys have more in c/technology@lemmy.world
[–] AsudoxDev@programming.dev 3 points 9 months ago* (last edited 9 months ago) (1 children)

Bitwarden is an online password manager and no I don't consider self hosting it offline.

What are some mind blowing Rust tricks? in c/rust@programming.dev
[–] AsudoxDev@programming.dev 12 points 9 months ago (2 children)

What madness caused this

Passwords have problems, but passkeys have more in c/technology@lemmy.world
[–] AsudoxDev@programming.dev 6 points 9 months ago* (last edited 9 months ago) (5 children)

Passkeys are only good if they aren't in a online password manager. They are better than TOTP 2FA in terms of security and phishing resistance. I see 2FA as a last resort when someone even gets into my password manager. Storing passkeys completely makes this useless, as I'm sure anyone that can log into my accounts would've done so by getting a hold of my unencrypted password manager database. Unless android provides a real offline way of storing passkeys in the device, I am not interested alot.

rule life in c/196@lemmy.blahaj.zone
[–] AsudoxDev@programming.dev 20 points 9 months ago (3 children)

That guy looks like Mark Zuckerberg

what is your Favorite passwords manager and why in c/android@lemmy.world
[–] AsudoxDev@programming.dev 33 points 9 months ago* (last edited 9 months ago) (3 children)

Bitwarden. The UI is about to be updated to something more modern so that's no longer is an issue for most people. It's also open source, so yes.

The 10€ per year as the premium subscription is just unbeatable. You pay less than a euro per month for a reliable and robust password manager. And you don't even need the premium subscription, because almost everything is free. I honestly consider it a donation rather than a subscription.

view more: ‹ prev next ›