Navigation

    UBports Robot Logo

    UBports Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    Any plans to have encryption as an option in future Ubuntu Touch installers? [Solved]

    OS
    installer encryption security
    7
    19
    1398
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Lakotaubp
      Lakotaubp @Guest last edited by Lakotaubp

      @ell1e This thread is nearly a year old and restarting them is very hit and miss so you are probably better starting a new thread and referring back to this one. Another option might be to ask a question in this weeks Q&A about any plans to add this to the installer or such.
      https://forums.ubports.com/topic/4295/ubuntu-touch-q-a-76-saturday-23rd-of-may-at-19-00-utc/9

      1 Reply Last reply Reply Quote 0
      • P
        pixelated last edited by

        one work around could be an NFC key, which provides the encryption key, without having to get into the hardware security tech of different phones

        ? 1 Reply Last reply Reply Quote 0
        • ?
          A Former User @pixelated last edited by

          This post is deleted!
          T P 2 Replies Last reply Reply Quote 0
          • T
            trainailleur @Guest last edited by

            @ell1e said in Any plans to have encryption as an option in future Ubuntu Touch installers?:

            @pixelated my point was to exactly not do what you suggested, by just providing plain old LUKS with a password and not go into other gadgets like NFC key or whatever for a base implementation. (Of course these additions are always nice later, but my point was talking about those now is putting the cart before the horse.)

            It has been mentioned in previous Q&As (when I asked 🙂 ) that encryption is in the long-term plans, but it is not a high priority when compared to the many immediate currency issues (unity8/lorimi, getting to Xenial, now the need to get to 20.04 and maybe even a new version of QT, etc.) as well as stability, new features, more devices, etc.

            In the long run, perhaps it would be possible to bundle a software keyboard like Postmarket's OSK-SDL into the initrd, and provide an initial LUKS encryption option through the installer, but from what I understand, the way OTAs are deployed would then need to change radically, and I wouldn't expect a change of that scope to happen anytime soon.

            In the meantime, some of us remount a LUKS-encrypted file onto /home/phablet: One method to encrypt /home/phablet (As mentioned upthread)

            Obviously that is a dirty hack (and risks system breakage during updates) and far from a complete solution, but it does provide some bare minimum security against theft by a lazy thief. If a professional attacker (corporate, governmental, advanced criminal, etc.) gets hold of your phone, this is likely insufficient.

            ? 1 Reply Last reply Reply Quote 0
            • ?
              A Former User @trainailleur last edited by A Former User

              This post is deleted!
              PhoenixLandPirat 1 Reply Last reply Reply Quote 0
              • PhoenixLandPirat
                PhoenixLandPirat @Guest last edited by PhoenixLandPirat

                @ell1e home/phablet is where all your stuff is anyways, you'd have a hard time putting anything personal anywhere else, unless you actively put effort into doing that.

                However that doesn't dismiss how hacky this is, and so I do hope that some of this can be used to make it easier to encrypt your home directory.
                It'd be great to have it in system settings, as a tap if you want to enable it, and add a decryption password.

                I think encryption is important, and encrypting the home drive is greatly desired, but we've also got to be realistic with how it'll work, once you've decrypted it once, I don't think your data is encrypted (on any mobile system) until you turn off your phone again.

                1 Reply Last reply Reply Quote 0
                • P
                  pixelated @Guest last edited by pixelated

                  @ell1e

                  yes that is a solution, but any password long enough to make brute force a waste of time, is going to be very difficult to remember or enter regularly (unless combined with a hardware key on the device security chip)

                  for most people that probablyisnt an issue, but fkr anyone who genuinely needa the encryption, it probably would be

                  (edit : he typos above are good example of why a password is not ideal for phone encryptionlol ..unfortunatly i find UTs keyboard v buggy, random spaces, deleting spaces, changing capitalisation randomly, duplicated letters,etc, at the moment)

                  ? 1 Reply Last reply Reply Quote 0
                  • ?
                    A Former User @pixelated last edited by A Former User

                    This post is deleted!
                    PhoenixLandPirat 1 Reply Last reply Reply Quote 0
                    • PhoenixLandPirat
                      PhoenixLandPirat @Guest last edited by

                      @ell1e said in Any plans to have encryption as an option in future Ubuntu Touch installers?:

                      All I'm hearing is excuses, to be honest. "It's not perfect, so that makes it fair to not provide it." No, I don't think it does.

                      Sounds like you might want to get some hearing aids then 🙂

                      Home folder encryption would already help a lot as you say, but is that in the installer? It should be then

                      You're more than welcome to work on it 🙂

                      ? 1 Reply Last reply Reply Quote 0
                      • ?
                        A Former User @PhoenixLandPirat last edited by A Former User

                        This post is deleted!
                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post