Encrypting your S4?

[MagicMike Kelley]

I'm a huge advocate of our rights in the US. I'm a big fan of recording any interaction with Law enforcement for example (I use Qik). The SCOTUS has voted that LEOs have the right to take and search your cell phone without a warrant and ANY data found on them can and will be used against you. (noted here: https://www.youtube.com/watch?v=vVCROjpgCB0)

I haven't taken encryption precautions for my mobile device at this point as my Droid X2 is so damn slow I can only imagine what encryption would do to it. I pick up my S4 next Wednesday however and am thinking that I will be doing so. The below shows just how easy it is.

Encrypt Your Samsung Galaxy S 4 - For Dummies

Has anyone done this? Any thoughts or recommendations?

 

[MagicMike Kelley]

Since I've gotten no feedback on this and I don't see anyone else answering similar questions on the forums i decided to poll my FB folks. Here's a rather helpful and interesting discussion on the topic.

Jim McGinn yes and no. Some stuff I do. What you looking to do?
56 minutes ago ? Like

Lloyd Barnhill Perhaps the question could be more specific?
56 minutes ago ? Like

Richard Fellows Both of them.
51 minutes ago via mobile ? Like

MagicMike Kelley The galaxy s4 has the built in ability to encrypt the device. This requires an alpha numerical pin to be created and used every time you turn on the device. You cannot undo this once its done and I'm curious if performance suffers from the encryption or if anyone has other thought about the topic
49 minutes ago via mobile ? Like

Jim McGinn reason I encrypt, just the stuff I pick. all encryption takes time. Some apps seem good.
45 minutes ago ? Like

Richard Fellows Have the S4 and its still fast. Even with built in antivirus as well. iPhone 4S is encrypted too.
43 minutes ago via mobile ? Like

Richard Fellows IMO encrypt everything you can. If your phone is lost there's an insane amount of data on there whether you realize it or not.
42 minutes ago via mobile ? Unlike ? 2

Jim McGinn Real question, who do you want to keep out? Me(geek), ***** that finds it? NSA?
41 minutes ago ? Like

Richard Fellows Via the data on your fb account, what's in your email and having live access to your mail accounts I could steal your identity before you realize you lost it. Definitely encrypt
39 minutes ago via mobile ? Unlike ? 1

MagicMike Kelley I agree 100% Rich - it's the Info Sec in me.

Jim - I'm not worried about geeks and idiots. They'll be stopped by pin/swipe screen lock. NSA will get everything they want wirelessly.

The SCOTUS ruled that if you are 'arrested' the cops can search y...See More
37 minutes ago ? Like

MagicMike Kelley How to Cop Proof Your Cell Phone - YouTube
How to Cop Proof Your Cell Phone
The California Supreme Court reached a decision in People v. Diaz that police ma...See More
36 minutes ago ? Like ? Remove Preview

Jim McGinn Encryption may stop or slow them down. Do not use encryption built into phone(etc). Encryption is best when you bring trusted outside tested stuff.
34 minutes ago ? Like

Richard Fellows For the detractors: Think about what can be done. I have your phone, I want to access one of your accounts. I go onto the site, click reset password and it emails you a link to reset it and/or a temp password. I now own that account, good luck getting access to it if its a site that you cannot call on the phone (most you can't these days). Or I want to steal your banking account password, that's harder. I might need access to your email AND your security questions. Security questions like mother's maiden name, can find that on Facebook. Or elementary school, on Facebook. Pet's name, Facebook. Or even if its not that some of that stuff might be in your email, etc. That's just a few things that can be done. Let me turn one of our pentesters loose on it, they'll own your life.
34 minutes ago ? Unlike ? 1

MagicMike Kelley And actually, I believe even the geeks and idiots can get some good info just by plugging it in to a pc.
33 minutes ago ? Like

Richard Fellows With some skill I'm sure you might be able to. At least with the iPhone I have tried and you can no longer browse the drive of the device when it's plugged in. Also, after 10 password fails mine is set to autowipe. Think I have it set the same on the S4, have to check that. In fact I think that's enforced on both by server policy from my company's mobile device management server.
29 minutes ago ? Unlike ? 1

MagicMike Kelley Aye - and normally I'd agree regarding built in software, but the KNOX software encryption seems to have gotten really good acknowledgement.
27 minutes ago ? Like

Jim McGinn iphone wired jailbreak, but stopped half way gives read access 95+% of the time first try.
27 minutes ago ? Like

MagicMike Kelley I'd be hesitant to add a 3rd party software for encryption and risk it really slowing the phone down
26 minutes ago ? Like

Jim McGinn KNOX software was delayed for no reason by samsung people did ask why....
25 minutes ago ? Like

MagicMike Kelley Richard, agreed - I meant NOT encrypted.

Once thing that's not clear to me is the SD Card - is that encrypted when present during the encryption process? I'd think not as it'd ruin the SD card for any other device going forward.
25 minutes ago ? Like

Richard Fellows Wouldn't know, I don't use an SD card. I don't store a lot on my phones so I don't really hit the storage limits much.
21 minutes ago ? Like

MagicMike Kelley I'm not worried about the SD card storage anyway - I keep my music and audiobooks there only.
21 minutes ago ? Like

Richard Fellows Probably better off. At worst if the phone breaks the SD contents may be unrecoverable so have them backed up on your PC. But it won't trash the card, you'll just have to format it fresh.
20 minutes ago ? Like

MagicMike Kelley Jim - I know Knox got DoD approval for using the units internally, but the paranoia in me makes me wonder if the cops would have a master key for the inbuilt software
18 minutes ago ? Edited ? Like

MagicMike Kelley Then again, from a privacy standpoint I believe in court you'd likely win regardless of the SCOTUS decision. When it comes to Private/Proprietary information the rule is generally "did you take reasonable steps to ensure the safety/privacy of the data". Encryption is more than reasonable steps, so even in they were to bypass it using a master key (they won't break the encryption I'm sure) I believe you'd win that argument.

Of course, I'm not worried about them finding anything in there to actually get me with were they ever have cause to arrest me and seize it anyway. Then again (again), as noted in that video, there are SO MANY laws out there I'm willing to be we all violate 50 a day.
10 minutes ago ? Like

Richard Fellows Cops probably not. Feds, yes. I have heard in the past that the feds do have master keys for all or most encryption technology. While the big old NSA computers can pretty readily crack 128/256bit encryption is much cheaper and easier for them to just have the keys up front and decrypt on the fly.

I don't think your average cop can break the encryption. Though if its unencrypted they have software/hardware combos that copy your **** almost instantly and completely dummy proof so that's a major risk. Feds of course at certain levels will need a warrant but as stated above if the NSA wants it they will get it, warrant or not. Especially if transmitted over the air (wifi, cellular, bluetooth, etc) as I believe in court it was proven that data transmitted wirelessly has no expectation of privacy and therefore they can snoop as much as they want.
7 minutes ago ? Like

Richard Fellows Apple's iMessage encryption trips up feds' surveillance | Politics and Law - CNET News
Apple's iMessage encryption trips up feds' surveillance
news.cnet.com
Internal document from the Drug Enforcement Administration complains that messag...See More
6 minutes ago ? Like ? Remove Preview

MagicMike Kelley Right - that's my thought Rich. I think I'm going to use the inbult Knox encryption as it's made to work with the device
5 minutes ago ? Like

Richard Fellows Cops will be cops no matter what. But at least protect your device if someone finds the device. Here's a fun one for you. I have heard of people finding devices and going through the contacts of the device calling people to extort them. "Hi we have your husband hostage" "Hello, your brother is in the hospital and needs money for his treatment" etc. Just keeping them out of your contacts via have encryption and a passcode prevents stuff like that. That's also why my contacts are all generic. Regardless of their relationship to me everyone is listed with first name and last name. Ie, I don't have my grandmother listed as grandma in phone. She's Fname Lname.

 

[AndroidJay]

I can see the need for the encryption. It is more important for those in the Medical and Legal fields. Tempting to try the build in encryption, but I will wait till I learn more about it.

 

[fantom305]

I don't think many people is going to touch this subject for the simple reason that this forum is about android phones in general and not about whether to record or not Law Enforcement. The only advise I can give any one here is that ONCE you encrypt...there is no way going back and your phone can not be seen in the computer as a drive therefore you be the judge if it is worth it to sore of mess up the information in the phone in exchange for what ?? for the police not to see your phone ?? I personally think that a pin code lock is safer than encryption.

 

[MagicMike Kelley]

I don't think many people is going to touch this subject for the simple reason that this forum is about android phones in general and not about whether to record or not Law Enforcement. The only advise I can give any one here is that ONCE you encrypt...there is no way going back and your phone can not be seen in the computer as a drive therefore you be the judge if it is worth it to sore of mess up the information in the phone in exchange for what ?? for the police not to see your phone ?? I personally think that a pin code lock is safer than encryption.

Understood, however this thread wasn't about whether or not to record law enforcement. It was about encrypting the S4, thoughts about why, why not, using the built in Knox or using a 3rd party etc... The post in my reply above was a discussion had on the topic and it evolved a bit more into the people you are keeping your data from but it's all valid none-the-less.

While I think you're right, this topic may not garner much interest here I don't believe it has anything to do with this being a forum about android phones. So is this topic. People likely won't participate much in this topic as people typically have little care over their personal data. They don't realize what they make available nor do they care to. That's OK for many and I'm certainly not here to attempt to change anyone's mind.

In the end, I'd like info from folks that have or have thought about using either the built in encryption for the unit or third party software for it as well as why they haven't (if they've made a conscious decision to do so).

While you're correct, you cannot go back once you encrypt the phone, that's not really an issue unless you forget your pin, you can take safe guards against that easily enough. However, I'm curious what you mean in that your puter won't be able to recognize your phone via USB. The data there isn't 'messed up', it's simply unattainable for those without the pin. I can't imagine Samsung would be so stupid as to render free space on the internal drive of the unit unusable once you encrypt. Did you read that somewhere? I'd be blown away if that were the case and it'd certainly stop me from using the stock encryption.

 

[fantom305]

Ok to start I will tell you to do your home work about how encryption actually works and what I mean by the is the actual process of encryption, how data is written and why is it that once you encrypt there is no way going back. In my opinion you can do more bad than good to yourself if you encrypt. Samsung is by all means not stupid by giving people the choice to encrypt because you are not damaging or making unusable the free space of the internal drive. Remember what you encrypt the data on the drive, not the drive itself. .. I have copied the following from the internet so that you can have an idea of what you can and can not do. Her

Files encrypted on the RAZR (newly fastbooted to .173), and with Password encryption, will not read in the RAZR MAXX with no lock screen Password, even though it asks for the Password when the card is inserted.
Files transferred from phone with encryption enabled to PC via USB Mass Storage, USB PC mode, or via Motocast USB will not open on PC, but will open on that phone normally.
Card removed from original phone with encryption and then reinserted into that same phone responds to password on lock screen and files open on that phone normally.
I have been unsuccessful in getting a decrypted copy of the file to the PC from the encrypted phone and card.
I transferred encrypted files to the PC but they would not decrypt with a third part AES 256 utility.
Those encrypted files then transferred back to the encrypted phone open normally.
If the encrypted card is inserted and the password is bypassed, the card is completely inaccessible (though I did not do a reboot of the phone, so I am still undecided on this).
And even though this article refers to BBerry, I have red that it also applies to androids.
As you can see in my opinion you are limiting yourself to only see your data, pictures and videos, etc. on the phone that you actually own. If you change phones and want to sync your information to the new phone or use the SD card with the new phone you will not be able. I guess that is what I meant by the PC not recognizing the phone. There is always the possibility of making a back up of your phone in your computer before encrypting in case you loose it or change phones later on, but any addition after that you will not have access to it from your PC. I read somewhere here but does not remember where that apps don't behave to good after encryption but don't quote on my cause I am not sure. On the other hand I am going to post a link here for you to read that after all even an encrypted phone can be broken into by Law Enforcement : How to bypass an Android smartphone’s encryption and security: Put it in the freezer | ExtremeTech.... So my position to this is: if you have nothing criminal to hide in your phone, find another way to keep your information concealed from prying eyes, rather than encrypting however, it is a personal choice that should be based on the pros and cons of it.

 

[msavic6]

I dont understand why I should be so paranoid about large corporations getting my information. Encrypting my phone is more of a hassle to me than a benefit. If the government wants information on me, they can gather it using plenty of other methods that and encrypted phone wont protect against.

Sent from my SGH-I337M using Tapatalk 4 Beta

 

[nickgalaxys4]

I encrypt my phone to see how it works and for your lock screen you can only have a password that got annoying so I took that off right away.

 

[Farish]

A couple things here to point out.

The SCOTUS ruling was an older case that was done before smartphones became the mainstay.

A federal court in May ruled that cops must have a warrant to search a cell phone.

I expect this ruling to be revisiting in the next couple years.

The more important thing in this right now that your encryption password may not be protected by the Fifth Amendment.

US Fifth Amendment Rights: Judge Tells Suspect To Surrender Encryption Password One Month After Saying Otherwise - AlertBoot Endpoint Security

What is the point of encryption if you can be arrested and held indefinitely for not providing your encryption password.

 

[Indrajit Chatterjee]

I have encrypted my Galaxy S4 and the MicroSDHC card in it - it works absolutely fine, no performance lag whatsoever. The initial encryption will take time based on the size of the disc (S4 built in storage and SD card). There is an option to un-encrypt both if you choose to do so. Yes, the fact that you have to type in the password every time you unlock the lock screen is a hassle - but then the choice is made by you based on your need.