The posts about how to break the screen lock are very frequently visited. This is why I thought it’s time to give you a short update and provide you with a Python script, that can do most of the attack in an automated way.
Android for Work has been announced by Google only some days ago and Google promises a secure but also usable way to combine sensitive company data and private data on a single device without increasing the risk of unintended leakage of company data.
“… Android for Work on supported Lollipop devices offers a dedicated Work Profile with security, management and application support built-in. … Android for Work creates a secure Work Profile to isolate and protect data and manage the flow of work information. …” (Android for Work website)
Today, we took a brief look at Android for Work to see how secure it really is and if it is a real alternative to the container solutions of AirWatch, MobileIron, Good, etc.
Our paper Post-Mortem Memory Analysis of Cold-Booted Android Devices has been accepted at IMF’14 and was presented there last week.
At the end of 2011, Google released version 4.0 of its Android operating system. For the first time, Android smartphone owners were supplied with a disk encryption feature that transparently scrambles user partitions, thus protecting sensitive user information against targeted attacks that bypass screen locks. On the downside, scrambled telephones are a a nightmare for IT forensics and law enforcement, because once the power of a scrambled device is cut any chance to recover data other than bruteforce is lost. Continue reading “Cracking Android’s full disk encryption”