Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That is how my netbook is configured, EncFS encrypts file names and contents before rsync sends it to a remote backup server.

On the phone, you don't need to encrypt all of the file system (for better performance) but just the parts that hold user data.

Unlocking the screen and encrypted user data by "swiping a pattern" is not a big thing and takes not even a second.



A swipe pattern has such low entropy that you may as well not encrypt it.


Sure, it doesn't stop a criminal, but it implies privacy that could be held up in court against unlawful search.


I have my phone set up to enter a long code on boot (which goes to LUKS) but the lockscreen PIN is much smaller. The low entropy on the lockscreen doesn't matter so much as it is capable of restricting the number of tries, delaying after a certain number of failures, etc.


I agree, I don't see why it'd be unreasonable to type a passphrase on boot.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: