Encrypt your Android smartphone for paranoid-level security - TechRepublic

Encrypt your Android smartphone for paranoid-level security - TechRepublic


Encrypt your Android smartphone for paranoid-level security - TechRepublic

Posted: 24 Jan 2014 12:00 AM PST

Jack Wallen walks you through the process of encrypting your Android device.

 

Android encryption
 

For anyone who needs a mobile device with higher-than-usual security, there are a number of options. One such option is to encrypt your entire device. This means that every time you power your phone on, you'll need either a numeric pin or password to decrypt the device. An encrypted device is far more secure than an unencrypted one. When encrypted, the only way to get into the phone is with the encryption key. That means your data is going to be safe, should you lose your phone.

Unfortunately, an encrypted Android device does come with a few pitfalls:

  • Performance: The performance of your device will take a slight hit. Because of that, I do not recommend encrypting older or slower devices. The Moto X is a solid candidate for encryption.
  • One way: The encryption process is one way. Once encrypted, you cannot undo this. The only way to disable encryption is via factory reset.
  • Time involved: The encryption process takes about an hour (or longer, depending upon how much data you have), so you'll need a fully-charged device or have that device plugged in. Also, make sure you have plenty of time to start and finish.

If, after reading those warnings, you still want to encrypt your device, let's move forward. 

Note: The following steps will work with nearly all Android devices. I will demonstrate using the Verizon-branded Samsung Galaxy S4. Some device instructions may vary (depending upon the device).

Step 1: Fully charge, or plug in your phone

I cannot emphasize this enough. You must either have a full charge or the ability to plug your device in for the entire time the encryption process runs. If you don't, you run the risk of losing data.

Step 2: Back up your data

Although the Android platform makes it incredibly simple to restore data (even moving from phone to phone), that system can only go so far. You'll want to make sure you back up any important data to a cloud service or an external memory card.

Step 3: Begin the encryption

Here's how you begin the encryption:

  1. Open the app drawer
  2. Click Settings 
  3. Tap the More tab
  4. Tap Security
  5. Tap Encrypt device

At this point, you must select the Set screen lock type. Warning: Whatever screen lock type you choose will be used for starting the device and getting past your lock screen. Should you select to use a strong password, you'll be typing that password every single time you wake up your phone. This can be a bit cumbersome -- but if you're looking for very strong security on your device, this is the way to go.

Step 4: Walk through the encryption wizard

After you tap the Set screen lock type button, you'll have to select what type of screen lock to use (Figure A).

Figure A

Figure A
Select the type of screen lock for encryption.

The next window will be determined by the type of encryption you select. I chose Password, so I had to enter (and confirm) a password (Figure B).

Figure B

 

Figure B
 
Enter a password for encryption.

As I mentioned earlier, select a strong password here, otherwise it defeats the purpose of encryption all together. Once you've confirmed your password, you'll then be informed if your phone has enough charge for the process. Even if they device is plugged in, it must have a minimum of 80% charge before the Encrypt device button will be available (Figure C).

Figure C

 

Figure C
 
When your phone is over 80% charged, you can tap the Encrypt device button.

Tap the Encrypt device button, and you'll be prompted for your password. Once you've done that, tap the Encrypt device button again, and step away from the phone. It will immediately restart and begin the process of encryption. Do NOT interrupt the process. Leave the phone plugged into the charger while the encryption process takes place. Once the phone prompts you for your encryption password, the process is complete.

I will say, on the Samsung Galaxy S4, the encryption completed within about 20 minutes and no noticeable hit on performance.

If you're looking to get the highest possible encryption from your Android smartphone, the built-in device encryption is solid. Just use caution when setting it up and do not forget your encryption password.

Do you use encryption on your Android device. Share your experience in the discussion thread below.

 

 

[Update: Screenshot] Google Messages preparing end-to-end encryption for RCS messages - 9to5Google

Posted: 26 May 2020 12:00 AM PDT

Today, the folks at APKMirror got ahold of an internal "dogfood" build of Google Messages version 6.2. Here, "dogfood" is used in the sense of the phrase "eat your own dog food," meaning actually use the product you're building. Of course, our APK Insight team immediately dug in to see what all is coming with the next version of Google Messages. While we're still actively looking through the many changes found within, one in particular stood out — end-to-end encryption for RCS messages.

Update 5/26: We now have a screenshot of one of the end-to-end encryption settings pages in action.

About APK Insight: In this "APK Insight" post, we've decompiled the latest version of an application that Google uploaded to the Play Store. When we decompile these files (called APKs, in the case of Android apps), we're able to see various lines of code within that hint at possible future features. Keep in mind that Google may or may not ever ship these features, and our interpretation of what they are may be imperfect. We'll try to enable those that are closer to being finished, however, to show you how they'll look in case that they do ship. With that in mind, read on.

RCS end-to-end encryption

For years now, folks have been excited about RCS messaging as being the true successor to SMS and MMS messages and an open competitor to Apple's iMessage. However, one thing that iMessage has long offered that RCS could not is the ability to know your messages are secure thanks to end-to-end encryption. For an over simplified explanation of end-to-end encryption, your message is encrypted on your device in such a way that it can only be decrypted and read on the recipient's device, meaning no one should be able to snoop on your conversation.

In this dogfood build of Google Messages 6.2, we've found that work is well under way to allow you to send end-to-end encrypted messages via RCS. In fact, there are a total of twelve new strings in the app that make reference to encryption (sometimes shortened to "e2ee").

<string name="encrypted_rcs_message">End-to-End Encrypted Rich Communication Service message</string>

<string name="send_encrypted_button_content_description">Send end-to-end encrypted message</string>

<string name="e2ee_conversation_tombstone">Chatting end-to-end encrypted with %s</string>

<string name="metadata_encryption_status">End-to-end encrypted message</string>

For now, there aren't enough details to know for sure what the exact requirements are for using this end-to-end encryption. It's possible that both parties will need to be using the Google Messages app, though this could change once more apps gain support.

What we do know for certain is that both the sender and recipient will need to have a good internet connection simultaneously for these end-to-end encrypted RCS messages to go through. If either of you has a poor connection, Google Messages will offer to send your message through SMS or MMS as a fallback method. Before sending in this way though, the app will remind you that SMS and MMS are not encrypted and ask for your consent.

<string name="e2ee_fail_to_send_retry_description">Resend as chat</string>

<string name="encryption_fallback_title">Send unencrypted messages?</string>

<string name="encryption_default_fallback_body">"SMS/MMS texts aren't end-to-end encrypted.\n\nTo send with end-to-end encryption, wait for improved data connection or send messages now as SMS/MMS."</string>

<string name="encryption_fallback_dialog_accept_button">Send unencrypted</string>

<string name="encryption_fallback_dialog_decline_button">Wait</string>

<string name="encryption_sent_fallback_body">"SMS/MMS texts aren't end-to-end encrypted.\n\nTo send with end-to-end encryption, wait until %1$s has data connection or send messages now as SMS/MMS."</string>

Interestingly, it looks like Google Messages will also have extra protections in place for your end-to-end encrypted RCS messages. For example, you'll be able to set whether other Android apps that have permission to see your messages can also see your encrypted messages. You'll also be reminded that your messages are encrypted when sharing your location.

<string name="etouffee_to_telephony_setting_title">Let other apps access end-to-end encrypted messages</string>

<string name="location_attachment_picker_send_encrypted_content_description">Send end-to-end encrypted message with selected location %1$s</string>


Update 5/26: Our Dylan Roussel has dug deeper into the new dogfood build and managed to enable some aspects of Google Messages' RCS encryption settings. While we're not yet able to actually send or receive encrypted messages, the settings confirm some of what we already learned. Specifically, we can now see a global toggle that decides whether or not third-party apps can read your encrypted messages.

We've also found that encrypted messages may have a prefix added by the Google Messages app, currently configured to read, "This is an encrypted message." For now, we're not sure how this will be used, though it could be intended to only be seen if a message's contents have not been decrypted.


As all of this is only just beginning to appear in a "dogfood" build of Google Messages, we still have a bit of waiting to do before end-to-end encryption arrives for RCS. That said, it's clear Google wants RCS to be a legitimate competitor to iMessage, matching it both in features like message reactions for the everyday user and ones like encryption for the more security conscious.

Dylan Roussel contributed to this article

More on Google Messages:

FTC: We use income earning auto affiliate links. More.


Check out 9to5Google on YouTube for more news:

Encryption: What it is and how it works for you - Tom&#039;s Guide

Posted: 24 Jan 2020 12:00 AM PST

Encryption refers to any process that's used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it.

There are several modern types of encryption used to protect sensitive electronic data, such as email messages, files, folders and entire drives. 

Comments

Popular Posts

Signal, WhatsApp and Telegram: All the major security differences between messaging apps - CNET

Harry Dunn's parents to meet Anne Sacoolas as immunity row continues - The Guardian

VPN browser extensions: Why you shouldn't use then - Tech Advisor