Help Encrypted file system access

timburton · Oct 18, 2019

I have an old ZTE N800 android device from almost ten years ago. This was before the days of uploading to the cloud, so I'm wishing on a star there is a way to access the filesystem and recover photos. Maybe a security vulnerability that has arisen in the meantime? Does anyone have any leads or ideas?

Cheers

svim · Oct 18, 2019

The N700 was apparently released in 2013, a couple of years before internal storage was being encrypted by default. There isn't likely to be an encryption problem accessing saved data.
https://www.phonearena.com/phones/ZTE-N800_id8191

Dannydet · Oct 18, 2019

Other option, Google photos app installed?

timburton · Oct 18, 2019

svim said:
The N700 was apparently released in 2013, a couple of years before internal storage was being encrypted by default. There isn't likely to be an encryption problem accessing saved data.
https://www.phonearena.com/phones/ZTE-N800_id8191

Hi! Thanks for the reply! I'm not sure I understand what you're saying, or maybe you misunderstood what I'm saying. In my infinite wisdom I encrypted the filesystem, and as such by even turning the phone on I can't boot the phone because I have to un-encrypt the file system to even get the the unlock screen.

timburton · Oct 18, 2019

Dannydet said:
Other option, Google photos app installed?

I can't remember.

lvt · Oct 18, 2019

How did you encrypt your phone? Was it an option in the settings or you used a third-party app?

svim · Oct 19, 2019

timburton said:
Hi! Thanks for the reply! I'm not sure I understand what you're saying, or maybe you misunderstood what I'm saying. In my infinite wisdom I encrypted the filesystem, and as such by even turning the phone on I can't boot the phone because I have to un-encrypt the file system to even get the the unlock screen.

Just to clarify, implementing a lock screen has no relation to encrypting the file system, they're two different security aspects that apply to two separate things that are independent of each other.
-- A lock screen is a way of securing your phone from other people being able to access your phone when it gets restarted or woken from sleep mode. It makes no difference in any way if the internal storage media is encrypted or not encrypted and you do or don't have lock screen enabled. Adding a lock screen (passcode, swipe, fingerprint, etc.) does not encrypt nor decrypt the internal storage media, its purpose is to keep other people from readily logging into your phone so they don't have easy access to all the things stored in it.
-- When the internal storage media is encrypted, any data that gets stored in it is protected by a cryptographic key. That encryption key is unique (only works on the device it was created on), and gets stored locally (only on the device it was created on). Encryption relates to the storage media, it has no bearing on if a lock screen is or isn't set up. Early versions of Android had no ability to encrypt the storage media, around KitKat or maybe even earlier some manufacturers were allowing it, but it wasn't until Lollipop or maybe Marshmallow (???) before encrypting the storage media became the default for all Android devices.

timburton · Oct 19, 2019

lvt said:
How did you encrypt your phone? Was it an option in the settings or you used a third-party app?

It was not a third party app.

timburton · Oct 19, 2019

svim said:
Just to clarify, implementing a lock screen has no relation to encrypting the file system, they're two different security aspects that apply to two separate things that are independent of each other.
-- A lock screen is a way of securing your phone from other people being able to access your phone when it gets restarted or woken from sleep mode. It makes no difference in any way if the internal storage media is encrypted or not encrypted and you do or don't have lock screen enabled. Adding a lock screen (passcode, swipe, fingerprint, etc.) does not encrypt nor decrypt the internal storage media, its purpose is to keep other people from readily logging into your phone so they don't have easy access to all the things stored in it.
-- When the internal storage media is encrypted, any data that gets stored in it is protected by a cryptographic key. That encryption key is unique (only works on the device it was created on), and gets stored locally (only on the device it was created on). Encryption relates to the storage media, it has no bearing on if a lock screen is or isn't set up. Early versions of Android had no ability to encrypt the storage media, around KitKat or maybe even earlier some manufacturers were allowing it, but it wasn't until Lollipop or maybe Marshmallow (???) before encrypting the storage media became the default for all Android devices.

Right. I'm with you. You have to decrypt the storage media after you turn on the phone, then the phone presents you with the unlock screen.

lvt · Oct 19, 2019

My 2012 phone does have encryption option for both internal storage and SD card. There might be some ways to retrieve the data but it's not a task that normal users could do.

timburton · Oct 19, 2019

lvt said:
My 2012 phone does have encryption option for both internal storage and SD card. There might be some ways to retrieve the data but it's not a task that normal users could do.

I was afraid of that. Is there some piece of software out there you know of that the pros might use?

lvt · Oct 20, 2019

timburton said:
I was afraid of that. Is there some piece of software out there you know of that the pros might use?

It's more complicated than just a piece of software.

There are tools that are used to extract data from encrypted phones, they are very expensive

https://www.detective-store.com/cellebrite_9

Humor has it that some second-hand UFED could be had for much lower prices on eBay.

So if your photos are highly private, you'll have to DIY, otherwise you could hire someone with the necessary tool to do the job.

timburton · Oct 20, 2019

lvt said:
It's more complicated than just a piece of software.

There are tools that are used to extract data from encrypted phones, they are very expensive

https://www.detective-store.com/cellebrite_9

Humor has it that some second-hand UFED could be had for much lower prices on eBay.

So if your photos are highly private, you'll have to DIY, otherwise you could hire someone with the necessary tool to do the job.

I appreciate the reply anyway. Thanks for the lead. I don't think there's anything NSFW-esque. Why do you say "humor" has it? Not sure what that is meant to imply.

By eBay do you mean the darkweb?

lvt · Oct 20, 2019

timburton said:
By eBay do you mean the darkweb?

Just eBay,

https://www.ebay.com/sch/i.html?_from=R40&_nkw=ufed&_sacat=0&_dmd=1&_sop=15

If you go this way, make sure that the device you want to buy still has the valid license, otherwise it might not be usable.

timburton · Oct 20, 2019

lvt said:
Just eBay,

https://www.ebay.com/sch/i.html?_from=R40&_nkw=ufed&_sacat=0&_dmd=1&_sop=15

If you go this way, make sure that the device you want to buy still has the valid license, otherwise it might not be usable.

Cheers! You can't renew the license? Does the license cost as much as the device?

lvt · Oct 20, 2019

timburton said:
Cheers! You can't renew the license? Does the license cost as much as the device?

From what I understand, the license is needed to upgrade the firmware that supports new phones. You'd better buy one with license remaining valid or ask the seller whether your phone model is already supported.

Help Encrypted file system access

timburton

Lurker

svim

Extreme Android User

Dannydet

Danny D Graphic Designer

timburton

Lurker

timburton

Lurker

lvt

Android Expert

svim

Extreme Android User

timburton

Lurker

timburton

Lurker

lvt

Android Expert

timburton

Lurker

lvt

Android Expert

timburton

Lurker

lvt

Android Expert

timburton

Lurker

lvt

Android Expert