:biggrin: But thanks for the warm reception. You and the rest of the gang here make it all worthwhile. :hail:
On the phone again in yet another heated discussion with technical support at Motorola at this very moment. I am pressing to speak to a member of the development team for the encryption that was implemented into these phones. When I informed the rep on the phone that from what I read and researched, the encryption defaults to a phone-specific key (MEID/IMEI/ESN), for AES 256 data encryption and that when and if that phone either becomes inoperable or is returned for a warranty issue (as in the case of Sam), that the only way to decrypt that data will have been lost permanently, he was shocked to say the least.
He has me on hold at the moment.
For the record, I turned on encryption on my phone, sent ONE file to the encrypted SD Card, then removed the card, turned off encryption, then inserted the card and now the phone is saying "checking SD Card for errors". It's been in that state for over a half hour. :icon_evil:
If you are going to add a feature that has such a powerful effect, you need to make sure you've executed the process in such a manner that it's fool-proof. This is far from fool-proof.:mad:
Third call to Motorola. 1 hour, 26 minutes in this last call. I am frustrated to say the least.
I still refuse to believe this can not be undone. I pressed until the rep agreed to speak to Level 3 support on behalf of me and see what can or cannot be done to resolve this.
I would love to have 5 minutes with the twenty-something developers in that encryption team, to interrupt their Foosball championship in the middle of the work-day, or to wake them from their mid-day nap, or interrupt their Madden NFL 2012 X-box game in order to put this in front of them. I know they would have it resolved in 5 minutes with no angst involved.
As they say, it's not what you know, but who you know that makes all the difference.
Bahahahahaha... that I would pay to see!!! If you get the opportunity to do so, please let me come!!Quote:
Originally Posted by FoxKat
DROID RAZR MAXXAMIZED!!!
Sam, I do want to clarify...we're talking about the removable SD Card, NOT the internal SD Card which is permanently a part of the phone. Are you SURE that you either copied or moved the pics and video you are trying to recover from the phone's memory and onto the removable SD Card, or that you had the camera set to do so as the default? If not, we may be spinning our wheels. If the pics and videos you need to recover are on the phone, then we have to try to move them off by using a USB cable and transfer them to your desktop PC.
They may not even be encrypted when all is said and done. I don't mean to sound like a broken record (say that to a generation z and see what kind of response you get). I remember you said when you inserted the card it asked for a password, but my HOPES are that you thought you were encrypting the pics and videos thinking (as one would) that they are automatically stored on that card. The truth on the other hand is that they are stored on the INTERNAL SD card by default, so there is hope.
If however we are 100% sure that the pics and video are on the removable SD Card, then we're up against one of three distinct possibilities, and two variations of the first and third of those possibilities.
I received a return call from the Motorola Technical Support today, and in that 36 minute call, I confirmed things I suspected, received information I wasn't aware of, and even taught the technician a thing or two. First, the encryption should be the standard AES 256 as I suspected. If so, and if we have the password, we should be able to use the tool I mentioned in an earlier thread. I'll explain...
If the card was encrypted using the first choice - Device option (see below), then the phone is a critical part of the encryption and without the actual physical phone, we'll likely never be able to recover it.
If so, there's also the possibility that even with the original phone that data may still be completely unrecoverable. When the encryption is used and the Device option is chosen, the phone's unique ID is used to create the "hashcode" which is the "key" that encrypts the data. Without that unique hashcode, the data is essentially permanently encrypted. Oh, it can be decrypted, but it would take considerable time and likely great expense as well. However, if the phone is still available, I have pretty much concluded that the same phone will recreate the identical hashcode if the same method of encryption is used so having the phone is crucial.
Now, if the second choice - Password option is used (see below), then ONLY that password is needed and I'm again nearly convinced that any good AES 256 encryption tool can be used to decrypt it.
But, if the third choice was used - Device+Password (again see below), then we not only need the actual physical phone but also the correct password, and again as the first option, it can only be decrypted in the actual phone, and like option one there's still the possibility that it can not be decrypted even with the right phone and right password.
So, when you originally encrypted, the question is did you see the following screen, and if so, which option was selected?
What we should do is try downloading the utility I mentioned (http://www.aescrypt.com/download.html), and see if we can decrypt any of the files on the removable SD Card by doing the decryption on the PC. Do you have access to a MicroSD Card reader? Can you download the utility and install it onto a Windows PC? If the answers are yes to those questions, let's start there.
FoxKat, not to be a party pooper, but I've posted about this on the Motorola forum, and if what I've learned there is correct, it sounds like when a factory reset is done, a new encryption key is generated. So even if you have the phone, you may not be able to recover the data.
The speculation there was that "I think that the idea is that items are encrypted for transport (on your handheld device) or think of it as the data is more accessible while we go about our business in public than it would be on our home computers. I also think that we are supposed to back up the data to our private storage (like your own computer) and in the process of data migration from the device to the computer your data will be unencrypted." Which, of course, is a ridiculous requirement and, if true, should be made extremely clear while encrypting.
It is also impossible to carry out because even if you backed up your phone to your pc every night, you still risk losing the data you aquired during the day. And considering phones are used in many environments (e.g., healthcare & financial sectors) where a lot of data may be acquired during the day, even losing one day of data could be disastrous.
This has been an eye opener for all of us - hopefully including Motorola. I think what they intended as a feature was never thought through carefully enough to show that it's really a bug. I hope that they change this design so that you can back up the key or at least are adequately warned of the severe limitations of this system and your risk of having irretrievable data loss.
Still, what you have discovered is very disappointing.
Here's my take on it. What good is encryption on the SD card that's IN the phone if you lose the phone? If you used a 4 digit password to lock the phone, cracking into that is relatively easy with the right tools. Once you're in, you have complete and unrestricted access to all the data stored on the card, and since data copied off the phone via the USB cable is unencrypted in the process, where's the security?
On the other hand, if you remove the card, you can't decrypt it anywhere else (if what you've learned from the Motorola forum is correct), so what good is it to you at that point. And as said on several posts already, if the phone dies, you can never recover the data if you used either Device or Device+Password for the encryption choice. So even if I WAS going to use encryption, I would NEVER use options one or three. Now, option 2 is a viable option - if, and only if it can be decrypted outside of the device with a standard AES 256 encryption tool. In that case, I can use WEP Key Generator or something like it to generate a 256 bit key in ASCII and make it something like J$V6!qKDz=[2)PWXWc_ZO+'8@lp!y which will provide me with extreme security, but I can store that key somewhere safe and if I need to decrypt later without the phone I can.
The ONLY way that I can see the reason for the options one and three are if the encryption is being administered by the IT department of a company and they have remote wipe capability. In that case, removing the SD card would be futile since you could never decrypt the data.
See my reply to that thread on the Motorola forum (https://forums.motorola.com/posts/b0...art=1&stop=15#).
Good post. Hey, all we can do is try. Matt, the forum moderator, tries hard to be helpful and I'm hoping he or other Moto folks monitoring the forum will help elevate this issue to the right places.
Right now it's a real bait and switch - you think you're doing something to make your data secure, but in reality you're making it extremely vulnerable. Like a land mine - one misstep and your data's lost forever!