[Replicant] Hardware/Physical and Software Security

Wolfgang Wiedmeyer wreg at wiedmeyer.de
Sat Aug 12 19:52:03 UTC 2017 

Hi,

TIM Safiqul Amin writes:

> Hello everyone,
>
> I hope you are good.
>
> As we know, hardware/physical security is very important. By hardware
> or physical security I mean things like removing the built-in
> microphone(s), removing the camera, or, even the modem etc.
>
> And by software security, I mean using full disk encryption on a
> device. As far as I know, Android/Replicant uses the same passphrase
> for unlocking the screen lock and also the full disk encryption.

That's the default behaviour, but it's possible to select a different
passphrase in Replicant 6.0. This is documented in the wiki[1] and the
website mentions it as well[2]. For Replicant 4.2 or other Android
versions, it should be possible to use one of the apps available on
F-Droid that allow to set a different passphrase. In the worst case,
it's still possible to set it with a command using the terminal app.

> My question is what are your plans on documenting these things. For
> example, how to remove microphone(s) for each supported/recommended
> device, and/or how to use two separate passphrases -- one for
> decrypting the fully encrypted disk and one for unlocking the screen.
>
> I believe this kind of articles/wikis/documentations are going be
> enormously helpful and beneficial for other people. I would like to
> know what are your thoughts on that.

If it's on the software side and if Replicant is concerned, the wiki is
definitely the best place to document this, like it was done for the
disc encryption. For the hardware side, I'm not sure. I agree that it's
important to have such documentation. If the documentation is written
and maintained by Replicant contributors or community members, then
maybe it makes sense to add it to the wiki as well. If people from other
projects are involved, it may make more sense to host and maintain it
elsewhere and only link to it on the website and/or the wiki.

Best regards,
Wolfgang

> Thank you very much for your time and attention.



[1]  https://redmine.replicant.us/projects/replicant/wiki/UsageNotes#Device-Encryption

[2]  https://www.replicant.us/freedom-privacy-security-issues.php#recommendations

-- 
Website: https://fossencdi.org
OpenPGP: 0F30 D1A0 2F73 F70A 6FEE  048E 5816 A24C 1075 7FC4
Key download: https://wiedmeyer.de/keys/ww.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20170812/db358672/attachment.asc>

More information about the Replicant mailing list