A disgruntled spouse swiping your phone and running up to a awarded hotel room to hook it up to a trusted macbook protected by your secret "1234" password isn't exactly Jason Bourne territory. I suppose they might know your phone passcode as well - all I'm saying is that a phone in general use will have been unlocked the passed few days, and is likely in proximity to a trusted device.
Now, we don't know how the greylock stuff works (afaik) - so maybe this will harden phones against imaging with such tools. And maybe not.
I actually have a hard time seeing how this is: "aimed squarely at police". If you're picket up at a demonstration or traffic stop - is it really that common that they won't get to your phone in 7 days? They're only allowed to hold you for 48 hours or so anyway?
Don't get me wrong 7 is better than forever - but I'd like to see it made available as a user setting; eg never / 30 seconds etc.
As for this not being available on Android; my impression was that given an encrypted, locked, Android phone with pin/pw lock and debugging disabled - you'd need to unlock before being able to access phone data via USB?
Now if debugging is activated, I believe a "trusted computer" (anyone who holds the keys) can gain access even if the screen is locked?
> A disgruntled spouse swiping your phone and running up to a awarded hotel room to hook it up to a trusted macbook protected by your secret "1234" password isn't exactly Jason Bourne territory.
Think about that from the perspective of a security threat model: what are the odds that your disgruntled spouse has access to your computer and knows your laptop password, but doesn't know your phone password? This is an extremely hard problem to solve since they have all kinds of sensitive information and access.
> I actually have a hard time seeing how this is: "aimed squarely at police". If you're picket up at a demonstration or traffic stop - is it really that common that they won't get to your phone in 7 days? They're only allowed to hold you for 48 hours or so anyway?
What they're allowed to do and what they actually do are not necessarily the same. This prevents the case where, say, they've seized phones but haven't legally compelled the users to unlock them since it means that if an exploit is discovered in the future it won't be usable against any devices which were stolen/seized more than a week earlier.
It would also make it hard to do something like seize a bunch of protesters phones and then attempt to obtain the keys from each person's trusted home computer which would take more time to do at any significant scale.
It's not a huge game changer but it adds a layer of hardening against certain attacks. Given the limited downside, that seems like a good thing.
> Think about that from the perspective of a security threat model: what are the odds that your disgruntled spouse has access to your computer and knows your laptop password, but doesn't know your phone password?
Well, you might not have a password for your desktop - but might have a pin for your phone.
Or maybe it isn't your spouse, but your kid; they might share the computer - but not access to the phone?
<ed: i don't really disagree, but I also struggle with the 7 days (and not quite in the "perfect is the enemy of good"-sense:
>
Either way, I'm not sure I understand how 7 days make sense (seems too long, still).
Seems like either it should be ~14 hours to a day (sync at home every evening) - or it should be: phone has to be unlocked.
Now, we don't know how the greylock stuff works (afaik) - so maybe this will harden phones against imaging with such tools. And maybe not.
I actually have a hard time seeing how this is: "aimed squarely at police". If you're picket up at a demonstration or traffic stop - is it really that common that they won't get to your phone in 7 days? They're only allowed to hold you for 48 hours or so anyway?
Don't get me wrong 7 is better than forever - but I'd like to see it made available as a user setting; eg never / 30 seconds etc.
As for this not being available on Android; my impression was that given an encrypted, locked, Android phone with pin/pw lock and debugging disabled - you'd need to unlock before being able to access phone data via USB?
Now if debugging is activated, I believe a "trusted computer" (anyone who holds the keys) can gain access even if the screen is locked?