-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No easy way to know which phone has hardware encryption, and what are the risks involved. #2080
Comments
Note, it's this data https://developer.android.com/reference/androidx/security/crypto/MasterKey#isStrongBoxBacked() From my side - it's recommended to have android 9 Pie (API 28) or higher. Lower versions won't have strongbox. It's a good feedback to think about list of some recommended phones. Not only for hardware encrypted chip, but some more or less trusted firmware as well, which is a debatable question. |
thanks for the reply, note that I tried samsung a04s which is using android 12, but it is the cheaper line so maybe some features are missing. |
In the app there is the information:
"Hardware seed protection: false"
but no other information is given.I think some help should be shown explaining what are the risks and how to prevent them.
Like apparently the phone I'm using can encrypt sd card but I'm not sure if polkadot vault will be able to store the seeds there or not.
Also on the wiki: https://paritytech.github.io/parity-signer/tutorials/Start.html
In
"Set up phone"
section there is this line"Seed secrets are protected with hardware encryption based on vendor authentication protocol."
Ideally it would be great to link to ways to know what phone gives hardware encryption, like maybe some website have some lists of phone with such features?
The text was updated successfully, but these errors were encountered: