• What problem does am encrypted database solve? The phone itself is encrypted through a combination of hardware key storage and the user password, so offline storage attacks aren’t relevant.

    If you can access the Signal database, you have root access or something close to it. If you have root access, injecting a simple Frida gadget into a running app is basically three commands away, which will allow you do do any operation as that app, including dumping the secret keys or emailing a copy to someone else.

    Encrypted databases are a useful measure to slow down reverse engineering by a day or two, but they don’t provide any additional security. They do allow for harder to recover database issues to happen, though.

    • アルケミー船長@lemmy.one
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      It’s only encrypted in a BFU state, (before first unlock). Police can probe your phone for data using a tool by cellebrite without root. GrapheneOS includes a auto rebooting feature to place it back in a BFU state but other phones will lack this feature. Using Molly’s database lock allows you to not trust the OS itself by encrypting it.

      edit: corrected cellbrite to cellebrite