Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Or any rooted android. Good luck in defeating LUKS. No custom firmwares will help them.


Make sure you set high enough LUKS master key iteration counts, and/or very complex password, so that they can't image the LUKS header and brute-force your passphrase off-device.


A rooted android is even less secure.


If you say so

https://blog.torproject.org/blog/mission-impossible-hardenin...


a rooted android is probably easiest to own over the air with a push notification, so yeah, that's a great idea! NOT


Could you expand a little on what you're referring to? Is this a specific vulnerability?


A powered down device rarely has that vulnerability.


A powered down device isn't exactly terribly useful.


You can't send a powered down phone a push notification for post-hoc analysis.

You would have had to know the target and push a vulnerability beforehand, which wouldn't have helped in this case.


So power it on? It will still boot with encryption. Isn't Android encryption is an extension of ext4 and only protects some data. It's not full disk / LUKS last I knew.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: