NontechnicalParanoid
Beiträge: 1
Registriert: So 5. Dez 2021, 01:02

Some questions about device security

I guess if we weren’t all a bit paranoid we‘d be looking at other phones :)

So…..

1. Normal Android phones will, when installing an alternative OS, delete all user data and will then go on to display a strongly worded warning on every start. (Some weak form of Anti-Evil-Maid.) Does VollaPhone do the same?
2. Are internal and external user data encrypted by default? If so, block-based or file-based + which algorithm and key length?
3. Does performing a factory reset securely delete all user data? (considering both the difficulties of reliably overwriting flash memory sectors AND the multitudes of mysterious partitions that Android-based phones usually come with…)
4. Many phones today have a separate chip to handle some of the aforementioned functions. (Think of the secure enclave, Titan M and the like.) Does VollaPhone have anything similar?
5. Does the fact that VollaOS is based on somewhat older versions of Android impact software security in any way?
5b. For how long do you intend to support your devices?
6. VollaPhone is NOT rooted by default, so a malicious app from an alternative app store should only cause limited damage, correct?
7. And finally: do any answers to the above questions depend on which OS runs on the phone? (VollaOS or Ubuntu)

THANK YOU very much in advance for answering some or all of these questions!
Emil
Beiträge: 16
Registriert: Mo 29. Mär 2021, 18:40
Volla Phone mit: Volla OS (Android 10)
sonstiges Handy/iPhone mit Android Version/iOS Version: LG G5 /e/OS + Pixel 4a GrapheneOS + Nokia N97 Symbian

Re: Some questions about device security

Very nice post. I also hope for answers to all these questions.
I can only say about point 4 that the phone is based on a Gigaset 290 and has no security chip.
Benutzeravatar
schmuel
Beiträge: 157
Registriert: Mo 29. Mär 2021, 15:13
Wohnort: Schulpforte (Sachsen-Anhalt)
Volla Phone mit: Volla OS (Android 9)
sonstiges Handy/iPhone mit Android Version/iOS Version: Per ABM: UT und SFOS; außerdem: Zweitvolla mit Droidian
Kontaktdaten: Website

Re: Some questions about device security

Hi NontechnicalParanoid and welcome to the user forum!

Ill try answering a few of your questions:
NontechnicalParanoid hat geschrieben: So 5. Dez 2021, 01:21 1. Normal Android phones will, when installing an alternative OS, delete all user data and will then go on to display a strongly worded warning on every start. (Some weak form of Anti-Evil-Maid.) Does VollaPhone do the same?
I have tried the following OS:
-Droidian
-Sailfish
-Ubuntu
None of them showed the warning message. It didnt matter if I installed it from the UBports installer or via fastboot/recovery so I assume the answer will be: no.
NontechnicalParanoid hat geschrieben: So 5. Dez 2021, 01:21 2. Are internal and external user data encrypted by default? If so, block-based or file-based + which algorithm and key length?
As far as I know, the Volla OS does offer user data encryption by default. Ubuntu Touch however has no such option.
NontechnicalParanoid hat geschrieben: So 5. Dez 2021, 01:21 4. Many phones today have a separate chip to handle some of the aforementioned functions. (Think of the secure enclave, Titan M and the like.) Does VollaPhone have anything similar?
The current models dont offer such a chipset. But you may feel free to kindly ask for it in the wishlist Thread :)
NontechnicalParanoid hat geschrieben: So 5. Dez 2021, 01:21 6. VollaPhone is NOT rooted by default, so a malicious app from an alternative app store should only cause limited damage, correct?
correct.
NontechnicalParanoid hat geschrieben: So 5. Dez 2021, 01:21 7. And finally: do any answers to the above questions depend on which OS runs on the phone? (VollaOS or Ubuntu)
Yes, as seen above, the answers may be different for each operating system. I assume that the Ubuntu Touch Version at least will be supported for many years as long as there is an active community working on it :) (5b) as far as I know, there is no exact statement from Dr. Wurzer about how long he will support the Volla OS for the first Volla Phone.

Have a nice day,
Schmuel
Geduld ist der Begleiter der Weisheit.

Hi ich bin ein Mod des Forums.
Thread zu früh geschlossen? -> PN
Spam gefunden? -> PN

Hi Im a mod of this forum.
Thread closed too early? -> DM me
Found spam? -> DM me

Zurück zu „Volla Phone“