Read-only archive of the All About Symbian forum (2001–2013) · About this archive
All About Symbian Forum Archive

memory card security question

1 replies · 2,502 views · Started 31 January 2006

saichele 31 Jan 2006, 21:10

I've noticed several applications that will allow encryption of various files (audio, image, notes, etc.), but I'm concerned that any data related to apps installed on my add-on memory card could be hacked if the phone is stolen. For example, I have a current of ProfiMail installed on the mmc card - is it likely that messages stored on the same card could be easily viewed if the card was removed and accessed via a PC or other Nokia phone? Does symbian have built-in file and directory permissions?

N/A 31 Jan 2006, 23:17

Symbian has no built-in file permissions. In any case, only with an encrypted file system would it be safe if the storage media was moved to another device.

I.e., even if you'd have protected files on a UNIX, Linux or Windows machine (with user-level file permissions/security), moving the disk to another machine makes all user-level protection useless (everything can be overridden).

Only volume- or file-level encryption will protect against that.

And even so, it will only buy time; the better the encryption algorithm and the longer the encryption keys, the longer it takes for decrypting the data without having the keys.

Then, of course, lost encryption keys in the hands of an attacker makes the encryption moot, too.

In the case of a memory card on a Symbian based phone, you get an additional level of assurance, if you set a memory card password (which makes it more difficult to use the card in another phone without knowing the password).

Enabling the security lock on the phone will also require the user of a stolen phone to get or break the phone's lock/security code, when the phone is powered on.

If you use the automatic locking feature while the phone is on, then the lock/security code is needed even if the phone is on and the locking has been activated.

And if you also enable SIM security, a stolen/lost phone will not allow the use of a new SIM card without the lock/security code.

Also storing data you need to be more secure, it will be, if you save it in phone memory instead of the memory card (assuming the PIN code request and lock/security code requests are also enabled).

And, in addition, you can use add-on apps like Handy Photo Safe and others to protect specific pieces of information above and beyond what the phone's built-in features support.

It would also be a good idea to write down the phone's serial number (the IMEI, International Mobile Equipment Identifier), and store it in a safe place. Then you can then immediately report the IMEI to your operator, insurance companies and/or the police if your phone is stolen/lost.

Oh, and change the PIN, PIN2 and lock/security codes from the default values to something else. If you keep them at your operator's or the device manufacturer's defaults, then they won't protect anything.

And make and save also frequent back-ups of your data. No matter how protected your device is, if it is lost or stolen, your data is gone with it, if you haven't got a copy or copies elsewhere.