hold up. I just remembered something.
-
hold up. I just remembered something.
a phone (android or iOS, I forget) said "you can set the phone to [technician-safe] mode while [repair guy] fixes it"
I mean I expect the SSDs of my devices to /always/ have that same evil maid data protection at all times?*
like what exactly does that add?
*as distinct from tampering from the device itself. e.g., not full evil maid, more like "read the C:/ drive without authentication". as in, "wait it would let you read it without auth while the SSD is offline before?"
I mean maybe the NVMe has like, a cached drive key, that you could get from specialized hardware / jtags, and this tells the device "hey, forget the drive key"
but also... shouldn't it do that anytime the device powers off? (and restore SSD access via TPM? or via password and small bootloader?)
-
@risottobias Repair mode is a guest user account to let the repair technician verify your phone works without having access to your data. It does not impact normal File Based Encryption, etc.
https://youtube.com/watch?v=97F-IqTbyVw
> This feature simulates a factory reset (but doesn't actually wipe your phone) so you can send your phone in for repair and the technicians won't have access to any of your personal data while they troubleshoot and test your device. Once your phone is returned to you, you can exit repair mode by entering your device's PIN/pattern/password, which restores your device to normal.I actually did a ghetto version of this by temporarily booting a GSI image as a "factory reset" of my phone to prove to support my camera issue was a real hardware issue, without having to actually factory reset (I still did after repair was approved because I wanted to relock my bootloader before handing it in to support).