| Author |
K750i Code Memo Security? |
thoroughfare
Joined: Jul 28, 2005
Posts: 26
PM |
Hi,
Does anyone know what encryption methods the 'Code Memo' program uses under 'Organiser' on the K750i? I'm thinking of storing some important stuff on there, and I want to be sure it's safe.
Also, can the data be stored on the memory stick, and read by a similar program on a PC?
Thanks,
Matt  |
|
|
KrisUK
Joined: Jan 24, 2005
Posts: 216
PM |
I'm not sure how it works exactly (or even if the data is encrypted for that matter) but it'll be stored only on the phone. It won't be the safest way of carrying important info around with you but safe enough. |
thoroughfare
Joined: Jul 28, 2005
Posts: 26
PM |
If it's not encrypted, with some decent encryption (blowfish, AES), then it's definetly not secure enough for credit card info etc.
Matt |
Macco
Joined: Sep 15, 2004
Posts: 109
From: Italy, Rome
PM |
IMHO it's rather secure.
Firstly, because the thief can't roll many passwords/sec as he would with an encrypted file on a PC. Via Bluetooth can't be seen any encrypted file to be trasferred to any PC.
Secondly, because it ALWAYS shows you a result: before showing your data it prompts you a sentence as checksum: if it's correct, you know the data are correct.
For example: you reset your safebox with PW 1234 & sentence "CV4S". Inside you put your bank PIN code: 6789.
Then you try to enter a wrong pw: the safebox opens with the sentence R3G5 and then with: "BANK PIN CODE: 3G4T", e.g. the code is wrong but the thief can't be sure of that!
He (and you) can only reset the safebox to the empty state. So it's better to keep your data backed-up elsewhere... |
thoroughfare
Joined: Jul 28, 2005
Posts: 26
PM |
Macco, even so, without a decent form of encryption, your data is vulnerable. For all we know the 'encryption' on Code Memo could be ROT-13, in which case you might as well shout your bank details in the street.
I want to be sure that if my phone was stolen, the data would be impenetrable (without using a supercomputer and a bunch of computer scientists).
Matt |
KrisUK
Joined: Jan 24, 2005
Posts: 216
PM |
Encryption would be a complete waste though if it isn't already implemented. It can't be extracted from the phone because it's stored into the firmware and no one can get into it without the right code. It can't be accessed via bluetooth because bluetooth can't access that part of the phone.
There's no where safer though to store an important number than your head. This is generally what banks tell you to do when they issue you a PIN number. To memorize it, and then destroy any documentation of it. |
thoroughfare
Joined: Jul 28, 2005
Posts: 26
PM |
KrisUK:
I don't want to store bank details - I want to store server passwords, which:
a) Must be stored *very* securely.
b) Can't be remembered when you have near on 100 of them, and they're all random.
I should think that the Code Memo data is stored in the phone's memory, not the firmware. Either way, encryption would be essential.
Matt |
|
|
Posted: 2005-08-03 04:28
