Google System updates make your Android devices more secure and reliable, and give you new and useful features. They include updates from Google to the Android operating system, Google Play Store, and
After a reboot all the data is encrypted and needs a pin/fingerprint to unlock.
So if it’s stolen (or feds get it) a planned reboot resets it to a highly secure state that is much more difficult to hack into than when it’s just locked from timeout.
Edit: removed fingerprint, corrected below.
Much of the data on your phone, including critical information that’s required to run the operating system and make the device function, is fully encrypted when the device is off/rebooted.
While in this locked down state, nothing can run. You don’t receive notifications, applications can’t run in the background, even just accessing the device yourself is slow as you have to wait for the whole system to decrypt and start up.
When you unlock the device for the first time; much of that data is decrypted so that it can be used, and the keys required to unlock the rest of the data get stored in memory where they can be quickly accessed and used. This also makes the device more vulnerable to attacks.
There’s always a trade off between convenience and security. The more secure a system, the less convenient it is to use.
I’m generally aware of all that, but I don’t see how it answers the question. Why can’t you just stop all app processes, unmount the relevant partitions, clear any memory containing cryptographic keys etc. but not actually reboot?
Rebooting just seems like a very roundabout, slow and inefficient way to get back to that initial state you describe. Is there something e.g. the bootloader does that cannot be replicated on a running phone and is essential for securing it again after the first unlock?
its done that way because at a reboot all memory is lost, and it can’t happen that something slips through because there is a bug or some miscalculation
Rebooting just seems like a very roundabout, slow and inefficient way to get back to that initial state you describe.
It’s exactly what the reboot process is designed to do; return you to that fully encrypted pre-boot state. There would be no purpose to implementing a second method that does the exact same thing.
After a reboot all the data is encrypted and needs a pin/
fingerprintto unlock. So if it’s stolen (or feds get it) a planned reboot resets it to a highly secure state that is much more difficult to hack into than when it’s just locked from timeout. Edit: removed fingerprint, corrected below.Oh, this is actually a useful feature, then.
Yeah, seems like its a move to follow apple after custom ROMS offering it as a security feature (Im on GrapheneOS and had it set for a while)
Just to clarify, it needs a PIN/password to unlock after reboot. Biometrics like fingerprint aren’t available until the device has been decrypted.
I was under the impression that if a phone restarts, then you cannot use biometrics. You have to use a pin/password/etc.
Thanks for the clarification, I forgot that (somehow)
Why is a reboot necessary for that? Is it not possible to enter the same encrypted state the phone is in after a reboot without actually rebooting?
Much of the data on your phone, including critical information that’s required to run the operating system and make the device function, is fully encrypted when the device is off/rebooted.
While in this locked down state, nothing can run. You don’t receive notifications, applications can’t run in the background, even just accessing the device yourself is slow as you have to wait for the whole system to decrypt and start up.
When you unlock the device for the first time; much of that data is decrypted so that it can be used, and the keys required to unlock the rest of the data get stored in memory where they can be quickly accessed and used. This also makes the device more vulnerable to attacks.
There’s always a trade off between convenience and security. The more secure a system, the less convenient it is to use.
I’m generally aware of all that, but I don’t see how it answers the question. Why can’t you just stop all app processes, unmount the relevant partitions, clear any memory containing cryptographic keys etc. but not actually reboot?
Rebooting just seems like a very roundabout, slow and inefficient way to get back to that initial state you describe. Is there something e.g. the bootloader does that cannot be replicated on a running phone and is essential for securing it again after the first unlock?
its done that way because at a reboot all memory is lost, and it can’t happen that something slips through because there is a bug or some miscalculation
It’s exactly what the reboot process is designed to do; return you to that fully encrypted pre-boot state. There would be no purpose to implementing a second method that does the exact same thing.