Help Is data stored in phone internal memory more secure than phone external micro sd card?

[spman]

My phone has a lock screen pattern.

If I lost my phone, is it that the theif can access to my memory card data/files (by taking out the memory card and read it in PC), and the theif is unable to access the data/files stored in the phone internal memory?

Thanks. Using Samsung S4.

 

[mikedt]

If there's data on the SD and it's unencrypted, yes there's full access to it just by removing it from the locked stolen phone and reading it with a PC or another phone or tablet. Internal storage is usually inaccessible on a locked device, much more secure if that was encrypted as well, see FBI vs Apple.

 

[spman]

If there's data on the SD and it's unencrypted, yes there's full access to it just by removing it from the locked stolen phone and reading it with a PC or another phone or tablet. Internal storage is usually inaccessible on a locked device, much more secure if that was encrypted as well, see FBI vs Apple.

How do you encrypt the SD card?

 

[peterh337]

Regarding the FBI v. Apple, I am sure that the Apple encryption is strong but not NSA-proof, because it would not be in Apple's interest to get wide publicity that its phones are used successfully by terrorists.

Apple either use a "short" key e.g. 64 bits or they use a long key and have given the NSA all of it except the last 64 bits. That is the standard procedure here in the UK if you want to get an export license for a product containing crypto (the GCHQ allow you a secret of about 64 bits). Obviously you don't tell your customers about it...

Internal storage is easily accessible if somebody opens the phone and unsolders the FLASH chip. Obviously you need to know about electronics but it should take only a few minutes to get the chip out.

 

[mikedt]

OT for this thread...

Regarding the FBI v. Apple, I am sure that the Apple encryption is strong but not NSA-proof, because it would not be in Apple's interest to get wide publicity that its phones are used successfully by terrorists.

Apple either use a "short" key e.g. 64 bits or they use a long key and have given the NSA all of it except the last 64 bits. That is the standard procedure here in the UK if you want to get an export license for a product containing crypto (the GCHQ allow you a secret of about 64 bits). Obviously you don't tell your customers about it...

...but you might want to have read of this Lounge thread..
http://androidforums.com/threads/sh...bi-unlock-a-phone-with-a-court-order.1001162/

...and apparently some terrorists aren't using expensive iPhones, they're using cheap, unregistered pre-paid burner phones.
http://arstechnica.com/tech-policy/2016/03/paris-terrorist-attacks-burner-phones-not-encryption/

BTW I've never heard such a thing about UK export restrictions, not now. Back in the 1990s there might have been, and certainly in the US, which was 40 bit encryption. A legacy of which is still around now in some things, like DVDs and WEP encryption.

Internal storage is easily accessible if somebody opens the phone and unsolders the FLASH chip. Obviously you need to know about electronics but it should take only a few minutes to get the chip out.

You do have to be somewhat determined to that though, like you are feds or forensic lab or something, and have the equipment to directly read flash chips.

 

[mikedt]

How do you encrypt the SD card?

Depending on the phone and/or Android version it's got, could be an option for it in settings, under security.

 

[girolez]

Most recent Samsung phones do have the option to encrypt sdcards. Note that if you do encrypt an SD card, it becomes totally useless (unreadable) if you have factory reset the phone used to encrypt it, without unencrypting it first (eg using google device manager) because the encryption code would be lost with the reset.