Encrypt or not encrypt /data?

Hi,

The first time I installed /e/, I have encrypted my S9 (or its /data).

After updating /e/ (I don’t remember which version), TWRP stop accessing encrypted /data.
I tried to find a solution with format/restore, changing TWRP version but it didn’t work anymore.
So, I stopped encrypting /data since then.

Today, I’m still wondering which one is best for custom roms like /e/.

Any idea ?

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

A lot of people are encrypting there device. I often read about issues with encrypted device. And you know that best.
My really personal view is: No encryption. I never have encrypted a device.

On the other side, if you have an unencrypted device, you make it easier for someone to steal your data. Especially if you have an unlocked bootloader, people with malicious intent and a some knowledege of the field can hijack your phone regardless of you having set a lockscreen password. BUT only if they get it in their hands. Because they can then read out the data or flash some new software to your phone which does that for them.

We are not talking about Application level data theft here, because when android is running, the fact that the storage is encrypted is abstracted away by the kernel anyway. Malicious apps can access whatever the can gain (or are given) permission to access.

So overall it depends on your threat model.
Do you think your device might get stolen with the intent of accessing your data and this would be devastating in some sense? Definitely encrypt.
Do you think you can look after your stuff and will probably not lose your phone, also there is nothing really significant on it? Don’t encrypt.

My personal opinion is that one should always choose encryption where possible, so that we someday arrive at encryption by default. Then, there will be no “oh, you encrypt, do you have something to hide?” mentality anymore.

3 Likes

short remark: 99% of all stolen or found devices will be formatted and sold.

Encrypt, you don’t want to be a victim of identity theft.

Of course, if your phone for some reason reject the encryption, then you did right to not encrypt anymore!

On the other side, you have to know that if you don’t encrypt your phone and you lose it, the person that find it could access via TWRP, to ALL your data, even if you have a password/pin/pattern lockscreen enabled.
So, think twice about it!

(https://forum.xda-developers.com/android/software-hacking/remove-lockscreen-recovery-t3530008)

1 Like