I have a Samsung Note 10+ 5G . There are many confusing opposing positions on the internet of whether it should be used or not. I am aware it is fully encrypted with “Knox” a military grade encryption folder.
But I have come across information on the Cellebrite website: "If the Secure folder is enabled on the device, another extraction is needed in order to retrieve the data decrypted. Some UFED methods such as Samsung Decrypting Exynos might retrieve the secure folder as part of the full-file-system extraction; Cellebrite Premium enables decrypted extraction of the Samsung Secure folder from most Samsung devices."
The talks of “Absent physical access, search for Physical\Full-File-system extraction”, is remote hacking through a backdoor also possible to the folder?
Being that it is connected to your Samsung account “by simply clicking on the forgot password button in the secure folder, you will be redirected to a page to reset your password with your Samsung account. Since your Samsung account is tied with your email and your phone number, your Samsung account can be easily retrieved by opening your Gmail app or inserting your sim card to a new phone for the text." Is this a way through?
If cloud backup is turned off is the data technically “more safe” as they are only stored on the phone?
Are these things , something to be worried about?
Even with its possible faults/flaws, is it still better to use as a double layer of security for your data as opposed to not having it enabled?
If someone who has the technical knowledge and expertise and available software has hands on with your phone then Yes they might be able to access your information.
Good passwords / encryption and two factor authentication should help to stop unwanted access.
Personally I don't use the Secure Folder as I feel I don't need to.
The biometrics and Security / Knox on a Samsung phone is enough to stop the average person accessing my phone and I don't allow hands on my phone from people I don't know and nor do I leave it sitting around unattended.
The various sensitive apps such as Internet banking etc are secured by fingerprint access, and the various layers the app / banking Security themselves install has.
I totally appreciate what your saying and one must always be aware and wary.
Daily Driver > Samsung Galaxy s²² Ultra 256Gb.
Samsung Gear s³ Frontier Watch.
Samsung Galaxy Watch⁴ Classic.
The advice I offer is my own and does not represent Samsung’s position.
I have no affiliation with Samsung.
The way I see it, Cellebrite relies on two things;
1. Backup. The backup is of course unencrypted
2. Resetting Secure Folder password using Samsung Account.
Samsung Account is the weak link. If you enter the wrong password on Secure Folder you get a forgot password link which asks for your Samsung Account.
Anyone with access to your phone can therefore reset your complex password and access the folder contents.
Samsung should make Secure Folder password resetting optional.
The safe workaround I have is
1. Get a burner phon number
2. Get a burner email
3. Using 1 &2 create a burner Samsung Account.
4. Set up the Secure Folder.
5. Sign out of the burner Samsung Account and log in with your regular account
Protonmail has free easy to set up burner emails. You can create an account without ANY password recovery options. Give it a complex impossible to guess password. Remember to remove all traces of the burner email by say using a different device or Secret Mode
Anyone trying to access your Secure Folder will be prompted to reset its password from the burner email which Samsung readily displays.
Armed with your burner Samsung Account, they will next attempt to reset its password. One of the options for its 2FA is through phone/text. But you long discarded the burner phone number so this won't work. The other option is through the email, but the burner email is inaccessible and there's no way of resetting its password. The intruder hits a wall.
All they are left with is brute force.
To be safe, your Secure Folder password should not follow your usual pattern of password making. Make it the longest at 15 alphanumeric characters with mixed cases, and NEVER use any known name.
Your job is to just memorize this password.
Only way to access your Folder is for Samsung to send the Samsung Account 2FA text code to a different phone say law enforcement.
Samsung is not Apple and they readily cooperate with authorities in many countries so cross your fingers