I have a Samsung Note 10+ 5G . There are many confusing opposing positions on the internet of whether it should be used or not. I am aware it is fully encrypted with “Knox” a military grade encryption folder.
But I have come across information on the Cellebrite website: "If the Secure folder is enabled on the device, another extraction is needed in order to retrieve the data decrypted. Some UFED methods such as Samsung Decrypting Exynos might retrieve the secure folder as part of the full-file-system extraction; Cellebrite Premium enables decrypted extraction of the Samsung Secure folder from most Samsung devices."
The talks of “Absent physical access, search for Physical\Full-File-system extraction”, is remote hacking through a backdoor also possible to the folder?
Being that it is connected to your Samsung account “by simply clicking on the forgot password button in the secure folder, you will be redirected to a page to reset your password with your Samsung account. Since your Samsung account is tied with your email and your phone number, your Samsung account can be easily retrieved by opening your Gmail app or inserting your sim card to a new phone for the text." Is this a way through?
If cloud backup is turned off is the data technically “more safe” as they are only stored on the phone?
Are these things , something to be worried about?
Even with its possible faults/flaws, is it still better to use as a double layer of security for your data as opposed to not having it enabled?
If someone who has the technical knowledge and expertise and available software has hands on with your phone then Yes they might be able to access your information.
Good passwords / encryption and two factor authentication should help to stop unwanted access.
Personally I don't use the Secure Folder as I feel I don't need to.
The biometrics and Security / Knox on a Samsung phone is enough to stop the average person accessing my phone and I don't allow hands on my phone from people I don't know and nor do I leave it sitting around unattended.
The various sensitive apps such as Internet banking etc are secured by fingerprint access, and the various layers the app / banking Security themselves install has.
I totally appreciate what your saying and one must always be aware and wary.