<div class='os_post_top_link'><a href='http://blogs.msdn.com/windowsmobile/archive/2007/03/26/windows-mobile-6-storage-card-encryption-faq.aspx' target='_blank'>http://blogs.msdn.com/windowsmobile/archive/2007/03/26/windows-mobile-6-storage-card-encryption-faq.aspx</a><br /><br /></div>There's a post over on the Windows Mobile Team Blog that is a must read for anyone thinking of using encryption on their storage card under Windows Mobile 6 device. One of the key limitations of Microsoft's implementation is that you cannot backup the keys. So if your device bombs and you replace it, your data is gone too. <br /><br />I keep getting the feeling that we might be taking a giant step forward, but it's followed with a couple steps back. :? It's great that we can finally encrypt the storage card, but how many people will take advantage of it if there's no chance of recovering it when the device dies and needs to be replaced? :(

Windows Vista's BitLocker, a hard drive encrytion mechanism. If you enable BitLocker, your contents in encryted partition will only be readable from the same machine that contains TPM keys. If that machine craps out, you can't recover the data.

You can, however, always back up your stuff to a secondary backup storage.

If it is so easy to backup/restore keys, it may defeat the purpose of having encrypted storage in the first place.

The "same machine" thing is why I currently don't encrypt my data.

If you copy the data to another harddrive in the same machine, is the copy encrypted?

The "same machine" thing is why I currently don't encrypt my data.

If you copy the data to another harddrive in the same machine, is the copy encrypted?

No, only the data stored in encrypted partition is encrypted on the physical drive. To you, it's like not encrypted at all. This is useful for those who carry sensitive information on a laptop. If your laptop is lost, the information on the disk is safe because it can't be read from anyother PC. Same goes to WM6 storage card encryption as losing a phone a much more likely than losing a laptop.

So if the card is encrypted and the keys are stored in the internal memory, afaict the card can easily be read by any other device. This seems to me to be only a stopgap measure at best.

only other trusted or signed applications - at least that's my understanding.

And what if the storage card is an SD card, and the card has the write-protect tab set to on when the wipe is initialized? Perhaps this is one reason manufacturers have been moving away from SD to miniSD/microSD.

SD Card? What phone are you using?! ;)

That's a good point. We don't see much in the way of SD cards in phones anymore. And I'm sure that's a good thing given the size difference now-a-day.