Is there a way to use an Android mobile phone for "isolated storage"

6

4

Recently, manufacturers have been introducing Android mobile phones on the market with internal memory capacities of 256Gb, 512Gb, even 1Tb.

Since that is more than enough for all my "phone needs", and since almost all phones come with an USB-C port, I would like to use part of that internal memory capacity as isolated storage, in lack of a better term.
If you know of an established term for something like this, please tell me in the comments.

I work in the field, not tied to a particular computer. You might say, I work from my external hard drive (eHDD). When I am there, I come to whatever computer I have available, connect my eHDD to it, ... do what I have to do (including running applications from it) ... and eject it.
I would like to replace the need to carry both my phone and my eHDD, with only carrying my phone with me, by being able to move the whole of contents of my eHDD to my phone. So when I come to a computer, I would connect my phone to it, ... do what I have to do ... and eject it afterwards.
But I would like to have those contents I just moved, not accessible to the phone apps (for there are thousands of photos, videos, documents, executables, etc. which would clutter most of the phone's apps, or create incompatibilities with Android OS) but only to the computer. Therefore the term, isolated storage.

Isolated storage would be for example a folder or a partition on the phone, which the phone's apps could not read or modify. The purpose of that folder would be to serve purely for storage, which I would always have with me.

Is something like this possible, and how?
My desktop/laptop OS is Windows.

Edit: Since I see this is maybe going in the wrong direction, let me put it in another way. Is there a way to put some data onto the phone, yet restrict read/write/modify access to that data so that it could not be accessed from the phone.
Currently, I am looking at it from a computer perspective. Like when you have two partitions and two OS's, Windows and Linux, and for example Windows cannot access nor read/write your Linux partition.

Rook

Posted 2019-10-03T22:44:58.677

Reputation: 21 622

Comments are not for extended discussion; this conversation has been moved to chat.

– DavidPostill – 2019-10-06T15:52:34.583

Answers

0

Answer Before Question Was Rephrased

An operating system (OS) is - among other things - being responsible to manage hardware resources. Therefore the OS will always be able to access all connected storage devices, may it be a hard drive in case of a PC, or flash memory in case of a phone.

So the answer to your question is no, it is not possible to branch off some of the storage and make it completely inaccessible to the phone's OS. Extra hardware, implemented by the phone's manufacturer (like a second storage controller), would be required to achieve this.

Side note: Since you asked for something different, this question may at first sight seem to be unrelated to yours. However, the reason why it can not work is in both cases the very same: You want to share a hardware device (the phone's storage) between two OS's (the phone's OS and the device's OS you want to connect your phone as an USB drive to). Sharing a hardware device between OS's is not possible without some kind of virtualization.

dirdi

Posted 2019-10-03T22:44:58.677

Reputation: 1 860

You're right. I should have phrased that part in a more precise way. Of course an OS has to access all parts of memory. I am just looking to protect mentioned data from phone's apps - for example, those "cleaning apps", that I never know which files they will delete. I want to avoid the unfortunate situation where a cleaning app will decide to delete all files older than 5 years or so. Illustrative example, but you understand what I mean, I think. – Rook – 2019-10-06T20:16:57.210

Although, upon second thought, I agree to disagree. You could for example have several partitions on your comp., some accessible only to your Win OS, some only to your Linux OS. So, it is not a matter of your OS having access to all your storage, but how you divide it. Why cannot the same be reapplied - instead of having 256Mb internal storage on the phone you repartition that storage so the partition to which the Phone has access is only 128Gb, and the other one NTFS which you only see when you access it from Windows. Or maybe the phone will – Rook – 2019-10-06T20:45:48.943

always just use the first one, and "not care" about the second one... – Rook – 2019-10-06T20:45:51.793

No, I've read the linked question, but I don't think there are any similarities, even if it described like there is. That (question) deals with something completely different. – Rook – 2019-10-06T20:48:41.763

0

Android devices (for now) use Linux as the base kernel.

Just based on that fact, it's completely possible

  • for Android to be setup in such a way that the base OS doesn't consume all the onboard flash,

  • to run something under Linux-beneath-Android that exposes the remaining flash as a USB block device.

My old LG Intuition phone (ancient today) did something interesting but ultimately bothersome - when you connected it to a PC, it exposed an .iso file as a CD-ROM device. This .iso file contained a Windows autorun setup and installer that would install LG software. So the basic mechanism has been done before.

To modify an existing Android phone to do something like this will require a lot of work. You will need recovery-level access to the device with a custom bootloader, so you can rewrite the entire device flash. You will then basically need to "reinstall" Android over the smaller flash partition, which will be difficult since it will have to be done from the original files. You will then need the necessary daemons and configuration running to detect an incoming USB connection and respond to requests for block I/O.

Is there a way to put some data onto the phone, yet restrict read/write/modify access to that data so that it could not be accessed from the phone.

You might be able to connect a USB-C storage device to the phone and move data to it. Then you can remove the device when access to data is not needed. I had an old Samsung phone that supported USB OTG, and believe it or not, I was able to connect a USB floppy and it worked. The OS treated it like an external SD card. The floppy was formatted FAT16 and it was recognized and useable by Android (though at 1.44MB of space, not for very much).

Unfortunately this may be different or no longer possible in newer Android versions because it looks like there's a trend of making files accessible to the outside world with something like MTP and not block-level USB-mass-storage class access anymore (like Apple iPhone does).

LawrenceC

Posted 2019-10-03T22:44:58.677

Reputation: 63 487

0

How to access an Android folder from Windows

You can access a folder on your phone from Windows as per How to mount an Android smartphone as a drive in Windows? and Mapping android storage as a window’s drive.

In short, install a webdav server app and follow the setup instructions to get an IP address for your shared folder. On Windows, use the map network location function to access the folder.

The one downside is that the phone is accessed via WiFi, which may not be as fast as a cable connection. You could get a LAN cable adaptor to remove WiFi limitations.

How to make the files inaccessible to other Android apps

Anything you install in Samsung's Secure Folder is not accessible to other apps installed on your phone (only accessible to other apps installed in the secure folder). If you install the webdav here, other apps will not see any of the data it is hosting.

There are other secure folder implementations available on the Play Store if you don't have a Samsung device. I haven't tested them but I'm sure several would work in the same way.

Does it work?

Yes. I have successfully hosted a folder via WebDAV Server installed in Secure Folder from a Samsung Note 8 with the following results:

  • The WebDAV Server could only see an empty file tree (the secure folder) and not the whole phone file system
  • The other apps on the phone (eg Gallery) could not see files saved in Secure Folder
  • On Windows, I mounted the network location using 'Add a network location' in Windows Explorer. 'Map Network Drive' didn't work for me.
  • I copied a small program to the phone storage using Windows Explorer and then ran it with no problems
  • I tested Read/Write speeds via several methods with results of around 1 MB/s. Other speed tests show this appears to be the speed of WiFi at my current location, so the results aren't particularly transferable to your situation. WebDAV and Secure Folder apps were not the limiting factors in my tests.

Sir Adelaide

Posted 2019-10-03T22:44:58.677

Reputation: 4 758

0

One very simple solution (or maybe I'm just too naive) is to use encryption software, the files would be in plain sight to the Android OS and it's apps but the "information" would be accessible:

You connect the Android Device to your Windows machine and access the phone's file system. From there you could use transparent/on-the-fly encryption software (e.g. Safe House which can work as a portable app, see this link here) to store files in an encrypted container. This way the files never "touch" the phone's file system unencrypted.

This was you can access the unencrypted content of those files on a PC (providing you have at least the right to run an executable file without admin privileges) but not from your android system. On a new PC you would just need to start the encryption software, which, of course, would be stored (unencrypted) on your phone as well.

Drawbacks:

  • As I said, this does not prevent the android system from altering or deleting the "files" (meaning the bits, not the "information" but which might make it unreadable for you as well) though but in your analogy with a dual boot system this couldn't be prevented either.

  • You need to remember your pass phrase to unencrypted the information (of course you could store it on the phone as well, it still would prevent the regular phone/apps from reading the information but it would be vulnerable e.g. to hackers, secret service, or any other human attack)

  • Depending on your Windows system it's a trade off between performance and encryption level. Encryption doesn't take up more space but it needs processing time for decryption, so this doesn't have to but it might lower you performance significantly - depending on several factors.

  • If you use Safe House there "used to be problems" using the container with an NTFS file system (see link to the portable app information). If this is still the case, you need to switch to FAT32 limiting your file size to 4Gb. In some way you could counter this by using compression in addition to the encryption. But again this might lower the performance even further since it does add processing time as does decryption.

Note: in fact compression might even give you a better performance if the transfer rate between the android device is the bottleneck (and not the processing power needed to decrypt and decompress).

This is a simple but the only solution I can think of, to get it done without tapering with the Android device or it's standard OS (in which case this question would be wrongly placed in this StackExchange site anyway). The only workaround I can think of would require a memory card and wouldn't work on the "internal memory".

Albin

Posted 2019-10-03T22:44:58.677

Reputation: 3 983

reading the other answers more thoroughly I realized I choose a similar to one of the secondary approaches harry used, but I find my answer to be "different" enough, so I refrain from deleting it. – Albin – 2019-10-09T20:37:42.503

"Encryption doesn't take up more space" can you give an example (a software, an encryption technique) for which this statement holds true (except OTP, which is IMHO not suitable for this use case)? – dirdi – 2019-10-09T20:41:51.917

1@dirdi of course there is a little overhead, e.g. the encryption software, but this is not significant if you chooce the right encryption (I suppose there are encryptions out there which blow up the file size, but I never used those), as far as I remember e.g. block ciphers create, simply said, in theory no overhead, in reality the implementation will for example due to fixed block size, padding etc. – Albin – 2019-10-09T20:52:46.337

0

You can somewhat do this.

You can create a virtual drive in Windows. You can then use BitLocker, VeraCrypt, or similar encryption tool to securely encrypt the drive. Alternatively, another option would be just to use a uncompressed, yet encrypted Zip file. You would then move that file to your Android (or any other device). When connected to a PC, with the appropriate decryption software, you could then mount the virtual hard drive in Windows and use it as any other drive.

This would prevent the your phone/device and any of its applications from reading the unencrypted contents. However, it would not prevent the device from being able to modify or delete the file.

Keltari

Posted 2019-10-03T22:44:58.677

Reputation: 57 019

I've tested this approach over the weekend (the zip approach, which I assumed would be quicker than the encryption approach) with several archievers. Unfortunatelly, when we get into double digits Gb, it gets unusably slow. On internal memory and even on a very fast microSD card (Sandisk Extreme series). – Rook – 2019-10-09T19:55:11.033

@Rook At that size, zip would be not the best choice. however, virtual disks should work. Also, encryption is typically VERY fast. You wouldnt notice it. – Keltari – 2019-10-09T20:11:49.060

Not really sure, how this is different from harrys or my solution. Did I miss anything? PS. Of course encryption takes time to decrypt (depending on the type and strength of the encryption) – Albin – 2019-10-09T20:42:14.677

@Albin Many encryption.decryption methods and general algorithms are hard coded into modern CPUs. While it does technically slow down the computer, it is generally not noticeable. – Keltari – 2019-10-09T20:58:33.217

1@Keltari yeah, but this was just a side note. Mainly I'm still curious to know how your solution differs!? – Albin – 2019-10-10T07:39:22.770

-1

If you don't want the files you copy to the device to be readable by the phone apps, you could put the files into archives unreadable except by specialized apps.

Some possibilities are storing them inside Zip files, or creating an encrypted volume on the phone using VeraCrypt (which will block everybody).

Side information on connecting Windows and Android :

When connecting Android to Windows via USB cable, the entire hard disk of the phone becomes accessible and shows up in Windows Explorer. Other solutions are installing on the phone an FTP server app, or install a Samba server (the last requires rooting since otherwise Android blocks the required TCP port).

harrymc

Posted 2019-10-03T22:44:58.677

Reputation: 306 093

If you use either of these method be sure not to use FAT32 otherwise you will have maximum file size issues. – Ramhound – 2019-10-06T15:54:35.577

1The first sentence in the answer is irrelevant to the question, as I've already commented. It is not a question of whether everything is accessible to (Windows Explorer), but to the phone. Actually, installing a FTP server or Samba will also not make those files inaccessible to the phone. So the only part of this answer which is relevant is suggesting to put the files into archives of one sort or another, which I would like to avoid, because of total files-I'm-trying-to-move size. I imagine the sheer size would make this whole process unfeasable. – Rook – 2019-10-06T16:32:26.407

1@harrymc - That being said, a lot of things may be of use to future readers, but still not relevant, and furthermore it might just confuse them with regards to as to what is being asked. – Rook – 2019-10-06T16:34:41.403

Asked: 2019-10-03T22:44:58.677

Viewed: 635 times

Active: 2019-10-09T20:45:25.370