Now this is a feature that I have wanted to have since the very beginning!
As a geeksquad agent, I would love this. The peace of mind for clients would mean much less hassle :3
If they have physical access, they can access your stuff. It’s hard to get around that.
Depends. An encrypted data volume could be theoretically uncrackable.
Most android devices actually work this way, afaik. Before the first unlock of the device, after boot, the entire data volume is encrypted.
Not very strongly, if you use a pin, but repair mode could be set to require a proper password.
The device unlock pin isn’t directly used for encryption. It only needs to be strong enough to stop people from manually guessing it from the lock screen.
Yeah the current problem is both systems and data usually use the same password. If they separate it out you could boot and check the system without data. Or in this case repair mode could temporarily ensure the data volume uses a different password.
I’m pretty sure the system is read only, there’s no encryption going on in there.