[akavbb]

Hello. I took some pictures with my Passport running the latest OS.
I had to get a copy of the pictures from the encrypted SD and I could not mount the drives via link. So, I used the usb storage option from settings and the SD mounted immediately.
Unfortunately, I moved the pictures to the PC and of course I realized that I could not open them since they were encrypted. So I moved them back to the SD. Now I cannot open them not even from the passport.

Any help would be highly appreciated.

[TrumpetTiger]

Hello. I took some pictures with my Passport running the latest OS.
I had to get a copy of the pictures from the encrypted SD and I could not mount the drives via link. So, I used the usb storage option from settings and the SD mounted immediately.
Unfortunately, I moved the pictures to the PC and of course I realized that I could not open them since they were encrypted. So I moved them back to the SD. Now I cannot open them not even from the passport.

Any help would be highly appreciated.

This one's a tough one akavbb. How did you originally encrypt the SD?

(As a side note, please let us know if you have trouble connecting to your Passport in the future. There are those on these forums--some who still believe in the use of BB10, some who don't--who will be happy to help.)

[rthonpm]

BlackBerry 10 uses full disk encryption as opposed to file level encryption for both onboard storage and the SD card. If your pictures can't be opened it sounds like an issue with the card being corrupt than something going wrong with the encryption.

[akavbb]

Thank you for your prompt reply. It was encrypted via built in Passport encryption.

[akavbb]

The problem is that I moved the pictures without decrypting them and then moved them back. All other pictures are intact.

[howarmat]

Pretty sure you are not going to be able to open them. This is the entire point of encryption on something. Especially an SD card. If you would have COPYING instead of MOVED then you would have still had copies on the card/phone and I think you would be OK since you could just delete the copies on the PC, decrypt on the phone then moved to PC.

[akavbb]

Thank you howarmat. The question is what happened when I moved them and created this mess?

[howarmat]

Cant be for sure since I dont encrypt files regularly but once you move them off the encrypted system its possible they would be corrupted by the secondary system

[Troy Tiscareno]

A "move" is really a "copy" followed by a "delete." The encrypted files were first copied to the PC (but were useless since they were encrypted), and then deleting them from the SD card also deleted the ability to decrypt the files.

When you encrypt storage on a device, generally ONLY that device can decrypt them, and ONLY if the original volume is intact. When you tried to circumvent the encryption, it did its job as designed and made the data unrecoverable.

This is why I post warnings about encryption and either syncing to cloud storage or having a regular and frequent manual backup process that stores the data in decrypted from someplace (an offline hard drive or USB drive, for example). It takes very little to lose encrypted files, and you MUST follow approved procedures or data can be (and usually is) lost - which is by design.

I tell people that they should be prepared at any time to lose their entire phone and all data on it (because that actually happens to real people tens of thousands of times every day, due to loss, theft, damage, or just device failure), so if the data on that device is important to you, then you need to have a frequent and reliable backup process in place. Even if the SD card is fine, if it is encrypted and the phone stops working, that data is lost forever.

[Dunt Dunt Dunt]

I tell people that they should be prepared at any time to lose their entire phone and all data on it (because that actually happens to real people tens of thousands of times every day, due to loss, theft, damage, or just device failure), so if the data on that device is important to you, then you need to have a frequent and reliable backup process in place. Even if the SD card is fine, if it is encrypted and the phone stops working, that data is lost forever.

That should be a sticky somewhere.... way too many people have lost data with no thought of "what if".

[akavbb]

Yes but the problem really started because of the inability to mount the phone drives via BB link. And please do not tell me that I should not complain about a project that has been declared EOL, because BB Link was a joke from the beginning. (Along with the rest OS10 project). I understand that it was my mistake, but if the software worked fine, I wouldn’t have made it.

[Troy Tiscareno]

Understood, but there were other options, including using the BB file manager, cloud sync, or decrypting the SD card before pulling data off of it. I'm not trying to beat you up, rather I'm trying to educate people because a lot of folks don't understand the full meaning and implications of encrypting their files, and quite a few people have lost important data forever as a result. I'm trying to keep that from happening through education and examples (because some people don't think it's anything they need to worry about, and their data is very much at risk).

I *hate* to tell customers or people I'm trying to help that their data is lost forever, but I've had to do just that quite a few times. It's preventable, but it does take some effort and often some money (for extra hard drives or USB drives, etc.) to ensure data safety. Or a willingness to use cloud sync.

[spARTacus]

I have no idea how the encryption scheme works on BB10, but in theory a good set up would still allow the BB10 device to decrypt them from/at a different storage location when they were moved back. In theory, a good set up should not be dependent on file attributes that could get tweaked or modified by normal copy/move processes. However, maybe this is how the BB10 file encryption arrangement works (ie: some sort of integrity hash that fails if all the attributes are not precisely the same and/or dependent also on where the file originally was on the storage volume). Maybe that was one of the design objectives originally, in terms of a need for decreased ability/potential to possibly be able to open them if they are moved around.

Can one move encrypted files around internal to a BB10 device and still later decrypt them?

Maybe the file got changed during the move process, or when there was an attempt to open them on the PC, too much so for the integrity check.

Posted via CB10 on Z10

[hazmaju]

I this scenario, it was some kind of SD card corruption, because I successfully moved or copied my files from an encrypted SD card, to a computer before. I own BlackBerry Classic and currently my SD card is unencypted, so I can take it out when needed an use it in a reader...
Device decripts the files on the fly, when unlocked and connected to a computer on BB10

Posted on BlackBerry Classic via CB10

[TrumpetTiger]

Yes but the problem really started because of the inability to mount the phone drives via BB link. And please do not tell me that I should not complain about a project that has been declared EOL, because BB Link was a joke from the beginning. (Along with the rest OS10 project). I understand that it was my mistake, but if the software worked fine, I wouldn’t have made it.

Link certainly has its issues, but contrary to popular belief it does still work under Windows 10. Also, in the event it does not for some reason you can manually mount your BB10 internal and SD storage as a network drive without need of Link or anything else.

To answer your earlier question, BB10 encryption encrypts the file system as well as the files themselves, making it difficult to access files if the file system changes without decrypting them first.

Posted via CB10

[thurask]

Yes but the problem really started because of the inability to mount the phone drives via BB link. And please do not tell me that I should not complain about a project that has been declared EOL, because BB Link was a joke from the beginning. (Along with the rest OS10 project). I understand that it was my mistake, but if the software worked fine, I wouldn’t have made it.

If I remember correctly re-enabling SMBv1 should be enough to restore mounting ability via Link (watch out for WannaCry), but that wouldn't do anything for your current situation.

[akavbb]

Link certainly has its issues, but contrary to popular belief it does still work under Windows 10. Also, in the event it does not for some reason you can manually mount your BB10 internal and SD storage as a network drive without need of Link or anything else.

Posted via CB10

Yes but if you mount and the files are encrypted they do not get unencrypted.

[akavbb]

If I remember correctly re-enabling SMBv1 should be enough to restore mounting ability via Link (watch out for WannaCry), but that wouldn't do anything for your current situation.

Thank you for your time Thurask.

[akavbb]

I have no idea how the encryption scheme works on BB10, but in theory a good set up would still allow the BB10 device to decrypt them from/at a different storage location when they were moved back. In theory, a good set up should not be dependent on file attributes that could get tweaked or modified by normal copy/move processes. However, maybe this is how the BB10 file encryption arrangement works (ie: some sort of integrity hash that fails if all the attributes are not precisely the same and/or dependent also on where the file originally was on the storage volume). Maybe that was one of the design objectives originally, in terms of a need for decreased ability/potential to possibly be able to open them if they are moved

Maybe the file got changed during the move process, or when there was an attempt to open them on the PC, too much so for the integrity check.

Posted via CB10 on Z10

Another example of a BlackBerry bug which can be explained as a feature.
I moved a file from the device. Then I moved it back exactly as it was. Why can’t I decrypt it?

Thank you for your time. I really appreciate all of you people trying to assist me.
This community is one of the greatest.
I feel sorry that I had to change phone and for some time I was very happy that I reused my beloved Passport as a work phone.
Actually I still am, but the fact that I lost the pictures was critical.

[spARTacus]

Another example of a BlackBerry bug which can be explained as a feature.
I moved a file from the device. Then I moved it back exactly as it was. Why can’t I decrypt it?...

Sounded to me like it wasn't a bug, but it was by design, and just perhaps not well known that the encrypted files weren't portable.

Posted via CB10 on Z10

[Troy Tiscareno]

Sounded to me like it wasn't a bug, but it was by design, and just perhaps not well known that the encrypted files weren't portable.

That's correct, and that's the way it would work on any modern mobile OS with an encrypted volume.

Had he used the phone's file manager to copy the file, the phone would have decrypted the file, and all would have been fine, but accessing those encrypted files from outside the device can't be allowed, by design, when the file is encrypted, or the encryption would be useless and pointless. It would be like buying a vault, but never actually closing and locking the door - pointless.

[spARTacus]

...that's the way it would work on any modern mobile OS with an encrypted volume...

One of the features of some good desktop encryption apps is portability of the encrypted files. That is, encrypt a file and then store it where one wants, move it around also how ever many times as one wants, as long as one has the correct key one will be able to later still decrypt and open the file, even if on a different desktop/device (but would still also need the app on the other device). In that case, it's more like lock the vault door and move the entire vault around, and open it up later, and the vault doesn't care where it is when it later gets opened. Obviously, that is not how the BB10 file/volume encryption works, or that is at least not how it was used in this case.

Posted via CB10 on Z10

[Troy Tiscareno]

You're talking about a manual encryption tool (including the ZIP or RAR compression formats, which have encryption as an option), where you manually set a password. That's completely different from an encrypted file system, and obviously that works very differently.

[TrumpetTiger]

That's correct, and that's the way it would work on any modern mobile OS with an encrypted volume.

Had he used the phone's file manager to copy the file, the phone would have decrypted the file, and all would have been fine, but accessing those encrypted files from outside the device can't be allowed, by design, when the file is encrypted, or the encryption would be useless and pointless. It would be like buying a vault, but never actually closing and locking the door - pointless.

Troy, I know we often disagree on many points, so I just wanted to say that this is absolutely 100% correct.

[rthonpm]

If I remember correctly re-enabling SMBv1 should be enough to restore mounting ability via Link (watch out for WannaCry), but that wouldn't do anything for your current situation.

SMB1 is needed for Link. In newer versions of Windows 10 you can specify whether you want to enable server or client SMB1. For Link to work all you need to enable is the SMB1 client feature.

If you've updated your OS of late to 1903, you may also need to re-install Link, which I would do after making the correct SMB features.