Apple iPhone security, Searches and the law
Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 08/06/2015 10:23:17 PM PDT by Swordmaker
As for brute forcing the four digit passcode many iPhone user employ, that is a non-starter because the iPhone can be set to erase the data after a certain number of incorrect attempts. Another FAIL.
His claim about the iCloud backups is simply wrong. The backup is encrypted. . . and would still require the user to change the password. He postulates the ability to change his OWN password using his own ability to do so, which then allowed HIM to recover his data to a new Apple device as evidence of insecurity of his backup of his data. SAY WHAT???? The fact that he can recover his own data to another device after he changes his own password is evidence it's available to authorities? FAIL! If the user has enough moxie to set up his device for security he certainly has enough to set up his iCloud similarly.
The claim that "A simple warrant to Apple can obtain this backup, which includes all photographs (so there is the selfie) and all undeleted iMessages!" is incorrect because the data Apple has is still encrypted by the iPhone before it leaves the phone for the iCloud and Apple does not have the key. He is making unwarranted (pun intended) assumptions without proof.
The author then goes into flights of fancy about Apple and the FBI already cooperating and trying to obfuscate that fact. . . or that the FBI can already do a man-in-the-middle key server and add themselves to the sender or receiver's public keys. . . . but still he says the Apple devices are the best he'd use if they are properly set up.
He wants his cake and to eat it too. SHEESH! . . . Swordmaker
Ahhh....don’t get upset now......
But the fact is, if you want a secure phone, you have to buy one that is..
If you want on or off the Mac Ping List, Freepmail me.
From first line of the expert in the article:
"Properly configured, an iOS device is perhaps the most secure, general purpose communication device available. The iPod Touch in particular is my preferred communication device for those who need to operate in an extremely hostile network such as China or France, and for most users, iOS is vastly more secure than Android.
Now, do you want to repeat your comment?
Mine are properly configured.
I think general purpose was the word that you needed to read.
This was the basis of a argument we had many months ago. I said that no “general consumer” phone was secure unless you purchase one that has been hardened, that is to say that location finding is difficult because it looks like you are walking in the mountains of Peru,(until they unwind the fake) and getting into the phone or it’s data stream is next to totally impossible.
Save for that, and there are only a small number of these phones in use today, everyone has a phone that is not secure in all or some ways..
I would assume that if these hardened phones became the norm, they would be deemed to be a security threat and banned..by the US and most every other government.
It’s just the way things are today.. nothing personal...
I only objected to your claim that Apple phones were secure...and they are not.
Just recently (about three weeks ago), The Hacker Team, the company that sells the forensic reader software to the FBI, NSA, DGSE and other government agencies and police departments at both State and national levels, offered to sell their entire suite of software to another company, wanting to get out of the software business and concentrate on Security Research. What they said was they had software that could breach every mobile device including Android, Microsoft, Nokia Symbian, RIM Blackberry, and jailbroken iOS devices. . . but NOT unbroken iOS devices. They had been unable to crack the protections on iOS 7 and iOS 8 devices. That says one hell of a lot. They are the recognized EXPERTS in this field.
I think I have bought a secure phone.
You are not secure, nor am I....Nobody is today...and nobody will be tomorrow.
I recall that conversation and the fact that you really did not know what you were talking about. . . in that you wanted a phone that was 100% uncrackable. A James Bond type phone.
More or less.....yes...I would call that secure.
But I am fully aware of the history of communications going all the way back to WWI, and no electronic communications remain secure for very long..
Consumer phones are the least secure of todays so called security feature laden phones, because all the workarounds, decryption algos and black box gizmos have been designed to defeat them. More everyday...you should look into what they have in the catalogs for LEO’s and Security firms.
Scary stuff....but much of this stuff is making it’s way to your local sheriffs department..
Back when cell phones..(bag phones) first came out they were considered pretty secure, but is only took a few months before local PD’s had a radio that intercepted cellular traffic.
All I am saying is that you cannot consider any consumer device that is widely used to be secure...maybe a little secure, or moderately...but not secure.
Frankly, the best way to remain secure is to not use the devices...
Having said that, I shall retire for the night..
Sleep well...
Almost forgot to alert you to this that I saw today..
http://www.macrumors.com/2015/07/06/hacking-team-jailbroken-iphone/
The mac heads are making light of this but they may not know that the most recent Chinese data breach of our governments personnel data occurred by way of a I-phone. (as it was explained to me)
A un-named government official was in China, on either business or pleasure, in any case they generally leave their gov issued phones at the office and use a personal phone for security reasons. (they don’t want the gov phone to fall into the chi-coms hands)
He apparently needed to log into the system and used his personal phone which was either tethered to a fake cell tower (most likely) or they set up something in the Hotel broadband system...not sure .
The only way they could have got his login info would have been to decrypt the data sent from the phone or to have tricked the phone into giving them the information they needed.
In any case it was not a hack in the usual sense of the word, but a intercept and then the login info was used to access the data base which is why they never saw it..until much later..
My sons data was ripped off in that little theft, along with millions of others..
So I have a interest in the case.
So these friggin phones are not secure....they just aren’t//
So, you are saying, that’s how OPM got hacked?
The problem with that, Cold, is that The Hacking Team, admitted that in order to be able to jailbreak the iPhone you must first have access to the already unlocked iPhone . . . In other words, to break into the iPhone to jailbreak it, you have to already have unfettered access to the iPhone in order to jailbreak it. If you have unlocked, unfettered access, You ALREADY have access to everything on the iPhone and have no need of breaking into it. SHEESH! Circular reasoning if I’ve ever seen it.
Is anyone else dazed after reading the surrealistic kidnapping saga in the ATT-200m-resolution link in the post?
That’s not how it was ripped off. Sorry. Bogus story that’s been debunked.
Caught that, huh? LOL! Cell tower triangulation at its worst.
PS my eyes are glazed over. I’m wondering if the Vallejo Police and San Francisco Bay Area news papers have apologized to Victim F and Victim M yet?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.