Apple can’t unlock the user mobile phone for the government, the security is still a false dichotomy

apple said in a recent announcement that they will no longer for the government law enforcement agencies to unlock the iOS device (8).

“in running iOS eight devices, such as photos, information (including attachments), email, contacts, call history, iTunes, personal data, such as the content, the memo and remind are protected by a password. Unlike our competitors, the company cannot bypass your password, so can’t access the data. Therefore, if a device is running iOS 8, even though the government has mastery of the equipment, and ordered us extract data, we can’t in technology to achieve such a request.”

although late for about seven years, but apple the statement for the users to protect the privacy of personal information, there is no doubt that is praised by users, and even can be said to be extremely compelling (and courage). Apple recently in order to strengthen security measures, in 8 and up to two steps including iOS type validation of the efforts of all aspects, such as to this, I was very impressive. I believe that Tim Cook working to truly protect user privacy, and most of them don’t realize how bold a move.

it is important to note that this does not mean that the police don’t have access to the user’s data. Apple do here, just for the sake of their own can establish a plausible deniability in law enforcement. On the surface, are on the previous equipment photos, news and other sensitive data using only hardware encryption keys, and now on the iOS 8 equipment using PIN or password encryption. There is no doubt that using PIN encryption (they all along in perfect it) really improves security for everyone. Although technically can brute force PIN, this does not mean that it is feasible in practice, that is what makes the company to avoid legal provisions of responsibility. Add a letters, Numbers, symbols mixed password, even is complicated, if you want to crack will have to use a dictionary attacks into your encrypted data. In this way to design a file system (if true), apple has to live up to its promise, “mobile phone to encrypt data using the PIN or password, we do not have legal obligation to crack for you, so ladies, go to hell”. News, Mr. Cook! This need to how much courage…… But it doesn’t mean your data beyond the limits of forced open.

in a recent blog post, I outlined a series of the company in order to prevent the current judicial authentication using commercial forensics tools of the information on the dump device and try on iOS 8 equipment measures. Law enforcement agencies use the services completely bypass the user backup encrypted passwords, in the case of using vulnerability using forensics tools, the user information almost no protection. Apple in iOS 8 equipment has closed most of the services. To better protect the iOS device is a good start, but such protection is not comprehensive.

in addition to be repaired, I have outlined some of the items have not yet been repaired. These are reserved project in order to make the iTunes (including Xcode) with third party applications to exchange information, or access to the user’s media folder. Apple, I hope you can allow them to access your photos and other information on the table, under the condition of the phone is locked and easy to operate. Unfortunately, law enforcement agencies also can use these to dump your information: your gallery, video and audio, iTunes podcast, books and other media all third-party application data.

the existing commercial forensics tools can still get these information from your device, or even run iOS 8 equipment. I use my private forensics tools to test and confirm this. I dump all the third party application data (including caching, database, screenshots, etc.), as well as my gallery and other media… All of these in a few minutes, when I lock 8 on iOS.

although it’s a huge warning, but for law enforcement agencies, this is not a big problem. This technique requires access to a desktop/laptop machine and in pairs, and mobile phones are there on the trust and physical connection is equipped with iOS 8 cell phone. What is the meaning of this? This means that if you were arrested, the police will confiscate your iPhone and all the desktop/laptop, they will use in your own machine access all the data on the iPhone you dump file. If you were detained in the airport, they can also do the same.

how does it work? Your photos and messages may indeed now through your PIN derived keys for encryption. , and paired with your phone on the computer has a unlock encrypted backups (escrow bag), can be used to unlock your phone without PIN. Also, add this function will allow iTunes visit you still in a state of lock screen mobile phone.

fortunately, there are some measures can be used to protect your privacy. It is one of the small technique through airport security and customs when closing your iPhone. Why is that? Because apple to match the unlock information installed a closed switch, when the iPhone to turn it off, the matching unlock was closed, only when you after the restart the mobile phone can be revived. Second, make sure your desktop and laptop computers use a strong password protection, and the computer when you don’t have to shut down, especially in through airport security. There are a lot of encrypted disk forensics tools to be able to sleep or sleep in the computer memory dumps (so, also need to encrypt the key). So, turn it off.

a backup at the same time, set the password for the protection of the iPhone is fatal, and other information on the protection of privacy these backups without help, because there is no interface has the ability to backup the user’s password. At the time of these services leak, your data is in a state of unencrypted. And if you did not use PIN lock your device, then your data will of course has been at the risk of exposure, so be sure to use the PIN number.

apple can stand up, greatly improving the security of user equipment in this piece, they just need to require the user to enter standby when use iTunes lock access to the iPhone password (and for all data use the password encryption), or simply to provide users with a locking iPhone can’t be access through iTunes option. Many users will be happy to use this option to enhance data security.

apple has done a lot of work on the iOS 8 equipment to prevent some law enforcement forensics tools and features to get the user data. Some existing features, however, may still be working. Third party application data and media folder you still could face from a business tool, or through the use of skilled libimobiledevice open source tools such as the risk of leaking out.

on ethics, it seems that someone is really angry with apple’s latest decision, they think that law enforcement has the right to access your data, and can fight crime. But the other side of the coin is: don’t should ask vendor to weaken the encryption strength (and the safety of its products), just in order to satisfy the law enforcement forensics possibility? It wouldn’t produce through the back door into the all products? If you also think that should be considered to improve the safety of their products, as apple has done this for you – the CEO, President, has recently been seen in the read daily briefing), members of congress, the judge, our military, and many others. If you want to undermine its security, in order to satisfy the possibility of forensics, so also is to weaken the security of all people, and open the back door to foreign government, cyber crime against will affect every one of us. To privacy and the safety of the high, the only logical solution is to make products as safe as possible. Let the good detective to solve crimes, rather than to a simple button.

You may also like...