Page 1 of 2 12 LastLast
Results 1 to 20 of 21

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: iOS Security is a Nightmare for Law Enforcement

  1. #1
    Default iOS Security is a Nightmare for Law Enforcement


    iOS' security has come come a long way since the original iPhone. Its security has come so far, in fact, that the encryption is a nightmare for law enforcement trying to view information from devices seized from criminals for evidence. Apple uses an encryption method known as AES (Advanced Encryption Standard), which is a tough nut to crack. However, it's not just the encryption itself that makes iOS so hard to break into.

    Quote Originally Posted by Ovie Carroll
    I can tell you from the Department of Justice perspective, if that drive is encrypted, you're done," Ovie Carroll, director of the cyber-crime lab at the Computer Crime and Intellectual Property Section in the Department of Justice, said during his keynote address at the DFRWS computer forensics conference in Washington, D.C., last Monday. "When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data.
    A copy of the AES key is hidden deep within the memory of Apple’s device, but as Gizmodo reports, it can only be taken advantage of if the person handling the device knows the passcode to the device. Even then, any information obtained from the iOS device remains encrypted. One major problem for law enforcement is that iOS has a memory wipe feature that can erase the device’s memory when the passcode is guessed wrong ten times in a row, effectively erasing the desired information and resetting the randomized AES key:



    For criminals, the fact that iOS encryption is so secure makes the devices a great way to hide information from unwanted eyes, like law enforcement. Apple has always put heavy emphasis on user security from the part of their Web site that showcases their mobile operating system. As it appears, the gloating is certainly justified.

    While the NSA might not be able to crack your iPhone’s security in a realistic amount of time right now, that’s not to say that they won’t be able to with future technology. Enjoy your high amount of security while it lasts.

    Sources: Technology Review via Gizmodo
    Last edited by Anthony Bouchard; 08-13-2012 at 06:55 PM.

  2. #2
    And they need seperate warrant to have you give them passwords if needed. Was reading an article the other day about that and the FBI took guys computers but asked him for the passwords and that if he didn't give them they would have to obtain a sperate warrant.

  3. #3
    I love that picture a password, a maze, and a safe!

    Let's hope a lot of people don't get wind of this idea and store a lot of (baaaaaad) stuff on their iDevice very ingenious though.

  4. #4
    Quote Originally Posted by Senyaichiya View Post
    I love that picture a password, a maze, and a safe!

    Let's hope a lot of people don't get wind of this idea and store a lot of (baaaaaad) stuff on their iDevice very ingenious though.
    DDont forget the laser beam security

  5. #5
    Quote Originally Posted by Senyaichiya View Post
    I love that picture a password, a maze, and a safe!

    Let's hope a lot of people don't get wind of this idea and store a lot of (baaaaaad) stuff on their iDevice very ingenious though.
    I love that picture as well ha
    "You may say I'm a dreamer, but I'm not"

  6. #6
    I will passcode lock my iPhone from now on lol. Take that Law Enforcement!

    Quote Originally Posted by MXCO View Post
    I love that picture as well ha
    +2. cool pic

  7. #7
    Starbucks Artist mmaboi21's Avatar
    Join Date
    Jan 2011
    Location
    Bakersfield CA.
    Posts
    2,406
    Thanks
    164
    Thanked 207 Times in 160 Posts

    Yay

  8. #8
    This article is full of fail. Elcomsoft already makes a cracker that takes an image of the phone so that it can fail as many times as it wants getting the passcode, that's why it smart to not use the default 4 digit one

    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol

  9. #9
    Quote Originally Posted by qumahlin View Post
    This article is full of fail. Elcomsoft already makes a cracker that takes an image of the phone so that it can fail as many times as it wants getting the passcode, that's why it smart to not use the default 4 digit one

    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol
    The passcode can slow a hacker's move toward unencrypting a file. If you have the auto-wipe on, ten passcode failures will erase everything for good.
    Last edited by Anthony Bouchard; 08-13-2012 at 10:27 PM.

  10. #10
    Quote Originally Posted by bigliquid530 View Post
    DDont forget the laser beam security
    Holy crap!
    I didn't even notice those! (or they could be kerplunk sticks!)
    Should we count the screen as well?

  11. #11
    My iPhone is a Part of Me Donnutt's Avatar
    Join Date
    Feb 2011
    Location
    Great Falls Montana
    Posts
    537
    Thanks
    28
    Thanked 47 Times in 34 Posts

    Quote Originally Posted by Cer0 View Post
    And they need seperate warrant to have you give them passwords if needed. Was reading an article the other day about that and the FBI took guys computers but asked him for the passwords and that if he didn't give them they would have to obtain a sperate warrant.
    So they could wave a warrant in your face to make you give up the pass code? I can't see that working very well to anyone with an IQ over 80. If there is something in the iPhone that is incriminating, why would you tell them? They can't make you give it up.

  12. #12
    Quote Originally Posted by qumahlin View Post
    This article is full of fail. Elcomsoft already makes a cracker that takes an image of the phone so that it can fail as many times as it wants getting the passcode, that's why it smart to not use the default 4 digit one

    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol
    Doesn't that method rely on the LimeRain exploit or something? As in a 4S would not be susceptible? I thought I read that somewhere, but cannot seem to find the source.
    And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream! Springboard screwy after reboot? Here is the fix

  13. #13
    My iPhone is a Part of Me Donnutt's Avatar
    Join Date
    Feb 2011
    Location
    Great Falls Montana
    Posts
    537
    Thanks
    28
    Thanked 47 Times in 34 Posts

    Quote Originally Posted by qumahlin View Post
    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol
    What?? iCloud itself is encrypted! With the huge investment it is, I'm sure it's a veritable digital fortress!

  14. #14
    My iPhone is a Part of Me buggsy2's Avatar
    Join Date
    Jun 2011
    Location
    Sacramento, California
    Posts
    564
    Thanks
    549
    Thanked 119 Times in 87 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    …devices seized from criminals…For criminals, the fact that iOS encryption is so secure makes the devices a great way to hide information from unwanted eyes, like law enforcement.
    Oh. Many thanks to the author for showing me that all people whose devices have been taken by LEO are criminals...I'm going to write my representatives and have them do away with that pesky 3rd branch of government, the Judicial, since the police are 100% accurate. I'll also write Tim Cook and ask him to do away with encryption since only criminals want to keep things secret, and hey, I'm no criminal!!

  15. #15
    Quote Originally Posted by Donnutt View Post
    So they could wave a warrant in your face to make you give up the pass code? I can't see that working very well to anyone with an IQ over 80. If there is something in the iPhone that is incriminating, why would you tell them? They can't make you give it up.
    There was a case recently where the lady would not give them the password because she says she forgot it. They kept her locked up and I can't remember what they told her would happen if she did not come up with the password within 30 days (update: she could be held in contempt and jailed until she complies). Gonna have to try and remember the case to see if I can find it. Know wired did the article on it that I read.

    Defendant Ordered to Decrypt Laptop May Have Forgotten Password | Threat Level | Wired.com
    Last edited by Cer0; 08-14-2012 at 12:59 AM.

  16. #16
    Quote Originally Posted by Anthony Bouchard View Post
    The passcode can slow a hacker's move toward unencrypting a file. If you have the auto-wipe on, ten passcode failures will erase everything for good.
    I don't think his statement makes this article a fail but I don't think you understood what he said..

    He's saying they created a way to bypass the auto wipe and try as many pass codes as they want. This means they can just run a program that tries all of the possible combinations (may sound lousy but with a 4 pin security they can finish that in about an hour)

    I don't understand why you guys failed to mention they could wipe it from a computer..

    Also with iCloud And all I feel like apple could help them obtain the info they need without having to crack a pin...

    Concerning the picture haha I used to have an android lock xt and an iOS passcode lock on my phone for kicks. I even considered adding a face recognition too. Also I had igotya hahhaa love that app

  17. #17
    Quote Originally Posted by qumahlin View Post
    This article is full of fail. Elcomsoft already makes a cracker that takes an image of the phone so that it can fail as many times as it wants getting the passcode, that's why it smart to not use the default 4 digit one

    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol
    Elcomsoft website states: "(****) iPhone 4S, iPad 2 and the new iPad support is limited to jailbroken devices only."

    So, obviously, iPhone security and hardiness is getting better and better. However, a big vulnerability is the computer which iPhone is syncing with. The "escrow file" can help them break into your iPhone, bypassing the need for the password.

  18. #18
    Can't wait to do some crimes

  19. #19
    Default Wrong....
    Quote Originally Posted by qumahlin View Post
    This article is full of fail. Elcomsoft already makes a cracker that takes an image of the phone so that it can fail as many times as it wants getting the passcode, that's why it smart to not use the default 4 digit one

    Also if the phone was backed to iCloud they can get all the data unencrypted, hell they could use the phonepw reset trick lol
    Your post goes to show how little you might know about law and law enforcement.

  20. #20
    This is why Apple iOS is the most secure platform to be in. Gives you a lot of piece of mind considering the amount of data we store in our smartphones these days. Then again, if they get into your cloud....

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •