It does. Android is a security nightmare. As with Windows, I would never put anything on Android that I didn't want to be public.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Says Apple ID Password on Shooter's iPhone Changed in Government Possession, Losing Access to Data
- Thread starter MacRumors
- Start date
- Sort by reaction score
You explained a perfectly valid standard process. But if Apple really want to help there are workarounds to let their credential management/sign-on system to allow this one account.
Helping government at this point will not help already slumped iPhone (or) tanked iPad sales, so it is trying to be torch bearer of privacy. As soon as sales picks up ie., fans buy millions more of iPhone 7 (which will be advertised as even more secure) phones, older devices will become less secure.
Apple always been poor in credential management. iOS implementation of id management is a joke.
Just try to restrict a toddler from playing "Iris (Hold Me Close)" with inappropriate banner art or any R rated FREE music, you would know.
Apple's systems are designed to keep your data safe from hackers. They are not intended to protect you from legal search warrants. If the FBI has a search warrant, and Apple can access the data, the FBI will get the data. And Apple _can_ access your iCloud data (but they don't, and it would be probably illegal if they did, except when they have a search warrant). Apple _cannot_ access your iPhone.
You are worried that the FBI could, with a legal search warrant, access your data. But that's the idea. They are supposed to access your data if they have a legal search warrant, and everyone is supposed to help them if they have access to that data.
Now if they don't have a legal search warrant... They might have an illegal search warrant. If they can make a judge sign a search warrant against you illegally, they can also come to your home and beat you up until you give up your passwords. In the case of a man killing 14 people, they surely can get a legal search warrant.
Pretty sure Steve's stance on customer privacy was similar to Tim's. So he'd do the same thing, except he'd call the FBI guys "a bunch of bozos."
They can also simply go to the providers of these online accounts with warrant and demand access to your data.
If you think you need to protect against government access, you need to use only services that encrypt the data in a way that they themselves don't have access (e.g. like Spideroak or Sync.com), or encrypt everything yourself before uploading it anywhere. However, in practice this is difficult to do for most types of services and also limits many features.
Apple does have the keys for most data on iCloud (with the exception of iCloud Keychain). Also, email is currently designed in a way that the provider has to have the ability to read incoming and outgoing email (i.e. there is no true end-to-end encryption unless you yourself encrypt the email before sending it). Secure email services such as ProtonMail and Tutanota are trying to change that, but even they have an encryption gap when receiving/sending mail from/to standard mail accounts.
Last edited:
So on one hand we have Trump who is claiming to boycott Apple and on the other we have Hillary who says she'll force back doors into everything.
Choice. It's a good thing?
FBI should give it up to some 14 year old genius hackers and they will break in to the 5C iPhone within a weeks time! Remember they have to do school work too! Why fight with Apple when you can just have it broken into by expert hackers that do it for the sake of fun and at no cost to the government? FBI needs to think outside of the box here!
and who is the US Attorney who printed the writ for the FBI and what was her previous position?
Lots and lots of tentacles in this pond....
[doublepost=1456076594][/doublepost]
Who thinks it will be the only one? If the FBI wins this I am waiting the second writ with an "oh... by the way on that device we need ..."
[doublepost=1456076791][/doublepost]
One of the biggest problems you run into with these types of agencies is the "one up". I could really see Apple offering and the FBI (or others) in an attempt to do it quicker - faster doesn't wait and just jumps in. Then again maybe they were afraid that someone else had the iCloud password and wanted to preclude access. It's a clusterf*** anyway you look at it.
[doublepost=1456077083][/doublepost]
Because then the FBI, if it wins can come back with Writ Part Deux.
So on one hand we have Trump who is claiming to boycott Apple and on the other we have Hillary who says she'll force back doors into everything.
Choice. It's a good thing?
I'm neither a fan of Trump nor organized boycotts but if I had my druthers I prefer a candidate with a market based approach vs. a dystopian World State rules mindset. The irony with Hillary is that many of the people supporting her also loved to scream that G.W. Bush's used terrorism as pretext for increased government surveillance and weakening of U.S. citizen's autonomy. Somehow it's different when the person advocating for increased government ability to pry into personal secured information has a D by their name?
(BTW Bill Clinton was the first U.S. president to advocate for a backdoor when he promoted the Clipper chip be installed in every electronic device. Of course device makers, EPP, and EPIC, objected strenuously and the project died on its own merit. But you don't hear about his involvement in that.)
So on one hand we have Trump who is claiming to boycott Apple and on the other we have Hillary who says she'll force back doors into everything.
Choice. It's a good thing?
There's always "vote with your feet"... if one can first identify a country apparently more to one's liking, and then qualify for legal residence there. Unfortunately both those hurdles are not insubstantial.
Lucky for us the primaries aren't over yet. We can still imagine more palatable choices in the general election? (revolutions on convention floors as establishments in both parties attempt brokered solutions... get the popcorn)
Occasionally a 14-year-old genius hacker manages to break through some sophisticated security system. But there are thousands of hackers (some 14, some not) who are trying. Most of them will not be successful. Without a time machine to tell the FBI which 14-year-old hacker to employ, how will they know which one to choose?
Remember that the iPhone's security is booby-trapped. If the 14-year-old genius hacker metaphorically cuts the blue wire when she should be cutting the red wire, the phone's internal key self-destructs, making it orders of magnitude more difficult to get at the data.
Even with a search warrant, they can have my data, but it will be encrypted. I was just wondering if Apple *can* remove their own encryption for email, or any files I host with them on iCloud (which I don't). I use Dropbox but don't encrypt normal stuff, but I have encrypted folders on my computer with personal information, which I upload as encrypted to Dropbox. So even if the FBI got a warrant for that stuff, it would be useless to them, as I would never give up my passphrase, and it's used only in one place, for my encrypted files. I've never used that password online, etc.
I'm more concerned about Apple and other companies basically turning off privacy "features" for anyone, not just when it involves the feds or authorities.
Not only do I use FileVault 2 encryption for my computer, but I have a single folder where my private/sensitive files go. Not that the FBI or anyone else probably wants that data, I feel better knowing nobody can ever get it. 95% of my computer I could care less about, but that 5%, I use encryption.
Of course they can. Think about it: The only way to do what you want (i.e. transport and store emails encrypted so that even the email providers can't read them) would be to use true end-to-end encryption (i.e. the sending and receiving users encrypt/decrypt the mails themselves before entrusting them to the email provider). Otherwise the email providers have to be able to decrypt the mails in order to deliver the clear text to the receiver.
The problem with today's email is that there is currently no universally accepted infrastructure to exchange encryption keys between end users (public key infrastructure). While such systems do exist and are in limited use (S/MIME, PGP), the vast majority of email users are not participating.
The usual "Forgot My Password" triggers an email to your account containing a link which allows you to create a new password.
Etan
Re the Buzzed link:
The Justice Department has not yet responded to the obvious storage of classified material on a private server, TWO YEARS LATER. All current DoJ decisions are political first. Justice is a facade with this Executive Branch administration.
The Justice Department has not yet responded to the obvious storage of classified material on a private server, TWO YEARS LATER. All current DoJ decisions are political first. Justice is a facade with this Executive Branch administration.
Well, they couldn't use that method via the iPhone, as they can't get in the iPhone to see the email anyway. The only other way they "forget my password" would be if they had a computer the guy used and his email client had his email (that he uses to receive apple emails) setup. Then they could send/receive emails from that account. But this requires a computer logged into an account. If he was using FileVault and logged out, forget it.
But why did the FBI change the Apple ID password? That alone won't get them in the phone. Did they think that by changing the apple id password that would change the phone password? Being apple to login to iCloud.com will not let you see anything on your phone that is only on your phone.
Confused...
No, Apple does not allow the same password to be used in last year.
I wonder if they are looking for Hillary's emails this hard?
[doublepost=1456084128][/doublepost]Oh, and folks, ALWAYS LIE for your security questions. My first pet has been named Spot, Doug, Mikey, Parker, and many I forgot. (note: none of those names I'm currently using as a security answer). Telling the truth for your security questions is like giving the FBI your login credentials.
[doublepost=1456084128][/doublepost]Oh, and folks, ALWAYS LIE for your security questions. My first pet has been named Spot, Doug, Mikey, Parker, and many I forgot. (note: none of those names I'm currently using as a security answer). Telling the truth for your security questions is like giving the FBI your login credentials.
I spoke too soon. The backups on iCloud ARE but Apple does have the key to decrypt them which is what they have done already to give the FBI some data so far. I think the fundamental difference is that with iCloud backups, Apple controls physical access to them whereas the actual device is held by the owner.
Yes but even if they knew the old password it would still count as changing the password to the phone and that password would need to be entered on the phone which of course can't be done because they don't knew the pin.
