NY Guitarist
macrumors 68000
But what if they push for a warrantless access?
NYC police are already "legally" detaining and searching citizens without warrant or probable cause. A precedent has been set.
But what if they push for a warrantless access?
Surprising, since Australians are a pragmatic and level-headed people. I would be further surprised if any US government folks were using this software. I would hope they are exercising due caution and thoughtfulness without the hindrance of political correctness and naivety which tell us that everyone in the world is pretty much OK regardless of nationality and can basically be trusted.
The best option for these kinds of things is homegrown, that way you remove all doubt.
Considering that there are a limited number of mobile phone forensics products, major ones of which are XRY (Sweden), Elcomsoft (Russia) and Cellebrite/UFED (Israel), do the USA have a home grown Mobile Forensics Software?
I sure hope law enforcement has to have a warrant to use this sort of thing.
they don't even need a local backup if the user has ever bought anything from the iTunes store. every song etc has the ID in plaintext in the 'info' for the file. But that only gets them your user name. they have to dig for your password. unless you are someone dumb enough to store it in a plain text file on the computer they have access to. or something like 1Password with a simple (or worse no) password
They don't need a backdoor when they have the the Patriot Act.
The NSA and other US intelligence services probably have products much more sophisticated than anything commercially available, such as those you mentioned.
Apple should be sending the backups encrypted as if it was in iTunes. It's not enabled by default, but it should be if iCloud is being used. But knowing Apple, they wanted it to be easy and painless for the customer to restore an iCloud backup. Apple will need to address this and they're probably going to make you use your iTunes ID username and password + a different encryption key/password to retrieve and unlock the data. More work, but better security.
The funny thing is that this software needs access to the iTunes ID username/password. IF not, they don't have access. And they say it's trivial to get it the iTunes ID. All they need is the unencrypted local backups in iTunes. Again, they need to get into your machine to get that data. How they get local backups is beyond me, but if they have local access to a computer, then how is it Apple's fault? I agree Apple needs to send the backups encrypted. But that's all they can do. Weak iTunes passwords and backing up your iPhone on trojan infected machines doesn't make Apple at fault. And when law enforcement has physical access to your computer, all bets are off. Any computer with any OS without full disk encryption can have the data siphoned easily.
And how exactly are they supposed to fix it. You're so smart I'm sure you have it all figured out. You know exactly how they can fix an issue that requires your private password info or access to your actual hardware.
The NSA and other US intelligence services probably have products much more sophisticated than anything commercially available, such as those you mentioned.
Don't use it then...Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.
But what do they care? It's the users data, not theirs.Theirs is hosted on non os x reliable servers. Ask them if anyone uses os x lion server for anything in the backbone of apple's infrastructure.
Mobileme was equally a security nightmare sending unencrypted information and they've done little to none to fix this. Steve Jobs asked why would you trust us when we brought you mobileme? He was right, people shouldn't have trusted apple.
Firstly, there have been products available to the forensic community that do this and much more for years now.
You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.
It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about. Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.
This isn't something that Apple can or will patch.
Considering that a case just recently went to the Supreme Court on whether or not cops could stick a gps tracker to your car without a warrant, I think people SHOULD be concerned about their rights being violated.Firstly, there have been products available to the forensic community that do this and much more for years now.
You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.
It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about. Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.
This isn't something that Apple can or will patch.
Vey interesting post Mark, thanks for the heads up about spideroak as well, I ll look em up.
----------
Easy there with the cabs tiger, they have a lot of, flashback, ways to get your pass, once they have it the point is they can track you without you noticing there are no hardware keys that will ensure that only your devices can access it. Take it easy on the caps.
----------
typical apple apologist. Yeah why would they hold a phone like this and short circuit it's antenna? There's nothing wrong with the iPhone antenna but we fixed in 4s but there was nothing wrong with it to begin with. Its never apples fault. There was a java vulnerability in os x hence the intrusion of the malware.
Having access to someone's username AND password is something that happens almost never. And this software doesn't and can't get your password remotely over the Internet.
Actually I don't fully understand the purpose of this software other than to hack a users cloud/ cellphone to get other potential passwords. You need a password for this software to even work. It's what happens after you have physical access to a users computer/cellphone that this software is ever useful.
And after walking through what this actually does I find the software to be almost vapor ware and sensationalist bordering on MR spam.
I repeat . This software does not sniff Internet packets.
I can guarantee my customer data will never be compromised. Why? Because I refuse to expose it to the internet. The internet is inherently insecure. Also, there are too many dependancies involved in the transfer of data between you and the Cloud.
Would any of you really trust sensitive data to a third party who is solely providing this service to produce revenue?
Would any of you really trust sensitive data to a third party who is solely providing this service to produce revenue?
This "software" is merely a legal hacking tool for sale. All packaged up.
Completely disgraceful. This sort of thing should be illegal to sale. Period.
Peace said:Actually I don't fully understand the purpose of this software other than to hack a users cloud/ cellphone to get other potential passwords. You need a password for this software to even work. It's what happens after you have physical access to a users computer/cellphone that this software is ever useful.
This is such ********. Why can't Apple get it together and make it more secure? Millions of people rely on these devices....
If you aren't doing anything wrong, you have nothing to worry about.
Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.
This isn't something that Apple can or will patch.
You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.
...AND have an American-sounding name, AND are not in the wrong place at the wrong time, AND do not take part in any government-critical demonstrations, etc.,It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong,
you have nothing to worry about.
Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.
Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.
But what do they care? It's the users data, not theirs.Theirs is hosted on non os x reliable servers. Ask them if anyone uses os x lion server for anything in the backbone of apple's infrastructure.
Mobileme was equally a security nightmare sending unencrypted information and they've done little to none to fix this. Steve Jobs asked why would you trust us when we brought you mobileme? He was right, people shouldn't have trusted apple.