Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
This story is still number one on the MacRumors homepage! That's some serious free publicity for this ElcomSoft mob.
 
The fact your user name and password is required to me means that my data is as secure as the money in my bank which only needs an access code and a pin number for internet banking.

If someone is arrested they would be asked for the user name and password, if they didnt provide it a warrant would get them access to the computer in their house and then through interogation of details there would get the user name and password.

As for encrypted or not, software can decrypt physical backups anyway, it just takes longer, so apart from interception during transmission which this software does not do (but others potentially do, thats a different matter) it makes no difference to security.

How is encryption security different than a password?

Is a good password impossible to crack, while good encryption is easy?

:confused:
 
These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.

hahaha. You're joking, right?

It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated.

Well, of course they are. No reasonable person really believes that they are not being electronically surveilled (often illegally).

This isn't the case. If you aren't doing anything wrong, you have nothing to worry about.

The classic refrain of totalitarian apologists (or just those ignorant of political and cultural history.) The assumption here is that those in power only use their power for "good", hence if you are not a "bad" guy, you have nothing to worry about. Unfortunately, those in power define "good" and "bad" - one man's "terrorist" is another man's "freedom fighter". When it serves the purposes of power, anyone can be deemed an enemy of the state.

Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

Don't be ridiculous. A contrived emotional appeal doesn't justify the surrender of our rights to the establishment.

Finally, I don't think this software is particularly important or unique - these capabilities have existed for a while, and government thugs have been using them with impunity and will continue to do so.
 
I've been looking for a cloud security solution for a couple of weeks now. I just set up Spideroak today, and I don't see that it encrypts form the iOS side -- at least not in the way I'm looking for. I might just have to spend a bit more time learning how to use it.

I also just ran across this today:

http://www.boxcryptor.com/

Which looks like it could be great.
Still Beta on the OSX end, but I know it can encrypt from the iOS app.

Doesn't really help with the iCloud backup thing, but I'll do any sensitive syncing using something like boxcryptor and dropbox. For iCloud, I'll just use strong passwords that I regularly change. That should keep the criminals at bay --- As for the crocked cops, and corrupt government trying to frame me with something ... well, there's plenty of other ways they could do that other than through the cloud. so why worry about it too much.

Very interesting. I need to look into Boxcryptor more. Thanks for the link!

As for SpiderOak's mobile app, they should be able to encrypt on the fly on a mobile device. I don't use it much, but I need to look into it. Since the iPhone 3GS, Apple has been including built-in hardware encryption so maybe it's so fast that I don't realize it.
 
Wow, tinfoil hat crew really came out for this thread.

Way to cite a couple cases of abuse of the laws while ignoring the hundreds of thousands of cases every year that are by the books and put away legit criminals. Forget the countless abused and molested children saved, the financial criminals put away, and the terrorist activity stopped. While I'm not denying that abuses of the system do happen, I do believe that the good done by it far outweighs the bad.

Lucky for all of us, the system is run by those that can and do use it for good and not those in here believing that all it's only used for abuses of our rights. I'm done with this thread. Theres no point in arguing with those that can't be logical and are blinded with their fear and false assumptions. While you're busy believing that the government cares enough about you to bother spying on you, I'll be saving people's retirement from financial criminals, stopping child pedophiles, and keeping you and the people of the US and elsewhere safe from terrorists.
 
Wow, tinfoil hat crew really came out for this thread.

Way to cite a couple cases of abuse of the laws while ignoring the hundreds of thousands of cases every year that are by the books and put away legit criminals. Forget the countless abused and molested children saved, the financial criminals put away, and the terrorist activity stopped. While I'm not denying that abuses of the system do happen, I do believe that the good done by it far outweighs the bad.

Lucky for all of us, the system is run by those that can and do use it for good and not those in here believing that all it's only used for abuses of our rights. I'm done with this thread. Theres no point in arguing with those that can't be logical and are blinded with their fear and false assumptions. While you're busy believing that the government cares enough about you to bother spying on you, I'll be saving people's retirement from financial criminals, stopping child pedophiles, and keeping you and the people of the US and elsewhere safe from terrorists.

I think the evidence is certainly in on whether the system "is run by those that can and do use it for good" and, news flash, it's not that simple. While many actual criminals are caught by "the system", the whole foundation of our surveillance society is to assume that all citizens are criminals (or at least a threat). The only way to control a society that is exploited by the plutocracy is to - a) confuse and distract them with pop culture, sports, etc, and b) to surveille and neutralize any serious threats to the status quo. While this may not be a major effort today, the infrastrucure is being built so that when the time comes (whether that is 5 years or 500), the powerful can maintain power.

As for the government "caring enough" to "bother" spying on citizens - it is really a trivial matter these days to use brute computing power and keyword-sniffing voice recognition to monitor and analyze every single communication 24/7.

A simple Google search will reveal that it is much more than "a couple" of cases of abuse. And the real threat is the activity that is happening but NOT reported.
 
Very interesting. I need to look into Boxcryptor more. Thanks for the link!

As for SpiderOak's mobile app, they should be able to encrypt on the fly on a mobile device. I don't use it much, but I need to look into it. Since the iPhone 3GS, Apple has been including built-in hardware encryption so maybe it's so fast that I don't realize it.

You're probably right about Spideroak encrypting for what it does do.
All I checked for was if my iPad scanner app showed it in the "Open In..." list. Spideroak wasn't there, and Boxcryptor was.
The one real concern I have for extra security is with my financial data such as scanned tax forms. The only thing that kept my financial passwords safe when Dropbox famously left the door open a while back, was that 1Password had them protected with it's end to end encryption -- I'd like to have that for my other sensitive data as well.

I know the whole "good guy's vs. bad guy's" arguments get carried away with these security and privacy issues -- there's certainly valid points on either side.
 
You're probably right about Spideroak encrypting for what it does do.
All I checked for was if my iPad scanner app showed it in the "Open In..." list. Spideroak wasn't there, and Boxcryptor was.
The one real concern I have for extra security is with my financial data such as scanned tax forms. The only thing that kept my financial passwords safe when Dropbox famously left the door open a while back, was that 1Password had them protected with it's end to end encryption -- I'd like to have that for my other sensitive data as well.

I know the whole "good guy's vs. bad guy's" arguments get carried away with these security and privacy issues -- there's certainly valid points on either side.

I just got an email from SpiderOak. They said:
Currently our mobile clients don't have upload or write functionality to SpiderOak. This means that while you can decrypt and download data stored on your account, you can't do any back ups to it from your mobile device.

I never realized this until now. I guess I've never had to upload a file on my iPhone. I had to make sure Dropbox wasn't like this on iOS either. :D
 
I wonder if an erase without a restore from backup can still allow the software to recover data?

I could see potential criminals doing a daily wipe to prevent any history of gps locations, google map traces, web browsing, text messaging, etc.
 
I use the Crashplan option where I control the encryption password. The only downside is that Crashplan cannot help you if you forget the password.

All sensitive data that I upload to Crashplan is also encrypted using a third-party app on my Macs. I prefer GoSecure because the app offers various encryption strengths and makes it very easy to encrypt individual files and folders. My data is protected from any potential "backdoor" exploits via Crashplan.
 
I would assume that when I pay money for a cloud service it's supposed to keep my data secure

actually I cloud is free. Also I could complain that because I bought windows 7 it shouldn't be able to be infected with viruses because I paid all this mmey so it should be secure.

Learn the facts.

----------

I think the evidence is certainly in on whether the system "is run by those that can and do use it for good" and, news flash, it's not that simple. While many actual criminals are caught by "the system", the whole foundation of our surveillance society is to assume that all citizens are criminals (or at least a threat). The only way to control a society that is exploited by the plutocracy is to - a) confuse and distract them with pop culture, sports, etc, and b) to surveille and neutralize any serious threats to the status quo. While this may not be a major effort today, the infrastrucure is being built so that when the time comes (whether that is 5 years or 500), the powerful can maintain power.

As for the government "caring enough" to "bother" spying on citizens - it is really a trivial matter these days to use brute computing power and keyword-sniffing voice recognition to monitor and analyze every single communication 24/7.

A simple Google search will reveal that it is much more than "a couple" of cases of abuse. And the real threat is the activity that is happening but NOT reported.

Hope you've got a tinfoil hat and you've also destroyed all your electronic devices as they are all spying on you. As the government REALLY cares what you do 24/7.
 
Complete B.S. ...

Firstly, there have been products available to the forensic community that do this and much more for years now.

You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.

It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about. Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

This isn't something that Apple can or will patch.

I want secure encryption, which means, it cannot be violated by ANYBODY, especially not by the government. Yes, sometimes the bad guys will abuse it, but overall it's a good thing. Only bad/lazy law enforcement needs to decrypt communications to solve a crime. Good old police work does not need this, it can find other evidence.

Stand your rights and don't buy the "if you haven't done anything wrong you have nothing to fear". You have everything to fear.
 
I love the part where it says "Only available to Intel agencies etc"....please its made in Russia. I bet even the FSB don't trust this company, unless they helped them create it.


Surely the iCloud system was always going to have security issues, due to the fact it stores info people want to steal.....just like PCs in the beginning. I wonder how long after launch it was before the first virus rocked along and infected peoples PCs.


It has to become as secure as possible over time, or people will just not use it.
 
...It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about...

You mean authorities can snoop up your account and backups and if you're clean (that is they can't find anything wrong), then you have nothing to worry about, right?

I get your point but the idea is to not let anyone check on you without letting you know in some way (like a warrant?) Imagine police go into your house (whenever they feel like it) while you're gone and not letting you know because, well, they can't find anything wrong in your stuff...

...This isn't something that Apple can or will patch.

"Will", I don't know but they surely can make iCloud/account more secure... Like, I don't know, by forcing you to change your password every now and then.
 
My security brought to me by.... ME!

And to those who think they have nothing to hide, everyone has a right to privacy. No one should have to prove they are not a criminal by granting the gov't or others access to their phone, computers and more. just in a land grab to destroy privacy. Sorry. But all of this crap is illegal.

Time to redesign Apples eqpt. Put a small piece of electrical tape over the camera. I don't use it often enough for this to be a problem for me. This way I'm NOT depending on anyone but me, to secure me. Just a thought.
 
Wow, tinfoil hat crew really came out for this thread.

Way to cite a couple cases of abuse of the laws while ignoring the hundreds of thousands of cases every year that are by the books and put away legit criminals. Forget the countless abused and molested children saved, the financial criminals put away, and the terrorist activity stopped. While I'm not denying that abuses of the system do happen, I do believe that the good done by it far outweighs the bad.

Lucky for all of us, the system is run by those that can and do use it for good and not those in here believing that all it's only used for abuses of our rights. I'm done with this thread. Theres no point in arguing with those that can't be logical and are blinded with their fear and false assumptions. While you're busy believing that the government cares enough about you to bother spying on you, I'll be saving people's retirement from financial criminals, stopping child pedophiles, and keeping you and the people of the US and elsewhere safe from terrorists.

Oh not this old canard again about giving up all freedoms to save that proverbial "one child."

My suggestion? Let's just all live in a giant prison as it will make us all safe like mommy would like. We can tape pillows all over ourselves and let someone with complete authority tell us what to eat, what to wear, what to think.

Then we can all dance with joy in the hellish Orwellian nightmare we created just to be 'safe!'

Also, just a note - even in prisons crimes are committed, drugs and knives get in, murders are committed, not to mention the endless raping of the weaklings in there. And they have 24 hr guards, walls, locked doors, surveillance, wire tapping, etc.

So the illusion of 'security' is always just that - an illusion.

And also for your statement about these supposed benefits - not one person in the big banks (Citi, JPMorgan, Goldman Sachs, etc.) has ever been criminally charged for the destruction they did, nor will they because the corruption is always at the top - they are the biggest donators to the republicans and the democrats. So spare me the false arguments - most people now know it's a nonsensical position to take.
 
Last edited:
Lucky for all of us, the system is run by those that can and do use it for good and not those in here believing that all it's only used for abuses of our rights.

This seems like the only appropriate response to this seriously misinformed statement: :rolleyes:
 
i don't think the problem are the developers of this software. apple sending unencrypted data is the problem.

This has nothing to do with sending unencrypted data across the network - any database can retrieve previous versions of documents given how they are stored. This could be done to a database server maintained in your business or house. The same approach could be used on Google Drive.

I wish people would understand the articles the read before going off on tangents.

----------

I want secure encryption, which means, it cannot be violated by ANYBODY, especially not by the government. Yes, sometimes the bad guys will abuse it, but overall it's a good thing. Only bad/lazy law enforcement needs to decrypt communications to solve a crime. Good old police work does not need this, it can find other evidence.

Stand your rights and don't buy the "if you haven't done anything wrong you have nothing to fear". You have everything to fear.

You can encypt the backend but it won't matter. If they have your user id and password - the encryption is defeated just as it would be on Google Drive or any other networked system.
 
This has nothing to do with sending unencrypted data across the network - any database can retrieve previous versions of documents given how they are stored. This could be done to a database server maintained in your business or house. The same approach could be used on Google Drive.

I wish people would understand the articles the read before going off on tangents.


I read this part:

It's important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form .
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.