Encryption software with auto destruct feature.

Discussion in 'Mac Apps and Mac App Store' started by applesupergeek, Jul 17, 2010.

  1. applesupergeek macrumors 6502a

    Joined:
    Nov 20, 2009
    #1
    I have been using the encrypted image making for sensitive files, but I am looking for something as separate iOs (yes I know it's not the right subforum but since the mods in their infinite wisdom have split the software subforums...) or OS X software that will also allow for an autodestruct feature to be feasible after a set number of failed password attempts, because there is no use really of an encrypted image if one can run brute force ad infinitum. Sure non lexicografical passwords will fair better but how well it's anyone's guess.

    Anyone guys gals?
     
  2. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #2
    Suppose an attacker burns your encrypted disk image to write-once medium, such as CD-R or DVD-R. Then they can apply brute force ad infinitum. And that's just one way. There are countless others. For example simply copy the original somewhere else, so it can be read and reread ad infinitum. The storage medium doesn't need to be write-once.

    So on a technical level, what you ask for is impossible. It's either impossible to really do correctly, or it's impossibly easy to circumvent.
     
  3. applesupergeek thread starter macrumors 6502a

    Joined:
    Nov 20, 2009
    #3
    hmmm, thanks for that, very interesting and revealing comments. I can't help thinking however that there must be a way that say the department of defence has managed to circumvent this issue. Then again it is true, you can always do a byte level copy on any medium. Unless of course the image file has some proprietary file type that it itself is encrypted? I am talking shots in the dark here and I am probably talking rubbish.

    That said then the autodestruct feature on iOS isn't that effective either as the partition can be mounted outside of iOS before any autodestruct takes place, so where does one leave us then? With all our data so vulnerable?
     
  4. lewis82 macrumors 68000

    lewis82

    Joined:
    Aug 26, 2009
    Location:
    Totalitarian Republic of Northlandia
    #4
    Do you have super top-secret data from the government? If yes, someone who was responsible for telling you how to protect your data didn't do its job.

    I guess you are not. So just use a secure password (something like 15 ASCII symbols, random, or even more if you wish,). Current computing power is still to small to easily crack 128 bit AES keys, let alone 256 bit.
     
  5. applesupergeek thread starter macrumors 6502a

    Joined:
    Nov 20, 2009
    #5
    thanks for your help buddy. Puts things into perspective. Btw is apple's encryption 256 bits?
     
  6. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #6
    Yes, you're taking shots in the dark and talking rubbish.

    The only thing that's reasonably safe is something that has physical self-destruct mechanisms that protect the physical medium on which the bits are stored, and the physical package the medium and the self-destruct mechanism is contained in. It's also called tamper-proofing. And it's very expensive.

    That's not how the iOS autodestruct or remote-wipe feature works.

    The protected data is encrypted with a key that's only stored in a specific place in the chip. Erase that key from that location and the encrypted data can no longer be decrypted except by brute force (in theory). If you know anything about cryptography, then you know how long brute force takes. Even so, I doubt that iOS has been certified for any seriously top secret uses. Again, very expensive.

    Security is never absolute. It's always about tradeoffs. What are you protecting, from whom, for how long.
     

Share This Page