I have a question about iOS4 security and data encryption (involving jailbreak)

Discussion in 'Jailbreaks and iOS Hacks' started by hrafn, Aug 23, 2011.

  1. hrafn, Aug 23, 2011
    Last edited: Aug 23, 2011

    hrafn macrumors newbie

    Aug 23, 2011
    I was curious about the data encryption method of iOS4, and more specifically, how it operates when one uses the "Erase all content and settings" feature. As far as I know, iOS4 merely drops the encryption key to all of the data on your drive (which is encrypted). This is supposed to make it inaccessible. This method is unlike the older versions, where it rewrote over all of the data (with 1's and 0's?) making it an unrecoverable garbled mess.

    Now onto my question, which is that I am assuming all of your data remains on the drive once the encryption key is dropped, so wouldn't it be possible to simply jailbreak the phone, load up openSSH and dump all of the data to your pc, thus being able to sift through whatever is there? Including whatever you may have deleted in the past. I assumed the encryption access key only applies to how iOS4 itself accesses the data.

    Is this correct? If so, would it seem that the older method of data "removal" was actually more secure? I am also aware of people transferring massive playlists from itunes to their devices, equal to its total capacity, thus rewriting over most of anything which had been previously deleted. I am not sure how effective this method is either, however.
  2. paxxxor macrumors newbie


    Aug 21, 2011
  3. hrafn thread starter macrumors newbie

    Aug 23, 2011
    No, it was just a theoretical question. I am curious about security issues or flaws when dealing with iOS4. I am probably going to investigate it myself, though I haven't jailbroken any device of my own (yet).
  4. hrafn thread starter macrumors newbie

    Aug 23, 2011
  5. hrafn, Aug 25, 2011
    Last edited: Aug 25, 2011

    hrafn thread starter macrumors newbie

    Aug 23, 2011
    If anyone is interested, iErase is an app available which may remedy this security issue. It writes over all available data space with 0's, and then flags all of it to be written over thereafter (deletes). Seems very similar or identical to the older method of an iOS erase/format.

Share This Page