iPhone security

TonyHoyle · Jul 4, 2008

The thing is.. most phones aren't stolen for their contents, they're stolen to sell on and make money. They don't give a stuff about PIN codes etc.. it gets sold cheap to some guy in the street who re-images it and sells it as 'second hand'. Any thief knows to power off a phone when they steal it otherwise it's traceable.

The resale is often in a completely different country to the original, to defeat national blacklists (which will defeat remote wipe as well, not that it matters because it will have been wiped before resale).

If you're storing things that people might actually want to get their hands on, like corporate secrets, then your company will pay for the security measures required. The more security you want the more it costs... but for home users a simple PIN is fine because the only thing you're really stopping is your friends breaking in and having a laugh at your expense.

michaelmaxwell2 · Jul 4, 2008

Lmao most people only got porn and songs on their iphone. For business or corporate offices there is also no need for encryption we are acting as if the iphone was a windows mobile phone where people could store documents on it and so forth. the only way to read documents is to store it in a saved folder in the mailbox on the iphone. So all they would need to do is send a remote wipe and change the password on the vpn user name or email address password ? I doubt that apple is going to allow the iphone remote wipe to store the info people remotely wipe somewhere in the phone as a system restore would.

And also the 4 digit pass code on the iphone was secure enough for the person who stole my phone not to get in. I know this for a fact due to Cingular customer service being closed and could not report my phone stolen for 3 days no phone calls or data information was sent or received during the time the sim card was active.

sushi · Jul 4, 2008

It would be nice if everyone had the ability to remote erase their iPhone just in case.

As for data on the iPhone, I would imagine there will be an application that encrypts data that is put into it which would be great for passwords and other sensitive items of data.

The current 4 digit code lock, while not much of a security lock, will deter someone taking a quick look at your phone contents.

ajbrehm · Jul 10, 2008

TonyHoyle said:
The thing is.. most phones aren't stolen for their contents, they're stolen to sell on and make money.

No. The thing is that I don't really mind if a 500 quid device is stolen and I have to buy a new one.

But I do mind if some stranger has access to my emails and address book.

The first is an inconvenience, the second a potential disaster.

fa.ce · Sep 4, 2008

i'm a bit confused: there's a way in Iphone 2.x to swipe remote the iPhone ?
How ?

Joe23 · Sep 5, 2008

fa.ce said:
i'm a bit confused: there's a way in Iphone 2.x to swipe remote the iPhone ?
How ?

This is possible if you have Microsoft Exchange set up on your phone. You can then log into Outlook Web Access and remote wipe your device from there.

I'm not sure if MobileMe offers it too?

bzollinger · Mar 4, 2009

This only wipes what is syncronized w/ exchange. It doens't do anything to other applications like eBay or Amazon....

spikedfo · Mar 4, 2009

Is there any app can remote erase alll personal infomation? if you got stolen

Theaser · Mar 4, 2009

spikedfo said:
Is there any app can remote erase alll personal infomation? if you got stolen

I enabled the Erase All Data if the passlock code is wrong for 10 times in a row. Sync it back up if I recovered it.

dave006 · Mar 4, 2009

bzollinger said:
This only wipes what is syncronized w/ exchange. It doens't do anything to other applications like eBay or Amazon....

Not exactly, Here is the Apple story:

Remote Wipe: You can remotely wipe the contents of an iPhone or iPod touch. Doing so quickly removes all data and configuration information from the device, then the device is securely erased and restored to original, factory settings. It can take approximately one hour for each 8 GB of device capacity for the process to finish.

With Exchange Server 2007, you can initiate a remote wipe using the Exchange Management Console, Outlook Web Access, or the Exchange ActiveSync MobileAdministration Web Tool.

With Exchange Server 2003, you can initiate a remote wipe using the Exchange ActiveSync Mobile Administration Web Tool.

Individual Users can also wipe a device in their possession by choosing “Erase All Content and Settings” from the Reset menu in General settings. Devices can also be configured to automatically initiate a wipe after several failed passcode attempts.

Important: Because wiping the device can take a long time, connect the device to its power supply. If the device turns off due to low power, the wiping process resumes when the device is connected to power. (NOTE: This will look like a BOOT LOOP)

Dave

The Admiral · Mar 4, 2009

ajbrehm said:
Encryption protected by four digits is better than none.

for all practical purposes, encryption protected by four decimal digits is no better than none at all. searching 14 bits of key space is ludicrously easy -- you'd break it in hours, worst case, on ten-year-old hardware. it would be a waste of CPU time for the iphone to encrypt data using the passcode as a key, and i'd be shocked and disappointed if i found out that i was wasting battery and CPU cycles for 14-bit OTFE.

the best course of action for securing your iphone is:
- vigilantly defend the physical security of the device.
- use the shortest auto lock option and always require the passcode.
- enable the data wipe option.
- jailbreak and use cylay.

Search

Search

iPhone security

TonyHoyle

macrumors 6502a

michaelmaxwell2

macrumors regular

sushi

Moderator emeritus

ajbrehm

macrumors 6502

fa.ce

macrumors 6502

Joe23

macrumors 6502

bzollinger

macrumors 6502a

spikedfo

macrumors regular

Theaser

macrumors 6502

dave006

macrumors 68040

The Admiral

macrumors member

Our Staff