People who Know A Lot About Hacking/Encryption. What do U Think About Apple's Claims

Discussion in 'iPhone' started by VideoNewbie, Oct 4, 2012.

  1. VideoNewbie macrumors 6502

    Feb 6, 2009

    ^ Apple Claims this.

    but a macrumor member claims this

    "This is simply not true. Even the remote wipe is not 100% full proof. While it is a feel good measure for the average consumer, there is still a real risk if someone is really wanting your data train is willing to work hard to get it.

    The encryption is really weak and not that complicated and the data is still on the device. There are many free and paid tools that will allow law enforcment and experienced hackers to recover large amounts of data from the iPhone.

    The Passcode and secure erase are just feel good measures like dead-bolts on a door. The week link is not the dead-bold but the door frame.

    The good news is that this security exposure has been around as long as data was store on any media so you just have to decide how paranoid you are about someone spending hours trying to recover you data and if you really have something to hide..

    Dave "

    Anybody who knows a lot about encryption and security want to provide their two cents on this?
  2. vladzaharia macrumors regular

    Jul 5, 2010

    It's secure.

    When you wipe, the security key is dropped from the phone, so even though the files are still there, they're encrypted and can't be accessed without this key. It uses AES, which is the government standard for protecting classified-level documents. If the government can trust it to do its job when we're talking about incredibly secure documents, then you can trust it to protect a phone.
  3. cyclotron451 macrumors regular


    Mar 16, 2005
    We've just bought a law enforcement data-recovery device (small black handheld unit) with kilograms of software, and this scenario you highlight is one that we will be testing for the purposes of understanding Citizen Protection against attacks, fraud and potential illegal actions. Might take us a while to configure and run the experiments, but run they will be!

    I have never, ever, sold any of my previous phones or computers - due to data remnance worries.
    My old hard-disks get the bucket of salt-water treatment!
    With Flash/SSD data systems I've not yet determined how to erase them - dismantling and shredding might be the best.
    Crypto keys have routinely been transmitted to 'adversaries' due to hardwired features in previous systems.
    In the UK it is potentially illegal to have encrypted data and not to produce the Crypto key on demand. Luckily all iPhones create a browsable docking-backup that would probably satisfy the laws demands.
  4. VideoNewbie thread starter macrumors 6502

    Feb 6, 2009

    so you don't buy apple's claims?


    "Even though the files are still there" where are they kept exactly and why dont they just have an option to delete those existing files?
  5. vladzaharia macrumors regular

    Jul 5, 2010
    They're... on the flash chips? I don't understand how you'd answer that question. They're stored on the NAND storage.

    Because deleting those files takes upwards of 2 hours. Older phones deleted, and it took forever to get it back to working. Dropping an encryption key takes minutes. Furthermore, deleting them won't be as secure as you could recover them unless it did a zero erase where all the data is replaced with 0s. That takes even longer. Dropping the key renders the encrypted data as completely garbled. Without that key, you can't access the data, even if it's there.

    Seriously, what are you concerned about? What the hell kind of documents are you keeping on the phone that this is a legitimate concern? If the government trusts this encryption scheme for classified information, why can't you?
  6. XboxMySocks macrumors 68020


    Oct 25, 2009
    He's got to secure all of his nudes :eek:
  7. From A Buick 8 macrumors 68040

    From A Buick 8

    Sep 16, 2010
    Ky Close to CinCinnati
    And his wife is ex KGB COM SAT .... So yea she will break the code
  8. noteple macrumors 65816


    Aug 30, 2011
    DO you think Apple itself could recover a erased key ?

    DO you think they could provide that service to Law Enforcement ?

    The rest of us without the resources of the NSA are pretty much hosed.

    One extra step after erasing contents perform a restore of OS NOT restore backup.
  9. scaredpoet macrumors 604


    Apr 6, 2007
    Software doesn't take up kilograms of mass.

    Attacks from whom, exactly?
    What "potential illegal actions?"
    What experiments do you plan on running? Where will the results be published?

    So basically, you're hoarding all of this remnant data in a physical location that, should these as-yet-unknown "attackers" who want to commit "illegal actions" decide to "attack" you, they can just raid your hoard and get whatever they want? That doesn't sound very safe.

    Unfortunate, because buckets of salt water aren't exactly effective. Degaussing and incineration are better.

    Which "adversaries?" What "hardwired features" are you talking about?

    What exactly is a "browsable docking-backup?" That's not a feature I've heard of on my iPhone.

    The best defense in data protection is knowledge and facts, not vague pronouncements and ambiguous jargon. The AES 256 encryption on the iPhone 3GS and up is quite strong. Impenetrable? No. But given current technology and understanding established trends in technological advancements, it would require unreasonably massive resources to crack the encryption and obtain the data within, once a phone has been wiped and the key disposed of.

    TL;DR: If there is an entity out there, coming after you, that might have the resources to recover data from a wiped iPhone 4 or 5 to use against you, then chances are they have ways of getting whatever information they want against you without even touching your phone. In which case, you have a lot more to worry about than whether your iPhone is really wiped.
  10. cyclotron451 macrumors regular


    Mar 16, 2005
    The correct answer to this, and basically the whole point of my work, is we follow the maxim "trust, but verify"

    Historically the iPhone 3G and 3GS had all data stored on the phone in encrypted form, great. However the phone happily decrypted the data on the fly should someone bother to SSH into the 30pin connector via Terminal on a connected Mac, the phone would then send plain text.
    Browse the (2008) FBI iPhone forensic manual here (Scribd but registration not needed to read online)

    We're not targeting Apple specifically, we've bought nearly every representative consumer data handling device and are slowly putting them through scientific analysis. My current favourite is the Samsung 55" SmartTV - how do SmartTV's handle sensitive citizen data? - whatever it is; medical records/Google advert Bubble/free communications... There isn't a tool that I've found yet in the Samsung TV to erase teh gigabyte of onboard flash memory. I won't be able to easily shred a 55" TV set!

    Data erasure/recovery on the device is almost irrelevant anyway, as previous commentators have mentioned, the cloud knows everything, (except who has recently received a National Security Letter) Not many sites are using the NSL "Warrant Canary" yet.
  11. thewitt macrumors 68020


    Sep 13, 2011
    No and No
  12. vladzaharia macrumors regular

    Jul 5, 2010
    Except that NSLs can't request any content. They can demand a list of files if they want, but they can't demand the content of those files.

    Furthermore, any iPhone/iPad/iPod Touch data backed up to the cloud is equally encrypted. Try restoring an iPhone with a backup created on another computer. It'll ask you to enter your backup's password to decrypt. Same principle on iCloud backups.

    And, as I asked the OP, what information do you have that is so important that you have to hide it? You do realize that there are >300 million people in the US. If each of them had only 2 devices that could store data, the government would need to go through the contents of up to 600 million devices to find information about you. That's not practical. You're really just being paranoid if you worry about that.
  13. zone23 macrumors 68000

    May 10, 2012
    Sold my iPhone and a guy spent 36 hours to find out I spent a lot of time on MacRumors. I'm sure he was VERY disappointed. LOL
  14. gangof4 macrumors member


    Jun 6, 2011
    So . . .

    Is it safe for me to keep financial information (i.e., account numbers, pass codes, etc.) on an iPad if under <Settings <iCloud I've ticked "Off" for Documents and Data? That should keep any "critters" from being backed up onto the cloud? And I've indicated that I want the data to be erased following ten unsuccessful tries to access the ipad via the four digit pass code.

    I do wonder about the apps I have (PDF Reader Pro, Pages, Numbers, etc.) Might not they back up to the Cloud independently of the general settings switch. Have I forgotten anything and finally, would you personally and comfortably keep such info described above on your ipad?
  15. gnasher729 macrumors P6


    Nov 25, 2005
    No, Apple cannot recover an erased key.

    There are three keys involved:

    1. The drive key used to decrypt that drive. This key is _never_ stored anywhere, so Apple would have absolutely no way to know it.

    2. The master key. The master key is used to encrypt the drive key when it is stored, and to decrypt the drive key. When the area where the drive key was stored is erased, the master key has nothing to decrypt anymore. (On MacOS X, you can write down the master key and put it in your safe, or you can ask Apple to store it, encrypted without three security questions).

    3. The password. The password is used to encrypt or decrypt the master key. This one is possible to attack, for example if you have a four digit key only.

    But once the encrypted drive key is wiped, there is no way to recover the key, so you would have to attack 128 bit or 256 bit encryption directly - and there is no chance to succeed. Or let's say anyone who would have a chance to succeed could just let you disappear in jail without a trial anyway.

    What is _not_ safe is any device while it is running. Because then the device is able to decrypt data as it is needed, so it is possible to attack (which is why I never put my works Mac to sleep but shut it down).
  16. HowardSmith macrumors 6502a

    Sep 13, 2012
    I was told that a minute or so of being placed in a microwave would erase/destroy NAND memory. It would also destroy the phone in only a second or two.
  17. Mercenary macrumors 65816


    Sep 17, 2012
    No encryption is unbreakable but it takes time, a super computer and the motivation.

    And there in-lies the problem. What do you have which would motivate someone to go to that expense and time to crack your phone? Pictures you took of yourself posing in the mirror with your pants too low ain't going to motivate anyone.

    Bottom line, don't worry. It's not like your the president.
  18. skippymac macrumors 6502a


    Jun 9, 2010
    Hampshire, UK
    The ONLY way to completely ensure some data will never be seen again is to completely erase it. Any encryption can be broken with enough time, computing power and motivation by the person wanting the data.

    What you have to ask yourself is this: "Is someone going to spend huge amounts of money, time, and resources to use my itunes account to buy a few songs and maybe spam some people on my contacts list?"
  19. cookiesnfooty macrumors 6502


    Jul 1, 2009
    Or maybe he is :eek:
  20. vipJj123 macrumors member

    Jun 10, 2012
    You could always erase the iPhone and then fill the storage back up with random info. That new info would then rewrite over your old info, thereby making your old info unreachable.
  21. dasx macrumors 65816


    Jun 18, 2012
    Yes. I know the CIA might be able to access my contacts or recent calls even if I restored my iPhone. (I don't think so but let's assume it's possible for the sake of the discussion).

    Well, I don't call anyone the CIA might be interested about, and if they are, I'll be willing to tell them what we talked about as it wouldn't risk the national security for sure.

    So, if you got something like nuclear warheads launch keys in your phone, destroy it instead of selling it.
  22. old-wiz macrumors G3

    Mar 26, 2008
    West Suburban Boston Ma
    Exactly. Unless you have info about a serious terrorist plot or list of drug suppliers, it's not worth the effort for the top level spooks to go after the data. Whether or not they can do it is not something they will talk about.
  23. noteple macrumors 65816


    Aug 30, 2011
    Are you serious? We are talking about an iPhone

    The phones application space and file system in one place, non volatile memory.

    All of it is there. Ya just have to know where to look.

    What's creepier is where else it might be out side of the phone.
    Either intentionally or unintentionally

Share This Page