+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 30
General Chat Thread, Forensic scientist drops bomb on Apple iOS security in General; Forensic scientist drops bomb on Apple iOS security | TG Daily From the list, the thing that stuck out was ...
  1. #1

    Join Date
    Apr 2010
    Posts
    2,169
    Thank Post
    111
    Thanked 192 Times in 159 Posts
    Rep Power
    85

    Forensic scientist drops bomb on Apple iOS security

    Forensic scientist drops bomb on Apple iOS security | TG Daily

    From the list, the thing that stuck out was being able to side step the encryption. Not good.
    Last edited by edutech4schools; 22nd July 2014 at 04:01 PM.

  2. #2

    abillybob's Avatar
    Join Date
    May 2013
    Location
    Shropshire
    Posts
    3,187
    Thank Post
    433
    Thanked 438 Times in 302 Posts
    Rep Power
    257
    You're all wrong, Apple is always right and innovative...... APPLE 4 LYF

  3. #3
    XiJ
    XiJ is offline

    Join Date
    Mar 2013
    Location
    Sheffield
    Posts
    237
    Thank Post
    12
    Thanked 46 Times in 43 Posts
    Rep Power
    11
    Apple have issued a statement saying it's not true. Haven't read it yet tho.

  4. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    It's not Apples fault, maybe the researchers were holding it wrong when they cracked through all its security, I'm sure if they were just holding it right with their hands over the firewire connector it would be perfectly secure

  5. #5


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,796
    Thank Post
    262
    Thanked 2,964 Times in 2,179 Posts
    Rep Power
    846
    Here's the article and slides @edutech4schools' link refers to:

    Identifying Back Doors, Attack Points and Surveillance Mechanisms in iOS Devices


  6. #6

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,260
    Thank Post
    289
    Thanked 796 Times in 605 Posts
    Rep Power
    348
    I expect there are similar things in Android and Windows phones/tablets tbh, if the NSA or other security agency want your info, they will get it. Freedom and privacy really are things of the past unfortunately.

  7. #7

    Join Date
    Sep 2011
    Posts
    317
    Thank Post
    0
    Thanked 32 Times in 28 Posts
    Rep Power
    12
    Nokia 3210 here I come.

    I hear they are using type writers in Germany.

  8. #8

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,260
    Thank Post
    289
    Thanked 796 Times in 605 Posts
    Rep Power
    348
    Quote Originally Posted by Alkaline View Post
    Nokia 3210 here I come.

    I hear they are using type writers in Germany.
    Got one in a drawer somewhere, saving it for when they rocket in price on fleabay.

  9. #9
    TheScarfedOne's Avatar
    Join Date
    Apr 2007
    Location
    Plymouth, Devon
    Posts
    1,121
    Thank Post
    753
    Thanked 176 Times in 159 Posts
    Blog Entries
    78
    Rep Power
    86
    Quote Originally Posted by XiJ View Post
    Apple have issued a statement saying it's not true. Haven't read it yet tho.
    Link??

  10. #10

    seawolf's Avatar
    Join Date
    Jan 2010
    Posts
    969
    Thank Post
    12
    Thanked 287 Times in 219 Posts
    Blog Entries
    1
    Rep Power
    176
    "Zsziarski does say that the iPhone is "reasonably secure" to a typical attacker and newer devices are generally more secure from everybody…everybody except Apple and the government."
    So, from what can be gleaned from the article, the iPhone is pretty secure, particularly more recent ones. Except for those back doors that they have to provide to law enforcement or risk being shut down.

    Anyone have memory of Lavabit? They were being forced to handover encryption keys to the govt. and decided to shut the doors instead. The big IT companies chose to handover data via court orders when required rather than shut the doors like Lavabit did. So, yeah not ideal, but Google, Microsoft, Apple, etc. haven't really been given much choice have they? Apple even outlines the process pretty clearly in public domain:

    https://www.apple.com/legal/more-res...w-enforcement/

    Unless any of the big IT companies are willing to take a huge risk that's the way it is.

    Apple, Google, Microsoft unite against NSA spying program - CNET

  11. #11

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,523
    Thank Post
    527
    Thanked 2,645 Times in 2,047 Posts
    Blog Entries
    24
    Rep Power
    924
    Sorry @seawolf, that just seems even more apologetic for Apple's behaviour than usual.

    If you read through the article there are a variety of troubling things discussed.

    1. The services are undocumented
    2. The data produced is personal in nature
    3. Companies do not *have* to gather all sorts of data on people's individual devices as far as I'm aware, just make it available if it exists when requested. If you can point me to laws that list things that have to be gathered on personal phones (and not at network level).
    4. The encryption is useless as it doesn't seem to encrypt when the phone is locked, only when shut down. Not to mention it can be bypassed for a huge amount of data anyway.
    5. Providing data when it is demanded by a law enforcement agency does not mean setting up your entire system to aid this. It means handing over whatever data is actually accessible for the request.

    Listing it in some online document does not make it right.

  12. #12


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,796
    Thank Post
    262
    Thanked 2,964 Times in 2,179 Posts
    Rep Power
    846
    Last edited by Arthur; 23rd July 2014 at 10:19 AM.

  13. #13

    seawolf's Avatar
    Join Date
    Jan 2010
    Posts
    969
    Thank Post
    12
    Thanked 287 Times in 219 Posts
    Blog Entries
    1
    Rep Power
    176
    Quote Originally Posted by localzuk View Post
    Sorry @seawolf, that just seems even more apologetic for Apple's behaviour than usual.

    If you read through the article there are a variety of troubling things discussed.

    1. The services are undocumented
    2. The data produced is personal in nature
    3. Companies do not *have* to gather all sorts of data on people's individual devices as far as I'm aware, just make it available if it exists when requested. If you can point me to laws that list things that have to be gathered on personal phones (and not at network level).
    4. The encryption is useless as it doesn't seem to encrypt when the phone is locked, only when shut down. Not to mention it can be bypassed for a huge amount of data anyway.
    5. Providing data when it is demanded by a law enforcement agency does not mean setting up your entire system to aid this. It means handing over whatever data is actually accessible for the request.

    Listing it in some online document does not make it right.
    You would prefer that Apple document how to hack the iPhone? Interesting perspective.

    In any case, I'm simply stating how it is. I don't even own an iPhone anymore and have no plans to buy one in the future, or any other smartphone for that matter (I have a Nokia 106 a basic as u can get). So, I couldn't really give a rip how secure or insecure the iPhone is.

    My view is that anyone who expects complete privacy in anything that is connected to the internet is delusional. That wasn't even true in 1988.

  14. #14

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,523
    Thank Post
    527
    Thanked 2,645 Times in 2,047 Posts
    Blog Entries
    24
    Rep Power
    924
    Quote Originally Posted by seawolf View Post
    You would prefer that Apple document how to hack the iPhone? Interesting perspective.
    Sorry, what? You are recommending security through obscurity then? Not a good choice.

    In any case, I'm simply stating how it is. I don't even own an iPhone anymore and have no plans to buy one in the future, or any other smartphone for that matter (I have a Nokia 106 a basic as u can get). So, I couldn't really give a rip how secure or insecure the iPhone is.

    My view is that anyone who expects complete privacy in anything that is connected to the internet is delusional. That wasn't even true in 1988.
    You're stating how you think it is. Not the same thing as how things actually are.

  15. #15

    seawolf's Avatar
    Join Date
    Jan 2010
    Posts
    969
    Thank Post
    12
    Thanked 287 Times in 219 Posts
    Blog Entries
    1
    Rep Power
    176
    Quote Originally Posted by localzuk View Post
    Sorry, what? You are recommending security through obscurity then? Not a good choice.
    So, how did that out in the open thing work out for OpenSSL? Heartbleed anyone? Obscurity plus good security frameworks are the ideal.


    You're stating how you think it is. Not the same thing as how things actually are.
    How things actually are is that you're dreaming if you think there is privacy on the internet. There hasn't been for a LONG time.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. The Simpsons let rip on Apple
    By SYNACK in forum General Chat
    Replies: 3
    Last Post: 1st December 2008, 08:43 PM
  2. hotmail drag and drop not on Linux Firefox
    By ITWombat in forum *nix
    Replies: 1
    Last Post: 9th June 2008, 07:14 PM
  3. Apple iCal security holes left wide open
    By webman in forum IT News
    Replies: 0
    Last Post: 23rd May 2008, 09:44 AM
  4. Running Java on RM Network Securely
    By tony82 in forum Network and Classroom Management
    Replies: 3
    Last Post: 10th September 2007, 10:22 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •