Maybe someone can explain the Remote Wiping in further detail for me. It seems quite easy to bypass. You take someone's iPhone, crack it open and pull out the SIM chip. Now it is no longer on the network and cannot be remote wiped. This can all be done within minutes of losing your phone. It could be that this feature isn't meant to prevent people from stealing company/personal secrets but rather a feel good way of knowing you might be able to wipe your information should you lose your iPhone. Is my assessment correct that the only connection the iPhone has for remote wiping is through the SIM chip?
[edit]
I realize that the iPhone can connect wirelessly to the internet but that is easily stopped also by turning off wireless access. The only identifying feature of the iPhone would be the MAC address at that point. I think it all sounds great in theory but no where near secure enough to prevent someone from taking secrets off an iPhone. The only plausible secure way would be to encrypt all the data on the iPhone and allow access to the data through a password you enter every time you utilize your iPhone. Then if you lost your iPhone and the encryption was strong enough they would be out of luck. You can't crack strong encryption like you can on TV. Then thief's would need to, once again, resort to Social Engineering to obtaining passwords and information.
[/edit]
Thanks,
Andrew
As a few other people have already touched on, the SIM card manages access to the network for the customer, preventing the customer from using a cell network if they don't have a plan with the carrier. While a lack of SIM card renders the phone useless to the customer, the phone can still allow the carrier to communicate with the phone through the network.
Also, now that the iPhone has GPS (which can be used independent from cell network access), there is one more way of tracking a phone.
The remote wipe feature is not really intended to protect against people who are stealing your phone for the purpose of stealing information. Rather, the remote wipe feature is intended to clear data so that if the phone is lost, or stolen by someone who wants the phone for the electronics, not for the data, the stealer can't wander upon personal data.
But the question that was raised was whether many passes are really necessary with flash memory.
Not required.
The many passes thing has to do with slop in writing/reading magnetic media. If the head is slightly off from the exact location of the previous write for a particular bit, the previous write will still be readable.
That is, it is still readable if you take the drive platters out and put them into a mind-bogglingly expensive and precise machine that can read the margins between bits of magnetically stored data.
Incidentally, the same thing used to be true of magnetic tape and analog recordings.
Flash media has no "between the bits" or "between the tracks".
Remote wiping probably is not a secure delete. Or should the iPhone display a message saying, "Please connect the iPhone to a power source so we can start a secure wipe"?
Maybe remote wipe has a secure delete of some key data like the address book.
Secure wipe and remote wipe are two different things, they might share some elements but one isn't the superset of the other.
so if my old iphone locks up after switching to the new phone how will one access this function?...
You're old phone isn't going to lock up. You're just only going to have one valid SIM card at a time. Unlike other phones, the iPhone allows you to boot the phone without a valid SIM card. It will not automatically relock itself.
But the question that was raised was whether many passes are really necessary with flash memory.
It seems that it's not necessary to write more than once to any drive.
According to the Center for Magnetic Recording Research, "Secure erase does a single on-track erasure of the data on the disk drive. The U.S. National Security Agency published an Information Assurance Approval of single pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure."
I wonder how many hackers are working on exploits to do unauthorized remote wipes on iPhones, just to screw with Apple and make a name for themselves.
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
I was thinking of that. Could you send out a broadcast wipe to all devices or do it have to do a secure handshake first to determine source and some special code?
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
Amen! Am I the only one that feels that any function built into software or hardware will occasionally happen inadvertently, maliciously, or just plain spontaneously? (I've known two people who had their airbags go off in their face just driving down the road....)
It seems that it's not necessary to write more than once to any drive.
True... if you're only trying to prevent an average schmoe from getting your data. (or even an above average schmoe i suppose)
But the NSA (and other 3 letter agencies) are more than capable of reading single-pass erased data. It just requires some really expensive hardware and software that pretty much nobody has.
Not that any of us have data that the feds want that bad.
Both are new to the iPhone. What I think Stuart is referring to is the SDK event where Apple announced that Exchange support for v2.0 will offer remote wipe. Of course, that relies upon ActiveSync being set up on your handset.
My only question... is this as good, or better than what is offered to Blackberry users?
As someone who uses BB Enterprise services every day, I can tell you that secure wipe has been present on the handheld for at least 5 years, and van be done from the server side via Blackberry ent. aervices for I think every version of the server
Truth be told, I assumed that it would have been availible on iphone 1.0 at launch, it doesnt need hype, it is a standard, hyping this is like saying CHRGER INCLUDED....everyone just assumes that with a high end smart phone.
I wonder how many hackers are working on exploits to do unauthorized remote wipes on iPhones, just to screw with Apple and make a name for themselves.
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
Fear not, it would requier teathering to an enterprise environment, which is a 2 step process, the admin sets access permissions on your network account, nd you run the enterprise setup tools on the phone...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
Possibly. But just speculation at this point. That is, unless you know that the bits of code, which perform the wipe, are an optional install on the iPhone.
If the functionality is present, a hacker could potentially utilize it even without involving a corporate network. Granted, if a hacker has gained access to the system, they could just delete everything anyway.
Truth be told, I assumed that it would have been availible on iphone 1.0 at launch, it doesnt need hype, it is a standard, hyping this is like saying CHRGER INCLUDED....everyone just assumes that with a high end smart phone.
On the one hand, it was released as a consumer device. I don't know of a single handset that offers that as an option for the average user. On the other hand, the complete vCard syncing, bookmarks, and calendars does offer more info than the average phone. I hadn't even though to remove personal account data from the notes section of AddressBook until just now!
Quote:
Originally Posted by a_greer
Fear not, it would requier teathering to an enterprise environment, which is a 2 step process, the admin sets access permissions on your network account, nd you run the enterprise setup tools on the phone...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
Apple is the Enterprise setup. They are the ones offering Secure Wipe and monitoring which apps you wish to receive info from via their Notification Server. This is a consumer branded Secure Wipe that does not require a connection to RiM or Exchange in any way to function.
they should also have a "find locate" ability, so when one is stolen, apple or att is notified, a wipe is done and connected to wifi OR network, it's located, and a picture is taken something like they have for the mac/ laptops that would put a big negative for stealing this thing.
All would be a good idea, except the picture would most likely be of their feet. "Calling all cars, calling all cars; be on the look out for a suspect wearing black pants, and white hi-tops."
All would be a good idea, except the picture would most likely be of their feet. "Calling all cars, calling all cars; be on the look out for a suspect wearing black pants, and white hi-tops."
\
Exactly. LOL.
BUT: Someday the iPhone may be able to scan the hands/fingers of the thief and register DNA information into some database in the cloud. And you thought Apple's DRM was a bitch!
Comments
Maybe someone can explain the Remote Wiping in further detail for me. It seems quite easy to bypass. You take someone's iPhone, crack it open and pull out the SIM chip. Now it is no longer on the network and cannot be remote wiped. This can all be done within minutes of losing your phone. It could be that this feature isn't meant to prevent people from stealing company/personal secrets but rather a feel good way of knowing you might be able to wipe your information should you lose your iPhone. Is my assessment correct that the only connection the iPhone has for remote wiping is through the SIM chip?
[edit]
I realize that the iPhone can connect wirelessly to the internet but that is easily stopped also by turning off wireless access. The only identifying feature of the iPhone would be the MAC address at that point. I think it all sounds great in theory but no where near secure enough to prevent someone from taking secrets off an iPhone. The only plausible secure way would be to encrypt all the data on the iPhone and allow access to the data through a password you enter every time you utilize your iPhone. Then if you lost your iPhone and the encryption was strong enough they would be out of luck. You can't crack strong encryption like you can on TV. Then thief's would need to, once again, resort to Social Engineering to obtaining passwords and information.
[/edit]
Thanks,
Andrew
As a few other people have already touched on, the SIM card manages access to the network for the customer, preventing the customer from using a cell network if they don't have a plan with the carrier. While a lack of SIM card renders the phone useless to the customer, the phone can still allow the carrier to communicate with the phone through the network.
Also, now that the iPhone has GPS (which can be used independent from cell network access), there is one more way of tracking a phone.
The remote wipe feature is not really intended to protect against people who are stealing your phone for the purpose of stealing information. Rather, the remote wipe feature is intended to clear data so that if the phone is lost, or stolen by someone who wants the phone for the electronics, not for the data, the stealer can't wander upon personal data.
But the question that was raised was whether many passes are really necessary with flash memory.
Not required.
The many passes thing has to do with slop in writing/reading magnetic media. If the head is slightly off from the exact location of the previous write for a particular bit, the previous write will still be readable.
That is, it is still readable if you take the drive platters out and put them into a mind-bogglingly expensive and precise machine that can read the margins between bits of magnetically stored data.
Incidentally, the same thing used to be true of magnetic tape and analog recordings.
Flash media has no "between the bits" or "between the tracks".
Maybe remote wipe has a secure delete of some key data like the address book.
Secure wipe and remote wipe are two different things, they might share some elements but one isn't the superset of the other.
so if my old iphone locks up after switching to the new phone how will one access this function?...
You're old phone isn't going to lock up. You're just only going to have one valid SIM card at a time. Unlike other phones, the iPhone allows you to boot the phone without a valid SIM card. It will not automatically relock itself.
But the question that was raised was whether many passes are really necessary with flash memory.
It seems that it's not necessary to write more than once to any drive.
I wonder how many hackers are working on exploits to do unauthorized remote wipes on iPhones, just to screw with Apple and make a name for themselves.
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
I was thinking of that. Could you send out a broadcast wipe to all devices or do it have to do a secure handshake first to determine source and some special code?
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
Amen! Am I the only one that feels that any function built into software or hardware will occasionally happen inadvertently, maliciously, or just plain spontaneously? (I've known two people who had their airbags go off in their face just driving down the road....)
It seems that it's not necessary to write more than once to any drive.
True... if you're only trying to prevent an average schmoe from getting your data. (or even an above average schmoe i suppose)
But the NSA (and other 3 letter agencies) are more than capable of reading single-pass erased data. It just requires some really expensive hardware and software that pretty much nobody has.
Not that any of us have data that the feds want that bad.
People are lazy, inattentive and easily distracted.
And yet are allowed to vote!
Both are new to the iPhone. What I think Stuart is referring to is the SDK event where Apple announced that Exchange support for v2.0 will offer remote wipe. Of course, that relies upon ActiveSync being set up on your handset.
Yeah, that's what I meant.
They announced remote wipe, not local wipe. That's new.
To paraphrase the old saying..."All wipes are local".
And yet are allowed to vote!
Ain't that a peach!
You love your Blackberry! Admit it Spam
Heh, heh. I do have Blackberry functionality available on my phone, but I don't use the service.
My only question... is this as good, or better than what is offered to Blackberry users?
As someone who uses BB Enterprise services every day, I can tell you that secure wipe has been present on the handheld for at least 5 years, and van be done from the server side via Blackberry ent. aervices for I think every version of the server
Truth be told, I assumed that it would have been availible on iphone 1.0 at launch, it doesnt need hype, it is a standard, hyping this is like saying CHRGER INCLUDED....everyone just assumes that with a high end smart phone.
I wonder how many hackers are working on exploits to do unauthorized remote wipes on iPhones, just to screw with Apple and make a name for themselves.
I hope that remote wipe can be disabled for iPhones bought by individuals for personal use.
Fear not, it would requier teathering to an enterprise environment, which is a 2 step process, the admin sets access permissions on your network account, nd you run the enterprise setup tools on the phone...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
Possibly. But just speculation at this point. That is, unless you know that the bits of code, which perform the wipe, are an optional install on the iPhone.
If the functionality is present, a hacker could potentially utilize it even without involving a corporate network. Granted, if a hacker has gained access to the system, they could just delete everything anyway.
Truth be told, I assumed that it would have been availible on iphone 1.0 at launch, it doesnt need hype, it is a standard, hyping this is like saying CHRGER INCLUDED....everyone just assumes that with a high end smart phone.
On the one hand, it was released as a consumer device. I don't know of a single handset that offers that as an option for the average user. On the other hand, the complete vCard syncing, bookmarks, and calendars does offer more info than the average phone. I hadn't even though to remove personal account data from the notes section of AddressBook until just now!
Fear not, it would requier teathering to an enterprise environment, which is a 2 step process, the admin sets access permissions on your network account, nd you run the enterprise setup tools on the phone...so long as you do not run those tools and successfully tie into a corprate network, they cant do remote wipe.
Apple is the Enterprise setup. They are the ones offering Secure Wipe and monitoring which apps you wish to receive info from via their Notification Server. This is a consumer branded Secure Wipe that does not require a connection to RiM or Exchange in any way to function.
Not that any of us have data that the feds want that bad.
I think they can get it other ways if they wanted it.
they should also have a "find locate" ability, so when one is stolen, apple or att is notified, a wipe is done and connected to wifi OR network, it's located, and a picture is taken something like they have for the mac/ laptops that would put a big negative for stealing this thing.
All would be a good idea, except the picture would most likely be of their feet. "Calling all cars, calling all cars; be on the look out for a suspect wearing black pants, and white hi-tops."
All would be a good idea, except the picture would most likely be of their feet. "Calling all cars, calling all cars; be on the look out for a suspect wearing black pants, and white hi-tops."
Exactly. LOL.
BUT: Someday the iPhone may be able to scan the hands/fingers of the thief and register DNA information into some database in the cloud. And you thought Apple's DRM was a bitch!
but to locate by wifi, cell tower etc