I’d be interested to know that if when you manually lock the phone down with a long press on sleep/wake + volume - which locks biometrics and necessitates password Re entry, if this is considered BFU or AFU. Technically it is AFU, but from what I remember Apple execs discussing, that is supposed to lock down the phone. In which case it is still feasible to lock people out without a power down. Hmmm....
Emergency SOS mode is not the same as BFU.
Notable differences are that in true BFU, the iPhone does not connect to Wi-Fi. With Emergency SOS mode, Wi-Fi remains connected.
We have no idea how many keys get discarded when Emergency SOS mode is activated. What we do know is, it disables USB data, so any vulnerability is going to rely on a network attack (sending an iMessage exploit, for example.)
Wait, is this new? I've always known (assumed?) that the phone is in a less secure state after first unlock. However, I did assume that the SOS mode lock put the phone into BFU state - it appears it does not, although with USB disabled, it might be sort of in-between BFU and AFU from a security perspective. Nor, presumably, is it in BFU state when it asks for the passcode to re-enable Face/Touch ID every week, though I don't know whether USB is enabled or not in that scenario.
There are some changes here: in 2012, a larger number of app's data were completely protected. Since that time, things have changed, and some types remain completely protected, others have less protection than they did.
Moral of the story: turn off your device when you go through customs or “security checks” where people can get physical possession of your devices, or when an arrest is imminent...
And use encryption with your e-mail, otherwise plaintext messages can be recovered from the mail server, so Apple using top encryption on your mail messages on the phone is pointless.
The location data makes sense, but the other stuff he mentioned doesn’t really need to be unencrypted while no one’s looking at it. I’m wondering if it’s a change that was made to conserve power.
Oh wait. Here’s something that happens in the background: indexing and processing for machine learning. I reckon a lot of that gets done while the phone is locked and probably can’t be done without decrypting the data.
Another example: if you’ve allowed Siri access when locked, it can read messages to you even if your phone is locked, and allow you to create and send replies (which also get “written” into your conversation history). This would therefore require the messages to be accessible to Siri in decrypted form.
Other things like photos might be in play so they can sync to iCloud in the background while your device is locked.
I wonder if this is intentional so Apple can keep telling its users their data is encrypted, which it is, but then also able to turn a blind eye to the hacks the law enforcement uses to dump the phone's contents. That way they don't get forced to put in an explicit backdoor, because there is a workaround. Either that, or Apple has been secretly forced to allow access and these encryption workarounds give the illusion of privacy and non-compliance with law enforcement bigwigs and yet they actually are bending, with this being the best way they've got to keep the agreement secret.
lie's to us ? No that would never happen. lol Tim tells us one thing and makes it sound like your info will never be compromised but in fact it is. If this turns out to be fact.
Apple doesn't advertise this widely, but has always maintained that much data (messages, photos, notes, etc. mentioned in the Green paper) backed up to iCloud is not end-to-end encrypted.
Instead it uses a master Apple key that can be used to decrypt, but only by Apple, and only revealed with a proper search warrant showing probable cause, per:
Somewhere exist published statistics on how may warrants are issued.
I know this article covers the more disconcerting case of warrantless hacking by local authorities who have physical possession, so that is also useful to know.
I'm not going to pretend to understand all of this, but I believe that these issues will mostly all be moot once the iPhone, inevitably, goes portless.
Yes, I'm so looking forward to my next phone rendering useless my Car Play, ALL my charging adapters and portable battery pack, and reduce my charging speed by 2/3rds. (Yes, I'm aware that I can spend a few hundred to restore SOME of that.)
I really hope that never happens - but it's totally something I could see Apple doing.
Portless probably wouldn’t cause that. I imagine MagSafe is going to be developed further to do data and power. In which case you could still use a USB to MagSafe cord. Device would still be portless, but CarPlay, charging devices, and possibly even speed wouldn’t be rendered useless.
I wouldn't be surprised in the least if Tim Cook and company passively make it easier for government like China, US, EU, etc., to gain access to private phone data. However, I’m mystified that this MIT Professor is apparently unable to demonstrate his theory which he believes all these alphabet soup government agencies can already do. We’re suppose to believe that governments can readily break the encryption but the MIT Professor and every non-government security expert in the entire world are either incapable or dupes for Apple. Instead of the ACLU suing Apple for PR, how about just publicly replicate what the governments can allegedly already do.
I agree with this. Don’t submit a theory like he’s doing when you can go a step further and actually prove it. I also don’t think Apple’s stupid: they knew the ins and outs of their products, and they know what types of data their encryption protects and what it doesn’t.
@zimmie suggested the data they can capture isn’t of much value to law enforcement. So maybe the professor can tackle that next (if he has any forensic law background). If Joe decides to send a text to someone to sell some coke, how valuable is that information if a) it’s not explicit, b) no names are mentioned. My guess is that LEO’s job is that much harder. The most he can alleges it that Joe talked about “snow” to someone. There’s no implication there, just inference. And that’s not enough for the court to convict.
That's not what I said. I said the FBI and NSA don't care about most of the contents of a phone which could be protected by encryption. The NSA serves no law enforcement function, and is purely an intelligence agency. The FBI has some large-scale law enforcement responsibilities, but is also responsible for domestic intelligence collection and analysis.
State, county, and city cops would be much more likely to care, simply because they work at smaller scales. If you tell a friend "I hit this white man", the FBI doesn't care, but the local police would.
Comments
There are some changes here: in 2012, a larger number of app's data were completely protected. Since that time, things have changed, and some types remain completely protected, others have less protection than they did.
And use encryption with your e-mail, otherwise plaintext messages can be recovered from the mail server, so Apple using top encryption on your mail messages on the phone is pointless.
(messages, photos, notes, etc. mentioned in the Green paper) backed up to iCloud
is not end-to-end encrypted.
Instead it uses a master Apple key that can be used to decrypt, but only by
Apple, and only revealed with a proper search warrant showing probable cause, per:
https://www.apple.com/legal/privacy/law-enforcement-guidelines-us.pdf
Somewhere exist published statistics on how may warrants are issued.
I know this article covers the more disconcerting case of warrantless
hacking by local authorities who have physical possession,
so that is also useful to know.
State, county, and city cops would be much more likely to care, simply because they work at smaller scales. If you tell a friend "I hit this white man", the FBI doesn't care, but the local police would.