Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 
Author Message
 Post subject: Apple increases encryption security
PostPosted: September 18th, 2014, 3:49 am 
Rsbandb Donor
Offline

Joined: October 13th, 2005, 9:18 pm
Posts: 3366
Location: USA us
RS Name: Duke Juker
RS Status: P2P
Clan Name: Clan Quest
Quote:
Apple said Wednesday night that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user information.

The move, announced with the publication of a new privacy policy tied to the release of Apple’s latest mobile operating system, iOS 8, amounts to an engineering solution to a legal quandary: Rather than comply with binding court orders, Apple has reworked its latest encryption in a way that prevents the company — or anyone but the device’s owner — from gaining access to the vast troves of user data typically stored on smartphones or tablet computers.

The key is the encryption that Apple mobile devices automatically put in place when a user selects a passcode, making it difficult for anyone who lacks that passcode to access the information within, including photos, e-mails and recordings. Apple once maintained the ability to unlock some content on devices for legally binding police requests but will no longer do so for iOS 8, it said in the new privacy policy.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” Apple said on its Web site. “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

As the new operating system becomes widely deployed over the next several weeks, the number of iPhones and iPads that Apple is capable of breaking into for police will steadily dwindle to the point where only devices several years old — and incapable of running iOS 8 — can be unlocked by Apple.

Apple will still have the ability — and the legal responsibility — to turn over user data stored elsewhere, such as in its iCloud service, which typically includes backups of photos, videos, e-mail communications, music collections and more. Users who want to prevent all forms of police access to their information will have to adjust settings in a way that blocks data from flowing to iCloud.

Apple’s new privacy policy comes less than five months after the Supreme Court ruled that police in most circumstances need a search warrant to collect information stored on phones. Apple’s action makes that distinction largely moot by depriving itself of the power to comply with search warrants for the contents of many of the phones it sells.

The move is the latest in a series in which Apple has sought to distinguish itself from competitors through more rigorous security, especially in the aftermath of revelations about government spying made by former National Security Agency contractor Edward Snowden last year.

Although the company’s security took a publicity hit with the leak of intimate photos of celebrities from their Apple accounts in recent weeks, the move to block police access to the latest iPhones and iPads will thrill privacy activists and frustrate law enforcement officials, who have come to rely on the extensive evidence often found on personal electronic devices.

“This is a great move,” said Christopher Soghoian, principal technologist for the American Civil Liberties Union. “Particularly after the Snowden disclosures, Apple seems to understand that consumers want companies to put their privacy first. However, I suspect there are going to be a lot of unhappy law enforcement officials.”

Ronald T. Hosko, the former head of the FBI’s criminal investigative division, called the move by Apple “problematic,” saying it will contribute to the steady decrease of law enforcement’s ability to collect key evidence — to solve crimes and prevent them. The agency long has publicly worried about the “going dark” problem, in which the rising use of encryption across a range of services has undermined government’s ability to conduct surveillance, even when it is legally authorized.

“Our ability to act on data that does exist . . . is critical to our success,” Hosko said. He suggested that it would take a major event, such as a terrorist attack, to cause the pendulum to swing back toward giving authorities access to a broad range of digital information.

Many security experts have blamed security weaknesses in iCloud — some of which have since been fixed — for the recent leak of celebrity photos. Several companies also make systems designed to crack the encryption of devices, including the iPhone and iPad. Security experts generally consider Apple’s devices to be better protected against such attacks than some rivals’, although people with short passcodes — of four digits, for example — are in greater danger of what are called “brute force attacks” that relentlessly try all possible combinations.

Adding more security can make it harder for users to operate a mobile device. People who forget their passcodes with iOS 8 will not be able to recover them by contacting Apple. However, most users will have the bulk of their data automatically backed up on iCloud and would be able to restore their phones, although not before wiping them of all user data.


Link

tl;dr
Only device owners will be able to access data on their Apple device making it impossible for law enforcement to access the data through Apple. This doesn't include information gathering services like iCloud which are still accessible by Apple.

_________________
Image
RSBANDBInformer! Gaming Writer: 08/31/2011-09/30/15
RSBandB Donor since 07/01/2010
82nd Dragon Member since 05/12/2010
RSBandB Member #517
Current Activities: Ports, Dailies/Monthlies, DXP
Skill Masteries: Firemaking, Cooking, Woodcutting, Fletching, Mining, Agility, Prayer, Smithing, Fishing, Summoning, Construction, Herblore, Hunter, Thieving, Crafting, Divination, Dungeoneering, Farming, Runecrafting, Slayer, Magic, Ranged, Defence, Constitution, Attack, Strength, Invention & 1st Max (3/9/19), Archaeology & 2nd Max (4/16/21), 200m Firemaking, Necromancy


Top
 Profile  
 
 Post subject: Register and login to get these in-post ads to disappear
PostPosted: September 18th, 2014, 3:49 am 
Rsbandb Donor

Joined: September 9th, 2004, 1:47am
Posts: 9047
Location: In your web browserz


Top
  
 
 Post subject: Re: Apple increases encryption security
PostPosted: September 18th, 2014, 3:01 pm 
Site Owner
Offline

Joined: September 9th, 2004, 9:26 am
Posts: 6878
Location: Wild Rose Country ca
RS Name: shane12088
RS Status: P2P
This is good. But I'd just like to highlight how this worked previously:
- If the iOS device is off it is encrypted and locked up very tightly.
- A run of the mill user can't crack your passcode because after a number of attempts the device locks up.
- A 4 digit passcode offers 10,000 possible combinations. For Apple to get into a device they would need to first take an image (a bit for bit copy of the file system) and run through each of these combinations. This was benchmarked to previously take about 42 minutes to complete with a standard 4 digit passcode.
- For the longest time iOS has offered complex passcodes. A user can input a numeric passcode of more than 4 digits and have the numeric keypad still display. No one knows how long the passcode you entered is, this makes it harder to guess (is it 6 characters or 22?) You can also enter in passwords containing numbers, upper and lower case characters, and symbols. This is the strongest form of password that exists and exponentially increases the amount of time it would take to crack the device.
- The devices that are out now (5c, 5s, 6, 6 plus, and the iPads) are amongst the most secure that Apple has ever made. Older devices were still secure but were not as bullet proof as what we have today.

The story at the end of the day is to simply use a complex password on your iOS device if you are concerned.

You can read the full iOS security white paper here: http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf (Warning: Technical information ahead)

_________________


Top
 Profile  
 
 Post subject: Re: Apple increases encryption security
PostPosted: September 27th, 2014, 9:51 pm 
Rsbandb Donor
Offline

Joined: October 25th, 2004, 10:12 pm
Posts: 3055
Location: New Zealand nz
RS Name: Chief. Snake
RS Status: Retired
Clan Name: Bits and Bytes
Am I the only person in the world who is too lazy to use a pin on my phone?

_________________


Top
 Profile  
 
 Post subject: Re: Apple increases encryption security
PostPosted: September 28th, 2014, 1:18 pm 
Runite Member
Offline

Joined: January 5th, 2008, 6:37 pm
Posts: 429
Location: Edmonton ca
RS Name: Bryan Tran
RS Status: P2P
Clan Name: W22 Farming
Eh, I have a PIN, but I use my BT wristband to unlock it. If the bluetooth radio can't find it, it'll just head back to the PIN.

_________________
Image

Image


Top
 Profile  
 
 Post subject: Re: Apple increases encryption security
PostPosted: September 30th, 2014, 4:47 pm 
Rsbandb Donor
Offline

Joined: October 13th, 2005, 9:18 pm
Posts: 3366
Location: USA us
RS Name: Duke Juker
RS Status: P2P
Clan Name: Clan Quest
Chief Snake wrote:
Am I the only person in the world who is too lazy to use a pin on my phone?

I didn't have one for a while. It's a pain in the butt to have one. Even more so an actual password, but the sense of security is nice. I know a few people who don't use them. They seem to get by in life just fine without one.

_________________
Image
RSBANDBInformer! Gaming Writer: 08/31/2011-09/30/15
RSBandB Donor since 07/01/2010
82nd Dragon Member since 05/12/2010
RSBandB Member #517
Current Activities: Ports, Dailies/Monthlies, DXP
Skill Masteries: Firemaking, Cooking, Woodcutting, Fletching, Mining, Agility, Prayer, Smithing, Fishing, Summoning, Construction, Herblore, Hunter, Thieving, Crafting, Divination, Dungeoneering, Farming, Runecrafting, Slayer, Magic, Ranged, Defence, Constitution, Attack, Strength, Invention & 1st Max (3/9/19), Archaeology & 2nd Max (4/16/21), 200m Firemaking, Necromancy


Top
 Profile  
 
 Post subject: Re: Apple increases encryption security
PostPosted: September 30th, 2014, 7:19 pm 
Chat Moderator
Offline

Joined: December 15th, 2006, 4:43 pm
Posts: 1318
Location: G.A., USA us
RS Name: Firemana
RS Status: P2P
Clan Name: Problem Solvers
Duke Juker wrote:
Chief Snake wrote:
Am I the only person in the world who is too lazy to use a pin on my phone?

I didn't have one for a while. It's a pain in the butt to have one. Even more so an actual password, but the sense of security is nice. I know a few people who don't use them. They seem to get by in life just fine without one.

I started using one when iOS 7 I think it was made me get one. I could've turned it off but haven't yet. I likely won't set one on my new phone because it's rare for my device to not be with me when I'm in public.

_________________
.:: The Legend of The Sword :: FaceBook : Google+ : Twitter ::.
Image
::
88th Dragon Member : Informer Writer : Content Crew : Chat Moderator ::
"If it ain't broke, dun fix it."


Top
 Profile  
 
 Post subject: Register and login to get these in-post ads to disappear
PostPosted: September 30th, 2014, 7:19 pm 
Chat Moderator

Joined: September 9th, 2004, 1:47am
Posts: 9047
Location: In your web browserz


Top
  
 
Display posts from previous:  Sort by  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  
cron