Monday, May 21, 2012

Mobile Security: Encryption Bug & Fix for iOS devices that shipped with iOS 3.0

I know lot of gamers are computer geeks & hackers, but not all gamers are, I also know lot of computer geeks prefer Android to iPhone, but you may still have friends or family that use iPhone, or maybe you use iPad or iPod yourself for music.

Anyway, my gf has iPad, so I have been doing a lot of research on iOS security.

Found out some real interesting things about iOS security.

See this Elcomsoft pdf for details, they also cover several password keepers in detail in that pdf.  Elcomsoft is a company that build hacking software and tools for governments and police agencies.

If your using an iPhone 4S or iPad2 or newer (ie A5 or newer chip), and use a strong password and lock the iOS device, your pretty darn secure.

Though iPhone 3GS & current gen iPod touch are fairly secure, they can be hacked by companies like Elcomsoft, or people using tools made by those types of companies from what I understand currently.

Apple may have a backdoor, but if they do it has not made news yet, you also need to be careful what you put on the iCloud, cause Apple states in EULA & etc for iCloud that they can view and even delete data from there.

There are password keepers that encrypt on the device but use iCloud or Dropbox for syncing and backup of encrypted data.

Only problem I have found is that there is a Bug that can prevent iOS device from encrypting data if it shipped with iOS 3.0

Full Story with fix at tidbits.com/article/12049.

You can check to see if your iOS device is using encryption by going to Settings > General > Passcode.  Scrolling to bottom of the screen and look for "Data protection is enabled".

You can see a screen shot of this message from an iPhone near bottom of this page http://support.apple.com/kb/HT4175 

Stay Safe,

Cliff

No comments:

Post a Comment