Apple: Data on device running iOS 8 protected from everyone, even police, but there is a catch

Apple: Data on device running iOS 8 protected from everyone, even police, but there is a catch
At first glance, one might feel emboldened by the idea that iOS does not give up anything to anyone. Despite what headlines you might have seen, there are limits to how well such protections actually work in real life.

Apple announced that with iOS 8, it was taking a hard line on protecting data on devices running the new software. New encryption no longer allows the company to bypass a customer’s passcode to access data on the device.

In theory, this means that even if law enforcement showed up with a warrant to search an iPhone, Apple would not be able to do it, “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

Such protection is not without its kinks as you might imagine. If you back-up information on iCloud, even with two-factor-authentication, Apple can and will comply with warrants because that data resides on its own servers. Moreover, if you use email, law enforcement will just go to your email provider, and call data can be obtained from your wireless provider.

That does not mean Apple’s efforts are in vain. The Electronic Frontier Foundation lauds Apple’s endeavors for “standing with our customers when the government seeks to access their data.” Of course, that does not mean Apple is the new BlackBerry either. Apple has more than its share of warts when it comes to security vulnerabilities, the most recent of which was highlighted in the wake of a bunch of naked celebrity photos being grabbed from compromised iCloud accounts.

There were other concerns too, such as developer diagnostic tools that completely bypassed existing security measures supposedly in place before iOS 8 was released. Data residing on an iPhone with iOS 8 may be protected, but it is still not invulnerable to forensic tools.

iOS security guru, Jonathan Zdziarski gives Apple marks for the measures it has taken, but there are still customer convenience features that leave an opportunity to exploit data on an iPhone. These features are tied to use of iTunes, which for obvious reasons, Apple wants customers to be able to use to access an iPhone’s photo album, and data for back-ups, even while the phone is locked. That means photos, iTunes media, and third party app data can be accessed using some existing forensics tools.

In short, Zdziarski notes that Apple has made great strides in protecting customer data, at least as it resides on the device, but more could be done. He also provides some tips for those that are interested in learning more about protecting data on their iPhones and laptops (available via source link below). That said, nothing is bulletproof, and the right tools and knowhow will find ways to gain access to protected data.

sources: CNN and Jonathan Zdziarski

FEATURED VIDEO

31 Comments

1. plumix

Posts: 75; Member since: Aug 28, 2014

There is always a catch

2. Salazzi

Posts: 537; Member since: Feb 17, 2014

Instead of consumers b*tching out the companies, perhaps they need to get their sh*t together and pursue the real culprit.. Government. The government uses every tool in its pocket to subdue the population yet you expect them to give companies a free pass? No siree

3. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

If Apple had anything more than half-truths and marketing BS, they would offer a security warranty. Anything less than a clear and comprehensive security warranty is just fancy words and security theater.

4. Salazzi

Posts: 537; Member since: Feb 17, 2014

Apple? What about Google? Or you really want to play the blame game, as if Android is more secure.

7. The-Sailor-Man

Posts: 1095; Member since: Mar 25, 2014

Of course Android is much more secure ignorant. There are enough tests published. Just read them.(especially Samsung's high end devices) The only way to avoid security there is to download crap from unknown sources.

17. Salazzi

Posts: 537; Member since: Feb 17, 2014

*facepalm* If we are talking about app security, Apple is more secure. As for government backdoor loopholes, that's an unknown for both. The point I was making is that this isn't an "Apple" or "Google" issue (to my knowledge, though it's understood that Google cooperates more closely with government organizations), but that this is a GOVERNMENT issue. We are not focusing at the real problem, which is that our government is spying on all of us, and instead resort to bickering over companies, which really don't have a choice in all this, as can be seen by the likes of the secure e-mail company (forgot it's name) closing down after government demands they hand over user info. They either play ball or the government uses every tool in it's belt to ultimately destroy these companies.

24. bucky

Posts: 3785; Member since: Sep 30, 2009

You have to be joking. Just google "apple vs android security" and tell me what the entire first page of Google shows.

28. rromerof

Posts: 57; Member since: Nov 28, 2012

Enough test published you say. Post at least one, otherwise it will be like if you would've said nothing.

21. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

"Apple? What about Google? Or you really want to play the blame game, as if Android is more secure." If you want to talk Google, one might observe that Android can be made more secure than an iPhone via root. An iPhone gives you default security which is just security theater for the most part. Wanting to change the government is a nice fantasy. Historically, it doesn't happen very often. So it is rational to make the best of "what is". Pining for some utopia is silly.

5. HansGoneInsane unregistered

I think your data is more secure on an iOS device than on any Android device. Why? Because Google makes their entire money with your data. Apple makes it's money by selling hardware. Of course, also Apple collects data to a certain degree but that is nothing compared to what Google does. Hey now, there is nothing for free. --> Also Android comes with a price, which is basically your freedom in shape of privacy.

8. The-Sailor-Man

Posts: 1095; Member since: Mar 25, 2014

LOL We are talking here about different kind of data iboy.

12. a1369366

Posts: 27; Member since: Aug 24, 2014

lol, iboy, r u talking about pure Android/ios phone or a Android/ios phone loaded with junks?

18. Salazzi

Posts: 537; Member since: Feb 17, 2014

It's like you live in a universe where you forget that Android isn't made by Google. Your comment is irrelevant.. or rather it is relevant in the fact that it supports Hans's statement. Android is made by Google, which gives it away "for free". There is a wise proverb that goes along the lines of "what lies in a mans letter, is worth more than that in his purse". Meaning, in that letter you have information about that man.. and that information is worth more than any amount of money that man may possess. The "loaded with junks" you're refering to, is software outside of Google.. such as Samsung's or carriers such as Verizon. The software that comes with bare version of Android comes from... dun dun duuuuun.. Google!! And you'd be lying if you said you don't use Chrome, or Play store, or Google Now, etc.

29. S.M.Talha

Posts: 70; Member since: Aug 27, 2014

Yes,i do think that google uses your data.Because they freakingly compels u to add google account .Like even if u are using google account just in youtube app it will be automatically connected to everything else too including your browser.

6. Nine1Sickness

Posts: 896; Member since: Jan 30, 2011

Google's Picasa app syncs every picture you take with your android phones onto their servers. Don't believe me? Go to your google account and check out Picasa, they have all your dirty puctures. You can try to disable it, but it will just recheck that sync box.

10. The-Sailor-Man

Posts: 1095; Member since: Mar 25, 2014

iBS!!!

15. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

It does recheck the sync box from sometimes when you update the various Google apps. There is no escaping the truth that Google is basically an intelligence agency, a private NSA. While I think Android is the best and most open mobile OS, Google grabs all your data whenever they get a chance. What I like is that they do not lie about it, like Apple does.

26. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

They lie? proof? Each has their user policies...neither 'lies'. How they present that is a whole other fashion, and google has been found to have its own quirks, a simple 'google' search can show those up too.

22. RebelwithoutaClue unregistered

BS, none of my pictures on my phone are on Google photos. Since I have this option turned off and stays turned off after an update. It never turned on by itself.

9. gazmatic

Posts: 808; Member since: Sep 06, 2012

better apple than google. Google makes it's money from selling your information. denying it doesnt make it false

11. The-Sailor-Man

Posts: 1095; Member since: Mar 25, 2014

Better no one US service. But Android is more secure if we talk about not-NSA hackers.

13. a1369366

Posts: 27; Member since: Aug 24, 2014

sure, we just want to avoid another one. One google is bad enough, why apple as well? maybe when apple have seach engine, youtube and all the other social networking thing that keep ****.....

23. RebelwithoutaClue unregistered

It doesn't sell your data, it provides ad filters. They keep the data themselves. Apple also collects information, just uses most of it to 'invent' new products and services based on this information to tie you (further) into their ecosystem. In the end, both use your information to make money.

27. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

yes, but google makes 90%+ of its cash through ad data, basically selling your info to 3rd party people, including your email data.

31. RebelwithoutaClue unregistered

They don't sell my data, they provide ad filters. As to email data, it's automatically scanned for trigger words. Who cares. Besides that, most of my mail is on my own mailserver, so I don't care anyway. Real personal stuff, I keep in an encrypted container on my own cloudserver. Wouldnt trust neither companies with this.

14. HildyJ

Posts: 338; Member since: Aug 11, 2012

Google makes its money from ads but Apple makes it's money from its ecosystem (which locks people into its hardware). This is why photos and media files are not encrypted. Both companies are going to encryption by default and the fact that Apple's iOS 8 beat Google's Android L by a month is no big deal (especially since encryption is available on earlier Android versions). Neither company makes it easy to totally divorce yourself from unencrypted cloud storage. If you want to be more secure, rooting your phone and installing a secure ROM is still your best bet and that remains easier on Android.

16. BlankSpaceNai

Posts: 127; Member since: Apr 23, 2014

Not only this, but on android, it tends to be a much easier time to fix majority of your issues on your own. A quick search tends to find the root of many of your problems and if not, most carrier stores actually have some pretty well informed people who will easily help you optimize your device and educate you on its usage. Although Apple has the apple store, its not quite as down to earth as it is with a lot of android experts. I usually go to a best buy and talk to the samsung guys and they gladly help me with any little problem, even down to holding classes (although I dont have an samsung phone, they seem to help regardless) Security is a blanket over the issue. Regardless of which OS you choose, both will always have security issues sooner or later. People will always find a way to get to your stuff, nothing is perfect. Android just seems to be easier to find the cause and how to fix it than apple does. When its late at night and everything is closed, being able to just look on the web for 5 minutes and find the answer is just lovely.

19. JMartin22

Posts: 2370; Member since: Apr 30, 2013

More quirky accommodations by corporations being made to sate some government-in-your-window paranoia. This is more for show and tell than it is practicality. We've lived in a world where institutional bodies have always had the authority and resources to take what they need; even if it meant scoping out personal information about a certain individual. We lived with it for decades and didn't complain, but when some nutjob ex-federal employee breaks a confidentially agreement with the government he works for and leaks classified information for the public and our overseas enemies to see; now suddenly people are outraged. It's blasphemous because all nations with a law-governing body do this.

20. JMartin22

Posts: 2370; Member since: Apr 30, 2013

Lets face it, the only thing additionally enhanced privacy counts for anything when it's related to the consumer is businesses; they're the ones that need the privacy and security to secure consumer personal information into their databases such as addresses/account information/personal information and so on.

25. Topcat488

Posts: 1415; Member since: Sep 29, 2012

If you don't want Data such as dirty pictures, etc, to be stuck in the iGoogle "clouds"... DON'T hang them out to dry, where everyone can see them... DON'T put them on the internet... O.o

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.