Slashdot Mirror
Apple Can Extract Texts, Photos, Contacts From Locked iPhones
Trailrunner7 (1100399) writes "If law enforcement gets hold of your locked iPhone and has some interest in its contents, Apple can pull all kinds of content from the device, including texts, contacts, photos and videos, call history and audio recordings. The company said in a new document that provides guidance for law enforcement agencies on the kinds of information Apple can provide and what methods can be used to obtain it that if served with a search warrant, officials will help law enforcement agents extract specific application-specific data from a locked iOS device. However, that data appears to be limited to information related to Apple apps, such as iMessage, the contacts and the camera. Email contents and calendar data can't be extracted, the company said in the guidelines."
All the things listed, are synced to the iCloud. Sounds to me like they are not accessing the phone, but the contents of the cloud server, which have push/pull access to selected apps. Wonder if this is true if you disable cloud access or simply don't sign into it.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
How about google, hotmail, facebook etc passwords from Safari's settings? Thats what law enforcement always look for. That is cop gold right there. Who gives a crap about the data in the calendar app, thats all hosted on apples cloud anyway.
There's a built in file manager for the iphone?
Weird... Had no idea...
"Helping to keep you two steps ahead of the Thought Police!"
The news is the Apple has received enough LEA requests for information that they've put together guidelines as a pre-emptive against being bothered about things they can't do.
I suppose we could be heartened that it specifically states upon receiving a warrant thus-and-such are available? Until a three-letter agency gives them a Sekrit Not-A-Warrant Order requiring the information. And that, Government, is the whirlwind you reap when you play fast and loose with the Constitution - there should be no trust of you, ever.
How much is threat post paying timothy to drive up their traffic with these half ass stories?
The summary fails to mention that the phone must be in their possession and the both the phone and the search warrant must be delivered to Apple's headquarters which is the only place Apple will perform the extraction.
If anything I applaud Apple for both publicly disclosing their policy for dealing with law enforcement and requiring a search warrant with more detail than "suspect's phone". They require the model number, phone number, serial of IEMI number and FCC ID number.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
The page states that they can only access information which is not encrypted, and is "active", whatever that means. Reading between the lines, it seems they can get at information that's currently in RAM.
No kidding!!! What do you say at this point?
https://support.apple.com/kb/h...
If passcode-protected whole phone encryption is enabled, no one should be able to access that without the key. I guess they know how it works more than I do. They've even redefined encryption. It's "encrypted" just like everything else these days. I guess it's still technically encrypted even if everyone has a key.
"iMessage" is a message transport. The app is "Messages". The document from Apple specifically says "SMS": it does not mention either Messages or iMessage. While it's possible that Apple leaves iMessages unencrypted on the device, it would be surprising given how much trouble they go through to protect then in transit. So while this document doesn't explicitly say iMessages are safe, it also doesn't say they're vulnerable.
Hey, let's link to the actual document in question! What a novel concept!
http://www.apple.com/legal/mor...
Good news:
- Apple cannot track a phone via GPS, nor forcibly enable Find My Friends/Find my iPhone
- Apple cannot monitor FaceTime or iMessage conversations since they are end-to-end encrypted
- Apple cannot provide third-party app data that is encrypted since the files are encrypted with the user's passcode.
- It appears if the user does a remote wipe before law enforcement can get a warrant and ship the phone to Apple (or fly it there), then there is nothing that can be done. I wonder if they power up the device in an anechoic chamber so it can't receive the remote wipe signal? I would guess no because most people aren't smart enough to do an immediate wipe.
- We already knew the only trick they have as far as encrypted files goes is a custom firmware that bypasses the max attempt auto-erase and rate limit feature, so it can attempt to brute-force passcodes quickly. However it requires the attempt be made on-device, since the keys are stored in the secure storage with no facility to get them off-device. So even a moderately complex passcode is effectively unbreakable, let alone a good strong password.
Questionable:
- user generated active files (this is what SMS/call logs/photos/etc are listed under). Normally if a device is powered off and rebooted, I was under the impression that these things were not available because the files are encrypted. It seems that iMessage is at least encrypted here, but I would be curious to find out what the situation is. Everything except photos, videos, and recordings is a moot point because you can get stuff like SMS history and call logs from the carrier anyway so those are the only ones I'd be concerned about.
There are some definite good points here - Apple has chosen not to build themselves backdoors or workarounds, presumably because they can't be ordered to disclose information they don't have access to... same reason they built iMessage the way they did. A court would have to order them to refactor their software before it could order them to intercept messages, and at least in the US there is no precedent or law that can compel them to do so.
However I would expect the âoeuser generated active filesâ to be encrypted after a device reboot until the passcode is entered. If that is not the case, Apple should fix it pronto.
I would also expect Apple to refactor the storage of those things to be segmented, given the NSA revelations and increasingly authoritarian behavior of law enforcement; for example, photos pending background upload could be kept unencrypted, but once uploaded they should be rewritten as encrypted so they require the passcode to access. They already have the ephemeral key tech and per-file key support so you can generate a key for the unencrypted file while the device is unlocked, then toss the passcode key when the device locks and only hold onto the file key until the upload is finished, then toss it. Thus no risk to the main key but you can still encrypt the file in the background.
I won't bother discussing Android phones - they are almost all trivial to break and access all the user's data, when people like Samsung aren't coding back doors directly into the firmware.
Natural != (nontoxic || beneficial)
Sorry, I was too brief. Apple doesn't include a file manager because thy want to try to control the experience. (Bad enough). MS doesn't include a file manager because they can't do it without totally destroying security on the device. At least that is their official story. I think the real answer is much worse.
The AC nailed it; this is an utter non-story. Last time I checked, locking an iPhone does not enable full -disk encryption. Raise your hand if you thought the iPhone contains some magical Steve Jobs fart that would prevent someone with hardware access (leave alone Apple with hardware access!) from ripping the unencryped data (which, in a default setup, is essentially everything except your e-mail) from the flash chips. And yes, hardware access is necessary even if it isn't explicilty stated in the summary. Anyhow, those that did raise their hands earlier, please hand in your geek card and don't let the door hit you in the ass on the way out.
To my knowledge, Apple doesn't do RAM access. Some law-enforcement forensic analysts might, but I don't know of iOS RAM-capture tools that actually work. The whole field is poorly-understood.
"Active" here almost certainly means "not deleted". LE analysts usually ask if you can access deleted data.
The story here is that Apple can unlock and access the files on an unencrypted iPhone. That shouldn't come as a surprise to anyone. You can do that without Apple's help, and you can do it to unencrypted Android phones, unencrypted hard drives, and pretty much any unencrypted data-storing device you have physical access to.
Got Root?
If the answer was ever anything other than "Yes" then you don't own shit.
there's no back door. Apple's iCloud syncs some information across all devices. For ex if I take a photo with my iphone it automatically syncs with my ipad and my macbook. obv the photo must be uploaded from the phone and live on an apple server somewhere, so it's vulnerable to supoena.
in other news, apple will begin notifying users of supoena requests LINK
At least not trivial task. Per the iOS Security white paper:
"The device’s unique ID (UID) and a device group ID (GID) are AES 256-bit keys fused into the application processor during manufacturing. No software or firmware can read them directly; they can see only the results of encryption or decryption opera- tions performed using them. The UID is unique to each device and is not recorded by Apple or any of its suppliers. The GID is common to all processors in a class of devices (for example, all devices using the Apple A5 chip), and is used as an additional level of protection when delivering system software during installation and restore. Burning these keys into the silicon prevents them from being tampered with or bypassed, and guarantees that they can be accessed only by the AES engine."
Hence, needing some specialized equipment, ergo, ship to 1 Infinite Loop to get the data.
I just did this on a locked iPhone i Found Yesterday to try to identify the owner.
It was locked from too many bad PIN's entered and I was able to access Photos, Call Log, TXT Messages, etc.
Didn't give me access to every single thing on the phone, but that is still a lot considering this is a shareware limited app anyone can download.
There are more advanced Forensic programs that are available, but they can get more pricey.
But if anyone with google can find a shareware app, what hope to you have against the government with all their money and resources.
http://www.easeus.com/mobile-t...
https://support.apple.com/kb/h...
If passcode-protected whole phone encryption is enabled, no one should be able to access that without the key. I guess they know how it works more than I do. They've even redefined encryption. It's "encrypted" just like everything else these days. I guess it's still technically encrypted even if everyone has a key.
Not everything is encrypted. According to the guidelines:
Specifically, the user generated active files on an iOS device that are contained in Apple’s native apps and for which the data is not encrypted using the passcode (“user generated active files”), can be extracted and provided to law enforcement on external media.
So, data can only be extracted if it is not encrypted. Sounds reasonable. Of course it would be better if everything was encrypted.
Blackberry... wasn't that the company that sends all your mail and everything you ever communicate through their servers?
You don't understand how blackberries work.
Yes, they send your data though their servers, in the same way that your data goes through your cell phone company.
BUT, with a blackberry enterprise server, Blackberry does NOT have the decryption keys. That is the relevant point - even if Blackberry wants to hand over information to law enforcement, Blackberry isn't able to decrypt the data.
Blackberries were designed by intelligent people who understand security.
I had someone give me an iphone 4 last year where a child playing with the phone had accidentally deleted all the pictures. My task was to recover all the deleted pictures. It took me a few hours, mainly because I had never done anything with an iphone before. The process that worked invovled booting the phone with a different bootloader and breaking the encryption key. Most of the information and software to accomplish this can be found with a few minutes of searching.
Are you saying I don't really own my (Linux powered) Garmin GPS and my Nintendo Wii? They sure seem like mine. If I sell them I get the money.
Or is this one of those Stallman "political correctness" things?
See http://www.cellebrite.com/mobile-forensics. Every Apple store has Cellebrite phone forensics software and so do a every police agency who can afford it.
F=ma
what hope to you have against the government with all their money and resources.
Given that the App you mention and Apple's list of what they can extract amount to the same thing, it's probable the government also can access the same things. Basically anything that not encrypted on the device or backup can be accessed by all (with physical access). Things that are encrypted can't be. Even by people working for scary 3 letter acronyms.
They don't supply shit to law enforcement - their policy says that the device has to be shipped to Cupertino in good working order, where they will do the data extraction only with a proper search warrant or court order. The data is then provided on optical media:
Specifically, the user generated active files on an iOS device that are contained in Apple’s native apps and for which the data is not encrypted using the passcode (“user generated active files”), can be extracted and provided to law enforcement on external media. Apple can perform this data extraction process on iOS devices running iOS 4 or more recent versions of iOS. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data.
See section I of the linked document, entitled "Extracting Data from Passcode Locked iOS Devices".
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
I haven't actually disassembled an iPhone to see if it has an exposed JTAG header. I've connected to a lot of other consumer devices with JTAG, though. It's extremely common to disable JTAG entirely on the devices that are sold to consumers (though the header and traces are still there, they just don't do anything). Most devices where it does work only talk on JTAG if the device powers up with something connected to the header -- which eliminates using it for RAM access for forensic purposes. Lots of densely-packed consumer devices actually don't have the JTAG headers on them at all. It's very inconvenient.
Wasn't there a story a couple of years ago that Blackberry DID have backdoors to both BES and their own system and shared it with not just US but also Indian and other governments around the world.
That was BIS not BES. BES you run yourself, BIS is run on Blackberry's own servers.
Enterprise customers will remain safe from India’s spooks after BlackBerry presumably persuaded the authorities that it doesn’t have – and indeed never did have – the BES encryption keys for individual corporates to hand over.
http://www.theregister.co.uk/2013/07/11/blackberry_gives_indian_spooks_access/