My faith in humanity continues to dwindle.
May 15, 2011 5:38 AM Subscribe
A number of technology experts have criticized the iPhone's implementation of in-built hardware encryption. Apparently, circumventing it is a trivial matter of docking it to an Ubuntu system and making a drive image. For someone who knows what he is doing, it would take only a few minutes. How secure, however, is the "Erase all Content and Settings" option? If I understand correctly, this works by simply wiping the encryption key thus rendering all data useless to an intruder. More inside.
posted by Zé Pequeno to technology (6 answers total) 1 user marked this as a favorite
I had the stomach-churning experience yesterday of losing my iPhone 3GS. After numerous frantic attempts to contact whoever had found it, all subsequent calls have just gone straight to the voicemail and I'm now resigned to the fact that it's lost for good. Thankfully, I had a password in place and the phone was programmed to wipe itself after ten consecutive failed attempts to gain access.
How secure is this however? If the encryption key is simply 'deleted' can't it also be retrieved by a determined criminal using disk recovery software? Or is the key stored on the actual hardware and not the disk? How exactly is it purged?
Please excuse my ignorance. I've changed all my passwords, just in case, but the thought of somebody trawling through my e-mails, messages and personal photographs makes me feel sick. I'm going to assume, for my own sanity, that the person who picked up my phone wasn't a hardened identity thief and will have just fallen into the trap of typing in an incorrect password too many times.