MacDirectory Magazine

Mike Thompson

MacDirectory magazine is the premiere creative lifestyle magazine for Apple enthusiasts featuring interviews, in-depth tech reviews, Apple news, insights, latest Apple patents, apps, market analysis, entertainment and more.

Issue link:

Contents of this Issue


Page 73 of 131

Protected iOS Data vs “Protected” iOS Data By When was the last time you totally powered down your iPhone? Whenever that was, that was the last time your data was 100% secure, according to a new study done at Johns Hopkins University. If you protect your iOS device with a strong passcode, Face ID, or Touch ID, you’re definitely safe from garden-variety hackers and cybercriminals. And when your iPhone has been completely shut down, all of your data is kept in a state known as “Complete Protection”, which means that you need to unlock your device before that data is going to be readable to anyone else (even people with advanced forensic tools). But the researchers found something troubling: After that first unlock, your iPhone data is stored in a different mode, known as “Protected Until First User Authentication” or “After First Unlock”. And in this state, although your data is still encrypted, the encryption keys needed to unscramble it are stored in your device’s quick access memory. This means that sophisticated attackers may be able to exploit iOS vulnerabilities to access the encryption keys. If that happens, they will then be able to pull readable data from your device. Unfortunately, this isn’t just theoretical: companies like Cellebrite and Grayshift, which have a history of working with government and law enforcement to circumvent iOS privacy protections, already do this. Apple, for its part, has responded by saying that its security efforts are focused on thwarting criminals, hackers,and thieves — in other words, the types of threats most users are likely to encounter. iOS device hacks that rely on 0-day vulnerabilities are rare, expensive to develop, and are usually rendered harmless after Apple issues a security patch, which makes them less of a priority for Apple’s security teams. It’s also worth noting that iOS app developers have the option to keep some user data in Complete Protection mode at all times, which can be useful for apps that handle particularly sensitive types of information, such as financial services apps. That all sounds very reassuring, but unfortunately, we also know that Cellebrite forensic tools have been found for sale on eBay, and that some school districts are purchasing phone hacking devices for use in investigations of students and faculty. If you want to know how to lock down your iPhone as much as possible, we have a few suggestions.

Articles in this issue

Archives of this issue

view archives of MacDirectory Magazine - Mike Thompson