stopped by the police were the owners of smartphones
embarrassing situation – often officers requisitioned
their devices as material evidence to later use
found them SMSs and e-mails as evidence in pending
proceedings against the arrested. If the data would be
encrypted, law enforcement authorities have asked the manufacturer to ask
for help, and often this aid received. Recent moves
Apple and Google, however, go in the direction of increasing privacy
mobile devices. Police around the world
will no longer have so easily – cryptographic security
break will have on their own.
Trend designated Apple. A few days ago has updated its
privacy policy for iOS-and 8, announcing at the same time that the
devices running under this system will not be
have access even Apple. User data, such as photos,
SMS, e-mails and their attachments, contacts, call list,
notifications and notes will be protected by a personal password. iOS 8
does not have mechanisms to Apple recover the password,
therefore remains only to law enforcement agencies or look for gaps in
cryptosystem, or cryptanalysis using truncheons, in
hope that arrested remember the password. The first option is
usually too difficult technically, the other can be very difficult to
apply to any country’s democratic fugitive.
So far, Apple has not denied to law enforcement authorities – if
received requisitioned device with iOS-I, together with the corresponding
order of a court or prosecutor’s office, is using its key
main encryption mechanism, revealed stored therein
data. Now, the company will be able to spread out your hands, at the sight of an order
replied that his execution is technically impossible.
On the technical side, cryptosystem described in the document iOS
Security from September 2014 looks neatly designed.
Service Data Protection System uses a symmetric cipher AES
with a 256-bit key, protecting the data system
the application. Setting password for the device (or four
PIN or alphanumeric password of any length), the user
automatically turns on Data Protection. The password is one of the sources
entropy used when generating a key and related
is the unique identifier of the device – the key
located in the processor to which access does not have any
app. Attacks against security force must therefore be
performed directly on the acquired unit. Moreover,
Apple has applied the counter, so that any attempt to guess
Password will proceed more slowly. It is estimated that by
Such a solution strength attack on a six alphanumeric
password will take several decades.
In Mountain View apparently pozazdroszczono Apple new
security mechanisms and privacy policy. As reported by
Washington Post, Google announced that the Android L,
encryption device is switched on by default so as to
you did not even have to think about this issue.
A spokeswoman for the company stressed the fact that so far the encryption
Android was optional, but in contrast to the solutions
competition, the encryption keys are never stored outside
device, and therefore could not be released to law enforcement authorities.
The problem, which neither Apple nor Google has not moved, it is
synchronized with the issue of data services in the cloud. I still do not
they are resistant to orders of the court or prosecutor’s office. At a time when
smartphones by default create backups for almost all
Information stored on them, it is the responsibility caring for
your privacy is ensuring that by however
to iCloud or Google Account is not getting anything you do not want to
public show.
No comments:
Post a Comment