undefined | Better HN

0 pointssuperuser212y ago0 comments

If it's an iPhone, then yes, it is far and away the most secure device you own. Everything is encrypted all the time through an HSM which will perform decryption only if given the device PIN. The key is never in memory and any attempt to extract it from the HSM will result in its self-destruction. It is impossible to recover data from the phone without the PIN. You can only erase the device and restore from a backup. While the device can be lost, the only threat is that a thief will erase and resell it. With iOS 7 and Find My iPhone turned on, even that is not possible. An attacker would not get your data in any case.

This is orders of magnitude safer than a full-disk-encrypted laptop because people hardly ever shut down their laptops, so keys remain in memory. There is also the possibility of cold-boot attacks, and of course the (retrospectively) insane design wherein any program you run can access all of your data.

iOS applications are always code-signed in a way that is tied to a real person or corporation, thoroughly sandboxed, and subject to review, making malware essentially non-existent. If discovered, it can be yanked at any time. What few remote exploits there have been were national news - and quickly resolved.

iMessage is end-to-end encrypted 100% of the time using a keybag - each device on your iCloud account has its own private key that never leaves the device. You get notified when a key is added to the keybag. This is really incredible, because without even knowing it, huge swaths of the population are using properly end-to-end encrypted messaging just by owning iPhones.

iOS is a tight ship and its attack surface is minuscule compared to that of a commodity computer.

0 comments

6 comments · 2 top-level

freshhawk11y ago· 2 in thread

Ah, that makes a lot of sense. If you are discounting Apple themselves (and people using social engineering techniques to gain access to Apples backdoors) and the large list of States and Corporate actors who have access as potential attackers then you are absolutely correct.

I didn't know about keybag, that's very interesting.

superuser2OP11y ago

Please provide evidence (other "Apple hates my freedom so they must be doing it!") of Apple having granted access to iPhones to other corporations.

freshhawk11y ago

Ah, I was unclear. I meant the Governmental to private intelligence contractors path, not Apple selling data to data brokers or something like that - that seems very unlikely.

lifeisstillgood12y ago· 2 in thread

Where do I read more about this - it sounds fantastic and yet I just assume "proprietary = lazily implemented and they can read my keys cos it's on their server"

e12e11y ago

There was a talk at passwords^10 (2010) about security of pins/keys in iphone/android/windows phone (IIRC). Don't recall who the speaker was, and all the links to talks/programs etc have gone to bitrot (might be possible to find on archive.org, I've yet to try that).

If I remember correctly an encrypted iphone (4 I guess?) was the most secure, but with a bit of hackery one could use the device itself to bruteforce the pin (and thus access the key, and then the data). Not sure if that's actually been patched in later iterations of the iphone.

If you find this stuff interesting, consider going to passwords^14 (August 5th-6th, Las Vegas): https://passwordscon.org/

lifeisstillgood11y ago

Thank you - looks interesting

j / k navigate · click thread line to collapse