|
Lysidas posted:like someobdy in that twitter thread, i also wonder how this affects wiping / factory resetting a phone if you have iCloud set up you can change the pin I think but yes having it brick if you don’t know the passcode is good
|
# ? Jun 4, 2018 23:41 |
|
|
# ? Jun 2, 2024 00:13 |
|
Cocoa Crispies posted:if you have iCloud set up you can change the pin I think no, it is not good what would be good is being able to wipe it and restore ios from itunes with all of your personal data gone, and not have a perfectly functional piece of electronics turn into a several hundred dollar paperweight
|
# ? Jun 4, 2018 23:43 |
|
wiping involves having the enclave drop the key and generate a new one, which might still be possible with Apple tools, but that doesn’t require any path to extracting the key or decrypted existing data e: Find my iPhone prevents a wipe without the iCloud password, in order to reduce theft
|
# ? Jun 4, 2018 23:43 |
|
Lysidas posted:no, it is not good one time ipad
|
# ? Jun 4, 2018 23:44 |
|
yeah if it wiped itself or something that'd be fine, having it brick just means if anyone ever buys one second hand and it wasn't properly cleared by the previous owner they just wasted $400 or w/e on a technically "working" phone that breaks immediately
|
# ? Jun 4, 2018 23:44 |
|
i mean i'm sure they thought about this first and there's probably just some "oh you hosed up, tap here to erase everything" button
|
# ? Jun 4, 2018 23:46 |
|
Lysidas posted:no, it is not good
|
# ? Jun 4, 2018 23:47 |
|
I feel like some people in this thread haven’t used iPhones or something
|
# ? Jun 4, 2018 23:52 |
|
anthonypants posted:since when does the data erasure after 10 failed unlock attempts mean you've functionally bricked your phone he's saying the exact opposite if you don't have that turned on, and thus have no way to trigger a wipe from the device itself, and the device isn't listening to anything over usb...
|
# ? Jun 4, 2018 23:52 |
|
anthonypants posted:since when does the data erasure after 10 failed unlock attempts mean you've functionally bricked your phone it does not, i am talking about the opposite: when you do not have the 10-pin-failure-wipe enabled, when that is not a way to erase the phone (and if the phone doesnt have find my iphone enabled, because then you could wipe it through icloud.com/find) if there is no automatic wipe after 10 failed pin attempts (which as far as i remember is the default), and the phone isnt enabled for find my iphone remote wipe, it seems like it might be impossible to reset it without the pin ate all the Oreos posted:i mean i'm sure they thought about this first and there's probably just some "oh you hosed up, tap here to erase everything" button yeah i hope so
|
# ? Jun 4, 2018 23:53 |
|
Lysidas posted:it does not, i am talking about the opposite: when you do not have the 10-pin-failure-wipe enabled, when that is not a way to erase the phone the first thing you said -- being able to wipe your phone and restore ios from itunes with all of your personal data gone -- is possible. it is possible today, it was possible a year ago. in fact, you don't even need to do the "restore from itunes" thing at all. at what point does your phone become "a several hundred dollar paperweight" during this process, in your estimation
|
# ? Jun 5, 2018 00:00 |
|
Lysidas posted:no, it is not good the reason you want it to brick is to reduce the value in stealing and selling stolen iPhones
|
# ? Jun 5, 2018 00:01 |
|
anthonypants posted:i have no idea what you're trying to say here this seems like more of an edge case the more i think about it, but this is the scenario:
at this point the phone will not communicate with anything over usb, so you cant wipe it through itunes, and you cant wipe it through the phone itself you used to be able to wipe the phone through itunes without the passcode, afaik
|
# ? Jun 5, 2018 00:04 |
|
Cocoa Crispies posted:the reason you want it to brick is to reduce the value in stealing and selling stolen iPhones this is something which find my iphone is already very good for, and i guess this extra "cant wipe the phone" behavior (if that is accurate) might be good for people who dont want to enable find my iphone but want their stolen phone to be useless to someone else me, id rather be able to find my phone and remotely wipe it too, but i do know some people who are uneasy with giving apple the ability to lock down their phone remotely
|
# ? Jun 5, 2018 00:06 |
|
Lysidas posted:this is something which find my iphone is already very good for, and i guess this extra "cant wipe the phone" behavior (if that is accurate) might be good for people who dont want to enable find my iphone but want their stolen phone to be useless to someone else Then use find my phone?
|
# ? Jun 5, 2018 00:08 |
|
Phone posted:iirc the way the current ios pin enumeration works is by interrupting the 10x and you're out policy by killing the power to reset the counter. this is separate from law enforcement agencies having magic boxes that they plug your phone into and it basically does an entire dump of the phone including stuff that isn't accessible in user space. that's how it used to work, then Apple switched things around so that it incremented the counter before reporting success or failure so the device watching the screen couldn't cut power before the write happened also, Activation Lock already makes stole phones useless (except for parts), it is still active after the phone is wiped
|
# ? Jun 5, 2018 00:10 |
|
Lysidas posted:this seems like more of an edge case the more i think about it, but this is the scenario:
|
# ? Jun 5, 2018 00:11 |
|
Lysidas posted:this is something which find my iphone is already very good for, and i guess this extra "cant wipe the phone" behavior (if that is accurate) might be good for people who dont want to enable find my iphone but want their stolen phone to be useless to someone else a lot of people never use or don’t know about "find my iPhone" having the phone be unusable without the passcode or iCloud access means someone who does use a six-digit passcode (like initial setup really really wants you to) still gets protection from phone thieves (there’s a lot of herd immunity there too) and governments
|
# ? Jun 5, 2018 00:12 |
|
anthonypants posted:i'm gonna assume that a factory reset will trip that usb accessories flag yes, my point is how do you do that factory reset when the phone is locked with a passcode you dont know, and wont communicate over usb
|
# ? Jun 5, 2018 00:12 |
|
you allow DFU even when the phone otherwise refuses to communicate over USB edit: a quick google suggests this is how it works now because DFU is in the boot ROM, not flash, so an iOS update can't modify the behavior pseudorandom name fucked around with this message at 00:17 on Jun 5, 2018 |
# ? Jun 5, 2018 00:13 |
|
pseudorandom name posted:you allow DFU even when the phone otherwise refuses to communicate over USB and this trashes the disk encryption key, right?
|
# ? Jun 5, 2018 00:16 |
|
Lysidas posted:yes, my point is how do you do that factory reset when the phone is locked with a passcode you dont know, and wont communicate over usb Find my iphone?
|
# ? Jun 5, 2018 00:16 |
|
Lysidas posted:yes, my point is how do you do that factory reset when the phone is locked with a passcode you dont know, and wont communicate over usb
|
# ? Jun 5, 2018 00:17 |
|
Cocoa Crispies posted:a lot of people never use or don’t know about "find my iPhone" yeah im coming around to this behavior, if this is even how it works, it just seems a little at first pseudorandom name posted:you allow DFU even when the phone otherwise refuses to communicate over USB ah okay, i was barely even aware of this mode and hadnt encountered that acronym before, let alone the procedure required to put the phone in that mode, wonder if that enables usb communication and if so that seems like a neat threat vector
|
# ? Jun 5, 2018 00:18 |
|
Trabisnikof posted:Find my iphone? i specifically said im talking about when find my iphone is off, otherwise of course you can wipe it that way
|
# ? Jun 5, 2018 00:19 |
|
Cocoa Crispies posted:and this trashes the disk encryption key, right? yes, but can't disable Activation Lock
|
# ? Jun 5, 2018 00:20 |
|
Lysidas posted:i specifically said im talking about when find my iphone is off, otherwise of course you can wipe it that way this line of questioning is very dumb, because if you have the phone but you don't know the pin, you absolutely should have to prove that the phone is yours before you can use it. whether that's taking it to your carrier, the apple store, plugging it into a computer with itunes, or using find my iphone. the alternative is to make it easier to use or sell stolen iphones.
|
# ? Jun 5, 2018 00:22 |
|
don’t they handle this case with an appleid check at the Apple store before dfu-blasting a device?
|
# ? Jun 5, 2018 00:28 |
Cocoa Crispies posted:and this trashes the disk encryption key, right? yeah it clears everything and reinstalls iOS from scratch using a signed image from Apple. the phone will still ask for the owner's appleid and password when you attempt to set it up because that's handled on Apple's end of things.
|
|
# ? Jun 5, 2018 00:28 |
|
Shifty Pony posted:yeah it clears everything and reinstalls iOS from scratch using a signed image from Apple. the phone will still ask for the owner's appleid and password when you attempt to set it up because that's handled on Apple's end of things. yes and this is extremely Good because it stops people from stealing your poo poo
|
# ? Jun 5, 2018 02:22 |
|
Lysidas posted:ah okay, i was barely even aware of this mode and hadnt encountered that acronym before, let alone the procedure required to put the phone in that mode, wonder if that enables usb communication and if so that seems like a neat threat vector You clearly weren't at all aware, otherwise you'd have googled it instead of repeating the same thing people didn't understand before a dozen times. Is someone timing you on how long you take to write a post? Just to be clear, you can reset the phone using DFU, but this will destroy all data on the device before the device ever decrypts it. And once it's turned back on, it'll ask for your iCloud credentials just to make sure it's yours. It would need a hell of a security fuckup for that to be a threat vector.
|
# ? Jun 5, 2018 02:46 |
Bulgogi Hoagie posted:yes and this is extremely Good because it stops people from stealing your poo poo definitely, it is very well thought out.
|
|
# ? Jun 5, 2018 03:02 |
|
is politics chat still off limits, because Mueller caught Manafort trying to tamper with witnesses and they quote "encrypted chat" messages that were apparently also stored on his iCloud account somehow? so this means that the feds can crack whatever chat program he was using, or the chat program lets you store transcripts in the cloud which is just loving lol e: apparently it's both Whatsapp and Telegram
|
# ? Jun 5, 2018 03:04 |
|
McGlockenshire posted:is politics chat still off limits, because Mueller caught Manafort trying to tamper with witnesses and they quote "encrypted chat" messages that were apparently also stored on his iCloud account somehow? so this means that the feds can crack whatever chat program he was using, or the chat program lets you store transcripts in the cloud which is just loving lol it could also be the much more mundane explanation of "the witness he tried to tamper with tipped them off and provided them with the messages"
|
# ? Jun 5, 2018 03:06 |
|
Yeah it's the latter https://twitter.com/SevaUT/status/1003813040637317120
|
# ? Jun 5, 2018 03:10 |
|
even better: https://twitter.com/sevaut/status/1003813040637317120
|
# ? Jun 5, 2018 03:17 |
|
e;f,b
|
# ? Jun 5, 2018 03:17 |
|
McGlockenshire posted:is politics chat still off limits, because Mueller caught Manafort trying to tamper with witnesses and they quote "encrypted chat" messages that were apparently also stored on his iCloud account somehow? so this means that the feds can crack whatever chat program he was using, or the chat program lets you store transcripts in the cloud which is just loving lol the chat app is whatsapp https://twitter.com/nycsouthpaw/status/1003811739442524160 If you look in this list you see that some are listed as "Manaford iCloud production" which i think means Manaford gave it over, so the question isn't about access but about data retention there's the simple solution that manaford didn't delete all his whatsapp messages, or also that an icloud backup contained old messages
|
# ? Jun 5, 2018 03:18 |
|
so having not used either of those before, do they just keep data on the device unencrypted, or unencrypt on unlock, or do they actually force you to authenticate when starting them up? If I ever cared about encrypted chat, I'd sure as hell want to make sure just acquiring the device wouldn't be a way to get the data.
|
# ? Jun 5, 2018 03:35 |
|
|
# ? Jun 2, 2024 00:13 |
|
I think WhatsApp encrypts on the device but doesn’t encrypt it’s cloud backups maybe???
|
# ? Jun 5, 2018 04:16 |