• United States



Here are the limits of Apple’s iOS 8 privacy features

Sep 19, 20143 mins
AppleApplication SecurityCloud Security

Apple's new passcode-based encryption for the iPhone and iPad can be circumvented and provides only limited protection to data

The privacy improvements in the latest version of Apple’s mobile operating system provide necessary, but limited, protection to customers, experts say.

With the release of iOS 8 this week, iPhones and iPads configured with a passcode would encrypt most personal data, making it indecipherable without knowing the four-number password.

By tying the encryption key to the passcode and making sure the key never leaves the device, Apple placed the burden on law enforcement to obtain a search warrant and go directly to the customer to get data from their device during an investigation.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” Chief Executive Tim Cook said on the company’s new privacy site. “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

Rival Google reacted quickly to Cook’s comments, and announced that it would turn on data encryption by default in the next version of Android. The OS has had encryption as an option for more than three years, with the keys stored on the smartphone or tablet.

On Friday, privacy experts said they supported Apple’s latest move, which they viewed as putting more control over personal data in the hands of customers.

“The fact that they (law enforcement) now have to go directly to you, and can’t do it without your knowledge, is a huge win for Apple’s customers in terms of their privacy and security,” Jeremy Gillula, staff technologist at the Electronic Frontier Foundation, said.

However, experts also said the protection had its limits, since customers often store on iCloud a lot of the data encrypted on the device, such as photos, messages, email, contacts and iTunes content.

In addition, information related to voice communications, such as call logs, is stored with the wireless carrier, as well as on the smartphone.

Once in iCloud, law enforcement or government officials investigating national security cases could legally force Apple to hand over the data.

Apple’s new privacy mechanism also has a weakness. Plugging the iPhone or iPad into a Mac or Windows PC that have been paired with the devices would circumvent the passcode-based encryption.

Unless the devices had been turned off, the password would not be needed to access data from the computers.

“This means that if you’re arrested, the police will seize both your iPhone and all desktop/laptop machines you own, and use files on the desktop to dump and access all of the above data on your iPhone,” Jonathan Zdziarski, an iOS forensics expert, said in his blog. “This can also be done at an airport, if you are detained.”

Without naming Google, Cook made a point to emphasize that Apple’s profits depended on selling hardware, not collecting customers’ personal information and then selling it to advertisers.

“A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product,” Cook said.

The privacy changes came after Apple suffered a black eye this month when cyber-thieves accessed celebrities’ iCloud accounts and, in some cases, posted naked photos online. Apple found that the attackers did not compromise iCloud security, but obtained the credentials to the accounts some other way.

Apple beefed up iCloud security recently by introducing two-factor authentication, which was already available to people with an Apple account tied to iTunes and other services.

“Two-step verification is good, and long over-due,” Rebecca Herold, a privacy adviser to law firms and businesses, said.