|
|
|
|
|
|
by jondubois
3775 days ago
|
|
|
If what you say is true, then I agree with you. Though I find it hard to believe that Apple doesn't already keep some sort key(s) to unlock individual phones or to turn off this "wipe after 10 wrong passcodes" feature. Facebook (and pretty much every other internet company on earth) keeps password hashes and salts in their databases - So in theory, the government could already brute force the vast majority of our personal data from these websites. At least with a phone, the government has to physically get a hold of it in order to brute force the phone and read the data. |
|
|
Passwords control access to features of the web application, but employees of the company can just go around that and get the data off the server directly.
iPhones running iOS 8 or higher are different--they do encrypt data at rest, and create the key by combining device-specific info with the passcode that the user creates. So without that passcode, no chance to decrypt without brute forcing.