|
|
|
|
|
|
by superuser2
4377 days ago
|
|
|
If it's an iPhone, then yes, it is far and away the most secure device you own. Everything is encrypted all the time through an HSM which will perform decryption only if given the device PIN. The key is never in memory and any attempt to extract it from the HSM will result in its self-destruction. It is impossible to recover data from the phone without the PIN. You can only erase the device and restore from a backup. While the device can be lost, the only threat is that a thief will erase and resell it. With iOS 7 and Find My iPhone turned on, even that is not possible. An attacker would not get your data in any case. This is orders of magnitude safer than a full-disk-encrypted laptop because people hardly ever shut down their laptops, so keys remain in memory. There is also the possibility of cold-boot attacks, and of course the (retrospectively) insane design wherein any program you run can access all of your data. iOS applications are always code-signed in a way that is tied to a real person or corporation, thoroughly sandboxed, and subject to review, making malware essentially non-existent. If discovered, it can be yanked at any time. What few remote exploits there have been were national news - and quickly resolved. iMessage is end-to-end encrypted 100% of the time using a keybag - each device on your iCloud account has its own private key that never leaves the device. You get notified when a key is added to the keybag. This is really incredible, because without even knowing it, huge swaths of the population are using properly end-to-end encrypted messaging just by owning iPhones. iOS is a tight ship and its attack surface is minuscule compared to that of a commodity computer. |
|
|
I didn't know about keybag, that's very interesting.