Skip navigation
This discussion is archived

Hardware Encryption on 3GS

7932 Views 10 Replies Latest reply: Sep 21, 2009 10:43 AM by tokatta RSS
MajorTom2GC Calculating status...
Currently Being Moderated
Jul 1, 2009 2:03 PM
Ok, maybe I am missing something but... is this on by default and not able to disable or is there a way to enable this? Being in a hospital environment we would need to verify or be able to prove that hardware encryption is in fact on and working. I manage a BES environment now, and I have a corporate policy set to enable hardware security on all of our Blackberry devices. I have been through the 3GS with a fine tooth comb and can not locate anywhere to enable/disable the encryption. Any info would be greatly appreciated.
iPhone 3GS, iPhone OS 3.0, Blackberry BOLD is my other phone
  • LenH Level 2 Level 2 (390 points)
    Currently Being Moderated
    Jul 1, 2009 4:02 PM (in response to MajorTom2GC)
    +iPhone 3GS offers highly secure hardware encryption that enables instantaneous remote wipe.+

    Sounds like it is inherent in the hardware of the device.

    http://www.apple.com/iphone/iphone-3gs/more-features.html
    Mac OS X (10.5.7), iPhone 3G S
  • iphone3Gguy Level 3 Level 3 (565 points)
    Currently Being Moderated
    Jul 3, 2009 9:03 AM (in response to MajorTom2GC)
    Once you select Encrypt backup in iTunes no one can access the iPhone any longer with the encryption password. Any computer that iPhone connects with will have the encrypt backup checked and grayed out so that no one can unselect it without first entering the password. The encryption follows the iPhone.
    iMac, Mac OS X (10.5.7)
  • Kilo Mike Zulu Calculating status...
    Currently Being Moderated
    Jul 25, 2009 6:30 PM (in response to iphone3Gguy)
    As I understand it:

    - Hardware encryption of the entire flash memory is enabled by default on all iPhone 3GS
    - There is currently no way of accessing the encryption key, it seems to be generated by the phone, and is only stored on the phone itself. The only way to get a new key is to do a complete device erase.
    - The encryption is transparent, that means that someone with access to the phone could use it, access the data, and even by jail braking would be able to transfer all the data. To all applications running on the phone, it looks like nothing is encrypted.
    - You need to rely on the iPhone OS to prevent unauthorised access to any data. So you need to trust it that it has no vulnerabilities (tough when Apple is not using the current state of the art, as buffer overflows are completely avoidable, and the 3GS can still be jail broken) and you need to make sure that physical access to the device is prevented by setting up a pass code.
    - As explained above you will need to set up iTunes to encrypt the backup it generates, otherwise this would be backdoor into the iPhone device data.
    MacBook Pro, Mac OS X (10.5.7)
  • Christopher Robin Calculating status...
    Currently Being Moderated
    Jul 27, 2009 4:50 AM (in response to Kilo Mike Zulu)
    According to this news article/videos the data can be accessed whether a passcode is present or not:

    http://www.wired.com/gadgetlab/2009/07/iphone-encryption/

    Anyone have any comments on this?

    Do you think this is something Apple can/will resolve in OS v3.1?
  • Richard Wessels Level 2 Level 2 (240 points)
    Currently Being Moderated
    Jul 27, 2009 5:18 AM (in response to MajorTom2GC)
    You may want to download and look at the iPhone Configuration Utility. It provides some more features related to security that by default are not readily apparent.

    For example, the use of a strong password vs the simple 4 digit passcode. Not sure if this will answer your question or not, but it may lead you in the right direction.
    Apple MacBook Pro, Mac OS X (10.5.7), 17" and an iPhone 3GS
  • Christopher Robin Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 27, 2009 5:38 AM (in response to Richard Wessels)
    Well it's not really my area of expertise but going by what I saw in the videos and reading the article it apparently makes no difference what you have as the lock, because once you have connected to the handset and patched the kernel (not sure if Apple automatically remove posts that mention the word, but the process begins with the letter J and many many people do it) the passcode is removed and all data requested from the device is given back to you unencrypted.

    Despite this serious security issue being known about for a few days now I'm surprised there isn't much talk about it on the official iPhone forums... unless it's being removed by Apple?

    After watching the video I do not believe that any business IT manager/security can feel at ease about their workforce wandering around with iPhones. I hope Apple respond and fix this vulnerability swiftly. Yes fine your average person on the street may not be able to get your data off the phone, however that's not the point.
  • MiataMacFan Calculating status...
    Currently Being Moderated
    Jul 29, 2009 9:03 AM (in response to Christopher Robin)
    I am in an IT division, though I am not a cyber security expert. I can tell you that my hopes of using my iPhone to replace a Blackberry in my company have been completely dashed by the recent reports detailing how easy it is to defeat Apple's data encryption. Like many businesses, we have very strict security standards for mobile devices.

    Until that report came out, we had an active pilot project for using iPhones as an alternative to Blackberry devices and hundreds of our staff were excited about turning in the BB's for iPhones. That pilot was killed as soon as the report came out. There will be no iPhones allowed in our company unless that is fixed.

    I'm hoping Apple is monitoring this thread and others like it and working feverishly to beef up the data encryption. Right now, that is THE major obstacle to widespread enterprise adoption of iPhones as an alternative to much more secure Blackberry.
    G5 Tower dual 2.3GHz, Mac OS X (10.5.7)
  • dstinson Calculating status...
    Currently Being Moderated
    Aug 16, 2009 8:11 AM (in response to MiataMacFan)
    I am also in Healthcare IT and in the pilot program for our iPhones. Without getting into the security concerns around the iPhone, what specifically is the hardware difference in concerns with encryption between the 3G and the 3Gs (don't need to talk about chipset, memory, apps etc). It sounds like the 3Gs comes out of the box with hardware encryption. Does the 3G model not come like this? Any help on this would be great.
    iPhone OS 3.0.1
  • Christopher Robin Level 1 Level 1 (0 points)
    Currently Being Moderated
    Sep 21, 2009 10:28 AM (in response to MajorTom2GC)
    So does anyone know whether this issue has been resolved with the new v3.1 update?
  • tokatta Level 3 Level 3 (865 points)
    Currently Being Moderated
    Sep 21, 2009 10:43 AM (in response to Christopher Robin)
    The 3G is still vulnerable if someone has physical access to it. The 3GS is still vulnerable to a jailbreak, but it is unknown (yet - I haven't seen anything) if the contents of the phone can be dumped.

    3.1 has a lot of changes, so it may be more secure.
    HAL, Other OS, The size of a spaceship

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.